com.authlete.common.dto

Class DeviceVerificationRequest

java.lang.Object

com.authlete.common.dto.DeviceVerificationRequest

All Implemented Interfaces:

Serializable

public class DeviceVerificationRequest
extends Object
implements Serializable

Request to Authlete's /api/device/verification API. The API is used to get information associated with a user code.

A response from the device authorization endpoint of the authorization server is JSON which contains the following response parameters (excerpted from "3.2. Device Authorization Response" of OAuth 2.0 Device Authorization Grant).

parameter	description
device_code	REQUIRED. The device verification code.
user_code	REQUIRED. The end-user verification code.
verification_uri	REQUIRED. The end-user verification URI on the authorization server. The URI should be short and easy to remember as end users will be asked to manually type it into their user-agent.
verification_uri_complete	OPTIONAL. A verification URI that includes the "user_code" (or other information with the same function as the "user_code"), designed for non-textual transmission.
expires_in	REQUIRED. The lifetime in seconds of the "device_code" and "user_code".
interval	OPTIONAL. The minimum amount of time in seconds that the client SHOULD wait between polling requests to the token endpoint. If no value is provided, clients MUST use 5 as the default.

The following is an example of device authorization response.

 HTTP/1.1 200 OK
 Content-Type: application/json
 Cache-Control: no-store

 {
   "device_code": "GmRhmhcxhwAzkoEqiMEg_DnyEysNkuNhszIySk9eS",
   "user_code": "WDJB-MJHT",
   "verification_uri": "https://example.com/device",
   "verification_uri_complete":
       "https://example.com/device?user_code=WDJB-MJHT",
   "expires_in": 1800,
   "interval": 5
 }

After receiving a response from the device authorization endpoint of the authorization server, the client application shows the end-user the user code and the verification URI which are included in the device authorization response. Then, the end-user will access the verification URI using a web browser on another device (typically, a smart phone). In normal implementations, the verification endpoint will return an HTML page with an input form where the end-user inputs a user code. The authorization server will receive a user code from the form.

After receiving a user code, the authorization server should call Authlete's /api/device/verification API with the user code. The API will return information associated with the user code such as client information and requested scopes. Using the information, the authorization server should generate an HTML page that confirms the end-user's consent and send the page back to the web browser.

Since:

2.42

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
DeviceVerificationRequest()

Method Summary

Modifier and Type	Method and Description
String	getUserCode() Get the user code.
DeviceVerificationRequest	setUserCode(String userCode) Set the user code.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DeviceVerificationRequest

public DeviceVerificationRequest()

Method Detail

getUserCode

public String getUserCode()

Get the user code.

Returns:

The user code.

setUserCode

public DeviceVerificationRequest setUserCode(String userCode)

Set the user code.

Parameters:

userCode - The user code.

Returns:

this object.