forked from learning-layers/android-openid-connect
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Config.java
45 lines (36 loc) · 2.23 KB
/
Config.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
package com.lnikkila.oidcsample;
/**
* Simple utility class for storing OpenID Connect configuration. This should not be used in
* production. If you want to hide your keys, you should obfuscate them using ProGuard (with added
* manual obfuscation), DexGuard or something else.
*
* See this Stack Overflow post for some suggestions:
* https://stackoverflow.com/a/14570989
*/
public final class Config {
// TODO: Add the information you received from your OIDC provider below.
public static final String clientId = "foo";
public static final String clientSecret = "bar";
public static final String authorizationServerUrl = "https://tuima-poc.csc.fi/idp/profile/oidc/authorize";
public static final String tokenServerUrl = "https://tuima-poc.csc.fi/idp/profile/oidc/token";
public static final String userInfoUrl = "https://tuima-poc.csc.fi/idp/profile/oidc/userinfo";
// This URL doesn't really have a use with native apps and basically just signifies the end
// of the authorisation process. It doesn't have to be a real URL, but it does have to be the
// same URL that is registered with your provider.
public static final String redirectUrl = "app://oidcsample.lnikkila.com";
// The `offline_access` scope enables us to request Refresh Tokens, so we don't have to ask the
// user to authorise us again every time the tokens expire. Some providers might have an
// `offline` scope instead. If you get an `invalid_scope` error when trying to authorise the
// app, try changing it to `offline`.
public static final String[] scopes = {"openid"};
public enum Flows
{
AuthorizationCode, //http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth
Implicit, //http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth
Hybrid //http://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth
}
// The authorization flow type that determine the response_type authorization request should use.
// One of the supported flows AuthorizationCode, Implicit or Hybrid.
// For more info see http://openid.net/specs/openid-connect-core-1_0.html#Authentication
public static final Flows flowType = Flows.AuthorizationCode;
}