-
Notifications
You must be signed in to change notification settings - Fork 0
Understanding
The library supports only one of the Authorization Flows which is Authorization Code.
Flow | Access User Resource | Require Client_Secret | Access Refresh Token |
---|---|---|---|
Authorization Code | Yes | Yes | Yes |
The benefit of this flow will let you generate access_token & importantly a refresh_token.
When you make an OAuth v2 call to an API using Authorization Type as code, it will provide you an auth code which in turn helps you to generate an access_token. With this token, you can make calls to the official API and query any data you want.
But the main problem is an access_token is hardly valid for an hour, once it expires you have to again invoke an authorization flow to generate a new access token.
For this purpose, using an auth code you can further generate a refresh_token. This token is valid for a lifetime unless the client decides to change it manually. Using this token we can generate a new access token without showing the auth screen. This will improve the user experience much more.
With this library, you don't have to explicitly invoke an auth flow. All you've to do is make a call to the official API and let the library handle stuff.
A basic understanding of how this library works is shown below.
All the response from Authentication client like access_token, refresh_token are stored in preference file so that it can be retrieved when the application is launched again.