public final class

AuthorizationManager

extends Object
java.lang.Object
   ↳ com.amazon.identity.auth.device.api.authorization.AuthorizationManager

Class Overview

Clients of Login With Amazon use this class to authorize Amazon customers and retrieve authorization grants. In order to use any APIs of AuthorizationManager, your application must have configured an APIKey, see below.

All methods that return results in an asynchronous manner will do so in a non-UI thread.

To retrieve Amazon customer profile data, see the User class.

APIKey:
The "APIKey" is a token meant to encode claims about a native application(e.g. Android, iOS) that can be used to verify the identity of the application without requiring a remote service call. In addition to the app identity, these tokens can carry other claims about the application as required. For example, a list of permissions granted to the application. The contents of the tokens are encoded and then digitally signed. The APIKey must be available for the SDK to obtain from the calling application.

  • It can be in the manifest for the application as a meta-data tag with the key "AmazonAPIKey" example: <meta-data android:name="AmazonAPIKey" android:value="@string/my_api_key" />
  • It can also be placed in a file in the application's asset folder. The filename must be: "api_key.txt"
{@since 3.0 }

Summary

Public Constructors
AuthorizationManager()
Public Methods
static void authorize(AuthorizeRequest request)
Performs authorization (using OAuth 2.0) using the given AuthorizeRequest.
static Region getRegion(Context context)
Gets the region the SDK is using to connect to the server endpoints.
static void getToken(Context context, Scope[] scopes, Listener<AuthorizeResultAuthError> listener)
Requests an authorization token (using OAuth 2.0) for the specified scopes.
static boolean isSandboxMode(Context context)
Inspect whether the Login With Amazon SDK is operating with non-production sandbox test customer accounts.
static void setRegion(Context context, Region region)
Sets the region for the SDK.
static void setSandboxMode(Context context, boolean useSandbox)
Configure the Login With Amazon SDK to be in sandbox mode.
static void signOut(Context context, Listener<VoidAuthError> listener)
Removes any local authorization for the current user from this application.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public AuthorizationManager ()

Public Methods

public static void authorize (AuthorizeRequest request)

Performs authorization (using OAuth 2.0) using the given AuthorizeRequest.

By default, a native browser is used to present a page that prompts the user to login and authorize the application. If SSO is available, an Amazon-hosted WebView will be used instead of a native browser.

To be notified when the authorization flow has finished, register an AuthorizeListener on the RequestContext that the request was created with.

Parameters
request Required. The request to perform authorize for.
Throws
IllegalArgumentException If there were no scopes provided in the request.
See Also

public static Region getRegion (Context context)

Gets the region the SDK is using to connect to the server endpoints. If the region was set to Region.AUTO then method will return the region SDK translated it into.

Parameters
context Required.
Returns
See Also

public static void getToken (Context context, Scope[] scopes, Listener<AuthorizeResultAuthError> listener)

Requests an authorization token (using OAuth 2.0) for the specified scopes.

The authorize(AuthorizeRequest) method must have been called successfully with the same scopes, and the user must have granted consent to those scopes once, prior to this call, in order to get a token.

If the app has restarted since the last authorize call, getToken may still succeed using the cached credentials.

Parameters
context Required.
scopes An array of Scope representing the permissions requested by this application. See ProfileScope for the scopes declared by Login With Amazon.
listener Callback that returns an AuthorizeResult on success or an AuthError on failure. onError(U) will be called for the following OAuth-related errors: If the APIKey is incorrect, ERROR_ACCESS_DENIED will be returned.

Any other possible OAuth-related errors will be encapsulated in a ERROR_SERVER_REPSONSE.

public static boolean isSandboxMode (Context context)

Inspect whether the Login With Amazon SDK is operating with non-production sandbox test customer accounts.

Returns
  • true if using sandbox customer accounts, false if using production customer accounts.
See Also

public static void setRegion (Context context, Region region)

Sets the region for the SDK. This region will determine which server endpoints the SDK hits for various APIs.

Parameters
context Required.
region The region to set.
See Also

public static void setSandboxMode (Context context, boolean useSandbox)

Configure the Login With Amazon SDK to be in sandbox mode. In sandbox mode, the authorize(AuthorizeRequest) API will prompt sign in for only non-production sandbox test customer accounts. By default, sandbox mode is disabled.

If the value of useSandbox is different than the current sandbox setting, then this API implicitly performs signOut(Context, Listener) to clear all local auth state. When this happens, this API will block on the completion of signOut.

The sandbox setting is persisted across restarts of the application through Android SharedPreferences.

Parameters
context Required.
useSandbox true to enable sandbox mode, false to disable sandbox mode.
See Also

public static void signOut (Context context, Listener<VoidAuthError> listener)

Removes any local authorization for the current user from this application. Your application must call authorize(AuthorizeRequest) again to be able to get tokens (via getToken(Context, Scope[], Listener)) or profile data (via fetch(Context, Listener)).

Parameters
context Required.
listener Callback that returns an AuthError upon failure. onError(U) will be called for the following errors: