OAuth Event
Fires when received Third-Party Authorization attributes.
Syntax
public open class DefaultStunEventListener : StunEventListener { ... public override fun oAuth(e: StunOAuthEvent) {} ... } public class StunOAuthEvent { var accessToken: String? var keyId: String? var macKey: String? var lifeTime: Long val thirdPartyAuthorization: ByteArray? }
Remarks
The AccessToke specifies the OAuth access token to use for authentication. It must be formatted as a hex-encoded string.
The KeyId is an ephemeral and unique key identifier. The kid also allows the resource server to select the appropriate keying material for decryption.
The MacKey specifies the OAuth session key to use for authentication. It must be formatted as a hex-encoded string.
The LifeTime is default 1800.
The client makes an OAuth request to an authorization server to obtain an access token and other OAuth 2.0
parameters like token type, mac_key, token lifetime and kid. The detailed way is descibed in https://tools.ietf.org/html/rfc7635#ref-POP-KEY-DIST.
Here are some tips when you send the OAuth request.
1. The audience('aud') should use the value of ThirdPartyAuthorization.
2. The grant_type should use "implicit"
3. The algorithm('alg') is choosen from HMAC-SHA-1 and HMAC-SHA-256-128.
4. The token_type should use "pop"
Here is a example of request:
HTTP/1.1 Host: server.example.com Content-Type: application/x-www-form-urlencoded aud=stun1@example.com &timestamp=1361471629 &grant_type=implicit &token_type=pop &alg=HMAC-SHA-256-128If the client is authorized, then the authrozation server should sent the response:
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store { "access_token": "U2FsdGVkX18qJK/kkWmRcnfHglrVTJSpS6yU32kmHmOrfGyI3m1gQj1jRPsr0uBb HctuycAgsfRX7nJW2BdukGyKMXSiNGNnBzigkAofP6+Z3vkJ1Q5pWbfSRroOkWBn", "token_type":"pop", "expires_in":1800, "kid":"22BIjxU93h/IgwEb", "key":"v51N62OM65kyMvfTI08O" "alg":HMAC-SHA-256-128 }Then, you need to fill in AccessToken, KeyId and MacKey, LifeTime with the OAuth 2.0 parameters. TBD.