{"id":22268316,"url":"https://github.com/coffeelibs/tiny-oauth2-client","last_synced_at":"2025-10-19T04:43:28.473Z","repository":{"id":40652922,"uuid":"485365151","full_name":"coffeelibs/tiny-oauth2-client","owner":"coffeelibs","description":"Zero-Dependency RFC 8252 OAuth 2.0 Authorization Flow","archived":false,"fork":false,"pushed_at":"2025-04-01T06:16:31.000Z","size":184,"stargazers_count":7,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"develop","last_synced_at":"2025-04-04T20:51:13.305Z","etag":null,"topics":["java","oauth2","rfc-8252"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/coffeelibs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["overheadhunter"]}},"created_at":"2022-04-25T12:36:43.000Z","updated_at":"2025-02-15T21:43:31.000Z","dependencies_parsed_at":"2024-05-01T07:24:44.169Z","dependency_job_id":"58bb12b3-dda5-4bb0-bf0d-097a6ab54176","html_url":"https://github.com/coffeelibs/tiny-oauth2-client","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/coffeelibs/tiny-oauth2-client","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coffeelibs%2Ftiny-oauth2-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coffeelibs%2Ftiny-oauth2-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coffeelibs%2Ftiny-oauth2-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coffeelibs%2Ftiny-oauth2-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/coffeelibs","download_url":"https://codeload.github.com/coffeelibs/tiny-oauth2-client/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coffeelibs%2Ftiny-oauth2-client/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266822379,"owners_count":23989825,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-24T02:00:09.469Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","oauth2","rfc-8252"],"created_at":"2024-12-03T11:12:16.805Z","updated_at":"2025-10-19T04:43:23.448Z","avatar_url":"https://github.com/coffeelibs.png","language":"Java","funding_links":["https://github.com/sponsors/overheadhunter"],"categories":[],"sub_categories":[],"readme":"[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=coffeelibs_tiny-oauth2-client\u0026metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=coffeelibs_tiny-oauth2-client)\n[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=coffeelibs_tiny-oauth2-client\u0026metric=security_rating)](https://sonarcloud.io/summary/new_code?id=coffeelibs_tiny-oauth2-client)\n[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=coffeelibs_tiny-oauth2-client\u0026metric=coverage)](https://sonarcloud.io/summary/new_code?id=coffeelibs_tiny-oauth2-client)\n[![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=coffeelibs_tiny-oauth2-client\u0026metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=coffeelibs_tiny-oauth2-client)\n[![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=coffeelibs_tiny-oauth2-client\u0026metric=ncloc)](https://sonarcloud.io/summary/new_code?id=coffeelibs_tiny-oauth2-client)\n\n# Tiny OAuth2 Client\n\nThis is a minimal zero-dependency implementation of the [RFC 8252 OAuth 2.0 for Native Apps](https://datatracker.ietf.org/doc/html/rfc8252), relying\non [Loopback Interface Redirection](https://datatracker.ietf.org/doc/html/rfc8252#section-7.3) (i.e. no need to register a private-use URI scheme) with full\nsupport for [PKCE](https://datatracker.ietf.org/doc/html/rfc8252#section-8.1) and [CSRF Protection](https://datatracker.ietf.org/doc/html/rfc8252#section-8.9).\n\n## Requirements\n\n* Java 11+\n* Ideally some JSON or JWT parser of your choice\n\n## Usage\n\nThis library requires an instance of [`java.net.http.HttpClient`](https://docs.oracle.com/en/java/javase/21/docs/api/java.net.http/java/net/http/HttpClient.html).\n\n```java\n// usually the default is sufficent:\nvar httpClient = HttpClient.newHttpClient();\n\n// but feel free to adjust it to your needs, e.g. by applying custom proxy settings:\nvar httpClient = HttpClient.newBuilder()\n    .proxy(ProxySelector.of(InetSocketAddress.createUnresolved(\"https:\\\\example.com\",1337)))\n    .build();\n```\n\nNow to begin, start building an OAuth 2.0 Client via the fluent API:\n\n```java\nvar oauthClient = TinyOAuth2.client(\"oauth-client-id\") // The client identifier\n\t\t.withTokenEndpoint(URI.create(\"https://login.example.com/oauth2/token\")) // The token endpoint\n\t\t.withRequestTimeout(Duration.ofSeconds(10)) // optional\n        // ...\n```\n\nNext, continue with a specific grant type by invoking `.authorizationCodeGrant(...)` or `.clientCredentialsGrant(...)` (more may be added eventually).\n\n### Authorization Code Grant\nUsually, you would want to use the [Authorization Code Grant](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1) type to obtain access tokens.\nConfigure your Authorization Server to allow `http://127.0.0.1/*` as a redirect target and look up the authorization endpoint:\n\n```java\n// this library will just perform the Authorization Flow:\nvar httpResponse = oauthClient.authorizationCodeGrant(URI.create(\"https://login.example.com/oauth2/authorize\"))\n\t\t.authorize(httpClient, uri -\u003e System.out.println(\"Please login on \" + uri), \"openid\", \"profile\"); // optionally add scopes here);\n```\n\nIf your authorization server doesn't allow wildcards, you can also configure a fixed path (and even port) via e.g. `setRedirectPath(\"/callback\")` and `setRedirectPorts(8080)` before calling `authorize(...)`.\n\n### Client Credentials Grant\nAlternatively, if your client shall act on behalf of a service account, use the [Client Credentials Grant](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4) type,\nwhich allows the client to authenticate directly without further user interaction:\n\n```java\nvar httpResponse = oauthClient.clientCredentialsGrant(UTF_8, \"client secret\")\n        .authorize(httpClient, \"openid\", \"profile\"); // optionally add scopes here\n```\n\n### Parsing the Response\nFor maximum flexibility and minimal attack surface, this library does not include or depend on a specific parser. Instead, use a JSON or JWT parser of your choice to parse the Authorization Server's response:\n\n```java\nif (httpResponse.statusCode() == 200) {\n\t\tvar jsonString = httpResponse.body()\n\t\tvar bearerToken = parseJson(jsonString).get(\"access_token\");\n\t\t// ...\n}\n```\n\n## Why this library?\n\n* Often you just need to authorize your client and nothing more. Most OAuth2 libraries try to do a lot more\n* Nano-tiny-minuscule attack surface, since this doesn't contain any JOSE/JWT signature code, nor a fully-fledged web server\n* Focus is strictly on the authorization flow. Use any library for dealing with the tokens, you like.\n* Modular jar, exposing only one single public API. No need to read docs, you can't do anything wrong.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoffeelibs%2Ftiny-oauth2-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcoffeelibs%2Ftiny-oauth2-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoffeelibs%2Ftiny-oauth2-client/lists"}