{"id":16559247,"url":"https://github.com/goooler/androidoauth2webview","last_synced_at":"2025-10-28T21:30:18.477Z","repository":{"id":181966896,"uuid":"667738012","full_name":"Goooler/AndroidOAuth2WebView","owner":"Goooler","description":"Easy and fast setup of the OAuth2 Authorization Code Grant flow with a WebView for an Android application.","archived":false,"fork":false,"pushed_at":"2024-09-18T01:39:49.000Z","size":482,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-05T07:04:53.768Z","etag":null,"topics":["oauth2","webview"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"AlessandroDeFrancesco/AndroidOAuth2WebView","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Goooler.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-18T07:37:47.000Z","updated_at":"2024-09-18T01:39:51.000Z","dependencies_parsed_at":"2023-07-18T09:15:44.548Z","dependency_job_id":"1d8cdf69-338c-4bcc-a1ce-2748eca24cf1","html_url":"https://github.com/Goooler/AndroidOAuth2WebView","commit_stats":null,"previous_names":["goooler/androidoauth2webview"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Goooler%2FAndroidOAuth2WebView","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Goooler%2FAndroidOAuth2WebView/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Goooler%2FAndroidOAuth2WebView/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Goooler%2FAndroidOAuth2WebView/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Goooler","download_url":"https://codeload.github.com/Goooler/AndroidOAuth2WebView/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238720298,"owners_count":19519324,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["oauth2","webview"],"created_at":"2024-10-11T20:25:19.002Z","updated_at":"2025-10-28T21:30:17.288Z","avatar_url":"https://github.com/Goooler.png","language":"Kotlin","readme":"# Android OAuth2 Authorization Code Grant\n\n[![Sonatype Nexus (Snapshots)](https://img.shields.io/nexus/s/io.github.goooler.oauth2webview/oauth2webview?\u0026server=https://s01.oss.sonatype.org/)](https://s01.oss.sonatype.org/content/repositories/snapshots/io/github/goooler/oauth2webview/oauth2webview)\n\nThis is a fork of [AlessandroDeFrancesco/AndroidOAuth2WebView](https://github.com/AlessandroDeFrancesco/AndroidOAuth2WebView), wants to be the easiest and fastest setup of the OAuth2 Authorization Code Grant flow for an Android application.\n\nThe only external library used is OkHttp to make requests to the Authorization Server.\n\nWhy not building on Chrome Custom Tabs like [Auth0.Android](https://github.com/auth0/Auth0.Android) or [openid/AppAuth-Android](https://github.com/openid/AppAuth-Android)? Because its customization options are not as extensive the WebView.\n\n## Usage\n\nYou can start the OAuth2 Authorization Code Grant by following these steps:\n\n1. Create an Activity/Fragment with a WebView\n2. Initialize the OAuth2AccessTokenManager (Preferably as a Singleton or through Injection)\n    ```kotlin\n    /*\n    * Example with Instagram API (https://www.instagram.com/developer/)\n    */\n    val sharedPreferences = getSharedPreferences(\"PREFERENCES\", Context.MODE_PRIVATE)\n    val storageSharedPreferences = OAuth2AccessTokenStorageSharedPreferences(sharedPreferences)\n    accessTokenManager = OAuth2AccessTokenManager(\n        storage = storageSharedPreferences,\n        authorizationEndpoint = AUTHORIZATION_ENDPOINT,\n        tokenEndpoint = TOKEN_ENDPOINT,\n        clientID = CLIENT_ID,\n        clientSecret = CLIENT_SECRET,\n        redirectUri = \"http://samplecallback.com/\",\n        scope = \"basic\"\n    )\n    ```\n3. Let the accessTokenManager set up the WebView\n    ```kotlin\n    accessTokenManager.setUpWebView(\n        binding.webView,\n        object : OAuth2StateListener {\n            override fun onFailure(e: OAuth2Exception) {\n                Log.e(\"Login\", \"Failure\")\n            }\n            override fun onSuccess(token: OAuth2AccessToken) {\n                Log.d(\"Login\", \"Success\")\n            }\n\n            override fun onLoading() {\n                Log.e(\"Login\", \"Loading\")\n            }\n        },\n    )\n    ```\n4. On a successful login you can access and use the Access Token anywhere:\n    ```kotlin\n    // Asynchronously\n    accessTokenManager.retrieveValidAccessToken { result -\u003e\n        override fun onSuccess(token: OAuth2AccessToken) {\n            Log.d(\"Access Token\", token.accessToken)\n        }\n\n        override fun onFailure(e: OAuth2Exception) = Unit\n\n        override fun onLoading() = Unit\n    }\n    ```\n\n    ```kotlin\n    // Synchronously (Beware that it can make a network request if the token is expired and can crash the app if it is made in the UI Thread)\n    val storedToken = accessTokenManager.retrieveValidAccessTokenBlocking()\n    Log.d(\"Access Token\", storedToken.accessToken)\n    ```\n    The OAuth2AccessTokenManager will take care of refreshing the token when it expires.\n\n# Customizations\n\n## Token Storage\n\nThe OAuth2AccessTokenManager uses OAuth2AccessTokenStorage to store and retrieve the access token securely. A naive implementation is provided as example, OAuth2AccessTokenStorageSharedPreferences uses the shared preferences in MODE_PRIVATE to save it. You can implement OAuth2AccessTokenStorage as you wish with the level of security that you need.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoooler%2Fandroidoauth2webview","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoooler%2Fandroidoauth2webview","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoooler%2Fandroidoauth2webview/lists"}