[Java] OAuth2 Implicit Code Flow How To


I am new to Java development and I have been trying to figure out the basic code flow for authentication with the API. Looking over the authentication methods listed on the documentation the Implicit Code flow is the method I need to implement.

The question is how can I capture the access token from the redirect URL on the users default web browser programmatically with my application?

For some background on where I am at see below:

I have been able to successfully generate an authentication URL that will allow login. It successfully redirects to the URL with the access_token for use in my application. However I am stumped on how I can automate the capture of this token when I send the user using their default browser.

I tried to handle this with an embedded browser using the JavaFX WebEngine, but the solution I built doesn’t work. As far as I can tell WebEngine doesn’t play nicely with the Twitch website. That is to say it often freezes while trying to send the login attempt, so despite the code to capture the redirectURL and parse it I never get that far.

All that being said, how would I go about building a listener to wait for the user to redirect to their local host after login and capture the URL so that I can parse it and save the token for use with my application?

Some applications start a web server running on localhost with a high numbered port and capture the redirect that way. You would need to use the authorization code flow instead if you use that method.

I have no idea where to start to build that, but I suppose I can do some research into that option.

The only reason I was assuming I had to go Implicit was that I do not have a web server. However it did not occur to me that I could use Localhost to serve that function.

Any recommended reading I can get started on would be helpful.

I was able to solve my issue and stick with Implicit code flow.

I did have to create a simple server pointed to the port in my redirect URL. It would then direct the user to an embedded HTML page that ran a JavaScript file to pull and process the token information for capturing.

The basic setup information was based off of an old Java Twitch wrapper that worked with an old API.

That wrapper is posted on these forums elsewhere, but for anyone that stumbles onto this in the future you can find it here: https://github.com/urgrue/Java-Twitch-Api-Wrapper

As mentioned this wrapper is designed for v3 so it is quite out of date. However you can use the class files under the auth package as a starting point to build a service that will work with the new API.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.