Client (Duo Universal Java 1.1.3 API)

java.lang.Object
- com.duosecurity.Client

```
public class Client
extends Object
```
Client serves as the entry point for this library. Instantiating this class gives access to four public methods required for Duo's Universal Prompt 2FA.

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class Client.Builder

Nested Classes
Modifier and Type	Class and Description
`static class`	`Client.Builder`

Field Summary

Fields
Modifier and Type Field and Description

protected DuoConnector duoConnector

Fields
Modifier and Type	Field and Description
`protected DuoConnector`	`duoConnector`

Constructor Summary

Constructors
Constructor and Description
`Client(String clientId, String clientSecret, String apiHost, String redirectUri)` Deprecated. The constructors are deprecated. Prefer the `Client.Builder` for instantiating Clients
`Client(String clientId, String clientSecret, String apiHost, String redirectUri, String[] userCaCerts)` Deprecated. The constructors are deprecated. Prefer the `Client.Builder` for instantiating Clients

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`createAuthUrl(String username, String state)` Constructs a string which can be used to redirect the client browser to Duo for 2FA.
`Token`	`exchangeAuthorizationCodeFor2FAResult(String duoCode, String username)` Verifies the duoCode returned by Duo and exchanges it for a `Token` which contains information pertaining to the auth.
`Token`	`exchangeAuthorizationCodeFor2FAResult(String duoCode, TokenValidator validator)` Verifies the duoCode returned by Duo and exchanges it for a `Token` which contains information pertaining to the auth.
`String`	`generateState()` Generates a 36 character random identifier to be used as the state variable in the createAuthUrl method.
`HealthCheckResponse`	`healthCheck()` Checks if Duo is healthy and available for 2FA.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - duoConnector
```
protected DuoConnector duoConnector
```
- Constructor Detail
  - Client
```
@Deprecated
public Client(String clientId,
                          String clientSecret,
                          String apiHost,
                          String redirectUri)
                   throws DuoException
```
    Deprecated. The constructors are deprecated. Prefer the Client.Builder for instantiating Clients
    
    Legacy simple constructor.
    
    Parameters:
    
    clientId - This value is the client id provided by Duo in the admin panel.
    
    clientSecret - This value is the client secret provided by Duo in the admin panel.
    
    apiHost - This value is the api host provided by Duo in the admin panel.
    
    redirectUri - This value is the uri which Duo should redirect to after 2FA is completed.
    
    Throws:
    
    DuoException - For problems building the client
  - Client
```
@Deprecated
public Client(String clientId,
                          String clientSecret,
                          String apiHost,
                          String redirectUri,
                          String[] userCaCerts)
                   throws DuoException
```
    Deprecated. The constructors are deprecated. Prefer the Client.Builder for instantiating Clients
    
    Legacy constructor which allows specifying custom CaCerts.
    
    Parameters:
    
    clientId - This value is the client id provided by Duo in the admin panel.
    
    clientSecret - This value is the client secret provided by Duo in the admin panel.
    
    apiHost - This value is the api host provided by Duo in the admin panel.
    
    redirectUri - This value is the uri which Duo should redirect to after 2FA is completed.
    
    userCaCerts - This value is a list of CA Certificates used to validate connections to Duo
    
    Throws:
    
    DuoException - For problems building the client
- Method Detail
  - healthCheck
```
public HealthCheckResponse healthCheck()
                                throws DuoException
```
    Checks if Duo is healthy and available for 2FA.
    
    Returns:
    
    HealthCheckResponse
    
    Throws:
    
    DuoException - For health check errors
  - createAuthUrl
```
public String createAuthUrl(String username,
                            String state)
                     throws DuoException
```
    Constructs a string which can be used to redirect the client browser to Duo for 2FA.
    
    Parameters:
    
    username - The user to be authenticated by Duo.
    
    state - A randomly generated String with at least 22 characters This value will be returned to the integration post 2FA and should be validated. generateState() exists as a utility function to generate this param.
    
    Returns:
    
    String
    
    Throws:
    
    DuoException - For problems creating the auth url
  - exchangeAuthorizationCodeFor2FAResult
```
public Token exchangeAuthorizationCodeFor2FAResult(String duoCode,
                                                   String username)
                                            throws DuoException
```
    Verifies the duoCode returned by Duo and exchanges it for a Token which contains information pertaining to the auth. Uses the default token validator defined in DuoIdTokenValidator. To use a custom validator, see exchangeAuthorizationCodeFor2FAResult(String, TokenValidator)
    
    Parameters:
    
    duoCode - This string is an identifier for the auth and should be exchanged with Duo for a token to determine if the auth was successful as well as obtain meta-data about about the auth.
    
    username - The user to be authenticated by Duo
    
    Returns:
    
    Token
    
    Throws:
    
    DuoException - For errors exchanging duoCode for 2FA results
  - exchangeAuthorizationCodeFor2FAResult
```
public Token exchangeAuthorizationCodeFor2FAResult(String duoCode,
                                                   TokenValidator validator)
                                            throws DuoException
```
    Verifies the duoCode returned by Duo and exchanges it for a Token which contains information pertaining to the auth. This version of the method allows the use of a custom JWT token validator. If you use a custom validator: You MUST confirm the integrity of the token by using the client secret to validate the SHA512 HMAC You MUST check the claims for Issuer Audience Issued at / Expiration Username (preferred_username)
    
    Parameters:
    
    duoCode - This string is an identifier for the auth and should be exchanged with Duo for a token to determine if the auth was successful as well as obtain meta-data about the auth.
    
    validator - A TokenValidator that will validate and decode the JWT ID Token provided by Duo.
    
    Returns:
    
    Token
    
    Throws:
    
    DuoException - For errors exchanging duoCode for 2FA results
  - generateState
```
public String generateState()
```
    Generates a 36 character random identifier to be used as the state variable in the createAuthUrl method. This value should be stored in a variable and validated against the state returned by Duo.
    
    Returns:
    
    String

Class Client

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

duoConnector

Constructor Detail

Client

Client

Method Detail

healthCheck

createAuthUrl

exchangeAuthorizationCodeFor2FAResult

exchangeAuthorizationCodeFor2FAResult

generateState