org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest Maven / Gradle / Ivy
/**
* Copyright 2010 Newcastle University
*
* http://research.ncl.ac.uk/smart/
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.oltu.oauth2.rs.request;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.types.ParameterStyle;
import org.apache.oltu.oauth2.common.message.types.TokenType;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.apache.oltu.oauth2.common.validators.OAuthValidator;
import org.apache.oltu.oauth2.rs.BearerResourceServer;
import org.apache.oltu.oauth2.rs.ResourceServer;
import org.apache.oltu.oauth2.rs.extractor.TokenExtractor;
/**
*
*
*
*/
public class OAuthAccessResourceRequest {
private HttpServletRequest request;
private ParameterStyle[] parameterStyles=new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE};
private TokenType[] tokenTypes=new TokenType []{OAuth.DEFAULT_TOKEN_TYPE};
private ParameterStyle usedParameterStyle;
private ResourceServer usedResourceServer;
protected static Map tokens = new HashMap();
private TokenExtractor extractor;
{
tokens.put(TokenType.BEARER, BearerResourceServer.class);
//TODO add MACResourceServer - see AMBER-41
}
public OAuthAccessResourceRequest(HttpServletRequest request)
throws OAuthSystemException, OAuthProblemException {
this(request,new TokenType []{OAuth.DEFAULT_TOKEN_TYPE}, new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE});
}
public OAuthAccessResourceRequest(HttpServletRequest request, ParameterStyle... parameterStyles)
throws OAuthSystemException, OAuthProblemException {
this(request,new TokenType []{OAuth.DEFAULT_TOKEN_TYPE}, parameterStyles);
}
public OAuthAccessResourceRequest(HttpServletRequest request, TokenType... tokenTypes)
throws OAuthSystemException, OAuthProblemException {
this(request,tokenTypes, new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE});
}
public OAuthAccessResourceRequest(HttpServletRequest request, TokenType[] tokenTypes ,ParameterStyle[] parameterStyles)
throws OAuthSystemException, OAuthProblemException {
this.request = request;
this.tokenTypes = tokenTypes;
this.parameterStyles = parameterStyles;
this.validate();
}
public String getAccessToken() throws OAuthSystemException {
return extractor.getAccessToken(request);
}
private void validate() throws OAuthSystemException, OAuthProblemException {
int foundValidStyles = 0;
boolean lackAuthInfo = false;
OAuthProblemException ex = null;
String lackAuthReason = "OAuth parameters were not found";
for (TokenType tokenType : tokenTypes) {
ResourceServer resourceServer=instantiateResourceServer(tokenType);
for (ParameterStyle style : parameterStyles) {
try {
OAuthValidator validator = resourceServer.instantiateValidator(style);
validator.validateContentType(request);
validator.validateMethod(request);
validator.validateRequiredParameters(request);
usedParameterStyle = style;
usedResourceServer = resourceServer;
foundValidStyles++;
} catch (OAuthProblemException e) {
//request lacks any authentication information?
if (OAuthUtils.isEmpty(e.getError())) {
lackAuthInfo = true;
lackAuthReason = e.getDescription();
} else {
ex = OAuthProblemException.error(e.getError(), e.getDescription());
}
}
}
}
if (foundValidStyles > 1) {
throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
"Found more than one mechanism for authenticating client");
}
if (ex != null) {
throw ex;
}
if (foundValidStyles == 0 && lackAuthInfo) {
throw OAuthProblemException.error(null, lackAuthReason);
}
if (foundValidStyles == 0) {
throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
"OAuth parameters were not found");
}
extractor= usedResourceServer.instantiateExtractor(usedParameterStyle);
}
public static ResourceServer instantiateResourceServer(TokenType tokenType) throws OAuthSystemException {
Class clazz = tokens.get(tokenType);
if (clazz == null) {
throw new OAuthSystemException("Cannot instantiate a resource server.");
}
return (ResourceServer)OAuthUtils.instantiateClass(clazz);
}
}