• Home
• com.authlete
• authlete-java-jakarta
• 2.88
• source code
• BaseGrantManagementEndpoint.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.authlete.jakarta.BaseGrantManagementEndpoint Maven / Gradle / Ivy

/*
 * Copyright (C) 2021-2025 Authlete, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 * either express or implied. See the License for the specific
 * language governing permissions and limitations under the
 * License.
 */
package com.authlete.jakarta;


import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.Response;
import com.authlete.common.api.AuthleteApi;
import com.authlete.common.api.Options;
import com.authlete.common.dto.GMRequest;
import com.authlete.common.types.GMAction;


/**
 * A base class for grant management endpoint.
 *
 * @since 2.38
 *
 * @see Grant Management for OAuth 2.0
 */
public class BaseGrantManagementEndpoint extends BaseResourceEndpoint
{
    /**
     * Handle a grant management request. This method is an alias of {@link
     * #handle(AuthleteApi, HttpServletRequest, String, Options) handle}{@code
     * (api, req, grantId, null)}.
     *
     * @param api
     *         An implementation of {@link AuthleteApi}.
     *
     * @param req
     *         An HTTP request that the grant management endpoint received.
     *         Its HTTP method must be either {@code GET} or {@code DELETE}.
     *
     * @param grantId
     *         The grant ID included in the API call to the grant management
     *         endpoint. The last part of the path of the URL.
     *
     * @return
     *         A response that should be returned to the client application.
     *
     * @throws WebApplicationException
     *         An exception generated by {@link GMRequestHandler}.
     */
    public Response handle(
            AuthleteApi api, HttpServletRequest req, String grantId) throws WebApplicationException
    {
        return handle(api, req, grantId, null);
    }


    /**
     * Handle a grant management request.
     *
     * 

     * This method internally creates a {@link GMRequestHandler} instance and
     * calls its {@link GMRequestHandler#handle(GMRequest, Options)} method.
     * 
     *
     * @param api
     *         An implementation of {@link AuthleteApi}.
     *
     * @param req
     *         An HTTP request that the grant management endpoint received.
     *         Its HTTP method must be either {@code GET} or {@code DELETE}.
     *
     * @param grantId
     *         The grant ID included in the API call to the grant management
     *         endpoint. The last part of the path of the URL.
     *
     * @param options
     *         The request options for the {@code /api/gm} API.
     *
     * @return
     *         A response that should be returned to the client application.
     *
     * @throws WebApplicationException
     *         An exception generated by {@link GMRequestHandler}.
     *
     * @since 2.82
     */
    public Response handle(
            AuthleteApi api, HttpServletRequest req, String grantId, Options options)
                    throws WebApplicationException
    {
        // Construct request parameters for an API call to the /api/gm API.
        GMRequest request = buildRequest(req, grantId);

        // Create a handler that communicates with the /api/gm API.
        GMRequestHandler handler = new GMRequestHandler(api);

        // Call the /api/gm API and handle the response.
        return handler.handle(request, options);
    }


    /**
     * Construct request parameters for an API call to the /api/gm API.
     */
    private GMRequest buildRequest(HttpServletRequest req, String grantId)
    {
        return new GMRequest()
                .setGmAction(determineGmAction(req))
                .setGrantId(grantId)
                .setAccessToken(extractAccessToken(req))
                .setClientCertificate(extractClientCertificate(req))
                .setDpop(extractDpop(req))
                ;
    }


    /**
     * Determine the value of the gmAction parameter from the HTTP method.
     */
    private static GMAction determineGmAction(HttpServletRequest req)
    {
        if ("DELETE".equalsIgnoreCase(req.getMethod()))
        {
            return GMAction.REVOKE;
        }
        else
        {
            return GMAction.QUERY;
        }
    }


    /**
     * Extract an access token from the Authorization header.
     */
    private String extractAccessToken(HttpServletRequest req)
    {
        return extractAccessToken(
                req.getHeader(HttpHeaders.AUTHORIZATION), null);
    }


    /**
     * Extract the value of the DPoP header.
     */
    private String extractDpop(HttpServletRequest req)
    {
        return req.getHeader("DPoP");
    }
}