• Home
• com.google.oauth-client
• google-oauth-client
• 1.24.1
• source code
• BearerToken.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.google.api.client.auth.oauth2.BearerToken Maven / Gradle / Ivy

/*
 * Copyright (c) 2011 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the License for the specific language governing permissions and limitations under
 * the License.
 */

package com.google.api.client.auth.oauth2;

import com.google.api.client.http.HttpMethods;
import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.UrlEncodedContent;
import com.google.api.client.util.Data;
import com.google.api.client.util.Preconditions;

import java.io.IOException;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;

/**
 * OAuth 2.0 helper for accessing protected resources using the Bearer Token specification.
 *
 * @since 1.7
 * @author Yaniv Inbar
 */
public class BearerToken {

  /** Query and form-encoded parameter name. */
  static final String PARAM_NAME = "access_token";

  /**
   * In case an abnormal HTTP response is received with {@code WWW-Authenticate} header, and its
   * value contains this error pattern, we will try to refresh the token.
   */
  static final Pattern INVALID_TOKEN_ERROR =
      Pattern.compile("\\s*error\\s*=\\s*\"?invalid_token\"?");

  /**
   * Immutable and thread-safe OAuth 2.0 method for accessing protected resources using the Authorization Request Header Field.
   *
   * 

   * According to the specification, this method MUST be supported by resource servers.
   * 
   */
  static final class AuthorizationHeaderAccessMethod implements Credential.AccessMethod {

    /** Authorization header prefix. */
    static final String HEADER_PREFIX = "Bearer ";

    AuthorizationHeaderAccessMethod() {
    }

    public void intercept(HttpRequest request, String accessToken) throws IOException {
      request.getHeaders().setAuthorization(HEADER_PREFIX + accessToken);
    }

    public String getAccessTokenFromRequest(HttpRequest request) {
      List authorizationAsList = request.getHeaders().getAuthorizationAsList();
      if (authorizationAsList != null) {
        for (String header : authorizationAsList) {
          if (header.startsWith(HEADER_PREFIX)) {
            return header.substring(HEADER_PREFIX.length());
          }
        }
      }
      return null;
    }
  }

  /**
   * Immutable and thread-safe OAuth 2.0 method for accessing protected resources using the Form-Encoded Body Parameter.
   */
  static final class FormEncodedBodyAccessMethod implements Credential.AccessMethod {

    FormEncodedBodyAccessMethod() {
    }

    public void intercept(HttpRequest request, String accessToken) throws IOException {
      Preconditions.checkArgument(
          !HttpMethods.GET.equals(request.getRequestMethod()), "HTTP GET method is not supported");
      getData(request).put(PARAM_NAME, accessToken);
    }

    public String getAccessTokenFromRequest(HttpRequest request) {
      Object bodyParam = getData(request).get(PARAM_NAME);
      return bodyParam == null ? null : bodyParam.toString();
    }

    private static Map getData(HttpRequest request) {
      return Data.mapOf(UrlEncodedContent.getContent(request).getData());
    }
  }

  /**
   * Immutable and thread-safe OAuth 2.0 method for accessing protected resources using the URI Query Parameter.
   */
  static final class QueryParameterAccessMethod implements Credential.AccessMethod {

    QueryParameterAccessMethod() {
    }

    public void intercept(HttpRequest request, String accessToken) throws IOException {
      request.getUrl().set(PARAM_NAME, accessToken);
    }

    public String getAccessTokenFromRequest(HttpRequest request) {
      Object param = request.getUrl().get(PARAM_NAME);
      return param == null ? null : param.toString();
    }
  }

  /**
   * Returns a new instance of an immutable and thread-safe OAuth 2.0 method for accessing protected
   * resources using the Authorization
   * Request Header Field.
   *
   * 

   * According to the specification, this method MUST be supported by resource servers.
   * 
   */
  public static Credential.AccessMethod authorizationHeaderAccessMethod() {
    return new AuthorizationHeaderAccessMethod();
  }

  /**
   * Returns a new instance of an immutable and thread-safe OAuth 2.0 method for accessing protected
   * resources using the Form-Encoded Body
   * Parameter.
   */
  public static Credential.AccessMethod formEncodedBodyAccessMethod() {
    return new FormEncodedBodyAccessMethod();
  }

  /**
   * Returns a new instance of an immutable and thread-safe OAuth 2.0 method for accessing protected
   * resources using the URI Query
   * Parameter.
   */
  public static Credential.AccessMethod queryParameterAccessMethod() {
    return new QueryParameterAccessMethod();
  }
}