All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.wavemaker.commons.auth.oauth2.OAuth2Helper Maven / Gradle / Ivy

/**
 * Copyright (C) 2020 WaveMaker, Inc.
 * 

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at *

* http://www.apache.org/licenses/LICENSE-2.0 *

* Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.wavemaker.commons.auth.oauth2; import java.io.IOException; import java.util.Base64; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.StringSubstitutor; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.wavemaker.commons.MessageResource; import com.wavemaker.commons.WMRuntimeException; import com.wavemaker.commons.auth.oauth2.extractors.AccessTokenRequestContext; import com.wavemaker.commons.auth.oauth2.extractors.AccessTokenResponseExtractor; import com.wavemaker.commons.io.ClassPathFile; import com.wavemaker.commons.json.JSONUtils; /** * Created by srujant on 26/7/17. */ public class OAuth2Helper { private static final String OAUTH_CALLBACK_URL_RESPONSE = "templates/oauth2/oauth_callback_url_response.ftl"; private static final Logger logger = LoggerFactory.getLogger(OAuth2Helper.class); private static AccessTokenResponseExtractor accessTokenResponseExtractor = new AccessTokenResponseExtractor(); private OAuth2Helper() { } /** * Build the authorizationUrl of the oauth2 provider using {@link OAuth2ProviderConfig}. Adds redirectUrl, * state and response_type query parameters to authorizationUrl. * */ public static String getAuthorizationUrl(OAuth2ProviderConfig oAuth2ProviderConfig, String redirectUrl, String state) { String scope = getScopeValue(oAuth2ProviderConfig); String encodedState = new String(Base64.getEncoder().encode(state.getBytes())); String authorizationUrl = oAuth2ProviderConfig.getAuthorizationUrl(); String queryParamDelimiter = authorizationUrl.contains("?") ? "&" : "?"; StringBuilder sb = new StringBuilder(authorizationUrl) .append(queryParamDelimiter) .append(OAuth2Constants.CLIENT_ID).append("=").append(oAuth2ProviderConfig.getClientId()) .append("&").append(OAuth2Constants.REDIRECT_URI).append("=").append(redirectUrl) .append("&").append(OAuth2Constants.RESPONSE_TYPE).append("=code") .append("&").append(OAuth2Constants.STATE).append("=").append(encodedState); if (StringUtils.isNotBlank(scope)) { sb.append("&").append(OAuth2Constants.SCOPE).append("=").append(scope); } return sb.toString(); } /** * Decodes jsonString {@param stateParameter} and deserializes the jsonString to Map. * Deserialization os jsonString {@param stateParameter} to Map. * */ public static Map getStateObject(String stateParameter) { String stateParam = new String(Base64.getDecoder().decode(stateParameter)); try { return JSONUtils.toObject(stateParam, Map.class); } catch (IOException e) { throw new WMRuntimeException(e); } } /** * Creates a encoded json string representation of {@param stateObject} ( Serializtion of stateObject map to json string). * */ public static String getStateParameterValue(Map stateObject) { String stateParameter = JSONUtils.toJSON(stateObject); return new String(Base64.getEncoder().encode(stateParameter.getBytes())); } public static String getAccessTokenApiRequestBody(OAuth2ProviderConfig oAuth2ProviderConfig, String code, String redirectUri) { return new StringBuilder(OAuth2Constants.CLIENT_ID).append("=").append(oAuth2ProviderConfig.getClientId()) .append("&").append(OAuth2Constants.CLIENT_SECRET).append("=").append(oAuth2ProviderConfig.getClientSecret()) .append("&").append(OAuth2Constants.CODE).append("=").append(code) .append("&").append(OAuth2Constants.REDIRECT_URI).append("=").append(redirectUri) .append("&").append(OAuth2Constants.GRANT_TYPE).append("=authorization_code").toString(); } public static String extractAccessToken(AccessTokenRequestContext accessTokenRequestContext) { logger.debug("AuthorizationServerResponse for get token api is {}", accessTokenRequestContext.getResponseBody()); String accessToken = accessTokenResponseExtractor.getAccessToken(accessTokenRequestContext); if (accessToken == null) { throw new WMRuntimeException(MessageResource.create("com.wavemaker.commons.AccessTokenResponseExtractor.not.found"), accessTokenRequestContext.getMediaType()); } return accessToken; } public static String getCallbackResponse(String providerId, String accessToken, String customUrlScheme, String requestSourceType) { Map input = new HashMap<>(); input.put("providerId", providerId); input.put(OAuth2Constants.CUSTOM_URL_SCHEME, customUrlScheme); input.put(OAuth2Constants.REQUEST_SOURCE_TYPE, requestSourceType); input.put("accessToken", accessToken); return StringSubstitutor.replace(new ClassPathFile(OAUTH_CALLBACK_URL_RESPONSE).getContent().asString(), input); } private static String getScopeValue(OAuth2ProviderConfig oAuth2ProviderConfig) { List scopesList = oAuth2ProviderConfig.getScopes(); return scopesList.stream().map(Scope::getValue).distinct().collect(Collectors.joining(" ")); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy