• Home
• org.glassfish.jersey.security
• oauth2-client
• 4.0.0-M2
• source code
• OAuth2ClientSupport.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.glassfish.jersey.client.oauth2.OAuth2ClientSupport Maven / Gradle / Ivy

/*
 * Copyright (c) 2013, 2020 Oracle and/or its affiliates. All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0, which is available at
 * http://www.eclipse.org/legal/epl-2.0.
 *
 * This Source Code may also be made available under the following Secondary
 * Licenses when the conditions for such availability set forth in the
 * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
 * version 2 with the GNU Classpath Exception, which is available at
 * https://www.gnu.org/software/classpath/license.html.
 *
 * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
 */

package org.glassfish.jersey.client.oauth2;

import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.core.Feature;

/**
 * Main class to build the Authorization Flow instances and {@link jakarta.ws.rs.core.Feature client filter feature} that
 * can supports performing of authenticated OAuth requests.
 * 
Authorization flow
 * For more information about authorization flow, see {@link OAuth2CodeGrantFlow}.
 * 
Client feature
 * 

 * Use method {@link #feature(String)} to build the feature. OAuth2 client filter feature registers
 * the support for performing authenticated requests to the
 * Service Provider. The feature uses an access token to initialize
 * the internal {@link jakarta.ws.rs.container.ContainerRequestFilter filter}
 * which will add {@code Authorization} http header containing OAuth 2 authorization information (based
 * on {@code bearer} tokens).
 * 
 *
 * 

 * The internal filter can be controlled by properties put into
 * the {@link jakarta.ws.rs.client.ClientRequestContext client request}
 * using {@link jakarta.ws.rs.client.ClientRequestContext#setProperty(String, Object)} method. The property key
 * is defined in this class as a static variables
 * ({@link OAuth2ClientSupport#OAUTH2_PROPERTY_ACCESS_TOKEN} (see its javadoc for usage).
 * Using the property a specific
 * access token can be defined for each request.
 * 
 * Example of using specific access token for one request:
 * 
 * final Response response = client.target("foo").request()
 *           .property(OAUTH2_PROPERTY_ACCESS_TOKEN, "6ab45ab465e46f54d771a").get();
 * 

 *
 * @author Miroslav Fuksa
 * @since 2.3
 */
public final class OAuth2ClientSupport {
    /**
     * Key of the property that can be attached to the
     * {@link jakarta.ws.rs.client.ClientRequestContext client request} using
     * {@link jakarta.ws.rs.client.ClientRequestContext#setProperty(String, Object)} and that
     * defines access token that should be used when generating OAuth {@code Authorization}
     * http header. The property will override the setting of the internal
     * {@link jakarta.ws.rs.client.ClientRequestFilter filter} for the current request only. This property
     * can be used only when {@link jakarta.ws.rs.core.Feature OAauth 2 filter feature} is
     * registered into the {@link jakarta.ws.rs.client.Client}
     * instance.
     * 

     * The value of the property must be a {@link String}.
     * 
     */
    public static final String OAUTH2_PROPERTY_ACCESS_TOKEN = "jersey.config.client.oauth2.access.token";

    /**
     * Build the {@link Feature client filter feature} from the {@code accessToken} that will add
     * {@code Authorization} http header to the request with the OAuth authorization information.
     *
     *
     * @param accessToken Access token to be used in the authorization header or {@code null}
     *                    if no default access token should be defined. In this case the token
     *                    will have to be set for each request using {@link #OAUTH2_PROPERTY_ACCESS_TOKEN}
     *                    property.
     * @return Client feature.
     */
    public static Feature feature(String accessToken) {
        return new OAuth2ClientFeature(accessToken);
    }

    /**
     * Get the builder of the {@link OAuth2CodeGrantFlow Authorization Code Grant Flow}.
     *
     * @param clientIdentifier Client identifier (id of application that wants to be approved). Issued by the
     *                         Service Provider.
     * @param authorizationUri The URI to which the user should be redirected to authorize our application.
     *                         The URI points to the
     *                          authorization server and is defined by the Service Provider.
     * @param accessTokenUri The access token URI on which the access token can be requested. The URI points to the
     *                          authorization server and is defined by the Service Provider.
     * @return builder of the {@link OAuth2CodeGrantFlow Authorization Code Grant Flow}.
     */
    public static OAuth2CodeGrantFlow.Builder authorizationCodeGrantFlowBuilder(ClientIdentifier clientIdentifier,
                                                                                String authorizationUri,
                                                                                String accessTokenUri) {
        return new AuthCodeGrantImpl.Builder(clientIdentifier, authorizationUri, accessTokenUri);
    }

    /**
     * Get a builder that can be directly used to perform Authorization Code Grant flow defined by
     * Google.
     *
     * @param clientIdentifier Client identifier (id of application that wants to be approved). Issued by the
     *                         Service Provider.
     * @param redirectURI URI to which the user (resource owner) should be redirected after he/she
     *                    grants access to our application or {@code null} if the application
     *                    does not support redirection (eg. is not a web server).
     * @param scope The api to which an access is requested (eg. Google tasks).
     * @return Google builder instance.
     */
    public static OAuth2FlowGoogleBuilder googleFlowBuilder(ClientIdentifier clientIdentifier,
                                                            String redirectURI, String scope) {

        return new OAuth2FlowGoogleBuilder()
                .authorizationUri("https://accounts.google.com/o/oauth2/auth")
                .accessTokenUri("https://accounts.google.com/o/oauth2/token")
                .redirectUri(redirectURI == null ? OAuth2Parameters.REDIRECT_URI_UNDEFINED : redirectURI)
                .clientIdentifier(clientIdentifier)
                .scope(scope);
    }

    /**
     * Get a builder that can be directly used to perform Authorization Code Grant flow defined by
     * Facebook.
     *
     * @param clientIdentifier Client identifier (id of application that wants to be approved). Issued by the
     *                         Service Provider.
     * @param redirectURI URI to which the user (resource owner) should be redirected after he/she
     *                    grants access to our application or {@code null} if the application
     *                    does not support redirection (eg. is not a web server).
     * 

     * @return Builder instance.
     */
    public static OAuth2CodeGrantFlow.Builder facebookFlowBuilder(ClientIdentifier clientIdentifier,
                                                                  String redirectURI) {
        return OAuth2FlowFacebookBuilder.getFacebookAuthorizationBuilder(clientIdentifier, redirectURI,
                ClientBuilder.newClient());
    }

    /**
     * Prevent instantiation.
     */
    private OAuth2ClientSupport() {
    }
}