• Home
• org.springframework.security.oauth
• spring-security-oauth2
• 2.4.0.RELEASE
• source code
• OAuth2Request.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.springframework.security.oauth2.provider.OAuth2Request Maven / Gradle / Ivy

package org.springframework.security.oauth2.provider;

import java.io.Serializable;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.common.util.OAuth2Utils;

/**
 * Represents a stored authorization or token request. Used as part of the OAuth2Authentication object to store a
 * request's authentication information. Does not expose public setters so that clients can not mutate state if they
 * respect the declared type of the request.
 *
 * 

 * @deprecated See the OAuth 2.0 Migration Guide for Spring Security 5.
 *
 * @author Amanda Anganes
 * @author Dave Syer
 * 
 */
@Deprecated
public class OAuth2Request extends BaseRequest implements Serializable {

	private static final long serialVersionUID = 1L;

	/**
	 * Resolved resource IDs. This set may change during request processing.
	 */
	private Set resourceIds = new HashSet();

	/**
	 * Resolved granted authorities for this request. May change during request processing.
	 */
	private Collection authorities = new HashSet();

	/**
	 * Whether the request has been approved by the end user (or other process). This will be altered by the User
	 * Approval Endpoint and/or the UserApprovalHandler as appropriate.
	 */
	private boolean approved = false;

	/**
	 * Will be non-null if the request is for a token to be refreshed (the original grant type might still be available
	 * via {@link #getGrantType()}).
	 */
	private TokenRequest refresh = null;

	/**
	 * The resolved redirect URI of this request. A URI may be present in the original request, in the
	 * authorizationParameters, or it may not be provided, in which case it will be defaulted (by processing classes) to
	 * the Client's default registered value.
	 */
	private String redirectUri;

	/**
	 * Resolved requested response types initialized (by the OAuth2RequestFactory) with the response types originally
	 * requested.
	 */
	private Set responseTypes = new HashSet();

	/**
	 * Extension point for custom processing classes which may wish to store additional information about the OAuth2
	 * request. Since this class is serializable, all members of this map must also be serializable.
	 */
	private Map extensions = new HashMap();

	public OAuth2Request(Map requestParameters, String clientId,
			Collection authorities, boolean approved, Set scope,
			Set resourceIds, String redirectUri, Set responseTypes,
			Map extensionProperties) {
		setClientId(clientId);
		setRequestParameters(requestParameters);
		setScope(scope);
		if (resourceIds != null) {
			this.resourceIds = new HashSet(resourceIds);
		}
		if (authorities != null) {
			this.authorities = new HashSet(authorities);
		}
		this.approved = approved;
		if (responseTypes != null) {
			this.responseTypes = new HashSet(responseTypes);
		}
		this.redirectUri = redirectUri;
		if (extensionProperties != null) {
			this.extensions = extensionProperties;
		}
	}

	protected OAuth2Request(OAuth2Request other) {
		this(other.getRequestParameters(), other.getClientId(), other.getAuthorities(), other.isApproved(), other
				.getScope(), other.getResourceIds(), other.getRedirectUri(), other.getResponseTypes(), other
				.getExtensions());
	}

	protected OAuth2Request(String clientId) {
		setClientId(clientId);
	}

	protected OAuth2Request() {
		super();
	}

	public String getRedirectUri() {
		return redirectUri;
	}

	public Set getResponseTypes() {
		return responseTypes;
	}

	public Collection getAuthorities() {
		return authorities;
	}

	public boolean isApproved() {
		return approved;
	}

	public Set getResourceIds() {
		return resourceIds;
	}

	public Map getExtensions() {
		return extensions;
	}

	/**
	 * Update the request parameters and return a new object with the same properties except the parameters.
	 * @param parameters new parameters replacing the existing ones
	 * @return a new OAuth2Request
	 */
	public OAuth2Request createOAuth2Request(Map parameters) {
		return new OAuth2Request(parameters, getClientId(), authorities, approved, getScope(), resourceIds,
				redirectUri, responseTypes, extensions);
	}

	/**
	 * Update the scope and create a new request. All the other properties are the same (including the request
	 * parameters).
	 * 
	 * @param scope the new scope
	 * @return a new request with the narrowed scope
	 */
	public OAuth2Request narrowScope(Set scope) {
		OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved, scope,
				resourceIds, redirectUri, responseTypes, extensions);
		request.refresh = this.refresh;
		return request;
	}

	public OAuth2Request refresh(TokenRequest tokenRequest) {
		OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved,
				getScope(), resourceIds, redirectUri, responseTypes, extensions);
		request.refresh = tokenRequest;
		return request;
	}

	/**
	 * @return true if this request is known to be for a token to be refreshed
	 */
	public boolean isRefresh() {
		return refresh != null;
	}

	/**
	 * If this request was for an access token to be refreshed, then the {@link TokenRequest} that led to the refresh
	 * may be available here if it is known.
	 * 
	 * @return the refresh token request (may be null)
	 */
	public TokenRequest getRefreshTokenRequest() {
		return refresh;
	}

	/**
	 * Tries to discover the grant type requested for the token associated with this request.
	 * 
	 * @return the grant type if known, or null otherwise
	 */
	public String getGrantType() {
		if (getRequestParameters().containsKey(OAuth2Utils.GRANT_TYPE)) {
			return getRequestParameters().get(OAuth2Utils.GRANT_TYPE);
		}
		if (getRequestParameters().containsKey(OAuth2Utils.RESPONSE_TYPE)) {
			String response = getRequestParameters().get(OAuth2Utils.RESPONSE_TYPE);
			if (response.contains("token")) {
				return "implicit";
			}
		}
		return null;
	}

	@Override
	public int hashCode() {
		final int prime = 31;
		int result = super.hashCode();
		result = prime * result + (approved ? 1231 : 1237);
		result = prime * result + ((authorities == null) ? 0 : authorities.hashCode());
		result = prime * result + ((extensions == null) ? 0 : extensions.hashCode());
		result = prime * result + ((redirectUri == null) ? 0 : redirectUri.hashCode());
		result = prime * result + ((resourceIds == null) ? 0 : resourceIds.hashCode());
		result = prime * result + ((responseTypes == null) ? 0 : responseTypes.hashCode());
		return result;
	}

	@Override
	public boolean equals(Object obj) {
		if (this == obj)
			return true;
		if (!super.equals(obj))
			return false;
		if (getClass() != obj.getClass())
			return false;
		OAuth2Request other = (OAuth2Request) obj;
		if (approved != other.approved)
			return false;
		if (authorities == null) {
			if (other.authorities != null)
				return false;
		}
		else if (!authorities.equals(other.authorities))
			return false;
		if (extensions == null) {
			if (other.extensions != null)
				return false;
		}
		else if (!extensions.equals(other.extensions))
			return false;
		if (redirectUri == null) {
			if (other.redirectUri != null)
				return false;
		}
		else if (!redirectUri.equals(other.redirectUri))
			return false;
		if (resourceIds == null) {
			if (other.resourceIds != null)
				return false;
		}
		else if (!resourceIds.equals(other.resourceIds))
			return false;
		if (responseTypes == null) {
			if (other.responseTypes != null)
				return false;
		}
		else if (!responseTypes.equals(other.responseTypes))
			return false;
		return true;
	}

}