private void validateClientCredentialsGrantType() { Assert.isTrue(AuthorizationGrantType.CLIENT_CREDENTIALS.equals(this.authorizationGrantType), () -> "authorizationGrantType must be " + AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); Assert.hasText(this.registrationId, "registrationId cannot be empty"); Assert.hasText(this.clientId, "clientId cannot be empty"); Assert.hasText(this.tokenUri, "tokenUri cannot be empty"); }
@Test(expected = IllegalArgumentException.class) public void constructorWhenValueIsNullThenThrowIllegalArgumentException() { new AuthorizationGrantType(null); }
@Override public int hashCode() { return this.getValue().hashCode(); } }
private Builder(AuthorizationGrantType authorizationGrantType) { Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null"); this.authorizationGrantType = authorizationGrantType; if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(authorizationGrantType)) { this.responseType = OAuth2AuthorizationResponseType.CODE; } else if (AuthorizationGrantType.IMPLICIT.equals(authorizationGrantType)) { this.responseType = OAuth2AuthorizationResponseType.TOKEN; } }
/** * Constructs an {@code OAuth2ClientCredentialsGrantRequest} using the provided parameters. * * @param clientRegistration the client registration */ public OAuth2ClientCredentialsGrantRequest(ClientRegistration clientRegistration) { super(AuthorizationGrantType.CLIENT_CREDENTIALS); Assert.notNull(clientRegistration, "clientRegistration cannot be null"); Assert.isTrue(AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType()), "clientRegistration.authorizationGrantType must be AuthorizationGrantType.CLIENT_CREDENTIALS"); this.clientRegistration = clientRegistration; }
private void validateImplicitGrantType() { Assert.isTrue(AuthorizationGrantType.IMPLICIT.equals(this.authorizationGrantType), () -> "authorizationGrantType must be " + AuthorizationGrantType.IMPLICIT.getValue()); Assert.hasText(this.registrationId, "registrationId cannot be empty"); Assert.hasText(this.clientId, "clientId cannot be empty"); Assert.hasText(this.redirectUriTemplate, "redirectUriTemplate cannot be empty"); Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty"); }
private static BodyInserters.FormInserter<String> refreshTokenBody(String refreshToken) { return BodyInserters .fromFormData("grant_type", AuthorizationGrantType.REFRESH_TOKEN.getValue()) .with("refresh_token", refreshToken); }
private boolean isClientCredentialsGrantType(ClientRegistration clientRegistration) { return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType()); }
private AuthorizationGrantType toAuthorizationGrantType(OidcClient oidcClient) { AuthorizationGrantType authorizationGrantType; String oidcClientAuthorizationGrantType = oidcClient.getAuthorizationGrantType(); switch (oidcClientAuthorizationGrantType) { case "authorization_code": authorizationGrantType = AuthorizationGrantType.AUTHORIZATION_CODE; break; case "implicit": authorizationGrantType = AuthorizationGrantType.IMPLICIT; break; default: authorizationGrantType = new AuthorizationGrantType(oidcClientAuthorizationGrantType); break; } return authorizationGrantType; } }
private void validateAuthorizationCodeGrantType() { Assert.isTrue(AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType), () -> "authorizationGrantType must be " + AuthorizationGrantType.AUTHORIZATION_CODE.getValue()); Assert.hasText(this.registrationId, "registrationId cannot be empty"); Assert.hasText(this.clientId, "clientId cannot be empty"); Assert.hasText(this.redirectUriTemplate, "redirectUriTemplate cannot be empty"); Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty"); Assert.hasText(this.tokenUri, "tokenUri cannot be empty"); }
private static BodyInserters.FormInserter<String> refreshTokenBody(String refreshToken) { return BodyInserters .fromFormData("grant_type", AuthorizationGrantType.REFRESH_TOKEN.getValue()) .with("refresh_token", refreshToken); } }
private boolean isClientCredentialsGrantType(ClientRegistration clientRegistration) { return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType()); }
if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(clientRegistration.getAuthorizationGrantType())) { builder = OAuth2AuthorizationRequest.authorizationCode(); } else if (AuthorizationGrantType.IMPLICIT.equals(clientRegistration.getAuthorizationGrantType())) { builder = OAuth2AuthorizationRequest.implicit(); } else { throw new IllegalArgumentException("Invalid Authorization Grant Type (" + clientRegistration.getAuthorizationGrantType().getValue() + ") for Client Registration with Id: " + clientRegistration.getRegistrationId());
@Test public void getValueWhenRefreshTokenGrantTypeThenReturnRefreshToken() { assertThat(AuthorizationGrantType.REFRESH_TOKEN.getValue()).isEqualTo("refresh_token"); } }
/** * Builds a new {@link OAuth2AuthorizationRequest}. * * @return a {@link OAuth2AuthorizationRequest} */ public OAuth2AuthorizationRequest build() { Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty"); Assert.hasText(this.clientId, "clientId cannot be empty"); if (AuthorizationGrantType.IMPLICIT.equals(this.authorizationGrantType)) { Assert.hasText(this.redirectUri, "redirectUri cannot be empty"); } OAuth2AuthorizationRequest authorizationRequest = new OAuth2AuthorizationRequest(); authorizationRequest.authorizationUri = this.authorizationUri; authorizationRequest.authorizationGrantType = this.authorizationGrantType; authorizationRequest.responseType = this.responseType; authorizationRequest.clientId = this.clientId; authorizationRequest.redirectUri = this.redirectUri; authorizationRequest.state = this.state; authorizationRequest.scopes = Collections.unmodifiableSet( CollectionUtils.isEmpty(this.scopes) ? Collections.emptySet() : new LinkedHashSet<>(this.scopes)); authorizationRequest.additionalParameters = Collections.unmodifiableMap( CollectionUtils.isEmpty(this.additionalParameters) ? Collections.emptyMap() : new LinkedHashMap<>(this.additionalParameters)); authorizationRequest.authorizationRequestUri = StringUtils.hasText(this.authorizationRequestUri) ? this.authorizationRequestUri : this.buildAuthorizationRequestUri(); return authorizationRequest; }
private OAuth2AuthorizationRequest authorizationRequest(ServerWebExchange exchange, ClientRegistration clientRegistration) { String redirectUriStr = this .expandRedirectUri(exchange.getRequest(), clientRegistration); Map<String, Object> additionalParameters = new HashMap<>(); additionalParameters.put(OAuth2ParameterNames.REGISTRATION_ID, clientRegistration.getRegistrationId()); OAuth2AuthorizationRequest.Builder builder; if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(clientRegistration.getAuthorizationGrantType())) { builder = OAuth2AuthorizationRequest.authorizationCode(); } else if (AuthorizationGrantType.IMPLICIT.equals(clientRegistration.getAuthorizationGrantType())) { builder = OAuth2AuthorizationRequest.implicit(); } else { throw new IllegalArgumentException( "Invalid Authorization Grant Type (" + clientRegistration.getAuthorizationGrantType().getValue() + ") for Client Registration with Id: " + clientRegistration.getRegistrationId()); } return builder .clientId(clientRegistration.getClientId()) .authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()) .redirectUri(redirectUriStr).scopes(clientRegistration.getScopes()) .state(this.stateGenerator.generateKey()) .additionalParameters(additionalParameters) .build(); }
@Test public void getValueWhenAuthorizationCodeGrantTypeThenReturnAuthorizationCode() { assertThat(AuthorizationGrantType.AUTHORIZATION_CODE.getValue()).isEqualTo("authorization_code"); }
/** * Builds a new {@link ClientRegistration}. * * @return a {@link ClientRegistration} */ public ClientRegistration build() { Assert.notNull(this.authorizationGrantType, "authorizationGrantType cannot be null"); if (AuthorizationGrantType.CLIENT_CREDENTIALS.equals(this.authorizationGrantType)) { this.validateClientCredentialsGrantType(); } else if (AuthorizationGrantType.IMPLICIT.equals(this.authorizationGrantType)) { this.validateImplicitGrantType(); } else { this.validateAuthorizationCodeGrantType(); } this.validateScopes(); return this.create(); }
private void validateClientCredentialsGrantType() { Assert.isTrue(AuthorizationGrantType.CLIENT_CREDENTIALS.equals(this.authorizationGrantType), () -> "authorizationGrantType must be " + AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); Assert.hasText(this.registrationId, "registrationId cannot be empty"); Assert.hasText(this.clientId, "clientId cannot be empty"); Assert.hasText(this.tokenUri, "tokenUri cannot be empty"); } }