Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk;
019
020
021import com.nimbusds.oauth2.sdk.ciba.CIBAGrant;
022import com.nimbusds.oauth2.sdk.device.DeviceCodeGrant;
023import com.nimbusds.oauth2.sdk.tokenexchange.TokenExchangeGrant;
024import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
025
026import java.util.List;
027import java.util.Map;
028import java.util.Objects;
029
030
031/**
032 * Authorisation grant. Extending classes should be immutable.
033 *
034 * <p>Supported authorisation grant types:
035 *
036 * <ul>
037 *     <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code}
038 *     <li>{@link GrantType#PASSWORD Resource owner password credentials}
039 *     <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials}
040 *     <li>{@link GrantType#REFRESH_TOKEN Refresh token}
041 *     <li>{@link GrantType#JWT_BEARER}
042 *     <li>{@link GrantType#SAML2_BEARER}
043 *     <li>{@link GrantType#DEVICE_CODE}
044 *     <li>{@link GrantType#CIBA}
045 *     <li>{@link GrantType#TOKEN_EXCHANGE}
046 * </ul>
047 *
048 * <p>Related specifications:
049 *
050 * <ul>
051 *     <li>OAuth 2.0 (RFC 6749)
052 * </ul>
053 */
054public abstract class AuthorizationGrant {
055
056
057        /**
058         * The authorisation grant type.
059         */
060        private final GrantType type;
061
062
063        /**
064         * Creates a new authorisation grant.
065         *
066         * @param type               The authorisation grant type. Must not be
067         *                           {@code null}.
068         */
069        protected AuthorizationGrant(final GrantType type) {
070                this.type = Objects.requireNonNull(type);
071        }
072
073
074        /**
075         * Gets the authorisation grant type.
076         *
077         * @return The authorisation grant type.
078         */
079        public GrantType getType() {
080
081                return type;
082        }
083
084
085        /**
086         * Returns the request body parameters for the authorisation grant.
087         *
088         * @return The parameters.
089         */
090        public abstract Map<String,List<String>> toParameters();
091
092
093        /**
094         * Parses an authorisation grant from the specified request body
095         * parameters.
096         *
097         * @param params The request body parameters. Must not be {@code null}.
098         *
099         * @return The authorisation grant.
100         *
101         * @throws ParseException If parsing failed or the grant type is not
102         *                        supported.
103         */
104        public static AuthorizationGrant parse(final Map<String,List<String>> params)
105                throws ParseException {
106
107                // Parse grant type
108                String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type");
109
110                if (grantTypeString == null) {
111                        String msg = "Missing grant_type parameter";
112                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
113                }
114
115                GrantType grantType;
116                try {
117                        grantType = GrantType.parse(grantTypeString);
118                } catch (ParseException e) {
119                        String msg = "Invalid grant type: " + e.getMessage();
120                        throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg));
121                }
122
123                if (grantType.equals(GrantType.AUTHORIZATION_CODE)) {
124
125                        return AuthorizationCodeGrant.parse(params);
126
127                } else if (grantType.equals(GrantType.REFRESH_TOKEN)) {
128
129                        return RefreshTokenGrant.parse(params);
130                        
131                } else if (grantType.equals(GrantType.PASSWORD)) {
132
133                        return ResourceOwnerPasswordCredentialsGrant.parse(params);
134
135                } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) {
136
137                        return ClientCredentialsGrant.parse(params);
138
139                } else if (grantType.equals(GrantType.JWT_BEARER)) {
140
141                        return JWTBearerGrant.parse(params);
142
143                } else if (grantType.equals(GrantType.SAML2_BEARER)) {
144
145                        return SAML2BearerGrant.parse(params);
146
147                } else if (grantType.equals(GrantType.DEVICE_CODE)) {
148
149                        return DeviceCodeGrant.parse(params);
150
151                } else if (grantType.equals(GrantType.CIBA)) {
152
153                        return CIBAGrant.parse(params);
154
155                } else if (grantType.equals(GrantType.TOKEN_EXCHANGE)) {
156
157                        return TokenExchangeGrant.parse(params);
158
159                } else {
160
161                        throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE);
162                }
163        }
164}