Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk;
019
020
021import java.util.List;
022import java.util.Map;
023
024import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
025
026
027/**
028 * Authorisation grant. Extending classes should be immutable.
029 *
030 * <p>Supported authorisation grant types:
031 *
032 * <ul>
033 *     <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code}
034 *     <li>{@link GrantType#PASSWORD Resource owner password credentials}
035 *     <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials}
036 *     <li>{@link GrantType#REFRESH_TOKEN Refresh token}
037 *     <li>{@link GrantType#JWT_BEARER}
038 *     <li>{@link GrantType#SAML2_BEARER}
039 * </ul>
040 *
041 * <p>Related specifications:
042 *
043 * <ul>
044 *     <li>OAuth 2.0 (RFC 6749), sections 1.3.
045 * </ul>
046 */
047public abstract class AuthorizationGrant {
048
049
050        /**
051         * The authorisation grant type.
052         */
053        private final GrantType type;
054
055
056        /**
057         * Creates a new authorisation grant.
058         *
059         * @param type               The authorisation grant type. Must not be
060         *                           {@code null}.
061         */
062        protected AuthorizationGrant(final GrantType type) {
063
064                if (type == null)
065                        throw new IllegalArgumentException("The grant type must not be null");
066
067                this.type = type;
068        }
069
070
071        /**
072         * Gets the authorisation grant type.
073         *
074         * @return The authorisation grant type.
075         */
076        public GrantType getType() {
077
078                return type;
079        }
080
081
082        /**
083         * Returns the request body parameters for the authorisation grant.
084         *
085         * @return The parameters.
086         */
087        public abstract Map<String,List<String>> toParameters();
088
089
090        /**
091         * Parses an authorisation grant from the specified request body
092         * parameters.
093         *
094         * @param params The request body parameters. Must not be {@code null}.
095         *
096         * @return The authorisation grant.
097         *
098         * @throws ParseException If parsing failed or the grant type is not
099         *                        supported.
100         */
101        public static AuthorizationGrant parse(final Map<String,List<String>> params)
102                throws ParseException {
103
104                // Parse grant type
105                String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type");
106
107                if (grantTypeString == null) {
108                        String msg = "Missing \"grant_type\" parameter";
109                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
110                }
111
112                GrantType grantType;
113                try {
114                        grantType = GrantType.parse(grantTypeString);
115                } catch (ParseException e) {
116                        String msg = "Invalid grant type: " + e.getMessage();
117                        throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg));
118                }
119
120                if (grantType.equals(GrantType.AUTHORIZATION_CODE)) {
121
122                        return AuthorizationCodeGrant.parse(params);
123
124                } else if (grantType.equals(GrantType.REFRESH_TOKEN)) {
125
126                        return RefreshTokenGrant.parse(params);
127                        
128                } else if (grantType.equals(GrantType.PASSWORD)) {
129
130                        return ResourceOwnerPasswordCredentialsGrant.parse(params);
131
132                } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) {
133
134                        return ClientCredentialsGrant.parse(params);
135
136                } else if (grantType.equals(GrantType.JWT_BEARER)) {
137
138                        return JWTBearerGrant.parse(params);
139
140                } else if (grantType.equals(GrantType.SAML2_BEARER)) {
141
142                        return SAML2BearerGrant.parse(params);
143
144                } else {
145
146                        throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE);
147                }
148        }
149}