001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import java.util.Collections; 022import java.util.LinkedHashMap; 023import java.util.List; 024import java.util.Map; 025 026import net.jcip.annotations.Immutable; 027 028import com.nimbusds.oauth2.sdk.auth.Secret; 029import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils; 030 031 032/** 033 * Resource owner password credentials grant. Used in access token requests 034 * with the resource owner's username and password. 035 * 036 * <p>Related specifications: 037 * 038 * <ul> 039 * <li>OAuth 2.0 (RFC 6749), section 4.3.2. 040 * </ul> 041 */ 042@Immutable 043public class ResourceOwnerPasswordCredentialsGrant extends AuthorizationGrant { 044 045 046 /** 047 * The grant type. 048 */ 049 public static final GrantType GRANT_TYPE = GrantType.PASSWORD; 050 051 052 /** 053 * The username. 054 */ 055 private final String username; 056 057 058 /** 059 * The password. 060 */ 061 private final Secret password; 062 063 064 /** 065 * Creates a new resource owner password credentials grant. 066 * 067 * @param username The resource owner's username. Must not be 068 * {@code null}. 069 * @param password The resource owner's password. Must not be 070 * {@code null}. 071 */ 072 public ResourceOwnerPasswordCredentialsGrant(final String username, 073 final Secret password) { 074 075 super(GRANT_TYPE); 076 077 if (username == null) 078 throw new IllegalArgumentException("The username must not be null"); 079 080 this.username = username; 081 082 if (password == null) 083 throw new IllegalArgumentException("The password must not be null"); 084 085 this.password = password; 086 } 087 088 089 /** 090 * Gets the resource owner's username. 091 * 092 * @return The username. 093 */ 094 public String getUsername() { 095 096 return username; 097 } 098 099 100 /** 101 * Gets the resource owner's password. 102 * 103 * @return The password. 104 */ 105 public Secret getPassword() { 106 107 return password; 108 } 109 110 111 @Override 112 public Map<String,List<String>> toParameters() { 113 114 Map<String,List<String>> params = new LinkedHashMap<>(); 115 params.put("grant_type", Collections.singletonList(GRANT_TYPE.getValue())); 116 params.put("username", Collections.singletonList(username)); 117 params.put("password", Collections.singletonList(password.getValue())); 118 return params; 119 } 120 121 122 @Override 123 public boolean equals(Object o) { 124 if (this == o) return true; 125 if (o == null || getClass() != o.getClass()) return false; 126 ResourceOwnerPasswordCredentialsGrant that = (ResourceOwnerPasswordCredentialsGrant) o; 127 if (!username.equals(that.username)) return false; 128 return password.equals(that.password); 129 } 130 131 132 @Override 133 public int hashCode() { 134 int result = username.hashCode(); 135 result = 31 * result + password.hashCode(); 136 return result; 137 } 138 139 140 /** 141 * Parses a resource owner password credentials grant from the 142 * specified request body parameters. 143 * 144 * <p>Example: 145 * 146 * <pre> 147 * grant_type=password 148 * username=johndoe 149 * password=A3ddj3w 150 * </pre> 151 * 152 * @param params The parameters. 153 * 154 * @return The resource owner password credentials grant. 155 * 156 * @throws ParseException If parsing failed. 157 */ 158 public static ResourceOwnerPasswordCredentialsGrant parse(final Map<String,List<String>> params) 159 throws ParseException { 160 161 GrantType.ensure(GRANT_TYPE, params); 162 163 // Parse the username 164 String username = MultivaluedMapUtils.getFirstValue(params, "username"); 165 166 if (username == null || username.trim().isEmpty()) { 167 String msg = "Missing or empty username parameter"; 168 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 169 } 170 171 // Parse the password 172 String passwordString = MultivaluedMapUtils.getFirstValue(params, "password"); 173 174 if (passwordString == null || passwordString.trim().isEmpty()) { 175 String msg = "Missing or empty password parameter"; 176 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 177 } 178 179 Secret password = new Secret(passwordString); 180 181 return new ResourceOwnerPasswordCredentialsGrant(username, password); 182 } 183}