Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk;
019
020
021import java.util.List;
022import java.util.Map;
023
024import com.nimbusds.oauth2.sdk.ciba.CIBAGrant;
025import com.nimbusds.oauth2.sdk.device.DeviceCodeGrant;
026import com.nimbusds.oauth2.sdk.tokenexchange.TokenExchangeGrant;
027import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
028
029
030/**
031 * Authorisation grant. Extending classes should be immutable.
032 *
033 * <p>Supported authorisation grant types:
034 *
035 * <ul>
036 *     <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code}
037 *     <li>{@link GrantType#PASSWORD Resource owner password credentials}
038 *     <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials}
039 *     <li>{@link GrantType#REFRESH_TOKEN Refresh token}
040 *     <li>{@link GrantType#JWT_BEARER}
041 *     <li>{@link GrantType#SAML2_BEARER}
042 *     <li>{@link GrantType#DEVICE_CODE}
043 *     <li>{@link GrantType#CIBA}
044 *     <li>{@link GrantType#TOKEN_EXCHANGE}
045 * </ul>
046 *
047 * <p>Related specifications:
048 *
049 * <ul>
050 *     <li>OAuth 2.0 (RFC 6749), sections 1.3.
051 * </ul>
052 */
053public abstract class AuthorizationGrant {
054
055
056        /**
057         * The authorisation grant type.
058         */
059        private final GrantType type;
060
061
062        /**
063         * Creates a new authorisation grant.
064         *
065         * @param type               The authorisation grant type. Must not be
066         *                           {@code null}.
067         */
068        protected AuthorizationGrant(final GrantType type) {
069
070                if (type == null)
071                        throw new IllegalArgumentException("The grant type must not be null");
072
073                this.type = type;
074        }
075
076
077        /**
078         * Gets the authorisation grant type.
079         *
080         * @return The authorisation grant type.
081         */
082        public GrantType getType() {
083
084                return type;
085        }
086
087
088        /**
089         * Returns the request body parameters for the authorisation grant.
090         *
091         * @return The parameters.
092         */
093        public abstract Map<String,List<String>> toParameters();
094
095
096        /**
097         * Parses an authorisation grant from the specified request body
098         * parameters.
099         *
100         * @param params The request body parameters. Must not be {@code null}.
101         *
102         * @return The authorisation grant.
103         *
104         * @throws ParseException If parsing failed or the grant type is not
105         *                        supported.
106         */
107        public static AuthorizationGrant parse(final Map<String,List<String>> params)
108                throws ParseException {
109
110                // Parse grant type
111                String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type");
112
113                if (grantTypeString == null) {
114                        String msg = "Missing grant_type parameter";
115                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
116                }
117
118                GrantType grantType;
119                try {
120                        grantType = GrantType.parse(grantTypeString);
121                } catch (ParseException e) {
122                        String msg = "Invalid grant type: " + e.getMessage();
123                        throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg));
124                }
125
126                if (grantType.equals(GrantType.AUTHORIZATION_CODE)) {
127
128                        return AuthorizationCodeGrant.parse(params);
129
130                } else if (grantType.equals(GrantType.REFRESH_TOKEN)) {
131
132                        return RefreshTokenGrant.parse(params);
133                        
134                } else if (grantType.equals(GrantType.PASSWORD)) {
135
136                        return ResourceOwnerPasswordCredentialsGrant.parse(params);
137
138                } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) {
139
140                        return ClientCredentialsGrant.parse(params);
141
142                } else if (grantType.equals(GrantType.JWT_BEARER)) {
143
144                        return JWTBearerGrant.parse(params);
145
146                } else if (grantType.equals(GrantType.SAML2_BEARER)) {
147
148                        return SAML2BearerGrant.parse(params);
149
150                } else if (grantType.equals(GrantType.DEVICE_CODE)) {
151
152                        return DeviceCodeGrant.parse(params);
153
154                } else if (grantType.equals(GrantType.CIBA)) {
155
156                        return CIBAGrant.parse(params);
157
158                } else if (grantType.equals(GrantType.TOKEN_EXCHANGE)) {
159
160                        return TokenExchangeGrant.parse(params);
161
162                } else {
163
164                        throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE);
165                }
166        }
167}