Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk;
019
020
021import com.nimbusds.oauth2.sdk.auth.Secret;
022import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
023import net.jcip.annotations.Immutable;
024
025import java.util.*;
026
027
028/**
029 * Resource owner password credentials grant. Used in access token requests
030 * with the resource owner's username and password.
031 *
032 * <p>Related specifications:
033 *
034 * <ul>
035 *     <li>OAuth 2.0 (RFC 6749)
036 * </ul>
037 */
038@Immutable
039public class ResourceOwnerPasswordCredentialsGrant extends AuthorizationGrant {
040
041
042        /**
043         * The grant type.
044         */
045        public static final GrantType GRANT_TYPE = GrantType.PASSWORD;
046
047
048        /**
049         * The username.
050         */
051        private final String username;
052
053
054        /**
055         * The password.
056         */
057        private final Secret password;
058
059
060        /**
061         * Creates a new resource owner password credentials grant.
062         *
063         * @param username The resource owner's username. Must not be
064         *                 {@code null}.
065         * @param password The resource owner's password. Must not be
066         *                 {@code null}.
067         */
068        public ResourceOwnerPasswordCredentialsGrant(final String username,
069                                                     final Secret password) {
070
071                super(GRANT_TYPE);
072                this.username = Objects.requireNonNull(username);
073                this.password = Objects.requireNonNull(password);
074        }
075
076
077        /**
078         * Gets the resource owner's username.
079         *
080         * @return The username.
081         */
082        public String getUsername() {
083
084                return username;
085        }
086
087
088        /**
089         * Gets the resource owner's password.
090         *
091         * @return The password.
092         */
093        public Secret getPassword() {
094
095                return password;
096        }
097
098
099        @Override
100        public Map<String,List<String>> toParameters() {
101
102                Map<String,List<String>> params = new LinkedHashMap<>();
103                params.put("grant_type", Collections.singletonList(GRANT_TYPE.getValue()));
104                params.put("username", Collections.singletonList(username));
105                params.put("password", Collections.singletonList(password.getValue()));
106                return params;
107        }
108
109
110        @Override
111        public boolean equals(Object o) {
112                if (this == o) return true;
113                if (o == null || getClass() != o.getClass()) return false;
114                ResourceOwnerPasswordCredentialsGrant that = (ResourceOwnerPasswordCredentialsGrant) o;
115                if (!username.equals(that.username)) return false;
116                return password.equals(that.password);
117        }
118
119
120        @Override
121        public int hashCode() {
122                int result = username.hashCode();
123                result = 31 * result + password.hashCode();
124                return result;
125        }
126
127
128        /**
129         * Parses a resource owner password credentials grant from the
130         * specified request body parameters.
131         *
132         * <p>Example:
133         *
134         * <pre>
135         * grant_type=password
136         * username=johndoe
137         * password=A3ddj3w
138         * </pre>
139         *
140         * @param params The parameters.
141         *
142         * @return The resource owner password credentials grant.
143         *
144         * @throws ParseException If parsing failed.
145         */
146        public static ResourceOwnerPasswordCredentialsGrant parse(final Map<String,List<String>> params)
147                throws ParseException {
148                
149                GrantType.ensure(GRANT_TYPE, params);
150
151                // Parse the username
152                String username = MultivaluedMapUtils.getFirstValue(params, "username");
153
154                if (username == null || username.trim().isEmpty()) {
155                        String msg = "Missing or empty username parameter";
156                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
157                }
158
159                // Parse the password
160                String passwordString = MultivaluedMapUtils.getFirstValue(params, "password");
161
162                if (passwordString == null || passwordString.trim().isEmpty()) {
163                        String msg = "Missing or empty password parameter";
164                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
165                }
166
167                Secret password = new Secret(passwordString);
168
169                return new ResourceOwnerPasswordCredentialsGrant(username, password);
170        }
171}