001package com.nimbusds.oauth2.sdk; 002 003 004import net.jcip.annotations.Immutable; 005 006import com.nimbusds.oauth2.sdk.id.Identifier; 007 008 009/** 010 * Authorisation grant type. 011 */ 012@Immutable 013public final class GrantType extends Identifier { 014 015 016 /** 017 * Authorisation code. Client authentication required only for 018 * confidential clients. 019 */ 020 public static final GrantType AUTHORIZATION_CODE = new GrantType("authorization_code", false, true); 021 022 023 /** 024 * Implicit. Client authentication is not performed (except for signed 025 * OpenID Connect authentication requests). 026 */ 027 public static final GrantType IMPLICIT = new GrantType("implicit", false, true); 028 029 030 /** 031 * Refresh token. Client authentication required only for confidential 032 * clients. 033 */ 034 public static final GrantType REFRESH_TOKEN = new GrantType("refresh_token", false, false); 035 036 037 /** 038 * Password. Client authentication required only for confidential 039 * clients. 040 */ 041 public static final GrantType PASSWORD = new GrantType("password", false, false); 042 043 044 /** 045 * Client credentials. Client authentication is required. 046 */ 047 public static final GrantType CLIENT_CREDENTIALS = new GrantType("client_credentials", true, true); 048 049 050 /** 051 * JWT bearer, as defined in draft-ietf-oauth-jwt-bearer-10. Explicit 052 * client authentication is optional. 053 */ 054 public static final GrantType JWT_BEARER = new GrantType("urn:ietf:params:oauth:grant-type:jwt-bearer", false, false); 055 056 057 /** 058 * SAML 2.0 bearer, as defined in draft-ietf-oauth-saml2-bearer-21. 059 * Explicit client authentication is optional. 060 */ 061 public static final GrantType SAML2_BEARER = new GrantType("urn:ietf:params:oauth:grant-type:saml2-bearer", false, false); 062 063 064 /** 065 * The client authentication requirement for this grant type. 066 */ 067 private final boolean requiresClientAuth; 068 069 070 /** 071 * The client identifier requirement for this grant type. 072 */ 073 private final boolean requiresClientID; 074 075 076 /** 077 * Creates a new OAuth 2.0 authorisation grant type with the specified 078 * value. The client authentication requirement is set to 079 * {@code false}. So is the client identifier requirement. 080 * 081 * @param value The authorisation grant type value. Must not be 082 * {@code null} or empty string. 083 */ 084 public GrantType(final String value) { 085 086 this(value, false, false); 087 } 088 089 090 /** 091 * Creates a new OAuth 2.0 authorisation grant type with the specified 092 * value. 093 * 094 * @param value The authorisation grant type value. Must 095 * not be {@code null} or empty string. 096 * @param requiresClientAuth The client authentication requirement. 097 * @param requiresClientID The client identifier requirement. 098 */ 099 private GrantType(final String value, 100 final boolean requiresClientAuth, 101 final boolean requiresClientID) { 102 103 super(value); 104 this.requiresClientAuth = requiresClientAuth; 105 this.requiresClientID = requiresClientID; 106 } 107 108 109 /** 110 * Gets the client authentication requirement. 111 * 112 * @return {@code true} if explicit client authentication is always 113 * required for this grant type, else {@code false}. 114 */ 115 public boolean requiresClientAuthentication() { 116 117 return requiresClientAuth; 118 } 119 120 121 /** 122 * Gets the client identifier requirement. 123 * 124 * @return {@code true} if a client identifier must always be 125 * communicated for this grant type (either as part of the 126 * client authentication, or as a parameter in the token 127 * request body), else {@code false}. 128 */ 129 public boolean requiresClientID() { 130 131 return requiresClientID; 132 } 133 134 135 @Override 136 public boolean equals(final Object object) { 137 138 return object instanceof GrantType && this.toString().equals(object.toString()); 139 } 140 141 142 /** 143 * Parses a grant type from the specified string. 144 * 145 * @param value The string to parse. 146 * 147 * @return The grant type. 148 * 149 * @throws ParseException If string is {@code null}, blank or empty. 150 */ 151 public static GrantType parse(final String value) 152 throws ParseException { 153 154 GrantType grantType; 155 156 try { 157 grantType = new GrantType(value); 158 159 } catch (IllegalArgumentException e) { 160 161 throw new ParseException(e.getMessage()); 162 } 163 164 if (grantType.equals(GrantType.AUTHORIZATION_CODE)) { 165 166 return GrantType.AUTHORIZATION_CODE; 167 168 } else if (grantType.equals(GrantType.IMPLICIT)) { 169 170 return GrantType.IMPLICIT; 171 172 } else if (grantType.equals(GrantType.REFRESH_TOKEN)) { 173 174 return GrantType.REFRESH_TOKEN; 175 176 } else if (grantType.equals(GrantType.PASSWORD)) { 177 178 return GrantType.PASSWORD; 179 180 } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) { 181 182 return GrantType.CLIENT_CREDENTIALS; 183 184 } else if (grantType.equals(GrantType.JWT_BEARER)) { 185 186 return GrantType.JWT_BEARER; 187 188 } else if (grantType.equals(GrantType.SAML2_BEARER)) { 189 190 return GrantType.SAML2_BEARER; 191 192 } else { 193 194 return grantType; 195 } 196 } 197}