001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import java.util.Map; 022 023 024/** 025 * Authorisation grant. Extending classes should be immutable. 026 * 027 * <p>Supported authorisation grant types: 028 * 029 * <ul> 030 * <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code} 031 * <li>{@link GrantType#PASSWORD Resource owner password credentials} 032 * <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials} 033 * <li>{@link GrantType#REFRESH_TOKEN Refresh token} 034 * <li>{@link GrantType#JWT_BEARER} 035 * <li>{@link GrantType#SAML2_BEARER} 036 * </ul> 037 * 038 * <p>Related specifications: 039 * 040 * <ul> 041 * <li>OAuth 2.0 (RFC 6749), sections 1.3. 042 * </ul> 043 */ 044public abstract class AuthorizationGrant { 045 046 047 /** 048 * The authorisation grant type. 049 */ 050 private final GrantType type; 051 052 053 /** 054 * Creates a new authorisation grant. 055 * 056 * @param type The authorisation grant type. Must not be 057 * {@code null}. 058 */ 059 protected AuthorizationGrant(final GrantType type) { 060 061 if (type == null) 062 throw new IllegalArgumentException("The grant type must not be null"); 063 064 this.type = type; 065 } 066 067 068 /** 069 * Gets the authorisation grant type. 070 * 071 * @return The authorisation grant type. 072 */ 073 public GrantType getType() { 074 075 return type; 076 } 077 078 079 /** 080 * Return the parameters for the authorisation grant. 081 * 082 * @return The parameters. 083 */ 084 public abstract Map<String,String> toParameters(); 085 086 087 /** 088 * Parses an authorisation grant from the specified parameters. 089 * 090 * @param params The parameters. Must not be {@code null}. 091 * 092 * @return The authorisation grant. 093 * 094 * @throws ParseException If parsing failed or the grant type is not 095 * supported. 096 */ 097 public static AuthorizationGrant parse(final Map<String,String> params) 098 throws ParseException { 099 100 // Parse grant type 101 String grantTypeString = params.get("grant_type"); 102 103 if (grantTypeString == null) { 104 String msg = "Missing \"grant_type\" parameter"; 105 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 106 } 107 108 GrantType grantType; 109 try { 110 grantType = GrantType.parse(grantTypeString); 111 } catch (ParseException e) { 112 String msg = "Invalid grant type: " + e.getMessage(); 113 throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg)); 114 } 115 116 if (grantType.equals(GrantType.AUTHORIZATION_CODE)) { 117 118 return AuthorizationCodeGrant.parse(params); 119 120 } else if (grantType.equals(GrantType.REFRESH_TOKEN)) { 121 122 return RefreshTokenGrant.parse(params); 123 124 } else if (grantType.equals(GrantType.PASSWORD)) { 125 126 return ResourceOwnerPasswordCredentialsGrant.parse(params); 127 128 } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) { 129 130 return ClientCredentialsGrant.parse(params); 131 132 } else if (grantType.equals(GrantType.JWT_BEARER)) { 133 134 return JWTBearerGrant.parse(params); 135 136 } else if (grantType.equals(GrantType.SAML2_BEARER)) { 137 138 return SAML2BearerGrant.parse(params); 139 140 } else { 141 142 throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE); 143 } 144 } 145}