001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import java.util.Collections; 022import java.util.LinkedHashMap; 023import java.util.List; 024import java.util.Map; 025 026import com.nimbusds.oauth2.sdk.auth.Secret; 027import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils; 028import net.jcip.annotations.Immutable; 029 030 031/** 032 * Resource owner password credentials grant. Used in access token requests 033 * with the resource owner's username and password. 034 * 035 * <p>Related specifications: 036 * 037 * <ul> 038 * <li>OAuth 2.0 (RFC 6749), section 4.3.2. 039 * </ul> 040 */ 041@Immutable 042public class ResourceOwnerPasswordCredentialsGrant extends AuthorizationGrant { 043 044 045 /** 046 * The grant type. 047 */ 048 public static final GrantType GRANT_TYPE = GrantType.PASSWORD; 049 050 051 /** 052 * The username. 053 */ 054 private final String username; 055 056 057 /** 058 * The password. 059 */ 060 private final Secret password; 061 062 063 /** 064 * Creates a new resource owner password credentials grant. 065 * 066 * @param username The resource owner's username. Must not be 067 * {@code null}. 068 * @param password The resource owner's password. Must not be 069 * {@code null}. 070 */ 071 public ResourceOwnerPasswordCredentialsGrant(final String username, 072 final Secret password) { 073 074 super(GRANT_TYPE); 075 076 if (username == null) 077 throw new IllegalArgumentException("The username must not be null"); 078 079 this.username = username; 080 081 if (password == null) 082 throw new IllegalArgumentException("The password must not be null"); 083 084 this.password = password; 085 } 086 087 088 /** 089 * Gets the resource owner's username. 090 * 091 * @return The username. 092 */ 093 public String getUsername() { 094 095 return username; 096 } 097 098 099 /** 100 * Gets the resource owner's password. 101 * 102 * @return The password. 103 */ 104 public Secret getPassword() { 105 106 return password; 107 } 108 109 110 @Override 111 public Map<String,List<String>> toParameters() { 112 113 Map<String,List<String>> params = new LinkedHashMap<>(); 114 params.put("grant_type", Collections.singletonList(GRANT_TYPE.getValue())); 115 params.put("username", Collections.singletonList(username)); 116 params.put("password", Collections.singletonList(password.getValue())); 117 return params; 118 } 119 120 121 @Override 122 public boolean equals(Object o) { 123 if (this == o) return true; 124 if (o == null || getClass() != o.getClass()) return false; 125 ResourceOwnerPasswordCredentialsGrant that = (ResourceOwnerPasswordCredentialsGrant) o; 126 if (!username.equals(that.username)) return false; 127 return password.equals(that.password); 128 } 129 130 131 @Override 132 public int hashCode() { 133 int result = username.hashCode(); 134 result = 31 * result + password.hashCode(); 135 return result; 136 } 137 138 139 /** 140 * Parses a resource owner password credentials grant from the 141 * specified request body parameters. 142 * 143 * <p>Example: 144 * 145 * <pre> 146 * grant_type=password 147 * username=johndoe 148 * password=A3ddj3w 149 * </pre> 150 * 151 * @param params The parameters. 152 * 153 * @return The resource owner password credentials grant. 154 * 155 * @throws ParseException If parsing failed. 156 */ 157 public static ResourceOwnerPasswordCredentialsGrant parse(final Map<String,List<String>> params) 158 throws ParseException { 159 160 // Parse grant type 161 String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type"); 162 163 if (grantTypeString == null) { 164 String msg = "Missing \"grant_type\" parameter"; 165 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 166 } 167 168 if (! GrantType.parse(grantTypeString).equals(GRANT_TYPE)) { 169 String msg = "The \"grant_type\" must be " + GRANT_TYPE; 170 throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg)); 171 } 172 173 174 // Parse the username 175 String username = MultivaluedMapUtils.getFirstValue(params, "username"); 176 177 if (username == null || username.trim().isEmpty()) { 178 String msg = "Missing or empty \"username\" parameter"; 179 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 180 } 181 182 // Parse the password 183 String passwordString = MultivaluedMapUtils.getFirstValue(params, "password"); 184 185 if (passwordString == null || passwordString.trim().isEmpty()) { 186 String msg = "Missing or empty \"password\" parameter"; 187 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 188 } 189 190 Secret password = new Secret(passwordString); 191 192 return new ResourceOwnerPasswordCredentialsGrant(username, password); 193 } 194}