001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import java.util.List; 022import java.util.Map; 023 024import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils; 025 026 027/** 028 * Authorisation grant. Extending classes should be immutable. 029 * 030 * <p>Supported authorisation grant types: 031 * 032 * <ul> 033 * <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code} 034 * <li>{@link GrantType#PASSWORD Resource owner password credentials} 035 * <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials} 036 * <li>{@link GrantType#REFRESH_TOKEN Refresh token} 037 * <li>{@link GrantType#JWT_BEARER} 038 * <li>{@link GrantType#SAML2_BEARER} 039 * </ul> 040 * 041 * <p>Related specifications: 042 * 043 * <ul> 044 * <li>OAuth 2.0 (RFC 6749), sections 1.3. 045 * </ul> 046 */ 047public abstract class AuthorizationGrant { 048 049 050 /** 051 * The authorisation grant type. 052 */ 053 private final GrantType type; 054 055 056 /** 057 * Creates a new authorisation grant. 058 * 059 * @param type The authorisation grant type. Must not be 060 * {@code null}. 061 */ 062 protected AuthorizationGrant(final GrantType type) { 063 064 if (type == null) 065 throw new IllegalArgumentException("The grant type must not be null"); 066 067 this.type = type; 068 } 069 070 071 /** 072 * Gets the authorisation grant type. 073 * 074 * @return The authorisation grant type. 075 */ 076 public GrantType getType() { 077 078 return type; 079 } 080 081 082 /** 083 * Returns the request body parameters for the authorisation grant. 084 * 085 * @return The parameters. 086 */ 087 public abstract Map<String,List<String>> toParameters(); 088 089 090 /** 091 * Parses an authorisation grant from the specified request body 092 * parameters. 093 * 094 * @param params The request body parameters. Must not be {@code null}. 095 * 096 * @return The authorisation grant. 097 * 098 * @throws ParseException If parsing failed or the grant type is not 099 * supported. 100 */ 101 public static AuthorizationGrant parse(final Map<String,List<String>> params) 102 throws ParseException { 103 104 // Parse grant type 105 String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type"); 106 107 if (grantTypeString == null) { 108 String msg = "Missing \"grant_type\" parameter"; 109 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 110 } 111 112 GrantType grantType; 113 try { 114 grantType = GrantType.parse(grantTypeString); 115 } catch (ParseException e) { 116 String msg = "Invalid grant type: " + e.getMessage(); 117 throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg)); 118 } 119 120 if (grantType.equals(GrantType.AUTHORIZATION_CODE)) { 121 122 return AuthorizationCodeGrant.parse(params); 123 124 } else if (grantType.equals(GrantType.REFRESH_TOKEN)) { 125 126 return RefreshTokenGrant.parse(params); 127 128 } else if (grantType.equals(GrantType.PASSWORD)) { 129 130 return ResourceOwnerPasswordCredentialsGrant.parse(params); 131 132 } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) { 133 134 return ClientCredentialsGrant.parse(params); 135 136 } else if (grantType.equals(GrantType.JWT_BEARER)) { 137 138 return JWTBearerGrant.parse(params); 139 140 } else if (grantType.equals(GrantType.SAML2_BEARER)) { 141 142 return SAML2BearerGrant.parse(params); 143 144 } else { 145 146 throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE); 147 } 148 } 149}