Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.oauth2.sdk;
019
020
021import java.util.List;
022import java.util.Map;
023
024import com.nimbusds.oauth2.sdk.ciba.CIBAGrant;
025import com.nimbusds.oauth2.sdk.device.DeviceCodeGrant;
026import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
027
028
029/**
030 * Authorisation grant. Extending classes should be immutable.
031 *
032 * <p>Supported authorisation grant types:
033 *
034 * <ul>
035 *     <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code}
036 *     <li>{@link GrantType#PASSWORD Resource owner password credentials}
037 *     <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials}
038 *     <li>{@link GrantType#REFRESH_TOKEN Refresh token}
039 *     <li>{@link GrantType#JWT_BEARER}
040 *     <li>{@link GrantType#SAML2_BEARER}
041 *     <li>{@link GrantType#DEVICE_CODE}
042 *     <li>{@link GrantType#CIBA}
043 * </ul>
044 *
045 * <p>Related specifications:
046 *
047 * <ul>
048 *     <li>OAuth 2.0 (RFC 6749), sections 1.3.
049 * </ul>
050 */
051public abstract class AuthorizationGrant {
052
053
054        /**
055         * The authorisation grant type.
056         */
057        private final GrantType type;
058
059
060        /**
061         * Creates a new authorisation grant.
062         *
063         * @param type               The authorisation grant type. Must not be
064         *                           {@code null}.
065         */
066        protected AuthorizationGrant(final GrantType type) {
067
068                if (type == null)
069                        throw new IllegalArgumentException("The grant type must not be null");
070
071                this.type = type;
072        }
073
074
075        /**
076         * Gets the authorisation grant type.
077         *
078         * @return The authorisation grant type.
079         */
080        public GrantType getType() {
081
082                return type;
083        }
084
085
086        /**
087         * Returns the request body parameters for the authorisation grant.
088         *
089         * @return The parameters.
090         */
091        public abstract Map<String,List<String>> toParameters();
092
093
094        /**
095         * Parses an authorisation grant from the specified request body
096         * parameters.
097         *
098         * @param params The request body parameters. Must not be {@code null}.
099         *
100         * @return The authorisation grant.
101         *
102         * @throws ParseException If parsing failed or the grant type is not
103         *                        supported.
104         */
105        public static AuthorizationGrant parse(final Map<String,List<String>> params)
106                throws ParseException {
107
108                // Parse grant type
109                String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type");
110
111                if (grantTypeString == null) {
112                        String msg = "Missing grant_type parameter";
113                        throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg));
114                }
115
116                GrantType grantType;
117                try {
118                        grantType = GrantType.parse(grantTypeString);
119                } catch (ParseException e) {
120                        String msg = "Invalid grant type: " + e.getMessage();
121                        throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg));
122                }
123
124                if (grantType.equals(GrantType.AUTHORIZATION_CODE)) {
125
126                        return AuthorizationCodeGrant.parse(params);
127
128                } else if (grantType.equals(GrantType.REFRESH_TOKEN)) {
129
130                        return RefreshTokenGrant.parse(params);
131                        
132                } else if (grantType.equals(GrantType.PASSWORD)) {
133
134                        return ResourceOwnerPasswordCredentialsGrant.parse(params);
135
136                } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) {
137
138                        return ClientCredentialsGrant.parse(params);
139
140                } else if (grantType.equals(GrantType.JWT_BEARER)) {
141
142                        return JWTBearerGrant.parse(params);
143
144                } else if (grantType.equals(GrantType.SAML2_BEARER)) {
145
146                        return SAML2BearerGrant.parse(params);
147
148                } else if (grantType.equals(GrantType.DEVICE_CODE)) {
149
150                        return DeviceCodeGrant.parse(params);
151
152                } else if (grantType.equals(GrantType.CIBA)) {
153
154                        return CIBAGrant.parse(params);
155
156                } else {
157
158                        throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE);
159                }
160        }
161}