001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import java.util.List; 022import java.util.Map; 023 024import com.nimbusds.oauth2.sdk.ciba.CIBAGrant; 025import com.nimbusds.oauth2.sdk.device.DeviceCodeGrant; 026import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils; 027 028 029/** 030 * Authorisation grant. Extending classes should be immutable. 031 * 032 * <p>Supported authorisation grant types: 033 * 034 * <ul> 035 * <li>{@link GrantType#AUTHORIZATION_CODE Authorisation code} 036 * <li>{@link GrantType#PASSWORD Resource owner password credentials} 037 * <li>{@link GrantType#CLIENT_CREDENTIALS Client credentials} 038 * <li>{@link GrantType#REFRESH_TOKEN Refresh token} 039 * <li>{@link GrantType#JWT_BEARER} 040 * <li>{@link GrantType#SAML2_BEARER} 041 * <li>{@link GrantType#DEVICE_CODE} 042 * <li>{@link GrantType#CIBA} 043 * </ul> 044 * 045 * <p>Related specifications: 046 * 047 * <ul> 048 * <li>OAuth 2.0 (RFC 6749), sections 1.3. 049 * </ul> 050 */ 051public abstract class AuthorizationGrant { 052 053 054 /** 055 * The authorisation grant type. 056 */ 057 private final GrantType type; 058 059 060 /** 061 * Creates a new authorisation grant. 062 * 063 * @param type The authorisation grant type. Must not be 064 * {@code null}. 065 */ 066 protected AuthorizationGrant(final GrantType type) { 067 068 if (type == null) 069 throw new IllegalArgumentException("The grant type must not be null"); 070 071 this.type = type; 072 } 073 074 075 /** 076 * Gets the authorisation grant type. 077 * 078 * @return The authorisation grant type. 079 */ 080 public GrantType getType() { 081 082 return type; 083 } 084 085 086 /** 087 * Returns the request body parameters for the authorisation grant. 088 * 089 * @return The parameters. 090 */ 091 public abstract Map<String,List<String>> toParameters(); 092 093 094 /** 095 * Parses an authorisation grant from the specified request body 096 * parameters. 097 * 098 * @param params The request body parameters. Must not be {@code null}. 099 * 100 * @return The authorisation grant. 101 * 102 * @throws ParseException If parsing failed or the grant type is not 103 * supported. 104 */ 105 public static AuthorizationGrant parse(final Map<String,List<String>> params) 106 throws ParseException { 107 108 // Parse grant type 109 String grantTypeString = MultivaluedMapUtils.getFirstValue(params, "grant_type"); 110 111 if (grantTypeString == null) { 112 String msg = "Missing grant_type parameter"; 113 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 114 } 115 116 GrantType grantType; 117 try { 118 grantType = GrantType.parse(grantTypeString); 119 } catch (ParseException e) { 120 String msg = "Invalid grant type: " + e.getMessage(); 121 throw new ParseException(msg, OAuth2Error.UNSUPPORTED_GRANT_TYPE.appendDescription(": " + msg)); 122 } 123 124 if (grantType.equals(GrantType.AUTHORIZATION_CODE)) { 125 126 return AuthorizationCodeGrant.parse(params); 127 128 } else if (grantType.equals(GrantType.REFRESH_TOKEN)) { 129 130 return RefreshTokenGrant.parse(params); 131 132 } else if (grantType.equals(GrantType.PASSWORD)) { 133 134 return ResourceOwnerPasswordCredentialsGrant.parse(params); 135 136 } else if (grantType.equals(GrantType.CLIENT_CREDENTIALS)) { 137 138 return ClientCredentialsGrant.parse(params); 139 140 } else if (grantType.equals(GrantType.JWT_BEARER)) { 141 142 return JWTBearerGrant.parse(params); 143 144 } else if (grantType.equals(GrantType.SAML2_BEARER)) { 145 146 return SAML2BearerGrant.parse(params); 147 148 } else if (grantType.equals(GrantType.DEVICE_CODE)) { 149 150 return DeviceCodeGrant.parse(params); 151 152 } else if (grantType.equals(GrantType.CIBA)) { 153 154 return CIBAGrant.parse(params); 155 156 } else { 157 158 throw new ParseException("Invalid or unsupported grant type: " + grantType, OAuth2Error.UNSUPPORTED_GRANT_TYPE); 159 } 160 } 161}