1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package org.apache.amber.oauth2.rs.request;
23
24
25 import java.util.HashMap;
26 import java.util.Map;
27 import javax.servlet.http.HttpServletRequest;
28 import org.apache.amber.oauth2.common.error.OAuthError;
29 import org.apache.amber.oauth2.common.exception.OAuthProblemException;
30 import org.apache.amber.oauth2.common.exception.OAuthSystemException;
31 import org.apache.amber.oauth2.common.message.types.ParameterStyle;
32 import org.apache.amber.oauth2.common.message.types.TokenType;
33 import org.apache.amber.oauth2.common.utils.OAuthUtils;
34 import org.apache.amber.oauth2.common.validators.OAuthValidator;
35 import org.apache.amber.oauth2.common.OAuth;
36 import org.apache.amber.oauth2.rs.BearerResourceServer;
37 import org.apache.amber.oauth2.rs.ResourceServer;
38 import org.apache.amber.oauth2.rs.extractor.TokenExtractor;
39
40
41
42
43
44
45 public class OAuthAccessResourceRequest {
46
47 private HttpServletRequest request;
48 private ParameterStyle[] parameterStyles=new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE};
49 private TokenType[] tokenTypes=new TokenType []{OAuth.DEFAULT_TOKEN_TYPE};
50 private ParameterStyle usedParameterStyle;
51 private ResourceServer usedResourceServer;
52
53 protected static Map<TokenType, Class> tokens = new HashMap<TokenType, Class>();
54
55 private TokenExtractor extractor;
56
57 {
58 tokens.put(TokenType.BEARER, BearerResourceServer.class);
59
60 }
61
62 public OAuthAccessResourceRequest(HttpServletRequest request)
63 throws OAuthSystemException, OAuthProblemException {
64 this(request,new TokenType []{OAuth.DEFAULT_TOKEN_TYPE}, new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE});
65 }
66
67 public OAuthAccessResourceRequest(HttpServletRequest request, ParameterStyle... parameterStyles)
68 throws OAuthSystemException, OAuthProblemException {
69 this(request,new TokenType []{OAuth.DEFAULT_TOKEN_TYPE}, parameterStyles);
70 }
71
72 public OAuthAccessResourceRequest(HttpServletRequest request, TokenType... tokenTypes)
73 throws OAuthSystemException, OAuthProblemException {
74 this(request,tokenTypes, new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE});
75 }
76
77 public OAuthAccessResourceRequest(HttpServletRequest request, TokenType[] tokenTypes ,ParameterStyle[] parameterStyles)
78 throws OAuthSystemException, OAuthProblemException {
79 this.request = request;
80 this.tokenTypes = tokenTypes;
81 this.parameterStyles = parameterStyles;
82 this.validate();
83 }
84
85 public String getAccessToken() throws OAuthSystemException {
86 return extractor.getAccessToken(request);
87 }
88
89 private void validate() throws OAuthSystemException, OAuthProblemException {
90
91 int foundValidStyles = 0;
92 boolean lackAuthInfo = false;
93 OAuthProblemException ex = null;
94 String lackAuthReason = "OAuth parameters were not found";
95 for (TokenType tokenType : tokenTypes) {
96 ResourceServer resourceServer=instantiateResourceServer(tokenType);
97 for (ParameterStyle style : parameterStyles) {
98 try {
99
100 OAuthValidator validator = resourceServer.instantiateValidator(style);
101 validator.validateContentType(request);
102 validator.validateMethod(request);
103 validator.validateRequiredParameters(request);
104
105 usedParameterStyle = style;
106 usedResourceServer = resourceServer;
107 foundValidStyles++;
108 } catch (OAuthProblemException e) {
109
110 if (OAuthUtils.isEmpty(e.getError())) {
111 lackAuthInfo = true;
112 lackAuthReason = e.getDescription();
113 } else {
114 ex = OAuthProblemException.error(e.getError(), e.getDescription());
115 }
116 }
117 }
118 }
119
120 if (foundValidStyles > 1) {
121 throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
122 "Found more than one mechanism for authenticating client");
123 }
124
125 if (ex != null) {
126 throw ex;
127 }
128
129 if (foundValidStyles == 0 && lackAuthInfo) {
130 throw OAuthProblemException.error(null, lackAuthReason);
131 }
132
133 if (foundValidStyles == 0) {
134 throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
135 "OAuth parameters were not found");
136 }
137
138 extractor= usedResourceServer.instantiateExtractor(usedParameterStyle);
139 }
140
141 public static ResourceServer instantiateResourceServer(TokenType tokenType) throws OAuthSystemException {
142 Class clazz = tokens.get(tokenType);
143 if (clazz == null) {
144 throw new OAuthSystemException("Cannot instantiate a resource server.");
145 }
146 return (ResourceServer)OAuthUtils.instantiateClass(clazz);
147 }
148
149 }