1 /* 2 * Copyright 2006-2011 the original author or authors. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 * the License. You may obtain a copy of the License at 6 * 7 * https://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 * specific language governing permissions and limitations under the License. 12 */ 13 14 package org.springframework.security.oauth2.provider; 15 16 import java.util.Map; 17 18 /** 19 * Strategy for managing OAuth2 requests: {@link AuthorizationRequest}, {@link TokenRequest}, {@link OAuth2Request}. 20 * 21 * @author Dave Syer 22 * @author Amanda Anganes 23 * 24 */ 25 public interface OAuth2RequestFactory { 26 27 /** 28 * Create a new {@link AuthorizationRequest} extracting all the needed information from the incoming parameter map, 29 * and initializing all individual fields on the {@link AuthorizationRequest} to reasonable values. When a class 30 * uses the factory to create an {@link AuthorizationRequest}, it should not need to access the parameter map 31 * directly afterwards. 32 * 33 * Typical implementations would initialize the individual fields on the {@link AuthorizationRequest} with the 34 * values requested in the original parameter map. It may also load the client details from the client id provided 35 * and validate the grant type and scopes, populating any fields in the request that are known only to the 36 * authorization server. 37 * 38 * @param authorizationParameters the parameters in the request 39 * @return a new AuthorizationRequest 40 */ 41 AuthorizationRequest createAuthorizationRequest(Map<String, String> authorizationParameters); 42 43 /** 44 * Create a new {@link OAuth2Request} by extracting the needed information from the current 45 * {@link AuthorizationRequest} object. 46 * 47 * @param request the request to be converted 48 * @return an immutable object for storage 49 */ 50 OAuth2Request createOAuth2Request(AuthorizationRequest request); 51 52 /** 53 * Create a new {@link OAuth2Request} by extracting the needed information from the current {@link TokenRequest} 54 * object. 55 * @param client TODO 56 * @param tokenRequest the request to be converted 57 * 58 * @return am immutable object for storage 59 */ 60 OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest); 61 62 /** 63 * Create a new {@link TokenRequest} by extracting the needed information from the incoming request parameter map. 64 * 65 * @param requestParameters the parameters in the request 66 * @param authenticatedClient the client that authenticated during the token request 67 * @return a new TokenRequest 68 */ 69 TokenRequest createTokenRequest(Map<String, String> requestParameters, ClientDetails authenticatedClient); 70 71 /** 72 * Create a new {@link TokenRequest} from an {@link AuthorizationRequest}. Principally used by the 73 * AuthorizationEndpoint during the implicit flow. 74 * 75 * @param authorizationRequest the incoming request 76 * @param grantType the grant type for the token request 77 * @return a new token request 78 */ 79 TokenRequest createTokenRequest(AuthorizationRequest authorizationRequest, String grantType); 80 81 }