View Javadoc
1   /*
2    * Copyright 2002-2011 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.springframework.security.oauth2.client.token;
17  
18  import org.springframework.security.access.AccessDeniedException;
19  import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
20  import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException;
21  import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
22  import org.springframework.security.oauth2.common.OAuth2AccessToken;
23  import org.springframework.security.oauth2.common.OAuth2RefreshToken;
24  
25  /**
26   * A strategy which knows how to obtain an access token for a specific resource.
27   * 
28   * @author Ryan Heaton
29   * @author Dave Syer
30   */
31  public interface AccessTokenProvider {
32  
33  	/**
34  	 * Obtain a new access token for the specified protected resource.
35  	 * 
36  	 * @param details The protected resource for which this provider is to obtain an access token.
37  	 * @param parameters The parameters of the request giving context for the token details if any.
38  	 * @return The access token for the specified protected resource. The return value may NOT be null.
39  	 * @throws UserRedirectRequiredException If the provider requires the current user to be redirected for
40  	 * authorization.
41  	 * @throws UserApprovalRequiredException If the provider is ready to issue a token but only if the user approves
42  	 * @throws AccessDeniedException If the user denies access to the protected resource.
43  	 */
44  	OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest parameters)
45  			throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException;
46  
47  	/**
48  	 * Whether this provider supports the specified resource.
49  	 * 
50  	 * @param resource The resource.
51  	 * @return Whether this provider supports the specified resource.
52  	 */
53  	boolean supportsResource(OAuth2ProtectedResourceDetails resource);
54  
55  	/**
56  	 * @param resource the resource for which a token refresh is required
57  	 * @param refreshToken the refresh token to send
58  	 * @return an access token
59  	 */
60  	OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken,
61  			AccessTokenRequest request) throws UserRedirectRequiredException;
62  
63  	/**
64  	 * @param resource The resource to check
65  	 * @return true if this provider can refresh an access token
66  	 */
67  	boolean supportsRefresh(OAuth2ProtectedResourceDetails resource);
68  }