1 package org.springframework.security.oauth2.client.token.grant.password;
2
3 import java.util.Iterator;
4 import java.util.List;
5
6 import org.springframework.http.HttpHeaders;
7 import org.springframework.security.access.AccessDeniedException;
8 import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException;
9 import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
10 import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
11 import org.springframework.security.oauth2.client.token.AccessTokenProvider;
12 import org.springframework.security.oauth2.client.token.AccessTokenRequest;
13 import org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport;
14 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
15 import org.springframework.security.oauth2.common.OAuth2AccessToken;
16 import org.springframework.util.LinkedMultiValueMap;
17 import org.springframework.util.MultiValueMap;
18
19
20
21
22
23
24 public class ResourceOwnerPasswordAccessTokenProvider extends OAuth2AccessTokenSupport implements AccessTokenProvider {
25
26 public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
27 return resource instanceof ResourceOwnerPasswordResourceDetails && "password".equals(resource.getGrantType());
28 }
29
30 public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource) {
31 return supportsResource(resource);
32 }
33
34 public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
35 OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException,
36 OAuth2AccessDeniedException {
37 MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
38 form.add("grant_type", "refresh_token");
39 form.add("refresh_token", refreshToken.getValue());
40 return retrieveToken(request, resource, form, new HttpHeaders());
41 }
42
43 public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)
44 throws UserRedirectRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
45
46 ResourceOwnerPasswordResourceDetails resource = (ResourceOwnerPasswordResourceDetails) details;
47 return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), new HttpHeaders());
48
49 }
50
51 private MultiValueMap<String, String> getParametersForTokenRequest(ResourceOwnerPasswordResourceDetails resource, AccessTokenRequest request) {
52
53 MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
54 form.set("grant_type", "password");
55
56 form.set("username", resource.getUsername());
57 form.set("password", resource.getPassword());
58 form.putAll(request);
59
60 if (resource.isScoped()) {
61
62 StringBuilder builder = new StringBuilder();
63 List<String> scope = resource.getScope();
64
65 if (scope != null) {
66 Iterator<String> scopeIt = scope.iterator();
67 while (scopeIt.hasNext()) {
68 builder.append(scopeIt.next());
69 if (scopeIt.hasNext()) {
70 builder.append(' ');
71 }
72 }
73 }
74
75 form.set("scope", builder.toString());
76 }
77
78 return form;
79
80 }
81
82 }