View Javadoc
1   package org.springframework.security.oauth2.client.token.grant.password;
2   
3   import java.util.Iterator;
4   import java.util.List;
5   
6   import org.springframework.http.HttpHeaders;
7   import org.springframework.security.access.AccessDeniedException;
8   import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException;
9   import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
10  import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
11  import org.springframework.security.oauth2.client.token.AccessTokenProvider;
12  import org.springframework.security.oauth2.client.token.AccessTokenRequest;
13  import org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport;
14  import org.springframework.security.oauth2.common.OAuth2RefreshToken;
15  import org.springframework.security.oauth2.common.OAuth2AccessToken;
16  import org.springframework.util.LinkedMultiValueMap;
17  import org.springframework.util.MultiValueMap;
18  
19  /**
20   * Provider for obtaining an oauth2 access token by using resource owner password.
21   * 
22   * @author Dave Syer
23   */
24  public class ResourceOwnerPasswordAccessTokenProvider extends OAuth2AccessTokenSupport implements AccessTokenProvider {
25  
26  	public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
27  		return resource instanceof ResourceOwnerPasswordResourceDetails && "password".equals(resource.getGrantType());
28  	}
29  
30  	public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource) {
31  		return supportsResource(resource);
32  	}
33  
34  	public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
35  			OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException,
36  			OAuth2AccessDeniedException {
37  		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
38  		form.add("grant_type", "refresh_token");
39  		form.add("refresh_token", refreshToken.getValue());
40  		return retrieveToken(request, resource, form, new HttpHeaders());
41  	}
42  
43  	public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)
44  			throws UserRedirectRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
45  
46  		ResourceOwnerPasswordResourceDetails resource = (ResourceOwnerPasswordResourceDetails) details;
47  		return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), new HttpHeaders());
48  
49  	}
50  
51  	private MultiValueMap<String, String> getParametersForTokenRequest(ResourceOwnerPasswordResourceDetails resource, AccessTokenRequest request) {
52  
53  		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
54  		form.set("grant_type", "password");
55  
56  		form.set("username", resource.getUsername());
57  		form.set("password", resource.getPassword());
58  		form.putAll(request);
59  
60  		if (resource.isScoped()) {
61  
62  			StringBuilder builder = new StringBuilder();
63  			List<String> scope = resource.getScope();
64  
65  			if (scope != null) {
66  				Iterator<String> scopeIt = scope.iterator();
67  				while (scopeIt.hasNext()) {
68  					builder.append(scopeIt.next());
69  					if (scopeIt.hasNext()) {
70  						builder.append(' ');
71  					}
72  				}
73  			}
74  
75  			form.set("scope", builder.toString());
76  		}
77  
78  		return form;
79  
80  	}
81  
82  }