View Javadoc
1   package org.springframework.security.oauth2.provider;
2   
3   import java.io.Serializable;
4   import java.util.Collection;
5   import java.util.HashMap;
6   import java.util.HashSet;
7   import java.util.Map;
8   import java.util.Set;
9   
10  import org.springframework.security.core.GrantedAuthority;
11  import org.springframework.security.oauth2.common.util.OAuth2Utils;
12  
13  /**
14   * Represents a stored authorization or token request. Used as part of the OAuth2Authentication object to store a
15   * request's authentication information. Does not expose public setters so that clients can not mutate state if they
16   * respect the declared type of the request.
17   * 
18   * @author Amanda Anganes
19   * @author Dave Syer
20   * 
21   */
22  public class OAuth2Request extends BaseRequest implements Serializable {
23  
24  	private static final long serialVersionUID = 1L;
25  
26  	/**
27  	 * Resolved resource IDs. This set may change during request processing.
28  	 */
29  	private Set<String> resourceIds = new HashSet<String>();
30  
31  	/**
32  	 * Resolved granted authorities for this request. May change during request processing.
33  	 */
34  	private Collection<? extends GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
35  
36  	/**
37  	 * Whether the request has been approved by the end user (or other process). This will be altered by the User
38  	 * Approval Endpoint and/or the UserApprovalHandler as appropriate.
39  	 */
40  	private boolean approved = false;
41  
42  	/**
43  	 * Will be non-null if the request is for a token to be refreshed (the original grant type might still be available
44  	 * via {@link #getGrantType()}).
45  	 */
46  	private TokenRequest refresh = null;
47  
48  	/**
49  	 * The resolved redirect URI of this request. A URI may be present in the original request, in the
50  	 * authorizationParameters, or it may not be provided, in which case it will be defaulted (by processing classes) to
51  	 * the Client's default registered value.
52  	 */
53  	private String redirectUri;
54  
55  	/**
56  	 * Resolved requested response types initialized (by the OAuth2RequestFactory) with the response types originally
57  	 * requested.
58  	 */
59  	private Set<String> responseTypes = new HashSet<String>();
60  
61  	/**
62  	 * Extension point for custom processing classes which may wish to store additional information about the OAuth2
63  	 * request. Since this class is serializable, all members of this map must also be serializable.
64  	 */
65  	private Map<String, Serializable> extensions = new HashMap<String, Serializable>();
66  
67  	public OAuth2Request(Map<String, String> requestParameters, String clientId,
68  			Collection<? extends GrantedAuthority> authorities, boolean approved, Set<String> scope,
69  			Set<String> resourceIds, String redirectUri, Set<String> responseTypes,
70  			Map<String, Serializable> extensionProperties) {
71  		setClientId(clientId);
72  		setRequestParameters(requestParameters);
73  		setScope(scope);
74  		if (resourceIds != null) {
75  			this.resourceIds = new HashSet<String>(resourceIds);
76  		}
77  		if (authorities != null) {
78  			this.authorities = new HashSet<GrantedAuthority>(authorities);
79  		}
80  		this.approved = approved;
81  		if (responseTypes != null) {
82  			this.responseTypes = new HashSet<String>(responseTypes);
83  		}
84  		this.redirectUri = redirectUri;
85  		if (extensionProperties != null) {
86  			this.extensions = extensionProperties;
87  		}
88  	}
89  
90  	protected OAuth2Requestf="../../../../../org/springframework/security/oauth2/provider/OAuth2Request.html#OAuth2Request">OAuth2Request(OAuth2Request other) {
91  		this(other.getRequestParameters(), other.getClientId(), other.getAuthorities(), other.isApproved(), other
92  				.getScope(), other.getResourceIds(), other.getRedirectUri(), other.getResponseTypes(), other
93  				.getExtensions());
94  	}
95  
96  	protected OAuth2Request(String clientId) {
97  		setClientId(clientId);
98  	}
99  
100 	protected OAuth2Request() {
101 		super();
102 	}
103 
104 	public String getRedirectUri() {
105 		return redirectUri;
106 	}
107 
108 	public Set<String> getResponseTypes() {
109 		return responseTypes;
110 	}
111 
112 	public Collection<? extends GrantedAuthority> getAuthorities() {
113 		return authorities;
114 	}
115 
116 	public boolean isApproved() {
117 		return approved;
118 	}
119 
120 	public Set<String> getResourceIds() {
121 		return resourceIds;
122 	}
123 
124 	public Map<String, Serializable> getExtensions() {
125 		return extensions;
126 	}
127 
128 	/**
129 	 * Update the request parameters and return a new object with the same properties except the parameters.
130 	 * @param parameters new parameters replacing the existing ones
131 	 * @return a new OAuth2Request
132 	 */
133 	public OAuth2Request createOAuth2Request(Map<String, String> parameters) {
134 		return new OAuth2Request(parameters, getClientId(), authorities, approved, getScope(), resourceIds,
135 				redirectUri, responseTypes, extensions);
136 	}
137 
138 	/**
139 	 * Update the scope and create a new request. All the other properties are the same (including the request
140 	 * parameters).
141 	 * 
142 	 * @param scope the new scope
143 	 * @return a new request with the narrowed scope
144 	 */
145 	public OAuth2Request narrowScope(Set<String> scope) {
146 		OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved, scope,
147 				resourceIds, redirectUri, responseTypes, extensions);
148 		request.refresh = this.refresh;
149 		return request;
150 	}
151 
152 	public OAuth2Request refresh(TokenRequest tokenRequest) {
153 		OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved,
154 				getScope(), resourceIds, redirectUri, responseTypes, extensions);
155 		request.refresh = tokenRequest;
156 		return request;
157 	}
158 
159 	/**
160 	 * @return true if this request is known to be for a token to be refreshed
161 	 */
162 	public boolean isRefresh() {
163 		return refresh != null;
164 	}
165 
166 	/**
167 	 * If this request was for an access token to be refreshed, then the {@link TokenRequest} that led to the refresh
168 	 * <i>may</i> be available here if it is known.
169 	 * 
170 	 * @return the refresh token request (may be null)
171 	 */
172 	public TokenRequest getRefreshTokenRequest() {
173 		return refresh;
174 	}
175 
176 	/**
177 	 * Tries to discover the grant type requested for the token associated with this request.
178 	 * 
179 	 * @return the grant type if known, or null otherwise
180 	 */
181 	public String getGrantType() {
182 		if (getRequestParameters().containsKey(OAuth2Utils.GRANT_TYPE)) {
183 			return getRequestParameters().get(OAuth2Utils.GRANT_TYPE);
184 		}
185 		if (getRequestParameters().containsKey(OAuth2Utils.RESPONSE_TYPE)) {
186 			String response = getRequestParameters().get(OAuth2Utils.RESPONSE_TYPE);
187 			if (response.contains("token")) {
188 				return "implicit";
189 			}
190 		}
191 		return null;
192 	}
193 
194 	@Override
195 	public int hashCode() {
196 		final int prime = 31;
197 		int result = super.hashCode();
198 		result = prime * result + (approved ? 1231 : 1237);
199 		result = prime * result + ((authorities == null) ? 0 : authorities.hashCode());
200 		result = prime * result + ((extensions == null) ? 0 : extensions.hashCode());
201 		result = prime * result + ((redirectUri == null) ? 0 : redirectUri.hashCode());
202 		result = prime * result + ((resourceIds == null) ? 0 : resourceIds.hashCode());
203 		result = prime * result + ((responseTypes == null) ? 0 : responseTypes.hashCode());
204 		return result;
205 	}
206 
207 	@Override
208 	public boolean equals(Object obj) {
209 		if (this == obj)
210 			return true;
211 		if (!super.equals(obj))
212 			return false;
213 		if (getClass() != obj.getClass())
214 			return false;
215 		OAuth2Request other = (OAuth2Request) obj;
216 		if (approved != other.approved)
217 			return false;
218 		if (authorities == null) {
219 			if (other.authorities != null)
220 				return false;
221 		}
222 		else if (!authorities.equals(other.authorities))
223 			return false;
224 		if (extensions == null) {
225 			if (other.extensions != null)
226 				return false;
227 		}
228 		else if (!extensions.equals(other.extensions))
229 			return false;
230 		if (redirectUri == null) {
231 			if (other.redirectUri != null)
232 				return false;
233 		}
234 		else if (!redirectUri.equals(other.redirectUri))
235 			return false;
236 		if (resourceIds == null) {
237 			if (other.resourceIds != null)
238 				return false;
239 		}
240 		else if (!resourceIds.equals(other.resourceIds))
241 			return false;
242 		if (responseTypes == null) {
243 			if (other.responseTypes != null)
244 				return false;
245 		}
246 		else if (!responseTypes.equals(other.responseTypes))
247 			return false;
248 		return true;
249 	}
250 
251 }