@GET
@Path("token")
public Response getAccessToken(
@Context UriInfo ui,
@HeaderParam("Authorization") String authorization,
@QueryParam("grant_type") String grant_type,
@QueryParam("username") String username,
@QueryParam("password") String password,
@QueryParam("pin") String pin,
@QueryParam("client_id") String client_id,
@QueryParam("client_secret") String client_secret,
@QueryParam("code") String code,
@QueryParam("ttl") long ttl,
@QueryParam("redirect_uri") String redirect_uri,
@QueryParam("callback") @DefaultValue("") String callback)
throws Exception {
logger.debug("ApplicationResource.getAccessToken");
User user = null;
try {
if (authorization != null) {
String type = stringOrSubstringBeforeFirst(authorization, ' ').toUpperCase();
if ("BASIC".equals(type)) {
String token = stringOrSubstringAfterFirst(authorization, ' ');
String[] values = Base64.decodeToString(token).split(":");
if (values.length >= 2) {
client_id = values[0].toLowerCase();
client_secret = values[1];
}
}
}
// do checking for different grant types
String errorDescription = "invalid username or password";
if (GrantType.PASSWORD.toString().equals(grant_type)) {
try {
user =
management.verifyAppUserPasswordCredentials(
services.getApplicationId(), username, password);
} catch (UnactivatedAppUserException uaue) {
errorDescription = "user not activated";
} catch (DisabledAppUserException daue) {
errorDescription = "user disabled";
} catch (Exception e1) {
}
} else if ("pin".equals(grant_type)) {
try {
user = management.verifyAppUserPinCredentials(services.getApplicationId(), username, pin);
} catch (Exception e1) {
}
} else if ("client_credentials".equals(grant_type)) {
try {
AccessInfo access_info = management.authorizeClient(client_id, client_secret, ttl);
if (access_info != null) {
return Response.status(SC_OK)
.type(jsonMediaType(callback))
.entity(wrapWithCallback(access_info, callback))
.build();
}
} catch (Exception e1) {
}
} else if ("authorization_code".equals(grant_type)) {
AccessInfo access_info = new AccessInfo();
access_info.setAccessToken(code);
return Response.status(SC_OK)
.type(jsonMediaType(callback))
.entity(wrapWithCallback(access_info, callback))
.build();
}
if (user == null) {
OAuthResponse response =
OAuthResponse.errorResponse(SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_GRANT)
.setErrorDescription(errorDescription)
.buildJSONMessage();
return Response.status(response.getResponseStatus())
.type(jsonMediaType(callback))
.entity(wrapWithCallback(response.getBody(), callback))
.build();
}
String token =
management.getAccessTokenForAppUser(services.getApplicationId(), user.getUuid(), ttl);
AccessInfo access_info =
new AccessInfo()
.withExpiresIn(tokens.getMaxTokenAge(token) / 1000)
.withAccessToken(token)
.withProperty("user", user);
return Response.status(SC_OK)
.type(jsonMediaType(callback))
.entity(wrapWithCallback(access_info, callback))
.build();
} catch (OAuthProblemException e) {
logger.error("OAuth Error", e);
OAuthResponse res = OAuthResponse.errorResponse(SC_BAD_REQUEST).error(e).buildJSONMessage();
return Response.status(res.getResponseStatus())
.type(jsonMediaType(callback))
.entity(wrapWithCallback(res.getBody(), callback))
.build();
}
}
