2 * This document is a part of the source code and related artifacts
3 * for CollectionSpace, an open source collections management system
4 * for museums and related institutions:
6 * http://www.collectionspace.org
7 * http://wiki.collectionspace.org
9 * Copyright 2009 University of California at Berkeley
11 * Licensed under the Educational Community License (ECL), Version 2.0.
12 * You may not use this file except in compliance with this License.
14 * You may obtain a copy of the ECL 2.0 License at
16 * https://source.collectionspace.org/collection-space/LICENSE.txt
18 * Unless required by applicable law or agreed to in writing, software
19 * distributed under the License is distributed on an "AS IS" BASIS,
20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21 * See the License for the specific language governing permissions and
22 * limitations under the License.
24 * This document is a part of the source code and related artifacts
25 * for CollectionSpace, an open source collections management system
26 * for museums and related institutions:
28 * http://www.collectionspace.org
29 * http://wiki.collectionspace.org
31 * Copyright 2009 University of California at Berkeley
33 * Licensed under the Educational Community License (ECL), Version 2.0.
34 * You may not use this file except in compliance with this License.
36 * You may obtain a copy of the ECL 2.0 License at
38 * https://source.collectionspace.org/collection-space/LICENSE.txt
40 * Unless required by applicable law or agreed to in writing, software
41 * distributed under the License is distributed on an "AS IS" BASIS,
42 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
43 * See the License for the specific language governing permissions and
44 * limitations under the License.
47 package org.collectionspace.services.authorization.spring;
49 import java.nio.charset.StandardCharsets;
50 import java.util.HashMap;
53 import javax.xml.bind.DatatypeConverter;
55 import org.springframework.security.oauth2.provider.AuthorizationRequest;
56 import org.springframework.security.oauth2.provider.ClientDetails;
57 import org.springframework.security.oauth2.provider.ClientDetailsService;
58 import org.springframework.security.oauth2.provider.TokenRequest;
59 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
62 * An OAuth2RequestFactory that expects the password to be base64 encoded. This implementation
63 * copies the parameters, decodes the password if present, and passes the result to
64 * DefaultOAuth2RequestFactory.
66 public class CSpaceOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
67 private final String PASSWORD_PARAMETER = "password";
69 public CSpaceOAuth2RequestFactory(ClientDetailsService clientDetailsService) {
70 super(clientDetailsService);
74 public AuthorizationRequest createAuthorizationRequest(
75 Map<String, String> authorizationParameters) {
76 return super.createAuthorizationRequest(decodePassword(authorizationParameters));
80 public TokenRequest createTokenRequest(
81 Map<String, String> requestParameters,
82 ClientDetails authenticatedClient) {
83 return super.createTokenRequest(decodePassword(requestParameters), authenticatedClient);
86 private Map<String, String> decodePassword(Map<String, String> parameters) {
87 if (parameters.containsKey(PASSWORD_PARAMETER)) {
88 String base64EncodedPassword = parameters.get(PASSWORD_PARAMETER);
89 String password = new String(DatatypeConverter.parseBase64Binary(base64EncodedPassword), StandardCharsets.UTF_8);
91 Map<String, String> parametersCopy = new HashMap<String, String>(parameters);
93 parametersCopy.put(PASSWORD_PARAMETER, password);
95 return parametersCopy;
projects / tmp / jakarta-migration.git / blob