/* * Copyright 2015 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.springframework.social.oauth2; import org.springframework.web.client.RestOperations; import org.springframework.web.client.RestTemplate; /** * Generic implementation of {@link OAuth2ServiceProvider} that carries no intrinsic knowledge of the API it will be creating connections against. * Instead, it must be configured with API provider-specific details. * This enables developers to use Spring Social to create connections against any API for which there isn't a ready-to-use connection support and API binding * without creating one-off connection factory and service provider implementations. * The API binding provided by this service provider is simply a {@link RestOperations}, but the underlying {@link RestTemplate} is configured to automatically * add <code>Authorization</code> headers to all requests. * @author Craig Walls */ public class GenericOAuth2ServiceProvider extends AbstractOAuth2ServiceProvider<RestOperations> { private TokenStrategy tokenStrategy; /** * Creates an instance of GenericOAuth1ServiceProvider for a provider that offers a separate authentication URL. * @param appId The application's ID/key for the API. * @param appSecret The application's secret for the API. * @param authorizeUrl The API's OAuth 2 authorization URL. * @param authenticateUrl The API's OAuth 2 authentication URL. If null, then the authorization URL will be used by default. * @param accessTokenUrl The API's OAuth 2 access token URL. * @param useParametersForClientCredentials If true, client credentials will be sent as parameters. If false, the client with be authenticated via HTTP Basic * @param tokenStrategy The token strategy indicating how the access token should be carried on API requests. */ public GenericOAuth2ServiceProvider(String appId, String appSecret, String authorizeUrl, String authenticateUrl, String accessTokenUrl, boolean useParametersForClientCredentials, TokenStrategy tokenStrategy) { super(getOAuth2Template(appId, appSecret, authorizeUrl, authenticateUrl, accessTokenUrl, useParametersForClientCredentials)); this.tokenStrategy = tokenStrategy; } @Override public RestOperations getApi(String accessToken) { return new GenericApiBinding(accessToken, tokenStrategy).getRestTemplate(); } private static OAuth2Template getOAuth2Template(String appId, String appSecret, String authorizeUrl, String authenticateUrl, String accessTokenUrl, boolean useParameters) { OAuth2Template oAuth2Template = new OAuth2Template(appId, appSecret, authorizeUrl, authenticateUrl != null ? authenticateUrl : authorizeUrl, accessTokenUrl); oAuth2Template.setUseParametersForClientAuthentication(useParameters); return oAuth2Template; } private static class GenericApiBinding extends AbstractOAuth2ApiBinding { public GenericApiBinding(String accessToken, TokenStrategy tokenStrategy) { super(accessToken, tokenStrategy); } } }