| commit | author | age | ||
| 7ecde3 | 1 | /* |
| U | 2 | http-oauth - OAuth Extensions to jdk.httpserver |
| 3 | Copyright (C) 2021 Ulrich Hilger | |
| 4 | ||
| 5 | This program is free software: you can redistribute it and/or modify | |
| 6 | it under the terms of the GNU Affero General Public License as | |
| 7 | published by the Free Software Foundation, either version 3 of the | |
| 8 | License, or (at your option) any later version. | |
| 9 | ||
| 10 | This program is distributed in the hope that it will be useful, | |
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 13 | GNU Affero General Public License for more details. | |
| 14 | ||
| 15 | You should have received a copy of the GNU Affero General Public License | |
| 16 | along with this program. If not, see <https://www.gnu.org/licenses/>. | |
| 17 | */ | |
| 18 | package de.uhilger.httpserver.oauth; | |
| 19 | ||
| 20 | import com.sun.net.httpserver.HttpContext; | |
| 21 | import com.sun.net.httpserver.HttpExchange; | |
| 4bf4d1 | 22 | import de.uhilger.httpserver.base.HttpHelper; |
| 7ecde3 | 23 | import static de.uhilger.httpserver.oauth.BearerLoginHandler.ATTR_AUTHENTICATOR; |
| U | 24 | import java.io.IOException; |
| 25 | ||
| 26 | /** | |
| 9dc286 | 27 | * Einen abgelaufenen Token mit Hilfe eines Refresh Token erneuern |
| 7ecde3 | 28 | * |
| 9dc286 | 29 | * Gemaess |
| U | 30 | * https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/ |
| 31 | * sieht die HTTP Anfrage zum Refresh wie folgt aus: | |
| 32 | * | |
| 33 | * POST /oauth/token HTTP/1.1 | |
| 34 | * Host: authorization-server.com | |
| 35 | * | |
| 36 | * grant_type=refresh_token | |
| 37 | * &refresh_token=xxxxxxxxxxx | |
| 38 | * &client_id=xxxxxxxxxx | |
| 39 | * &client_secret=xxxxxxxxxx | |
| 7ecde3 | 40 | * |
| U | 41 | * @author Ulrich Hilger |
| 42 | * @version 1, 08.06.2021 | |
| 43 | */ | |
| 44 | public class BearerRefreshHandler extends BearerLoginHandler { | |
| 45 | ||
| a4bee5 | 46 | /** |
| U | 47 | * Refresh-Anfrage ausfuehren |
| 48 | * | |
| 49 | * @param exchange das Objekt mit Informationen zu HTTP-Anfrage und -Antwort | |
| 50 | * @throws IOException | |
| 51 | */ | |
| 7ecde3 | 52 | @Override |
| U | 53 | public void handle(HttpExchange exchange) throws IOException { |
| 54 | HttpHelper h = new HttpHelper(); | |
| 55 | String body = h.bodyLesen(exchange); | |
| 56 | String[] parts = body.split("&"); | |
| 57 | for(String part : parts) { | |
| 58 | String[] keyVals = part.split("="); | |
| 59 | if(keyVals[0].equalsIgnoreCase("refresh_token")) { | |
| 60 | HttpContext context = exchange.getHttpContext(); | |
| 61 | Object o = context.getAttributes().get(ATTR_AUTHENTICATOR); | |
| 62 | if (o instanceof BearerAuthenticator) { | |
| 63 | BearerAuthenticator auth = (BearerAuthenticator) o; | |
| 64 | LoginResponse response = auth.refresh(keyVals[1]); | |
| 65 | handleLoginResponse(exchange, response); | |
| 66 | } | |
| 67 | } | |
| 68 | } | |
| 69 | } | |
| 70 | ||
| 71 | } | |
