1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package org.apache.amber.oauth2.client.validator;
23
24 import java.util.ArrayList;
25 import java.util.HashMap;
26 import java.util.HashSet;
27 import java.util.List;
28 import java.util.Map;
29 import java.util.Set;
30
31 import org.apache.amber.oauth2.common.error.OAuthError;
32 import org.apache.amber.oauth2.common.exception.OAuthProblemException;
33 import org.apache.amber.oauth2.common.utils.OAuthUtils;
34 import org.apache.amber.oauth2.client.response.OAuthClientResponse;
35 import org.apache.amber.oauth2.common.OAuth;
36
37
38
39
40
41
42 public abstract class OAuthClientValidator {
43
44 protected Map<String, String[]> requiredParams = new HashMap<String, String[]>();
45 protected List<String> notAllowedParams = new ArrayList<String>();
46
47 public void validate(OAuthClientResponse response) throws OAuthProblemException {
48 validateErrorResponse(response);
49 validateParameters(response);
50 }
51
52 public void validateParameters(OAuthClientResponse response) throws OAuthProblemException {
53 validateRequiredParameters(response);
54 validateNotAllowedParameters(response);
55 }
56
57 public void validateErrorResponse(OAuthClientResponse response) throws OAuthProblemException {
58 String error = response.getParam(OAuthError.OAUTH_ERROR);
59 if (!OAuthUtils.isEmpty(error)) {
60 String errorDesc = response.getParam(OAuthError.OAUTH_ERROR_DESCRIPTION);
61 String errorUri = response.getParam(OAuthError.OAUTH_ERROR_URI);
62 String state = response.getParam(OAuth.OAUTH_STATE);
63 throw OAuthProblemException.error(error).description(errorDesc).uri(errorUri).state(state);
64 }
65 }
66
67
68 public void validateRequiredParameters(OAuthClientResponse response) throws OAuthProblemException {
69 Set<String> missingParameters = new HashSet<String>();
70
71 for (Map.Entry<String, String[]> requiredParam : requiredParams.entrySet()) {
72 String paramName = requiredParam.getKey();
73 String val = response.getParam(paramName);
74 if (OAuthUtils.isEmpty(val)) {
75 missingParameters.add(paramName);
76 } else {
77 String[] dependentParams = requiredParam.getValue();
78 if (!OAuthUtils.hasEmptyValues(dependentParams)) {
79 for (String dependentParam : dependentParams) {
80 val = response.getParam(dependentParam);
81 if (OAuthUtils.isEmpty(val)) {
82 missingParameters.add(dependentParam);
83 }
84 }
85 }
86 }
87 }
88
89 if (!missingParameters.isEmpty()) {
90 throw OAuthUtils.handleMissingParameters(missingParameters);
91 }
92 }
93
94 public void validateNotAllowedParameters(OAuthClientResponse response) throws OAuthProblemException {
95 List<String> notAllowedParameters = new ArrayList<String>();
96 for (String requiredParam : notAllowedParams) {
97 String val = response.getParam(requiredParam);
98 if (!OAuthUtils.isEmpty(val)) {
99 notAllowedParameters.add(requiredParam);
100 }
101 }
102 if (!notAllowedParameters.isEmpty()) {
103 throw OAuthUtils.handleNotAllowedParametersOAuthException(notAllowedParameters);
104 }
105 }
106
107
108 }