src/main/java/com/googlesource/gerrit/plugins/oauth/GitLabApi.java - plugins/oauth - Git at Google

 // Copyright (C) 2017 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.googlesource.gerrit.plugins.oauth;

 import org.scribe.builder.api.DefaultApi20;
 import org.scribe.exceptions.OAuthException;
 import org.scribe.extractors.AccessTokenExtractor;
 import org.scribe.model.*;
 import org.scribe.oauth.OAuthService;

 import org.scribe.utils.Preconditions;

 import java.util.regex.Matcher;
 import java.util.regex.Pattern;

 import static java.lang.String.format;

 public class GitLabApi extends DefaultApi20 {
   private static final String AUTHORIZE_URL =
       "%s/oauth/authorize?client_id=%s&response_type=code&redirect_uri=%s";

   private final String rootUrl;

   public GitLabApi(String rootUrl) {
     this.rootUrl = rootUrl;
   }

   @Override
   public String getAuthorizationUrl(OAuthConfig config) {
     return String.format(AUTHORIZE_URL, rootUrl, config.getApiKey(),
         config.getCallback());
   }

   @Override
   public String getAccessTokenEndpoint() {
     return String.format("%s/oauth/token", rootUrl);
   }

   @Override
   public Verb getAccessTokenVerb() {
     return Verb.POST;
   }

   @Override
   public OAuthService createService(OAuthConfig config) {
     return new GitLabOAuthService(this, config);
   }

   @Override
   public AccessTokenExtractor getAccessTokenExtractor() {
     return new GitLabJsonTokenExtractor();
   }

   private static final class GitLabOAuthService implements OAuthService {
     private static final String VERSION = "2.0";

     private static final String GRANT_TYPE = "grant_type";
     private static final String GRANT_TYPE_VALUE = "authorization_code";

     private final DefaultApi20 api;
     private final OAuthConfig config;

     /**
      * Default constructor
      *
      * @param api    OAuth2.0 api information
      * @param config OAuth 2.0 configuration param object
      */
     public GitLabOAuthService(DefaultApi20 api, OAuthConfig config) {
       this.api = api;
       this.config = config;
     }

     /**
      * {@inheritDoc}
      */
     @Override
     public Token getAccessToken(Token requestToken, Verifier verifier) {
       OAuthRequest request =
           new OAuthRequest(api.getAccessTokenVerb(),
               api.getAccessTokenEndpoint());
       request.addBodyParameter(OAuthConstants.CLIENT_ID, config.getApiKey());
       request.addBodyParameter(OAuthConstants.CLIENT_SECRET,
           config.getApiSecret());
       request.addBodyParameter(OAuthConstants.CODE, verifier.getValue());
       request.addBodyParameter(OAuthConstants.REDIRECT_URI,
           config.getCallback());
       if (config.hasScope()) {
         request.addBodyParameter(OAuthConstants.SCOPE, config.getScope());
       }
       request.addBodyParameter(GRANT_TYPE, GRANT_TYPE_VALUE);
       Response response = request.send();
       return api.getAccessTokenExtractor().extract(response.getBody());
     }

     /**
      * {@inheritDoc}
      */
     @Override
     public Token getRequestToken() {
       throw new UnsupportedOperationException(
           "Unsupported operation, please use 'getAuthorizationUrl' and redirect your users there");
     }

     /**
      * {@inheritDoc}
      */
     @Override
     public String getVersion() {
       return VERSION;
     }

     /**
      * {@inheritDoc}
      */
     @Override
     public void signRequest(Token accessToken, OAuthRequest request) {
       request.addQuerystringParameter(OAuthConstants.ACCESS_TOKEN,
           accessToken.getToken());
     }

     /**
      * {@inheritDoc}
      */
     @Override
     public String getAuthorizationUrl(Token requestToken) {
       return api.getAuthorizationUrl(config);
     }
   }

   private static final class GitLabJsonTokenExtractor implements
       AccessTokenExtractor {
     private Pattern accessTokenPattern = Pattern
         .compile("\"access_token\"\\s*:\\s*\"(\\S*?)\"");

     @Override
     public Token extract(String response) {
       Preconditions.checkEmptyString(response,
           "Cannot extract a token from a null or empty String");
       Matcher matcher = accessTokenPattern.matcher(response);
       if (matcher.find()) {
         return new Token(matcher.group(1), "", response);
       } else {
         throw new OAuthException(
             "Cannot extract an acces token. Response was: " + response);
       }
     }
   }
 }
	// Copyright (C) 2017 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.googlesource.gerrit.plugins.oauth;

	import org.scribe.builder.api.DefaultApi20;
	import org.scribe.exceptions.OAuthException;
	import org.scribe.extractors.AccessTokenExtractor;
	import org.scribe.model.*;
	import org.scribe.oauth.OAuthService;

	import org.scribe.utils.Preconditions;

	import java.util.regex.Matcher;
	import java.util.regex.Pattern;

	import static java.lang.String.format;

	public class GitLabApi extends DefaultApi20 {
	private static final String AUTHORIZE_URL =
	"%s/oauth/authorize?client_id=%s&response_type=code&redirect_uri=%s";

	private final String rootUrl;

	public GitLabApi(String rootUrl) {
	this.rootUrl = rootUrl;
	}

	@Override
	public String getAuthorizationUrl(OAuthConfig config) {
	return String.format(AUTHORIZE_URL, rootUrl, config.getApiKey(),
	config.getCallback());
	}

	@Override
	public String getAccessTokenEndpoint() {
	return String.format("%s/oauth/token", rootUrl);
	}

	@Override
	public Verb getAccessTokenVerb() {
	return Verb.POST;
	}

	@Override
	public OAuthService createService(OAuthConfig config) {
	return new GitLabOAuthService(this, config);
	}

	@Override
	public AccessTokenExtractor getAccessTokenExtractor() {
	return new GitLabJsonTokenExtractor();
	}

	private static final class GitLabOAuthService implements OAuthService {
	private static final String VERSION = "2.0";

	private static final String GRANT_TYPE = "grant_type";
	private static final String GRANT_TYPE_VALUE = "authorization_code";

	private final DefaultApi20 api;
	private final OAuthConfig config;

	/**
	* Default constructor
	*
	* @param api OAuth2.0 api information
	* @param config OAuth 2.0 configuration param object
	*/
	public GitLabOAuthService(DefaultApi20 api, OAuthConfig config) {
	this.api = api;
	this.config = config;
	}

	/**
	* {@inheritDoc}
	*/
	@Override
	public Token getAccessToken(Token requestToken, Verifier verifier) {
	OAuthRequest request =
	new OAuthRequest(api.getAccessTokenVerb(),
	api.getAccessTokenEndpoint());
	request.addBodyParameter(OAuthConstants.CLIENT_ID, config.getApiKey());
	request.addBodyParameter(OAuthConstants.CLIENT_SECRET,
	config.getApiSecret());
	request.addBodyParameter(OAuthConstants.CODE, verifier.getValue());
	request.addBodyParameter(OAuthConstants.REDIRECT_URI,
	config.getCallback());
	if (config.hasScope()) {
	request.addBodyParameter(OAuthConstants.SCOPE, config.getScope());
	}
	request.addBodyParameter(GRANT_TYPE, GRANT_TYPE_VALUE);
	Response response = request.send();
	return api.getAccessTokenExtractor().extract(response.getBody());
	}

	/**
	* {@inheritDoc}
	*/
	@Override
	public Token getRequestToken() {
	throw new UnsupportedOperationException(
	"Unsupported operation, please use 'getAuthorizationUrl' and redirect your users there");
	}

	/**
	* {@inheritDoc}
	*/
	@Override
	public String getVersion() {
	return VERSION;
	}

	/**
	* {@inheritDoc}
	*/
	@Override
	public void signRequest(Token accessToken, OAuthRequest request) {
	request.addQuerystringParameter(OAuthConstants.ACCESS_TOKEN,
	accessToken.getToken());
	}

	/**
	* {@inheritDoc}
	*/
	@Override
	public String getAuthorizationUrl(Token requestToken) {
	return api.getAuthorizationUrl(config);
	}
	}

	private static final class GitLabJsonTokenExtractor implements
	AccessTokenExtractor {
	private Pattern accessTokenPattern = Pattern
	.compile("\"access_token\"\\s:\\s\"(\\S*?)\"");

	@Override
	public Token extract(String response) {
	Preconditions.checkEmptyString(response,
	"Cannot extract a token from a null or empty String");
	Matcher matcher = accessTokenPattern.matcher(response);
	if (matcher.find()) {
	return new Token(matcher.group(1), "", response);
	} else {
	throw new OAuthException(
	"Cannot extract an acces token. Response was: " + response);
	}
	}
	}
	}