@Produces("application/json")
public Response authorize(@Context HttpServletRequest request) throws OAuthSystemException {
OAuthTokenRequest oauthRequest = null;
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
try {
oauthRequest = new OAuthTokenRequest(request);
// check if clientid is valid
if (!Common.CLIENT_ID.equals(oauthRequest.getClientId())) {
OAuthResponse response =
OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_CLIENT).setErrorDescription(INVALID_CLIENT_DESCRIPTION)
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
// check if client_secret is valid
if (!Common.CLIENT_SECRET.equals(oauthRequest.getClientSecret())) {
OAuthResponse response =
OAuthASResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
.setError(OAuthError.TokenResponse.UNAUTHORIZED_CLIENT).setErrorDescription(INVALID_CLIENT_DESCRIPTION)
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
// do checking for different grant types
if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
.equals(GrantType.AUTHORIZATION_CODE.toString())) {
if (!Common.AUTHORIZATION_CODE.equals(oauthRequest.getParam(OAuth.OAUTH_CODE))) {
OAuthResponse response = OAuthASResponse
.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_GRANT)
.setErrorDescription("invalid authorization code")
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
.equals(GrantType.PASSWORD.toString())) {
if (!Common.PASSWORD.equals(oauthRequest.getPassword())
|| !Common.USERNAME.equals(oauthRequest.getUsername())) {
OAuthResponse response = OAuthASResponse
.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_GRANT)
.setErrorDescription("invalid username or password")
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE)
.equals(GrantType.REFRESH_TOKEN.toString())) {
// refresh token is not supported in this implementation
OAuthResponse response = OAuthASResponse
.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_GRANT)
.setErrorDescription("invalid username or password")
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
OAuthResponse response = OAuthASResponse
.tokenResponse(HttpServletResponse.SC_OK)
.setAccessToken(oauthIssuerImpl.accessToken())
.setExpiresIn("3600")
.buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
} catch (OAuthProblemException e) {