Merge pull request #20 from auth0/oauth2-token-request

hzalaz · hzalaz · commit c209c66e13b2 · 2016-04-18T19:35:21.000-03:00
add method to call /oauth/token to the AuthenticationAPIClient
diff --git a/auth0/src/main/java/com/auth0/authentication/AuthenticationAPIClient.java b/auth0/src/main/java/com/auth0/authentication/AuthenticationAPIClient.java
@@ -29,17 +29,18 @@
 import com.auth0.authentication.result.DatabaseUser;
 import com.auth0.authentication.result.Delegation;
 import com.auth0.authentication.result.UserProfile;
-import com.auth0.request.internal.RequestFactory;
 import com.auth0.request.AuthenticationRequest;
 import com.auth0.request.ParameterizableRequest;
 import com.auth0.request.Request;
+import com.auth0.request.internal.RequestFactory;
 import com.auth0.util.Telemetry;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.squareup.okhttp.HttpUrl;
 import com.squareup.okhttp.OkHttpClient;
 
 import java.util.Map;
 
+import static com.auth0.authentication.ParameterBuilder.GRANT_TYPE_AUTHORIZATION_CODE;
 import static com.auth0.authentication.ParameterBuilder.GRANT_TYPE_PASSWORD;
 
 /**
@@ -67,8 +68,12 @@ public class AuthenticationAPIClient {
     private static final String PASSWORDLESS_PATH = "passwordless";
     private static final String START_PATH = "start";
     private static final String OAUTH_PATH = "oauth";
+    private static final String TOKEN_PATH = "token";
     private static final String RESOURCE_OWNER_PATH = "ro";
     private static final String TOKEN_INFO_PATH = "tokeninfo";
+    private static final String OAUTH_CODE_KEY = "code";
+    private static final String OAUTH_CODE_VERIFIER_KEY = "code_verifier";
+    private static final String REDIRECT_URI_KEY = "redirect_uri";
 
     private final Auth0 auth0;
     private final OkHttpClient client;
@@ -160,7 +165,7 @@ public AuthenticationRequest login(String usernameOrEmail, String password) {
      *      .start(new BaseCallback<Credentials>() {
      *          {@literal}Override
      *          public void onSuccess(Credentials payload) { }
-
+     *
      *          {@literal}Override
      *          public void onFailure(Auth0Exception error) { }
      *      });
@@ -194,7 +199,7 @@ public AuthenticationRequest loginWithOAuthAccessToken(String token, String conn
      *      .start(new BaseCallback<Credentials>() {
      *          {@literal}Override
      *          public void onSuccess(Credentials payload) { }
-
+     *
      *          {@literal}@Override
      *          public void onFailure(Auth0Exception error) { }
      *      });
@@ -223,7 +228,7 @@ public AuthenticationRequest loginWithPhoneNumber(String phoneNumber, String ver
      *      .start(new BaseCallback<Credentials>() {
      *          {@literal}Override
      *          public void onSuccess(Credentials payload) { }
-
+     *
      *          {@literal}@Override
      *          public void onFailure(Auth0Exception error) { }
      *      });
@@ -252,7 +257,7 @@ public AuthenticationRequest loginWithEmail(String email, String verificationCod
      *      .start(new BaseCallback<UserProfile>() {
      *          {@literal}Override
      *          public void onSuccess(UserProfile payload) { }
-
+     *
      *          {@literal}@Override
      *          public void onFailure(Auth0Exception error) { }
      *      });
@@ -677,4 +682,30 @@ private ParameterizableRequest<UserProfile> profileRequest() {
 
         return factory.POST(url, client, mapper, UserProfile.class);
     }
+
+    /**
+     * Fetch the token information from Auth0, using the authorization_code grant type
+     *
+     * @param authorizationCode the authorization code received from the /authorize call.
+     * @param codeVerifier      the code verifier used when requesting a code to /authorize.
+     * @param redirectUri       the uri to redirect after a successful request.
+     * @return a request to configure and start
+     */
+    public AuthenticationRequest token(String authorizationCode, String codeVerifier, String redirectUri) {
+        Map<String, Object> parameters = ParameterBuilder.newBuilder()
+                .setClientId(getClientId())
+                .setGrantType(GRANT_TYPE_AUTHORIZATION_CODE)
+                .set(OAUTH_CODE_KEY, authorizationCode)
+                .set(OAUTH_CODE_VERIFIER_KEY, codeVerifier)
+                .set(REDIRECT_URI_KEY, redirectUri)
+                .asDictionary();
+
+        HttpUrl url = HttpUrl.parse(auth0.getDomainUrl()).newBuilder()
+                .addPathSegment(OAUTH_PATH)
+                .addPathSegment(TOKEN_PATH)
+                .build();
+
+        return factory.authenticationPOST(url, client, mapper)
+                .addAuthenticationParameters(parameters);
+    }
 }
diff --git a/auth0/src/main/java/com/auth0/authentication/ParameterBuilder.java b/auth0/src/main/java/com/auth0/authentication/ParameterBuilder.java
@@ -32,7 +32,7 @@
 
 /**
  * Builder for Auth0 Authentication API parameters
- *
+ * <p/>
  * You can build your parameters like this
  * <pre><code>
  *     Map<String, Object> parameters = ParameterBuilder.newBuilder()
@@ -49,6 +49,7 @@ public class ParameterBuilder {
 
     public static final String GRANT_TYPE_PASSWORD = "password";
     public static final String GRANT_TYPE_JWT = "urn:ietf:params:oauth:grant-type:jwt-bearer";
+    public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
 
     public static final String SCOPE_OPENID = "openid";
     public static final String SCOPE_OFFLINE_ACCESS = "openid offline_access";
diff --git a/auth0/src/test/java/com/auth0/authentication/AuthenticationAPIClientTest.java b/auth0/src/test/java/com/auth0/authentication/AuthenticationAPIClientTest.java
@@ -26,13 +26,11 @@
 
 
 import com.auth0.Auth0;
-import com.auth0.Auth0Exception;
 import com.auth0.authentication.result.Authentication;
 import com.auth0.authentication.result.Credentials;
 import com.auth0.authentication.result.DatabaseUser;
 import com.auth0.authentication.result.Delegation;
 import com.auth0.authentication.result.UserProfile;
-import com.auth0.request.ParameterizableRequest;
 import com.auth0.util.AuthenticationAPI;
 import com.auth0.util.MockBaseCallback;
 import com.fasterxml.jackson.core.type.TypeReference;
@@ -50,7 +48,6 @@
 import static com.auth0.util.AuthenticationAPI.ID_TOKEN;
 import static com.auth0.util.AuthenticationAPI.REFRESH_TOKEN;
 import static com.auth0.util.CallbackMatcher.hasNoError;
-import static com.auth0.util.CallbackMatcher.hasNoPayloadOfType;
 import static com.auth0.util.CallbackMatcher.hasPayload;
 import static com.auth0.util.CallbackMatcher.hasPayloadOfType;
 import static org.hamcrest.Matchers.equalTo;
@@ -769,7 +766,7 @@ public void shouldGetNewIdTokenWithRefreshTokenSync() throws Exception {
 
         assertThat(delegation, is(notNullValue()));
     }
-    
+
     @Test
     public void shouldUnlinkAccount() throws Exception {
         mockAPI.willReturnSuccessfulUnlinkAccount();
@@ -1173,7 +1170,29 @@ public void shouldFetchProfileAfterLoginRequest() throws Exception {
         assertThat(secondRequest.getPath(), equalTo("/tokeninfo"));
 
         assertThat(callback, hasPayloadOfType(Authentication.class));
+    }
+
+    @Test
+    public void shouldGetOAuthTokens() throws Exception {
+        mockAPI
+                .willReturnTokens()
+                .willReturnTokenInfo();
 
+        final MockBaseCallback<Credentials> callback = new MockBaseCallback<>();
+        client.token("code", "codeVerifier", "http://redirect.uri")
+                .start(callback);
+
+        final RecordedRequest request = mockAPI.takeRequest();
+        assertThat(request.getPath(), equalTo("/oauth/token"));
+
+        Map<String, String> body = bodyFromRequest(request);
+        assertThat(body, hasEntry("grant_type", ParameterBuilder.GRANT_TYPE_AUTHORIZATION_CODE));
+        assertThat(body, hasEntry("client_id", CLIENT_ID));
+        assertThat(body, hasEntry("code", "code"));
+        assertThat(body, hasEntry("code_verifier", "codeVerifier"));
+        assertThat(body, hasEntry("redirect_uri", "http://redirect.uri"));
+
+        assertThat(callback, hasPayloadOfType(Credentials.class));
     }
 
     private Map<String, String> bodyFromRequest(RecordedRequest request) throws java.io.IOException {
diff --git a/auth0/src/test/java/com/auth0/util/AuthenticationAPI.java b/auth0/src/test/java/com/auth0/util/AuthenticationAPI.java
@@ -30,16 +30,16 @@
 
 import java.io.IOException;
 
-public class AuthenticationAPI  {
+public class AuthenticationAPI {
 
     public static final String REFRESH_TOKEN = "REFRESH_TOKEN";
     public static final String ID_TOKEN = "ID_TOKEN";
     public static final String ACCESS_TOKEN = "ACCESS_TOKEN";
     public static final String BEARER = "BEARER";
     public static final String GENERIC_TOKEN = "GENERIC_TOKEN";
     public static final String NEW_ID_TOKEN = "NEW_ID_TOKEN";
-    public static final int EXPIRES_IN = 1234567890;
     public static final String TOKEN_TYPE = "TOKEN_TYPE";
+    public static final int EXPIRES_IN = 1234567890;
 
     private MockWebServer server;
 
@@ -155,8 +155,19 @@ public AuthenticationAPI willReturnTokenInfo() {
         return this;
     }
 
+    public AuthenticationAPI willReturnTokens() {
+        String json = "{\"" +
+                "access_token\": \"" + ACCESS_TOKEN + "\"," +
+                "\"refresh_token\": \"" + REFRESH_TOKEN + "\"," +
+                "\"id_token\":\"" + ID_TOKEN + "\"," +
+                "\"token_type\":\"Bearer\"" +
+                "}";
+        server.enqueue(responseWithJSON(json, 200));
+        return this;
+    }
+
     public AuthenticationAPI willReturnApplicationResponseWithBody(String body, int statusCode) {
-        MockResponse response =  new MockResponse()
+        MockResponse response = new MockResponse()
                 .setResponseCode(statusCode)
                 .addHeader("Content-Type", "application/x-javascript")
                 .setBody(body);
