JCLOUDS-633: Support passing bearer token directly for OAuth2

2014-07-18 12:53:48 -06:00 · 2014-07-18 12:53:48 -06:00 · d728e0343a
parent 00d9edc1e6
commit d728e0343a
7 changed files with 168 additions and 6 deletions
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/CredentialType.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/CredentialType.java
@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jclouds.oauth.v2.config;
+
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.common.base.CaseFormat;
+
+/**
+ * Decides what type of credentials createContext is supplied with.
+ */
+public enum CredentialType {
+
+   BEARER_TOKEN_CREDENTIALS,
+
+   SERVICE_ACCOUNT_CREDENTIALS;
+
+   @Override
+   public String toString() {
+      return CaseFormat.UPPER_UNDERSCORE.to(CaseFormat.LOWER_CAMEL, name());
+   }
+
+   public static CredentialType fromValue(String credentialType) {
+      return valueOf(CaseFormat.LOWER_CAMEL.to(CaseFormat.UPPER_UNDERSCORE, checkNotNull(credentialType,
+            "credentialType")));
+   }
+
+}
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/OAuthModule.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/OAuthModule.java
@ -23,13 +23,20 @@ import com.google.common.cache.CacheLoader;
 import com.google.common.cache.LoadingCache;
 import com.google.common.collect.ImmutableMap;
 import com.google.inject.AbstractModule;
+import com.google.inject.Inject;
+import com.google.inject.Provider;
 import com.google.inject.Provides;
+import com.google.inject.Singleton;
 import com.google.inject.TypeLiteral;
+import com.google.inject.name.Named;
 import org.jclouds.oauth.v2.domain.ClaimSet;
 import org.jclouds.oauth.v2.domain.Header;
 import org.jclouds.oauth.v2.domain.OAuthCredentials;
 import org.jclouds.oauth.v2.domain.Token;
 import org.jclouds.oauth.v2.domain.TokenRequest;
+import org.jclouds.oauth.v2.filters.BearerTokenAuthenticator;
+import org.jclouds.oauth.v2.filters.OAuthAuthenticationFilter;
+import org.jclouds.oauth.v2.filters.OAuthAuthenticator;
 import org.jclouds.oauth.v2.functions.BuildTokenRequest;
 import org.jclouds.oauth.v2.functions.FetchToken;
 import org.jclouds.oauth.v2.functions.OAuthCredentialsSupplier;
@ -38,8 +45,6 @@ import org.jclouds.oauth.v2.json.ClaimSetTypeAdapter;
 import org.jclouds.oauth.v2.json.HeaderTypeAdapter;
 import org.jclouds.rest.internal.GeneratedHttpRequest;

-import javax.inject.Named;
-import javax.inject.Singleton;
 import java.lang.reflect.Type;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
@ -56,8 +61,9 @@ public class OAuthModule extends AbstractModule {
   protected void configure() {
      bind(new TypeLiteral<Function<byte[], byte[]>>() {}).to(SignOrProduceMacForToken.class);
      bind(new TypeLiteral<Map<Type, Object>>() {}).toInstance(ImmutableMap.<Type, Object>of(
-              Header.class, new HeaderTypeAdapter(),
-              ClaimSet.class, new ClaimSetTypeAdapter()));
+            Header.class, new HeaderTypeAdapter(),
+            ClaimSet.class, new ClaimSetTypeAdapter()));
+      bind(CredentialType.class).toProvider(CredentialTypeFromPropertyOrDefault.class);
      bind(new TypeLiteral<Supplier<OAuthCredentials>>() {}).to(OAuthCredentialsSupplier.class);
      bind(new TypeLiteral<Function<GeneratedHttpRequest, TokenRequest>>() {}).to(BuildTokenRequest.class);
      bind(new TypeLiteral<Function<TokenRequest, Token>>() {}).to(FetchToken.class);
@ -83,4 +89,31 @@ public class OAuthModule extends AbstractModule {
              .from(getAccess));
   }

+   @Singleton
+   public static class CredentialTypeFromPropertyOrDefault implements Provider<CredentialType> {
+      @Inject(optional = true)
+      @Named(OAuthProperties.CREDENTIAL_TYPE)
+      String credentialType = CredentialType.SERVICE_ACCOUNT_CREDENTIALS.toString();
+
+      @Override
+      public CredentialType get() {
+         return CredentialType.fromValue(credentialType);
+      }
+   }
+
+   @Provides
+   @Singleton
+   protected OAuthAuthenticationFilter authenticationFilterForCredentialType(CredentialType credentialType,
+                                                                             OAuthAuthenticator serviceAccountAuth,
+                                                                             BearerTokenAuthenticator bearerTokenAuth) {
+      switch (credentialType) {
+         case SERVICE_ACCOUNT_CREDENTIALS:
+            return serviceAccountAuth;
+         case BEARER_TOKEN_CREDENTIALS:
+            return bearerTokenAuth;
+         default:
+            throw new IllegalArgumentException("Unsupported credential type: " + credentialType);
+      }
+   }
+
 }
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/OAuthProperties.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/config/OAuthProperties.java
@ -40,4 +40,12 @@ public class OAuthProperties {
    * Optional list of comma-separated scopes to use when no OAuthScopes annotation is present.
    */
   public static final String SCOPES = "jclouds.oauth.scopes";
+
+   /**
+    * Specify if credentials are id + private key or if you are reusing an oauth2 token.
+    *
+    * @see org.jclouds.oauth.v2.config.CredentialType
+    */
+   public static final String CREDENTIAL_TYPE = "jclouds.oauth.credential-type";
+
 }
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/BearerTokenAuthenticator.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/BearerTokenAuthenticator.java
@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jclouds.oauth.v2.filters;
+
+import com.google.common.base.Supplier;
+import org.jclouds.http.HttpException;
+import org.jclouds.http.HttpRequest;
+import org.jclouds.oauth.v2.domain.OAuthCredentials;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+
+@Singleton
+public class BearerTokenAuthenticator implements OAuthAuthenticationFilter {
+   private final Supplier<OAuthCredentials> creds;
+
+   @Inject
+   BearerTokenAuthenticator(final Supplier<OAuthCredentials> creds) {
+      this.creds = creds;
+   }
+
+   @Override
+   public HttpRequest filter(HttpRequest request) throws HttpException {
+      return request.toBuilder().addHeader("Authorization", String.format("%s %s",
+            "Bearer ", creds.get().credential)).build();
+   }
+}
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/OAuthAuthenticationFilter.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/OAuthAuthenticationFilter.java
@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jclouds.oauth.v2.filters;
+
+import org.jclouds.http.HttpRequestFilter;
+
+/**
+ * Marker interface to specify auth mechanism (credentials or bearer token)
+ *
+ */
+public interface OAuthAuthenticationFilter extends HttpRequestFilter {
+
+}
--- a/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/OAuthAuthenticator.java
+++ b/apis/oauth/src/main/java/org/jclouds/oauth/v2/filters/OAuthAuthenticator.java
@ -20,7 +20,6 @@ import com.google.common.base.Function;
 import com.google.common.cache.LoadingCache;
 import org.jclouds.http.HttpException;
 import org.jclouds.http.HttpRequest;
-import org.jclouds.http.HttpRequestFilter;
 import org.jclouds.oauth.v2.domain.Token;
 import org.jclouds.oauth.v2.domain.TokenRequest;
 import org.jclouds.rest.internal.GeneratedHttpRequest;
@ -36,7 +35,7 @@ import static com.google.common.base.Preconditions.checkState;
 * TODO when we're able to use the OAuthAuthentication an this should be used automatically
 */
@Singleton
-public class OAuthAuthenticator implements HttpRequestFilter {
+public class OAuthAuthenticator implements OAuthAuthenticationFilter {

   private Function<GeneratedHttpRequest, TokenRequest> tokenRequestBuilder;
   private Function<TokenRequest, Token> tokenFetcher;
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/OAuthTestUtils.java
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/OAuthTestUtils.java
@ -19,6 +19,8 @@ package org.jclouds.oauth.v2;
 import com.google.common.base.Charsets;
 import com.google.common.base.Throwables;
 import com.google.common.io.Files;
+import org.jclouds.oauth.v2.config.CredentialType;
+import org.jclouds.oauth.v2.config.OAuthProperties;

 import java.io.File;
 import java.io.IOException;
@ -46,6 +48,16 @@ public class OAuthTestUtils {
      }
   }

+   public static Properties bearerTokenAuthProperties(Properties properties) {
+      properties = properties == null ? new Properties() : properties;
+      properties.put("oauth.identity", "761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com");
+      properties.put("oauth.credential", "1/8xbJqaOZXSUZbHLl5EOtu1pxz3fmmetKx9W8CV4t79M");
+      properties.put("oauth.endpoint", "http://localhost:5000/o/oauth2/token");
+      properties.put(AUDIENCE, "https://accounts.google.com/o/oauth2/token");
+      properties.put(OAuthProperties.CREDENTIAL_TYPE, CredentialType.BEARER_TOKEN_CREDENTIALS.toString());
+      return properties;
+   }
+
   public static String setCredential(Properties overrides, String key) {
      String val = null;
      String credentialFromFile = null;