mirror of https://github.com/apache/jclouds.git
JCLOUDS-633: Support passing bearer token directly for OAuth2
This commit is contained in:
parent
00d9edc1e6
commit
d728e0343a
|
@ -0,0 +1,42 @@
|
|||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.jclouds.oauth.v2.config;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkNotNull;
|
||||
|
||||
import com.google.common.base.CaseFormat;
|
||||
|
||||
/**
|
||||
* Decides what type of credentials createContext is supplied with.
|
||||
*/
|
||||
public enum CredentialType {
|
||||
|
||||
BEARER_TOKEN_CREDENTIALS,
|
||||
|
||||
SERVICE_ACCOUNT_CREDENTIALS;
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return CaseFormat.UPPER_UNDERSCORE.to(CaseFormat.LOWER_CAMEL, name());
|
||||
}
|
||||
|
||||
public static CredentialType fromValue(String credentialType) {
|
||||
return valueOf(CaseFormat.LOWER_CAMEL.to(CaseFormat.UPPER_UNDERSCORE, checkNotNull(credentialType,
|
||||
"credentialType")));
|
||||
}
|
||||
|
||||
}
|
|
@ -23,13 +23,20 @@ import com.google.common.cache.CacheLoader;
|
|||
import com.google.common.cache.LoadingCache;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.inject.AbstractModule;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Provider;
|
||||
import com.google.inject.Provides;
|
||||
import com.google.inject.Singleton;
|
||||
import com.google.inject.TypeLiteral;
|
||||
import com.google.inject.name.Named;
|
||||
import org.jclouds.oauth.v2.domain.ClaimSet;
|
||||
import org.jclouds.oauth.v2.domain.Header;
|
||||
import org.jclouds.oauth.v2.domain.OAuthCredentials;
|
||||
import org.jclouds.oauth.v2.domain.Token;
|
||||
import org.jclouds.oauth.v2.domain.TokenRequest;
|
||||
import org.jclouds.oauth.v2.filters.BearerTokenAuthenticator;
|
||||
import org.jclouds.oauth.v2.filters.OAuthAuthenticationFilter;
|
||||
import org.jclouds.oauth.v2.filters.OAuthAuthenticator;
|
||||
import org.jclouds.oauth.v2.functions.BuildTokenRequest;
|
||||
import org.jclouds.oauth.v2.functions.FetchToken;
|
||||
import org.jclouds.oauth.v2.functions.OAuthCredentialsSupplier;
|
||||
|
@ -38,8 +45,6 @@ import org.jclouds.oauth.v2.json.ClaimSetTypeAdapter;
|
|||
import org.jclouds.oauth.v2.json.HeaderTypeAdapter;
|
||||
import org.jclouds.rest.internal.GeneratedHttpRequest;
|
||||
|
||||
import javax.inject.Named;
|
||||
import javax.inject.Singleton;
|
||||
import java.lang.reflect.Type;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
@ -58,6 +63,7 @@ public class OAuthModule extends AbstractModule {
|
|||
bind(new TypeLiteral<Map<Type, Object>>() {}).toInstance(ImmutableMap.<Type, Object>of(
|
||||
Header.class, new HeaderTypeAdapter(),
|
||||
ClaimSet.class, new ClaimSetTypeAdapter()));
|
||||
bind(CredentialType.class).toProvider(CredentialTypeFromPropertyOrDefault.class);
|
||||
bind(new TypeLiteral<Supplier<OAuthCredentials>>() {}).to(OAuthCredentialsSupplier.class);
|
||||
bind(new TypeLiteral<Function<GeneratedHttpRequest, TokenRequest>>() {}).to(BuildTokenRequest.class);
|
||||
bind(new TypeLiteral<Function<TokenRequest, Token>>() {}).to(FetchToken.class);
|
||||
|
@ -83,4 +89,31 @@ public class OAuthModule extends AbstractModule {
|
|||
.from(getAccess));
|
||||
}
|
||||
|
||||
@Singleton
|
||||
public static class CredentialTypeFromPropertyOrDefault implements Provider<CredentialType> {
|
||||
@Inject(optional = true)
|
||||
@Named(OAuthProperties.CREDENTIAL_TYPE)
|
||||
String credentialType = CredentialType.SERVICE_ACCOUNT_CREDENTIALS.toString();
|
||||
|
||||
@Override
|
||||
public CredentialType get() {
|
||||
return CredentialType.fromValue(credentialType);
|
||||
}
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Singleton
|
||||
protected OAuthAuthenticationFilter authenticationFilterForCredentialType(CredentialType credentialType,
|
||||
OAuthAuthenticator serviceAccountAuth,
|
||||
BearerTokenAuthenticator bearerTokenAuth) {
|
||||
switch (credentialType) {
|
||||
case SERVICE_ACCOUNT_CREDENTIALS:
|
||||
return serviceAccountAuth;
|
||||
case BEARER_TOKEN_CREDENTIALS:
|
||||
return bearerTokenAuth;
|
||||
default:
|
||||
throw new IllegalArgumentException("Unsupported credential type: " + credentialType);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -40,4 +40,12 @@ public class OAuthProperties {
|
|||
* Optional list of comma-separated scopes to use when no OAuthScopes annotation is present.
|
||||
*/
|
||||
public static final String SCOPES = "jclouds.oauth.scopes";
|
||||
|
||||
/**
|
||||
* Specify if credentials are id + private key or if you are reusing an oauth2 token.
|
||||
*
|
||||
* @see org.jclouds.oauth.v2.config.CredentialType
|
||||
*/
|
||||
public static final String CREDENTIAL_TYPE = "jclouds.oauth.credential-type";
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.jclouds.oauth.v2.filters;
|
||||
|
||||
import com.google.common.base.Supplier;
|
||||
import org.jclouds.http.HttpException;
|
||||
import org.jclouds.http.HttpRequest;
|
||||
import org.jclouds.oauth.v2.domain.OAuthCredentials;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
|
||||
@Singleton
|
||||
public class BearerTokenAuthenticator implements OAuthAuthenticationFilter {
|
||||
private final Supplier<OAuthCredentials> creds;
|
||||
|
||||
@Inject
|
||||
BearerTokenAuthenticator(final Supplier<OAuthCredentials> creds) {
|
||||
this.creds = creds;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpRequest filter(HttpRequest request) throws HttpException {
|
||||
return request.toBuilder().addHeader("Authorization", String.format("%s %s",
|
||||
"Bearer ", creds.get().credential)).build();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,27 @@
|
|||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.jclouds.oauth.v2.filters;
|
||||
|
||||
import org.jclouds.http.HttpRequestFilter;
|
||||
|
||||
/**
|
||||
* Marker interface to specify auth mechanism (credentials or bearer token)
|
||||
*
|
||||
*/
|
||||
public interface OAuthAuthenticationFilter extends HttpRequestFilter {
|
||||
|
||||
}
|
|
@ -20,7 +20,6 @@ import com.google.common.base.Function;
|
|||
import com.google.common.cache.LoadingCache;
|
||||
import org.jclouds.http.HttpException;
|
||||
import org.jclouds.http.HttpRequest;
|
||||
import org.jclouds.http.HttpRequestFilter;
|
||||
import org.jclouds.oauth.v2.domain.Token;
|
||||
import org.jclouds.oauth.v2.domain.TokenRequest;
|
||||
import org.jclouds.rest.internal.GeneratedHttpRequest;
|
||||
|
@ -36,7 +35,7 @@ import static com.google.common.base.Preconditions.checkState;
|
|||
* TODO when we're able to use the OAuthAuthentication an this should be used automatically
|
||||
*/
|
||||
@Singleton
|
||||
public class OAuthAuthenticator implements HttpRequestFilter {
|
||||
public class OAuthAuthenticator implements OAuthAuthenticationFilter {
|
||||
|
||||
private Function<GeneratedHttpRequest, TokenRequest> tokenRequestBuilder;
|
||||
private Function<TokenRequest, Token> tokenFetcher;
|
||||
|
|
|
@ -19,6 +19,8 @@ package org.jclouds.oauth.v2;
|
|||
import com.google.common.base.Charsets;
|
||||
import com.google.common.base.Throwables;
|
||||
import com.google.common.io.Files;
|
||||
import org.jclouds.oauth.v2.config.CredentialType;
|
||||
import org.jclouds.oauth.v2.config.OAuthProperties;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
@ -46,6 +48,16 @@ public class OAuthTestUtils {
|
|||
}
|
||||
}
|
||||
|
||||
public static Properties bearerTokenAuthProperties(Properties properties) {
|
||||
properties = properties == null ? new Properties() : properties;
|
||||
properties.put("oauth.identity", "761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com");
|
||||
properties.put("oauth.credential", "1/8xbJqaOZXSUZbHLl5EOtu1pxz3fmmetKx9W8CV4t79M");
|
||||
properties.put("oauth.endpoint", "http://localhost:5000/o/oauth2/token");
|
||||
properties.put(AUDIENCE, "https://accounts.google.com/o/oauth2/token");
|
||||
properties.put(OAuthProperties.CREDENTIAL_TYPE, CredentialType.BEARER_TOKEN_CREDENTIALS.toString());
|
||||
return properties;
|
||||
}
|
||||
|
||||
public static String setCredential(Properties overrides, String key) {
|
||||
String val = null;
|
||||
String credentialFromFile = null;
|
||||
|
|
Loading…
Reference in New Issue