1 files changed, 118 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
new file mode 100644
index 000000000..99682076d
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -0,0 +1,118 @@
+package at.gv.egovernment.moa.id.protocols.oauth20.protocol;
+
+import javax.servlet.http.HttpServletRequest;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrantException;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
+
+class OAuth20TokenRequest extends OAuth20BaseRequest {
+	
+	private static final long serialVersionUID = 1L;
+	
+	private String code;
+	private String grantType;
+	private String clientID;
+	private String clientSecret;
+	
+	/**
+	 * @return the code
+	 */
+	public String getCode() {
+		return code;
+	}
+	
+	/**
+	 * @param code
+	 *            the code to set
+	 */
+	public void setCode(String code) {
+		this.code = code;
+	}
+	
+	/**
+	 * @return the grantType
+	 */
+	public String getGrantType() {
+		return grantType;
+	}
+	
+	/**
+	 * @param grantType
+	 *            the grantType to set
+	 */
+	public void setGrantType(String grantType) {
+		this.grantType = grantType;
+	}
+	
+	/**
+	 * @return the clientID
+	 */
+	public String getClientID() {
+		return clientID;
+	}
+	
+	/**
+	 * @param clientID
+	 *            the clientID to set
+	 */
+	public void setClientID(String clientID) {
+		this.clientID = clientID;
+	}
+	
+	/**
+	 * @return the clientSecret
+	 */
+	public String getClientSecret() {
+		return clientSecret;
+	}
+	
+	/**
+	 * @param clientSecret
+	 *            the clientSecret to set
+	 */
+	public void setClientSecret(String clientSecret) {
+		this.clientSecret = clientSecret;
+	}
+	
+	@Override
+	protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+		this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
+		this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
+		this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
+		this.setClientSecret(this.getParam(request, OAuth20Constants.PARAM_CLIENT_SECRET, true));
+		
+		// check for grant type
+		if (!this.getGrantType().equals(OAuth20Constants.PARAM_GRANT_TYPE_VALUE_AUTHORIZATION_CODE)) {
+			throw new OAuth20InvalidGrantException();
+		}
+		
+		// check if client id and secret are ok
+		try {
+			// OAOAUTH20 cannot be null at this point. check was done in base request
+			OAOAUTH20 oAuthConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL())
+					.getoAuth20Config();
+			
+			if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())) {
+				throw new OAuth20AccessDeniedException();
+			}
+			
+			if (!this.getClientSecret().equals(oAuthConfig.getOAuthClientSecret())) {
+				throw new OAuth20AccessDeniedException();
+			}
+			
+		}
+		catch (ConfigurationException e) {
+			throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
+		}
+		
+		//add valid parameters
+		this.allowedParameters.add(OAuth20Constants.PARAM_SCOPE);
+		this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
+	}
+}