/**
* Copyright (C) 2015 The Gravitee team (http://gravitee.io)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.gravitee.am.gateway.handler.root.resources.handler.client;
import io.gravitee.am.common.oauth2.Parameters;
import io.gravitee.am.common.exception.oauth2.InvalidRequestException;
import io.gravitee.am.common.exception.oauth2.ServerErrorException;
import io.gravitee.am.gateway.handler.common.client.ClientSyncService;
import io.gravitee.am.model.oidc.Client;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.reactivex.ext.web.RoutingContext;
/**
* @author Titouan COMPIEGNE (titouan.compiegne at graviteesource.com)
* @author GraviteeSource Team
*/
public class ClientRequestParseHandler implements Handler<RoutingContext> {
public static final String CLIENT_CONTEXT_KEY = "client";
private ClientSyncService clientSyncService;
private boolean required;
public ClientRequestParseHandler(ClientSyncService clientSyncService) {
this.clientSyncService = clientSyncService;
}
@Override
public void handle(RoutingContext context) {
final String clientId = context.request().getParam(Parameters.CLIENT_ID);
if (clientId == null || clientId.isEmpty()) {
if (required) {
throw new InvalidRequestException("Missing parameter: client_id is required");
} else {
context.next();
return;
}
}
authenticate(clientId, authHandler -> {
if (authHandler.failed()) {
context.fail(authHandler.cause());
return;
}
Client safeClient = new Client(authHandler.result());
safeClient.setClientSecret(null);
context.put(CLIENT_CONTEXT_KEY, safeClient);
context.next();
});
}
public void setRequired(boolean required) {
this.required = required;
}
private void authenticate(String clientId, Handler<AsyncResult<Client>> authHandler) {
clientSyncService
.findByClientId(clientId)
.subscribe(
client -> authHandler.handle(Future.succeededFuture(client)),
error -> authHandler.handle(Future.failedFuture(new ServerErrorException("Server error: unable to find client with client_id " + clientId))),
() -> authHandler.handle(Future.failedFuture(new InvalidRequestException("No client found for client_id " + clientId)))
);
}
}
