First draft of request token implementation

Author: abelgardep

owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java

@@ -48,15 +48,15 @@
 import java.io.InputStream;
 import java.util.List;
 
+import static com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER;
 import static com.owncloud.android.lib.common.http.HttpConstants.OC_X_REQUEST_ID;
 
 public class OwnCloudClient extends HttpClient {
 
     public static final String WEBDAV_FILES_PATH_4_0 = "/remote.php/dav/files/";
     public static final String WEBDAV_PATH_4_0_AND_LATER = "/remote.php/dav";
-    private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/";
     public static final String STATUS_PATH = "/status.php";
-
+    private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/";
     private static final int MAX_REDIRECTIONS_COUNT = 3;
     private static final int MAX_REPEAT_COUNT_WITH_FRESH_CREDENTIALS = 1;
 
@@ -104,8 +104,8 @@ public int executeHttpMethod(HttpBaseMethod method) throws Exception {
             method.setRequestHeader(HttpConstants.OC_X_REQUEST_ID, requestId);
             method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent());
             method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY);
-            if (mCredentials.getHeaderAuth() != null) {
-                method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
+            if (mCredentials.getHeaderAuth() != null && method.getRequestHeader(AUTHORIZATION_HEADER) == null) {
+                method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
             }
             status = method.execute();
 
@@ -136,7 +136,7 @@ private int executeRedirectedHttpMethod(HttpBaseMethod method) throws Exception
             method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent());
             method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY);
             if (mCredentials.getHeaderAuth() != null) {
-                method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
+                method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
             }
             status = method.execute();
 

owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java

@@ -24,10 +24,6 @@
 
 package com.owncloud.android.lib.common.authentication;
 
-import com.owncloud.android.lib.common.OwnCloudClient;
-import com.owncloud.android.lib.common.http.HttpClient;
-import com.owncloud.android.lib.common.http.HttpConstants;
-
 public class OwnCloudCredentialsFactory {
 
     public static final String CREDENTIAL_CHARSET = "UTF-8";

owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java

@@ -51,6 +51,12 @@ public class HttpConstants {
     public static final String ACCEPT_ENCODING_IDENTITY = "identity";
     public static final String OC_FILE_REMOTE_ID = "OC-FileId";
 
+    // OAuth
+    public static final String HEADER_AUTHORIZATION_CODE = "code";
+    public static final String HEADER_GRANT_TYPE = "grant_type";
+    public static final String HEADER_REDIRECT_URI = "redirect_uri";
+    public static final String HEADER_CODE_VERIFIER = "code_verifier";
+
     /***********************************************************************************************************
      ************************************************ CONTENT TYPES ********************************************
      ***********************************************************************************************************/

owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt

@@ -0,0 +1,104 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   @author Abel García de Prada
+ *
+ *   Copyright (C) 2020 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ *
+ */
+package com.owncloud.android.lib.resources.oauth
+
+import com.owncloud.android.lib.common.OwnCloudClient
+import com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER
+import com.owncloud.android.lib.common.http.HttpConstants.HEADER_AUTHORIZATION_CODE
+import com.owncloud.android.lib.common.http.HttpConstants.HEADER_CODE_VERIFIER
+import com.owncloud.android.lib.common.http.HttpConstants.HEADER_GRANT_TYPE
+import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REDIRECT_URI
+import com.owncloud.android.lib.common.http.HttpConstants.HTTP_OK
+import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod
+import com.owncloud.android.lib.common.operations.RemoteOperation
+import com.owncloud.android.lib.common.operations.RemoteOperationResult
+import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams
+import com.owncloud.android.lib.resources.oauth.responses.TokenResponse
+import com.squareup.moshi.JsonAdapter
+import com.squareup.moshi.Moshi
+import okhttp3.FormBody
+import okio.ByteString.Companion.encodeUtf8
+import timber.log.Timber
+import java.net.URL
+
+/**
+ * Get OIDC Discovery
+ *
+ * @author Abel García de Prada
+ */
+class TokenRequestRemoteOperation(
+    private val tokenRequestParams: TokenRequestParams
+) : RemoteOperation<TokenResponse>() {
+
+    override fun run(client: OwnCloudClient): RemoteOperationResult<TokenResponse> {
+        var result: RemoteOperationResult<TokenResponse>
+
+        try {
+            val uriBuilder = client.baseUri.buildUpon().apply {
+                appendEncodedPath(tokenRequestParams.tokenEndpoint)
+            }.build()
+
+            val requestBody = FormBody.Builder()
+                .add(HEADER_AUTHORIZATION_CODE, tokenRequestParams.authorizationCode)
+                .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType)
+                .add(HEADER_REDIRECT_URI, tokenRequestParams.redirectUri)
+                .add(HEADER_CODE_VERIFIER, tokenRequestParams.codeVerifier)
+                .build()
+
+            val postMethod = PostMethod(URL(uriBuilder.toString()), requestBody)
+
+            postMethod.addRequestHeader(AUTHORIZATION_HEADER, tokenRequestParams.clientAuth)
+
+            val status = client.executeHttpMethod(postMethod)
+
+            val responseBody = postMethod.getResponseBodyAsString()
+
+            if (status == HTTP_OK && responseBody != null) {
+                Timber.d("Successful response $responseBody")
+
+                // Parse the response
+                val moshi: Moshi = Moshi.Builder().build()
+                val jsonAdapter: JsonAdapter<TokenResponse> = moshi.adapter(TokenResponse::class.java)
+                val tokenResponse: TokenResponse? = jsonAdapter.fromJson(responseBody)
+
+                result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK)
+                result.data = tokenResponse
+
+                Timber.d("Get tokens completed and parsed to $tokenResponse")
+            } else {
+                result = RemoteOperationResult(postMethod)
+                Timber.e("Failed response while getting tokens from the server status code: $status; response message: $responseBody")
+            }
+
+        } catch (e: Exception) {
+            result = RemoteOperationResult(e)
+            Timber.e(e, "Exception while getting tokens")
+        }
+
+        return result
+    }
+}

owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt

@@ -0,0 +1,33 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   Copyright (C) 2020 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ */
+package com.owncloud.android.lib.resources.oauth.params
+
+class TokenRequestParams(
+    val tokenEndpoint: String,
+    val authorizationCode: String,
+    val grantType: String,
+    val redirectUri: String,
+    val codeVerifier: String,
+    val clientAuth: String
+)

owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt

@@ -0,0 +1,45 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   Copyright (C) 2020 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ */
+
+package com.owncloud.android.lib.resources.oauth.responses
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+@JsonClass(generateAdapter = true)
+data class TokenResponse(
+    @Json(name = "access_token")
+    val accessToken: String,
+    @Json(name = "expires_in")
+    val expiresIn: Int,
+    @Json(name = "refresh_token")
+    val refreshToken: String,
+    @Json(name = "token_type")
+    val tokenType: String,
+    @Json(name = "user_id")
+    val userId: String?,
+    val scope: String?,
+    @Json(name = "additional_parameters")
+    val additionalParameters: Map<String, String>?
+)

owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt

@@ -25,10 +25,17 @@ package com.owncloud.android.lib.resources.oauth.services
 
 import com.owncloud.android.lib.common.OwnCloudClient
 import com.owncloud.android.lib.common.operations.RemoteOperationResult
+import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams
 import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse
+import com.owncloud.android.lib.resources.oauth.responses.TokenResponse
 
 interface OIDCService {
 
     fun getOIDCServerDiscovery(ownCloudClient: OwnCloudClient): RemoteOperationResult<OIDCDiscoveryResponse>
 
+    fun performTokenRequest(
+        ownCloudClient: OwnCloudClient,
+        tokenRequest: TokenRequestParams
+    ): RemoteOperationResult<TokenResponse>
+
 }

owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt

@@ -26,14 +26,23 @@ package com.owncloud.android.lib.resources.oauth.services.implementation
 import com.owncloud.android.lib.common.OwnCloudClient
 import com.owncloud.android.lib.common.operations.RemoteOperationResult
 import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation
+import com.owncloud.android.lib.resources.oauth.TokenRequestRemoteOperation
+import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams
 import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse
+import com.owncloud.android.lib.resources.oauth.responses.TokenResponse
 import com.owncloud.android.lib.resources.oauth.services.OIDCService
 
-class OCOIDCService() : OIDCService {
+class OCOIDCService : OIDCService {
 
     override fun getOIDCServerDiscovery(
         ownCloudClient: OwnCloudClient
     ): RemoteOperationResult<OIDCDiscoveryResponse> =
         GetOIDCDiscoveryRemoteOperation().execute(ownCloudClient)
 
+    override fun performTokenRequest(
+        ownCloudClient: OwnCloudClient,
+        tokenRequest: TokenRequestParams
+    ): RemoteOperationResult<TokenResponse> =
+        TokenRequestRemoteOperation(tokenRequest).execute(ownCloudClient)
+
 }