Add ResourceHandler

Author: dbalduini

play2-oauth2-provider/src/main/scala/scalaoauth2/provider/OAuth2Provider.scala

@@ -138,7 +138,7 @@ trait OAuth2Provider extends OAuth2BaseProvider {
    * @return Authentication is successful then the response use your API result.
    *         Authentication is failed then return BadRequest or Unauthorized status to client with cause into the JSON.
    */
-  def authorize[A, U](dataHandler: DataHandler[U], timeout: Duration = 60.seconds)(callback: AuthInfo[U] => Result)(implicit request: Request[A]): Result = {
+  def authorize[A, U](dataHandler: ResourceHandler[U], timeout: Duration = 60.seconds)(callback: AuthInfo[U] => Result)(implicit request: Request[A]): Result = {
     val f = protectedResource.handleRequest(request, dataHandler).map {
       case Left(e) if e.statusCode == 400 => BadRequest.withHeaders(responseOAuthErrorHeader(e))
       case Left(e) if e.statusCode == 401 => Unauthorized.withHeaders(responseOAuthErrorHeader(e))
@@ -209,7 +209,7 @@ trait OAuth2AsyncProvider extends OAuth2BaseProvider {
    * @return Authentication is successful then the response use your API result.
    *         Authentication is failed then return BadRequest or Unauthorized status to client with cause into the JSON.
    */
-  def authorize[A, U](dataHandler: DataHandler[U])(callback: AuthInfo[U] => Future[Result])(implicit request: Request[A]): Future[Result] = {
+  def authorize[A, U](dataHandler: ResourceHandler[U])(callback: AuthInfo[U] => Future[Result])(implicit request: Request[A]): Future[Result] = {
     protectedResource.handleRequest(request, dataHandler).flatMap {
       case Left(e) if e.statusCode == 400 => Future.successful(BadRequest.withHeaders(responseOAuthErrorHeader(e)))
       case Left(e) if e.statusCode == 401 => Future.successful(Unauthorized.withHeaders(responseOAuthErrorHeader(e)))

project/Build.scala

@@ -4,7 +4,7 @@ import Keys._
 object ScalaOAuth2Build extends Build {
 
   lazy val _organization = "com.nulab-inc"
-  lazy val _version =  "0.10.0"
+  lazy val _version =  "0.11.1-SNAPSHOT"
   lazy val _playVersion = "2.3.4"
 
   val _scalaVersion = "2.10.4"

scala-oauth2-core/src/main/scala/scalaoauth2/provider/DataHandler.scala

@@ -12,7 +12,17 @@ import scala.concurrent.Future
  * @param expiresIn Expiration date of access token. Unit is seconds.
  * @param createdAt Access token is created date.
  */
-case class AccessToken(token: String, refreshToken: Option[String], scope: Option[String], expiresIn: Option[Long], createdAt: Date)
+case class AccessToken(token: String, refreshToken: Option[String], scope: Option[String], expiresIn: Option[Long], createdAt: Date) {
+
+  /**
+   * Check expiration.
+   */
+  def isExpired: Boolean = expiresIn.exists { expiresIn =>
+    val now = System.currentTimeMillis()
+    createdAt.getTime + expiresIn * 1000 <= now
+  }
+
+}
 
 /**
  * Authorized information
@@ -65,13 +75,7 @@ case class AuthInfo[+U](user: U, clientId: Option[String], scope: Option[String]
  *   <li>refreshAccessToken(authInfo, token)
  *   <li>createAccessToken(authInfo)</li>
  * </ul>
- *   
- * <h3>[Access to Protected Resource phase]</h3>
- * <ul>
- *   <li>findAccessToken(token)</li>
- *   <li>isAccessTokenExpired(token)</li>
- *   <li>findAuthInfoByAccessToken(token)</li>
- * </ul>
+ *
  */
 trait DataHandler[U] {
 
@@ -150,33 +154,4 @@ trait DataHandler[U] {
    */
   def findClientUser(clientCredential: ClientCredential, scope: Option[String]): Future[Option[U]]
 
-  /**
-   * Find AccessToken object by access token code.
-   *
-   * @param token Client sends access token which is created by system.
-   * @return Return access token that matched the token.
-   */
-  def findAccessToken(token: String): Future[Option[AccessToken]]
-
-  /**
-   * Find authorized information by access token.
-   *
-   * @param accessToken This value is AccessToken.
-   * @return Return authorized information if the parameter is available.
-   */
-  def findAuthInfoByAccessToken(accessToken: AccessToken): Future[Option[AuthInfo[U]]]
-
-  /**
-   * Check expiration.
-   * 
-   * @param accessToken accessToken
-   * @return true if accessToken expired
-   */
-  def isAccessTokenExpired(accessToken: AccessToken): Boolean = {
-    accessToken.expiresIn.exists { expiresIn =>
-      val now = System.currentTimeMillis()
-      accessToken.createdAt.getTime + expiresIn * 1000 <= now
-    }
-  }
-
 }

scala-oauth2-core/src/main/scala/scalaoauth2/provider/GrantHandler.scala

@@ -17,16 +17,14 @@ trait GrantHandler {
 
   /**
    * Returns valid access token.
-   *
-   * @param dataHandler
-   * @param authInfo
-   * @return
    */
   def issueAccessToken[U](dataHandler: DataHandler[U], authInfo: AuthInfo[U]): Future[GrantHandlerResult] = {
     dataHandler.getStoredAccessToken(authInfo).flatMap { optionalAccessToken =>
       (optionalAccessToken match {
-        case Some(token) if dataHandler.isAccessTokenExpired(token) => {
-          token.refreshToken.map(dataHandler.refreshAccessToken(authInfo, _)).getOrElse(dataHandler.createAccessToken(authInfo))
+        case Some(token) if token.isExpired => token.refreshToken.map {
+          dataHandler.refreshAccessToken(authInfo, _)
+        }.getOrElse {
+          dataHandler.createAccessToken(authInfo)
         }
         case Some(token) => Future.successful(token)
         case None => dataHandler.createAccessToken(authInfo)
@@ -41,6 +39,7 @@ trait GrantHandler {
       }
     }
   }
+
 }
 
 class RefreshToken extends GrantHandler {

scala-oauth2-core/src/main/scala/scalaoauth2/provider/ProtectedResource.scala

@@ -7,14 +7,14 @@ trait ProtectedResource {
 
   val fetchers = Seq(AuthHeader, RequestParameter)
 
-  def handleRequest[U](request: ProtectedResourceRequest, dataHandler: DataHandler[U]): Future[Either[OAuthError, AuthInfo[U]]] = try {
+  def handleRequest[U](request: ProtectedResourceRequest, dataHandler: ResourceHandler[U]): Future[Either[OAuthError, AuthInfo[U]]] = try {
     fetchers.find { fetcher =>
       fetcher.matches(request)
     }.map { fetcher =>
       val result = fetcher.fetch(request)
       dataHandler.findAccessToken(result.token).flatMap { maybeToken =>
         val token = maybeToken.getOrElse(throw new InvalidToken("The access token is not found"))
-        if (dataHandler.isAccessTokenExpired(token)) {
+        if (token.isExpired) {
           throw new ExpiredToken()
         }
 

scala-oauth2-core/src/main/scala/scalaoauth2/provider/ResourceHandler.scala

@@ -0,0 +1,33 @@
+package scalaoauth2.provider
+
+import scala.concurrent.Future
+
+/**
+ *
+ * Provide accessing to data storage for using OAuth 2.0.
+ *
+ * <h3>[Access to Protected Resource phase]</h3>
+ * <ul>
+ *   <li>findAccessToken(token)</li>
+ *   <li>findAuthInfoByAccessToken(token)</li>
+ * </ul>
+ */
+trait ResourceHandler[+U] {
+
+  /**
+   * Find authorized information by access token.
+   *
+   * @param accessToken This value is AccessToken.
+   * @return Return authorized information if the parameter is available.
+   */
+  def findAuthInfoByAccessToken(accessToken: AccessToken): Future[Option[AuthInfo[U]]]
+
+  /**
+   * Find AccessToken object by access token code.
+   *
+   * @param token Client sends access token which is created by system.
+   * @return Return access token that matched the token.
+   */
+  def findAccessToken(token: String): Future[Option[AccessToken]]
+
+}

scala-oauth2-core/src/main/scala/scalaoauth2/provider/TokenEndpoint.scala

@@ -7,10 +7,10 @@ trait TokenEndpoint {
   val fetcher = ClientCredentialFetcher
 
   val handlers = Map(
-    "authorization_code" -> new AuthorizationCode(),
-    "refresh_token" -> new RefreshToken(),
-    "client_credentials" -> new ClientCredentials(),
-    "password" -> new Password()
+    OAuthGrantType.AUTHORIZATION_CODE  -> new AuthorizationCode(),
+    OAuthGrantType.REFRESH_TOKEN       -> new RefreshToken(),
+    OAuthGrantType.CLIENT_CREDENTIALS  -> new ClientCredentials(),
+    OAuthGrantType.PASSWORD            -> new Password()
   )
 
   def handleRequest[U](request: AuthorizationRequest, dataHandler: DataHandler[U]): Future[Either[OAuthError, GrantHandlerResult]] = try {

scala-oauth2-core/src/main/scala/scalaoauth2/provider/package.scala

@@ -0,0 +1,16 @@
+package scalaoauth2
+
+/**
+ * @author dbalduini
+ */
+package object provider {
+
+  object OAuthGrantType {
+    val AUTHORIZATION_CODE = "authorization_code"
+    val REFRESH_TOKEN = "refresh_token"
+    val CLIENT_CREDENTIALS = "client_credentials"
+    val PASSWORD = "password"
+  }
+
+
+}

scala-oauth2-core/src/test/scala/scalaoauth2/provider/ProtectedResourceSpec.scala

@@ -11,7 +11,7 @@ import scala.concurrent.Future
 
 class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
 
-  def successfulDataHandler() = new MockDataHandler() {
+  def successfulResourceHandler() = new ResourceHandler[User] {
 
     override def findAccessToken(token: String): Future[Option[AccessToken]] = Future.successful(Some(AccessToken("token1", Some("refreshToken1"), Some("all"), Some(3600), new Date())))
 
@@ -27,7 +27,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = successfulDataHandler()
+    val dataHandler = successfulResourceHandler()
     ProtectedResource.handleRequest(request, dataHandler).map(_ should be ('right))
   }
 
@@ -37,7 +37,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("access_token" -> Seq("token1"), "username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = successfulDataHandler()
+    val dataHandler = successfulResourceHandler()
     ProtectedResource.handleRequest(request, dataHandler).map(_ should be ('right))
   }
 
@@ -47,7 +47,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = new MockDataHandler() {
+    val dataHandler = new ResourceHandler[User] {
 
       override def findAccessToken(token: String): Future[Option[AccessToken]] = Future.successful(Some(AccessToken("token1", Some("refreshToken1"), Some("all"), Some(3600), new Date(new Date().getTime() - 4000 * 1000))))
 
@@ -75,7 +75,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = successfulDataHandler()
+    val dataHandler = successfulResourceHandler()
     val f = ProtectedResource.handleRequest(request, dataHandler)
 
     whenReady(f) { result =>
@@ -95,7 +95,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = new MockDataHandler() {
+    val dataHandler = new ResourceHandler[User] {
 
       override def findAccessToken(token: String): Future[Option[AccessToken]] = Future.successful(None)
 
@@ -122,7 +122,7 @@ class ProtectedResourceSpec extends FlatSpec with ScalaFutures {
       Map("username" -> Seq("user"), "password" -> Seq("pass"), "scope" -> Seq("all"))
     )
 
-    val dataHandler = new MockDataHandler() {
+    val dataHandler = new ResourceHandler[User] {
 
       override def findAccessToken(token: String): Future[Option[AccessToken]] = Future.successful(Some(AccessToken("token1", Some("refreshToken1"), Some("all"), Some(3600), new Date())))