-
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
526 additions
and
0 deletions.
There are no files selected for viewing
40 changes: 40 additions & 0 deletions
40
SharpPulsar/Auth/OAuth2/protocol/ClientCredentialsExchangeRequest.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
/// <summary> | ||
/// Licensed to the Apache Software Foundation (ASF) under one | ||
/// or more contributor license agreements. See the NOTICE file | ||
/// distributed with this work for additional information | ||
/// regarding copyright ownership. The ASF licenses this file | ||
/// to you under the Apache License, Version 2.0 (the | ||
/// "License"); you may not use this file except in compliance | ||
/// with the License. You may obtain a copy of the License at | ||
/// | ||
/// http://www.apache.org/licenses/LICENSE-2.0 | ||
/// | ||
/// Unless required by applicable law or agreed to in writing, | ||
/// software distributed under the License is distributed on an | ||
/// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
/// KIND, either express or implied. See the License for the | ||
/// specific language governing permissions and limitations | ||
/// under the License. | ||
/// </summary> | ||
namespace SharpPulsar.Auth.OAuth2.Protocol | ||
{ | ||
/// <summary> | ||
/// A token request based on the exchange of client credentials. | ||
/// </summary> | ||
/// <seealso cref="<a href="https://tools.ietf.org/html/rfc6749.section-4.4">OAuth 2.0 RFC 6749, section 4.4</a>"/> | ||
public class ClientCredentialsExchangeRequest | ||
{ | ||
// @JsonProperty("client_id") private String clientId; | ||
private string clientId; | ||
|
||
// JsonProperty("client_secret") private String clientSecret; | ||
private string clientSecret; | ||
|
||
// JsonProperty("audience") private String audience; | ||
private string audience; | ||
|
||
// JsonProperty("scope") private String scope; | ||
private string scope; | ||
} | ||
|
||
} |
36 changes: 36 additions & 0 deletions
36
SharpPulsar/Auth/OAuth2/protocol/ClientCredentialsExchanger.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
/// <summary> | ||
/// Licensed to the Apache Software Foundation (ASF) under one | ||
/// or more contributor license agreements. See the NOTICE file | ||
/// distributed with this work for additional information | ||
/// regarding copyright ownership. The ASF licenses this file | ||
/// to you under the Apache License, Version 2.0 (the | ||
/// "License"); you may not use this file except in compliance | ||
/// with the License. You may obtain a copy of the License at | ||
/// | ||
/// http://www.apache.org/licenses/LICENSE-2.0 | ||
/// | ||
/// Unless required by applicable law or agreed to in writing, | ||
/// software distributed under the License is distributed on an | ||
/// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
/// KIND, either express or implied. See the License for the | ||
/// specific language governing permissions and limitations | ||
/// under the License. | ||
/// </summary> | ||
namespace SharpPulsar.Auth.OAuth2.Protocol | ||
{ | ||
|
||
/// <summary> | ||
/// An interface for exchanging client credentials for an access token. | ||
/// </summary> | ||
public interface ClientCredentialsExchanger : AutoCloseable | ||
{ | ||
/// <summary> | ||
/// Requests an exchange of client credentials for an access token. </summary> | ||
/// <param name="req"> the request details. </param> | ||
/// <returns> an access token. </returns> | ||
/// <exception cref="TokenExchangeException"> if the OAuth server returned a detailed error. </exception> | ||
/// <exception cref="IOException"> if a general IO error occurred. </exception> | ||
TokenResult ExchangeClientCredentials(ClientCredentialsExchangeRequest req); | ||
} | ||
|
||
} |
122 changes: 122 additions & 0 deletions
122
SharpPulsar/Auth/OAuth2/protocol/DefaultMetadataResolver.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
using System.IO; | ||
|
||
/// <summary> | ||
/// Licensed to the Apache Software Foundation (ASF) under one | ||
/// or more contributor license agreements. See the NOTICE file | ||
/// distributed with this work for additional information | ||
/// regarding copyright ownership. The ASF licenses this file | ||
/// to you under the Apache License, Version 2.0 (the | ||
/// "License"); you may not use this file except in compliance | ||
/// with the License. You may obtain a copy of the License at | ||
/// | ||
/// http://www.apache.org/licenses/LICENSE-2.0 | ||
/// | ||
/// Unless required by applicable law or agreed to in writing, | ||
/// software distributed under the License is distributed on an | ||
/// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
/// KIND, either express or implied. See the License for the | ||
/// specific language governing permissions and limitations | ||
/// under the License. | ||
/// </summary> | ||
namespace SharpPulsar.Auth.OAuth2.Protocol | ||
{ | ||
using ObjectMapper = com.fasterxml.jackson.databind.ObjectMapper; | ||
using ObjectReader = com.fasterxml.jackson.databind.ObjectReader; | ||
|
||
/// <summary> | ||
/// Resolves OAuth 2.0 authorization server metadata as described in RFC 8414. | ||
/// </summary> | ||
public class DefaultMetadataResolver : MetadataResolver | ||
{ | ||
|
||
protected internal const int DefaultConnectTimeoutInSeconds = 10; | ||
protected internal const int DefaultReadTimeoutInSeconds = 30; | ||
|
||
private readonly URL metadataUrl; | ||
private readonly ObjectReader objectReader; | ||
private Duration connectTimeout; | ||
private Duration readTimeout; | ||
|
||
public DefaultMetadataResolver(URL MetadataUrl) | ||
{ | ||
this.metadataUrl = MetadataUrl; | ||
this.objectReader = (new ObjectMapper()).readerFor(typeof(Metadata)); | ||
// set a default timeout to ensure that this doesn't block | ||
this.connectTimeout = Duration.ofSeconds(DefaultConnectTimeoutInSeconds); | ||
this.readTimeout = Duration.ofSeconds(DefaultReadTimeoutInSeconds); | ||
} | ||
|
||
public virtual DefaultMetadataResolver WithConnectTimeout(Duration ConnectTimeout) | ||
{ | ||
this.connectTimeout = ConnectTimeout; | ||
return this; | ||
} | ||
|
||
public virtual DefaultMetadataResolver WithReadTimeout(Duration ReadTimeout) | ||
{ | ||
this.readTimeout = ReadTimeout; | ||
return this; | ||
} | ||
|
||
/// <summary> | ||
/// Resolves the authorization metadata. </summary> | ||
/// <returns> metadata </returns> | ||
/// <exception cref="IOException"> if the metadata could not be resolved. </exception> | ||
public virtual Metadata Resolve() | ||
{ | ||
try | ||
{ | ||
URLConnection C = this.metadataUrl.openConnection(); | ||
if (connectTimeout != null) | ||
{ | ||
C.setConnectTimeout((int) connectTimeout.toMillis()); | ||
} | ||
if (readTimeout != null) | ||
{ | ||
C.setReadTimeout((int) readTimeout.toMillis()); | ||
} | ||
C.setRequestProperty("Accept", "application/json"); | ||
|
||
Metadata Metadata; | ||
using (Stream InputStream = C.getInputStream()) | ||
{ | ||
Metadata = this.objectReader.readValue(InputStream); | ||
} | ||
return Metadata; | ||
|
||
} | ||
catch (IOException E) | ||
{ | ||
throw new IOException("Cannot obtain authorization metadata from " + metadataUrl.ToString(), E); | ||
} | ||
} | ||
|
||
/// <summary> | ||
/// Gets a well-known metadata URL for the given OAuth issuer URL. </summary> | ||
/// <param name="issuerUrl"> The authorization server's issuer identifier </param> | ||
/// <returns> a resolver </returns> | ||
public static DefaultMetadataResolver FromIssuerUrl(URL IssuerUrl) | ||
{ | ||
return new DefaultMetadataResolver(GetWellKnownMetadataUrl(IssuerUrl)); | ||
} | ||
|
||
/// <summary> | ||
/// Gets a well-known metadata URL for the given OAuth issuer URL. </summary> | ||
/// <seealso cref="<a href="https://tools.ietf.org/id/draft-ietf-oauth-discovery-08.html.ASConfig">" | ||
/// OAuth Discovery: Obtaining Authorization Server Metadata</a>/> | ||
/// <param name="issuerUrl"> The authorization server's issuer identifier </param> | ||
/// <returns> a URL </returns> | ||
public static URL GetWellKnownMetadataUrl(URL IssuerUrl) | ||
{ | ||
try | ||
{ | ||
return URI.create(IssuerUrl.toExternalForm() + "/.well-known/openid-configuration").normalize().toURL(); | ||
} | ||
catch (MalformedURLException E) | ||
{ | ||
throw new System.ArgumentException(E); | ||
} | ||
} | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
using System.Security.Policy; | ||
/// <summary> | ||
/// Licensed to the Apache Software Foundation (ASF) under one | ||
/// or more contributor license agreements. See the NOTICE file | ||
/// distributed with this work for additional information | ||
/// regarding copyright ownership. The ASF licenses this file | ||
/// to you under the Apache License, Version 2.0 (the | ||
/// "License"); you may not use this file except in compliance | ||
/// with the License. You may obtain a copy of the License at | ||
/// | ||
/// http://www.apache.org/licenses/LICENSE-2.0 | ||
/// | ||
/// Unless required by applicable law or agreed to in writing, | ||
/// software distributed under the License is distributed on an | ||
/// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
/// KIND, either express or implied. See the License for the | ||
/// specific language governing permissions and limitations | ||
/// under the License. | ||
/// </summary> | ||
namespace SharpPulsar.Auth.OAuth2.Protocol | ||
{ | ||
|
||
/// <summary> | ||
/// Represents OAuth 2.0 Server Metadata. | ||
/// </summary> | ||
public class Metadata | ||
{ | ||
//JsonProperty("issuer") private java.net.URL authorizationEndpoint | ||
public Url issuer; | ||
//JsonProperty("authorization_endpoint") private java.net.URL authorizationEndpoint | ||
public Url authorizationEndpoint; | ||
//JsonProperty("token_endpoint") private java.net.URL tokenEndpoint | ||
public Url tokenEndpoint; | ||
//JsonProperty("userinfo_endpoint") private java.net.URL userInfoEndpoint; | ||
public Url userInfoEndpoint; | ||
//JsonProperty("revocation_endpoint") private java.net.URL revocationEndpoint; | ||
public Url revocationEndpoint; | ||
//JsonProperty("jwks_uri") private java.net.URL jwksUri | ||
public Url jwksUri; | ||
//JsonProperty("device_authorization_endpoint") private java.net.URL deviceAuthorizationEndpoint; | ||
public Url deviceAuthorizationEndpoint; | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
/// <summary> | ||
/// Licensed to the Apache Software Foundation (ASF) under one | ||
/// or more contributor license agreements. See the NOTICE file | ||
/// distributed with this work for additional information | ||
/// regarding copyright ownership. The ASF licenses this file | ||
/// to you under the Apache License, Version 2.0 (the | ||
/// "License"); you may not use this file except in compliance | ||
/// with the License. You may obtain a copy of the License at | ||
/// | ||
/// http://www.apache.org/licenses/LICENSE-2.0 | ||
/// | ||
/// Unless required by applicable law or agreed to in writing, | ||
/// software distributed under the License is distributed on an | ||
/// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
/// KIND, either express or implied. See the License for the | ||
/// specific language governing permissions and limitations | ||
/// under the License. | ||
/// </summary> | ||
namespace SharpPulsar.Auth.OAuth2.Protocol | ||
{ | ||
|
||
/// <summary> | ||
/// Resolves OAuth 2.0 authorization server metadata as described in RFC 8414. | ||
/// </summary> | ||
public interface MetadataResolver | ||
{ | ||
Metadata Resolve(); | ||
} | ||
|
||
} |
Oops, something went wrong.