001
002package io.vrap.rmf.base.client.oauth2;
003
004import java.net.URI;
005import java.nio.charset.StandardCharsets;
006import java.util.Base64;
007
008import io.vrap.rmf.base.client.*;
009
010/**
011 * Token supplier using client credentials flow
012 */
013public class ClientCredentialsTokenSupplier extends BaseAuthTokenSupplier {
014
015    public ClientCredentialsTokenSupplier(final String clientId, final String clientSecret, final String scope,
016            final String tokenEndpoint, final VrapHttpClient vrapHttpClient) {
017        super(vrapHttpClient, constructApiHttpRequest(clientId, clientSecret, scope, tokenEndpoint));
018    }
019
020    private static ApiHttpRequest constructApiHttpRequest(final String clientId, final String clientSecret,
021            final String scope, final String tokenEndpoint) {
022        String auth = Base64.getEncoder()
023                .encodeToString((clientId + ":" + clientSecret).getBytes(StandardCharsets.UTF_8));
024
025        final ApiHttpHeaders headers = new ApiHttpHeaders()
026                .withHeader(ApiHttpHeaders.AUTHORIZATION, String.format("Basic %s", auth))
027                .withHeader(ApiHttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
028
029        String body = "";
030        if (scope == null || scope.isEmpty()) {
031            body = "grant_type=client_credentials";
032
033        }
034        else {
035            body = String.format("grant_type=client_credentials&scope=%s", urlEncode(scope));
036        }
037        return new ApiHttpRequest(ApiHttpMethod.POST, URI.create(tokenEndpoint), headers,
038            body.getBytes(StandardCharsets.UTF_8));
039    }
040
041}