Source code

001/*
002 * Copyright 2016 The AppAuth for Android Authors. All Rights Reserved.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
005 * in compliance with the License. You may obtain a copy of the License at
006 *
007 * http://www.apache.org/licenses/LICENSE-2.0
008 *
009 * Unless required by applicable law or agreed to in writing, software distributed under the
010 * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
011 * express or implied. See the License for the specific language governing permissions and
012 * limitations under the License.
013 */
014
015package net.openid.appauth;
016
017import static net.openid.appauth.Preconditions.checkNotNull;
018
019import android.util.Base64;
020import androidx.annotation.NonNull;
021
022import net.openid.appauth.internal.UriUtil;
023
024import java.util.Collections;
025import java.util.Map;
026
027/**
028 * Implementation of the client authentication method 'client_secret_basic'.
029 *
030 * @see "OpenID Connect Core 1.0, Section 9
031 * <https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.9>"
032 */
033public class ClientSecretBasic implements ClientAuthentication {
034    /**
035     * Name of this authentication method.
036     *
037     * @see "OpenID Connect Core 1.0, Section 9
038     * <https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.9>"
039     */
040    public static final String NAME = "client_secret_basic";
041
042    @NonNull
043    private String mClientSecret;
044
045    /**
046     * Creates a {@link ClientAuthentication} which will use the client authentication method
047     * `client_secret_basic`.
048     */
049    public ClientSecretBasic(@NonNull String clientSecret) {
050        mClientSecret = checkNotNull(clientSecret, "mClientSecret cannot be null");
051    }
052
053    @Override
054    public final Map<String, String> getRequestHeaders(@NonNull String clientId) {
055        // From the OAuth2 RFC, client ID and secret should be encoded prior to concatenation and
056        // conversion to Base64: https://tools.ietf.org/html/rfc6749#section-2.3.1
057        String encodedClientId = UriUtil.formUrlEncodeValue(clientId);
058        String encodedClientSecret = UriUtil.formUrlEncodeValue(mClientSecret);
059        String credentials = encodedClientId + ":" + encodedClientSecret;
060        String basicAuth = Base64.encodeToString(credentials.getBytes(), Base64.NO_WRAP);
061        return Collections.singletonMap("Authorization", "Basic " + basicAuth);
062    }
063
064    @Override
065    public final Map<String, String> getRequestParameters(@NonNull String clientId) {
066        return null;
067    }
068}