git.basschouten.com Git - openhab-addons.git/blob

   1 /**
   2  * Copyright (c) 2010-2023 Contributors to the openHAB project
   3  *
   4  * See the NOTICE file(s) distributed with this work for additional
   5  * information.
   6  *
   7  * This program and the accompanying materials are made available under the
   8  * terms of the Eclipse Public License 2.0 which is available at
   9  * http://www.eclipse.org/legal/epl-2.0
  10  *
  11  * SPDX-License-Identifier: EPL-2.0
  12  */
  13 package org.openhab.binding.netatmo.internal.api;
  14
  15 import static org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.*;
  16 import static org.openhab.core.auth.oauth2client.internal.Keyword.*;
  17
  18 import java.net.URI;
  19 import java.util.HashMap;
  20 import java.util.Map;
  21 import java.util.Optional;
  22 import java.util.Set;
  23 import java.util.concurrent.ScheduledExecutorService;
  24 import java.util.concurrent.ScheduledFuture;
  25 import java.util.concurrent.TimeUnit;
  26
  27 import javax.ws.rs.core.UriBuilder;
  28
  29 import org.eclipse.jdt.annotation.NonNullByDefault;
  30 import org.eclipse.jdt.annotation.Nullable;
  31 import org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.FeatureArea;
  32 import org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.Scope;
  33 import org.openhab.binding.netatmo.internal.api.dto.AccessTokenResponse;
  34 import org.openhab.binding.netatmo.internal.config.ApiHandlerConfiguration;
  35 import org.openhab.binding.netatmo.internal.handler.ApiBridgeHandler;
  36 import org.slf4j.Logger;
  37 import org.slf4j.LoggerFactory;
  38
  39 /**
  40  * The {@link AuthenticationApi} handles oAuth2 authentication and token refreshing
  41  *
  42  * @author Gaël L'hopital - Initial contribution
  43  */
  44 @NonNullByDefault
  45 public class AuthenticationApi extends RestManager {
  46     private static final UriBuilder OAUTH_BUILDER = getApiBaseBuilder().path(PATH_OAUTH);
  47     private static final UriBuilder AUTH_BUILDER = OAUTH_BUILDER.clone().path(SUB_PATH_AUTHORIZE);
  48     private static final URI TOKEN_URI = OAUTH_BUILDER.clone().path(SUB_PATH_TOKEN).build();
  49
  50     private final Logger logger = LoggerFactory.getLogger(AuthenticationApi.class);
  51     private final ScheduledExecutorService scheduler;
  52
  53     private Optional<ScheduledFuture<?>> refreshTokenJob = Optional.empty();
  54     private Optional<AccessTokenResponse> tokenResponse = Optional.empty();
  55
  56     public AuthenticationApi(ApiBridgeHandler bridge, ScheduledExecutorService scheduler) {
  57         super(bridge, FeatureArea.NONE);
  58         this.scheduler = scheduler;
  59     }
  60
  61     public String authorize(ApiHandlerConfiguration credentials, @Nullable String code, @Nullable String redirectUri)
  62             throws NetatmoException {
  63         if (!(credentials.clientId.isBlank() || credentials.clientSecret.isBlank())) {
  64             Map<String, String> params = new HashMap<>(Map.of(SCOPE, FeatureArea.ALL_SCOPES));
  65             String refreshToken = credentials.refreshToken;
  66             if (!refreshToken.isBlank()) {
  67                 params.put(REFRESH_TOKEN, refreshToken);
  68             } else {
  69                 if (code != null && redirectUri != null) {
  70                     params.putAll(Map.of(REDIRECT_URI, redirectUri, CODE, code));
  71                 }
  72             }
  73             if (params.size() > 1) {
  74                 return requestToken(credentials.clientId, credentials.clientSecret, params);
  75             }
  76         }
  77         throw new IllegalArgumentException("Inconsistent configuration state, please file a bug report.");
  78     }
  79
  80     private String requestToken(String id, String secret, Map<String, String> entries) throws NetatmoException {
  81         Map<String, String> payload = new HashMap<>(entries);
  82         payload.put(GRANT_TYPE, payload.keySet().contains(CODE) ? AUTHORIZATION_CODE : REFRESH_TOKEN);
  83         payload.putAll(Map.of(CLIENT_ID, id, CLIENT_SECRET, secret));
  84         disconnect();
  85         AccessTokenResponse response = post(TOKEN_URI, AccessTokenResponse.class, payload);
  86         refreshTokenJob = Optional.of(scheduler.schedule(() -> {
  87             try {
  88                 requestToken(id, secret, Map.of(REFRESH_TOKEN, response.getRefreshToken()));
  89             } catch (NetatmoException e) {
  90                 logger.warn("Unable to refresh access token : {}", e.getMessage());
  91             }
  92         }, Math.round(response.getExpiresIn() * 0.8), TimeUnit.SECONDS));
  93         tokenResponse = Optional.of(response);
  94         return response.getRefreshToken();
  95     }
  96
  97     public void disconnect() {
  98         tokenResponse = Optional.empty();
  99     }
 100
 101     public void dispose() {
 102         refreshTokenJob.ifPresent(job -> job.cancel(true));
 103         refreshTokenJob = Optional.empty();
 104     }
 105
 106     public @Nullable String getAuthorization() {
 107         return tokenResponse.map(at -> String.format("Bearer %s", at.getAccessToken())).orElse(null);
 108     }
 109
 110     public boolean matchesScopes(Set<Scope> requiredScopes) {
 111         return requiredScopes.isEmpty() // either we do not require any scope, either connected and all scopes available
 112                 || (isConnected() && tokenResponse.map(at -> at.getScope().containsAll(requiredScopes)).orElse(false));
 113     }
 114
 115     public boolean isConnected() {
 116         return tokenResponse.isPresent();
 117     }
 118
 119     public static UriBuilder getAuthorizationBuilder(String clientId) {
 120         return AUTH_BUILDER.clone().queryParam(CLIENT_ID, clientId).queryParam(SCOPE, FeatureArea.ALL_SCOPES)
 121                 .queryParam(STATE, clientId);
 122     }
 123 }