git.basschouten.com Git - openhab-addons.git/blob

   1 /**
   2  * Copyright (c) 2010-2023 Contributors to the openHAB project
   3  *
   4  * See the NOTICE file(s) distributed with this work for additional
   5  * information.
   6  *
   7  * This program and the accompanying materials are made available under the
   8  * terms of the Eclipse Public License 2.0 which is available at
   9  * http://www.eclipse.org/legal/epl-2.0
  10  *
  11  * SPDX-License-Identifier: EPL-2.0
  12  */
  13 package org.openhab.binding.netatmo.internal.api;
  14
  15 import static org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.*;
  16 import static org.openhab.core.auth.oauth2client.internal.Keyword.*;
  17
  18 import java.net.URI;
  19 import java.util.HashMap;
  20 import java.util.Map;
  21 import java.util.Optional;
  22 import java.util.Set;
  23 import java.util.concurrent.ScheduledExecutorService;
  24 import java.util.concurrent.ScheduledFuture;
  25 import java.util.concurrent.TimeUnit;
  26
  27 import javax.ws.rs.core.UriBuilder;
  28
  29 import org.eclipse.jdt.annotation.NonNullByDefault;
  30 import org.eclipse.jdt.annotation.Nullable;
  31 import org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.FeatureArea;
  32 import org.openhab.binding.netatmo.internal.api.data.NetatmoConstants.Scope;
  33 import org.openhab.binding.netatmo.internal.api.dto.AccessTokenResponse;
  34 import org.openhab.binding.netatmo.internal.config.ApiHandlerConfiguration;
  35 import org.openhab.binding.netatmo.internal.handler.ApiBridgeHandler;
  36 import org.slf4j.Logger;
  37 import org.slf4j.LoggerFactory;
  38
  39 /**
  40  * The {@link AuthenticationApi} handles oAuth2 authentication and token refreshing
  41  *
  42  * @author Gaël L'hopital - Initial contribution
  43  */
  44 @NonNullByDefault
  45 public class AuthenticationApi extends RestManager {
  46     private static final UriBuilder AUTH_BUILDER = getApiBaseBuilder(PATH_OAUTH, SUB_PATH_AUTHORIZE);
  47     private static final URI TOKEN_URI = getApiBaseBuilder(PATH_OAUTH, SUB_PATH_TOKEN).build();
  48
  49     private final Logger logger = LoggerFactory.getLogger(AuthenticationApi.class);
  50     private final ScheduledExecutorService scheduler;
  51
  52     private Optional<ScheduledFuture<?>> refreshTokenJob = Optional.empty();
  53     private Optional<AccessTokenResponse> tokenResponse = Optional.empty();
  54
  55     public AuthenticationApi(ApiBridgeHandler bridge, ScheduledExecutorService scheduler) {
  56         super(bridge, FeatureArea.NONE);
  57         this.scheduler = scheduler;
  58     }
  59
  60     public String authorize(ApiHandlerConfiguration credentials, @Nullable String code, @Nullable String redirectUri)
  61             throws NetatmoException {
  62         if (!(credentials.clientId.isBlank() || credentials.clientSecret.isBlank())) {
  63             Map<String, String> params = new HashMap<>(Map.of(SCOPE, FeatureArea.ALL_SCOPES));
  64             String refreshToken = credentials.refreshToken;
  65             if (!refreshToken.isBlank()) {
  66                 params.put(REFRESH_TOKEN, refreshToken);
  67             } else {
  68                 if (code != null && redirectUri != null) {
  69                     params.putAll(Map.of(REDIRECT_URI, redirectUri, CODE, code));
  70                 }
  71             }
  72             if (params.size() > 1) {
  73                 return requestToken(credentials.clientId, credentials.clientSecret, params);
  74             }
  75         }
  76         throw new IllegalArgumentException("Inconsistent configuration state, please file a bug report.");
  77     }
  78
  79     private String requestToken(String id, String secret, Map<String, String> entries) throws NetatmoException {
  80         Map<String, String> payload = new HashMap<>(entries);
  81         payload.put(GRANT_TYPE, payload.keySet().contains(CODE) ? AUTHORIZATION_CODE : REFRESH_TOKEN);
  82         payload.putAll(Map.of(CLIENT_ID, id, CLIENT_SECRET, secret));
  83         disconnect();
  84         AccessTokenResponse response = post(TOKEN_URI, AccessTokenResponse.class, payload);
  85         refreshTokenJob = Optional.of(scheduler.schedule(() -> {
  86             try {
  87                 requestToken(id, secret, Map.of(REFRESH_TOKEN, response.getRefreshToken()));
  88             } catch (NetatmoException e) {
  89                 logger.warn("Unable to refresh access token : {}", e.getMessage());
  90             }
  91         }, Math.round(response.getExpiresIn() * 0.8), TimeUnit.SECONDS));
  92         tokenResponse = Optional.of(response);
  93         return response.getRefreshToken();
  94     }
  95
  96     public void disconnect() {
  97         tokenResponse = Optional.empty();
  98     }
  99
 100     public void dispose() {
 101         refreshTokenJob.ifPresent(job -> job.cancel(true));
 102         refreshTokenJob = Optional.empty();
 103     }
 104
 105     public @Nullable String getAuthorization() {
 106         return tokenResponse.map(at -> String.format("Bearer %s", at.getAccessToken())).orElse(null);
 107     }
 108
 109     public boolean matchesScopes(Set<Scope> requiredScopes) {
 110         return requiredScopes.isEmpty() // either we do not require any scope, either connected and all scopes available
 111                 || (isConnected() && tokenResponse.map(at -> at.getScope().containsAll(requiredScopes)).orElse(false));
 112     }
 113
 114     public boolean isConnected() {
 115         return tokenResponse.isPresent();
 116     }
 117
 118     public static UriBuilder getAuthorizationBuilder(String clientId) {
 119         return AUTH_BUILDER.clone().queryParam(CLIENT_ID, clientId).queryParam(SCOPE, FeatureArea.ALL_SCOPES)
 120                 .queryParam(STATE, clientId);
 121     }
 122 }