support OAuth 2 refresh token (+update urls for Google)

Daniel Tyreus · s-gromov · commit 1e4238bc1f2a · 2016-02-26T17:31:06.000+03:00
diff --git a/changelog b/changelog
@@ -3,6 +3,7 @@
  * Support response in gzip.
  * differentiate OAuth1 Access token, OAuth 1 Request Token and OAuth 2 Access token, make them conforms RFCs
  * OAuth 1 APIs can choose whether to pass empty oauth_token param in requests
+ * Support refresh tokens for OAuth2 (very thanks to P. Daniel Tyreus https://github.com/pdtyreus)
 
 [2.2.2]
  * make all APIs to be extentable (have protected constructors, useful for testing)
diff --git a/scribejava-apis/src/main/java/com/github/scribejava/apis/FacebookApi.java b/scribejava-apis/src/main/java/com/github/scribejava/apis/FacebookApi.java
@@ -9,9 +9,8 @@
 import com.github.scribejava.core.utils.OAuthEncoder;
 import com.github.scribejava.core.utils.Preconditions;
 
-/***
+/**
  * Facebook v2.5 API
- *
  */
 public class FacebookApi extends DefaultApi20 {
 
@@ -22,6 +21,7 @@ protected FacebookApi() {
     }
 
     private static class InstanceHolder {
+
         private static final FacebookApi INSTANCE = new FacebookApi();
     }
 
diff --git a/scribejava-apis/src/main/java/com/github/scribejava/apis/GoogleApi20.java b/scribejava-apis/src/main/java/com/github/scribejava/apis/GoogleApi20.java
@@ -34,7 +34,7 @@ public Verb getAccessTokenVerb() {
 
     @Override
     public String getAccessTokenEndpoint() {
-        return "https://accounts.google.com/o/oauth2/token";
+        return "https://www.googleapis.com/oauth2/v4/token";
     }
 
     @Override
diff --git a/scribejava-apis/src/main/java/com/github/scribejava/apis/NeteaseWeibooApi.java b/scribejava-apis/src/main/java/com/github/scribejava/apis/NeteaseWeibooApi.java
@@ -32,14 +32,15 @@ public String getAccessTokenEndpoint() {
         return ACCESS_TOKEN_URL;
     }
 
-    @Override
     /**
      * this method will ignore your callback if you're creating a desktop client please choose this url else your can
      * call getAuthenticateUrl
      *
      * via
      * http://open.t.163.com/wiki/index.php?title=%E8%AF%B7%E6%B1%82%E7%94%A8%E6%88%B7%E6%8E%88%E6%9D%83Token(oauth/authorize)
+     * @return url to redirect user to (to get code)
      */
+    @Override
     public String getAuthorizationUrl(OAuth1RequestToken requestToken) {
         return String.format(AUTHORIZE_URL, requestToken.getToken());
     }
diff --git a/scribejava-apis/src/test/java/com/github/scribejava/apis/examples/FacebookExample.java b/scribejava-apis/src/test/java/com/github/scribejava/apis/examples/FacebookExample.java
@@ -27,6 +27,7 @@ public static void main(String... args) {
                 .state(secretState)
                 .callback("http://www.example.com/oauth_callback/")
                 .build(FacebookApi.instance());
+
         final Scanner in = new Scanner(System.in, "UTF-8");
 
         System.out.println("=== " + NETWORK_NAME + "'s OAuth Workflow ===");
diff --git a/scribejava-apis/src/test/java/com/github/scribejava/apis/examples/Google20Example.java b/scribejava-apis/src/test/java/com/github/scribejava/apis/examples/Google20Example.java
@@ -10,6 +10,8 @@
 import com.github.scribejava.core.model.Verb;
 import com.github.scribejava.core.model.Verifier;
 import com.github.scribejava.core.oauth.OAuth20Service;
+import java.util.HashMap;
+import java.util.Map;
 
 public abstract class Google20Example {
 
@@ -35,7 +37,13 @@ public static void main(String... args) {
 
         // Obtain the Authorization URL
         System.out.println("Fetching the Authorization URL...");
-        final String authorizationUrl = service.getAuthorizationUrl();
+        //pass access_type=offline to get refresh token
+        //https://developers.google.com/identity/protocols/OAuth2WebServer#preparing-to-start-the-oauth-20-flow
+        final Map<String, String> additionalParams = new HashMap<>();
+        additionalParams.put("access_type", "offline");
+        //force to reget refresh token (if usera are asked not the first time)
+        additionalParams.put("prompt", "consent");
+        final String authorizationUrl = service.getAuthorizationUrl(additionalParams);
         System.out.println("Got the Authorization URL!");
         System.out.println("Now go and authorize ScribeJava here:");
         System.out.println(authorizationUrl);
@@ -58,8 +66,14 @@ public static void main(String... args) {
 
         // Trade the Request Token and Verfier for the Access Token
         System.out.println("Trading the Request Token for an Access Token...");
-        final OAuth2AccessToken accessToken = service.getAccessToken(verifier);
+        OAuth2AccessToken accessToken = service.getAccessToken(verifier);
         System.out.println("Got the Access Token!");
+        System.out.println("(if your curious it looks like this: " + accessToken
+                + ", 'rawResponse'='" + accessToken.getRawResponse() + "')");
+
+        System.out.println("Refreshing the Access Token...");
+        accessToken = service.refreshAccessToken(accessToken.getRefreshToken());
+        System.out.println("Refreshed the Access Token!");
         System.out.println("(if your curious it looks like this: " + accessToken
                 + ", 'rawResponse'='" + accessToken.getRawResponse() + "')");
         System.out.println();
diff --git a/scribejava-core/src/main/java/com/github/scribejava/core/model/OAuth2AccessToken.java b/scribejava-core/src/main/java/com/github/scribejava/core/model/OAuth2AccessToken.java
@@ -4,7 +4,11 @@
 import java.util.Objects;
 
 /**
- * Represents an OAuth 2 Access Token http://tools.ietf.org/html/rfc6749#section-5.1
+ * Represents an OAuth 2 Access token.
+ * <p>
+ * http://tools.ietf.org/html/rfc6749#section-5.1
+ *
+ * @see <a href="https://tools.ietf.org/html/rfc6749#section-4.1.4">OAuth 2 Access Token Specification</a></p>
  */
 public class OAuth2AccessToken extends Token {
 
diff --git a/scribejava-core/src/main/java/com/github/scribejava/core/model/OAuthConstants.java b/scribejava-core/src/main/java/com/github/scribejava/core/model/OAuthConstants.java
@@ -20,7 +20,6 @@ public interface OAuthConstants {
     String OUT_OF_BAND = "oob";
     String VERIFIER = "oauth_verifier";
     String HEADER = "Authorization";
-    OAuth1RequestToken EMPTY_TOKEN = new OAuth1RequestToken("", "");
     String SCOPE = "scope";
 
     // OAuth 2.0
@@ -29,6 +28,7 @@ public interface OAuthConstants {
     String CLIENT_SECRET = "client_secret";
     String REDIRECT_URI = "redirect_uri";
     String CODE = "code";
+    String REFRESH_TOKEN = "refresh_token";
     String GRANT_TYPE = "grant_type";
     String AUTHORIZATION_CODE = "authorization_code";
     String STATE = "state";
diff --git a/scribejava-core/src/main/java/com/github/scribejava/core/oauth/OAuth10aService.java b/scribejava-core/src/main/java/com/github/scribejava/core/oauth/OAuth10aService.java
@@ -8,7 +8,6 @@
 import com.github.scribejava.core.model.AbstractRequest;
 import com.github.scribejava.core.model.OAuth1AccessToken;
 import com.github.scribejava.core.model.OAuth1RequestToken;
-import com.github.scribejava.core.model.OAuth1Token;
 import com.github.scribejava.core.model.OAuthAsyncRequestCallback;
 import com.github.scribejava.core.model.OAuthConfig;
 import com.github.scribejava.core.model.OAuthConstants;
@@ -50,7 +49,7 @@ public OAuth1RequestToken getRequestToken() {
 
         config.log("setting oauth_callback to " + config.getCallback());
         request.addOAuthParameter(OAuthConstants.CALLBACK, config.getCallback());
-        addOAuthParams(request, OAuthConstants.EMPTY_TOKEN);
+        addOAuthParams(request, "");
         appendSignature(request);
 
         config.log("sending request...");
@@ -62,7 +61,7 @@ public OAuth1RequestToken getRequestToken() {
         return api.getRequestTokenExtractor().extract(body);
     }
 
-    private void addOAuthParams(AbstractRequest request, OAuth1Token token) {
+    private void addOAuthParams(AbstractRequest request, String tokenSecret) {
         final OAuthConfig config = getConfig();
         request.addOAuthParameter(OAuthConstants.TIMESTAMP, api.getTimestampService().getTimestampInSeconds());
         request.addOAuthParameter(OAuthConstants.NONCE, api.getTimestampService().getNonce());
@@ -72,7 +71,7 @@ private void addOAuthParams(AbstractRequest request, OAuth1Token token) {
         if (config.hasScope()) {
             request.addOAuthParameter(OAuthConstants.SCOPE, config.getScope());
         }
-        request.addOAuthParameter(OAuthConstants.SIGNATURE, getSignature(request, token));
+        request.addOAuthParameter(OAuthConstants.SIGNATURE, getSignature(request, tokenSecret));
 
         config.log("appended additional OAuth parameters: " + MapUtils.toString(request.getOauthParameters()));
     }
@@ -87,8 +86,8 @@ public final OAuth1AccessToken getAccessToken(OAuth1RequestToken requestToken, V
     }
 
     /**
-     * Start the request to retrieve the access token. The optionally provided callback will be called with the Token
-     * when it is available.
+     * Start the request to retrieve the access token. The optionally provided
+     * callback will be called with the Token when it is available.
      *
      * @param requestToken request token (obtained previously or null)
      * @param verifier verifier code
@@ -122,7 +121,7 @@ protected void prepareAccessTokenRequest(AbstractRequest request, OAuth1RequestT
         request.addOAuthParameter(OAuthConstants.TOKEN, requestToken.getToken());
         request.addOAuthParameter(OAuthConstants.VERIFIER, verifier.getValue());
         config.log("setting token to: " + requestToken + " and verifier to: " + verifier);
-        addOAuthParams(request, requestToken);
+        addOAuthParams(request, requestToken.getTokenSecret());
         appendSignature(request);
     }
 
@@ -134,20 +133,18 @@ public void signRequest(OAuth1AccessToken token, AbstractRequest request) {
             request.addOAuthParameter(OAuthConstants.TOKEN, token.getToken());
         }
         config.log("setting token to: " + token);
-        addOAuthParams(request, token);
+        addOAuthParams(request, token.getTokenSecret());
         appendSignature(request);
     }
 
-    /**
-     * {@inheritDoc}
-     */
     @Override
     public String getVersion() {
         return VERSION;
     }
 
     /**
-     * Returns the URL where you should redirect your users to authenticate your application.
+     * Returns the URL where you should redirect your users to authenticate your
+     * application.
      *
      * @param requestToken the request token you need to authorize
      * @return the URL where you should redirect your users
@@ -156,13 +153,12 @@ public String getAuthorizationUrl(OAuth1RequestToken requestToken) {
         return api.getAuthorizationUrl(requestToken);
     }
 
-    private String getSignature(AbstractRequest request, OAuth1Token token) {
+    private String getSignature(AbstractRequest request, String tokenSecret) {
         final OAuthConfig config = getConfig();
         config.log("generating signature...");
         config.log("using base64 encoder: " + Base64Encoder.type());
         final String baseString = api.getBaseStringExtractor().extract(request);
-        final String signature = api.getSignatureService()
-                .getSignature(baseString, config.getApiSecret(), token.getTokenSecret());
+        final String signature = api.getSignatureService().getSignature(baseString, config.getApiSecret(), tokenSecret);
 
         config.log("base string is: " + baseString);
         config.log("signature is: " + signature);
diff --git a/scribejava-core/src/main/java/com/github/scribejava/core/oauth/OAuth20Service.java b/scribejava-core/src/main/java/com/github/scribejava/core/oauth/OAuth20Service.java
@@ -78,6 +78,42 @@ protected <T extends AbstractRequest> T createAccessTokenRequest(Verifier verifi
         return request;
     }
 
+    public final OAuth2AccessToken refreshAccessToken(String refreshToken) {
+        final Response response = createRefreshTokenRequest(refreshToken,
+                new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint(), this)).send();
+        return api.getAccessTokenExtractor().extract(response.getBody());
+    }
+
+    public final Future<OAuth2AccessToken> refreshAccessTokenAsync(String refreshToken,
+            OAuthAsyncRequestCallback<OAuth2AccessToken> callback) {
+        return refreshAccessTokenAsync(refreshToken, callback, null);
+    }
+
+    public final Future<OAuth2AccessToken> refreshAccessTokenAsync(String refreshToken,
+            OAuthAsyncRequestCallback<OAuth2AccessToken> callback, ProxyServer proxyServer) {
+        final OAuthRequestAsync request = createRefreshTokenRequest(refreshToken,
+                new OAuthRequestAsync(api.getAccessTokenVerb(), api.getAccessTokenEndpoint(), this));
+        return request.sendAsync(callback, new OAuthRequestAsync.ResponseConverter<OAuth2AccessToken>() {
+            @Override
+            public OAuth2AccessToken convert(com.ning.http.client.Response response) throws IOException {
+                return getApi().getAccessTokenExtractor()
+                        .extract(OAuthRequestAsync.RESPONSE_CONVERTER.convert(response).getBody());
+            }
+        }, proxyServer);
+    }
+
+    protected <T extends AbstractRequest> T createRefreshTokenRequest(String refreshToken, T request) {
+        if (refreshToken == null || refreshToken.isEmpty()) {
+            throw new IllegalArgumentException("The refreshToken cannot be null or empty");
+        }
+        final OAuthConfig config = getConfig();
+        request.addParameter(OAuthConstants.CLIENT_ID, config.getApiKey());
+        request.addParameter(OAuthConstants.CLIENT_SECRET, config.getApiSecret());
+        request.addParameter(OAuthConstants.REFRESH_TOKEN, refreshToken);
+        request.addParameter(OAuthConstants.GRANT_TYPE, OAuthConstants.REFRESH_TOKEN);
+        return request;
+    }
+
     /**
      * {@inheritDoc}
      */

Original file line number	Diff line number	Diff line change
`@@ -9,9 +9,8 @@`
`9`	`9`	`import com.github.scribejava.core.utils.OAuthEncoder;`
`10`	`10`	`import com.github.scribejava.core.utils.Preconditions;`
`11`	`11`
`12`		`-/***`
	`12`	`+/**`
`13`	`13`	`* Facebook v2.5 API`
`14`		`- *`
`15`	`14`	`*/`
`16`	`15`	`public class FacebookApi extends DefaultApi20 {`
`17`	`16`
`@@ -22,6 +21,7 @@ protected FacebookApi() {`
`22`	`21`	`}`
`23`	`22`
`24`	`23`	`private static class InstanceHolder {`
	`24`	`+`
`25`	`25`	`private static final FacebookApi INSTANCE = new FacebookApi();`
`26`	`26`	`}`
`27`	`27`
Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ public Verb getAccessTokenVerb() {`
`34`	`34`
`35`	`35`	`@Override`
`36`	`36`	`public String getAccessTokenEndpoint() {`
`37`		`- return "https://accounts.google.com/o/oauth2/token";`
	`37`	`+ return "https://www.googleapis.com/oauth2/v4/token";`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -32,14 +32,15 @@ public String getAccessTokenEndpoint() {`
`32`	`32`	`return ACCESS_TOKEN_URL;`
`33`	`33`	`}`
`34`	`34`
`35`		`- @Override`
`36`	`35`	`/**`
`37`	`36`	`* this method will ignore your callback if you're creating a desktop client please choose this url else your can`
`38`	`37`	`* call getAuthenticateUrl`
`39`	`38`	`*`
`40`	`39`	`* via`
`41`	`40`	`* http://open.t.163.com/wiki/index.php?title=%E8%AF%B7%E6%B1%82%E7%94%A8%E6%88%B7%E6%8E%88%E6%9D%83Token(oauth/authorize)`
	`41`	`+ * @return url to redirect user to (to get code)`
`42`	`42`	`*/`
	`43`	`+ @Override`
`43`	`44`	`public String getAuthorizationUrl(OAuth1RequestToken requestToken) {`
`44`	`45`	`return String.format(AUTHORIZE_URL, requestToken.getToken());`
`45`	`46`	`}`