Merge pull request #367 from owncloud/feature/oidc_dynamic_client_registration

[FEATURE] OIDC Dynamic Client Registration
2025-10-31 02:17:41 +00:00 · 2021-02-22 17:19:08 +01:00 · 2021-02-22 17:19:08 +01:00 · e438ded413
commit e438ded413
parent 3b138e7c01 37250fc55c
6 changed files with 205 additions and 8 deletions
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/RegisterClientRemoteOperation.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/RegisterClientRemoteOperation.kt
@ -0,0 +1,85 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   @author Abel García de Prada
+ *
+ *   Copyright (C) 2021 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ *
+ */
+
+package com.owncloud.android.lib.resources.oauth
+
+import com.owncloud.android.lib.common.OwnCloudClient
+import com.owncloud.android.lib.common.http.HttpConstants
+import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod
+import com.owncloud.android.lib.common.operations.RemoteOperation
+import com.owncloud.android.lib.common.operations.RemoteOperationResult
+import com.owncloud.android.lib.resources.oauth.params.ClientRegistrationParams
+import com.owncloud.android.lib.resources.oauth.responses.ClientRegistrationResponse
+import com.squareup.moshi.JsonAdapter
+import com.squareup.moshi.Moshi
+import timber.log.Timber
+import java.net.URL
+
+class RegisterClientRemoteOperation(
+    private val clientRegistrationParams: ClientRegistrationParams
+) : RemoteOperation<ClientRegistrationResponse>() {
+
+    override fun run(client: OwnCloudClient): RemoteOperationResult<ClientRegistrationResponse> {
+        try {
+            val requestBody = clientRegistrationParams.toRequestBody()
+
+            val postMethod = PostMethod(
+                url = URL(clientRegistrationParams.registrationEndpoint),
+                postRequestBody = requestBody
+            )
+
+            val status = client.executeHttpMethod(postMethod)
+
+            val responseBody = postMethod.getResponseBodyAsString()
+
+            if (status == HttpConstants.HTTP_CREATED && responseBody != null) {
+                Timber.d("Successful response $responseBody")
+
+                // Parse the response
+                val moshi: Moshi = Moshi.Builder().build()
+                val jsonAdapter: JsonAdapter<ClientRegistrationResponse> =
+                    moshi.adapter(ClientRegistrationResponse::class.java)
+                val clientRegistrationResponse: ClientRegistrationResponse? = jsonAdapter.fromJson(responseBody)
+                Timber.d("Client registered and parsed to $clientRegistrationResponse")
+
+                return RemoteOperationResult<ClientRegistrationResponse>(RemoteOperationResult.ResultCode.OK).apply {
+                    data = clientRegistrationResponse
+                }
+
+            } else {
+                Timber.e("Failed response while registering a new client. Status code: $status; response message: $responseBody")
+                return RemoteOperationResult<ClientRegistrationResponse>(postMethod)
+            }
+
+        } catch (e: Exception) {
+            Timber.e(e, "Exception while registering a new client.")
+            return RemoteOperationResult<ClientRegistrationResponse>(e)
+
+        }
+
+    }
+}
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/ClientRegistrationParams.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/ClientRegistrationParams.kt
@ -0,0 +1,57 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   @author Abel García de Prada
+ *
+ *   Copyright (C) 2021 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ *
+ */
+package com.owncloud.android.lib.resources.oauth.params
+
+import com.owncloud.android.lib.common.http.HttpConstants.CONTENT_TYPE_JSON
+import okhttp3.MediaType.Companion.toMediaType
+import okhttp3.RequestBody
+import okhttp3.RequestBody.Companion.toRequestBody
+import org.json.JSONArray
+import org.json.JSONObject
+
+data class ClientRegistrationParams(
+    val registrationEndpoint: String,
+    val clientName: String,
+    val redirectUris: List<String>,
+    val tokenEndpointAuthMethod: String,
+    val applicationType: String
+) {
+    fun toRequestBody(): RequestBody =
+        JSONObject().apply {
+            put(PARAM_APPLICATION_TYPE, applicationType)
+            put(PARAM_CLIENT_NAME, clientName)
+            put(PARAM_REDIRECT_URIS, JSONArray(redirectUris))
+            put(PARAM_TOKEN_ENDPOINT_AUTH_METHOD, tokenEndpointAuthMethod)
+        }.toString().toRequestBody(CONTENT_TYPE_JSON.toMediaType())
+
+    companion object {
+        private const val PARAM_APPLICATION_TYPE = "application_type"
+        private const val PARAM_CLIENT_NAME = "client_name"
+        private const val PARAM_TOKEN_ENDPOINT_AUTH_METHOD = "token_endpoint_auth_method"
+        private const val PARAM_REDIRECT_URIS = "redirect_uris"
+    }
+}
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt
@ -42,13 +42,12 @@ sealed class TokenRequestParams(
        val redirectUri: String
    ) : TokenRequestParams(tokenEndpoint, clientAuth, grantType) {

-        override fun toRequestBody(): RequestBody {
-            return FormBody.Builder()
+        override fun toRequestBody(): RequestBody =
+            FormBody.Builder()
                .add(HttpConstants.OAUTH_HEADER_AUTHORIZATION_CODE, authorizationCode)
                .add(HttpConstants.OAUTH_HEADER_GRANT_TYPE, grantType)
                .add(HttpConstants.OAUTH_HEADER_REDIRECT_URI, redirectUri)
                .build()
-        }
    }

    class RefreshToken(
@ -58,14 +57,13 @@ sealed class TokenRequestParams(
        val refreshToken: String? = null
    ) : TokenRequestParams(tokenEndpoint, clientAuth, grantType) {

-        override fun toRequestBody(): RequestBody {
-            return FormBody.Builder().apply {
+        override fun toRequestBody(): RequestBody =
+            FormBody.Builder().apply {
                add(HttpConstants.OAUTH_HEADER_GRANT_TYPE, grantType)
                if (!refreshToken.isNullOrBlank()) {
                    add(HttpConstants.OAUTH_HEADER_REFRESH_TOKEN, refreshToken)
                }
            }.build()

-        }
    }
 }
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/ClientRegistrationResponse.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/ClientRegistrationResponse.kt
@ -0,0 +1,42 @@
+/* ownCloud Android Library is available under MIT license
+ *
+ *   @author Abel García de Prada
+ *
+ *   Copyright (C) 2021 ownCloud GmbH.
+ *
+ *   Permission is hereby granted, free of charge, to any person obtaining a copy
+ *   of this software and associated documentation files (the "Software"), to deal
+ *   in the Software without restriction, including without limitation the rights
+ *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *   copies of the Software, and to permit persons to whom the Software is
+ *   furnished to do so, subject to the following conditions:
+ *
+ *   The above copyright notice and this permission notice shall be included in
+ *   all copies or substantial portions of the Software.
+ *
+ *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *   THE SOFTWARE.
+ *
+ */
+package com.owncloud.android.lib.resources.oauth.responses
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+@JsonClass(generateAdapter = true)
+data class ClientRegistrationResponse(
+    @Json(name = "client_id")
+    val clientId: String,
+    @Json(name = "client_secret")
+    val clientSecret: String?,
+    @Json(name = "client_id_issued_at")
+    val clientIdIssuedAt: Int?,
+    @Json(name = "client_secret_expires_at")
+    val clientSecretExpiration: Int,
+)
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt
@ -1,6 +1,6 @@
 /* ownCloud Android Library is available under MIT license
 *
- *   Copyright (C) 2020 ownCloud GmbH.
+ *   Copyright (C) 2021 ownCloud GmbH.
 *
 *   Permission is hereby granted, free of charge, to any person obtaining a copy
 *   of this software and associated documentation files (the "Software"), to deal
@ -25,7 +25,9 @@ package com.owncloud.android.lib.resources.oauth.services

 import com.owncloud.android.lib.common.OwnCloudClient
 import com.owncloud.android.lib.common.operations.RemoteOperationResult
+import com.owncloud.android.lib.resources.oauth.params.ClientRegistrationParams
 import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams
+import com.owncloud.android.lib.resources.oauth.responses.ClientRegistrationResponse
 import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse
 import com.owncloud.android.lib.resources.oauth.responses.TokenResponse

@ -38,4 +40,8 @@ interface OIDCService {
        tokenRequest: TokenRequestParams
    ): RemoteOperationResult<TokenResponse>

+    fun registerClientWithRegistrationEndpoint(
+        ownCloudClient: OwnCloudClient,
+        clientRegistrationParams: ClientRegistrationParams
+    ): RemoteOperationResult<ClientRegistrationResponse>
 }
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt
@ -1,6 +1,6 @@
 /* ownCloud Android Library is available under MIT license
 *
- *   Copyright (C) 2020 ownCloud GmbH.
+ *   Copyright (C) 2021 ownCloud GmbH.
 *
 *   Permission is hereby granted, free of charge, to any person obtaining a copy
 *   of this software and associated documentation files (the "Software"), to deal
@ -26,8 +26,11 @@ package com.owncloud.android.lib.resources.oauth.services.implementation
 import com.owncloud.android.lib.common.OwnCloudClient
 import com.owncloud.android.lib.common.operations.RemoteOperationResult
 import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation
+import com.owncloud.android.lib.resources.oauth.RegisterClientRemoteOperation
 import com.owncloud.android.lib.resources.oauth.TokenRequestRemoteOperation
+import com.owncloud.android.lib.resources.oauth.params.ClientRegistrationParams
 import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams
+import com.owncloud.android.lib.resources.oauth.responses.ClientRegistrationResponse
 import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse
 import com.owncloud.android.lib.resources.oauth.responses.TokenResponse
 import com.owncloud.android.lib.resources.oauth.services.OIDCService
@ -45,4 +48,10 @@ class OCOIDCService : OIDCService {
    ): RemoteOperationResult<TokenResponse> =
        TokenRequestRemoteOperation(tokenRequest).execute(ownCloudClient)

+    override fun registerClientWithRegistrationEndpoint(
+        ownCloudClient: OwnCloudClient,
+        clientRegistrationParams: ClientRegistrationParams
+    ): RemoteOperationResult<ClientRegistrationResponse> =
+        RegisterClientRemoteOperation(clientRegistrationParams).execute(ownCloudClient)
+
 }