[
https://issues.apache.org/jira/browse/NIFI-4246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16400879#comment-16400879
]
ASF GitHub Bot commented on NIFI-4246:
--------------------------------------
Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2085#discussion_r174881237
--- Diff:
nifi-nar-bundles/nifi-oauth-bundle/nifi-oauth/src/main/java/org/apache/nifi/oauth/httpclient/OAuthHTTPConnectionClient.java
---
@@ -0,0 +1,252 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.nifi.oauth.httpclient;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.net.URLConnection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.oltu.oauth2.client.HttpClient;
+import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
+import org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse;
+import org.apache.oltu.oauth2.client.response.OAuthClientResponse;
+import org.apache.oltu.oauth2.common.OAuth;
+import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
+import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
+import org.apache.oltu.oauth2.common.token.BasicOAuthToken;
+import org.apache.oltu.oauth2.common.token.OAuthToken;
+import org.apache.oltu.oauth2.common.utils.OAuthUtils;
+import org.json.JSONObject;
+
+public class OAuthHTTPConnectionClient
+ implements HttpClient {
+
+ private String accessTokenName = null;
+ private String tokenTypeName = null;
+ private String scopeName = null;
+ private String expireInName = null;
+ private String expireTimeName = null;
+
+ public OAuthHTTPConnectionClient(String accessTokenName, String
tokenTypeName, String scopeName, String expireInName, String expireTimeName) {
+ this.accessTokenName = accessTokenName;
+ this.tokenTypeName = tokenTypeName;
+ this.scopeName = scopeName;
+ this.expireInName = expireInName;
+ this.expireTimeName = expireTimeName;
+ }
+
+ @Override
+ public <T extends OAuthClientResponse> T execute(OAuthClientRequest
request, Map<String, String> headers,
+ String requestMethod, Class<T> responseClass) throws
OAuthSystemException, OAuthProblemException {
+
+ InputStream responseBody = null;
+ URLConnection c;
+ Map<String, List<String>> responseHeaders = new HashMap<String,
List<String>>();
+ int responseCode;
+ try {
+ URL url = new URL(request.getLocationUri());
+
+ c = url.openConnection();
+ responseCode = -1;
+ if (c instanceof HttpURLConnection) {
+ HttpURLConnection httpURLConnection = (HttpURLConnection)
c;
+
+ if (headers != null && !headers.isEmpty()) {
+ for (Map.Entry<String, String> header :
headers.entrySet()) {
+
httpURLConnection.addRequestProperty(header.getKey(), header.getValue());
+ }
+ }
+
+ if (request.getHeaders() != null) {
+ for (Map.Entry<String, String> header :
request.getHeaders().entrySet()) {
+
httpURLConnection.addRequestProperty(header.getKey(), header.getValue());
+ }
+ }
+
+ if (OAuthUtils.isEmpty(requestMethod)) {
+
httpURLConnection.setRequestMethod(OAuth.HttpMethod.GET);
+ } else {
+ httpURLConnection.setRequestMethod(requestMethod);
+ setRequestBody(request, requestMethod,
httpURLConnection);
+ }
+
+ httpURLConnection.connect();
+
+ InputStream inputStream;
+ responseCode = httpURLConnection.getResponseCode();
+ if (responseCode == 400 || responseCode == 405 ||
responseCode == 401 || responseCode == 403) {
+ inputStream = httpURLConnection.getErrorStream();
+ } else {
+ inputStream = httpURLConnection.getInputStream();
+ }
+
+ responseHeaders = httpURLConnection.getHeaderFields();
+ responseBody = inputStream;
+ }
+ } catch (IOException e) {
+ throw new OAuthSystemException(e);
+ }
+
+ CustomOAuthAccessTokenResponse cr = new
CustomOAuthAccessTokenResponse(responseBody, c.getContentType(), responseCode,
responseHeaders,
+ accessTokenName, tokenTypeName, scopeName, expireInName,
expireTimeName);
+
+ return (T) cr;
+ }
+
+ private void setRequestBody(OAuthClientRequest request, String
requestMethod, HttpURLConnection httpURLConnection)
+ throws IOException {
+ String requestBody = request.getBody();
+ if (OAuthUtils.isEmpty(requestBody)) {
+ return;
+ }
+
+ if (OAuth.HttpMethod.POST.equals(requestMethod) ||
OAuth.HttpMethod.PUT.equals(requestMethod)) {
+ httpURLConnection.setDoOutput(true);
+ OutputStream ost = httpURLConnection.getOutputStream();
+ PrintWriter pw = new PrintWriter(ost);
+ pw.print(requestBody);
+ pw.flush();
+ pw.close();
+ }
+ }
+
+ @Override
+ public void shutdown() {
+ // Nothing to do here
+ }
+
+
+ public static class CustomOAuthAccessTokenResponse
+ extends OAuthAccessTokenResponse {
+
+ // Names of the fields that should be pulled from the JSON
response.
+ private String accessTokenName = null;
--- End diff --
It appears the following fields are unused in this class: `accessTokenName,
tokenTypeName, scopeName, expireInName, expireTimeName, responseCode,
expireTime`.
> OAuth 2 Authorization support - Client Credentials Grant
> --------------------------------------------------------
>
> Key: NIFI-4246
> URL: https://issues.apache.org/jira/browse/NIFI-4246
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Jeremy Dyer
> Assignee: Jeremy Dyer
> Priority: Major
>
> If your interacting with REST endpoints on the web chances are you are going
> to run into an OAuth2 secured webservice. The IETF (Internet Engineering Task
> Force) defines 4 methods in which OAuth2 authorization can occur. This JIRA
> is focused solely on the Client Credentials Grant method defined at
> https://tools.ietf.org/html/rfc6749#section-4.4
> This implementation should provide a ControllerService in which the enduser
> can configure the credentials for obtaining the authorization grant (access
> token) from the resource owner. In turn a new property will be added to the
> InvokeHTTP processor (if it doesn't already exist from one of the other JIRA
> efforts similar to this one) where the processor can reference this
> controller service to obtain the access token and insert the appropriate HTTP
> header (Authorization: Bearer{access_token}) so that the InvokeHTTP processor
> can interact with the OAuth protected resources without having to worry about
> setting up the credentials for each InvokeHTTP processor saving time and
> complexity.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
