Add methods to request access token synchronous (#5)

nisrulz · Luca Figoli · web-flow · commit 557f28489bcb · 2024-02-26T12:20:31.000+01:00
Co-authored-by: Luca Figoli &lt;luca.figoli@consultant.aruba.it&gt;
diff --git a/library/java/net/openid/appauth/AuthState.java b/library/java/net/openid/appauth/AuthState.java
@@ -468,6 +468,128 @@ public void update(@Nullable RegistrationResponse regResponse) {
         mAuthorizationException = null;
     }
 
+    /**
+     * Ensures that a non-expired access token is available before invoking the provided action.
+     * @return
+     */
+    @NonNull
+    public Tokens getSynchronousFreshToken(
+        @NonNull AuthorizationService service) throws AuthorizationException {
+        return getSynchronousFreshToken(
+            service,
+            NoClientAuthentication.INSTANCE,
+            Collections.<String, String>emptyMap(),
+            SystemClock.INSTANCE);
+    }
+
+    /**
+     * Ensures that a non-expired access token is available before invoking the provided action.
+     * @return
+     */
+    @NonNull
+    public Tokens getSynchronousFreshToken(
+        @NonNull AuthorizationService service,
+        @NonNull ClientAuthentication clientAuth) throws AuthorizationException {
+        return getSynchronousFreshToken(
+            service,
+            clientAuth,
+            Collections.<String, String>emptyMap(),
+            SystemClock.INSTANCE);
+    }
+
+    /**
+     * Ensures that a non-expired access token is available before invoking the provided action.
+     * If a token refresh is required, the provided additional parameters will be included in this
+     * refresh request.
+     * @return
+     */
+    @NonNull
+    public Tokens getSynchronousFreshToken(
+        @NonNull AuthorizationService service,
+        @NonNull Map<String, String> refreshTokenAdditionalParams) throws ClientAuthentication.UnsupportedAuthenticationMethod, AuthorizationException {
+        return getSynchronousFreshToken(
+            service,
+            getClientAuthentication(),
+            refreshTokenAdditionalParams,
+            SystemClock.INSTANCE);
+    }
+
+    /**
+     * Ensures that a non-expired access token is available before invoking the provided action.
+     * If a token refresh is required, the provided additional parameters will be included in this
+     * refresh request.
+     * @return
+     */
+    @NonNull
+    public Tokens getSynchronousFreshToken(
+        @NonNull AuthorizationService service,
+        @NonNull ClientAuthentication clientAuth,
+        @NonNull Map<String, String> refreshTokenAdditionalParams) throws AuthorizationException {
+        return getSynchronousFreshToken(
+            service,
+            clientAuth,
+            refreshTokenAdditionalParams,
+            SystemClock.INSTANCE);
+    }
+
+    @VisibleForTesting
+    @NonNull
+    Tokens getSynchronousFreshToken(
+        @NonNull final AuthorizationService service,
+        @NonNull final ClientAuthentication clientAuth,
+        @NonNull final Map<String, String> refreshTokenAdditionalParams,
+        @NonNull final Clock clock) throws AuthorizationException {
+        checkNotNull(service, "service cannot be null");
+        checkNotNull(clientAuth, "client authentication cannot be null");
+        checkNotNull(refreshTokenAdditionalParams,
+            "additional params cannot be null");
+        checkNotNull(clock, "clock cannot be null");
+
+        if (!getNeedsTokenRefresh(clock)) {
+            String accessToken = getAccessToken();
+            String idToken = getIdToken();
+            if (accessToken != null && idToken != null) {
+                return new Tokens(accessToken, idToken);
+            }
+        }
+
+        if (mRefreshToken == null) {
+            throw AuthorizationException.fromTemplate(
+                AuthorizationRequestErrors.CLIENT_ERROR,
+                new IllegalStateException("No refresh token available and token have expired"));
+        }
+
+        TokenResponse response = null;
+        AuthorizationException exception = null;
+        try {
+            response = service.performSynchronousTokenRequest(createTokenRefreshRequest(refreshTokenAdditionalParams), clientAuth);
+        } catch (AuthorizationException e) {
+            exception = e;
+        }
+
+        update(response, exception);
+
+        if (response != null) {
+            String accessToken = getAccessToken();
+            String idToken = getIdToken();
+            if (accessToken != null && idToken != null) {
+                return new Tokens(accessToken, idToken);
+            } else {
+                exception = AuthorizationException.fromTemplate(
+                    AuthorizationException.GeneralErrors.JSON_DESERIALIZATION_ERROR,
+                    new Exception(""));
+            }
+        }
+
+        if (exception != null) {
+            throw exception;
+        } else {
+            throw AuthorizationException.fromTemplate(
+                AuthorizationException.GeneralErrors.JSON_DESERIALIZATION_ERROR,
+                new Exception(""));
+        }
+    }
+
     /**
      * Ensures that a non-expired access token is available before invoking the provided action.
      */
@@ -764,6 +886,29 @@ void execute(
                 @Nullable AuthorizationException ex);
     }
 
+    public static class Tokens {
+        /**
+         * Result of the synchronous function that return accessToken
+         */
+        private @NonNull final String accessToken;
+        private @NonNull final String idToken;
+
+        public Tokens(@NonNull String accessToken, @NonNull String idToken) {
+            this.accessToken = accessToken;
+            this.idToken = idToken;
+        }
+
+        @NonNull
+        public String getAccessToken() {
+            return accessToken;
+        }
+
+        @NonNull
+        public String getIdToken() {
+            return idToken;
+        }
+    }
+
     /**
      * Creates the required client authentication for the token endpoint based on information
      * in the most recent registration response (if it is set).
diff --git a/library/java/net/openid/appauth/AuthorizationService.java b/library/java/net/openid/appauth/AuthorizationService.java
@@ -512,6 +512,27 @@ public void performTokenRequest(
                 .execute();
     }
 
+    /**
+     * Sends a request to the authorization service to exchange a code granted as part of an
+     * authorization request for a token. The result of this request will be sent to the provided
+     * callback handler.
+     * @return TokenResponse
+     */
+    public TokenResponse performSynchronousTokenRequest(
+        @NonNull TokenRequest request,
+        @NonNull ClientAuthentication clientAuthentication) throws AuthorizationException {
+        checkNotDisposed();
+        Logger.debug("Initiating code exchange request to %s",
+            request.configuration.tokenEndpoint);
+        TokenRequestTask tokenRequest = new TokenRequestTask(
+            request,
+            clientAuthentication,
+            mClientConfiguration.getConnectionBuilder(),
+            SystemClock.INSTANCE, null);
+        JSONObject json = tokenRequest.doInBackground();
+        return tokenRequest.parseJson(json);
+    }
+
     /**
      * Sends a request to the authorization service to dynamically register a client.
      * The result of this request will be sent to the provided callback handler.
@@ -667,51 +688,54 @@ protected JSONObject doInBackground(Void... voids) {
 
         @Override
         protected void onPostExecute(JSONObject json) {
+            try {
+                TokenResponse tokenResponse = parseJson(json);
+                mCallback.onTokenRequestCompleted(tokenResponse, null);
+            } catch (AuthorizationException authorizationException) {
+                mCallback.onTokenRequestCompleted(null, authorizationException);
+            }
+        }
+
+        public TokenResponse parseJson(JSONObject json) throws AuthorizationException {
             if (mException != null) {
-                mCallback.onTokenRequestCompleted(null, mException);
-                return;
+                throw mException;
             }
 
             if (json.has(AuthorizationException.PARAM_ERROR)) {
                 AuthorizationException ex;
                 try {
                     String error = json.getString(AuthorizationException.PARAM_ERROR);
                     ex = AuthorizationException.fromOAuthTemplate(
-                            TokenRequestErrors.byString(error),
-                            error,
-                            json.optString(AuthorizationException.PARAM_ERROR_DESCRIPTION, null),
-                            UriUtil.parseUriIfAvailable(
-                                    json.optString(AuthorizationException.PARAM_ERROR_URI)));
+                        TokenRequestErrors.byString(error),
+                        error,
+                        json.optString(AuthorizationException.PARAM_ERROR_DESCRIPTION, null),
+                        UriUtil.parseUriIfAvailable(
+                            json.optString(AuthorizationException.PARAM_ERROR_URI)));
                 } catch (JSONException jsonEx) {
                     ex = AuthorizationException.fromTemplate(
-                            GeneralErrors.JSON_DESERIALIZATION_ERROR,
-                            jsonEx);
+                        GeneralErrors.JSON_DESERIALIZATION_ERROR,
+                        jsonEx);
                 }
-                mCallback.onTokenRequestCompleted(null, ex);
-                return;
+                throw ex;
             }
 
             TokenResponse response;
             try {
                 response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build();
             } catch (JSONException jsonEx) {
-                mCallback.onTokenRequestCompleted(null,
-                        AuthorizationException.fromTemplate(
-                                GeneralErrors.JSON_DESERIALIZATION_ERROR,
-                                jsonEx));
-                return;
+                throw AuthorizationException.fromTemplate(
+                    GeneralErrors.JSON_DESERIALIZATION_ERROR,
+                    jsonEx);
             }
 
             if (response.idToken != null) {
                 IdToken idToken;
                 try {
                     idToken = IdToken.from(response.idToken);
                 } catch (IdTokenException | JSONException ex) {
-                    mCallback.onTokenRequestCompleted(null,
-                            AuthorizationException.fromTemplate(
-                                    GeneralErrors.ID_TOKEN_PARSING_ERROR,
-                                    ex));
-                    return;
+                    throw AuthorizationException.fromTemplate(
+                        GeneralErrors.ID_TOKEN_PARSING_ERROR,
+                        ex);
                 }
 
                 try {
@@ -723,13 +747,12 @@ protected void onPostExecute(JSONObject json) {
                             mAllowedIssueTimeSkew
                     );
                 } catch (AuthorizationException ex) {
-                    mCallback.onTokenRequestCompleted(null, ex);
-                    return;
+                    throw ex;
                 }
             }
             Logger.debug("Token exchange with %s completed",
-                    mRequest.configuration.tokenEndpoint);
-            mCallback.onTokenRequestCompleted(response, null);
+                mRequest.configuration.tokenEndpoint);
+            return response;
         }
 
         /**
