diff --git a/pom.xml b/pom.xml
index c1f40f3..c439212 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,6 +74,11 @@
jackson-datatype-jsr310
${jackson.version}
+
+ org.apache.commons
+ commons-lang3
+ 3.14.0
+
org.slf4j
slf4j-api
diff --git a/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java
index f951186..2dfc89f 100755
--- a/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java
@@ -20,6 +20,8 @@ import java.util.Base64;
import javax.ws.rs.client.ClientRequestContext;
import javax.ws.rs.core.HttpHeaders;
+import org.apache.commons.lang3.StringUtils;
+
/**
* This class implements a simple 2-credential (username & password) based
* authorization filter.
@@ -36,8 +38,8 @@ public class BasicAuthorizationFilter implements AuthorizationFilter {
* @param password A password or secret key.
*/
public BasicAuthorizationFilter(String username, String password) {
- this.username = username;
- this.password = password;
+ this.username = StringUtils.trimToNull(username);
+ this.password = StringUtils.trimToNull(password);
}
/**
diff --git a/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java
index c7842a1..63274e9 100644
--- a/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java
@@ -16,6 +16,8 @@ package com.inteligr8.rs;
import javax.ws.rs.client.ClientRequestContext;
+import org.apache.commons.lang3.StringUtils;
+
/**
* This class is the base for implementations of client authorization similar
* to OAuth-based flows.
@@ -45,8 +47,8 @@ public class ClientEnforcementAuthorizationFilter implements AuthorizationFilter
* @param clientSecret A secret corresponding to the client ID.
*/
public ClientEnforcementAuthorizationFilter(String clientId, String clientSecret) {
- this.clientId = clientId;
- this.clientSecret = clientSecret;
+ this.clientId = StringUtils.trimToNull(clientId);
+ this.clientSecret = StringUtils.trimToNull(clientSecret);
}
/**
diff --git a/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java
index 77073bc..c1a0b93 100755
--- a/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java
@@ -18,6 +18,10 @@ import java.net.URI;
import javax.ws.rs.core.Form;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
/**
* This class implements the OAuth Authorization Code flow as an authorization
* filter.
@@ -25,6 +29,8 @@ import javax.ws.rs.core.Form;
* @author brian@inteligr8.com
*/
public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizationFilter {
+
+ private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final String code;
private final URI redirectUri;
@@ -68,12 +74,13 @@ public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizatio
public OAuthAuthorizationCodeAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String code, URI redirectUri) {
super(tokenUrl, clientId, clientSecret);
- this.code = code;
+ this.code = StringUtils.trimToNull(code);
this.redirectUri = redirectUri;
}
@Override
protected Form createForm() {
+ this.logger.debug("Using OAuth grant_type 'authorization_code'");
Form form = new Form().param("grant_type", "authorization_code");
if (this.redirectUri != null)
form.param("redirect_uri", this.redirectUri.toString());
diff --git a/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java
index cc27a43..519aaf2 100755
--- a/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java
@@ -27,6 +27,7 @@ import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status.Family;
+import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -88,9 +89,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
*/
public OAuthAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String scope) {
this.tokenUrl = tokenUrl;
- this.clientId = clientId;
- this.clientSecret = clientSecret;
- this.scope = scope;
+ this.clientId = StringUtils.trimToNull(clientId);
+ this.clientSecret = StringUtils.trimToNull(clientSecret);
+ this.scope = StringUtils.trimToNull(scope);
}
/**
diff --git a/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java
index 40856e8..b6d9a97 100755
--- a/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java
@@ -16,6 +16,9 @@ package com.inteligr8.rs;
import javax.ws.rs.core.Form;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
/**
* This class implements the OAuth Client Credential flow as an authorization
* filter.
@@ -23,6 +26,8 @@ import javax.ws.rs.core.Form;
* @author brian@inteligr8.com
*/
public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorizationFilter {
+
+ private final Logger logger = LoggerFactory.getLogger(this.getClass());
/**
* @param tokenUrl The URL to the OAuth IdP token service.
@@ -35,6 +40,7 @@ public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorization
@Override
protected Form createForm() {
+ this.logger.debug("Using OAuth grant_type 'client_credentials'");
return new Form().param("grant_type", "client_credentials");
}
diff --git a/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java
index 39a1a2e..a5db103 100755
--- a/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java
+++ b/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java
@@ -16,6 +16,10 @@ package com.inteligr8.rs;
import javax.ws.rs.core.Form;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
/**
* This class implements the OAuth Password Grant flow as an authorization
* filter.
@@ -23,6 +27,8 @@ import javax.ws.rs.core.Form;
* @author brian@inteligr8.com
*/
public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFilter {
+
+ private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final String username;
private final String password;
@@ -46,12 +52,13 @@ public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFil
*/
public OAuthPasswordGrantAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String username, String password) {
super(tokenUrl, clientId, clientSecret);
- this.username = username;
- this.password = password;
+ this.username = StringUtils.trimToNull(username);
+ this.password = StringUtils.trimToNull(password);
}
@Override
protected Form createForm() {
+ this.logger.debug("Using OAuth grant_type 'password': {}", this.username);
return new Form().param("grant_type", "password")
.param("username", this.username);
}