[ https://issues.apache.org/jira/browse/NIFI-4246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16279436#comment-16279436 ]
ASF GitHub Bot commented on NIFI-4246: -------------------------------------- Github user alopresto commented on a diff in the pull request: https://github.com/apache/nifi/pull/2085#discussion_r155117627 --- Diff: nifi-nar-bundles/nifi-oauth-bundle/nifi-oauth/src/main/java/org/apache/nifi/oauth/AbstractOAuthControllerService.java --- @@ -0,0 +1,172 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.nifi.oauth; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +import org.apache.nifi.components.PropertyDescriptor; +import org.apache.nifi.controller.AbstractControllerService; +import org.apache.nifi.controller.ConfigurationContext; +import org.apache.nifi.processor.util.StandardValidators; +import org.apache.nifi.reporting.InitializationException; + + +public abstract class AbstractOAuthControllerService + extends AbstractControllerService implements OAuth2ClientService { + + protected String accessToken = null; + protected String refreshToken = null; + protected String tokenType = null; + protected long expiresIn = -1; + protected long expiresTime = -1; + protected long lastResponseTimestamp = -1; + protected Map<String, String> extraHeaders = new HashMap<String, String>(); + protected String authUrl = null; + protected long expireTimeSafetyNetSeconds = -1; + protected String accessTokenRespName = null; + protected String expireTimeRespName = null; + protected String expireInRespName = null; + protected String tokenTypeRespName = null; + protected String scopeRespName = null; + + public static final PropertyDescriptor AUTH_SERVER_URL = new PropertyDescriptor + .Builder().name("OAuth2 Authorization Server URL") + .displayName("OAuth2 Authorization Server") + .description("OAuth2 Authorization Server that grants access to the protected resources on the behalf of the resource owner.") + .required(true) + .addValidator(StandardValidators.NON_EMPTY_VALIDATOR) + .build(); + + public static final PropertyDescriptor RESPONSE_ACCESS_TOKEN_FIELD_NAME = new PropertyDescriptor + .Builder().name("JSON response 'access_token' name") + .displayName("JSON response 'access_token' name") + .description("Name of the field in the JSON response that contains the access token. IETF OAuth2 spec default is 'access_token' if your API provider's" + + " response field is different this is where you can change that.") + .defaultValue("access_token") + .required(true) + .addValidator(StandardValidators.NON_EMPTY_VALIDATOR) + .build(); + + public static final PropertyDescriptor RESPONSE_EXPIRE_TIME_FIELD_NAME = new PropertyDescriptor + .Builder().name("JSON response 'expire_time' name") + .displayName("JSON response 'expire_time' name") + .description("Name of the field in the JSON response that contains the expire time. IETF OAuth2 spec default is 'expire_time' if your API provider's" + + " response field is different this is where you can change that.") + .defaultValue("expire_time") + .required(true) + .addValidator(StandardValidators.NON_EMPTY_VALIDATOR) + .build(); + + public static final PropertyDescriptor RESPONSE_EXPIRE_IN_FIELD_NAME = new PropertyDescriptor + .Builder().name("JSON response 'expire_in' name") + .displayName("JSON response 'expire_in' name") + .description("Name of the field in the JSON response that contains the expire in. IETF OAuth2 spec default is 'expire_in' if your API provider's" + + " response field is different this is where you can change that.") + .defaultValue("expire_in") + .required(true) + .addValidator(StandardValidators.NON_EMPTY_VALIDATOR) + .build(); + + public static final PropertyDescriptor RESPONSE_TOKEN_TYPE_FIELD_NAME = new PropertyDescriptor + .Builder().name("JSON response 'token_type' name") --- End diff -- The `name` should avoid special characters and spaces for serialization purposes. Suggest `.name("JSON_response_token_type_name")`. > OAuth 2 Authorization support - Client Credentials Grant > -------------------------------------------------------- > > Key: NIFI-4246 > URL: https://issues.apache.org/jira/browse/NIFI-4246 > Project: Apache NiFi > Issue Type: Improvement > Reporter: Jeremy Dyer > Assignee: Jeremy Dyer > > If your interacting with REST endpoints on the web chances are you are going > to run into an OAuth2 secured webservice. The IETF (Internet Engineering Task > Force) defines 4 methods in which OAuth2 authorization can occur. This JIRA > is focused solely on the Client Credentials Grant method defined at > https://tools.ietf.org/html/rfc6749#section-4.4 > This implementation should provide a ControllerService in which the enduser > can configure the credentials for obtaining the authorization grant (access > token) from the resource owner. In turn a new property will be added to the > InvokeHTTP processor (if it doesn't already exist from one of the other JIRA > efforts similar to this one) where the processor can reference this > controller service to obtain the access token and insert the appropriate HTTP > header (Authorization: Bearer{access_token}) so that the InvokeHTTP processor > can interact with the OAuth protected resources without having to worry about > setting up the credentials for each InvokeHTTP processor saving time and > complexity. -- This message was sent by Atlassian JIRA (v6.4.14#64029)