public class SocialTokenGranter extends AbstractTokenGranter { private stat

1. public class SocialTokenGranter extends AbstractTokenGranter {
2.  
3. private static final String GRANT_TYPE = "facebook_social";
4. GiraffeUserDetailsService giraffeUserDetailsService; // custom UserDetails service
5.  
6. SocialTokenGranter(
7. GiraffeUserDetailsService giraffeUserDetailsService,
8. AuthorizationServerTokenServices tokenServices,
9. OAuth2RequestFactory defaultOauth2RequestFactory,
10. ClientDetailsService clientDetailsService) {
11. super(tokenServices, clientDetailsService, defaultOauth2RequestFactory, GRANT_TYPE);
12. this.giraffeUserDetailsService = giraffeUserDetailsService;
13. }
14.  
15. @Override
16. protected OAuth2Authentication getOAuth2Authentication(ClientDetails clientDetails, TokenRequest request) {
17.  
18. // retrieve social token sent by the client
19. Map<String, String> parameters = request.getRequestParameters();
20. String socialToken = parameters.get("social_token");
21.  
22. //validate social token and receive user information from external authentication server
23. String url = "https://graph.facebook.com/me?access_token=" + socialToken;
24.  
25. Authentication userAuth = null;
26. try {
27. ResponseEntity<FacebookUserInformation> response = new RestTemplate().getForEntity(url, FacebookUserInformation.class);
28.  
29. if (response.getStatusCode().is4xxClientError()) throw new GiraffeException.InvalidOrExpiredSocialToken();
30.  
31. FacebookUserInformation userInformation = response.getBody();
32. GiraffeUserDetails giraffeSocialUserDetails = giraffeUserDetailsService.loadOrCreateSocialUser(userInformation.getId(), userInformation.getEmail(), User.SocialProvider.FACEBOOK);
33.  
34. userAuth = new UsernamePasswordAuthenticationToken(giraffeSocialUserDetails, "N/A", giraffeSocialUserDetails.getAuthorities());
35. } catch (GiraffeException.InvalidOrExpiredSocialToken | GiraffeException.UnableToValidateSocialUserInformation e) {
36. // log the stacktrace
37. }
38. return new OAuth2Authentication(request.createOAuth2Request(clientDetails), userAuth);
39. }
40.  
41. private static class FacebookUserInformation {
42. private String id;
43. private String email;
44.  
45. // getters, setters, constructor
46. }
47. }
48.  
49. private TokenGranter tokenGranter(AuthorizationServerEndpointsConfigurer endpoints) {
50. List<TokenGranter> granters = new ArrayList<>(Arrays.asList(endpoints.getTokenGranter()));
51. granters.add(new SocialTokenGranter(giraffeUserDetailsService, endpoints.getTokenServices(), endpoints.getOAuth2RequestFactory(), endpoints.getClientDetailsService()));
52. return new CompositeTokenGranter(granters);
53. }