001/**
002 *
003 * Copyright 2014-2019 Florian Schmaus
004 *
005 * Licensed under the Apache License, Version 2.0 (the "License");
006 * you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 *     http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.jivesoftware.smack.sasl.core;
018
019import javax.security.auth.callback.CallbackHandler;
020
021import org.jivesoftware.smack.sasl.SASLMechanism;
022
023/**
024 * The SASL X-OAUTH2 mechanism as described in <a
025 * href="https://developers.google.com/talk/jep_extensions/oauth">https://developers.google
026 * .com/talk/jep_extensions/oauth</a>
027 * <p>
028 * The given password will be used as OAUTH token.
029 * </p>
030 * <p>
031 * Note that X-OAUTH2 is experimental in Smack. This is because Google defined, besides being a bad practice (XEP-134),
032 * custom attributes to the 'auth' stanza, as can be seen here
033 * </p>
034 *
035 * <pre>
036 * {@code
037 * <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="X-OAUTH2"
038 *    auth:service="chromiumsync" auth:allow-generated-jid="true"
039 *    auth:client-uses-full-bind-result="true" xmlns:auth="http://www.google.com/talk/protocol/auth">
040 * }
041 * </pre>
042 *
043 * from https://developers.google.com/cloud-print/docs/rawxmpp and here
044 *
045 * <pre>
046 * {@code
047 * <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl"
048 *   mechanism="X-OAUTH2"
049 *   auth:service="oauth2"
050 *   xmlns:auth="http://www.google.com/talk/protocol/auth">
051 * base64("\0" + user_name + "\0" + oauth_token)
052 * </auth>
053 * }
054 * </pre>
055 *
056 * from https://developers.google.com/talk/jep_extensions/oauth
057 * <p>
058 * Those attribute extensions are currently not supported by Smack, and it's unclear how it affects authorization and
059 * how widely they are used.
060 * </p>
061 */
062public class SASLXOauth2Mechanism extends SASLMechanism {
063
064    public static final String NAME = "X-OAUTH2";
065
066    @Override
067    protected void authenticateInternal(CallbackHandler cbh) {
068        throw new UnsupportedOperationException("CallbackHandler not (yet) supported");
069    }
070
071    @Override
072    protected byte[] getAuthenticationText() {
073        // Note that base64 encoding is done in SASLMechanism for the bytes return by getAuthenticationText().
074        return toBytes('\u0000' + authenticationId + '\u0000' + password);
075    }
076
077    @Override
078    public String getName() {
079        return NAME;
080    }
081
082    @Override
083    public int getPriority() {
084        // Same priority as SASL PLAIN
085        return 410;
086    }
087
088    @Override
089    public SASLXOauth2Mechanism newInstance() {
090        return new SASLXOauth2Mechanism();
091    }
092
093    @Override
094    public void checkIfSuccessfulOrThrow() {
095        // No check performed
096    }
097}