Merge branch 'feature/added-pkce-authorization' of https://github.com/docusign/code-examples-java-private into feature/added-pkce-authorization

Author: annahileta

pom.xml

@@ -30,9 +30,9 @@
         <rooms.version>1.4.3</rooms.version>
         <click.version>1.5.0</click.version>
         <monitor.version>1.4.0</monitor.version>
-        <admin.version>2.0.0-RC1</admin.version>
-        <webforms.version>1.0.2-RC12</webforms.version>
-        <maestro.version>2.0.0-RC1</maestro.version>
+        <admin.version>2.0.0-RC2</admin.version>
+        <webforms.version>2.0.0-RC1</webforms.version>
+        <maestro.version>2.0.0</maestro.version>
         <swagger-core-version>2.2.22</swagger-core-version>
         <jackson-version>2.17.2</jackson-version>
         <jersey2.version>3.1.8</jersey2.version>

src/main/java/com/docusign/DSConfiguration.java

@@ -168,7 +168,7 @@ public ManifestStructure getCodeExamplesText() {
 
         try {
             codeExamplesText = new ObjectMapper().readValue(loadFileData(codeExamplesManifest),
-                    ManifestStructure.class);
+                ManifestStructure.class);
         } catch (Exception e) {
             e.printStackTrace();
         }
@@ -182,8 +182,8 @@ public String loadFileData(String linkToManifestFile) throws Exception {
         httpConnection.setRequestMethod(HttpMethod.GET);
 
         httpConnection.setRequestProperty(
-                HttpHeaders.CONTENT_TYPE,
-                String.valueOf(MediaType.APPLICATION_JSON));
+            HttpHeaders.CONTENT_TYPE,
+            String.valueOf(MediaType.APPLICATION_JSON));
 
         int responseCode = httpConnection.getResponseCode();
 

src/main/java/com/docusign/core/controller/IndexController.java

@@ -95,7 +95,7 @@ public String index(ModelMap model, HttpServletResponse response) throws Excepti
         }
 
         if (config.getQuickstart().equals("true") && config.getSelectedApiIndex().equals(ApiIndex.ESIGNATURE) &&
-                !(SecurityContextHolder.getContext().getAuthentication() instanceof OAuth2AuthenticationToken)) {
+            !(SecurityContextHolder.getContext().getAuthentication() instanceof OAuth2AuthenticationToken)) {
             String site = ApiIndex.ESIGNATURE.getPathOfFirstExample();
             response.setStatus(response.SC_MOVED_TEMPORARILY);
             response.setHeader(LOCATION_HEADER, site);
@@ -114,7 +114,7 @@ public String index(ModelMap model, HttpServletResponse response) throws Excepti
 
     @GetMapping(path = "/ds/mustAuthenticate")
     public ModelAndView mustAuthenticateController(ModelMap model, HttpServletRequest req, HttpServletResponse resp)
-            throws IOException {
+    throws IOException {
         model.addAttribute(LAUNCHER_TEXTS, config.getCodeExamplesText().SupportingTexts);
         model.addAttribute(ATTR_TITLE, config.getCodeExamplesText().SupportingTexts.LoginPage.LoginButton);
 
@@ -127,8 +127,8 @@ public ModelAndView mustAuthenticateController(ModelMap model, HttpServletReques
             return new ModelAndView(new JWTAuthenticationMethod().loginUsingJWT(config, session, redirectURL));
         }
 
-        boolean isRedirectToMonitor = redirectURL.toLowerCase().contains("/m")
-                && !redirectURL.toLowerCase().contains("/mae");
+        boolean isRedirectToMonitor = redirectURL.toLowerCase().contains("/m") &&
+            !redirectURL.toLowerCase().contains("/mae");
         if (session.isRefreshToken() || config.getQuickstart().equals("true")) {
             config.setQuickstart("false");
 
@@ -153,7 +153,7 @@ private ModelAndView checkForMonitorRedirects(String redirectURL) {
 
     @GetMapping("/pkce")
     public RedirectView pkce(String code, String state, HttpServletRequest req, HttpServletResponse resp)
-            throws Exception {
+    throws Exception {
         String redirectURL = getRedirectURLForJWTAuthentication(req, resp);
         RedirectView redirect;
         try {
@@ -167,16 +167,16 @@ public RedirectView pkce(String code, String state, HttpServletRequest req, Http
     }
 
     @PostMapping("/ds/authenticate")
-    public RedirectView authenticate(ModelMap model, @RequestBody MultiValueMap<String, String> formParams,
-            HttpServletRequest req, HttpServletResponse resp) throws Exception {
+    public RedirectView authenticate(ModelMap model, @RequestBody MultiValueMap <String, String> formParams,
+        HttpServletRequest req, HttpServletResponse resp) throws Exception {
         if (!formParams.containsKey("selectAuthType")) {
             model.addAttribute("message", "Select option with selectAuthType name must be provided.");
             return new RedirectView("pages/error");
         }
 
         String redirectURL = getRedirectURLForJWTAuthentication(req, resp);
 
-        List<String> selectAuthTypeObject = formParams.get("selectAuthType");
+        List <String> selectAuthTypeObject = formParams.get("selectAuthType");
         AuthType authTypeSelected = AuthType.valueOf(selectAuthTypeObject.get(0));
 
         if (authTypeSelected.equals(AuthType.JWT)) {
@@ -196,7 +196,7 @@ private String getRedirectURLForJWTAuthentication(HttpServletRequest req, HttpSe
         SavedRequest savedRequest = requestCache.getRequest(req, resp);
 
         String[] examplesCodes = new String[] {
-                ApiIndex.CLICK.getExamplesPathCode(),
+            ApiIndex.CLICK.getExamplesPathCode(),
                 ApiIndex.ESIGNATURE.getExamplesPathCode(),
                 ApiIndex.MONITOR.getExamplesPathCode(),
                 ApiIndex.ADMIN.getExamplesPathCode(),
@@ -209,7 +209,7 @@ private String getRedirectURLForJWTAuthentication(HttpServletRequest req, HttpSe
 
             if (indexOfExampleCodeInRedirect != -1) {
                 Boolean hasNumbers = savedRequest.getRedirectUrl().substring(indexOfExampleCodeInRedirect)
-                        .matches(".*\\d.*");
+                    .matches(".*\\d.*");
 
                 return "GET".equals(savedRequest.getMethod()) && hasNumbers ? savedRequest.getRedirectUrl() : "/";
             }
@@ -220,8 +220,8 @@ private String getRedirectURLForJWTAuthentication(HttpServletRequest req, HttpSe
 
     @GetMapping(path = "/ds-return")
     public String returnController(@RequestParam(value = ATTR_STATE, required = false) String state,
-            @RequestParam(value = ATTR_EVENT, required = false) String event,
-            @RequestParam(required = false) String envelopeId, ModelMap model) {
+        @RequestParam(value = ATTR_EVENT, required = false) String event,
+        @RequestParam(required = false) String envelopeId, ModelMap model) {
         model.addAttribute(LAUNCHER_TEXTS, config.getCodeExamplesText().SupportingTexts);
         model.addAttribute(ATTR_TITLE, "Return from DocuSign");
         model.addAttribute(ATTR_EVENT, event);
@@ -244,4 +244,4 @@ private String getLoginPath(AuthType authTypeSelected) {
         }
         return loginPath;
     }
-}
+}

src/main/java/com/docusign/core/security/JWTOAuth2User.java

@@ -9,9 +9,9 @@
 import java.util.*;
 
 public class JWTOAuth2User implements OAuth2User {
-    private List<GrantedAuthority> authorities;
+    private List <GrantedAuthority> authorities;
 
-    private Map<String, Object> attributes;
+    private Map <String, Object> attributes;
 
     private String sub;
 
@@ -25,27 +25,27 @@ public class JWTOAuth2User implements OAuth2User {
 
     private String email;
 
-    private List<Map<String, Object>> accounts;
+    private List <Map <String, Object>> accounts;
 
     private String created;
 
     @Override
-    public Collection<? extends GrantedAuthority> getAuthorities() {
+    public Collection <? extends GrantedAuthority> getAuthorities() {
         return this.authorities;
     }
 
-    public void setAuthorities(List<String> scopes) {
+    public void setAuthorities(List < String > scopes) {
         String authoritiesString = "ROLE_USER";
-        for (String scope : scopes) {
+        for (String scope: scopes) {
             authoritiesString += ",SCOPE_" + scope;
         }
         authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(authoritiesString);
     }
 
     @Override
-    public Map<String, Object> getAttributes() {
+    public Map <String, Object> getAttributes() {
         if (this.attributes == null) {
-            this.attributes = new HashMap<>();
+            this.attributes = new HashMap <> ();
             this.attributes.put("sub", this.getSub());
             this.attributes.put("name", this.getName());
             this.attributes.put("given_name", this.getGivenName());
@@ -115,15 +115,15 @@ public void setEmail(String email) {
         this.email = email;
     }
 
-    public List<Map<String, Object>> getAccounts() {
+    public List <Map <String, Object>> getAccounts() {
         return this.accounts;
     }
 
-    public void setAccounts(List<OAuth.Account> accounts) {
-        this.accounts = new ArrayList<>();
-        for (OAuth.Account account : accounts) {
+    public void setAccounts(List <OAuth.Account> accounts) {
+        this.accounts = new ArrayList <> ();
+        for (OAuth.Account account: accounts) {
             ObjectMapper mapObject = new ObjectMapper();
-            Map<String, Object> mapObj = mapObject.convertValue(account, Map.class);
+            Map <String, Object> mapObj = mapObject.convertValue(account, Map.class);
             this.accounts.add(mapObj);
         }
     }

src/main/java/com/docusign/core/security/SecurityHelpers.java

@@ -45,8 +45,13 @@ public static String parseJsonField(String jsonResponse, String field) throws IO
         return jsonNode.get(field).asText();
     }
 
-    public static void setSpringSecurityAuthentication(List<String> scopes, String oAuthToken, OAuth.UserInfo userInfo,
-            String accountId, Session session, String expiresIn) {
+    public static void setSpringSecurityAuthentication(
+        List<String> scopes,
+        String oAuthToken,
+        OAuth.UserInfo userInfo,
+        String accountId,
+        Session session,
+        String expiresIn) {
         JWTOAuth2User principal = new JWTOAuth2User();
         principal.setAuthorities(scopes);
         principal.setCreated(userInfo.getCreated());

src/main/java/com/docusign/core/security/acg/ACGAuthenticationMethod.java

@@ -20,7 +20,9 @@
 public class ACGAuthenticationMethod {
     private static final String REDIRECT_URI = "/login/oauth2/code/acg";
     private static final String STATE = "random_state_string";
+
     private static String codeVerifier;
+
     private static String codeChallenge;
 
     public RedirectView initiateAuthorization(DSConfiguration configuration) throws Exception {
@@ -39,9 +41,11 @@ public RedirectView initiateAuthorization(DSConfiguration configuration) throws
         return new RedirectView(authorizationURL);
     }
 
-    public RedirectView exchangeCodeForToken(String oAuthToken, DSConfiguration configuration, Session session,
-            String redirect)
-            throws Exception {
+    public RedirectView exchangeCodeForToken(
+            String oAuthToken,
+            DSConfiguration configuration,
+            Session session,
+            String redirect) throws Exception {
         String requestBody = buildRequestBody(oAuthToken);
         String authHeader = generateAuthHeader(configuration);
 
@@ -89,4 +93,4 @@ private void processTokenResponse(String responseBody, DSConfiguration configura
                 accountId, session,
                 expiresIn);
     }
-}
+}