adding changes for the grant type client credentials mechanism

src/main/java/io/cdap/plugin/http/source/common/BaseHttpSourceConfig.java

@@ -118,6 +118,7 @@ public abstract class BaseHttpSourceConfig extends ReferencePluginConfig {
 
   public static final String PAGINATION_INDEX_PLACEHOLDER_REGEX = "\\{pagination.index\\}";
   public static final String PAGINATION_INDEX_PLACEHOLDER = "{pagination.index}";
+  public static final String PROPERTY_GRANT_TYPE = "grantType";
 
   @Name(PROPERTY_URL)
   @Description("Url to fetch to the first page. The url must start with a protocol (e.g. http://).")
@@ -442,6 +443,11 @@ public abstract class BaseHttpSourceConfig extends ReferencePluginConfig {
   @Description("Output schema. Is required to be set.")
   protected String schema;
 
+  @Nullable
+  @Name(PROPERTY_GRANT_TYPE)
+  @Description("Value of grant type to determine the OAuth mechanism")
+  protected String grantType;
+
   protected BaseHttpSourceConfig(String referenceName) {
     super(referenceName);
   }
@@ -719,6 +725,10 @@ public Schema getSchema() {
                                                  schema, e, PROPERTY_SCHEMA);
     }
   }
+  @Nullable
+  public String getGrantType() {
+    return grantType;
+  }
 
   @Nullable
   public Map<String, String> getHeadersMap() {
@@ -798,7 +808,6 @@ public void validate(FailureCollector failureCollector) {
           String.format("URL value is not valid: '%s'", getUrl()), e, PROPERTY_URL);
       }
     }
-
     // Validate Linear Retry Interval
     if (!containsMacro(PROPERTY_RETRY_POLICY) && getRetryPolicy() == RetryPolicy.LINEAR) {
       assertIsSet(getLinearRetryInterval(), PROPERTY_LINEAR_RETRY_INTERVAL, "retry policy is linear");
@@ -883,20 +892,22 @@ PAGINATION_INDEX_PLACEHOLDER, getPaginationType()),
     // Validate OAuth2 properties
     if (!containsMacro(PROPERTY_OAUTH2_ENABLED) && this.getOauth2Enabled()) {
       String reasonOauth2 = "OAuth2 is enabled";
-      assertIsSet(getAuthUrl(), PROPERTY_AUTH_URL, reasonOauth2);
       assertIsSet(getTokenUrl(), PROPERTY_TOKEN_URL, reasonOauth2);
       assertIsSet(getClientId(), PROPERTY_CLIENT_ID, reasonOauth2);
       assertIsSet(getClientSecret(), PROPERTY_CLIENT_SECRET, reasonOauth2);
-      assertIsSet(getRefreshToken(), PROPERTY_REFRESH_TOKEN, reasonOauth2);
+      assertIsSet(getGrantType(), PROPERTY_GRANT_TYPE, reasonOauth2);
+
+      // refresh token validate
+      if (refreshTokenGrantType()) {
+        assertIsSet(getAuthUrl(), PROPERTY_AUTH_URL, reasonOauth2);
+        assertIsSet(getRefreshToken(), PROPERTY_REFRESH_TOKEN, reasonOauth2);
+      }
     }
     // Validate Authentication properties
     AuthType authType = getAuthType();
     switch (authType) {
       case OAUTH2:
         String reasonOauth2 = "OAuth2 is enabled";
-        if (!containsMacro(PROPERTY_AUTH_URL)) {
-          assertIsSet(getAuthUrl(), PROPERTY_AUTH_URL, reasonOauth2);
-        }
         if (!containsMacro(PROPERTY_TOKEN_URL)) {
           assertIsSet(getTokenUrl(), PROPERTY_TOKEN_URL, reasonOauth2);
         }
@@ -906,8 +917,16 @@ PAGINATION_INDEX_PLACEHOLDER, getPaginationType()),
         if (!containsMacro((PROPERTY_CLIENT_SECRET))) {
           assertIsSet(getClientSecret(), PROPERTY_CLIENT_SECRET, reasonOauth2);
         }
-        if (!containsMacro(PROPERTY_REFRESH_TOKEN)) {
-          assertIsSet(getRefreshToken(), PROPERTY_REFRESH_TOKEN, reasonOauth2);
+        if (!containsMacro(PROPERTY_GRANT_TYPE)) {
+          assertIsSet(getGrantType(), PROPERTY_GRANT_TYPE, reasonOauth2);
+          if (refreshTokenGrantType()) {
+            if (!containsMacro(PROPERTY_REFRESH_TOKEN)) {
+              assertIsSet(getRefreshToken(), PROPERTY_REFRESH_TOKEN, reasonOauth2);
+            }
+            if (!containsMacro(PROPERTY_AUTH_URL)) {
+              assertIsSet(getAuthUrl(), PROPERTY_AUTH_URL, reasonOauth2);
+            }
+          }
         }
         break;
       case SERVICE_ACCOUNT:
@@ -941,6 +960,13 @@ PAGINATION_INDEX_PLACEHOLDER, getPaginationType()),
     }
   }
 
+  private boolean refreshTokenGrantType() {
+    if (getGrantType() == "refresh_token") {
+      return true;
+    }
+    return false;
+  }
+
   private boolean validateServiceAccount(FailureCollector collector) {
     if (containsMacro(PROPERTY_NAME_SERVICE_ACCOUNT_FILE_PATH) || containsMacro(PROPERTY_NAME_SERVICE_ACCOUNT_JSON)) {
       return false;

src/main/java/io/cdap/plugin/http/source/common/http/HttpClient.java

@@ -136,9 +136,15 @@ private CloseableHttpClient createHttpClient() throws IOException {
 
     switch (authType) {
       case OAUTH2:
-        String accessToken = OAuthUtil.getAccessTokenByRefreshToken(HttpClients.createDefault(), config.getTokenUrl(),
-                                                                    config.getClientId(), config.getClientSecret(),
-                                                                    config.getRefreshToken());
+        String accessToken;
+        if (config.getGrantType() == "refresh_token") {
+          accessToken = OAuthUtil.getAccessTokenByRefreshToken(HttpClients.createDefault(), config.getTokenUrl(),
+                  config.getClientId(), config.getClientSecret(),
+                  config.getRefreshToken(), config.getGrantType());
+        } else {
+          accessToken = OAuthUtil.getAccessTokenByClientCredentials(HttpClients.createDefault(), config.getTokenUrl(),
+                  config.getClientId(), config.getClientSecret(), config.getGrantType());
+        }
         clientHeaders.add(new BasicHeader("Authorization", "Bearer " + accessToken));
         break;
       case SERVICE_ACCOUNT:

src/main/java/io/cdap/plugin/http/source/common/http/OAuthUtil.java

@@ -25,6 +25,7 @@
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.message.BasicHeader;
 import org.apache.http.util.EntityUtils;
 
 import java.io.ByteArrayInputStream;
@@ -34,13 +35,14 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 
 /**
  * A class which contains utilities to make OAuth2 specific calls.
  */
 public class OAuthUtil {
   public static String getAccessTokenByRefreshToken(CloseableHttpClient httpclient, String tokenUrl, String clientId,
-                                                    String clientSecret, String refreshToken)
+                                                    String clientSecret, String refreshToken, String grantType)
     throws IOException {
 
     URI uri;
@@ -49,7 +51,7 @@ public static String getAccessTokenByRefreshToken(CloseableHttpClient httpclient
         .setParameter("client_id", clientId)
         .setParameter("client_secret", clientSecret)
         .setParameter("refresh_token", refreshToken)
-        .setParameter("grant_type", "refresh_token")
+        .setParameter("grant_type", grantType)
         .build();
     } catch (URISyntaxException e) {
       throw new IllegalArgumentException("Failed to build token URI for OAuth2", e);
@@ -92,5 +94,29 @@ public static String getAccessTokenByServiceAccount(BaseHttpSourceConfig config)
     }
     return accessToken;
   }
+
+  public static String getAccessTokenByClientCredentials(CloseableHttpClient httpclient, String tokenUrl,
+                                                         String clientId, String clientSecret, String grantType)
+          throws IOException {
+    URI uri;
+    try {
+      uri = new URIBuilder(tokenUrl).setParameter("grant_type", grantType).build();
+    } catch (URISyntaxException e) {
+      throw new IllegalArgumentException("Failed to build token URI for OAuth2", e);
+    }
+
+    HttpPost httppost = new HttpPost(uri);
+    httppost.addHeader(new BasicHeader("Authorization", "Basic " + getBase64EncodeValue(clientId, clientSecret)));
+    httppost.addHeader(new BasicHeader("Content-Type", "application/json"));
+    CloseableHttpResponse response = httpclient.execute(httppost);
+    String responseString = EntityUtils.toString(response.getEntity(), "UTF-8");
+
+    JsonElement jsonElement = JSONUtil.toJsonObject(responseString).get("access_token");
+    return jsonElement.getAsString();
+  }
+
+  private static String getBase64EncodeValue(String clientId, String clientSecret) {
+    return Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes(StandardCharsets.UTF_8));
+  }
 }
 

widgets/HTTP-batchsource.json

@@ -132,6 +132,18 @@
             ]
           }
         },
+        {
+          "widget-type": "select",
+          "label": "Grant Type",
+          "name": "grantType",
+          "widget-attributes" : {
+            "values": [
+              "refresh_token",
+              "client_credentials"
+            ],
+            "default" : "refresh_token"
+          }
+        },
         {
           "widget-type": "textbox",
           "label": "Auth URL",
@@ -684,27 +696,26 @@
       },
       "show": [
         {
-          "name": "authUrl",
-          "type": "property"
-        },
-        {
-          "name": "tokenUrl",
-          "type": "property"
+          "widget-type": "textbox",
+          "label": "Token URL",
+          "name": "tokenUrl"
         },
         {
-          "name": "clientId",
-          "type": "property"
+          "widget-type": "textbox",
+          "label": "Client ID",
+          "name": "clientId"
         },
         {
-          "name": "clientSecret",
-          "type": "property"
+          "widget-type": "password",
+          "label": "Client Secret",
+          "name": "clientSecret"
         },
         {
           "name": "scopes",
           "type": "property"
         },
         {
-          "name": "refreshToken",
+          "name": "grantType",
           "type": "property"
         }
       ]
@@ -780,6 +791,23 @@
           "type": "property"
         }
       ]
+    },
+    {
+      "name": "Grant Type Refresh Token",
+      "condition": {
+        "expression": "grantType == 'refresh_token' && authType == 'oAuth2'"
+      },
+      "show": [
+        {
+          "widget-type": "textbox",
+          "label": "Auth URL",
+          "name": "authUrl"
+        },
+        {
+          "name": "refreshToken",
+          "type": "property"
+        }
+      ]
     }
   ]
 }