Remove Oltu request and validator implementations (#650)

Change-Id: I290f5db8c1c0238b955c0a062340e208ba60ff05
diff --git a/full/Changes b/full/Changes
index f1e63b9..f7d62c5 100644
--- a/full/Changes
+++ b/full/Changes
@@ -21,6 +21,7 @@
 - Fix JettyServerTest, init package, and some java docs.
 - Make scope extraction more flexible.
 - Updated token response using Nimbus (#650)
+- Remove Oltu request and validator implementations (#650)
 
 
 # version 0.71.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2AuthorizationRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2AuthorizationRequest.java
deleted file mode 100644
index 6f24d79..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2AuthorizationRequest.java
+++ /dev/null
@@ -1,80 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
-import org.apache.oltu.oauth2.as.validator.CodeValidator;
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.error.OAuthError;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.message.types.ResponseType;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.OAuthValidator;
-
-/**
- * Customization of {@link OAuthAuthzRequest} from Apache Oltu.
- * <ul>
- * <li>Limit extraction of client id from request's parameters since
- * Kustvakt requires user authentication via Basic authentication for
- * authorization code requests. </li>
- * 
- * <li>Exclude TokenValidator since it is not supported in
- * Kustvakt.</li>
- * 
- * <li>Minimize {{@link #validate()} to include missing response type
- * response in client redirect URI when the client id and redirect URI 
- * are valid. </li>
- * 
- * </ul>
- * 
- * @author margaretha
- *
- */
-public class OAuth2AuthorizationRequest extends OAuthAuthzRequest {
-
-    public OAuth2AuthorizationRequest (HttpServletRequest request)
-            throws OAuthSystemException, OAuthProblemException {
-        super(request);
-    }
-
-    @Override
-    public String getClientId () {
-        return getParam(OAuth.OAUTH_CLIENT_ID);
-    }
-
-    @Override
-    protected OAuthValidator<HttpServletRequest> initValidator ()
-            throws OAuthProblemException, OAuthSystemException {
-        validators.put(ResponseType.CODE.toString(), CodeValidator.class);
-        // validators.put(ResponseType.TOKEN.toString(),
-        // TokenValidator.class);
-        final String requestTypeValue = getParam(OAuth.OAUTH_RESPONSE_TYPE);
-        if (requestTypeValue!=null && !requestTypeValue.isEmpty()) {
-            if (requestTypeValue.equals(ResponseType.CODE.toString())) {
-                
-            }
-            else if (requestTypeValue.equals(ResponseType.TOKEN.toString())) {
-                throw OAuthProblemException.error(
-                        OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE)
-                        .description("response_type token is not supported");
-            }
-            else {
-                throw OAuthUtils.handleOAuthProblemException(
-                        "Invalid response_type parameter value");
-            }
-        }
-        
-        return OAuthUtils.instantiateClass(validators.get("code"));
-    }
-
-    @Override
-    protected void validate ()
-            throws OAuthSystemException, OAuthProblemException {
-        validator = initValidator();
-        validator.validateMethod(request);
-        validator.validateContentType(request);
-        validator.validateRequiredParameters(request);
-        validator.validateClientAuthenticationCredentials(request);
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeAllTokenSuperRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeAllTokenSuperRequest.java
deleted file mode 100644
index 30ccafb..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeAllTokenSuperRequest.java
+++ /dev/null
@@ -1,70 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.as.request.OAuthRequest;
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.OAuthValidator;
-
-/**
- * A custom request based on {@link OAuthRequest}. It defines a
- * request to revoke all tokens of a client. The request must have
- * been sent from a super client.
- * 
- * @author margaretha
- *
- */
-public class OAuth2RevokeAllTokenSuperRequest {
-    protected HttpServletRequest request;
-    protected OAuthValidator<HttpServletRequest> validator;
-    protected Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> validators =
-            new HashMap<String, Class<? extends OAuthValidator<HttpServletRequest>>>();
-
-    public OAuth2RevokeAllTokenSuperRequest () {
-        // TODO Auto-generated constructor stub
-    }
-
-    public OAuth2RevokeAllTokenSuperRequest (HttpServletRequest request)
-            throws OAuthSystemException, OAuthProblemException {
-        this.request = request;
-        validate();
-    }
-
-    protected void validate ()
-            throws OAuthSystemException, OAuthProblemException {
-        validator = initValidator();
-        validator.validateMethod(request);
-        validator.validateContentType(request);
-        validator.validateRequiredParameters(request);
-        // for super client authentication
-        validator.validateClientAuthenticationCredentials(request);
-    }
-
-    protected OAuthValidator<HttpServletRequest> initValidator ()
-            throws OAuthProblemException, OAuthSystemException {
-        return OAuthUtils.instantiateClass(RevokeAllTokenSuperValidator.class);
-    }
-
-    public String getParam (String name) {
-        return request.getParameter(name);
-    }
-
-    public String getClientId () {
-        return request.getParameter(OAuth.OAUTH_CLIENT_ID);
-    }
-
-    public String getSuperClientId () {
-        return request.getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_ID);
-    }
-
-    public String getSuperClientSecret () {
-        return request
-                .getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_SECRET);
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenRequest.java
deleted file mode 100644
index 78bf412..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenRequest.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.as.request.OAuthRequest;
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.OAuthValidator;
-
-/**
- * A custom request based on {@link OAuthRequest}.
- * 
- * This class does not extend {@link OAuthRequest} because it contains some
- * parameters i.e. redirect_uri and scopes that are not parts of
- * revoke token request.
- * 
- * @author margaretha
- *
- */
-public class OAuth2RevokeTokenRequest {
-
-    protected HttpServletRequest request;
-    protected OAuthValidator<HttpServletRequest> validator;
-    protected Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> validators =
-            new HashMap<String, Class<? extends OAuthValidator<HttpServletRequest>>>();
-
-    public OAuth2RevokeTokenRequest () {}
-
-    public OAuth2RevokeTokenRequest (HttpServletRequest request)
-            throws OAuthSystemException, OAuthProblemException {
-        this.request = request;
-        validate();
-    }
-
-    protected void validate ()
-            throws OAuthSystemException, OAuthProblemException {
-        validator = initValidator();
-        validator.validateMethod(request);
-        validator.validateContentType(request);
-        validator.validateRequiredParameters(request);
-//        validator.validateClientAuthenticationCredentials(request);
-    }
-
-    protected OAuthValidator<HttpServletRequest> initValidator ()
-            throws OAuthProblemException, OAuthSystemException {
-        return OAuthUtils.instantiateClass(RevokeTokenValidator.class);
-    }
-
-    public String getParam (String name) {
-        return request.getParameter(name);
-    }
-
-    public String getToken () {
-        return getParam("token");
-    }
-    
-    public String getTokenType () {
-        return getParam(OAuth.OAUTH_TOKEN_TYPE);
-    }
-
-    public String getClientId () {
-        String[] creds = OAuthUtils.decodeClientAuthenticationHeader(
-                request.getHeader(OAuth.HeaderType.AUTHORIZATION));
-        if (creds != null) {
-            return creds[0];
-        }
-        return getParam(OAuth.OAUTH_CLIENT_ID);
-    }
-
-    public String getClientSecret () {
-        String[] creds = OAuthUtils.decodeClientAuthenticationHeader(
-                request.getHeader(OAuth.HeaderType.AUTHORIZATION));
-        if (creds != null) {
-            return creds[1];
-        }
-        return getParam(OAuth.OAUTH_CLIENT_SECRET);
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java
deleted file mode 100644
index f3c506d..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.as.request.OAuthRequest;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.OAuthValidator;
-
-/**
- * A custom request based on {@link OAuthRequest}. It defines token
- * revocation request that should have been sent from a super client.
- * 
- * @author margaretha
- *
- */
-public class OAuth2RevokeTokenSuperRequest{
-    protected HttpServletRequest request;
-    protected OAuthValidator<HttpServletRequest> validator;
-    protected Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> validators =
-            new HashMap<String, Class<? extends OAuthValidator<HttpServletRequest>>>();
-    
-    public OAuth2RevokeTokenSuperRequest () {
-        // TODO Auto-generated constructor stub
-    }
-
-    public OAuth2RevokeTokenSuperRequest (HttpServletRequest request)
-            throws OAuthSystemException, OAuthProblemException {
-        this.request = request;
-        validate();
-    }
-
-    protected void validate ()
-            throws OAuthSystemException, OAuthProblemException {
-        validator = initValidator();
-        validator.validateMethod(request);
-        validator.validateContentType(request);
-        validator.validateRequiredParameters(request);
-        // for super client authentication
-        validator.validateClientAuthenticationCredentials(request);
-    }
-    protected OAuthValidator<HttpServletRequest> initValidator ()
-            throws OAuthProblemException, OAuthSystemException {
-        return OAuthUtils.instantiateClass(RevokeTokenSuperValidator.class);
-    }
-
-    public String getParam (String name) {
-        return request.getParameter(name);
-    }
-    
-    public String getToken () {
-        return getParam("token");
-    }
-    
-    public String getSuperClientId () {
-        return request.getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_ID);
-    }
-
-    public String getSuperClientSecret () {
-        return request
-                .getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_SECRET);
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeAllTokenSuperValidator.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeAllTokenSuperValidator.java
deleted file mode 100644
index b8a4782..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeAllTokenSuperValidator.java
+++ /dev/null
@@ -1,64 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.AbstractValidator;
-
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
-
-/**
- * Defines required request parameters for
- * OAuth2RevokeAllTokenSuperRequest and validates the request method.
- * 
- * @author margaretha
- *
- */
-public class RevokeAllTokenSuperValidator
-        extends AbstractValidator<HttpServletRequest> {
-
-    public static final String SUPER_CLIENT_ID = "super_client_id";
-    public static final String SUPER_CLIENT_SECRET = "super_client_secret";
-
-    public RevokeAllTokenSuperValidator () {
-        requiredParams.add(OAuth.OAUTH_CLIENT_ID);
-        requiredParams.add(SUPER_CLIENT_ID);
-        requiredParams.add(SUPER_CLIENT_SECRET);
-
-        enforceClientAuthentication = true;
-    }
-
-    @Override
-    public void validateMethod (HttpServletRequest request)
-            throws OAuthProblemException {
-        String method = request.getMethod();
-        if (!OAuth.HttpMethod.POST.equals(method)) {
-            throw OAuthProblemException.error(OAuth2Error.INVALID_REQUEST)
-                    .description("Method not correct.");
-        }
-    }
-
-    @Override
-    public void validateClientAuthenticationCredentials (
-            HttpServletRequest request) throws OAuthProblemException {
-        if (enforceClientAuthentication) {
-            Set<String> missingParameters = new HashSet<String>();
-
-            if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_ID))) {
-                missingParameters.add(SUPER_CLIENT_ID);
-            }
-            if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_SECRET))) {
-                missingParameters.add(SUPER_CLIENT_SECRET);
-            }
-
-            if (!missingParameters.isEmpty()) {
-                throw OAuthUtils.handleMissingParameters(missingParameters);
-            }
-        }
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java
deleted file mode 100644
index c4a205f..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java
+++ /dev/null
@@ -1,64 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.utils.OAuthUtils;
-import org.apache.oltu.oauth2.common.validators.AbstractValidator;
-
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
-
-/**
- * Defines required parameters for revoking a refresh token via a
- * super client
- * 
- * @author margaretha
- *
- */
-public class RevokeTokenSuperValidator
-        extends AbstractValidator<HttpServletRequest> {
-
-    public static final String SUPER_CLIENT_ID = "super_client_id";
-    public static final String SUPER_CLIENT_SECRET = "super_client_secret";
-
-    public RevokeTokenSuperValidator () {
-        requiredParams.add("token");
-        requiredParams.add(SUPER_CLIENT_ID);
-        requiredParams.add(SUPER_CLIENT_SECRET);
-
-        enforceClientAuthentication = true;
-    }
-
-    @Override
-    public void validateMethod (HttpServletRequest request)
-            throws OAuthProblemException {
-        String method = request.getMethod();
-        if (!OAuth.HttpMethod.POST.equals(method)) {
-            throw OAuthProblemException.error(OAuth2Error.INVALID_REQUEST)
-                    .description("Method not correct.");
-        }
-    }
-
-    @Override
-    public void validateClientAuthenticationCredentials (
-            HttpServletRequest request) throws OAuthProblemException {
-        if (enforceClientAuthentication) {
-            Set<String> missingParameters = new HashSet<String>();
-
-            if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_ID))) {
-                missingParameters.add(SUPER_CLIENT_ID);
-            }
-            if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_SECRET))) {
-                missingParameters.add(SUPER_CLIENT_SECRET);
-            }
-
-            if (!missingParameters.isEmpty()) {
-                throw OAuthUtils.handleMissingParameters(missingParameters);
-            }
-        }
-    }
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenValidator.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenValidator.java
deleted file mode 100644
index 60ff77f..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenValidator.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package de.ids_mannheim.korap.oauth2.oltu;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.oltu.oauth2.common.OAuth;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.validators.AbstractValidator;
-
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
-
-/**
- * A custom revoke token validator based on RFC 7009.
- * 
- * Additional changes to the RFC:
- * <ul>
- * <li>client_id is made required for public client
- * authentication</li>
- * </ul>
- * 
- * @author margaretha
- *
- */
-public class RevokeTokenValidator
-        extends AbstractValidator<HttpServletRequest> {
-
-    public RevokeTokenValidator () {
-        requiredParams.add("token");
-        requiredParams.add(OAuth.OAUTH_CLIENT_ID);
-    }
-
-    @Override
-    public void validateMethod (HttpServletRequest request)
-            throws OAuthProblemException {
-        String method = request.getMethod();
-        if (!OAuth.HttpMethod.POST.equals(method)) {
-            throw OAuthProblemException.error(OAuth2Error.INVALID_REQUEST)
-                    .description("Method not correct.");
-        }
-    }
-
-}