Improve authorization handler

[tsuyoshizawa]

I tried improving AuthorizationHandler interface. Ref #73

These methods's argument replaced with methods that only take a request: AuthorizationRequest.

• def validateClient(clientCredential: ClientCredential, grantType: String)
• def findUser(username: String, password: String)
• def findClientUser(clientCredential: ClientCredential, scope: Option[String])

And findClientUser unified to findUser.

Developer can handle request each grant type using AuthorizationRequesttype on findUser method like below:

    override def findUser(request: AuthorizationRequest): Future[Option[Account]] = DB.readOnly { implicit session =>
      request match {
        case request: PasswordRequest => Future.successful(Account.authenticate(request.username, request.password))
        case request: ClientCredentialsRequest =>
          val maybeUser = for {
            clientCredential <- request.clientCredential
          } yield OauthClient.findClientCredentials(clientCredential.clientId, clientCredential.clientSecret.getOrElse(""))
          Future.successful(maybeUser)
        case _ => Future.successful(None)
      }
    }

[tsuyoshizawa]

Hi @rmmeans

I created PR by following your advice. Could you review this?

[rmmeans]

I will try to review it this week. I'm actually in the middle of our Authentication & Authorization project which uses this library - so this will be good timing

[rmmeans]

I think this is an improvement for sure! I haven't had time to pull it down and look at integrating it into my Auth project though.

If you merge it - I'll be sure to pull it in and take a look. I'm still working on the Authenication side of my enterprises' Auth project. I have a working proof-of-concept using this library for the Authorization side. I'll be getting back over to the authorization side in the coming weeks.

Either way if you merge now or later, I'll be sure to pull it in to my project once I'm working on the Authorization side again!