com.nimbusds.openid.connect.sdk.federation.trust.constraints.SubtreeEntityIDConstraint Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of oauth2-oidc-sdk Show documentation

OAuth 2.0 SDK with OpenID Connection extensions for developing client and server applications.

There is a newer version: 11.19.1

/*
 * oauth2-oidc-sdk
 *
 * Copyright 2012-2020, Connect2id Ltd and contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the
 * License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.nimbusds.openid.connect.sdk.federation.trust.constraints;


import java.util.Objects;

import net.jcip.annotations.Immutable;

import com.nimbusds.openid.connect.sdk.federation.entities.EntityID;


/**
 * Subtree entity ID constraint.
 *
 * Example: {@code https://.example.com} matches
 * {@code https://my.example.com}, {@code https://my.host.example.com}, etc.
 *
 * 
Related specifications:
 *
 * 

 *     OpenID Connect Federation 1.0, section 5.2.2.
 *     
RFC 5280, section 4.2.1.10.
 * 
 */
@Immutable
public final class SubtreeEntityIDConstraint extends EntityIDConstraint {
	
	
	private final String scheme;
	
	
	private final String hostNameAndRemainderPattern;
	
	
	/**
	 * Creates a new subtree entity ID constraint.
	 *
	 * @param entityIDPattern The entity ID pattern to match. Must not be
	 *                        {@code null}.
	 */
	public SubtreeEntityIDConstraint(final String entityIDPattern) {
		
		if (entityIDPattern.startsWith("https://")) {
			scheme = "https://";
		} else if (entityIDPattern.startsWith("http://")) {
			scheme = "http://";
		} else {
			throw new IllegalArgumentException("The entity ID pattern must be an URI with https or http scheme");
		}
		
		hostNameAndRemainderPattern = entityIDPattern.substring(scheme.length());
		
		if (! hostNameAndRemainderPattern.startsWith(".")) {
			throw new IllegalArgumentException("The host part of the entity ID pattern must start with dot (.)");
		}
	}
	
	
	@Override
	public boolean matches(final EntityID entityID) {
		
		String schemeIN;
		
		if (entityID.getValue().startsWith("https://")) {
			schemeIN = "https://";
		} else if (entityID.getValue().startsWith("http://")) {
			schemeIN = "http://";
		} else {
			return false;
		}
		
		if (! schemeIN.equals(scheme)) {
			return false;
		}
		
		String patternIN = entityID.getValue().substring(schemeIN.length());
		
		return patternIN.endsWith(hostNameAndRemainderPattern);
	}
	
	
	@Override
	public String toString() {
		return scheme + hostNameAndRemainderPattern;
	}
	
	
	@Override
	public boolean equals(Object o) {
		if (this == o) return true;
		if (!(o instanceof SubtreeEntityIDConstraint)) return false;
		SubtreeEntityIDConstraint that = (SubtreeEntityIDConstraint) o;
		return scheme.equals(that.scheme) &&
			hostNameAndRemainderPattern.equals(that.hostNameAndRemainderPattern);
	}
	
	
	@Override
	public int hashCode() {
		return Objects.hash(scheme, hostNameAndRemainderPattern);
	}
}