All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.nimbusds.openid.connect.sdk.BackChannelLogoutRequest Maven / Gradle / Ivy

Go to download

OAuth 2.0 SDK with OpenID Connection extensions for developing client and server applications.

There is a newer version: 11.20.1
Show newest version
/*
 * oauth2-oidc-sdk
 *
 * Copyright 2012-2016, Connect2id Ltd and contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the
 * License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.nimbusds.openid.connect.sdk;


import java.net.URI;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

import net.jcip.annotations.Immutable;

import com.nimbusds.common.contenttype.ContentType;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
import com.nimbusds.jwt.PlainJWT;
import com.nimbusds.oauth2.sdk.AbstractRequest;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.SerializeException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils;
import com.nimbusds.oauth2.sdk.util.URIUtils;
import com.nimbusds.oauth2.sdk.util.URLUtils;


/**
 * Back-channel logout request initiated by an OpenID provider (OP).
 *
 * 

Example HTTP request: * *

 * POST /backchannel_logout HTTP/1.1
 * Host: rp.example.org
 * Content-Type: application/x-www-form-urlencoded
 *
 * logout_token=eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
 * 
* *

Related specifications: * *

    *
  • OpenID Connect Back-Channel Logout 1.0, section 2.5 (draft 07). *
*/ @Immutable public class BackChannelLogoutRequest extends AbstractRequest { /** * The logout token. */ private final JWT logoutToken; /** * Creates a new back-channel logout request. * * @param uri The back-channel logout URI. May be {@code null} * if the {@link #toHTTPRequest} method will not be * used. * @param logoutToken The logout token. Must be signed, or signed and * encrypted. Must not be {@code null}. */ public BackChannelLogoutRequest(final URI uri, final JWT logoutToken) { super(uri); if (logoutToken == null) { throw new IllegalArgumentException("The logout token must not be null"); } if (logoutToken instanceof PlainJWT) { throw new IllegalArgumentException("The logout token must not be unsecured (plain)"); } this.logoutToken = logoutToken; } /** * Returns the logout token. * * @return The logout token. */ public JWT getLogoutToken() { return logoutToken; } /** * Returns the parameters for this back-channel logout request. * *

Example parameters: * *

	 * logout_token=eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
	 * 
* * @return The parameters. */ public Map> toParameters() { Map > params = new LinkedHashMap<>(); try { params.put("logout_token", Collections.singletonList(logoutToken.serialize())); } catch (IllegalStateException e) { throw new SerializeException("Couldn't serialize logout token: " + e.getMessage(), e); } return params; } @Override public HTTPRequest toHTTPRequest() { if (getEndpointURI() == null) throw new SerializeException("The endpoint URI is not specified"); HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI()); httpRequest.setEntityContentType(ContentType.APPLICATION_URLENCODED); httpRequest.setBody(URLUtils.serializeParameters(toParameters())); return httpRequest; } /** * Parses a back-channel logout request from the specified request body * parameters. * *

Example parameters: * *

	 * logout_token = eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
	 * 
* * @param params The parameters. Must not be {@code null}. * * @return The back-channel logout request. * * @throws ParseException If the parameters couldn't be parsed to a * back-channel logout request. */ public static BackChannelLogoutRequest parse(final Map> params) throws ParseException { return parse(null, params); } /** * Parses a back-channel logout request from the specified URI and * request body parameters. * *

Example parameters: * *

	 * logout_token = eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
	 * 
* * @param uri The back-channel logout URI. May be {@code null} if * the {@link #toHTTPRequest()} method will not be used. * @param params The parameters. Must not be {@code null}. * * @return The back-channel logout request. * * @throws ParseException If the parameters couldn't be parsed to a * back-channel logout request. */ public static BackChannelLogoutRequest parse(final URI uri, Map> params) throws ParseException { String logoutTokenString = MultivaluedMapUtils.getFirstValue(params, "logout_token"); if (logoutTokenString == null) { throw new ParseException("Missing logout_token parameter"); } JWT logoutToken; try { logoutToken = JWTParser.parse(logoutTokenString); } catch (java.text.ParseException e) { throw new ParseException("Invalid logout token: " + e.getMessage(), e); } try { return new BackChannelLogoutRequest(uri, logoutToken); } catch (IllegalArgumentException e) { throw new ParseException(e.getMessage(), e); } } /** * Parses a back-channel logout request from the specified HTTP request. * *

Example HTTP request (POST): * *

	 * POST /backchannel_logout HTTP/1.1
	 * Host: rp.example.org
	 * Content-Type: application/x-www-form-urlencoded
	 *
	 * logout_token=eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
	 * 
* * @param httpRequest The HTTP request. Must not be {@code null}. * * @return The back-channel logout request. * * @throws ParseException If the HTTP request couldn't be parsed to a * back-channel logout request. */ public static BackChannelLogoutRequest parse(final HTTPRequest httpRequest) throws ParseException { if (! HTTPRequest.Method.POST.equals(httpRequest.getMethod())) { throw new ParseException("HTTP POST required"); } // Lenient on content-type String query = httpRequest.getQuery(); if (query == null) throw new ParseException("Missing URI query string"); Map> params = URLUtils.parseParameters(query); return parse(URIUtils.getBaseURI(httpRequest.getURI()), params); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy