• Home
• com.nimbusds
• oauth2-oidc-sdk
• 11.8
• source code
• CIBATokenDelivery.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.nimbusds.oauth2.sdk.ciba.CIBATokenDelivery Maven / Gradle / Ivy

/*
 * oauth2-oidc-sdk
 *
 * Copyright 2012-2021, Connect2id Ltd and contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the
 * License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.nimbusds.oauth2.sdk.ciba;


import java.net.URI;

import net.jcip.annotations.Immutable;
import net.minidev.json.JSONObject;

import com.nimbusds.common.contenttype.ContentType;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.oauth2.sdk.token.Tokens;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;


/**
 * CIBA token push delivery to the client notification endpoint.
 *
 * 
Example HTTP request:
 *
 * 
 * POST /cb HTTP/1.1
 * Host: client.example.com
 * Authorization: Bearer 8d67dc78-7faa-4d41-aabd-67707b374255
 * Content-Type: application/json
 *
 * {
 *   "auth_req_id": "1c266114-a1be-4252-8ad1-04986c5b9ac1",
 *   "access_token": "G5kXH2wHvUra0sHlDy1iTkDJgsgUO1bN",
 *   "token_type": "Bearer",
 *   "refresh_token": "4bwc0ESC_IAhflf-ACC_vjD_ltc11ne-8gFPfA2Kx16",
 *   "expires_in": 120,
 *   "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjE2NzcyNiJ9.eyJpc3MiOiJ
 *     odHRwczovL3NlcnZlci5leGFtcGxlLmNvbSIsInN1YiI6IjI0ODI4OTc2MTAwMS
 *     IsImF1ZCI6InM2QmhkUmtxdDMiLCJlbWFpbCI6ImphbmVkb2VAZXhhbXBsZS5jb
 *     20iLCJleHAiOjE1Mzc4MTk4MDMsImlhdCI6MTUzNzgxOTUwMywiYXRfaGFzaCI6
 *     Ild0MGtWRlhNYWNxdm5IZXlVMDAwMXciLCJ1cm46b3BlbmlkOnBhcmFtczpqd3Q
 *     6Y2xhaW06cnRfaGFzaCI6InNIYWhDdVNwWENSZzVta0REdnZyNHciLCJ1cm46b3
 *     BlbmlkOnBhcmFtczpqd3Q6Y2xhaW06YXV0aF9yZXFfaWQiOiIxYzI2NjExNC1hM
 *     WJlLTQyNTItOGFkMS0wNDk4NmM1YjlhYzEifQ.SGB5_a8E7GjwtoYrkFyqOhLK6
 *     L8-Wh1nLeREwWj30gNYOZW_ZB2mOeQ5yiXqeKJeNpDPssGUrNo-3N-CqNrbmVCb
 *     XYTwmNB7IvwE6ZPRcfxFV22oou-NS4-3rEa2ghG44Fi9D9fVURwxrRqgyezeD3H
 *     HVIFUnCxHUou3OOpj6aOgDqKI4Xl2xJ0-kKAxNR8LljUp64OHgoS-UO3qyfOwIk
 *     IAR7o4OTK_3Oy78rJNT0Y0RebAWyA81UDCSf_gWVBp-EUTI5CdZ1_odYhwB9OWD
 *     W1A22Sf6rmjhMHGbQW4A9Z822yiZZveuT_AFZ2hi7yNp8iFPZ8fgPQJ5pPpjA7u
 *     dg"
 * }
 * 
 *
 * 
Related specifications:
 *
 * 

 *      
OpenID Connect CIBA Flow - Core 1.0, section 10.3.1.
 * 
 */
@Immutable
public class CIBATokenDelivery extends CIBAPushCallback {
	
	
	/**
	 * The tokens.
	 */
	private final Tokens tokens;
	
	
	/**
	 * Creates a new CIBA push token delivery for OAuth 2.0.
	 *
	 * @param endpoint      The client notification endpoint. Must not be
	 *                      {@code null}.
	 * @param accessToken   The client notification token. Must not be
	 *                      {@code null}.
	 * @param authRequestID The CIBA request ID. Must not be {@code null}.
	 * @param tokens        The OAuth 2.0 tokens to deliver. Must not be
	 *                      {@code null}.
	 */
	public CIBATokenDelivery(final URI endpoint,
				 final BearerAccessToken accessToken,
				 final AuthRequestID authRequestID,
				 final Tokens tokens) {
		
		super(endpoint, accessToken, authRequestID);
		
		if (tokens == null) {
			throw new IllegalArgumentException("The tokens must not be null");
		}
		this.tokens = tokens;
	}
	
	
	/**
	 * Creates a new CIBA push token delivery for OpenID Connect.
	 *
	 * @param endpoint      The client notification endpoint. Must not be
	 *                      {@code null}.
	 * @param accessToken   The client notification token. Must not be
	 *                      {@code null}.
	 * @param authRequestID The CIBA request ID. Must not be {@code null}.
	 * @param oidcTokens    The OpenID Connect tokens to deliver. Must not
	 *                      be {@code null}.
	 */
	public CIBATokenDelivery(final URI endpoint,
				 final BearerAccessToken accessToken,
				 final AuthRequestID authRequestID,
				 final OIDCTokens oidcTokens) {
		
		super(endpoint, accessToken, authRequestID);
		
		if (oidcTokens == null) {
			throw new IllegalArgumentException("The OpenID Connect tokens must not be null");
		}
		this.tokens = oidcTokens;
	}
	
	
	@Override
	public boolean indicatesSuccess() {
		
		return true;
	}
	
	
	/**
	 * Returns the OAuth 2.0 tokens.
	 *
	 * @return The tokens.
	 */
	public Tokens getTokens() {
		
		return tokens;
	}
	
	
	/**
	 * Returns the OpenID Connect tokens if present.
	 *
	 * @return The OpenID Connect tokens, {@code null} if none.
	 */
	public OIDCTokens getOIDCTokens() {
		
		return getTokens() instanceof OIDCTokens ? getTokens().toOIDCTokens() : null;
	}
	
	
	@Override
	public HTTPRequest toHTTPRequest() {
		
		HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI());
		httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader());
		httpRequest.setEntityContentType(ContentType.APPLICATION_JSON);
		JSONObject jsonObject = new JSONObject();
		jsonObject.put("auth_req_id", getAuthRequestID().getValue());
		jsonObject.putAll(getTokens().toJSONObject());
		httpRequest.setBody(jsonObject.toJSONString());
		return httpRequest;
	}
	
	
	/**
	 * Parses a CIBA push token delivery from the specified HTTP request.
	 *
	 * @param httpRequest The HTTP request. Must not be {@code null}.
	 *
	 * @return The CIBA push token delivery.
	 *
	 * @throws ParseException If parsing failed.
	 */
	public static CIBATokenDelivery parse(final HTTPRequest httpRequest)
		throws ParseException {
		
		URI uri = httpRequest.getURI();
		httpRequest.ensureMethod(HTTPRequest.Method.POST);
		httpRequest.ensureEntityContentType(ContentType.APPLICATION_JSON);
		
		BearerAccessToken clientNotificationToken = BearerAccessToken.parse(httpRequest);
		
		AuthRequestID authRequestID = new AuthRequestID(
			JSONObjectUtils.getString(
				httpRequest.getQueryAsJSONObject(),
				"auth_req_id"));
		
		JSONObject jsonObject = httpRequest.getQueryAsJSONObject();
		
		if (jsonObject.get("id_token") != null) {
			return new CIBATokenDelivery(
				uri,
				clientNotificationToken,
				authRequestID,
				OIDCTokens.parse(jsonObject));
		} else {
			return new CIBATokenDelivery(
				uri,
				clientNotificationToken,
				authRequestID,
				Tokens.parse(jsonObject));
		}
	}
}