All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.nimbusds.oauth2.sdk.ciba.CIBATokenDelivery Maven / Gradle / Ivy

Go to download

OAuth 2.0 SDK with OpenID Connection extensions for developing client and server applications.

There is a newer version: 11.20.1
Show newest version
/*
 * oauth2-oidc-sdk
 *
 * Copyright 2012-2021, Connect2id Ltd and contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the
 * License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.nimbusds.oauth2.sdk.ciba;


import java.net.URI;

import net.jcip.annotations.Immutable;
import net.minidev.json.JSONObject;

import com.nimbusds.common.contenttype.ContentType;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.oauth2.sdk.token.Tokens;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;


/**
 * CIBA token push delivery to the client notification endpoint.
 *
 * 

Example HTTP request: * *

 * POST /cb HTTP/1.1
 * Host: client.example.com
 * Authorization: Bearer 8d67dc78-7faa-4d41-aabd-67707b374255
 * Content-Type: application/json
 *
 * {
 *   "auth_req_id": "1c266114-a1be-4252-8ad1-04986c5b9ac1",
 *   "access_token": "G5kXH2wHvUra0sHlDy1iTkDJgsgUO1bN",
 *   "token_type": "Bearer",
 *   "refresh_token": "4bwc0ESC_IAhflf-ACC_vjD_ltc11ne-8gFPfA2Kx16",
 *   "expires_in": 120,
 *   "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjE2NzcyNiJ9.eyJpc3MiOiJ
 *     odHRwczovL3NlcnZlci5leGFtcGxlLmNvbSIsInN1YiI6IjI0ODI4OTc2MTAwMS
 *     IsImF1ZCI6InM2QmhkUmtxdDMiLCJlbWFpbCI6ImphbmVkb2VAZXhhbXBsZS5jb
 *     20iLCJleHAiOjE1Mzc4MTk4MDMsImlhdCI6MTUzNzgxOTUwMywiYXRfaGFzaCI6
 *     Ild0MGtWRlhNYWNxdm5IZXlVMDAwMXciLCJ1cm46b3BlbmlkOnBhcmFtczpqd3Q
 *     6Y2xhaW06cnRfaGFzaCI6InNIYWhDdVNwWENSZzVta0REdnZyNHciLCJ1cm46b3
 *     BlbmlkOnBhcmFtczpqd3Q6Y2xhaW06YXV0aF9yZXFfaWQiOiIxYzI2NjExNC1hM
 *     WJlLTQyNTItOGFkMS0wNDk4NmM1YjlhYzEifQ.SGB5_a8E7GjwtoYrkFyqOhLK6
 *     L8-Wh1nLeREwWj30gNYOZW_ZB2mOeQ5yiXqeKJeNpDPssGUrNo-3N-CqNrbmVCb
 *     XYTwmNB7IvwE6ZPRcfxFV22oou-NS4-3rEa2ghG44Fi9D9fVURwxrRqgyezeD3H
 *     HVIFUnCxHUou3OOpj6aOgDqKI4Xl2xJ0-kKAxNR8LljUp64OHgoS-UO3qyfOwIk
 *     IAR7o4OTK_3Oy78rJNT0Y0RebAWyA81UDCSf_gWVBp-EUTI5CdZ1_odYhwB9OWD
 *     W1A22Sf6rmjhMHGbQW4A9Z822yiZZveuT_AFZ2hi7yNp8iFPZ8fgPQJ5pPpjA7u
 *     dg"
 * }
 * 
* *

Related specifications: * *

    *
  • OpenID Connect CIBA Flow - Core 1.0, section 10.3.1. *
*/ @Immutable public class CIBATokenDelivery extends CIBAPushCallback { /** * The tokens. */ private final Tokens tokens; /** * Creates a new CIBA push token delivery for OAuth 2.0. * * @param endpoint The client notification endpoint. Must not be * {@code null}. * @param accessToken The client notification token. Must not be * {@code null}. * @param authRequestID The CIBA request ID. Must not be {@code null}. * @param tokens The OAuth 2.0 tokens to deliver. Must not be * {@code null}. */ public CIBATokenDelivery(final URI endpoint, final BearerAccessToken accessToken, final AuthRequestID authRequestID, final Tokens tokens) { super(endpoint, accessToken, authRequestID); if (tokens == null) { throw new IllegalArgumentException("The tokens must not be null"); } this.tokens = tokens; } /** * Creates a new CIBA push token delivery for OpenID Connect. * * @param endpoint The client notification endpoint. Must not be * {@code null}. * @param accessToken The client notification token. Must not be * {@code null}. * @param authRequestID The CIBA request ID. Must not be {@code null}. * @param oidcTokens The OpenID Connect tokens to deliver. Must not * be {@code null}. */ public CIBATokenDelivery(final URI endpoint, final BearerAccessToken accessToken, final AuthRequestID authRequestID, final OIDCTokens oidcTokens) { super(endpoint, accessToken, authRequestID); if (oidcTokens == null) { throw new IllegalArgumentException("The OpenID Connect tokens must not be null"); } this.tokens = oidcTokens; } @Override public boolean indicatesSuccess() { return true; } /** * Returns the OAuth 2.0 tokens. * * @return The tokens. */ public Tokens getTokens() { return tokens; } /** * Returns the OpenID Connect tokens if present. * * @return The OpenID Connect tokens, {@code null} if none. */ public OIDCTokens getOIDCTokens() { return getTokens() instanceof OIDCTokens ? getTokens().toOIDCTokens() : null; } @Override public HTTPRequest toHTTPRequest() { HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI()); httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); httpRequest.setEntityContentType(ContentType.APPLICATION_JSON); JSONObject jsonObject = new JSONObject(); jsonObject.put("auth_req_id", getAuthRequestID().getValue()); jsonObject.putAll(getTokens().toJSONObject()); httpRequest.setQuery(jsonObject.toJSONString()); return httpRequest; } /** * Parses a CIBA push token delivery from the specified HTTP request. * * @param httpRequest The HTTP request. Must not be {@code null}. * * @return The CIBA push token delivery. * * @throws ParseException If parsing failed. */ public static CIBATokenDelivery parse(final HTTPRequest httpRequest) throws ParseException { URI uri = httpRequest.getURI(); httpRequest.ensureMethod(HTTPRequest.Method.POST); httpRequest.ensureEntityContentType(ContentType.APPLICATION_JSON); BearerAccessToken clientNotificationToken = BearerAccessToken.parse(httpRequest); AuthRequestID authRequestID = new AuthRequestID( JSONObjectUtils.getString( httpRequest.getQueryAsJSONObject(), "auth_req_id")); JSONObject jsonObject = httpRequest.getQueryAsJSONObject(); if (jsonObject.get("id_token") != null) { return new CIBATokenDelivery( uri, clientNotificationToken, authRequestID, OIDCTokens.parse(jsonObject)); } else { return new CIBATokenDelivery( uri, clientNotificationToken, authRequestID, Tokens.parse(jsonObject)); } } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy