com.nimbusds.openid.connect.sdk.op.OIDCProviderEndpointMetadata Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of oauth2-oidc-sdk Show documentation
Show all versions of oauth2-oidc-sdk Show documentation
OAuth 2.0 SDK with OpenID Connection extensions for developing client
and server applications.
/*
* oauth2-oidc-sdk
*
* Copyright 2012-2016, Connect2id Ltd and contributors.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use
* this file except in compliance with the License. You may obtain a copy of the
* License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
package com.nimbusds.openid.connect.sdk.op;
import java.net.URI;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import net.minidev.json.JSONObject;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.as.AuthorizationServerEndpointMetadata;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
/**
* OpenID Provider (OP) endpoint metadata.
*
* Related specifications:
*
*
* - OAuth 2.0 Authorization Server Metadata (RFC 8414)
*
- OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound
* Access Tokens (RFC 8705)
*
- OAuth 2.0 Device Flow for Browserless and Input Constrained Devices
* (draft-ietf-oauth-device-flow-14)
*
- OpenID Connect Discovery 1.0, section 3.
*
- OpenID Connect Session Management 1.0, section 2.1 (draft 28).
*
- OpenID Connect Front-Channel Logout 1.0, section 3 (draft 02).
*
- OpenID Connect Back-Channel Logout 1.0, section 2.1 (draft 07).
*
- OpenID Connect Federation 1.0 (draft 10).
*
*/
public class OIDCProviderEndpointMetadata extends AuthorizationServerEndpointMetadata implements ReadOnlyOIDCProviderEndpointMetadata {
/**
* The registered parameter names.
*/
private static final Set REGISTERED_PARAMETER_NAMES;
static {
Set p = new HashSet<>(AuthorizationServerEndpointMetadata.getRegisteredParameterNames());
p.add("userinfo_endpoint");
p.add("check_session_iframe");
p.add("end_session_endpoint");
p.add("federation_registration_endpoint");
REGISTERED_PARAMETER_NAMES = Collections.unmodifiableSet(p);
}
/**
* Gets the registered provider metadata parameter names for endpoints.
*
* @return The registered provider metadata parameter names for the
* endpoints, as an unmodifiable set.
*/
public static Set getRegisteredParameterNames() {
return REGISTERED_PARAMETER_NAMES;
}
/**
* The UserInfo endpoint.
*/
private URI userInfoEndpoint;
/**
* The federation registration endpoint.
*/
private URI federationRegistrationEndpoint;
/**
* The cross-origin check session iframe.
*/
private URI checkSessionIframe;
/**
* The logout endpoint.
*/
private URI endSessionEndpoint;
/**
* Creates a new OpenID Connect provider endpoint metadata instance.
*/
public OIDCProviderEndpointMetadata() {
}
/**
* Converts an authorization server endpoint metadata to an OpenID
* Connect provider endpoint metadata instance.
*/
public OIDCProviderEndpointMetadata(final AuthorizationServerEndpointMetadata endpointMetadata) {
setAuthorizationEndpointURI(endpointMetadata.getAuthorizationEndpointURI());
setTokenEndpointURI(endpointMetadata.getTokenEndpointURI());
setRegistrationEndpointURI(endpointMetadata.getRegistrationEndpointURI());
setIntrospectionEndpointURI(endpointMetadata.getIntrospectionEndpointURI());
setRevocationEndpointURI(endpointMetadata.getRevocationEndpointURI());
setDeviceAuthorizationEndpointURI(endpointMetadata.getDeviceAuthorizationEndpointURI());
setBackChannelAuthenticationEndpointURI(endpointMetadata.getBackChannelAuthenticationEndpointURI());
setPushedAuthorizationRequestEndpointURI(endpointMetadata.getPushedAuthorizationRequestEndpointURI());
setRequestObjectEndpoint(endpointMetadata.getRequestObjectEndpoint());
}
@Override
public URI getUserInfoEndpointURI() {
return userInfoEndpoint;
}
/**
* Sets the UserInfo endpoint URI. Corresponds the
* {@code userinfo_endpoint} metadata field.
*
* @param userInfoEndpoint The UserInfo endpoint URI, {@code null} if
* not specified.
*/
public void setUserInfoEndpointURI(final URI userInfoEndpoint) {
this.userInfoEndpoint = userInfoEndpoint;
}
@Override
public URI getCheckSessionIframeURI() {
return checkSessionIframe;
}
/**
* Sets the cross-origin check session iframe URI. Corresponds to the
* {@code check_session_iframe} metadata field.
*
* @param checkSessionIframe The check session iframe URI, {@code null}
* if not specified.
*/
public void setCheckSessionIframeURI(final URI checkSessionIframe) {
this.checkSessionIframe = checkSessionIframe;
}
@Override
public URI getEndSessionEndpointURI() {
return endSessionEndpoint;
}
/**
* Sets the logout endpoint URI. Corresponds to the
* {@code end_session_endpoint} metadata field.
*
* @param endSessionEndpoint The logoout endpoint URI, {@code null} if
* not specified.
*/
public void setEndSessionEndpointURI(final URI endSessionEndpoint) {
this.endSessionEndpoint = endSessionEndpoint;
}
@Override
public URI getFederationRegistrationEndpointURI() {
return federationRegistrationEndpoint;
}
/**
* Sets the federation registration endpoint URI. Corresponds to the
* {@code federation_registration_endpoint} metadata field.
*
* @param federationRegistrationEndpoint The federation registration
* endpoint URI, {@code null} if
* not specified.
*/
public void setFederationRegistrationEndpointURI(final URI federationRegistrationEndpoint) {
this.federationRegistrationEndpoint = federationRegistrationEndpoint;
}
@Override
public JSONObject toJSONObject() {
JSONObject o = super.toJSONObject();
if (getUserInfoEndpointURI() != null)
o.put("userinfo_endpoint", getUserInfoEndpointURI().toString());
if (getCheckSessionIframeURI() != null)
o.put("check_session_iframe", getCheckSessionIframeURI().toString());
if (getEndSessionEndpointURI() != null)
o.put("end_session_endpoint", getEndSessionEndpointURI().toString());
if (getFederationRegistrationEndpointURI() != null)
o.put("federation_registration_endpoint", getFederationRegistrationEndpointURI().toString());
return o;
}
/**
* Parses an OAuth 2.0 Authorisation Server endpoint metadata from the specified
* JSON object.
*
* @param jsonObject The JSON object to parse. Must not be
* {@code null}.
*
* @return The OAuth 2.0 Authorisation Server endpoint metadata.
*
* @throws ParseException If the JSON object couldn't be parsed to an
* OAuth 2.0 Authorisation Server endpoint metadata.
*/
public static OIDCProviderEndpointMetadata parse(final JSONObject jsonObject)
throws ParseException {
AuthorizationServerEndpointMetadata as = AuthorizationServerEndpointMetadata.parse(jsonObject);
OIDCProviderEndpointMetadata op = new OIDCProviderEndpointMetadata();
op.setAuthorizationEndpointURI(as.getAuthorizationEndpointURI());
op.setTokenEndpointURI(as.getTokenEndpointURI());
op.setRegistrationEndpointURI(as.getRegistrationEndpointURI());
op.setIntrospectionEndpointURI(as.getIntrospectionEndpointURI());
op.setRevocationEndpointURI(as.getRevocationEndpointURI());
op.setDeviceAuthorizationEndpointURI(as.getDeviceAuthorizationEndpointURI());
op.setBackChannelAuthenticationEndpointURI(as.getBackChannelAuthenticationEndpointURI());
op.setPushedAuthorizationRequestEndpointURI(as.getPushedAuthorizationRequestEndpointURI());
op.setRequestObjectEndpoint(as.getRequestObjectEndpoint());
op.userInfoEndpoint = JSONObjectUtils.getURI(jsonObject, "userinfo_endpoint", null);
op.checkSessionIframe = JSONObjectUtils.getURI(jsonObject, "check_session_iframe", null);
op.endSessionEndpoint = JSONObjectUtils.getURI(jsonObject, "end_session_endpoint", null);
op.federationRegistrationEndpoint = JSONObjectUtils.getURI(jsonObject, "federation_registration_endpoint", null);
return op;
}
}