org.pac4j.oidc.profile.OidcProfileDefinition Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of pac4j-oidc Show documentation
There is a newer version: 6.1.0
package org.pac4j.oidc.profile;

import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.oauth2.sdk.token.RefreshToken;
import org.pac4j.core.profile.converter.Converters;
import org.pac4j.core.profile.definition.CommonProfileDefinition;
import org.pac4j.core.profile.factory.ProfileFactory;
import org.pac4j.core.profile.jwt.JwtClaims;
import org.pac4j.oidc.profile.converter.OidcLongTimeConverter;

import java.util.Arrays;

/**
 * This class defines the attributes of the OpenID Connect profile: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
 * + http://openid.net/specs/openid-connect-core-1_0.html#IDToken
 *
 * @author Jerome Leleu
 * @since 1.9.2
 */
public class OidcProfileDefinition extends CommonProfileDefinition {

    /** Constant NAME="name" */
    public static final String NAME                     = "name";
    /** Constant GIVEN_NAME="given_name" */
    public static final String GIVEN_NAME               = "given_name";
    /** Constant MIDDLE_NAME="middle_name" */
    public static final String MIDDLE_NAME              = "middle_name";
    /** Constant NICKNAME="nickname" */
    public static final String NICKNAME                 = "nickname";
    /** Constant PREFERRED_USERNAME="preferred_username" */
    public static final String PREFERRED_USERNAME       = "preferred_username";
    /** Constant PROFILE="profile" */
    public static final String PROFILE                  = "profile";
    /** Constant PICTURE="picture" */
    public static final String PICTURE                  = "picture";
    /** Constant WEBSITE="website" */
    public static final String WEBSITE                  = "website";
    /** Constant EMAIL_VERIFIED="email_verified" */
    public static final String EMAIL_VERIFIED           = "email_verified";
    /** Constant BIRTHDATE="birthdate" */
    public static final String BIRTHDATE                = "birthdate";
    /** Constant ZONEINFO="zoneinfo" */
    public static final String ZONEINFO                 = "zoneinfo";
    /** Constant PHONE_NUMBER="phone_number" */
    public static final String PHONE_NUMBER             = "phone_number";
    /** Constant PHONE_NUMBER_VERIFIED="phone_number_verified" */
    public static final String PHONE_NUMBER_VERIFIED    = "phone_number_verified";
    /** Constant ADDRESS="address" */
    public static final String ADDRESS                  = "address";
    /** Constant UPDATED_AT="updated_at" */
    public static final String UPDATED_AT               = "updated_at";
    /** Constant ACCESS_TOKEN="access_token" */
    public static final String ACCESS_TOKEN             = "access_token";
    /** Constant ID_TOKEN="id_token" */
    public static final String ID_TOKEN                 = "id_token";
    /** Constant REFRESH_TOKEN="refresh_token" */
    public static final String REFRESH_TOKEN            = "refresh_token";
    /** Constant AUTH_TIME="auth_time" */
    public static final String AUTH_TIME                = "auth_time";
    /** Constant NONCE="nonce" */
    public static final String NONCE                    = "nonce";
    /** Constant ACR="acr" */
    public static final String ACR                      = "acr";
    /** Constant AMR="amr" */
    public static final String AMR                      = "amr";
    /** Constant AZP="azp" */
    public static final String AZP                      = "azp";

    // Custom secondary attributes
    /** Constant TOKEN_EXPIRATION_ADVANCE="token_expiration_advance" */
    public static final String TOKEN_EXPIRATION_ADVANCE = "token_expiration_advance";
    /** Constant EXPIRATION="expiration" */
    public static final String EXPIRATION               = "expiration";

    /**
     * Constructor for OidcProfileDefinition.
     */
    public OidcProfileDefinition() {
        super(x -> new OidcProfile());
        Arrays.stream(new String[] {NAME, GIVEN_NAME, MIDDLE_NAME, NICKNAME, PREFERRED_USERNAME, WEBSITE,
                PHONE_NUMBER, ZONEINFO, ID_TOKEN}).forEach(a -> primary(a, Converters.STRING));
        primary(PROFILE, Converters.URL);
        primary(PICTURE, Converters.URL);
        primary(EMAIL_VERIFIED, Converters.BOOLEAN);
        primary(PHONE_NUMBER_VERIFIED, Converters.BOOLEAN);
        primary(UPDATED_AT, new OidcLongTimeConverter());
        primary(ACCESS_TOKEN, attribute -> {
            if (attribute instanceof AccessToken) {
                return attribute;
            } else if (attribute instanceof String) {
                return new BearerAccessToken((String) attribute);
            }
            return null;
        });
        primary(REFRESH_TOKEN, attribute -> {
            if (attribute instanceof RefreshToken) {
                return attribute;
            } else if (attribute instanceof String) {
                return new RefreshToken((String) attribute);
            }
            return null;
        });
        // TODO: birthdate, address
        Arrays.stream(new String[] {JwtClaims.SUBJECT, JwtClaims.ISSUER, NONCE, ACR, AZP}).forEach(a -> primary(a, Converters.STRING));
        Arrays.stream(new String[] {JwtClaims.EXPIRATION_TIME, JwtClaims.ISSUED_AT, JwtClaims.NOT_BEFORE})
            .forEach(a -> primary(a, Converters.DATE_TZ_GENERAL));
        primary(AUTH_TIME, new OidcLongTimeConverter());

        // custom attributes
        secondary(TOKEN_EXPIRATION_ADVANCE, Converters.INTEGER);
        secondary(EXPIRATION, Converters.DATE_TZ_RFC822);
    }

    /**
     * Constructor for OidcProfileDefinition.
     *
     * @param profileFactory a {@link ProfileFactory} object
     */
    public OidcProfileDefinition(final ProfileFactory profileFactory) {
        this();
        setProfileFactory(profileFactory);
    }
}