Source code

001/*
002 * oauth2-oidc-sdk
003 *
004 * Copyright 2012-2016, Connect2id Ltd and contributors.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.openid.connect.sdk.federation.trust.marks;
019
020
021import java.net.URI;
022import java.util.Date;
023
024import com.nimbusds.jwt.JWTClaimsSet;
025import com.nimbusds.oauth2.sdk.ParseException;
026import com.nimbusds.oauth2.sdk.id.Identifier;
027import com.nimbusds.oauth2.sdk.id.Issuer;
028import com.nimbusds.oauth2.sdk.id.Subject;
029import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
030import com.nimbusds.oauth2.sdk.util.StringUtils;
031import com.nimbusds.openid.connect.sdk.claims.CommonClaimsSet;
032
033
034/**
035 * Federation trust mark claims set, serialisable to a JSON object.
036 *
037 * <p>Example claims set:
038 *
039 * <pre>
040 * {
041 *   "iss" : "https://swamid.sunet.se",
042 *   "sub" : "https://umu.se/op",
043 *   "iat" : 1577833200,
044 *   "exp" : 1609369200,
045 *   "id"  : "https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf"
046 * }
047 * </pre>
048 *
049 * <p>Related specifications:
050 *
051 * <ul>
052 *     <li>OpenID Connect Federation 1.0, section 5.3.
053 * </ul>
054 */
055public class TrustMarkClaimsSet extends CommonClaimsSet {
056        
057        
058        /**
059         * The identifier claim name.
060         */
061        public static final String ID_CLAIM_NAME = "id";
062        
063        
064        /**
065         * The mark / logo URI name.
066         */
067        public static final String LOGO_URI_CLAIM_NAME = "logo_uri";
068        
069        
070        /**
071         * The expiration time claim name.
072         */
073        public static final String EXP_CLAIM_NAME = "exp";
074        
075        
076        /**
077         * The reference claim name.
078         */
079        public static final String REF_CLAIM_NAME = "ref";
080        
081        
082        /**
083         * Creates a new trust mark claims set with the minimum required
084         * claims.
085         *
086         * @param iss  The issuer. Corresponds to the {@code iss} claim. Must
087         *             not be {@code null}.
088         * @param sub  The subject. Corresponds to the {@code sub} claim. Must
089         *             not be {@code null}.
090         * @param id   The identifier. Corresponds to the {@code id} claim.
091         *             Must not be {@code null}.
092         * @param iat  The issue time. Corresponds to the {@code iat} claim.
093         *             Must not be {@code null}.
094         */
095        public TrustMarkClaimsSet(final Issuer iss,
096                                  final Subject sub,
097                                  final Identifier id,
098                                  final Date iat) {
099                
100                setClaim(ISS_CLAIM_NAME, iss.getValue());
101                setClaim(SUB_CLAIM_NAME, sub.getValue());
102                setClaim(ID_CLAIM_NAME, id.getValue());
103                setDateClaim(IAT_CLAIM_NAME, iat);
104        }
105        
106        
107        /**
108         * Creates a new trust mark claims set from the specified JWT claims
109         * set.
110         *
111         * @param jwtClaimsSet The JWT claims set. Must not be {@code null}.
112         *
113         * @throws ParseException If the JWT claims set doesn't represent a
114         *                        valid trust mark claims set.
115         */
116        public TrustMarkClaimsSet(final JWTClaimsSet jwtClaimsSet)
117                throws ParseException {
118                
119                super(JSONObjectUtils.toJSONObject(jwtClaimsSet));
120                
121                validateRequiredClaimsPresence();
122        }
123        
124        
125        /**
126         * Validates this claims set for having all minimum required claims for
127         * a trust mark.
128         *
129         * @throws ParseException If the validation failed and a required claim
130         *                        is missing.
131         */
132        public void validateRequiredClaimsPresence()
133                throws ParseException {
134                
135                if (getIssuer() == null) {
136                        throw new ParseException("Missing iss (issuer) claim");
137                }
138                
139                if (getSubject() == null) {
140                        throw new ParseException("Missing sub (subject) claim");
141                }
142                
143                if (getID() == null) {
144                        throw new ParseException("Missing id (identifier) claim");
145                }
146                
147                if (getIssueTime() == null) {
148                        throw new ParseException("Missing iat (issued-at) claim");
149                }
150        }
151        
152        
153        /**
154         * Returns the identifier. Corresponds to the {@code id} claim.
155         *
156         * @return The identifier.
157         */
158        public Identifier getID() {
159                
160                String idString = getStringClaim(ID_CLAIM_NAME);
161                
162                if (StringUtils.isBlank(idString)) {
163                        return null;
164                }
165                
166                return new Identifier(idString);
167        }
168        
169        
170        /**
171         * Gets the mark / logo URI. Corresponds to the {@code logo_uri} claim.
172         *
173         * @return The mark / logo URI, {@code null} if not specified or
174         *         parsing failed.
175         */
176        public URI getLogoURI() {
177                
178                return getURIClaim(LOGO_URI_CLAIM_NAME);
179        }
180        
181        
182        /**
183         * Sets the mark / logo URI. Corresponds to the {@code logo_uri} claim.
184         *
185         * @param markURI The mark / logo URI, {@code null} if not specified.
186         */
187        public void setMark(final URI markURI) {
188                
189                setURIClaim(LOGO_URI_CLAIM_NAME, markURI);
190        }
191        
192        
193        /**
194         * Gets the expiration time. Corresponds to the {@code exp} claim.
195         *
196         * @return The expiration time, {@code null} if not specified or
197         *         parsing failed.
198         */
199        public Date getExpirationTime() {
200                
201                return getDateClaim(EXP_CLAIM_NAME);
202        }
203        
204        
205        /**
206         * Sets the expiration time. Corresponds to the {@code exp} claim.
207         *
208         * @param exp The expiration time, {@code null} if not specified.
209         */
210        public void setExpirationTime(final Date exp) {
211                
212                setDateClaim(EXP_CLAIM_NAME, exp);
213        }
214        
215        
216        /**
217         * Gets the reference URI. Corresponds to the {@code ref} claim.
218         *
219         * @return The reference URI, {@code null} if not specified or parsing
220         *         failed.
221         */
222        public URI getReference() {
223                
224                return getURIClaim(REF_CLAIM_NAME);
225        }
226        
227        
228        /**
229         * Sets the reference URI. Corresponds to the {@code ref} claim.
230         *
231         * @param refURI The reference URI, {@code null} if not specified.
232         */
233        public void setReference(final URI refURI) {
234                
235                setURIClaim(REF_CLAIM_NAME, refURI);
236        }
237}