001package com.nimbusds.openid.connect.provider.spi.grants; 002 003 004import java.util.List; 005 006import com.nimbusds.oauth2.sdk.ParseException; 007import com.nimbusds.oauth2.sdk.id.Audience; 008import com.nimbusds.oauth2.sdk.id.Subject; 009import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 010import net.jcip.annotations.Immutable; 011import net.minidev.json.JSONObject; 012 013 014/** 015 * Optional token specification. 016 */ 017@Immutable 018public class OptionalTokenSpec extends TokenSpec { 019 020 021 /** 022 * Specifies if a token is to be issued. If {@code true} a token must 023 * be issued, {@code false} to prohibit issue. 024 */ 025 private final boolean issue; 026 027 028 /** 029 * Creates a new optional token specification. 030 * 031 * @param issue If {@code true} a token must be issued, 032 * {@code false} to prohibit issue. 033 * @param lifetime The token lifetime, in seconds. For 034 * access tokens zero and negative implies 035 * not specified (to let the Connect2id 036 * server apply the default configured 037 * access token lifetime). For refresh 038 * tokens zero implies permanent (no 039 * expiration) and negative not specified 040 * (to let the Connect2id server apply the 041 * default configured refresh token 042 * lifetime). 043 * @param audList Explicit list of audiences for the token, 044 * {@code null} if not specified. 045 * @param impersonatedSubject The subject in impersonation and 046 * delegation cases, {@code null} if not 047 * applicable. 048 */ 049 public OptionalTokenSpec(final boolean issue, 050 final long lifetime, 051 final List<Audience> audList, 052 final Subject impersonatedSubject) { 053 054 super(lifetime, audList, impersonatedSubject); 055 056 this.issue = issue; 057 } 058 059 060 /** 061 * Returns the token issue policy. 062 * 063 * @return {@code true} if a token must be issued, {@code false} to 064 * prohibit issue. 065 */ 066 public boolean issue() { 067 068 return issue; 069 } 070 071 072 @Override 073 public JSONObject toJSONObject() { 074 075 JSONObject o = super.toJSONObject(); 076 o.put("issue", issue); 077 return o; 078 } 079 080 081 /** 082 * Parses an optional token specification from the specified JSON 083 * object. 084 * 085 * @param jsonObject The JSON object. Must not be {@code null}. 086 * 087 * @return The optional token specification. 088 * 089 * @throws ParseException If parsing failed. 090 */ 091 public static OptionalTokenSpec parse(final JSONObject jsonObject) 092 throws ParseException { 093 094 TokenSpec tokenSpec = TokenSpec.parse(jsonObject); 095 096 boolean issue = false; 097 098 if (jsonObject.containsKey("issue")) { 099 issue = JSONObjectUtils.getBoolean(jsonObject, "issue"); 100 } 101 102 return new OptionalTokenSpec(issue, tokenSpec.getLifetime(), tokenSpec.getAudience(), tokenSpec.getImpersonatedSubject()); 103 } 104}