001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jwt; 019 020 021import java.text.ParseException; 022import java.util.Map; 023 024import net.jcip.annotations.ThreadSafe; 025 026import com.nimbusds.jose.JOSEObject; 027import com.nimbusds.jose.JWSHeader; 028import com.nimbusds.jose.JWSObject; 029import com.nimbusds.jose.Payload; 030import com.nimbusds.jose.util.Base64URL; 031 032 033/** 034 * Signed JSON Web Token (JWT). 035 * 036 * @author Vladimir Dzhuvinov 037 * @version 2021-02-22 038 */ 039@ThreadSafe 040public class SignedJWT extends JWSObject implements JWT { 041 042 043 private static final long serialVersionUID = 1L; 044 045 /** 046 * The JWT claims set. 047 */ 048 private JWTClaimsSet claimsSet; 049 050 051 /** 052 * Creates a new to-be-signed JSON Web Token (JWT) with the specified 053 * header and claims set. The initial state will be 054 * {@link com.nimbusds.jose.JWSObject.State#UNSIGNED unsigned}. 055 * 056 * @param header The JWS header. Must not be {@code null}. 057 * @param claimsSet The JWT claims set. Must not be {@code null}. 058 */ 059 public SignedJWT(final JWSHeader header, final JWTClaimsSet claimsSet) { 060 061 super(header, claimsSet.toPayload()); 062 this.claimsSet = claimsSet; 063 } 064 065 066 /** 067 * Creates a new signed JSON Web Token (JWT) with the specified 068 * serialised parts. The state will be 069 * {@link com.nimbusds.jose.JWSObject.State#SIGNED signed}. 070 * 071 * @param firstPart The first part, corresponding to the JWS header. 072 * Must not be {@code null}. 073 * @param secondPart The second part, corresponding to the claims set 074 * (payload). Must not be {@code null}. 075 * @param thirdPart The third part, corresponding to the signature. 076 * Must not be {@code null}. 077 * 078 * @throws ParseException If parsing of the serialised parts failed. 079 */ 080 public SignedJWT(final Base64URL firstPart, final Base64URL secondPart, final Base64URL thirdPart) 081 throws ParseException { 082 083 super(firstPart, secondPart, thirdPart); 084 } 085 086 087 @Override 088 public JWTClaimsSet getJWTClaimsSet() 089 throws ParseException { 090 091 if (claimsSet != null) { 092 return claimsSet; 093 } 094 095 Map<String, Object> json = getPayload().toJSONObject(); 096 097 if (json == null) { 098 throw new ParseException("Payload of JWS object is not a valid JSON object", 0); 099 } 100 101 claimsSet = JWTClaimsSet.parse(json); 102 return claimsSet; 103 } 104 105 106 @Override 107 protected void setPayload(Payload payload) { 108 109 // setPayload() changes the result of getJWTClaimsSet(). 110 // set claimsSet = null and reparse payload again when called getJWTClaimsSet(). 111 claimsSet = null; 112 super.setPayload(payload); 113 } 114 115 116 /** 117 * Parses a signed JSON Web Token (JWT) from the specified string in 118 * compact format. 119 * 120 * @param s The string to parse. Must not be {@code null}. 121 * 122 * @return The signed JWT. 123 * 124 * @throws ParseException If the string couldn't be parsed to a valid 125 * signed JWT. 126 */ 127 public static SignedJWT parse(final String s) 128 throws ParseException { 129 130 Base64URL[] parts = JOSEObject.split(s); 131 132 if (parts.length != 3) { 133 throw new ParseException("Unexpected number of Base64URL parts, must be three", 0); 134 } 135 136 return new SignedJWT(parts[0], parts[1], parts[2]); 137 } 138}