Source code

001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2016, Connect2id Ltd.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jwt;
019
020
021import java.text.ParseException;
022import java.util.Map;
023
024import net.jcip.annotations.ThreadSafe;
025
026import com.nimbusds.jose.JOSEObject;
027import com.nimbusds.jose.JWEHeader;
028import com.nimbusds.jose.JWEObject;
029import com.nimbusds.jose.Payload;
030import com.nimbusds.jose.util.Base64URL;
031
032
033/**
034 * Encrypted JSON Web Token (JWT). This class is thread-safe.
035 *
036 * @author Vladimir Dzhuvinov
037 * @version 2021-02-22
038 */
039@ThreadSafe
040public class EncryptedJWT extends JWEObject implements JWT {
041
042
043        private static final long serialVersionUID = 1L;
044
045        /**
046         * The JWT claims set.
047         */
048        private JWTClaimsSet claimsSet;
049
050
051        /**
052         * Creates a new to-be-encrypted JSON Web Token (JWT) with the specified
053         * header and claims set. The initial state will be 
054         * {@link com.nimbusds.jose.JWEObject.State#UNENCRYPTED unencrypted}.
055         *
056         * @param header    The JWE header. Must not be {@code null}.
057         * @param claimsSet The JWT claims set. Must not be {@code null}.
058         */
059        public EncryptedJWT(final JWEHeader header, final JWTClaimsSet claimsSet) {
060
061                super(header, claimsSet.toPayload(true));
062                this.claimsSet = claimsSet;
063        }
064
065
066        /**
067         * Creates a new encrypted JSON Web Token (JWT) with the specified 
068         * serialised parts. The state will be 
069         * {@link com.nimbusds.jose.JWEObject.State#ENCRYPTED encrypted}.
070         *
071         * @param firstPart  The first part, corresponding to the JWE header. 
072         *                   Must not be {@code null}.
073         * @param secondPart The second part, corresponding to the encrypted 
074         *                   key. Empty or {@code null} if none.
075         * @param thirdPart  The third part, corresponding to the initialisation
076         *                   vectory. Empty or {@code null} if none.
077         * @param fourthPart The fourth part, corresponding to the cipher text.
078         *                   Must not be {@code null}.
079         * @param fifthPart  The fifth part, corresponding to the integrity
080         *                   value. Empty of {@code null} if none.
081         *
082         * @throws ParseException If parsing of the serialised parts failed.
083         */
084        public EncryptedJWT(final Base64URL firstPart, 
085                            final Base64URL secondPart, 
086                            final Base64URL thirdPart,
087                            final Base64URL fourthPart,
088                            final Base64URL fifthPart)
089                throws ParseException {
090
091                super(firstPart, secondPart, thirdPart, fourthPart, fifthPart);
092        }
093
094
095        @Override
096        public JWTClaimsSet getJWTClaimsSet()
097                throws ParseException {
098
099                if (claimsSet != null) {
100                        return claimsSet;
101                }
102
103                Payload payload = getPayload();
104
105                if (payload == null) {
106                        return null;
107                }
108
109                Map<String, Object> json = payload.toJSONObject();
110
111                if (json == null) {
112                        throw new ParseException("Payload of JWE object is not a valid JSON object", 0);
113                }
114
115                claimsSet = JWTClaimsSet.parse(json);
116                return claimsSet;
117        }
118
119        
120        @Override
121        protected void setPayload(Payload payload) {
122
123                // setPayload() changes the result of getJWTClaimsSet().
124                // set claimsSet = null and reparse payload again when called getJWTClaimsSet().
125                claimsSet = null;
126                super.setPayload(payload);
127        }
128
129        
130        /**
131         * Parses an encrypted JSON Web Token (JWT) from the specified string in
132         * compact format. 
133         *
134         * @param s The string to parse. Must not be {@code null}.
135         *
136         * @return The encrypted JWT.
137         *
138         * @throws ParseException If the string couldn't be parsed to a valid 
139         *                        encrypted JWT.
140         */
141        public static EncryptedJWT parse(final String s)
142                throws ParseException {
143
144                Base64URL[] parts = JOSEObject.split(s);
145
146                if (parts.length != 5) {
147                        throw new ParseException("Unexpected number of Base64URL parts, must be five", 0);
148                }
149
150                return new EncryptedJWT(parts[0], parts[1], parts[2], parts[3], parts[4]);
151        }
152}