001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2021, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.ciba; 019 020 021import java.net.URI; 022 023import net.jcip.annotations.Immutable; 024import net.minidev.json.JSONObject; 025 026import com.nimbusds.common.contenttype.ContentType; 027import com.nimbusds.oauth2.sdk.ParseException; 028import com.nimbusds.oauth2.sdk.ProtectedResourceRequest; 029import com.nimbusds.oauth2.sdk.http.HTTPRequest; 030import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 031import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 032 033 034/** 035 * <p>CIBA ping callback to a client notification endpoint. 036 * 037 * <p>Example HTTP request: 038 * 039 * <pre> 040 * POST /cb HTTP/1.1 041 * Host: client.example.com 042 * Authorization: Bearer 8d67dc78-7faa-4d41-aabd-67707b374255 043 * Content-Type: application/json 044 * 045 * { 046 * "auth_req_id": "1c266114-a1be-4252-8ad1-04986c5b9ac1" 047 * } 048 * </pre> 049 * 050 * <p>Related specifications: 051 * 052 * <ul> 053 * <li>OpenID Connect CIBA Flow - Core 1.0, section 10.2 054 * </ul> 055 */ 056@Immutable 057public class CIBAPingCallback extends ProtectedResourceRequest { 058 059 060 /** 061 * The CIBA request ID. 062 */ 063 private final AuthRequestID authRequestID; 064 065 066 /** 067 * Creates a new CIBA ping callback. 068 * 069 * @param endpoint The client notification endpoint. Must not be 070 * {@code null}. 071 * @param accessToken The client notification token. Must not be 072 * {@code null}. 073 * @param authRequestID The CIBA request ID. Must not be {@code null}. 074 */ 075 public CIBAPingCallback(final URI endpoint, 076 final BearerAccessToken accessToken, 077 final AuthRequestID authRequestID) { 078 super(endpoint, accessToken); 079 080 if (authRequestID == null) { 081 throw new IllegalArgumentException("The auth_req_id must not be null"); 082 } 083 this.authRequestID = authRequestID; 084 } 085 086 087 /** 088 * Returns the CIBA request ID. 089 * 090 * @return The CIBA request ID. 091 */ 092 public AuthRequestID getAuthRequestID() { 093 return authRequestID; 094 } 095 096 097 @Override 098 public HTTPRequest toHTTPRequest() { 099 100 HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI()); 101 httpRequest.setFollowRedirects(false); 102 httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); 103 httpRequest.setEntityContentType(ContentType.APPLICATION_JSON); 104 JSONObject jsonObject = new JSONObject(); 105 jsonObject.put("auth_req_id", getAuthRequestID().getValue()); 106 httpRequest.setBody(jsonObject.toJSONString()); 107 return httpRequest; 108 } 109 110 111 /** 112 * Parses a CIBA ping callback from the specified HTTP request. 113 * 114 * @param httpRequest The HTTP request. Must not be {@code null}. 115 * 116 * @return The CIBA ping callback. 117 * 118 * @throws ParseException If parsing failed. 119 */ 120 public static CIBAPingCallback parse(final HTTPRequest httpRequest) 121 throws ParseException { 122 123 URI uri = httpRequest.getURI(); 124 httpRequest.ensureMethod(HTTPRequest.Method.POST); 125 httpRequest.ensureEntityContentType(ContentType.APPLICATION_JSON); 126 127 BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest); 128 129 AuthRequestID authRequestID = new AuthRequestID( 130 JSONObjectUtils.getString( 131 httpRequest.getQueryAsJSONObject(), 132 "auth_req_id") 133 ); 134 135 return new CIBAPingCallback(uri, accessToken, authRequestID); 136 } 137}