001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.ciba; 019 020 021import java.util.*; 022 023import net.jcip.annotations.Immutable; 024 025import com.nimbusds.oauth2.sdk.AuthorizationGrant; 026import com.nimbusds.oauth2.sdk.GrantType; 027import com.nimbusds.oauth2.sdk.OAuth2Error; 028import com.nimbusds.oauth2.sdk.ParseException; 029import com.nimbusds.oauth2.sdk.util.MultivaluedMapUtils; 030 031 032/** 033 * CIBA grant. 034 * 035 * <p>Related specifications: 036 * 037 * <ul> 038 * <li>OpenID Connect CIBA Flow - Core 1.0. 039 * </ul> 040 */ 041@Immutable 042public class CIBAGrant extends AuthorizationGrant { 043 044 045 /** 046 * The grant type. 047 */ 048 public static final GrantType GRANT_TYPE = GrantType.CIBA; 049 050 051 /** 052 * The authentication request ID. 053 */ 054 private final AuthRequestID authRequestID; 055 056 057 /** 058 * Creates a new CIBA grant. 059 * 060 * @param authRequestID The authentication request ID. Must not be 061 * {@code null}. 062 */ 063 public CIBAGrant(final AuthRequestID authRequestID) { 064 065 super(GRANT_TYPE); 066 067 if (authRequestID == null) 068 throw new IllegalArgumentException("The auth_req_id must not be null"); 069 070 this.authRequestID = authRequestID; 071 } 072 073 074 /** 075 * Returns the authentication request ID. 076 * 077 * @return The authentication request ID. 078 */ 079 public AuthRequestID getAuthRequestID() { 080 081 return authRequestID; 082 } 083 084 085 @Override 086 public Map<String, List<String>> toParameters() { 087 088 Map<String, List<String>> params = new LinkedHashMap<>(); 089 params.put("grant_type", Collections.singletonList(GRANT_TYPE.getValue())); 090 params.put("auth_req_id", Collections.singletonList(authRequestID.getValue())); 091 return params; 092 } 093 094 095 @Override 096 public boolean equals(Object o) { 097 if (this == o) 098 return true; 099 if (!(o instanceof CIBAGrant)) 100 return false; 101 CIBAGrant cibaGrant = (CIBAGrant) o; 102 return getAuthRequestID().equals(cibaGrant.getAuthRequestID()); 103 } 104 105 106 @Override 107 public int hashCode() { 108 return Objects.hash(getAuthRequestID()); 109 } 110 111 112 /** 113 * Parses a CIBA grant from the specified request body parameters. 114 * 115 * <p>Example: 116 * 117 * <pre> 118 * scope=openid%20email%20example-scope& 119 * client_notification_token=8d67dc78-7faa-4d41-aabd-67707b374255& 120 * binding_message=W4SCT& 121 * login_hint_token=eyJraWQiOiJsdGFjZXNidyIsImFsZyI6IkVTMjU2In0.eyJ 122 * zdWJfaWQiOnsic3ViamVjdF90eXBlIjoicGhvbmUiLCJwaG9uZSI6IisxMzMwMjg 123 * xODAwNCJ9fQ.Kk8jcUbHjJAQkRSHyDuFQr3NMEOSJEZc85VfER74tX6J9CuUllr8 124 * 9WKUHUR7MA0-mWlptMRRhdgW1ZDt7g1uwQ& 125 * client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3A& 126 * client-assertion-type%3Ajwt-bearer& 127 * client_assertion=eyJraWQiOiJsdGFjZXNidyIsImFsZyI6IkVTMjU2In0.eyJ 128 * pc3MiOiJzNkJoZFJrcXQzIiwic3ViIjoiczZCaGRSa3F0MyIsImF1ZCI6Imh0dHB 129 * zOi8vc2VydmVyLmV4YW1wbGUuY29tIiwianRpIjoiYmRjLVhzX3NmLTNZTW80RlN 130 * 6SUoyUSIsImlhdCI6MTUzNzgxOTQ4NiwiZXhwIjoxNTM3ODE5Nzc3fQ.Ybr8mg_3 131 * E2OptOSsA8rnelYO_y1L-yFaF_j1iemM3ntB61_GN3APe5cl_-5a6cvGlP154XAK 132 * 7fL-GaZSdnd9kg 133 * </pre> 134 * 135 * @param params The parameters. 136 * 137 * @return The CIBA grant. 138 * 139 * @throws ParseException If parsing failed. 140 */ 141 public static CIBAGrant parse(final Map<String, List<String>> params) throws ParseException { 142 143 GrantType.ensure(GRANT_TYPE, params); 144 145 String authReqIDString = MultivaluedMapUtils.getFirstValue(params, "auth_req_id"); 146 147 if (authReqIDString == null || authReqIDString.trim().isEmpty()) { 148 String msg = "Missing or empty auth_req_id parameter"; 149 throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg)); 150 } 151 152 AuthRequestID authRequestID = AuthRequestID.parse(authReqIDString); 153 154 return new CIBAGrant(authRequestID); 155 } 156}