001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2021, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.cnf; 019 020 021import java.util.Map; 022 023import net.minidev.json.JSONObject; 024 025import com.nimbusds.jwt.JWTClaimsSet; 026import com.nimbusds.oauth2.sdk.ParseException; 027import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 028 029 030/** 031 * Abstract confirmation. 032 */ 033public abstract class AbstractConfirmation { 034 035 036 037 /** 038 * Returns this confirmation as a JWT claim. 039 * 040 * <p>Example: 041 * 042 * <pre> 043 * "cnf" : { "x5t#S256" : "bwcK0esc3ACC3DB2Y5_lESsXE8o9ltc05O89jdN-dg2" } 044 * </pre> 045 * 046 * @return The JWT claim name / value. 047 */ 048 public abstract Map.Entry<String,JSONObject> toJWTClaim(); 049 050 051 052 /** 053 * Returns this X.509 certificate SHA-256 confirmation as a JSON 054 * object. 055 * 056 * <p>Example: 057 * 058 * <pre> 059 * { 060 * "cnf" : { "x5t#S256" : "bwcK0esc3ACC3DB2Y5_lESsXE8o9ltc05O89jdN-dg2" } 061 * } 062 * </pre> 063 * 064 * @return The JSON object. 065 */ 066 public JSONObject toJSONObject() { 067 068 JSONObject jsonObject = new JSONObject(); 069 Map.Entry<String, JSONObject> cnfClaim = toJWTClaim(); 070 jsonObject.put(cnfClaim.getKey(), cnfClaim.getValue()); 071 return jsonObject; 072 } 073 074 075 /** 076 * Merges this X.509 certificate SHA-256 confirmation into the 077 * specified JSON object. Any existing {@code cnf} JSON object values 078 * will be preserved. 079 * 080 * <p>Example: 081 * 082 * <pre> 083 * { 084 * "cnf" : { "x5t#S256" : "bwcK0esc3ACC3DB2Y5_lESsXE8o9ltc05O89jdN-dg2" } 085 * } 086 * </pre> 087 * 088 * @param jsonObject The JSON object. Must not be {@code null}. 089 */ 090 public void mergeInto(final JSONObject jsonObject) { 091 092 JSONObject cnf = new JSONObject(); 093 if (jsonObject.get("cnf") != null) { 094 try { 095 cnf = JSONObjectUtils.getJSONObject(jsonObject, "cnf"); 096 } catch (ParseException e) { 097 // ignore 098 } 099 } 100 Map.Entry<String, JSONObject> en = toJWTClaim(); 101 cnf.putAll(en.getValue()); 102 jsonObject.put("cnf", cnf); 103 } 104 105 106 /** 107 * Applies this confirmation to the specified JWT claims set. 108 * 109 * @param jwtClaimsSet The JWT claims set. 110 * 111 * @return The modified JWT claims set. 112 */ 113 public JWTClaimsSet applyTo(final JWTClaimsSet jwtClaimsSet) { 114 115 Map.Entry<String, JSONObject> cnfClaim = toJWTClaim(); 116 117 return new JWTClaimsSet.Builder(jwtClaimsSet) 118 .claim(cnfClaim.getKey(), cnfClaim.getValue()) 119 .build(); 120 } 121 122 123 @Override 124 public String toString() { 125 return toJSONObject().toJSONString(); 126 } 127 128 129 /** 130 * Parses a confirmation JSON object from the specified JWT claims set. 131 * 132 * @param jwtClaimsSet The JWT claims set. 133 * 134 * @return The confirmation JSON object, {@code null} if none. 135 */ 136 protected static JSONObject parseConfirmationJSONObject(final JWTClaimsSet jwtClaimsSet) { 137 138 Map<String, Object> jsonObjectClaim; 139 try { 140 jsonObjectClaim = jwtClaimsSet.getJSONObjectClaim("cnf"); 141 } catch (java.text.ParseException e) { 142 return null; 143 } 144 145 if (jsonObjectClaim == null) { 146 return null; 147 } 148 149 return new JSONObject(jsonObjectClaim); 150 } 151}