001package com.nimbusds.openid.connect.sdk; 002 003 004import java.net.URL; 005 006import net.jcip.annotations.Immutable; 007 008import com.nimbusds.oauth2.sdk.ParseException; 009import com.nimbusds.oauth2.sdk.ProtectedResourceRequest; 010import com.nimbusds.oauth2.sdk.SerializeException; 011import com.nimbusds.oauth2.sdk.http.CommonContentTypes; 012import com.nimbusds.oauth2.sdk.http.HTTPRequest; 013import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 014 015 016/** 017 * UserInfo request. Used to retrieve the consented claims about the end-user. 018 * 019 * <p>Example HTTP GET request: 020 * 021 * <pre> 022 * GET /userinfo HTTP/1.1 023 * Host: server.example.com 024 * Authorization: Bearer SlAV32hkKG 025 * </pre> 026 * 027 * <p>Related specifications: 028 * 029 * <ul> 030 * <li>OpenID Connect Core 1.0, section 5.3.1. 031 * <li>OAuth 2.0 Bearer Token Usage (RFC6750), section 2. 032 * </ul> 033 */ 034@Immutable 035public class UserInfoRequest extends ProtectedResourceRequest { 036 037 038 /** 039 * The HTTP method. 040 */ 041 private final HTTPRequest.Method httpMethod; 042 043 044 /** 045 * Creates a new UserInfo HTTP GET request. 046 * 047 * @param uri The URI of the UserInfo endpoint. May be 048 * {@code null} if the {@link #toHTTPRequest} method 049 * will not be used. 050 * @param accessToken An OAuth 2.0 Bearer access token for the request. 051 * Must not be {@code null}. 052 */ 053 public UserInfoRequest(final URL uri, final BearerAccessToken accessToken) { 054 055 this(uri, HTTPRequest.Method.GET, accessToken); 056 } 057 058 059 /** 060 * Creates a new UserInfo request. 061 * 062 * @param uri The URI of the UserInfo endpoint. May be 063 * {@code null} if the {@link #toHTTPRequest} method 064 * will not be used. 065 * @param httpMethod The HTTP method. Must be HTTP GET or POST and not 066 * {@code null}. 067 * @param accessToken An OAuth 2.0 Bearer access token for the request. 068 * Must not be {@code null}. 069 */ 070 public UserInfoRequest(final URL uri, final HTTPRequest.Method httpMethod, final BearerAccessToken accessToken) { 071 072 super(uri, accessToken); 073 074 if (httpMethod == null) 075 throw new IllegalArgumentException("The HTTP method must not be null"); 076 077 this.httpMethod = httpMethod; 078 079 080 if (accessToken == null) 081 throw new IllegalArgumentException("The access token must not be null"); 082 } 083 084 085 /** 086 * Gets the HTTP method for this UserInfo request. 087 * 088 * @return The HTTP method. 089 */ 090 public HTTPRequest.Method getMethod() { 091 092 return httpMethod; 093 } 094 095 096 @Override 097 public HTTPRequest toHTTPRequest() 098 throws SerializeException { 099 100 if (getEndpointURI() == null) 101 throw new SerializeException("The endpoint URI is not specified"); 102 103 HTTPRequest httpRequest = new HTTPRequest(httpMethod, getEndpointURI()); 104 105 switch (httpMethod) { 106 107 case GET: 108 httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); 109 break; 110 111 case POST: 112 httpRequest.setContentType(CommonContentTypes.APPLICATION_URLENCODED); 113 httpRequest.setQuery("access_token=" + getAccessToken().getValue()); 114 break; 115 116 default: 117 throw new SerializeException("Unexpected HTTP method: " + httpMethod); 118 } 119 120 return httpRequest; 121 } 122 123 124 /** 125 * Parses the specified HTTP request for a UserInfo request. 126 * 127 * @param httpRequest The HTTP request. Must not be {@code null}. 128 * 129 * @return The UserInfo request. 130 * 131 * @throws ParseException If the HTTP request couldn't be parsed to a 132 * UserInfo request. 133 */ 134 public static UserInfoRequest parse(final HTTPRequest httpRequest) 135 throws ParseException { 136 137 HTTPRequest.Method httpMethod = httpRequest.getMethod(); 138 139 BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest); 140 141 return new UserInfoRequest(httpRequest.getURL(), httpMethod, accessToken); 142 } 143}