001package com.nimbusds.openid.connect.sdk.id; 002 003 004import java.net.URL; 005 006import com.nimbusds.oauth2.sdk.id.Subject; 007 008 009/** 010 * Generator of pairwise subject identifiers. 011 * 012 * <p>Related specifications: 013 * 014 * <ul> 015 * <li>OpenID Connect Core 1.0, section 8.1. 016 * </ul> 017 */ 018public abstract class PairwiseSubjectIdentifierGenerator { 019 020 021 /** 022 * Generates a new pairwise subject identifier from the specified 023 * sector identifier URL and local subject. 024 * 025 * @param sectorURL The sector identifier URL. Its protocol must be 026 * "https", must include a host portion and must not 027 * be {@code null}. 028 * @param localSub The local subject identifier. Must not be 029 * {@code null}. 030 * 031 * @return The pairwise subject identifier. 032 */ 033 public Subject generate(final URL sectorURL, final Subject localSub) { 034 035 if (! sectorURL.getProtocol().equalsIgnoreCase("https")) 036 throw new IllegalArgumentException("The sector identifier URL protocol must be HTTPS"); 037 038 if (sectorURL.getHost() == null) 039 throw new IllegalArgumentException("The sector identifier URL must specify a host"); 040 041 return generate(sectorURL.getHost(), localSub); 042 } 043 044 045 /** 046 * Generates a new pairwise subject identifier from the specified 047 * sector identifier and local subject. 048 * 049 * @param sectorIdentifier The sector identifier. Must not be 050 * {@code null}. 051 * @param localSub The local subject identifier. Must not be 052 * {@code null}. 053 * 054 * @return The pairwise subject identifier. 055 */ 056 public abstract Subject generate(final String sectorIdentifier, final Subject localSub); 057}