Source code

001package com.nimbusds.openid.connect.sdk.rp;
002
003
004import java.net.URI;
005import java.net.URISyntaxException;
006
007import org.apache.commons.lang3.StringUtils;
008
009import net.minidev.json.JSONObject;
010
011import net.jcip.annotations.Immutable;
012
013import com.nimbusds.oauth2.sdk.ParseException;
014import com.nimbusds.oauth2.sdk.client.ClientRegistrationRequest;
015import com.nimbusds.oauth2.sdk.http.HTTPRequest;
016import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
017
018
019/**
020 * OpenID Connect client registration request.
021 *
022 * <p>Example HTTP request:
023 *
024 * <pre>
025 * POST /connect/register HTTP/1.1
026 * Content-Type: application/json
027 * Accept: application/json
028 * Host: server.example.com
029 * Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ ...
030 *
031 * {
032 *  "application_type"                : "web",
033 *  "redirect_uris"                   : [ "https://client.example.org/callback",
034 *                                        "https://client.example.org/callback2" ],
035 *  "client_name"                     : "My Example",
036 *  "client_name#ja-Jpan-JP"          : "クライアント名",
037 *  "logo_uri"                        : "https://client.example.org/logo.png",
038 *  "subject_type"                    : "pairwise",
039 *  "sector_identifier_uri"           : "https://other.example.net/file_of_redirect_uris.json",
040 *  "token_endpoint_auth_method"      : "client_secret_basic",
041 *  "jwks_uri"                        : "https://client.example.org/my_public_keys.jwks",
042 *  "userinfo_encrypted_response_alg" : "RSA1_5",
043 *  "userinfo_encrypted_response_enc" : "A128CBC-HS256",
044 *  "contacts"                        : [ "[email protected]", "[email protected]" ],
045 *  "request_uris"                    : [ "https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA" ]
046 * }
047 * </pre>
048 *
049 * <p>Related specifications:
050 *
051 * <ul>
052 *     <li>OpenID Connect Dynamic Client Registration 1.0, section 3.1.
053 *     <li>OAuth 2.0 Dynamic Client Registration Protocol 
054 *         (draft-ietf-oauth-dyn-reg-14), section 3.1.
055 * </ul>
056 */
057@Immutable
058public class OIDCClientRegistrationRequest extends ClientRegistrationRequest {
059        
060        
061        /**
062         * Creates a new OpenID Connect client registration request.
063         *
064         * @param uri         The URI of the client registration endpoint. May 
065         *                    be {@code null} if the {@link #toHTTPRequest()}
066         *                    method will not be used.
067         * @param metadata    The OpenID Connect client metadata. Must not be 
068         *                    {@code null} and must specify one or more
069         *                    redirection URIs.
070         * @param accessToken An OAuth 2.0 Bearer access token for the request, 
071         *                    {@code null} if none.
072         */
073        public OIDCClientRegistrationRequest(final URI uri,
074                                             final OIDCClientMetadata metadata, 
075                                             final BearerAccessToken accessToken) {
076
077                super(uri, metadata, accessToken);
078        }
079        
080        
081        /**
082         * Gets the associated OpenID Connect client metadata.
083         *
084         * @return The OpenID Connect client metadata.
085         */
086        public OIDCClientMetadata getOIDCClientMetadata() {
087                
088                return (OIDCClientMetadata)getClientMetadata();
089        }
090        
091        
092        /**
093         * Parses an OpenID Connect client registration request from the 
094         * specified HTTP POST request.
095         *
096         * @param httpRequest The HTTP request. Must not be {@code null}.
097         *
098         * @return The OpenID Connect client registration request.
099         *
100         * @throws ParseException If the HTTP request couldn't be parsed to an 
101         *                        OpenID Connect client registration request.
102         */
103        public static OIDCClientRegistrationRequest parse(final HTTPRequest httpRequest)
104                throws ParseException {
105
106                httpRequest.ensureMethod(HTTPRequest.Method.POST);
107
108                // Parse the client metadata
109                JSONObject jsonObject = httpRequest.getQueryAsJSONObject();
110
111                OIDCClientMetadata metadata = OIDCClientMetadata.parse(jsonObject);
112
113                // Parse the optional bearer access token
114                BearerAccessToken accessToken = null;
115                
116                String authzHeaderValue = httpRequest.getAuthorization();
117                
118                if (StringUtils.isNotBlank(authzHeaderValue))
119                        accessToken = BearerAccessToken.parse(authzHeaderValue);
120
121                URI endpointURI;
122
123                try {
124                        endpointURI = httpRequest.getURL().toURI();
125
126                } catch (URISyntaxException e) {
127
128                        throw new ParseException(e.getMessage(), e);
129                }
130                
131                return new OIDCClientRegistrationRequest(endpointURI, metadata, accessToken);
132        }
133}