001package com.nimbusds.openid.connect.sdk.rp; 002 003 004import java.net.URI; 005import java.net.URISyntaxException; 006 007import org.apache.commons.lang3.StringUtils; 008 009import net.minidev.json.JSONObject; 010 011import net.jcip.annotations.Immutable; 012 013import com.nimbusds.oauth2.sdk.ParseException; 014import com.nimbusds.oauth2.sdk.client.ClientRegistrationRequest; 015import com.nimbusds.oauth2.sdk.http.HTTPRequest; 016import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 017 018 019/** 020 * OpenID Connect client registration request. 021 * 022 * <p>Example HTTP request: 023 * 024 * <pre> 025 * POST /connect/register HTTP/1.1 026 * Content-Type: application/json 027 * Accept: application/json 028 * Host: server.example.com 029 * Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJ ... 030 * 031 * { 032 * "application_type" : "web", 033 * "redirect_uris" : [ "https://client.example.org/callback", 034 * "https://client.example.org/callback2" ], 035 * "client_name" : "My Example", 036 * "client_name#ja-Jpan-JP" : "クライアント名", 037 * "logo_uri" : "https://client.example.org/logo.png", 038 * "subject_type" : "pairwise", 039 * "sector_identifier_uri" : "https://other.example.net/file_of_redirect_uris.json", 040 * "token_endpoint_auth_method" : "client_secret_basic", 041 * "jwks_uri" : "https://client.example.org/my_public_keys.jwks", 042 * "userinfo_encrypted_response_alg" : "RSA1_5", 043 * "userinfo_encrypted_response_enc" : "A128CBC-HS256", 044 * "contacts" : [ "[email protected]", "[email protected]" ], 045 * "request_uris" : [ "https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA" ] 046 * } 047 * </pre> 048 * 049 * <p>Related specifications: 050 * 051 * <ul> 052 * <li>OpenID Connect Dynamic Client Registration 1.0, section 3.1. 053 * <li>OAuth 2.0 Dynamic Client Registration Protocol 054 * (draft-ietf-oauth-dyn-reg-14), section 3.1. 055 * </ul> 056 */ 057@Immutable 058public class OIDCClientRegistrationRequest extends ClientRegistrationRequest { 059 060 061 /** 062 * Creates a new OpenID Connect client registration request. 063 * 064 * @param uri The URI of the client registration endpoint. May 065 * be {@code null} if the {@link #toHTTPRequest()} 066 * method will not be used. 067 * @param metadata The OpenID Connect client metadata. Must not be 068 * {@code null} and must specify one or more 069 * redirection URIs. 070 * @param accessToken An OAuth 2.0 Bearer access token for the request, 071 * {@code null} if none. 072 */ 073 public OIDCClientRegistrationRequest(final URI uri, 074 final OIDCClientMetadata metadata, 075 final BearerAccessToken accessToken) { 076 077 super(uri, metadata, accessToken); 078 } 079 080 081 /** 082 * Gets the associated OpenID Connect client metadata. 083 * 084 * @return The OpenID Connect client metadata. 085 */ 086 public OIDCClientMetadata getOIDCClientMetadata() { 087 088 return (OIDCClientMetadata)getClientMetadata(); 089 } 090 091 092 /** 093 * Parses an OpenID Connect client registration request from the 094 * specified HTTP POST request. 095 * 096 * @param httpRequest The HTTP request. Must not be {@code null}. 097 * 098 * @return The OpenID Connect client registration request. 099 * 100 * @throws ParseException If the HTTP request couldn't be parsed to an 101 * OpenID Connect client registration request. 102 */ 103 public static OIDCClientRegistrationRequest parse(final HTTPRequest httpRequest) 104 throws ParseException { 105 106 httpRequest.ensureMethod(HTTPRequest.Method.POST); 107 108 // Parse the client metadata 109 JSONObject jsonObject = httpRequest.getQueryAsJSONObject(); 110 111 OIDCClientMetadata metadata = OIDCClientMetadata.parse(jsonObject); 112 113 // Parse the optional bearer access token 114 BearerAccessToken accessToken = null; 115 116 String authzHeaderValue = httpRequest.getAuthorization(); 117 118 if (StringUtils.isNotBlank(authzHeaderValue)) 119 accessToken = BearerAccessToken.parse(authzHeaderValue); 120 121 URI endpointURI; 122 123 try { 124 endpointURI = httpRequest.getURL().toURI(); 125 126 } catch (URISyntaxException e) { 127 128 throw new ParseException(e.getMessage(), e); 129 } 130 131 return new OIDCClientRegistrationRequest(endpointURI, metadata, accessToken); 132 } 133}