001package com.nimbusds.openid.connect.sdk.claims; 002 003 004import net.jcip.annotations.Immutable; 005 006import com.nimbusds.jose.JWSAlgorithm; 007 008import com.nimbusds.oauth2.sdk.AuthorizationCode; 009import com.nimbusds.oauth2.sdk.ResponseType; 010 011 012/** 013 * Authorisation code hash ({@code c_hash}). 014 * 015 * <p>Related specifications: 016 * 017 * <ul> 018 * <li>OpenID Connect Core 1.0, section 3.3.2.11. 019 * </ul> 020 */ 021@Immutable 022public final class CodeHash extends HashClaim { 023 024 025 /** 026 * Checks if an authorisation code hash claim must be included in ID 027 * tokens for the specified response type. 028 * 029 * @param responseType The he OpenID Connect response type. Must not be 030 * {@code null}. 031 * 032 * @return {@code true} if the code hash is required, else 033 * {@code false}. 034 */ 035 public static boolean isRequiredInIDTokenClaims(final ResponseType responseType) { 036 037 // Only required in hybrid flow for 'code id_token' and 'code id_token token' 038 // Disregard authz / token endpoint! 039 if ( new ResponseType("code", "id_token").equals(responseType) || 040 new ResponseType("code", "id_token", "token").equals(responseType)) { 041 042 return true; 043 } 044 045 return false; 046 } 047 048 049 /** 050 * Creates a new authorisation code hash with the specified value. 051 * 052 * @param value The authorisation code hash value. Must not be 053 * {@code null}. 054 */ 055 public CodeHash(final String value) { 056 057 super(value); 058 } 059 060 061 /** 062 * Computes the hash for the specified authorisation code and reference 063 * JSON Web Signature (JWS) algorithm. 064 * 065 * @param code The authorisation code. Must not be {@code null}. 066 * @param alg The reference JWS algorithm. Must not be {@code null}. 067 * 068 * @return The authorisation code hash, or {@code null} if the JWS 069 * algorithm is not supported. 070 */ 071 public static CodeHash compute(final AuthorizationCode code, final JWSAlgorithm alg) { 072 073 String value = computeValue(code, alg); 074 075 if (value == null) 076 return null; 077 078 return new CodeHash(value); 079 } 080 081 082 @Override 083 public boolean equals(final Object object) { 084 085 return object instanceof CodeHash && 086 this.toString().equals(object.toString()); 087 } 088}