Source code

001package com.nimbusds.openid.connect.sdk;
002
003
004import java.net.MalformedURLException;
005import java.net.URI;
006import java.net.URISyntaxException;
007import java.net.URL;
008
009import net.jcip.annotations.Immutable;
010
011import com.nimbusds.oauth2.sdk.ParseException;
012import com.nimbusds.oauth2.sdk.ProtectedResourceRequest;
013import com.nimbusds.oauth2.sdk.SerializeException;
014import com.nimbusds.oauth2.sdk.http.CommonContentTypes;
015import com.nimbusds.oauth2.sdk.http.HTTPRequest;
016import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
017
018
019/**
020 * UserInfo request. Used to retrieve the consented claims about the end-user.
021 *
022 * <p>Example HTTP GET request:
023 *
024 * <pre>
025 * GET /userinfo HTTP/1.1
026 * Host: server.example.com
027 * Authorization: Bearer SlAV32hkKG
028 * </pre>
029 *
030 * <p>Related specifications:
031 *
032 * <ul>
033 *     <li>OpenID Connect Core 1.0, section 5.3.1.
034 *     <li>OAuth 2.0 Bearer Token Usage (RFC6750), section 2.
035 * </ul>
036 */
037@Immutable
038public class UserInfoRequest extends ProtectedResourceRequest {
039
040
041        /**
042         * The HTTP method.
043         */
044        private final HTTPRequest.Method httpMethod;
045        
046        
047        /**
048         * Creates a new UserInfo HTTP GET request.
049         *
050         * @param uri         The URI of the UserInfo endpoint. May be
051         *                    {@code null} if the {@link #toHTTPRequest} method
052         *                    will not be used.
053         * @param accessToken An OAuth 2.0 Bearer access token for the request.
054         *                    Must not be {@code null}.
055         */
056        public UserInfoRequest(final URI uri, final BearerAccessToken accessToken) {
057        
058                this(uri, HTTPRequest.Method.GET, accessToken);
059        }
060        
061        
062        /**
063         * Creates a new UserInfo request.
064         *
065         * @param uri         The URI of the UserInfo endpoint. May be
066         *                    {@code null} if the {@link #toHTTPRequest} method
067         *                    will not be used.
068         * @param httpMethod  The HTTP method. Must be HTTP GET or POST and not 
069         *                    {@code null}.
070         * @param accessToken An OAuth 2.0 Bearer access token for the request.
071         *                    Must not be {@code null}.
072         */
073        public UserInfoRequest(final URI uri, final HTTPRequest.Method httpMethod, final BearerAccessToken accessToken) {
074        
075                super(uri, accessToken);
076                
077                if (httpMethod == null)
078                        throw new IllegalArgumentException("The HTTP method must not be null");
079                
080                this.httpMethod = httpMethod;
081                
082                
083                if (accessToken == null)
084                        throw new IllegalArgumentException("The access token must not be null");
085        }
086        
087        
088        /**
089         * Gets the HTTP method for this UserInfo request.
090         *
091         * @return The HTTP method.
092         */
093        public HTTPRequest.Method getMethod() {
094        
095                return httpMethod;
096        }
097        
098        
099        @Override
100        public HTTPRequest toHTTPRequest() {
101                
102                if (getEndpointURI() == null)
103                        throw new SerializeException("The endpoint URI is not specified");
104
105                URL endpointURL;
106
107                try {
108                        endpointURL = getEndpointURI().toURL();
109
110                } catch (MalformedURLException e) {
111
112                        throw new SerializeException(e.getMessage(), e);
113                }
114        
115                HTTPRequest httpRequest = new HTTPRequest(httpMethod, endpointURL);
116                
117                switch (httpMethod) {
118                
119                        case GET:
120                                httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader());
121                                break;
122                                
123                        case POST:
124                                httpRequest.setContentType(CommonContentTypes.APPLICATION_URLENCODED);
125                                httpRequest.setQuery("access_token=" + getAccessToken().getValue());
126                                break;
127                        
128                        default:
129                                throw new SerializeException("Unexpected HTTP method: " + httpMethod);
130                }
131                
132                return httpRequest;
133        }
134        
135        
136        /**
137         * Parses the specified HTTP request for a UserInfo request.
138         *
139         * @param httpRequest The HTTP request. Must not be {@code null}.
140         *
141         * @return The UserInfo request.
142         *
143         * @throws ParseException If the HTTP request couldn't be parsed to a 
144         *                        UserInfo request.
145         */
146        public static UserInfoRequest parse(final HTTPRequest httpRequest)
147                throws ParseException {
148                
149                HTTPRequest.Method httpMethod = httpRequest.getMethod();
150                
151                BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest);
152
153                URI endpointURI;
154
155                try {
156
157                        endpointURI = httpRequest.getURL().toURI();
158
159                } catch (URISyntaxException e) {
160
161                        throw new ParseException(e.getMessage(), e);
162                }
163        
164                return new UserInfoRequest(endpointURI, httpMethod, accessToken);
165        }
166}