001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2021, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.ciba; 019 020 021import java.net.URI; 022import java.net.URISyntaxException; 023 024import net.jcip.annotations.Immutable; 025import net.minidev.json.JSONObject; 026 027import com.nimbusds.common.contenttype.ContentType; 028import com.nimbusds.oauth2.sdk.ParseException; 029import com.nimbusds.oauth2.sdk.ProtectedResourceRequest; 030import com.nimbusds.oauth2.sdk.http.HTTPRequest; 031import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 032import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 033 034 035/** 036 * <p>CIBA ping callback to a client notification endpoint. 037 * 038 * <p>Example HTTP request: 039 * 040 * <pre> 041 * POST /cb HTTP/1.1 042 * Host: client.example.com 043 * Authorization: Bearer 8d67dc78-7faa-4d41-aabd-67707b374255 044 * Content-Type: application/json 045 * 046 * { 047 * "auth_req_id": "1c266114-a1be-4252-8ad1-04986c5b9ac1" 048 * } 049 * </pre> 050 * 051 * <p>Related specifications: 052 * 053 * <ul> 054 * <li>OpenID Connect CIBA Flow - Core 1.0, section 10.2 055 * </ul> 056 */ 057@Immutable 058public class CIBAPingCallback extends ProtectedResourceRequest { 059 060 061 /** 062 * The CIBA request ID. 063 */ 064 private final AuthRequestID authRequestID; 065 066 067 /** 068 * Creates a new CIBA ping callback. 069 * 070 * @param endpoint The client notification endpoint. Must not be 071 * {@code null}. 072 * @param accessToken The client notification token. Must not be 073 * {@code null}. 074 * @param authRequestID The CIBA request ID. Must not be {@code null}. 075 */ 076 public CIBAPingCallback(final URI endpoint, 077 final BearerAccessToken accessToken, 078 final AuthRequestID authRequestID) { 079 super(endpoint, accessToken); 080 081 if (authRequestID == null) { 082 throw new IllegalArgumentException("The auth_req_id must not be null"); 083 } 084 this.authRequestID = authRequestID; 085 } 086 087 088 /** 089 * Returns the CIBA request ID. 090 * 091 * @return The CIBA request ID. 092 */ 093 public AuthRequestID getAuthRequestID() { 094 return authRequestID; 095 } 096 097 098 @Override 099 public HTTPRequest toHTTPRequest() { 100 101 HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI()); 102 httpRequest.setFollowRedirects(false); 103 httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); 104 httpRequest.setEntityContentType(ContentType.APPLICATION_JSON); 105 JSONObject jsonObject = new JSONObject(); 106 jsonObject.put("auth_req_id", getAuthRequestID().getValue()); 107 httpRequest.setQuery(jsonObject.toJSONString()); 108 return httpRequest; 109 } 110 111 112 /** 113 * Parses a CIBA ping callback from the specified HTTP request. 114 * 115 * @param httpRequest The HTTP request. Must not be {@code null}. 116 * 117 * @return The CIBA ping callback. 118 * 119 * @throws ParseException If parsing failed. 120 */ 121 public static CIBAPingCallback parse(final HTTPRequest httpRequest) 122 throws ParseException { 123 124 URI uri; 125 try { 126 uri = httpRequest.getURL().toURI(); 127 } catch (URISyntaxException e) { 128 throw new ParseException(e.getMessage(), e); 129 } 130 131 httpRequest.ensureMethod(HTTPRequest.Method.POST); 132 httpRequest.ensureEntityContentType(ContentType.APPLICATION_JSON); 133 134 BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest); 135 136 AuthRequestID authRequestID = new AuthRequestID( 137 JSONObjectUtils.getString( 138 httpRequest.getQueryAsJSONObject(), 139 "auth_req_id") 140 ); 141 142 return new CIBAPingCallback(uri, accessToken, authRequestID); 143 } 144}