001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.openid.connect.sdk.federation.policy.operations; 019 020 021import java.util.*; 022 023import com.nimbusds.openid.connect.sdk.federation.policy.language.OperationName; 024import com.nimbusds.openid.connect.sdk.federation.policy.language.PolicyOperation; 025import com.nimbusds.openid.connect.sdk.federation.policy.language.PolicyViolationException; 026import com.nimbusds.openid.connect.sdk.federation.policy.language.StringListOperation; 027 028 029/** 030 * Subset-of (subset_of) operation. 031 * 032 * <p>Example policy: 033 * 034 * <pre> 035 * "response_types" : { "subset_of" : [ "code", "code token", "code id_token" ] } 036 * </pre> 037 * 038 * <p>Input: 039 * 040 * <pre> 041 * "response_types" : [ "code", "code id_token token", "code id_token" ] 042 * </pre> 043 * 044 * <p>Result: 045 * 046 * <pre> 047 * "response_types" : ["code", "code id_token"] 048 * </pre> 049 * 050 * <p>Related specifications: 051 * 052 * <ul> 053 * <li>OpenID Connect Federation 1.0, section 4.1.1. 054 * </ul> 055 */ 056public class SubsetOfOperation extends AbstractSetBasedOperation implements StringListOperation { 057 058 059 public static final OperationName NAME = new OperationName("subset_of"); 060 061 062 @Override 063 public OperationName getOperationName() { 064 return NAME; 065 } 066 067 068 @Override 069 public Map.Entry<String, Object> toJSONObjectEntry() { 070 if (configType == null) { 071 throw new IllegalStateException("The policy is not initialized"); 072 } 073 return new AbstractMap.SimpleImmutableEntry<>(getOperationName().getValue(), (Object) getStringListConfiguration()); 074 } 075 076 077 @Override 078 public PolicyOperation merge(final PolicyOperation other) throws PolicyViolationException { 079 080 SubsetOfOperation otherTyped = Utils.castForMerge(other, SubsetOfOperation.class); 081 082 // intersect 083 Set<String> combinedConfig = new LinkedHashSet<>(setConfig); 084 combinedConfig.retainAll(otherTyped.getStringListConfiguration()); 085 086 SubsetOfOperation mergedPolicy = new SubsetOfOperation(); 087 mergedPolicy.configure(new LinkedList<>(combinedConfig)); 088 return mergedPolicy; 089 } 090 091 092 @Override 093 public List<String> apply(final List<String> stringList) { 094 095 if (setConfig == null) { 096 throw new IllegalStateException("The policy is not initialized"); 097 } 098 099 if (stringList == null) { 100 // TODO check with spec https://bitbucket.org/openid/connect/issues/1156/federation-411-subset_of-edge-cases 101 return Collections.emptyList(); 102 } 103 104 Set<String> setValue = new LinkedHashSet<>(stringList); 105 setValue.retainAll(setConfig); 106 return Collections.unmodifiableList(new LinkedList<>(setValue)); 107 } 108}