001package com.nimbusds.openid.connect.provider.spi.reg; 002 003 004import net.jcip.annotations.ThreadSafe; 005 006import com.nimbusds.oauth2.sdk.http.HTTPRequest; 007import com.nimbusds.openid.connect.provider.spi.Lifecycle; 008 009 010/** 011 * Service Provider Interface (SPI) for intercepting and optionally modifying 012 * HTTP requests at the client registration endpoint. The loaded and 013 * {@link #isEnabled() enabled} SPI implementation will be called when an HTTP 014 * request is received at the client registration endpoint. 015 * 016 * <p>An SPI implementation which requires a client X.509 certificate included 017 * in the HTTP request and successfully validated by the web server / TLS proxy 018 * can retrieve it using the {@link HTTPRequest#getClientX509Certificate()} and 019 * related methods. 020 * 021 * <p>Implementations must be thread-safe. 022 */ 023@ThreadSafe 024public interface RegistrationInterceptor extends Lifecycle { 025 026 027 /** 028 * Intercepts an HTTP POST request at the client registration endpoint. 029 * Passes the HTTP request unmodified by default. 030 * 031 * @param httpRequest The HTTP POST request. 032 * @param interceptorCtx The interceptor context. 033 * 034 * @return The HTTP POST request to pass on to the endpoint for further 035 * processing. 036 * 037 * @throws WrappedHTTPResponseException To return an HTTP (error) 038 * response immediately. 039 */ 040 default HTTPRequest interceptPostRequest(final HTTPRequest httpRequest, 041 final InterceptorContext interceptorCtx) 042 throws WrappedHTTPResponseException { 043 044 return httpRequest; 045 } 046 047 048 /** 049 * Intercepts an HTTP GET request at the client registration endpoint. 050 * Passes the HTTP request unmodified by default. 051 * 052 * @param httpRequest The HTTP GET request. 053 * @param interceptorCtx The interceptor context. 054 * 055 * @return The HTTP GET request to pass on to the endpoint for further 056 * processing. 057 * 058 * @throws WrappedHTTPResponseException To return an HTTP (error) 059 * response immediately. 060 */ 061 default HTTPRequest interceptGetRequest(final HTTPRequest httpRequest, 062 final InterceptorContext interceptorCtx) 063 throws WrappedHTTPResponseException { 064 065 return httpRequest; 066 } 067 068 069 /** 070 * Intercepts an HTTP PUT request at the client registration endpoint. 071 * Passes the HTTP request unmodified by default. 072 * 073 * @param httpRequest The HTTP PUT request. 074 * @param interceptorCtx The interceptor context. 075 * 076 * @return The HTTP PUT request to pass on to the endpoint for further 077 * processing. 078 * 079 * @throws WrappedHTTPResponseException To return an HTTP (error) 080 * response immediately. 081 */ 082 default HTTPRequest interceptPutRequest(final HTTPRequest httpRequest, 083 final InterceptorContext interceptorCtx) 084 throws WrappedHTTPResponseException { 085 086 return httpRequest; 087 } 088 089 090 /** 091 * Intercepts an HTTP DELETE request at the client registration 092 * endpoint. Passes the HTTP request unmodified by default. 093 * 094 * @param httpRequest The HTTP DELETE request. 095 * @param interceptorCtx The interceptor context. 096 * 097 * @return The HTTP DELETE request to pass on to the endpoint for 098 * further processing. 099 * 100 * @throws WrappedHTTPResponseException To return an HTTP (error) 101 * response immediately. 102 */ 103 default HTTPRequest interceptDeleteRequest(final HTTPRequest httpRequest, 104 final InterceptorContext interceptorCtx) 105 throws WrappedHTTPResponseException { 106 107 return httpRequest; 108 } 109}