001package com.nimbusds.openid.connect.provider.spi.grants; 002 003 004import java.util.*; 005 006import net.jcip.annotations.Immutable; 007 008import net.minidev.json.JSONObject; 009 010import org.apache.commons.collections4.CollectionUtils; 011 012import com.nimbusds.oauth2.sdk.ParseException; 013import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 014 015 016/** 017 * Basic OpenID Connect claims specification. 018 */ 019@Immutable 020public class BasicClaimsSpec { 021 022 023 /** 024 * The names of the authorised OpenID Connect claims, {@code null} if 025 * none. 026 */ 027 private final Set<String> names; 028 029 030 /** 031 * Additional or preset OpenID Connect claims to be included in the 032 * ID token and UserInfo response. 033 */ 034 private final PresetClaims presetClaims; 035 036 037 /** 038 * Creates a new default basic OpenID Connect claims specification 039 * (empty). 040 */ 041 public BasicClaimsSpec() { 042 043 this(null, null, null); 044 } 045 046 047 /** 048 * Creates a new basic OpenID Connect claims specification. 049 * 050 * @param names The names of the authorised OpenID Connect claims, 051 * {@code null} if none. 052 */ 053 public BasicClaimsSpec(final Set<String> names) { 054 055 this(names, null, null); 056 } 057 058 059 /** 060 * Creates a new basic OpenID Connect claims specification. 061 * 062 * @param names The names of the authorised OpenID 063 * Connect claims, empty set or 064 * {@code null} if none. 065 * @param presetIDTokenClaims Additional preset claims to be included 066 * in the ID token, {@code null} if none. 067 * @param presetUserInfoClaims Additional preset claims to be included 068 * in the UserInfo response, {@code null} 069 * if none. 070 */ 071 public BasicClaimsSpec(final Set<String> names, 072 final JSONObject presetIDTokenClaims, 073 final JSONObject presetUserInfoClaims) { 074 075 this(names, new PresetClaims(presetIDTokenClaims, presetUserInfoClaims)); 076 } 077 078 079 /** 080 * Creates a new basic OpenID Connect claims specification. 081 * 082 * @param names The names of the authorised OpenID Connect 083 * claims, empty set or {@code null} if none. 084 * @param presetClaims The additional or preset claims to be included 085 * in the ID token and UserInfo response, 086 * {@code null} if none. 087 */ 088 public BasicClaimsSpec(final Set<String> names, 089 final PresetClaims presetClaims) { 090 091 if (CollectionUtils.isNotEmpty(names)) { 092 this.names = names; 093 } else { 094 this.names = Collections.emptySet(); 095 } 096 097 if (presetClaims == null) { 098 this.presetClaims = new PresetClaims(); 099 } else { 100 this.presetClaims = presetClaims; 101 } 102 } 103 104 105 /** 106 * Returns the authorised OpenID Connect claims. 107 * 108 * @return The names of the authorised OpenID Connect claims, empty set 109 * if none. 110 */ 111 public Set<String> getNames() { 112 113 return names; 114 } 115 116 117 /** 118 * The additional or preset claims to be included in the ID token and 119 * UserInfo response. 120 * 121 * @return The additional or preset claims. 122 */ 123 public PresetClaims getPresetClaims() { 124 125 return presetClaims; 126 } 127 128 129 /** 130 * Returns the additional preset claims to be included in the ID token. 131 * 132 * @return The additional preset claims to be included in the ID token, 133 * {@code null} if none. 134 */ 135 public JSONObject getPresetIDTokenClaims() { 136 137 return presetClaims.getPresetIDTokenClaims(); 138 } 139 140 141 /** 142 * Returns the additional preset claims to be included in the UserInfo 143 * response. 144 * 145 * @return The additional or preset claims to be included in the 146 * UserInfo response, {@code null} if none. 147 */ 148 public JSONObject getPresetUserInfoClaims() { 149 150 return presetClaims.getPresetUserInfoClaims(); 151 } 152 153 154 /** 155 * Returns a JSON object representation of this basic claims 156 * specification. 157 * 158 * @return The JSON object. 159 */ 160 public JSONObject toJSONObject() { 161 162 JSONObject o = new JSONObject(); 163 164 if (CollectionUtils.isNotEmpty(names)) { 165 o.put("claims", new ArrayList<>(names)); 166 } 167 168 if (! presetClaims.isEmpty()) { 169 o.put("preset_claims", presetClaims.toJSONObject()); 170 } 171 172 return o; 173 } 174 175 176 /** 177 * Parses a basic OpenID Connect claims specification from the 178 * specified JSON object. 179 * 180 * @param o The JSON object. Must not be {@code null}. 181 * 182 * @return The basic OpenID Connect claims specification. 183 * 184 * @throws ParseException If parsing failed. 185 */ 186 public static BasicClaimsSpec parse(final JSONObject o) 187 throws ParseException { 188 189 Set<String> claims = null; 190 191 if (o.containsKey("claims")) { 192 claims = new HashSet<>(Arrays.asList(JSONObjectUtils.getStringArray(o, "claims"))); 193 } 194 195 PresetClaims presetClaims = null; 196 197 if (o.containsKey("preset_claims")) { 198 presetClaims = PresetClaims.parse(JSONObjectUtils.getJSONObject(o, "preset_claims")); 199 } 200 201 return new BasicClaimsSpec(claims, presetClaims); 202 } 203}