Source code

001package com.nimbusds.openid.connect.provider.spi.grants;
002
003
004import java.util.List;
005
006import com.nimbusds.oauth2.sdk.ParseException;
007import com.nimbusds.oauth2.sdk.id.Audience;
008import com.nimbusds.oauth2.sdk.id.Subject;
009import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
010import net.jcip.annotations.Immutable;
011import net.minidev.json.JSONObject;
012
013
014/**
015 * Optional token specification.
016 */
017@Immutable
018public class OptionalTokenSpec extends TokenSpec {
019
020
021        /**
022         * Specifies if a token is to be issued. If {@code true} a token must
023         * be issued, {@code false} to prohibit issue.
024         */
025        private final boolean issue;
026
027
028        /**
029         * Creates a new optional token specification.
030         *
031         * @param issue               If {@code true} a token must be issued,
032         *                            {@code false} to prohibit issue.
033         * @param lifetime            The token lifetime, in seconds. For
034         *                            access tokens zero and negative means not
035         *                            specified (to let the Connect2id server
036         *                            apply the default configured access token
037         *                            lifetime). For refresh tokens zero means
038         *                            no lifetime limit and negative means not
039         *                            specified (to let the Connect2id server
040         *                            apply the default configured refresh
041         *                            token lifetime).
042         * @param audList             Explicit list of audiences for the token,
043         *                            {@code null} if not specified.
044         * @param impersonatedSubject The subject in impersonation and
045         *                            delegation cases, {@code null} if not
046         *                            applicable.
047         */
048        public OptionalTokenSpec(final boolean issue,
049                                 final long lifetime,
050                                 final List<Audience> audList,
051                                 final Subject impersonatedSubject) {
052
053                super(lifetime, audList, impersonatedSubject);
054
055                this.issue = issue;
056        }
057
058
059        /**
060         * Returns the token issue policy.
061         *
062         * @return {@code true} if a token must be issued, {@code false} to
063         *         prohibit issue.
064         */
065        public boolean issue() {
066
067                return issue;
068        }
069
070
071        @Override
072        public JSONObject toJSONObject() {
073
074                JSONObject o = super.toJSONObject();
075                o.put("issue", issue);
076                return o;
077        }
078
079
080        /**
081         * Parses an optional token specification from the specified JSON
082         * object.
083         *
084         * @param jsonObject The JSON object. Must not be {@code null}.
085         *
086         * @return The optional token specification.
087         *
088         * @throws ParseException If parsing failed.
089         */
090        public static OptionalTokenSpec parse(final JSONObject jsonObject)
091                throws ParseException {
092
093                TokenSpec tokenSpec = TokenSpec.parse(jsonObject);
094
095                boolean issue = false;
096
097                if (jsonObject.containsKey("issue")) {
098                        issue = JSONObjectUtils.getBoolean(jsonObject, "issue");
099                }
100
101                return new OptionalTokenSpec(issue, tokenSpec.getLifetime(), tokenSpec.getAudience(), tokenSpec.getImpersonatedSubject());
102        }
103}