Source code

001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2016, Connect2id Ltd.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jwt;
019
020
021import com.nimbusds.jose.JOSEObject;
022import com.nimbusds.jose.JWEHeader;
023import com.nimbusds.jose.JWEObject;
024import com.nimbusds.jose.Payload;
025import com.nimbusds.jose.util.Base64URL;
026import net.jcip.annotations.ThreadSafe;
027
028import java.text.ParseException;
029import java.util.Map;
030
031
032/**
033 * Encrypted JSON Web Token (JWT). This class is thread-safe.
034 *
035 * @author Vladimir Dzhuvinov
036 * @version 2024-06-06
037 */
038@ThreadSafe
039public class EncryptedJWT extends JWEObject implements JWT {
040
041
042        private static final long serialVersionUID = 1L;
043
044        /**
045         * The JWT claims set.
046         */
047        private JWTClaimsSet claimsSet;
048
049
050        /**
051         * Creates a new to-be-encrypted JSON Web Token (JWT) with the specified
052         * header and claims set. The initial state will be 
053         * {@link com.nimbusds.jose.JWEObject.State#UNENCRYPTED unencrypted}.
054         *
055         * @param header    The JWE header. Must not be {@code null}.
056         * @param claimsSet The JWT claims set. Must not be {@code null}.
057         */
058        public EncryptedJWT(final JWEHeader header, final JWTClaimsSet claimsSet) {
059
060                super(header, claimsSet.toPayload());
061                this.claimsSet = claimsSet;
062        }
063
064
065        /**
066         * Creates a new encrypted JSON Web Token (JWT) with the specified 
067         * serialised parts. The state will be 
068         * {@link com.nimbusds.jose.JWEObject.State#ENCRYPTED encrypted}.
069         *
070         * @param firstPart  The first part, corresponding to the JWE header. 
071         *                   Must not be {@code null}.
072         * @param secondPart The second part, corresponding to the encrypted 
073         *                   key. Empty or {@code null} if none.
074         * @param thirdPart  The third part, corresponding to the initialisation
075         *                   vectory. Empty or {@code null} if none.
076         * @param fourthPart The fourth part, corresponding to the cipher text.
077         *                   Must not be {@code null}.
078         * @param fifthPart  The fifth part, corresponding to the integrity
079         *                   value. Empty of {@code null} if none.
080         *
081         * @throws ParseException If parsing of the serialised parts failed.
082         */
083        public EncryptedJWT(final Base64URL firstPart, 
084                            final Base64URL secondPart, 
085                            final Base64URL thirdPart,
086                            final Base64URL fourthPart,
087                            final Base64URL fifthPart)
088                throws ParseException {
089
090                super(firstPart, secondPart, thirdPart, fourthPart, fifthPart);
091        }
092
093
094        @Override
095        public JWTClaimsSet getJWTClaimsSet()
096                throws ParseException {
097
098                if (claimsSet != null) {
099                        return claimsSet;
100                }
101
102                Payload payload = getPayload();
103
104                if (payload == null) {
105                        return null;
106                }
107
108                Map<String, Object> json = payload.toJSONObject();
109
110                if (json == null) {
111                        throw new ParseException("Payload of JWE object is not a valid JSON object", 0);
112                }
113
114                claimsSet = JWTClaimsSet.parse(json);
115                return claimsSet;
116        }
117
118        
119        @Override
120        protected void setPayload(Payload payload) {
121
122                // setPayload() changes the result of getJWTClaimsSet().
123                // set claimsSet = null and reparse payload again when called getJWTClaimsSet().
124                claimsSet = null;
125                super.setPayload(payload);
126        }
127
128        
129        /**
130         * Parses an encrypted JSON Web Token (JWT) from the specified string in
131         * compact format. 
132         *
133         * @param s The string to parse. Must not be {@code null}.
134         *
135         * @return The encrypted JWT.
136         *
137         * @throws ParseException If the string couldn't be parsed to a valid 
138         *                        encrypted JWT.
139         */
140        public static EncryptedJWT parse(final String s)
141                throws ParseException {
142
143                Base64URL[] parts = JOSEObject.split(s);
144
145                if (parts.length != 5) {
146                        throw new ParseException("Unexpected number of Base64URL parts, must be five", 0);
147                }
148
149                return new EncryptedJWT(parts[0], parts[1], parts[2], parts[3], parts[4]);
150        }
151}