001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jwt; 019 020 021import java.text.ParseException; 022 023import net.jcip.annotations.ThreadSafe; 024 025import net.minidev.json.JSONObject; 026 027import com.nimbusds.jose.JOSEObject; 028import com.nimbusds.jose.JWEHeader; 029import com.nimbusds.jose.JWEObject; 030import com.nimbusds.jose.Payload; 031import com.nimbusds.jose.util.Base64URL; 032 033 034/** 035 * Encrypted JSON Web Token (JWT). This class is thread-safe. 036 * 037 * @author Vladimir Dzhuvinov 038 * @version 2015-08-19 039 */ 040@ThreadSafe 041public class EncryptedJWT extends JWEObject implements JWT { 042 043 044 private static final long serialVersionUID = 1L; 045 046 047 /** 048 * Creates a new to-be-encrypted JSON Web Token (JWT) with the specified 049 * header and claims set. The initial state will be 050 * {@link com.nimbusds.jose.JWEObject.State#UNENCRYPTED unencrypted}. 051 * 052 * @param header The JWE header. Must not be {@code null}. 053 * @param claimsSet The JWT claims set. Must not be {@code null}. 054 */ 055 public EncryptedJWT(final JWEHeader header, final JWTClaimsSet claimsSet) { 056 057 super(header, new Payload(claimsSet.toJSONObject())); 058 } 059 060 061 /** 062 * Creates a new encrypted JSON Web Token (JWT) with the specified 063 * serialised parts. The state will be 064 * {@link com.nimbusds.jose.JWEObject.State#ENCRYPTED encrypted}. 065 * 066 * @param firstPart The first part, corresponding to the JWE header. 067 * Must not be {@code null}. 068 * @param secondPart The second part, corresponding to the encrypted 069 * key. Empty or {@code null} if none. 070 * @param thirdPart The third part, corresponding to the initialisation 071 * vectory. Empty or {@code null} if none. 072 * @param fourthPart The fourth part, corresponding to the cipher text. 073 * Must not be {@code null}. 074 * @param fifthPart The fifth part, corresponding to the integrity 075 * value. Empty of {@code null} if none. 076 * 077 * @throws ParseException If parsing of the serialised parts failed. 078 */ 079 public EncryptedJWT(final Base64URL firstPart, 080 final Base64URL secondPart, 081 final Base64URL thirdPart, 082 final Base64URL fourthPart, 083 final Base64URL fifthPart) 084 throws ParseException { 085 086 super(firstPart, secondPart, thirdPart, fourthPart, fifthPart); 087 } 088 089 090 @Override 091 public JWTClaimsSet getJWTClaimsSet() 092 throws ParseException { 093 094 Payload payload = getPayload(); 095 096 if (payload == null) { 097 return null; 098 } 099 100 JSONObject json = payload.toJSONObject(); 101 102 if (json == null) { 103 throw new ParseException("Payload of JWE object is not a valid JSON object", 0); 104 } 105 106 return JWTClaimsSet.parse(json); 107 } 108 109 110 /** 111 * Parses an encrypted JSON Web Token (JWT) from the specified string in 112 * compact format. 113 * 114 * @param s The string to parse. Must not be {@code null}. 115 * 116 * @return The encrypted JWT. 117 * 118 * @throws ParseException If the string couldn't be parsed to a valid 119 * encrypted JWT. 120 */ 121 public static EncryptedJWT parse(final String s) 122 throws ParseException { 123 124 Base64URL[] parts = JOSEObject.split(s); 125 126 if (parts.length != 5) { 127 throw new ParseException("Unexpected number of Base64URL parts, must be five", 0); 128 } 129 130 return new EncryptedJWT(parts[0], parts[1], parts[2], parts[3], parts[4]); 131 } 132}