001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jwt; 019 020 021import java.text.ParseException; 022import java.util.Map; 023 024import net.jcip.annotations.ThreadSafe; 025 026import com.nimbusds.jose.JOSEObject; 027import com.nimbusds.jose.Payload; 028import com.nimbusds.jose.PlainHeader; 029import com.nimbusds.jose.PlainObject; 030import com.nimbusds.jose.util.Base64URL; 031 032 033/** 034 * Unsecured (plain) JSON Web Token (JWT). 035 * 036 * @author Vladimir Dzhuvinov 037 * @version 2015-08-19 038 */ 039@ThreadSafe 040public class PlainJWT extends PlainObject implements JWT { 041 042 043 private static final long serialVersionUID = 1L; 044 045 /** 046 * The JWT claims set. 047 */ 048 private JWTClaimsSet claimsSet; 049 050 051 /** 052 * Creates a new unsecured (plain) JSON Web Token (JWT) with a default 053 * {@link com.nimbusds.jose.PlainHeader} and the specified claims 054 * set. 055 * 056 * @param claimsSet The JWT claims set. Must not be {@code null}. 057 */ 058 public PlainJWT(final JWTClaimsSet claimsSet) { 059 060 super(new Payload(claimsSet.toJSONObject())); 061 this.claimsSet = claimsSet; 062 } 063 064 065 /** 066 * Creates a new unsecured (plain) JSON Web Token (JWT) with the 067 * specified header and claims set. 068 * 069 * @param header The unsecured header. Must not be {@code null}. 070 * @param claimsSet The JWT claims set. Must not be {@code null}. 071 */ 072 public PlainJWT(final PlainHeader header, final JWTClaimsSet claimsSet) { 073 074 super(header, new Payload(claimsSet.toJSONObject())); 075 this.claimsSet = claimsSet; 076 } 077 078 079 /** 080 * Creates a new unsecured (plain) JSON Web Token (JWT) with the 081 * specified Base64URL-encoded parts. 082 * 083 * @param firstPart The first part, corresponding to the unsecured 084 * header. Must not be {@code null}. 085 * @param secondPart The second part, corresponding to the claims set 086 * (payload). Must not be {@code null}. 087 * 088 * @throws ParseException If parsing of the serialised parts failed. 089 */ 090 public PlainJWT(final Base64URL firstPart, final Base64URL secondPart) 091 throws ParseException { 092 093 super(firstPart, secondPart); 094 } 095 096 097 @Override 098 public JWTClaimsSet getJWTClaimsSet() 099 throws ParseException { 100 101 if (claimsSet != null) { 102 103 return claimsSet; 104 } 105 106 Map<String, Object> json = getPayload().toJSONObject(); 107 108 if (json == null) { 109 110 throw new ParseException("Payload of unsecured JOSE object is not a valid JSON object", 0); 111 } 112 113 claimsSet = JWTClaimsSet.parse(json); 114 return claimsSet; 115 } 116 117 118 @Override 119 protected void setPayload(Payload payload) { 120 121 // setPayload() changes the result of getJWTClaimsSet(). 122 // set claimsSet = null and reparse payload again when called getJWTClaimsSet(). 123 claimsSet = null; 124 super.setPayload(payload); 125 } 126 127 /** 128 * Parses an unsecured (plain) JSON Web Token (JWT) from the specified 129 * string in compact format. 130 * 131 * @param s The string to parse. Must not be {@code null}. 132 * 133 * @return The unsecured JWT. 134 * 135 * @throws ParseException If the string couldn't be parsed to a valid 136 * unsecured JWT. 137 */ 138 public static PlainJWT parse(final String s) 139 throws ParseException { 140 141 Base64URL[] parts = JOSEObject.split(s); 142 143 if (! parts[2].toString().isEmpty()) { 144 145 throw new ParseException("Unexpected third Base64URL part in the unsecured JWT object", 0); 146 } 147 148 return new PlainJWT(parts[0], parts[1]); 149 } 150}