001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2021, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.ciba; 019 020 021import com.nimbusds.common.contenttype.ContentType; 022import com.nimbusds.oauth2.sdk.ParseException; 023import com.nimbusds.oauth2.sdk.ProtectedResourceRequest; 024import com.nimbusds.oauth2.sdk.http.HTTPRequest; 025import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 026import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 027import net.jcip.annotations.Immutable; 028import net.minidev.json.JSONObject; 029 030import java.net.URI; 031import java.util.Objects; 032 033 034/** 035 * <p>CIBA ping callback to a client notification endpoint. 036 * 037 * <p>Example HTTP request: 038 * 039 * <pre> 040 * POST /cb HTTP/1.1 041 * Host: client.example.com 042 * Authorization: Bearer 8d67dc78-7faa-4d41-aabd-67707b374255 043 * Content-Type: application/json 044 * 045 * { 046 * "auth_req_id": "1c266114-a1be-4252-8ad1-04986c5b9ac1" 047 * } 048 * </pre> 049 * 050 * <p>Related specifications: 051 * 052 * <ul> 053 * <li>OpenID Connect CIBA Flow - Core 1.0 054 * </ul> 055 */ 056@Immutable 057public class CIBAPingCallback extends ProtectedResourceRequest { 058 059 060 /** 061 * The CIBA request ID. 062 */ 063 private final AuthRequestID authRequestID; 064 065 066 /** 067 * Creates a new CIBA ping callback. 068 * 069 * @param endpoint The client notification endpoint. Must not be 070 * {@code null}. 071 * @param accessToken The client notification token. Must not be 072 * {@code null}. 073 * @param authRequestID The CIBA request ID. Must not be {@code null}. 074 */ 075 public CIBAPingCallback(final URI endpoint, 076 final BearerAccessToken accessToken, 077 final AuthRequestID authRequestID) { 078 super(endpoint, accessToken); 079 this.authRequestID = Objects.requireNonNull(authRequestID); 080 } 081 082 083 /** 084 * Returns the CIBA request ID. 085 * 086 * @return The CIBA request ID. 087 */ 088 public AuthRequestID getAuthRequestID() { 089 return authRequestID; 090 } 091 092 093 @Override 094 public HTTPRequest toHTTPRequest() { 095 096 HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.POST, getEndpointURI()); 097 httpRequest.setFollowRedirects(false); 098 httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); 099 httpRequest.setEntityContentType(ContentType.APPLICATION_JSON); 100 JSONObject jsonObject = new JSONObject(); 101 jsonObject.put("auth_req_id", getAuthRequestID().getValue()); 102 httpRequest.setBody(jsonObject.toJSONString()); 103 return httpRequest; 104 } 105 106 107 /** 108 * Parses a CIBA ping callback from the specified HTTP request. 109 * 110 * @param httpRequest The HTTP request. Must not be {@code null}. 111 * 112 * @return The CIBA ping callback. 113 * 114 * @throws ParseException If parsing failed. 115 */ 116 public static CIBAPingCallback parse(final HTTPRequest httpRequest) 117 throws ParseException { 118 119 URI uri = httpRequest.getURI(); 120 httpRequest.ensureMethod(HTTPRequest.Method.POST); 121 httpRequest.ensureEntityContentType(ContentType.APPLICATION_JSON); 122 123 BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest); 124 125 AuthRequestID authRequestID = new AuthRequestID( 126 JSONObjectUtils.getNonBlankString( 127 httpRequest.getBodyAsJSONObject(), 128 "auth_req_id") 129 ); 130 131 return new CIBAPingCallback(uri, accessToken, authRequestID); 132 } 133}