001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.openid.connect.sdk.assurance; 019 020 021import java.util.Collections; 022import java.util.LinkedList; 023import java.util.List; 024 025import net.jcip.annotations.Immutable; 026import net.minidev.json.JSONArray; 027import net.minidev.json.JSONAware; 028import net.minidev.json.JSONObject; 029 030import com.nimbusds.oauth2.sdk.ParseException; 031import com.nimbusds.oauth2.sdk.util.JSONArrayUtils; 032import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 033import com.nimbusds.oauth2.sdk.util.date.DateWithTimeZoneOffset; 034import com.nimbusds.openid.connect.sdk.assurance.evidences.IdentityEvidence; 035 036 037/** 038 * Identity verification. 039 * 040 * <p>Related specifications: 041 * 042 * <ul> 043 * <li>OpenID Connect for Identity Assurance 1.0, section 4.1. 044 * </ul> 045 */ 046@Immutable 047public final class IdentityVerification implements JSONAware { 048 049 050 /** 051 * The trust framework. 052 */ 053 private final IdentityTrustFramework trustFramework; 054 055 056 /** 057 * The verification timestamp if required by the trust framework. 058 */ 059 private final DateWithTimeZoneOffset time; 060 061 062 /** 063 * The verification process reference if required by the trust 064 * framework. 065 */ 066 private final VerificationProcess verificationProcess; 067 068 069 /** 070 * The identity evidences. 071 */ 072 private final List<IdentityEvidence> evidence; 073 074 075 /** 076 * Creates a new identity verification with a single evidence. 077 * 078 * @param trustFramework The trust framework. Must not be 079 * {@code null}. 080 * @param time The verification timestamp if required by 081 * the trust framework, {@code null} if not 082 * required. 083 * @param verificationProcess The verification process reference if 084 * required by the trust framework, 085 * {@code null} if not required. 086 * @param evidence The identity evidence, {@code null} if 087 * not specified. 088 */ 089 public IdentityVerification(final IdentityTrustFramework trustFramework, 090 final DateWithTimeZoneOffset time, 091 final VerificationProcess verificationProcess, 092 final IdentityEvidence evidence) { 093 094 this(trustFramework, time, verificationProcess, Collections.singletonList(evidence)); 095 } 096 097 098 /** 099 * Creates a new identity verification 100 * 101 * @param trustFramework The trust framework. Must not be 102 * {@code null}. 103 * @param time The verification timestamp if required by 104 * the trust framework, {@code null} if not 105 * required. 106 * @param verificationProcess The verification process reference if 107 * required by the trust framework, 108 * {@code null} if not required. 109 * @param evidence The identity evidences, {@code null} if 110 * not specified. 111 */ 112 public IdentityVerification(final IdentityTrustFramework trustFramework, 113 final DateWithTimeZoneOffset time, 114 final VerificationProcess verificationProcess, 115 final List<IdentityEvidence> evidence) { 116 117 if (trustFramework == null) { 118 throw new IllegalArgumentException("The trust framework must not be null"); 119 } 120 this.trustFramework = trustFramework; 121 122 this.time = time; 123 this.verificationProcess = verificationProcess; 124 this.evidence = evidence; 125 } 126 127 128 /** 129 * Returns the trust framework. 130 * 131 * @return The trust framework. 132 */ 133 public IdentityTrustFramework getTrustFramework() { 134 return trustFramework; 135 } 136 137 138 /** 139 * Returns the verification timestamp. 140 * 141 * @return The verification timestamp if required by the trust 142 * framework, {@code null} if not specified. 143 */ 144 public DateWithTimeZoneOffset getVerificationTime() { 145 return time; 146 } 147 148 149 /** 150 * Returns the verification process reference. 151 * 152 * @return The verification process reference if required by the trust 153 * framework, {@code null} if not specified. 154 */ 155 public VerificationProcess getVerificationProcess() { 156 return verificationProcess; 157 } 158 159 160 /** 161 * Returns the identity evidence. 162 * 163 * @return The identity evidence, {@code null} or empty if not 164 * specified. 165 */ 166 public List<IdentityEvidence> getEvidence() { 167 return evidence; 168 } 169 170 171 /** 172 * Returns a JSON object representation of this identity verification. 173 * 174 * @return The JSON object. 175 */ 176 public JSONObject toJSONObject() { 177 178 JSONObject o = new JSONObject(); 179 o.put("trust_framework", getTrustFramework().getValue()); 180 181 if (getVerificationTime() != null) { 182 o.put("time", getVerificationTime().toISO8601String()); 183 } 184 185 if (getVerificationProcess() != null) { 186 o.put("verification_process", getVerificationProcess().getValue()); 187 } 188 189 if (getEvidence() != null) { 190 JSONArray evidenceArray = new JSONArray(); 191 for (IdentityEvidence ev : getEvidence()) { 192 if (ev != null) { 193 evidenceArray.add(ev.toJSONObject()); 194 } 195 } 196 if (! evidenceArray.isEmpty()) { 197 o.put("evidence", evidenceArray); 198 } 199 } 200 201 return o; 202 } 203 204 205 @Override 206 public String toJSONString() { 207 208 return toJSONObject().toJSONString(); 209 } 210 211 212 /** 213 * Parses an identity verification from the specified JSON object. 214 * 215 * @param jsonObject The JSON object. Must not be {@code null}. 216 * 217 * @return The identity verification. 218 * 219 * @throws ParseException If parsing failed. 220 */ 221 public static IdentityVerification parse(final JSONObject jsonObject) 222 throws ParseException { 223 224 IdentityTrustFramework trustFramework = new IdentityTrustFramework(JSONObjectUtils.getString(jsonObject, "trust_framework")); 225 226 DateWithTimeZoneOffset time = null; 227 if (jsonObject.get("time") != null) { 228 time = DateWithTimeZoneOffset.parseISO8601String(JSONObjectUtils.getString(jsonObject, "time")); 229 } 230 231 VerificationProcess verificationProcess = null; 232 if (jsonObject.get("verification_process") != null) { 233 verificationProcess = new VerificationProcess(JSONObjectUtils.getString(jsonObject, "verification_process")); 234 } 235 236 List<IdentityEvidence> evidence = null; 237 if (jsonObject.get("evidence") != null) { 238 evidence = new LinkedList<>(); 239 JSONArray jsonArray = JSONObjectUtils.getJSONArray(jsonObject, "evidence"); 240 for (JSONObject item : JSONArrayUtils.toJSONObjectList(jsonArray)) { 241 evidence.add(IdentityEvidence.parse(item)); 242 } 243 } 244 245 return new IdentityVerification(trustFramework, time, verificationProcess, evidence); 246 } 247}