001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.token; 019 020 021import java.util.Collections; 022import java.util.HashMap; 023import java.util.Map; 024import java.util.Set; 025 026import net.minidev.json.JSONObject; 027 028import com.nimbusds.oauth2.sdk.ParseException; 029import com.nimbusds.openid.connect.sdk.token.OIDCTokens; 030 031 032/** 033 * Access and optional refresh token. 034 */ 035public class Tokens { 036 037 038 /** 039 * Access token. 040 */ 041 private final AccessToken accessToken; 042 043 044 /** 045 * Refresh token, {@code null} if not specified. 046 */ 047 private final RefreshToken refreshToken; 048 049 050 /** 051 * Optional token metadata, intended for server environments. 052 */ 053 054 private final Map<String,Object> metadata = new HashMap<>(); 055 056 057 /** 058 * Creates a new tokens instance. 059 * 060 * @param accessToken The access token. Must not be {@code null}. 061 * @param refreshToken The refresh token. If none {@code null}. 062 */ 063 public Tokens(final AccessToken accessToken, final RefreshToken refreshToken) { 064 065 if (accessToken == null) 066 throw new IllegalArgumentException("The access token must not be null"); 067 068 this.accessToken = accessToken; 069 070 this.refreshToken = refreshToken; 071 } 072 073 074 /** 075 * Returns the access token. 076 * 077 * @return The access token. 078 */ 079 public AccessToken getAccessToken() { 080 081 return accessToken; 082 } 083 084 085 /** 086 * Returns the access token as type bearer. 087 * 088 * @return The bearer access token, {@code null} if the type is 089 * different. 090 */ 091 public BearerAccessToken getBearerAccessToken() { 092 093 if (accessToken instanceof BearerAccessToken) { 094 return (BearerAccessToken) accessToken; 095 } 096 097 if (AccessTokenType.BEARER.equals(accessToken.getType())) { 098 // Create from AccessToken with Bearer access token type 099 return new BearerAccessToken(accessToken.getValue(), accessToken.getLifetime(), accessToken.getScope()); 100 } 101 102 return null; 103 } 104 105 106 /** 107 * Returns the access token as type DPoP. 108 * 109 * @return The DPoP access token, {@code null} if the type is 110 * different. 111 */ 112 public DPoPAccessToken getDPoPAccessToken() { 113 114 if (accessToken instanceof DPoPAccessToken) { 115 // Cast 116 return (DPoPAccessToken) accessToken; 117 } 118 119 if (AccessTokenType.DPOP.equals(accessToken.getType())) { 120 // Create from AccessToken with DPoP access token type 121 return new DPoPAccessToken(accessToken.getValue(), accessToken.getLifetime(), accessToken.getScope()); 122 } 123 124 return null; 125 } 126 127 128 /** 129 * Returns the optional refresh token. 130 * 131 * @return The refresh token, {@code null} if none. 132 */ 133 public RefreshToken getRefreshToken() { 134 135 return refreshToken; 136 } 137 138 139 /** 140 * Returns the token parameter names for the included tokens. 141 * 142 * @return The token parameter names. 143 */ 144 public Set<String> getParameterNames() { 145 146 // Get the std param names for the access + refresh token 147 Set<String> paramNames = accessToken.getParameterNames(); 148 149 if (refreshToken != null) 150 paramNames.addAll(refreshToken.getParameterNames()); 151 152 return Collections.unmodifiableSet(paramNames); 153 } 154 155 156 /** 157 * Returns the optional modifiable token metadata. Intended for server 158 * environments. 159 * 160 * @return The token metadata. 161 */ 162 public Map<String, Object> getMetadata() { 163 164 return metadata; 165 } 166 167 168 /** 169 * Returns the JSON object representation of this token pair. 170 * 171 * <p>Example JSON object: 172 * 173 * <pre> 174 * { 175 * "access_token" : "dZdt8BlltORMTz5U", 176 * "refresh_token" : "E87zjAoeNXaSoF1U" 177 * } 178 * </pre> 179 * 180 * @return The JSON object representation. 181 */ 182 public JSONObject toJSONObject() { 183 184 JSONObject o = accessToken.toJSONObject(); 185 186 if (refreshToken != null) 187 o.putAll(refreshToken.toJSONObject()); 188 189 return o; 190 } 191 192 193 /** 194 * Casts to OpenID Connect tokens. 195 * 196 * @return The OpenID Connect tokens (including an ID token). 197 */ 198 public OIDCTokens toOIDCTokens() { 199 200 return (OIDCTokens)this; 201 } 202 203 204 @Override 205 public String toString() { 206 207 return toJSONObject().toJSONString(); 208 } 209 210 211 /** 212 * Parses an access and optional refresh token from the specified JSON 213 * object. 214 * 215 * @param jsonObject The JSON object to parse. Must not be {@code null}. 216 * 217 * @return The tokens. 218 * 219 * @throws ParseException If the JSON object couldn't be parsed to a 220 * tokens instance. 221 */ 222 public static Tokens parse(final JSONObject jsonObject) 223 throws ParseException { 224 225 return new Tokens(AccessToken.parse(jsonObject), RefreshToken.parse(jsonObject)); 226 } 227}