001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.client; 019 020 021import java.net.URI; 022 023import net.jcip.annotations.Immutable; 024import net.minidev.json.JSONObject; 025 026import com.nimbusds.common.contenttype.ContentType; 027import com.nimbusds.oauth2.sdk.ParseException; 028import com.nimbusds.oauth2.sdk.ProtectedResourceRequest; 029import com.nimbusds.oauth2.sdk.SerializeException; 030import com.nimbusds.oauth2.sdk.auth.Secret; 031import com.nimbusds.oauth2.sdk.http.HTTPRequest; 032import com.nimbusds.oauth2.sdk.id.ClientID; 033import com.nimbusds.oauth2.sdk.token.BearerAccessToken; 034import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 035 036 037/** 038 * Client registration request. 039 * 040 * <p>Example HTTP request: 041 * 042 * <pre> 043 * PUT /register/s6BhdRkqt3 HTTP/1.1 044 * Accept: application/json 045 * Host: server.example.com 046 * Authorization: Bearer reg-23410913-abewfq.123483 047 * 048 * { 049 * "client_id" :"s6BhdRkqt3", 050 * "client_secret" : "cf136dc3c1fc93f31185e5885805d", 051 * "redirect_uris" : [ "https://client.example.org/callback", 052 * "https://client.example.org/alt" ], 053 * "scope" : "read write dolphin", 054 * "grant_types" : [ "authorization_code", "refresh_token" ] 055 * "token_endpoint_auth_method" : "client_secret_basic", 056 * "jwks_uri" : "https://client.example.org/my_public_keys.jwks" 057 * "client_name" : "My New Example", 058 * "client_name#fr" : "Mon Nouvel Exemple", 059 * "logo_uri" : "https://client.example.org/newlogo.png" 060 * "logo_uri#fr" : "https://client.example.org/fr/newlogo.png" 061 * } 062 * 063 * </pre> 064 * 065 * <p>Related specifications: 066 * 067 * <ul> 068 * <li>OAuth 2.0 Dynamic Client Registration Management Protocol (RFC 069 * 7592), section 2.2. 070 * <li>OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591), section 071 * 2. 072 * </ul> 073 */ 074@Immutable 075public class ClientUpdateRequest extends ProtectedResourceRequest { 076 077 078 /** 079 * The registered client ID. 080 */ 081 private final ClientID id; 082 083 084 /** 085 * The client metadata. 086 */ 087 private final ClientMetadata metadata; 088 089 090 /** 091 * The optional client secret. 092 */ 093 private final Secret secret; 094 095 096 /** 097 * Creates a new client update request. 098 * 099 * @param uri The URI of the client update endpoint. May be 100 * {@code null} if the {@link #toHTTPRequest()} 101 * method will not be used. 102 * @param id The client ID. Must not be {@code null}. 103 * @param accessToken The client registration access token. Must not be 104 * {@code null}. 105 * @param metadata The client metadata. Must not be {@code null} and 106 * must specify one or more redirection URIs. 107 * @param secret The optional client secret, {@code null} if not 108 * specified. 109 */ 110 public ClientUpdateRequest(final URI uri, 111 final ClientID id, 112 final BearerAccessToken accessToken, 113 final ClientMetadata metadata, 114 final Secret secret) { 115 116 super(uri, accessToken); 117 118 if (id == null) 119 throw new IllegalArgumentException("The client identifier must not be null"); 120 121 this.id = id; 122 123 if (metadata == null) 124 throw new IllegalArgumentException("The client metadata must not be null"); 125 126 this.metadata = metadata; 127 128 this.secret = secret; 129 } 130 131 132 /** 133 * Gets the client ID. Corresponds to the {@code client_id} client 134 * registration parameter. 135 * 136 * @return The client ID, {@code null} if not specified. 137 */ 138 public ClientID getClientID() { 139 140 return id; 141 } 142 143 144 /** 145 * Gets the associated client metadata. 146 * 147 * @return The client metadata. 148 */ 149 public ClientMetadata getClientMetadata() { 150 151 return metadata; 152 } 153 154 155 /** 156 * Gets the client secret. Corresponds to the {@code client_secret} 157 * registration parameters. 158 * 159 * @return The client secret, {@code null} if not specified. 160 */ 161 public Secret getClientSecret() { 162 163 return secret; 164 } 165 166 167 @Override 168 public HTTPRequest toHTTPRequest() { 169 170 if (getEndpointURI() == null) 171 throw new SerializeException("The endpoint URI is not specified"); 172 173 HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.PUT, getEndpointURI()); 174 175 httpRequest.setAuthorization(getAccessToken().toAuthorizationHeader()); 176 177 httpRequest.setEntityContentType(ContentType.APPLICATION_JSON); 178 179 JSONObject jsonObject = metadata.toJSONObject(); 180 181 jsonObject.put("client_id", id.getValue()); 182 183 if (secret != null) 184 jsonObject.put("client_secret", secret.getValue()); 185 186 httpRequest.setQuery(jsonObject.toString()); 187 188 return httpRequest; 189 } 190 191 192 /** 193 * Parses a client update request from the specified HTTP PUT request. 194 * 195 * @param httpRequest The HTTP request. Must not be {@code null}. 196 * 197 * @return The client update request. 198 * 199 * @throws ParseException If the HTTP request couldn't be parsed to a 200 * client update request. 201 */ 202 public static ClientUpdateRequest parse(final HTTPRequest httpRequest) 203 throws ParseException { 204 205 httpRequest.ensureMethod(HTTPRequest.Method.PUT); 206 207 BearerAccessToken accessToken = BearerAccessToken.parse(httpRequest.getAuthorization()); 208 209 JSONObject jsonObject = httpRequest.getQueryAsJSONObject(); 210 211 ClientID id = new ClientID(JSONObjectUtils.getString(jsonObject, "client_id")); 212 213 ClientMetadata metadata = ClientMetadata.parse(jsonObject); 214 215 Secret clientSecret = null; 216 217 if (jsonObject.get("client_secret") != null) 218 clientSecret = new Secret(JSONObjectUtils.getString(jsonObject, "client_secret")); 219 220 return new ClientUpdateRequest(httpRequest.getURI(), id, accessToken, metadata, clientSecret); 221 } 222}