1 /*
2 * Copyright (c) 2002-2015, Mairie de Paris
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright notice
10 * and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright notice
13 * and the following disclaimer in the documentation and/or other materials
14 * provided with the distribution.
15 *
16 * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17 * contributors may be used to endorse or promote products derived from
18 * this software without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 *
32 * License 1.0
33 */
34 package fr.paris.lutece.plugins.franceconnect.service;
35
36 import fr.paris.lutece.plugins.franceconnect.oidc.AuthClientConf;
37 import fr.paris.lutece.plugins.franceconnect.oidc.AuthServerConf;
38 import fr.paris.lutece.plugins.franceconnect.oidc.Token;
39 import fr.paris.lutece.plugins.franceconnect.oidc.jwt.JWTParser;
40 import fr.paris.lutece.plugins.franceconnect.oidc.jwt.TokenValidationException;
41 import fr.paris.lutece.plugins.franceconnect.web.Constants;
42 import fr.paris.lutece.portal.service.spring.SpringContextService;
43
44 import org.apache.log4j.Logger;
45
46 import org.codehaus.jackson.map.ObjectMapper;
47
48 import java.io.IOException;
49
50
51 /**
52 * TokenService
53 */
54 public final class TokenService
55 {
56 private static final String BEAN_JWT_PARSER = "franceconnect.jwtParser";
57 private static ObjectMapper _mapper = new ObjectMapper( );
58 private static Logger _logger = Logger.getLogger( Constants.LOGGER_FRANCECONNECT );
59
60 /**
61 * private constructor
62 */
63 private TokenService( )
64 {
65 }
66
67 /**
68 * parse the JSON for a token
69 *
70 * @param strJson The JSON
71 * @param clientConfig The client configuration
72 * @param serverConfig The server configuration
73 * @param strStoredNonce The stored nonce
74 * @return The Token
75 * @throws java.io.IOException if an error occurs
76 * @throws TokenValidationException If the token validation failed
77 */
78 public static Token parse( String strJson, AuthClientConf clientConfig, AuthServerConf serverConfig,
79 String strStoredNonce ) throws IOException, TokenValidationException
80 {
81 Token token = parseToken( strJson );
82
83 _logger.debug( token );
84
85 // Extract and validate the JWT (ID Token)
86 JWTParser jwtParser = SpringContextService.getBean( BEAN_JWT_PARSER );
87 jwtParser.parseJWT( token, clientConfig, serverConfig, strStoredNonce, _logger );
88
89 return token;
90 }
91
92 /**
93 * Parse the Token from a JSON string
94 * @param strJson The JSON string
95 * @return The Token
96 * @throws IOException if an error occurs
97 */
98 static Token parseToken( String strJson ) throws IOException
99 {
100 return _mapper.readValue( strJson, Token.class );
101 }
102 }