identity/entitlement/JwtPrincipal.java

c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden/*
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * The contents of this file are subject to the terms of the Common Development and
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * Distribution License (the License). You may not use this file except in compliance with the
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * License.
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden *
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * specific language governing permission and limitations under the License.
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden *
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * When distributing Covered Software, include this CDDL Header Notice in each file and include
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * Header, with the fields enclosed by brackets [] replaced by your own identifying
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * information: "Portions copyright [year] [name of copyright owner]".
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden *
2dd75eff92ef66e22cca286b6f4fe5a9c929af9dPhill Cunnington * Copyright 2014-2015 ForgeRock AS.
4dc8bf8db4b0422db4c958bb68a450f04c56431aJoel Pearson * Portions copyright 2016 Agile Digital Engineering
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden */
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Maddenpackage com.sun.identity.entitlement;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
2dd75eff92ef66e22cca286b6f4fe5a9c929af9dPhill Cunningtonimport org.forgerock.json.JsonValue;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Maddenimport org.forgerock.util.Reject;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Maddenimport java.security.Principal;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden/**
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden * A security principal based on a Json Web Token (JWT). The name of the principal is the "sub" claim in the JWT.
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden */
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Maddenpublic class JwtPrincipal implements Principal {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    private final JsonValue jwt;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    public JwtPrincipal(final JsonValue jwt) {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        Reject.ifNull(jwt);
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        if (!jwt.get("sub").isString()) {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden            throw new IllegalArgumentException("Invalid JWT");
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        this.jwt = jwt;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    @Override
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    public String getName() {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        return jwt.get("sub").asString();
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
4dc8bf8db4b0422db4c958bb68a450f04c56431aJoel Pearson    public JsonValue getClaim(String key) {
4dc8bf8db4b0422db4c958bb68a450f04c56431aJoel Pearson        return jwt.get(key);
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    @Override
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    public boolean equals(final Object o) {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        if (this == o) {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden            return true;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        if (o == null || getClass() != o.getClass()) {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden            return false;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        final JwtPrincipal principal = (JwtPrincipal) o;
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        return jwt.toString().equals(principal.jwt.toString());
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    @Override
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    public int hashCode() {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        return jwt.toString().hashCode();
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    @Override
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    public String toString() {
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden        return "JwtPrincipal{ claims = " + jwt + " }";
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden    }
c8ab19d28fde5eda3b2daab4b1124887681fedf9Neil Madden}