001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.openid.connect.sdk.assurance; 019 020 021import java.util.Collections; 022import java.util.LinkedList; 023import java.util.List; 024 025import net.jcip.annotations.Immutable; 026import net.minidev.json.JSONArray; 027import net.minidev.json.JSONAware; 028import net.minidev.json.JSONObject; 029 030import com.nimbusds.oauth2.sdk.ParseException; 031import com.nimbusds.oauth2.sdk.util.JSONArrayUtils; 032import com.nimbusds.oauth2.sdk.util.JSONObjectUtils; 033import com.nimbusds.oauth2.sdk.util.date.DateWithTimeZoneOffset; 034import com.nimbusds.openid.connect.sdk.assurance.evidences.IdentityEvidence; 035 036 037/** 038 * Identity verification. 039 * 040 * <p>Related specifications: 041 * 042 * <ul> 043 * <li>OpenID Connect for Identity Assurance 1.0, section 4.1. 044 * </ul> 045 */ 046@Immutable 047public final class IdentityVerification implements JSONAware { 048 049 050 /** 051 * The trust framework. 052 */ 053 private final IdentityTrustFramework trustFramework; 054 055 056 /** 057 * The verification timestamp if required by the trust framework. 058 */ 059 private final DateWithTimeZoneOffset time; 060 061 062 /** 063 * The verification process reference if required by the trust 064 * framework. 065 */ 066 private final String verificationProcess; 067 068 069 /** 070 * The identity evidences. 071 */ 072 private final List<IdentityEvidence> evidence; 073 074 075 /** 076 * Creates a new identity verification with a single evidence. 077 * 078 * @param trustFramework The trust framework. 079 * @param time The verification timestamp if required by 080 * the trust framework, {@code null} if not 081 * required. 082 * @param verificationProcess The verification process reference if 083 * required by the trust framework, 084 * {@code null} if not required. 085 * @param evidence The identity evidence, {@code null} if 086 * not specified. 087 */ 088 public IdentityVerification(final IdentityTrustFramework trustFramework, 089 final DateWithTimeZoneOffset time, 090 final String verificationProcess, 091 final IdentityEvidence evidence) { 092 093 this(trustFramework, time, verificationProcess, Collections.singletonList(evidence)); 094 } 095 096 097 /** 098 * Creates a new identity verification 099 * 100 * @param trustFramework The trust framework. 101 * @param time The verification timestamp if required by 102 * the trust framework, {@code null} if not 103 * required. 104 * @param verificationProcess The verification process reference if 105 * required by the trust framework, 106 * {@code null} if not required. 107 * @param evidence The identity evidences, {@code null} if 108 * not specified. 109 */ 110 public IdentityVerification(final IdentityTrustFramework trustFramework, 111 final DateWithTimeZoneOffset time, 112 final String verificationProcess, 113 final List<IdentityEvidence> evidence) { 114 115 if (trustFramework == null) { 116 throw new IllegalArgumentException("The trust framework must not be null"); 117 } 118 this.trustFramework = trustFramework; 119 120 this.time = time; 121 this.verificationProcess = verificationProcess; 122 this.evidence = evidence; 123 } 124 125 126 /** 127 * Returns the trust framework. 128 * 129 * @return The trust framework. 130 */ 131 public IdentityTrustFramework getTrustFramework() { 132 return trustFramework; 133 } 134 135 136 /** 137 * Returns the verification timestamp. 138 * 139 * @return The verification timestamp if required by the trust 140 * framework, {@code null} if not specified. 141 */ 142 public DateWithTimeZoneOffset getVerificationTime() { 143 return time; 144 } 145 146 147 /** 148 * Returns the verification process reference. 149 * 150 * @return The verification process reference if required by the trust 151 * framework, {@code null} if not specified. 152 */ 153 public String getVerificationProcess() { 154 return verificationProcess; 155 } 156 157 158 /** 159 * Returns the identity evidence. 160 * 161 * @return The identity evidence, {@code null} or empty if not 162 * specified. 163 */ 164 public List<IdentityEvidence> getEvidence() { 165 return evidence; 166 } 167 168 169 /** 170 * Returns a JSON object representation of this identity verification. 171 * 172 * @return The JSON object. 173 */ 174 public JSONObject toJSONObject() { 175 176 JSONObject o = new JSONObject(); 177 o.put("trust_framework", getTrustFramework().getValue()); 178 179 if (getVerificationTime() != null) { 180 o.put("time", getVerificationTime().toISO8601String()); 181 } 182 183 if (getVerificationProcess() != null) { 184 o.put("verification_process", getVerificationProcess()); 185 } 186 187 if (getEvidence() != null) { 188 JSONArray evidenceArray = new JSONArray(); 189 for (IdentityEvidence ev : getEvidence()) { 190 evidenceArray.add(ev.toJSONObject()); 191 } 192 o.put("evidence", evidenceArray); 193 } 194 195 return o; 196 } 197 198 199 @Override 200 public String toJSONString() { 201 202 return toJSONObject().toJSONString(); 203 } 204 205 206 /** 207 * Parses an identity verification from the specified JSON object. 208 * 209 * @param jsonObject The JSON object. Must not be {@code null}. 210 * 211 * @return The identity verification. 212 * 213 * @throws ParseException If parsing failed. 214 */ 215 public static IdentityVerification parse(final JSONObject jsonObject) 216 throws ParseException { 217 218 IdentityTrustFramework trustFramework = new IdentityTrustFramework(JSONObjectUtils.getString(jsonObject, "trust_framework")); 219 220 DateWithTimeZoneOffset time = null; 221 if (jsonObject.get("time") != null) { 222 time = DateWithTimeZoneOffset.parseISO8601String(JSONObjectUtils.getString(jsonObject, "time")); 223 } 224 225 String verificationProcess = null; 226 if (jsonObject.get("verification_process") != null) { 227 verificationProcess = JSONObjectUtils.getString(jsonObject, "verification_process"); 228 } 229 230 List<IdentityEvidence> evidence = null; 231 if (jsonObject.get("evidence") != null) { 232 evidence = new LinkedList<>(); 233 JSONArray jsonArray = JSONObjectUtils.getJSONArray(jsonObject, "evidence"); 234 for (JSONObject item : JSONArrayUtils.toJSONObjectList(jsonArray)) { 235 evidence.add(IdentityEvidence.parse(item)); 236 } 237 } 238 239 return new IdentityVerification(trustFramework, time, verificationProcess, evidence); 240 } 241}