001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2013-2015 ForgeRock AS. 015 */ 016 017package org.forgerock.json.jose.utils; 018 019import java.io.IOException; 020import java.nio.charset.Charset; 021import java.util.LinkedHashMap; 022import java.util.Map; 023 024import org.forgerock.json.jose.exceptions.InvalidJwtException; 025import org.forgerock.util.encode.Base64url; 026 027import com.fasterxml.jackson.core.JsonParser; 028import com.fasterxml.jackson.databind.ObjectMapper; 029 030/** 031 * This class provides utility methods to share common behaviour. 032 * 033 * @since 2.0.0 034 */ 035public final class Utils { 036 037 /** 038 * Cached JSON object mapper for parsing tokens. 039 */ 040 private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper() 041 .configure(JsonParser.Feature.STRICT_DUPLICATE_DETECTION, true); 042 043 /** 044 * UTF-8 Charset. 045 */ 046 public static final Charset CHARSET = Charset.forName("UTF-8"); 047 048 /** 049 * Private constructor. 050 */ 051 private Utils() { 052 } 053 054 /** 055 * Base64url encodes the given String, converting the String to UTF-8 bytes. 056 * 057 * @param s The String to encoded. 058 * @return A Base64url encoded UTF-8 String. 059 */ 060 public static String base64urlEncode(String s) { 061 return Base64url.encode(s.getBytes(CHARSET)); 062 } 063 064 /** 065 * Base64url decodes the given String and converts the decoded bytes into a UTF-8 String. 066 * 067 * @param s The Base64url encoded String to decode. 068 * @return The UTF-8 decoded String. 069 */ 070 public static String base64urlDecode(String s) { 071 return new String(Base64url.decode(s), CHARSET); 072 } 073 074 /** 075 * Compares two byte arrays for equality, in a constant time. 076 * <p> 077 * If the two byte arrays don't match the method will not return until the whole byte array has been checked. 078 * This prevents timing attacks. 079 * Unless the two arrays are not off equal length, and in this case the method will return immediately. 080 * 081 * @param a One of the byte arrays to compare. 082 * @param b The other byte array to compare. 083 * 084 * @return <code>true</code> if the arrays are equal, <code>false</code> otherwise. 085 */ 086 public static boolean constantEquals(byte[] a, byte[] b) { 087 if (a.length != b.length) { 088 return false; 089 } 090 091 boolean result = true; 092 for (int i = 0; i < a.length; i++) { 093 result &= a[i] == b[i]; 094 } 095 return result; 096 } 097 098 /** 099 * Parses the given JSON string into a NoDuplicatesMap. 100 * <p> 101 * The JWT specification details that any JWT with duplicate header parameters or claims MUST be rejected so 102 * a Map implementation is used to parse the JSON which will throw an exception if an entry with the same key 103 * is added to the map more than once. 104 * 105 * @param json The JSON string to parse. 106 * @return A Map of the JSON properties. 107 */ 108 @SuppressWarnings("unchecked") 109 public static Map<String, Object> parseJson(String json) { 110 try { 111 return OBJECT_MAPPER.readValue(json, LinkedHashMap.class); 112 } catch (IOException e) { 113 throw new InvalidJwtException("Failed to parse json: " + e.getMessage(), e); 114 } 115 } 116}