OAuthState.java

  1. package no.nav.data.common.security.dto;

  3. import lombok.AccessLevel;
  4. import lombok.Data;
  5. import lombok.NoArgsConstructor;
  6. import no.nav.data.common.security.Encryptor;
  7. import no.nav.data.common.utils.JsonUtils;
  8. import org.springframework.util.Assert;
  9. import org.springframework.web.util.HtmlUtils;
  10. import org.springframework.web.util.UriComponentsBuilder;

  12. import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.ERROR;
  13. import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.ERROR_DESCRIPTION;
  14. import static org.springframework.security.web.util.UrlUtils.isValidRedirectUrl;

  16. /**
  17.  * Encrypted json to ensure origin of state and code
  18.  */
  19. @Data
  20. @NoArgsConstructor(access = AccessLevel.PRIVATE)
  21. public class OAuthState {

  23.     private String sessionId;
  24.     private String redirectUri;
  25.     private String errorUri;

  27.     public OAuthState(String redirectUri) {
  28.         this(null, redirectUri, null);
  29.     }

  31.     public OAuthState(String sessionId, String redirectUri, String errorUri) {
  32.         this.sessionId = sessionId;
  33.         this.redirectUri = redirectUri;
  34.         this.errorUri = errorUri != null ? errorUri : redirectUri;
  35.         validate();
  36.     }

  38.     public String errorRedirect(String error, String errorDesc) {
  39.         return UriComponentsBuilder.fromUriString(getErrorUri())
  40.                 .queryParam(ERROR, HtmlUtils.htmlEscape(error))
  41.                 .queryParam(ERROR_DESCRIPTION, HtmlUtils.htmlEscape(errorDesc.replaceAll("[\\r\\n]", " ")))
  42.                 .build().toUriString();
  43.     }

  45.     public static OAuthState fromJson(String encryptedJson, Encryptor encryptor) {
  46.         var json = encryptor.decrypt(encryptedJson);
  47.         OAuthState state = JsonUtils.toObject(json, OAuthState.class);
  48.         state.validate();
  49.         Assert.isTrue(state.getSessionId() != null, "SessionId is null");
  50.         return state;
  51.     }

  53.     public String toJson(Encryptor encryptor) {
  54.         String json = JsonUtils.toJson(this);
  55.         return encryptor.encrypt(json).saltedCipher();
  56.     }

  58.     private void validate() {
  59.         Assert.isTrue(isValidRedirectUrl(redirectUri), "Invalid redirectUri");
  60.         Assert.isTrue(isValidRedirectUrl(errorUri), "Invalid errorUri");
  61.     }
  62. }
Created with JaCoCo 0.8.12.202403310830