public static boolean containsEmailAddress(String password) {
if (!Strings.hasText(password)) {
return false;
}
matcher = pattern.matcher(password);
return matcher.matches();
}
private String getJwtResponse(Object httpRequestObject) {
String jwtResponse;
if (HttpRequest.class.isAssignableFrom(httpRequestObject.getClass())) {
HttpRequest httpRequest = (HttpRequest) httpRequestObject;
Assert.isTrue(
httpRequest.getMethod() == HttpMethod.GET, "Only Http GET method is supported.");
jwtResponse = httpRequest.getParameter(JWT_RESPONSE);
} else {
// This must never happen, if the object request is of HttpServletRequest type the
// HTTP_SERVLET_REQUEST_WRAPPER_CLASS
// must be already loaded and therefore cannot be null.
if (HTTP_SERVLET_REQUEST_WRAPPER_CLASS == null) {
throw new RuntimeException(
"DefaultHttpServletRequestWrapper not loaded error occurred while handling httpRequest of type: "
+ httpRequestObject.getClass().getName());
}
Constructor<? extends HttpServletRequestWrapper> ctor =
Classes.getConstructor(HTTP_SERVLET_REQUEST_WRAPPER_CLASS, Object.class);
HttpServletRequestWrapper httpServletRequestWrapper =
Classes.instantiate(ctor, httpRequestObject);
HttpMethod method = HttpMethod.fromName(httpServletRequestWrapper.getMethod());
Assert.isTrue(HttpMethod.GET == method, "Only Http GET method is supported.");
jwtResponse = httpServletRequestWrapper.getParameter(JWT_RESPONSE);
}
if (!Strings.hasText(jwtResponse)) {
throw new InvalidJwtException(InvalidJwtException.JWT_REQUIRED_ERROR);
}
return jwtResponse;
}
@Override
public AccountResult getAccountResult() {
JwtWrapper jwtWrapper = new JwtWrapper(jwtResponse);
Map jsonPayload = jwtWrapper.getJsonPayloadAsMap();
String apiKeyId;
Map jsonHeader = jwtWrapper.getJsonHeaderAsMap();
apiKeyId = getRequiredValue(jsonHeader, KEY_ID);
getJwtSignatureValidator(apiKeyId).validate(jwtWrapper);
Number expire = getRequiredValue(jsonPayload, Claims.EXPIRATION);
verifyJwtIsNotExpired(expire.longValue());
String issuer = getRequiredValue(jsonPayload, Claims.ISSUER);
// JSDK-261: Enable Java SDK to handle new ID Site error callbacks
// We are processing the error after the token has been properly validated
if (isError(jsonPayload)) {
throw new IDSiteRuntimeException(constructError(jsonPayload, jsonHeader));
}
String responseNonce = getRequiredValue(jsonPayload, RESPONSE_ID);
if (nonceStore.hasNonce(responseNonce)) {
throw new InvalidJwtException(InvalidJwtException.ALREADY_USED_JWT_ERROR);
}
nonceStore.putNonce(responseNonce);
// the 'sub' field can be null if calling /sso/logout when the subject is already logged out:
String accountHref = getOptionalValue(jsonPayload, Claims.SUBJECT);
boolean accountHrefPresent = Strings.hasText(accountHref);
// but this is only legal during the logout scenario, so assert this:
IdSiteResultStatus resultStatus =
IdSiteResultStatus.valueOf((String) getRequiredValue(jsonPayload, STATUS));
if (!accountHrefPresent && !IdSiteResultStatus.LOGOUT.equals(resultStatus)) {
throw new InvalidJwtException(InvalidJwtException.JWT_RESPONSE_MISSING_PARAMETER_ERROR);
}
Boolean isNewAccount = getRequiredValue(jsonPayload, IS_NEW_SUBJECT);
String state = getOptionalValue(jsonPayload, STATE);
Map<String, Object> properties = new LinkedHashMap<String, Object>();
properties.put(DefaultAccountResult.NEW_ACCOUNT.getName(), isNewAccount);
properties.put(DefaultAccountResult.STATE.getName(), state);
if (accountHrefPresent) {
Map<String, Object> account = new HashMap<String, Object>();
account.put(DefaultAccountResult.HREF_PROP_NAME, accountHref);
properties.put(DefaultAccountResult.ACCOUNT.getName(), account);
}
AccountResult accountResult = new DefaultAccountResult(dataStore, properties);
// @since 1.0.RC7.3
if (this.resultListeners.size() > 0) {
dispatchResponseStatus(resultStatus, properties);
}
return accountResult;
}
