001package com.nimbusds.openid.connect.sdk.id; 002 003 004import java.net.URL; 005 006import com.nimbusds.oauth2.sdk.id.Subject; 007 008 009/** 010 * Generator of pairwise subject identifiers. 011 * 012 * <p>Related specifications: 013 * 014 * <ul> 015 * <li>OpenID Connect Messages, section 2.8.1. 016 * </ul> 017 * 018 * @author Vladimir Dzhuvinov 019 */ 020public abstract class PairwiseSubjectIdentifierGenerator { 021 022 023 /** 024 * Generates a new pairwise subject identifier from the specified 025 * sector identifier URL and local subject. 026 * 027 * @param sectorURL The sector identifier URL. Its protocol must be 028 * "https", must include a host portion and must not 029 * be {@code null}. 030 * @param localSub The local subject identifier. Must not be 031 * {@code null}. 032 * 033 * @return The pairwise subject identifier. 034 */ 035 public Subject generate(final URL sectorURL, final Subject localSub) { 036 037 if (! sectorURL.getProtocol().equalsIgnoreCase("https")) 038 throw new IllegalArgumentException("The sector identifier URL protocol must be HTTPS"); 039 040 if (sectorURL.getHost() == null) 041 throw new IllegalArgumentException("The sector identifier URL must specify a host"); 042 043 return generate(sectorURL.getHost(), localSub); 044 } 045 046 047 /** 048 * Generates a new pairwise subject identifier from the specified 049 * sector identifier and local subject. 050 * 051 * @param sectorIdentifier The sector identifier. Must not be 052 * {@code null}. 053 * @param localSub The local subject identifier. Must not be 054 * {@code null}. 055 * 056 * @return The pairwise subject identifier. 057 */ 058 public abstract Subject generate(final String sectorIdentifier, final Subject localSub); 059}