diff --git a/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParClient.java b/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParClient.java index 6f9bacf2e3d..23f5045cf45 100644 --- a/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParClient.java +++ b/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParClient.java @@ -60,6 +60,7 @@ private ParResponse exec_() throws Exception { addReqParam(AuthorizeRequestParam.SCOPE, scopesAsString); addReqParam(AuthorizeRequestParam.REDIRECT_URI, getRequest().getAuthorizationRequest().getRedirectUri()); addReqParam(AuthorizeRequestParam.STATE, getRequest().getAuthorizationRequest().getState()); + addReqParam(AuthorizeRequestParam.NBF, getRequest().getNbf() != null ? getRequest().getNbf().toString() : null); addReqParam(AuthorizeRequestParam.NONCE, getRequest().getAuthorizationRequest().getNonce()); addReqParam(AuthorizeRequestParam.DISPLAY, getRequest().getAuthorizationRequest().getDisplay()); diff --git a/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParRequest.java b/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParRequest.java index 00ab9270e7b..0d2f6a128c3 100644 --- a/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParRequest.java +++ b/jans-auth-server/client/src/main/java/io/jans/as/client/par/ParRequest.java @@ -11,6 +11,7 @@ public class ParRequest extends ClientAuthnRequest { private AuthorizationRequest authorizationRequest; + private Integer nbf; public ParRequest(AuthorizationRequest authorizationRequest) { this.authorizationRequest = authorizationRequest; @@ -36,4 +37,12 @@ public String getQueryString() { return builder.toString(); } + + public Integer getNbf() { + return nbf; + } + + public void setNbf(Integer nbf) { + this.nbf = nbf; + } } \ No newline at end of file diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java index e72916fd979..9b8b1d79351 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java @@ -55,6 +55,7 @@ public void registerPar(final String redirectUris, final String redirectUri, fin AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, registerResponse.getClientId(), scopes, redirectUri, nonce); ParRequest parRequest = new ParRequest(authorizationRequest); + parRequest.setNbf(1); parRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC); parRequest.setAuthUsername(registerResponse.getClientId()); parRequest.setAuthPassword(registerResponse.getClientSecret()); diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/authorize/AuthorizeRequestParam.java b/jans-auth-server/model/src/main/java/io/jans/as/model/authorize/AuthorizeRequestParam.java index 4b9b3a55e9c..9bebf9f9df4 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/authorize/AuthorizeRequestParam.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/authorize/AuthorizeRequestParam.java @@ -39,6 +39,7 @@ public interface AuthorizeRequestParam { String CUSTOM_RESPONSE_HEADERS = "custom_response_headers"; String AUTH_REQ_ID = "auth_req_id"; String SID = "sid"; + String NBF = "nbf"; /** * String that represents the End-User's login state at the OP. diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java b/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java index 957f972ee01..cc492eb8d1c 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java @@ -295,6 +295,14 @@ public static int parseIntSilently(String intString) { } } + public static Integer parseIntegerSilently(String intString) { + try { + return Integer.parseInt(intString); + } catch (Exception e) { + return null; + } + } + // SHA-1 (160 bits) public static String toSHA1HexString(String input) { MessageDigest md = null; diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/par/ws/rs/ParRestWebService.java b/jans-auth-server/server/src/main/java/io/jans/as/server/par/ws/rs/ParRestWebService.java index d7871526e93..5e539948dc1 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/par/ws/rs/ParRestWebService.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/par/ws/rs/ParRestWebService.java @@ -98,6 +98,7 @@ public Response requestPushedAuthorizationRequest( @FormParam("origin_headers") String originHeaders, @FormParam("code_challenge") String codeChallenge, @FormParam("code_challenge_method") String codeChallengeMethod, + @FormParam("nbf") String nbf, @FormParam(AuthorizeRequestParam.CUSTOM_RESPONSE_HEADERS) String customResponseHeaders, @FormParam("claims") String claims, @Context HttpServletRequest httpRequest, @@ -145,6 +146,7 @@ public Response requestPushedAuthorizationRequest( par.setTtl(parLifetime); par.setExpirationDate(Util.createExpirationDate(parLifetime)); par.getAttributes().setScope(scope); + par.getAttributes().setNbf(Util.parseIntegerSilently(nbf)); par.getAttributes().setResponseType(responseType); par.getAttributes().setClientId(clientId); par.getAttributes().setRedirectUri(redirectUri);