001/*
002 * acme4j - Java ACME client
003 *
004 * Copyright (C) 2021 Richard "Shred" K├Ârber
005 *   http://acme4j.shredzone.org
006 *
007 * Licensed under the Apache License, Version 2.0 (the "License");
008 * you may not use this file except in compliance with the License.
009 *
010 * This program is distributed in the hope that it will be useful,
011 * but WITHOUT ANY WARRANTY; without even the implied warranty of
012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
013 */
014package org.shredzone.acme4j.smime.challenge;
015
016import static org.shredzone.acme4j.toolbox.AcmeUtils.base64UrlEncode;
017import static org.shredzone.acme4j.toolbox.AcmeUtils.sha256hash;
018
019import jakarta.mail.internet.AddressException;
020import jakarta.mail.internet.InternetAddress;
021import org.shredzone.acme4j.Login;
022import org.shredzone.acme4j.challenge.TokenChallenge;
023import org.shredzone.acme4j.exception.AcmeProtocolException;
024import org.shredzone.acme4j.toolbox.JSON;
025
026/**
027 * Implements the {@value TYPE} challenge.
028 *
029 * @see <a href="https://datatracker.ietf.org/doc/html/rfc8823">RFC 8823</a>
030 * @since 2.12
031 */
032public class EmailReply00Challenge extends TokenChallenge {
033    private static final long serialVersionUID = 2502329538019544794L;
034
035    /**
036     * Challenge type name: {@value}
037     */
038    public static final String TYPE = "email-reply-00";
039
040    private static final String KEY_FROM = "from";
041
042    /**
043     * Creates a new generic {@link EmailReply00Challenge} object.
044     *
045     * @param login
046     *            {@link Login} the resource is bound with
047     * @param data
048     *            {@link JSON} challenge data
049     */
050    public EmailReply00Challenge(Login login, JSON data) {
051        super(login, data);
052    }
053
054    /**
055     * Returns the email address in the "from" field of the challenge.
056     *
057     * @return The "from" email address, as String.
058     */
059    public String getFrom() {
060        return getJSON().get(KEY_FROM).asString();
061    }
062
063    /**
064     * Returns the email address of the expected sender of the "challenge" mail.
065     * <p>
066     * This is the same value that is returned by {@link #getFrom()}, but as {@link
067     * InternetAddress} instance.
068     *
069     * @return Expected sender of the challenge email.
070     */
071    public InternetAddress getExpectedSender() {
072        try {
073            return new InternetAddress(getFrom());
074        } catch (AddressException ex) {
075            throw new AcmeProtocolException("bad email address " + getFrom(), ex);
076        }
077    }
078
079    /**
080     * Returns the token, which is a concatenation of the part 1 that is sent by email,
081     * and part 2 that is passed into this callenge via {@link #getTokenPart2()};
082     *
083     * @param part1
084     *         Part 1 of the token, which can be found in the subject of the corresponding
085     *         challenge email.
086     * @return Concatenated token
087     */
088    public String getToken(String part1) {
089        return part1.concat(getTokenPart2());
090    }
091
092    /**
093     * Returns the part 2 of the token to be used for this challenge. Part 2 is sent via
094     * this challenge.
095     */
096    public String getTokenPart2() {
097        return super.getToken();
098    }
099
100    /**
101     * This method is not implemented. Use {@link #getAuthorization(String)} instead.
102     */
103    @Override
104    public String getAuthorization() {
105        throw new UnsupportedOperationException("use getAuthorization(String)");
106    }
107
108    /**
109     * Returns the authorization string.
110     *
111     * @param part1
112     *         Part 1 of the token, which can be found in the subject of the corresponding
113     *         challenge email.
114     */
115    public String getAuthorization(String part1) {
116        var keyAuth = keyAuthorizationFor(getToken(part1));
117        return base64UrlEncode(sha256hash(keyAuth));
118    }
119
120    @Override
121    protected boolean acceptable(String type) {
122        return TYPE.equals(type);
123    }
124
125}