feat: par should be able to register with nbf

#865

jans-auth-server/client/src/main/java/io/jans/as/client/par/ParClient.java

@@ -60,6 +60,7 @@ private ParResponse exec_() throws Exception {
         addReqParam(AuthorizeRequestParam.SCOPE, scopesAsString);
         addReqParam(AuthorizeRequestParam.REDIRECT_URI, getRequest().getAuthorizationRequest().getRedirectUri());
         addReqParam(AuthorizeRequestParam.STATE, getRequest().getAuthorizationRequest().getState());
+        addReqParam(AuthorizeRequestParam.NBF, getRequest().getNbf() != null ? getRequest().getNbf().toString() : null);
 
         addReqParam(AuthorizeRequestParam.NONCE, getRequest().getAuthorizationRequest().getNonce());
         addReqParam(AuthorizeRequestParam.DISPLAY, getRequest().getAuthorizationRequest().getDisplay());

jans-auth-server/client/src/main/java/io/jans/as/client/par/ParRequest.java

@@ -11,6 +11,7 @@
 public class ParRequest extends ClientAuthnRequest {
 
     private AuthorizationRequest authorizationRequest;
+    private Integer nbf;
 
     public ParRequest(AuthorizationRequest authorizationRequest) {
         this.authorizationRequest = authorizationRequest;
@@ -36,4 +37,12 @@ public String getQueryString() {
 
         return builder.toString();
     }
+
+    public Integer getNbf() {
+        return nbf;
+    }
+
+    public void setNbf(Integer nbf) {
+        this.nbf = nbf;
+    }
 }

jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java

@@ -55,6 +55,7 @@ public void registerPar(final String redirectUris, final String redirectUri, fin
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, registerResponse.getClientId(), scopes, redirectUri, nonce);
         ParRequest parRequest = new ParRequest(authorizationRequest);
+        parRequest.setNbf(1);
         parRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
         parRequest.setAuthUsername(registerResponse.getClientId());
         parRequest.setAuthPassword(registerResponse.getClientSecret());

jans-auth-server/model/src/main/java/io/jans/as/model/authorize/AuthorizeRequestParam.java

@@ -39,6 +39,7 @@ public interface AuthorizeRequestParam {
     String CUSTOM_RESPONSE_HEADERS = "custom_response_headers";
     String AUTH_REQ_ID = "auth_req_id";
     String SID = "sid";
+    String NBF = "nbf";
 
     /**
      * String that represents the End-User's login state at the OP.

jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java

@@ -295,6 +295,14 @@ public static int parseIntSilently(String intString) {
         }
     }
 
+    public static Integer parseIntegerSilently(String intString) {
+        try {
+            return Integer.parseInt(intString);
+        } catch (Exception e) {
+            return null;
+        }
+    }
+
     // SHA-1 (160 bits)
     public static String toSHA1HexString(String input) {
         MessageDigest md = null;

jans-auth-server/server/src/main/java/io/jans/as/server/par/ws/rs/ParRestWebService.java

@@ -98,6 +98,7 @@ public Response requestPushedAuthorizationRequest(
             @FormParam("origin_headers") String originHeaders,
             @FormParam("code_challenge") String codeChallenge,
             @FormParam("code_challenge_method") String codeChallengeMethod,
+            @FormParam("nbf") String nbf,
             @FormParam(AuthorizeRequestParam.CUSTOM_RESPONSE_HEADERS) String customResponseHeaders,
             @FormParam("claims") String claims,
             @Context HttpServletRequest httpRequest,
@@ -145,6 +146,7 @@ public Response requestPushedAuthorizationRequest(
             par.setTtl(parLifetime);
             par.setExpirationDate(Util.createExpirationDate(parLifetime));
             par.getAttributes().setScope(scope);
+            par.getAttributes().setNbf(Util.parseIntegerSilently(nbf));
             par.getAttributes().setResponseType(responseType);
             par.getAttributes().setClientId(clientId);
             par.getAttributes().setRedirectUri(redirectUri);