001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.controls; 018import org.forgerock.i18n.LocalizableMessage; 019 020 021 022import org.forgerock.opendj.io.ASN1Writer; 023import org.opends.server.types.*; 024import org.forgerock.opendj.ldap.DN; 025import org.forgerock.opendj.ldap.ResultCode; 026import org.forgerock.opendj.ldap.ByteString; 027import static org.opends.messages.ProtocolMessages.*; 028import static org.opends.server.util.ServerConstants.*; 029 030import java.io.IOException; 031 032 033/** 034 * This class implements the authorization identity response control as defined 035 * in RFC 3829. It may be included in a bind response message to provide the 036 * authorization ID resulting for a client after the bind operation as 037 * completed. 038 */ 039public class AuthorizationIdentityResponseControl 040 extends Control 041{ 042 /** 043 * ControlDecoder implementation to decode this control from a ByteString. 044 */ 045 private static final class Decoder 046 implements ControlDecoder<AuthorizationIdentityResponseControl> 047 { 048 /** {@inheritDoc} */ 049 public AuthorizationIdentityResponseControl decode(boolean isCritical, 050 ByteString value) 051 throws DirectoryException 052 { 053 if (value == null) 054 { 055 LocalizableMessage message = ERR_AUTHZIDRESP_NO_CONTROL_VALUE.get(); 056 throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message); 057 } 058 059 try 060 { 061 String authID = value.toString(); 062 return new AuthorizationIdentityResponseControl(isCritical, 063 authID); 064 } 065 catch(Exception e) 066 { 067 // TODO: message. 068 throw new DirectoryException(ResultCode.PROTOCOL_ERROR, LocalizableMessage.EMPTY); 069 } 070 } 071 072 public String getOID() 073 { 074 return OID_AUTHZID_RESPONSE; 075 } 076 077 } 078 079 /** 080 * The Control Decoder that can be used to decode this control. 081 */ 082 public static final ControlDecoder<AuthorizationIdentityResponseControl> 083 DECODER = new Decoder(); 084 085 086 /** The authorization ID for this control. */ 087 private String authorizationID; 088 089 090 091 /** 092 * Creates a new authorization identity response control using the default 093 * settings to indicate an anonymous authentication. 094 */ 095 public AuthorizationIdentityResponseControl() 096 { 097 this(false); 098 } 099 100 /** 101 * Creates a new authorization identity response control using the default 102 * settings to indicate an anonymous authentication. 103 * 104 * @param isCritical Indicates whether this control should be 105 * considered critical in processing the 106 * request. 107 */ 108 public AuthorizationIdentityResponseControl(boolean isCritical) 109 { 110 super(OID_AUTHZID_RESPONSE, isCritical); 111 } 112 113 114 115 /** 116 * Creates a new authorization identity response control with the provided 117 * information. 118 * 119 * @param authorizationID The authorization ID for this control. 120 */ 121 public AuthorizationIdentityResponseControl(String authorizationID) 122 { 123 this(false, authorizationID); 124 } 125 126 127 /** 128 * Creates a new authorization identity response control with the provided 129 * information. 130 * 131 * @param isCritical Indicates whether this control should be 132 * considered critical in processing the 133 * request. 134 * @param authorizationID The authorization ID for this control. 135 */ 136 public AuthorizationIdentityResponseControl(boolean isCritical, 137 String authorizationID) 138 { 139 super(OID_AUTHZID_RESPONSE, isCritical); 140 141 142 this.authorizationID = authorizationID; 143 } 144 145 146 147 148 /** 149 * Creates a new authorization identity response control with the provided 150 * information. 151 * 152 * @param authorizationDN The authorization DN for this control. 153 */ 154 public AuthorizationIdentityResponseControl(DN authorizationDN) 155 { 156 super(OID_AUTHZID_RESPONSE, false); 157 158 159 if (authorizationDN == null) 160 { 161 this.authorizationID = "dn:"; 162 } 163 else 164 { 165 this.authorizationID = "dn:" + authorizationDN; 166 } 167 } 168 169 170 171 /** 172 * Writes this control's value to an ASN.1 writer. The value (if any) must be 173 * written as an ASN1OctetString. 174 * 175 * @param writer The ASN.1 output stream to write to. 176 * @throws IOException If a problem occurs while writing to the stream. 177 */ 178 public void writeValue(ASN1Writer writer) throws IOException { 179 writer.writeOctetString(authorizationID); 180 } 181 182 183 184 /** 185 * Retrieves the authorization ID for this authorization identity response 186 * control. 187 * 188 * @return The authorization ID for this authorization identity response 189 * control. 190 */ 191 public String getAuthorizationID() 192 { 193 return authorizationID; 194 } 195 196 197 198 /** 199 * Appends a string representation of this authorization identity response 200 * control to the provided buffer. 201 * 202 * @param buffer The buffer to which the information should be appended. 203 */ 204 public void toString(StringBuilder buffer) 205 { 206 buffer.append("AuthorizationIdentityResponseControl(authzID=\""); 207 buffer.append(authorizationID); 208 buffer.append("\")"); 209 } 210} 211