• Home
• org.ldaptive
• ldaptive-unboundid
• 1.1.0
• source code
• UnboundIDSaslUtils.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.ldaptive.provider.unboundid.UnboundIDSaslUtils Maven / Gradle / Ivy

/* See LICENSE for licensing and NOTICE for copyright. */
package org.ldaptive.provider.unboundid;

import com.unboundid.ldap.sdk.DIGESTMD5BindRequestProperties;
import com.unboundid.ldap.sdk.GSSAPIBindRequestProperties;
import com.unboundid.ldap.sdk.SASLQualityOfProtection;
import org.ldaptive.Credential;
import org.ldaptive.sasl.DigestMd5Config;
import org.ldaptive.sasl.GssApiConfig;
import org.ldaptive.sasl.QualityOfProtection;
import org.ldaptive.sasl.SaslConfig;

/**
 * Support for SASL authentication.
 *
 * @author  Middleware Services
 */
public final class UnboundIDSaslUtils
{


  /** Default constructor. */
  private UnboundIDSaslUtils() {}


  /**
   * Creates a new digest md5 request properties.
   *
   * @param  username  to bind as
   * @param  credential  to bind with
   * @param  config  to set sasl parameters
   *
   * @return  digest md5 request properties
   */
  protected static DIGESTMD5BindRequestProperties createDigestMd5Properties(
    final String username,
    final Credential credential,
    final SaslConfig config)
  {
    final DIGESTMD5BindRequestProperties props = new DIGESTMD5BindRequestProperties(
      username,
      credential != null ? credential.getBytes() : null);
    if (config.getAuthorizationId() != null && !"".equals(config.getAuthorizationId())) {
      props.setAuthorizationID(config.getAuthorizationId());
    }
    if (config.getQualityOfProtection() != null) {
      props.setAllowedQoP(getQualityOfProtection(config.getQualityOfProtection()));
    }
    if (config instanceof DigestMd5Config) {
      final DigestMd5Config c = (DigestMd5Config) config;
      if (c.getRealm() != null) {
        props.setRealm(c.getRealm());
      }
    }
    return props;
  }


  /**
   * Creates a new gssapi request properties.
   *
   * @param  username  to bind as
   * @param  credential  to bind with
   * @param  config  to set sasl parameters
   *
   * @return  gssapi request properties
   */
  protected static GSSAPIBindRequestProperties createGssApiProperties(
    final String username,
    final Credential credential,
    final SaslConfig config)
  {
    final GSSAPIBindRequestProperties props = new GSSAPIBindRequestProperties(
      username,
      credential != null ? credential.getBytes() : null);
    if (config.getAuthorizationId() != null) {
      props.setAuthorizationID(config.getAuthorizationId());
    }
    if (config.getQualityOfProtection() != null) {
      props.setAllowedQoP(getQualityOfProtection(config.getQualityOfProtection()));
    }
    if (config instanceof GssApiConfig) {
      final GssApiConfig c = (GssApiConfig) config;
      if (c.getRealm() != null) {
        props.setRealm(c.getRealm());
      }
    }
    return props;
  }


  /**
   * Returns the SASL quality of protection string for the supplied enum.
   *
   * @param  qop  quality of protection enum
   *
   * @return  SASL quality of protection
   */
  protected static SASLQualityOfProtection getQualityOfProtection(final QualityOfProtection qop)
  {
    SASLQualityOfProtection e;
    switch (qop) {

    case AUTH:
      e = SASLQualityOfProtection.AUTH;
      break;

    case AUTH_INT:
      e = SASLQualityOfProtection.AUTH_INT;
      break;

    case AUTH_CONF:
      e = SASLQualityOfProtection.AUTH_CONF;
      break;

    default:
      throw new IllegalArgumentException("Unknown SASL quality of protection: " + qop);
    }
    return e;
  }
}