org.wildfly.security.auth.server.RealmMapper Maven / Gradle / Ivy
Go to download
This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including
all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and
JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up
with different versions on classes on the class path).
/*
* JBoss, Home of Professional Open Source
* Copyright 2013 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.auth.server;
import java.security.Principal;
import java.util.function.BiPredicate;
import java.util.function.Predicate;
import org.wildfly.common.Assert;
import org.wildfly.security.evidence.Evidence;
/**
* A realm mapper. Examines authentication identity information and translates it into a realm name. If the realm
* mapper does not recognize the authentication information, a default realm will be chosen.
*
* @author David M. Lloyd
*/
@FunctionalInterface
public interface RealmMapper {
/**
* Get the realm mapping. Return {@code null} if the default realm should be used.
*
* @param principal the authentication principal (or {@code null} if none is known for this authentication)
* @param evidence the authentication evidence (or {@code null} if none is known for this authentication)
* @return the realm, or {@code null} if no particular realm matches the authentication information
*/
String getRealmMapping(Principal principal, Evidence evidence);
/**
* A realm mapper which always falls back to a default realm.
*/
RealmMapper DEFAULT_REALM_MAPPER = single(null);
/**
* Create a realm mapper that always maps to the given realm.
*
* @param realmName the realm name to return, or {@code null} if the default realm should be used
* @return the realm mapper returning {@code realmName}
*/
static RealmMapper single(String realmName) {
return (principal, evidence) -> realmName;
}
/**
* Create a realm mapper that matches when the given predicate matches.
*
* @param matchRule the match rule (must not be {@code null})
* @param realmName the realm name to return, or {@code null} to return the default realm
* @return the realm mapper (not {@code null})
*/
static RealmMapper matching(BiPredicate matchRule, String realmName) {
Assert.checkNotNullParam("matchRule", matchRule);
return (p, e) -> matchRule.test(p, e) ? realmName : null;
}
/**
* Create a realm mapper that matches when the given predicate matches the principal.
*
* @param matchRule the match rule (must not be {@code null})
* @param realmName the realm name to return, or {@code null} to return the default realm
* @return the realm mapper (not {@code null})
*/
static RealmMapper matchingPrincipal(Predicate matchRule, String realmName) {
Assert.checkNotNullParam("matchRule", matchRule);
return matching((p, e) -> matchRule.test(p), realmName);
}
/**
* Create a realm mapper that matches when the principal is of the given type.
*
* @param principalType the principal type class (must not be {@code null})
* @param realmName the realm name to return, or {@code null} to return the default realm
* @return the realm mapper (not {@code null})
*/
static RealmMapper matchingPrincipalType(Class principalType, String realmName) {
Assert.checkNotNullParam("principalType", principalType);
return matchingPrincipal(principalType::isInstance, realmName);
}
/**
* Create a realm mapper that matches when the given predicate matches the evidence.
*
* @param matchRule the match rule (must not be {@code null})
* @param realmName the realm name to return, or {@code null} to return the default realm
* @return the realm mapper (not {@code null})
*/
static RealmMapper matchingEvidence(Predicate matchRule, String realmName) {
Assert.checkNotNullParam("matchRule", matchRule);
return matching((p, e) -> matchRule.test(e), realmName);
}
/**
* Create a realm mapper that matches when the evidence is of the given type.
*
* @param evidenceType the evidence type class (must not be {@code null})
* @param realmName the realm name to return, or {@code null} to return the default realm
* @return the realm mapper (not {@code null})
*/
static RealmMapper matchingEvidenceType(Class evidenceType, String realmName) {
Assert.checkNotNullParam("evidenceType", evidenceType);
return matchingEvidence(evidenceType::isInstance, realmName);
}
/**
* Create an aggregate realm mapping strategy.
*
* @param mapper1 the first mapper to try (must not be {@code null})
* @param mapper2 the second mapper to try (must not be {@code null})
* @return an aggregated mapper (not {@code null})
*/
static RealmMapper aggregate(RealmMapper mapper1, RealmMapper mapper2) {
Assert.checkNotNullParam("mapper1", mapper1);
Assert.checkNotNullParam("mapper2", mapper2);
return (principal, evidence) -> {
String mapping = mapper1.getRealmMapping(principal, evidence);
if (mapping == null) mapping = mapper2.getRealmMapping(principal, evidence);
return mapping;
};
}
/**
* Create an aggregate realm mapping strategy.
*
* @param mappers the mappers to try (must not be {@code null})
* @return an aggregated mapper (not {@code null})
*/
static RealmMapper aggregate(RealmMapper... mappers) {
Assert.checkNotNullParam("mappers", mappers);
return (principal, evidence) -> {
for (RealmMapper mapper : mappers) if (mapper != null) {
String mapping = mapper.getRealmMapping(principal, evidence);
if (mapping != null) return mapping;
}
return null;
};
}
}