001/*
002 * Copyright 2017-2020 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2017-2020 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2017-2020 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.listener;
037
038
039
040import java.util.Arrays;
041import java.util.List;
042
043import com.unboundid.ldap.sdk.LDAPException;
044import com.unboundid.ldap.sdk.Modification;
045import com.unboundid.ldap.sdk.ReadOnlyEntry;
046import com.unboundid.util.ThreadSafety;
047import com.unboundid.util.ThreadSafetyLevel;
048
049
050
051/**
052 * This class provides an implementation of an in-memory directory server
053 * password encoder that leaves the password in the clear.  This doesn't provide
054 * any more protection than leaving passwords unencoded, but it does make it
055 * possible to store these passwords with a prefix, and to use an optional
056 * output format (e.g., to format the clear-text value in base64 or
057 * hexadecimal).
058 */
059@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
060public final class ClearInMemoryPasswordEncoder
061       extends InMemoryPasswordEncoder
062{
063  /**
064   * Creates a new instance of this in-memory directory server password encoder
065   * with the provided information.
066   *
067   * @param  prefix           The string that will appear at the beginning of
068   *                          encoded passwords.  It must not be {@code null} or
069   *                          empty.
070   * @param  outputFormatter  The output formatter that will be used to format
071   *                          the encoded representation of clear-text
072   *                          passwords.  It may be {@code null} if no
073   *                          special formatting should be applied to the raw
074   *                          bytes.
075   */
076  public ClearInMemoryPasswordEncoder(final String prefix,
077              final PasswordEncoderOutputFormatter outputFormatter)
078  {
079    super(prefix, outputFormatter);
080  }
081
082
083
084  /**
085   * {@inheritDoc}
086   */
087  @Override()
088  protected byte[] encodePassword(final byte[] clearPassword,
089                                  final ReadOnlyEntry userEntry,
090                                  final List<Modification> modifications)
091            throws LDAPException
092  {
093    return clearPassword;
094  }
095
096
097
098  /**
099   * {@inheritDoc}
100   */
101  @Override()
102  protected void ensurePreEncodedPasswordAppearsValid(
103                      final byte[] unPrefixedUnFormattedEncodedPasswordBytes,
104                      final ReadOnlyEntry userEntry,
105                      final List<Modification> modifications)
106            throws LDAPException
107  {
108    // No validation is required.
109  }
110
111
112
113  /**
114   * {@inheritDoc}
115   */
116  @Override()
117  protected boolean passwordMatches(final byte[] clearPasswordBytes,
118                         final byte[] unPrefixedUnFormattedEncodedPasswordBytes,
119                         final ReadOnlyEntry userEntry)
120            throws LDAPException
121  {
122    return Arrays.equals(clearPasswordBytes,
123         unPrefixedUnFormattedEncodedPasswordBytes);
124  }
125
126
127
128  /**
129   * {@inheritDoc}
130   */
131  @Override()
132  protected byte[] extractClearPassword(
133                 final byte[] unPrefixedUnFormattedEncodedPasswordBytes,
134                 final ReadOnlyEntry userEntry)
135            throws LDAPException
136  {
137    return unPrefixedUnFormattedEncodedPasswordBytes;
138  }
139
140
141
142  /**
143   * {@inheritDoc}
144   */
145  @Override()
146  public void toString(final StringBuilder buffer)
147  {
148    buffer.append("ClearInMemoryPasswordEncoder(prefix='");
149    buffer.append(getPrefix());
150    buffer.append("', outputFormatter=");
151
152    final PasswordEncoderOutputFormatter outputFormatter =
153         getOutputFormatter();
154    if (outputFormatter == null)
155    {
156      buffer.append("null");
157    }
158    else
159    {
160      outputFormatter.toString(buffer);
161    }
162
163    buffer.append(')');
164  }
165}