001/* 002 * Copyright 2015-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2015-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2015-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.extensions; 037 038 039 040import com.unboundid.asn1.ASN1Element; 041import com.unboundid.asn1.ASN1OctetString; 042import com.unboundid.asn1.ASN1Sequence; 043import com.unboundid.ldap.sdk.Control; 044import com.unboundid.ldap.sdk.ExtendedRequest; 045import com.unboundid.ldap.sdk.LDAPException; 046import com.unboundid.ldap.sdk.ResultCode; 047import com.unboundid.util.Debug; 048import com.unboundid.util.NotMutable; 049import com.unboundid.util.StaticUtils; 050import com.unboundid.util.ThreadSafety; 051import com.unboundid.util.ThreadSafetyLevel; 052import com.unboundid.util.Validator; 053 054import static com.unboundid.ldap.sdk.unboundidds.extensions.ExtOpMessages.*; 055 056 057 058/** 059 * This class provides an implementation of an extended request that can be used 060 * to consume a single-use token that was generated and provided to the user 061 * through the deliver single-use token extended operation. Once a token has 062 * been consumed, it cannot be used again, although a new token can be generated 063 * and delivered to the user if necessary. 064 * <BR> 065 * <BLOCKQUOTE> 066 * <B>NOTE:</B> This class, and other classes within the 067 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 068 * supported for use against Ping Identity, UnboundID, and 069 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 070 * for proprietary functionality or for external specifications that are not 071 * considered stable or mature enough to be guaranteed to work in an 072 * interoperable way with other types of LDAP servers. 073 * </BLOCKQUOTE> 074 * <BR> 075 * This extended request has an OID of "1.3.6.1.4.1.30221.2.6.51" and it must 076 * have a value with the following encoding: 077 * <PRE> 078 * ConsumeSingleUseTokenRequestValue ::= SEQUENCE { 079 * userDN LDAPDN, 080 * tokenID OCTET STRING, 081 * tokenValue OCTET STRING 082 * ... } 083 * </PRE> 084 * 085 * @see DeliverSingleUseTokenExtendedResult 086 */ 087@NotMutable() 088@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 089public final class ConsumeSingleUseTokenExtendedRequest 090 extends ExtendedRequest 091{ 092 /** 093 * The OID (1.3.6.1.4.1.30221.2.6.51) for the consume single-use token 094 * extended request. 095 */ 096 public static final String CONSUME_SINGLE_USE_TOKEN_REQUEST_OID = 097 "1.3.6.1.4.1.30221.2.6.51"; 098 099 100 101 /** 102 * The serial version UID for this serializable class. 103 */ 104 private static final long serialVersionUID = -3162206445662323272L; 105 106 107 108 // The identifier for the token to consume. 109 private final String tokenID; 110 111 // The value for the single-use token to consume. 112 private final String tokenValue; 113 114 // The DN of the user whose account contains the token to consume. 115 private final String userDN; 116 117 118 119 /** 120 * Creates a new consume single-use token extended request with the provided 121 * information. 122 * 123 * @param userDN The DN of the user whose account contains the token to 124 * consume. It must not be {@code null}. 125 * @param tokenID The identifier for the token to consume. It must not 126 * be {@code null}. 127 * @param tokenValue The value for the single-use token to consume. It 128 * must not be {@code null}. 129 * @param controls An optional set of controls to include in the request. 130 * It may be {@code null} or empty if no controls are 131 * required. 132 */ 133 public ConsumeSingleUseTokenExtendedRequest(final String userDN, 134 final String tokenID, 135 final String tokenValue, 136 final Control... controls) 137 { 138 super(CONSUME_SINGLE_USE_TOKEN_REQUEST_OID, 139 encodeValue(userDN, tokenID, tokenValue), 140 controls); 141 142 this.userDN = userDN; 143 this.tokenID = tokenID; 144 this.tokenValue = tokenValue; 145 } 146 147 148 149 /** 150 * Decodes the provided extended request as a consume single-use token 151 * extended request. 152 * 153 * @param request The extended request to decode as a consume single-use 154 * token extended request. 155 * 156 * @throws LDAPException If the provided extended request cannot be decoded 157 * as a consume single-use token request. 158 */ 159 public ConsumeSingleUseTokenExtendedRequest(final ExtendedRequest request) 160 throws LDAPException 161 { 162 super(request); 163 164 final ASN1OctetString value = request.getValue(); 165 if (value == null) 166 { 167 throw new LDAPException(ResultCode.DECODING_ERROR, 168 ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_NO_VALUE.get()); 169 } 170 171 try 172 { 173 final ASN1Element[] elements = 174 ASN1Sequence.decodeAsSequence(value.getValue()).elements(); 175 userDN = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue(); 176 tokenID = ASN1OctetString.decodeAsOctetString(elements[1]).stringValue(); 177 tokenValue = 178 ASN1OctetString.decodeAsOctetString(elements[2]).stringValue(); 179 } 180 catch (final Exception e) 181 { 182 Debug.debugException(e); 183 throw new LDAPException(ResultCode.DECODING_ERROR, 184 ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_CANNOT_DECODE.get( 185 StaticUtils.getExceptionMessage(e)), 186 e); 187 } 188 } 189 190 191 192 /** 193 * Encodes the provided information into an ASN.1 octet string suitable for 194 * use as the value of the extended request. 195 * 196 * @param userDN The DN of the user whose account contains the token to 197 * consume. It must not be {@code null}. 198 * @param tokenID The identifier for the token to consume. It must not 199 * be {@code null}. 200 * @param tokenValue The value for the single-use token to consume. It 201 * must not be {@code null}. 202 * 203 * @return An ASN.1 octet string containing the encoded value. 204 */ 205 private static ASN1OctetString encodeValue(final String userDN, 206 final String tokenID, final String tokenValue) 207 { 208 Validator.ensureNotNull(userDN); 209 Validator.ensureNotNull(tokenID); 210 Validator.ensureNotNull(tokenValue); 211 212 final ASN1Sequence valueSequence = new ASN1Sequence( 213 new ASN1OctetString(userDN), 214 new ASN1OctetString(tokenID), 215 new ASN1OctetString(tokenValue)); 216 return new ASN1OctetString(valueSequence.encode()); 217 } 218 219 220 221 /** 222 * Retrieves the DN of the user whose account contains the token to consume. 223 * 224 * @return The DN of the user whose account contains the token to consume. 225 */ 226 public String getUserDN() 227 { 228 return userDN; 229 } 230 231 232 233 /** 234 * Retrieves the identifier for the token to consume. 235 * 236 * @return The identifier for the token to consume. 237 */ 238 public String getTokenID() 239 { 240 return tokenID; 241 } 242 243 244 245 /** 246 * Retrieves the value for the token to consume. 247 * 248 * @return The value for the token to consume. 249 */ 250 public String getTokenValue() 251 { 252 return tokenValue; 253 } 254 255 256 257 /** 258 * {@inheritDoc}. 259 */ 260 @Override() 261 public ConsumeSingleUseTokenExtendedRequest duplicate() 262 { 263 return duplicate(getControls()); 264 } 265 266 267 268 /** 269 * {@inheritDoc}. 270 */ 271 @Override() 272 public ConsumeSingleUseTokenExtendedRequest duplicate( 273 final Control[] controls) 274 { 275 final ConsumeSingleUseTokenExtendedRequest r = 276 new ConsumeSingleUseTokenExtendedRequest(userDN, tokenID, tokenValue, 277 controls); 278 r.setResponseTimeoutMillis(getResponseTimeoutMillis(null)); 279 return r; 280 } 281 282 283 284 /** 285 * {@inheritDoc} 286 */ 287 @Override() 288 public String getExtendedRequestName() 289 { 290 return INFO_EXTENDED_REQUEST_NAME_CONSUME_SINGLE_USE_TOKEN.get(); 291 } 292 293 294 295 /** 296 * {@inheritDoc} 297 */ 298 @Override() 299 public void toString(final StringBuilder buffer) 300 { 301 buffer.append("ConsumeSingleUseTokenExtendedRequest(userDN='"); 302 buffer.append(userDN); 303 buffer.append("', tokenID='"); 304 buffer.append(tokenID); 305 buffer.append('\''); 306 307 final Control[] controls = getControls(); 308 if (controls.length > 0) 309 { 310 buffer.append(", controls={"); 311 for (int i=0; i < controls.length; i++) 312 { 313 if (i > 0) 314 { 315 buffer.append(", "); 316 } 317 318 buffer.append(controls[i]); 319 } 320 buffer.append('}'); 321 } 322 323 buffer.append(')'); 324 } 325}