001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.AdministratorAction;
023import org.forgerock.opendj.config.AggregationPropertyDefinition;
024import org.forgerock.opendj.config.BooleanPropertyDefinition;
025import org.forgerock.opendj.config.ClassPropertyDefinition;
026import org.forgerock.opendj.config.client.ConcurrentModificationException;
027import org.forgerock.opendj.config.client.ManagedObject;
028import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
029import org.forgerock.opendj.config.client.OperationRejectedException;
030import org.forgerock.opendj.config.conditions.Conditions;
031import org.forgerock.opendj.config.DefaultBehaviorProvider;
032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
033import org.forgerock.opendj.config.DurationPropertyDefinition;
034import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
035import org.forgerock.opendj.config.ManagedObjectDefinition;
036import org.forgerock.opendj.config.PropertyOption;
037import org.forgerock.opendj.config.PropertyProvider;
038import org.forgerock.opendj.config.server.ConfigurationChangeListener;
039import org.forgerock.opendj.config.server.ServerManagedObject;
040import org.forgerock.opendj.config.StringPropertyDefinition;
041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
042import org.forgerock.opendj.ldap.DN;
043import org.forgerock.opendj.ldap.LdapException;
044import org.forgerock.opendj.server.config.client.HTTPOauth2CtsAuthorizationMechanismCfgClient;
045import org.forgerock.opendj.server.config.client.IdentityMapperCfgClient;
046import org.forgerock.opendj.server.config.server.HTTPAuthorizationMechanismCfg;
047import org.forgerock.opendj.server.config.server.HTTPOauth2AuthorizationMechanismCfg;
048import org.forgerock.opendj.server.config.server.HTTPOauth2CtsAuthorizationMechanismCfg;
049import org.forgerock.opendj.server.config.server.IdentityMapperCfg;
050
051
052
053/**
054 * An interface for querying the HTTP Oauth2 Cts Authorization
055 * Mechanism managed object definition meta information.
056 * <p>
057 * The HTTP Oauth2 Cts Authorization Mechanism is used to define
058 * OAuth2 authorization through a direct access to the CTS (Core Token
059 * Service).
060 */
061public final class HTTPOauth2CtsAuthorizationMechanismCfgDefn extends ManagedObjectDefinition<HTTPOauth2CtsAuthorizationMechanismCfgClient, HTTPOauth2CtsAuthorizationMechanismCfg> {
062
063  /** The singleton configuration definition instance. */
064  private static final HTTPOauth2CtsAuthorizationMechanismCfgDefn INSTANCE = new HTTPOauth2CtsAuthorizationMechanismCfgDefn();
065
066
067
068  /** The "authzid-json-pointer" property definition. */
069  private static final StringPropertyDefinition PD_AUTHZID_JSON_POINTER;
070
071
072
073  /** The "base-dn" property definition. */
074  private static final StringPropertyDefinition PD_BASE_DN;
075
076
077
078  /** The "java-class" property definition. */
079  private static final ClassPropertyDefinition PD_JAVA_CLASS;
080
081
082
083  /** Build the "authzid-json-pointer" property definition. */
084  static {
085      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "authzid-json-pointer");
086      builder.setOption(PropertyOption.MANDATORY);
087      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "authzid-json-pointer"));
088      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
089      PD_AUTHZID_JSON_POINTER = builder.getInstance();
090      INSTANCE.registerPropertyDefinition(PD_AUTHZID_JSON_POINTER);
091  }
092
093
094
095  /** Build the "base-dn" property definition. */
096  static {
097      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "base-dn");
098      builder.setOption(PropertyOption.MANDATORY);
099      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "base-dn"));
100      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
101      PD_BASE_DN = builder.getInstance();
102      INSTANCE.registerPropertyDefinition(PD_BASE_DN);
103  }
104
105
106
107  /** Build the "java-class" property definition. */
108  static {
109      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
110      builder.setOption(PropertyOption.MANDATORY);
111      builder.setOption(PropertyOption.ADVANCED);
112      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class"));
113      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.http.authz.HttpOAuth2CtsAuthorizationMechanism");
114      builder.setDefaultBehaviorProvider(provider);
115      builder.addInstanceOf("org.opends.server.protocols.http.authz.HttpAuthorizationMechanism");
116      PD_JAVA_CLASS = builder.getInstance();
117      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
118  }
119
120
121
122  /**
123   * Get the HTTP Oauth2 Cts Authorization Mechanism configuration
124   * definition singleton.
125   *
126   * @return Returns the HTTP Oauth2 Cts Authorization Mechanism
127   *         configuration definition singleton.
128   */
129  public static HTTPOauth2CtsAuthorizationMechanismCfgDefn getInstance() {
130    return INSTANCE;
131  }
132
133
134
135  /**
136   * Private constructor.
137   */
138  private HTTPOauth2CtsAuthorizationMechanismCfgDefn() {
139    super("http-oauth2-cts-authorization-mechanism", HTTPOauth2AuthorizationMechanismCfgDefn.getInstance());
140  }
141
142
143
144  /** {@inheritDoc} */
145  public HTTPOauth2CtsAuthorizationMechanismCfgClient createClientConfiguration(
146      ManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfgClient> impl) {
147    return new HTTPOauth2CtsAuthorizationMechanismCfgClientImpl(impl);
148  }
149
150
151
152  /** {@inheritDoc} */
153  public HTTPOauth2CtsAuthorizationMechanismCfg createServerConfiguration(
154      ServerManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfg> impl) {
155    return new HTTPOauth2CtsAuthorizationMechanismCfgServerImpl(impl);
156  }
157
158
159
160  /** {@inheritDoc} */
161  public Class<HTTPOauth2CtsAuthorizationMechanismCfg> getServerConfigurationClass() {
162    return HTTPOauth2CtsAuthorizationMechanismCfg.class;
163  }
164
165
166
167  /**
168   * Get the "access-token-cache-enabled" property definition.
169   * <p>
170   * Indicates whether the HTTP Oauth2 Cts Authorization Mechanism is
171   * enabled for use.
172   *
173   * @return Returns the "access-token-cache-enabled" property definition.
174   */
175  public BooleanPropertyDefinition getAccessTokenCacheEnabledPropertyDefinition() {
176    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getAccessTokenCacheEnabledPropertyDefinition();
177  }
178
179
180
181  /**
182   * Get the "access-token-cache-expiration" property definition.
183   * <p>
184   * Token cache expiration
185   *
186   * @return Returns the "access-token-cache-expiration" property definition.
187   */
188  public DurationPropertyDefinition getAccessTokenCacheExpirationPropertyDefinition() {
189    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getAccessTokenCacheExpirationPropertyDefinition();
190  }
191
192
193
194  /**
195   * Get the "authzid-json-pointer" property definition.
196   * <p>
197   * Specifies the JSON pointer to the value to use as Authorization
198   * ID. The JSON pointer is applied to the resolved access token JSON
199   * document. (example: /uid)
200   *
201   * @return Returns the "authzid-json-pointer" property definition.
202   */
203  public StringPropertyDefinition getAuthzidJsonPointerPropertyDefinition() {
204    return PD_AUTHZID_JSON_POINTER;
205  }
206
207
208
209  /**
210   * Get the "base-dn" property definition.
211   * <p>
212   * The base DN of the Core Token Service where access token are
213   * stored. (example:
214   * ou=famrecords,ou=openam-session,ou=tokens,dc=example,dc=com)
215   *
216   * @return Returns the "base-dn" property definition.
217   */
218  public StringPropertyDefinition getBaseDNPropertyDefinition() {
219    return PD_BASE_DN;
220  }
221
222
223
224  /**
225   * Get the "enabled" property definition.
226   * <p>
227   * Indicates whether the HTTP Oauth2 Cts Authorization Mechanism is
228   * enabled.
229   *
230   * @return Returns the "enabled" property definition.
231   */
232  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
233    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getEnabledPropertyDefinition();
234  }
235
236
237
238  /**
239   * Get the "identity-mapper" property definition.
240   * <p>
241   * > Specifies the name of the identity mapper to use in conjunction
242   * with the authzid-json-pointer to get the user corresponding to the
243   * acccess-token.
244   *
245   * @return Returns the "identity-mapper" property definition.
246   */
247  public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() {
248    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getIdentityMapperPropertyDefinition();
249  }
250
251
252
253  /**
254   * Get the "java-class" property definition.
255   * <p>
256   * Specifies the fully-qualified name of the Java class that
257   * provides the HTTP Oauth2 Cts Authorization Mechanism
258   * implementation.
259   *
260   * @return Returns the "java-class" property definition.
261   */
262  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
263    return PD_JAVA_CLASS;
264  }
265
266
267
268  /**
269   * Get the "required-scope" property definition.
270   * <p>
271   * Scopes required to grant access to the service.
272   *
273   * @return Returns the "required-scope" property definition.
274   */
275  public StringPropertyDefinition getRequiredScopePropertyDefinition() {
276    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getRequiredScopePropertyDefinition();
277  }
278
279
280
281  /**
282   * Managed object client implementation.
283   */
284  private static class HTTPOauth2CtsAuthorizationMechanismCfgClientImpl implements
285    HTTPOauth2CtsAuthorizationMechanismCfgClient {
286
287    /** Private implementation. */
288    private ManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfgClient> impl;
289
290
291
292    /** Private constructor. */
293    private HTTPOauth2CtsAuthorizationMechanismCfgClientImpl(
294        ManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfgClient> impl) {
295      this.impl = impl;
296    }
297
298
299
300    /** {@inheritDoc} */
301    public boolean isAccessTokenCacheEnabled() {
302      return impl.getPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition());
303    }
304
305
306
307    /** {@inheritDoc} */
308    public void setAccessTokenCacheEnabled(boolean value) {
309      impl.setPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition(), value);
310    }
311
312
313
314    /** {@inheritDoc} */
315    public Long getAccessTokenCacheExpiration() {
316      return impl.getPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition());
317    }
318
319
320
321    /** {@inheritDoc} */
322    public void setAccessTokenCacheExpiration(Long value) {
323      impl.setPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition(), value);
324    }
325
326
327
328    /** {@inheritDoc} */
329    public String getAuthzidJsonPointer() {
330      return impl.getPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition());
331    }
332
333
334
335    /** {@inheritDoc} */
336    public void setAuthzidJsonPointer(String value) {
337      impl.setPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition(), value);
338    }
339
340
341
342    /** {@inheritDoc} */
343    public String getBaseDN() {
344      return impl.getPropertyValue(INSTANCE.getBaseDNPropertyDefinition());
345    }
346
347
348
349    /** {@inheritDoc} */
350    public void setBaseDN(String value) {
351      impl.setPropertyValue(INSTANCE.getBaseDNPropertyDefinition(), value);
352    }
353
354
355
356    /** {@inheritDoc} */
357    public Boolean isEnabled() {
358      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
359    }
360
361
362
363    /** {@inheritDoc} */
364    public void setEnabled(boolean value) {
365      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
366    }
367
368
369
370    /** {@inheritDoc} */
371    public String getIdentityMapper() {
372      return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
373    }
374
375
376
377    /** {@inheritDoc} */
378    public void setIdentityMapper(String value) {
379      impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value);
380    }
381
382
383
384    /** {@inheritDoc} */
385    public String getJavaClass() {
386      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
387    }
388
389
390
391    /** {@inheritDoc} */
392    public void setJavaClass(String value) {
393      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
394    }
395
396
397
398    /** {@inheritDoc} */
399    public SortedSet<String> getRequiredScope() {
400      return impl.getPropertyValues(INSTANCE.getRequiredScopePropertyDefinition());
401    }
402
403
404
405    /** {@inheritDoc} */
406    public void setRequiredScope(Collection<String> values) {
407      impl.setPropertyValues(INSTANCE.getRequiredScopePropertyDefinition(), values);
408    }
409
410
411
412    /** {@inheritDoc} */
413    public ManagedObjectDefinition<? extends HTTPOauth2CtsAuthorizationMechanismCfgClient, ? extends HTTPOauth2CtsAuthorizationMechanismCfg> definition() {
414      return INSTANCE;
415    }
416
417
418
419    /** {@inheritDoc} */
420    public PropertyProvider properties() {
421      return impl;
422    }
423
424
425
426    /** {@inheritDoc} */
427    public void commit() throws ManagedObjectAlreadyExistsException,
428        MissingMandatoryPropertiesException, ConcurrentModificationException,
429        OperationRejectedException, LdapException {
430      impl.commit();
431    }
432
433
434
435    /** {@inheritDoc} */
436    public String toString() {
437      return impl.toString();
438    }
439  }
440
441
442
443  /**
444   * Managed object server implementation.
445   */
446  private static class HTTPOauth2CtsAuthorizationMechanismCfgServerImpl implements
447    HTTPOauth2CtsAuthorizationMechanismCfg {
448
449    /** Private implementation. */
450    private ServerManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfg> impl;
451
452    /** The value of the "access-token-cache-enabled" property. */
453    private final boolean pAccessTokenCacheEnabled;
454
455    /** The value of the "access-token-cache-expiration" property. */
456    private final Long pAccessTokenCacheExpiration;
457
458    /** The value of the "authzid-json-pointer" property. */
459    private final String pAuthzidJsonPointer;
460
461    /** The value of the "base-dn" property. */
462    private final String pBaseDN;
463
464    /** The value of the "enabled" property. */
465    private final boolean pEnabled;
466
467    /** The value of the "identity-mapper" property. */
468    private final String pIdentityMapper;
469
470    /** The value of the "java-class" property. */
471    private final String pJavaClass;
472
473    /** The value of the "required-scope" property. */
474    private final SortedSet<String> pRequiredScope;
475
476
477
478    /** Private constructor. */
479    private HTTPOauth2CtsAuthorizationMechanismCfgServerImpl(ServerManagedObject<? extends HTTPOauth2CtsAuthorizationMechanismCfg> impl) {
480      this.impl = impl;
481      this.pAccessTokenCacheEnabled = impl.getPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition());
482      this.pAccessTokenCacheExpiration = impl.getPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition());
483      this.pAuthzidJsonPointer = impl.getPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition());
484      this.pBaseDN = impl.getPropertyValue(INSTANCE.getBaseDNPropertyDefinition());
485      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
486      this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
487      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
488      this.pRequiredScope = impl.getPropertyValues(INSTANCE.getRequiredScopePropertyDefinition());
489    }
490
491
492
493    /** {@inheritDoc} */
494    public void addHTTPOauth2CtsAuthorizationMechanismChangeListener(
495        ConfigurationChangeListener<HTTPOauth2CtsAuthorizationMechanismCfg> listener) {
496      impl.registerChangeListener(listener);
497    }
498
499
500
501    /** {@inheritDoc} */
502    public void removeHTTPOauth2CtsAuthorizationMechanismChangeListener(
503        ConfigurationChangeListener<HTTPOauth2CtsAuthorizationMechanismCfg> listener) {
504      impl.deregisterChangeListener(listener);
505    }
506    /** {@inheritDoc} */
507    public void addHTTPOauth2AuthorizationMechanismChangeListener(
508        ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener) {
509      impl.registerChangeListener(listener);
510    }
511
512
513
514    /** {@inheritDoc} */
515    public void removeHTTPOauth2AuthorizationMechanismChangeListener(
516        ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener) {
517      impl.deregisterChangeListener(listener);
518    }
519    /** {@inheritDoc} */
520    public void addChangeListener(
521        ConfigurationChangeListener<HTTPAuthorizationMechanismCfg> listener) {
522      impl.registerChangeListener(listener);
523    }
524
525
526
527    /** {@inheritDoc} */
528    public void removeChangeListener(
529        ConfigurationChangeListener<HTTPAuthorizationMechanismCfg> listener) {
530      impl.deregisterChangeListener(listener);
531    }
532
533
534
535    /** {@inheritDoc} */
536    public boolean isAccessTokenCacheEnabled() {
537      return pAccessTokenCacheEnabled;
538    }
539
540
541
542    /** {@inheritDoc} */
543    public Long getAccessTokenCacheExpiration() {
544      return pAccessTokenCacheExpiration;
545    }
546
547
548
549    /** {@inheritDoc} */
550    public String getAuthzidJsonPointer() {
551      return pAuthzidJsonPointer;
552    }
553
554
555
556    /** {@inheritDoc} */
557    public String getBaseDN() {
558      return pBaseDN;
559    }
560
561
562
563    /** {@inheritDoc} */
564    public boolean isEnabled() {
565      return pEnabled;
566    }
567
568
569
570    /** {@inheritDoc} */
571    public String getIdentityMapper() {
572      return pIdentityMapper;
573    }
574
575
576
577    /**
578     * {@inheritDoc}
579     */
580    public DN getIdentityMapperDN() {
581      String value = getIdentityMapper();
582      if (value == null) return null;
583      return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value);
584    }
585
586
587
588    /** {@inheritDoc} */
589    public String getJavaClass() {
590      return pJavaClass;
591    }
592
593
594
595    /** {@inheritDoc} */
596    public SortedSet<String> getRequiredScope() {
597      return pRequiredScope;
598    }
599
600
601
602    /** {@inheritDoc} */
603    public Class<? extends HTTPOauth2CtsAuthorizationMechanismCfg> configurationClass() {
604      return HTTPOauth2CtsAuthorizationMechanismCfg.class;
605    }
606
607
608
609    /** {@inheritDoc} */
610    public DN dn() {
611      return impl.getDN();
612    }
613
614
615
616    /** {@inheritDoc} */
617    public String toString() {
618      return impl.toString();
619    }
620  }
621}