001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2016 ForgeRock AS.
016 */
017package org.opends.server.protocols.ldap;
018
019import java.io.IOException;
020
021import org.forgerock.opendj.io.*;
022import org.opends.server.types.AuthenticationType;
023import org.forgerock.opendj.ldap.ByteString;
024
025import static org.opends.server.protocols.ldap.LDAPConstants.*;
026import static org.opends.server.util.ServerConstants.*;
027
028/**
029 * This class defines the structures and methods for an LDAP bind request
030 * protocol op, which is used to authenticate a user to the Directory Server.
031 */
032public class BindRequestProtocolOp extends ProtocolOp
033{
034
035  /** The bind DN for this request. */
036  private ByteString dn;
037
038  /** The SASL credentials for this request. */
039  private ByteString saslCredentials;
040
041  /** The simple authentication password for this request. */
042  private ByteString simplePassword;
043
044  /** The authentication type for this request. */
045  private AuthenticationType authenticationType;
046
047  /** The protocol version for this bind request. */
048  private int protocolVersion;
049
050  /** The SASL mechanism for this request. */
051  private String saslMechanism;
052
053
054
055  /**
056   * Creates a new bind request protocol op to perform simple authentication
057   * with the provided DN and password.
058   *
059   * @param  dn               The DN for this bind request.
060   * @param  protocolVersion  The LDAP protocol version for this bind request.
061   * @param  simplePassword   The password for this bind request.
062   */
063  public BindRequestProtocolOp(ByteString dn, int protocolVersion,
064                               ByteString simplePassword)
065  {
066    this.dn              = dn;
067    this.protocolVersion = protocolVersion;
068    this.simplePassword  = simplePassword;
069
070    authenticationType = AuthenticationType.SIMPLE;
071    saslMechanism      = null;
072    saslCredentials    = null;
073  }
074
075
076
077  /**
078   * Creates a new bind request protocol op to perform SASL authentication with
079   * the provided information.
080   *
081   * @param  dn               The DN for this bind request.
082   * @param  saslMechanism    The SASL mechanism for this bind request.
083   * @param  saslCredentials  The SASL credentials for this bind request.
084   */
085  public BindRequestProtocolOp(ByteString dn, String saslMechanism,
086                               ByteString saslCredentials)
087  {
088    this.dn              = dn;
089    this.saslMechanism   = saslMechanism;
090    this.saslCredentials = saslCredentials;
091
092    authenticationType = AuthenticationType.SASL;
093    protocolVersion    = 3;
094    simplePassword     = null;
095  }
096
097
098
099  /**
100   * Retrieves the DN for this bind request.
101   *
102   * @return  The DN for this bind request.
103   */
104  public ByteString getDN()
105  {
106    return dn;
107  }
108
109
110
111  /**
112   * Retrieves the protocol version for this bind request.
113   *
114   * @return  The protocol version for this bind request.
115   */
116  public int getProtocolVersion()
117  {
118    return protocolVersion;
119  }
120
121
122
123  /**
124   * Retrieves the authentication type for this bind request.
125   *
126   * @return  The authentication type for this bind request.
127   */
128  public AuthenticationType getAuthenticationType()
129  {
130    return authenticationType;
131  }
132
133
134
135  /**
136   * Retrieves the simple authentication password for this bind request.
137   *
138   * @return  The simple authentication password for this bind request, or
139   *          <CODE>null</CODE> if this is a SASL bind request.
140   */
141  public ByteString getSimplePassword()
142  {
143    return simplePassword;
144  }
145
146
147
148  /**
149   * Retrieves the SASL mechanism for this bind request.
150   *
151   * @return  The SASL mechanism for this bind request, or <CODE>null</CODE> if
152   *          this is a simple bind request.
153   */
154  public String getSASLMechanism()
155  {
156    return saslMechanism;
157  }
158
159
160
161  /**
162   * Retrieves the SASL credentials for this bind request.
163   *
164   * @return  The SASL credentials for this bind request, or <CODE>null</CODE>
165   *          if there are none or if this is a simple bind request.
166   */
167  public ByteString getSASLCredentials()
168  {
169    return saslCredentials;
170  }
171
172
173
174
175  /**
176   * Retrieves the BER type for this protocol op.
177   *
178   * @return  The BER type for this protocol op.
179   */
180  @Override
181  public byte getType()
182  {
183    return OP_TYPE_BIND_REQUEST;
184  }
185
186
187
188  /**
189   * Retrieves the name for this protocol op type.
190   *
191   * @return  The name for this protocol op type.
192   */
193  @Override
194  public String getProtocolOpName()
195  {
196    return "Bind Request";
197  }
198
199  /**
200   * Writes this protocol op to an ASN.1 output stream.
201   *
202   * @param stream The ASN.1 output stream to write to.
203   * @throws IOException If a problem occurs while writing to the stream.
204   */
205  @Override
206  public void write(ASN1Writer stream) throws IOException
207  {
208    stream.writeStartSequence(OP_TYPE_BIND_REQUEST);
209    stream.writeInteger(protocolVersion);
210    stream.writeOctetString(dn);
211
212    if(authenticationType == AuthenticationType.SIMPLE)
213    {
214      stream.writeOctetString(TYPE_AUTHENTICATION_SIMPLE, simplePassword);
215    }
216    else
217    {
218      stream.writeStartSequence(TYPE_AUTHENTICATION_SASL);
219      stream.writeOctetString(saslMechanism);
220      if(saslCredentials != null)
221      {
222        stream.writeOctetString(saslCredentials);
223      }
224      stream.writeEndSequence();
225    }
226
227    stream.writeEndSequence();
228  }
229
230
231  /**
232   * Appends a string representation of this LDAP protocol op to the provided
233   * buffer.
234   *
235   * @param  buffer  The buffer to which the string should be appended.
236   */
237  @Override
238  public void toString(StringBuilder buffer)
239  {
240    buffer.append("BindRequest(version=").append(protocolVersion);
241    buffer.append(", dn=");
242    if (dn != null)
243    {
244      buffer.append(dn);
245    }
246
247    if (authenticationType == AuthenticationType.SIMPLE)
248    {
249      buffer.append(", password=").append(simplePassword);
250    }
251    else
252    {
253      buffer.append(", saslMechanism=").append(saslMechanism);
254
255      if (saslCredentials != null)
256      {
257        buffer.append(", saslCredentials=").append(saslCredentials);
258      }
259    }
260
261    buffer.append(")");
262  }
263
264
265
266  /**
267   * Appends a multi-line string representation of this LDAP protocol op to the
268   * provided buffer.
269   *
270   * @param  buffer  The buffer to which the information should be appended.
271   * @param  indent  The number of spaces from the margin that the lines should
272   *                 be indented.
273   */
274  @Override
275  public void toString(StringBuilder buffer, int indent)
276  {
277    StringBuilder indentBuf = new StringBuilder(indent);
278    for (int i=0 ; i < indent; i++)
279    {
280      indentBuf.append(' ');
281    }
282
283    buffer.append(indentBuf).append("Bind Request").append(EOL);
284    buffer.append(indentBuf).append("  Protocol Version:  ").append(protocolVersion).append(EOL);
285
286    buffer.append(indentBuf).append("  DN:  ");
287    if (dn != null)
288    {
289      buffer.append(dn);
290    }
291    buffer.append(EOL);
292
293    if (authenticationType == AuthenticationType.SIMPLE)
294    {
295      buffer.append(indentBuf).append("  Simple Password:  ").append(simplePassword).append(EOL);
296    }
297    else
298    {
299      buffer.append(indentBuf).append("  SASL Mechanism:  ").append(saslMechanism).append(EOL);
300
301      if (saslCredentials != null)
302      {
303        buffer.append(indentBuf).append("  SASL Credentials:").append(EOL);
304        buffer.append(saslCredentials.toHexPlusAsciiString(indent+4));
305      }
306    }
307  }
308}
309