001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.AdministratorAction;
023import org.forgerock.opendj.config.AggregationPropertyDefinition;
024import org.forgerock.opendj.config.BooleanPropertyDefinition;
025import org.forgerock.opendj.config.ClassPropertyDefinition;
026import org.forgerock.opendj.config.client.ConcurrentModificationException;
027import org.forgerock.opendj.config.client.ManagedObject;
028import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
029import org.forgerock.opendj.config.client.OperationRejectedException;
030import org.forgerock.opendj.config.conditions.Conditions;
031import org.forgerock.opendj.config.DefaultBehaviorProvider;
032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
033import org.forgerock.opendj.config.DurationPropertyDefinition;
034import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
035import org.forgerock.opendj.config.ManagedObjectDefinition;
036import org.forgerock.opendj.config.PropertyOption;
037import org.forgerock.opendj.config.PropertyProvider;
038import org.forgerock.opendj.config.server.ConfigurationChangeListener;
039import org.forgerock.opendj.config.server.ServerManagedObject;
040import org.forgerock.opendj.config.StringPropertyDefinition;
041import org.forgerock.opendj.ldap.DN;
042import org.forgerock.opendj.ldap.LdapException;
043import org.forgerock.opendj.server.config.client.HTTPOauth2FileAuthorizationMechanismCfgClient;
044import org.forgerock.opendj.server.config.client.IdentityMapperCfgClient;
045import org.forgerock.opendj.server.config.server.HTTPAuthorizationMechanismCfg;
046import org.forgerock.opendj.server.config.server.HTTPOauth2AuthorizationMechanismCfg;
047import org.forgerock.opendj.server.config.server.HTTPOauth2FileAuthorizationMechanismCfg;
048import org.forgerock.opendj.server.config.server.IdentityMapperCfg;
049
050
051
052/**
053 * An interface for querying the HTTP Oauth2 File Authorization
054 * Mechanism managed object definition meta information.
055 * <p>
056 * The HTTP Oauth2 File Authorization Mechanism is used to define
057 * OAuth2 authorization through a file based access-token resolution.
058 * For test purpose only, this mechanism is looking up for JSON
059 * access-token files under the specified path.
060 */
061public final class HTTPOauth2FileAuthorizationMechanismCfgDefn extends ManagedObjectDefinition<HTTPOauth2FileAuthorizationMechanismCfgClient, HTTPOauth2FileAuthorizationMechanismCfg> {
062
063  /** The singleton configuration definition instance. */
064  private static final HTTPOauth2FileAuthorizationMechanismCfgDefn INSTANCE = new HTTPOauth2FileAuthorizationMechanismCfgDefn();
065
066
067
068  /** The "access-token-directory" property definition. */
069  private static final StringPropertyDefinition PD_ACCESS_TOKEN_DIRECTORY;
070
071
072
073  /** The "java-class" property definition. */
074  private static final ClassPropertyDefinition PD_JAVA_CLASS;
075
076
077
078  /** Build the "access-token-directory" property definition. */
079  static {
080      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "access-token-directory");
081      builder.setOption(PropertyOption.MANDATORY);
082      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "access-token-directory"));
083      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("oauth2-demo/");
084      builder.setDefaultBehaviorProvider(provider);
085      PD_ACCESS_TOKEN_DIRECTORY = builder.getInstance();
086      INSTANCE.registerPropertyDefinition(PD_ACCESS_TOKEN_DIRECTORY);
087  }
088
089
090
091  /** Build the "java-class" property definition. */
092  static {
093      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
094      builder.setOption(PropertyOption.MANDATORY);
095      builder.setOption(PropertyOption.ADVANCED);
096      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class"));
097      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.http.authz.HttpOAuth2FileAuthorizationMechanism");
098      builder.setDefaultBehaviorProvider(provider);
099      builder.addInstanceOf("org.opends.server.protocols.http.authz.HttpAuthorizationMechanism");
100      PD_JAVA_CLASS = builder.getInstance();
101      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
102  }
103
104
105
106  /**
107   * Get the HTTP Oauth2 File Authorization Mechanism configuration
108   * definition singleton.
109   *
110   * @return Returns the HTTP Oauth2 File Authorization Mechanism
111   *         configuration definition singleton.
112   */
113  public static HTTPOauth2FileAuthorizationMechanismCfgDefn getInstance() {
114    return INSTANCE;
115  }
116
117
118
119  /**
120   * Private constructor.
121   */
122  private HTTPOauth2FileAuthorizationMechanismCfgDefn() {
123    super("http-oauth2-file-authorization-mechanism", HTTPOauth2AuthorizationMechanismCfgDefn.getInstance());
124  }
125
126
127
128  /** {@inheritDoc} */
129  public HTTPOauth2FileAuthorizationMechanismCfgClient createClientConfiguration(
130      ManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfgClient> impl) {
131    return new HTTPOauth2FileAuthorizationMechanismCfgClientImpl(impl);
132  }
133
134
135
136  /** {@inheritDoc} */
137  public HTTPOauth2FileAuthorizationMechanismCfg createServerConfiguration(
138      ServerManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfg> impl) {
139    return new HTTPOauth2FileAuthorizationMechanismCfgServerImpl(impl);
140  }
141
142
143
144  /** {@inheritDoc} */
145  public Class<HTTPOauth2FileAuthorizationMechanismCfg> getServerConfigurationClass() {
146    return HTTPOauth2FileAuthorizationMechanismCfg.class;
147  }
148
149
150
151  /**
152   * Get the "access-token-cache-enabled" property definition.
153   * <p>
154   * Indicates whether the HTTP Oauth2 File Authorization Mechanism is
155   * enabled for use.
156   *
157   * @return Returns the "access-token-cache-enabled" property definition.
158   */
159  public BooleanPropertyDefinition getAccessTokenCacheEnabledPropertyDefinition() {
160    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getAccessTokenCacheEnabledPropertyDefinition();
161  }
162
163
164
165  /**
166   * Get the "access-token-cache-expiration" property definition.
167   * <p>
168   * Token cache expiration
169   *
170   * @return Returns the "access-token-cache-expiration" property definition.
171   */
172  public DurationPropertyDefinition getAccessTokenCacheExpirationPropertyDefinition() {
173    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getAccessTokenCacheExpirationPropertyDefinition();
174  }
175
176
177
178  /**
179   * Get the "access-token-directory" property definition.
180   * <p>
181   * Directory containing token files. File names must be equal to the
182   * token strings. The file content must a JSON object with the
183   * following attributes: 'scope', 'expireTime' and all the field(s)
184   * needed to resolve the authzIdTemplate.
185   *
186   * @return Returns the "access-token-directory" property definition.
187   */
188  public StringPropertyDefinition getAccessTokenDirectoryPropertyDefinition() {
189    return PD_ACCESS_TOKEN_DIRECTORY;
190  }
191
192
193
194  /**
195   * Get the "authzid-json-pointer" property definition.
196   * <p>
197   * Specifies the JSON pointer to the value to use as Authorization
198   * ID. The JSON pointer is applied to the resolved access token JSON
199   * document. (example: /uid)
200   *
201   * @return Returns the "authzid-json-pointer" property definition.
202   */
203  public StringPropertyDefinition getAuthzidJsonPointerPropertyDefinition() {
204    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getAuthzidJsonPointerPropertyDefinition();
205  }
206
207
208
209  /**
210   * Get the "enabled" property definition.
211   * <p>
212   * Indicates whether the HTTP Oauth2 File Authorization Mechanism is
213   * enabled.
214   *
215   * @return Returns the "enabled" property definition.
216   */
217  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
218    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getEnabledPropertyDefinition();
219  }
220
221
222
223  /**
224   * Get the "identity-mapper" property definition.
225   * <p>
226   * > Specifies the name of the identity mapper to use in conjunction
227   * with the authzid-json-pointer to get the user corresponding to the
228   * acccess-token.
229   *
230   * @return Returns the "identity-mapper" property definition.
231   */
232  public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() {
233    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getIdentityMapperPropertyDefinition();
234  }
235
236
237
238  /**
239   * Get the "java-class" property definition.
240   * <p>
241   * Specifies the fully-qualified name of the Java class that
242   * provides the HTTP Oauth2 File Authorization Mechanism
243   * implementation.
244   *
245   * @return Returns the "java-class" property definition.
246   */
247  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
248    return PD_JAVA_CLASS;
249  }
250
251
252
253  /**
254   * Get the "required-scope" property definition.
255   * <p>
256   * Scopes required to grant access to the service.
257   *
258   * @return Returns the "required-scope" property definition.
259   */
260  public StringPropertyDefinition getRequiredScopePropertyDefinition() {
261    return HTTPOauth2AuthorizationMechanismCfgDefn.getInstance().getRequiredScopePropertyDefinition();
262  }
263
264
265
266  /**
267   * Managed object client implementation.
268   */
269  private static class HTTPOauth2FileAuthorizationMechanismCfgClientImpl implements
270    HTTPOauth2FileAuthorizationMechanismCfgClient {
271
272    /** Private implementation. */
273    private ManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfgClient> impl;
274
275
276
277    /** Private constructor. */
278    private HTTPOauth2FileAuthorizationMechanismCfgClientImpl(
279        ManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfgClient> impl) {
280      this.impl = impl;
281    }
282
283
284
285    /** {@inheritDoc} */
286    public boolean isAccessTokenCacheEnabled() {
287      return impl.getPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition());
288    }
289
290
291
292    /** {@inheritDoc} */
293    public void setAccessTokenCacheEnabled(boolean value) {
294      impl.setPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition(), value);
295    }
296
297
298
299    /** {@inheritDoc} */
300    public Long getAccessTokenCacheExpiration() {
301      return impl.getPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition());
302    }
303
304
305
306    /** {@inheritDoc} */
307    public void setAccessTokenCacheExpiration(Long value) {
308      impl.setPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition(), value);
309    }
310
311
312
313    /** {@inheritDoc} */
314    public String getAccessTokenDirectory() {
315      return impl.getPropertyValue(INSTANCE.getAccessTokenDirectoryPropertyDefinition());
316    }
317
318
319
320    /** {@inheritDoc} */
321    public void setAccessTokenDirectory(String value) {
322      impl.setPropertyValue(INSTANCE.getAccessTokenDirectoryPropertyDefinition(), value);
323    }
324
325
326
327    /** {@inheritDoc} */
328    public String getAuthzidJsonPointer() {
329      return impl.getPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition());
330    }
331
332
333
334    /** {@inheritDoc} */
335    public void setAuthzidJsonPointer(String value) {
336      impl.setPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition(), value);
337    }
338
339
340
341    /** {@inheritDoc} */
342    public Boolean isEnabled() {
343      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
344    }
345
346
347
348    /** {@inheritDoc} */
349    public void setEnabled(boolean value) {
350      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
351    }
352
353
354
355    /** {@inheritDoc} */
356    public String getIdentityMapper() {
357      return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
358    }
359
360
361
362    /** {@inheritDoc} */
363    public void setIdentityMapper(String value) {
364      impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value);
365    }
366
367
368
369    /** {@inheritDoc} */
370    public String getJavaClass() {
371      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
372    }
373
374
375
376    /** {@inheritDoc} */
377    public void setJavaClass(String value) {
378      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
379    }
380
381
382
383    /** {@inheritDoc} */
384    public SortedSet<String> getRequiredScope() {
385      return impl.getPropertyValues(INSTANCE.getRequiredScopePropertyDefinition());
386    }
387
388
389
390    /** {@inheritDoc} */
391    public void setRequiredScope(Collection<String> values) {
392      impl.setPropertyValues(INSTANCE.getRequiredScopePropertyDefinition(), values);
393    }
394
395
396
397    /** {@inheritDoc} */
398    public ManagedObjectDefinition<? extends HTTPOauth2FileAuthorizationMechanismCfgClient, ? extends HTTPOauth2FileAuthorizationMechanismCfg> definition() {
399      return INSTANCE;
400    }
401
402
403
404    /** {@inheritDoc} */
405    public PropertyProvider properties() {
406      return impl;
407    }
408
409
410
411    /** {@inheritDoc} */
412    public void commit() throws ManagedObjectAlreadyExistsException,
413        MissingMandatoryPropertiesException, ConcurrentModificationException,
414        OperationRejectedException, LdapException {
415      impl.commit();
416    }
417
418
419
420    /** {@inheritDoc} */
421    public String toString() {
422      return impl.toString();
423    }
424  }
425
426
427
428  /**
429   * Managed object server implementation.
430   */
431  private static class HTTPOauth2FileAuthorizationMechanismCfgServerImpl implements
432    HTTPOauth2FileAuthorizationMechanismCfg {
433
434    /** Private implementation. */
435    private ServerManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfg> impl;
436
437    /** The value of the "access-token-cache-enabled" property. */
438    private final boolean pAccessTokenCacheEnabled;
439
440    /** The value of the "access-token-cache-expiration" property. */
441    private final Long pAccessTokenCacheExpiration;
442
443    /** The value of the "access-token-directory" property. */
444    private final String pAccessTokenDirectory;
445
446    /** The value of the "authzid-json-pointer" property. */
447    private final String pAuthzidJsonPointer;
448
449    /** The value of the "enabled" property. */
450    private final boolean pEnabled;
451
452    /** The value of the "identity-mapper" property. */
453    private final String pIdentityMapper;
454
455    /** The value of the "java-class" property. */
456    private final String pJavaClass;
457
458    /** The value of the "required-scope" property. */
459    private final SortedSet<String> pRequiredScope;
460
461
462
463    /** Private constructor. */
464    private HTTPOauth2FileAuthorizationMechanismCfgServerImpl(ServerManagedObject<? extends HTTPOauth2FileAuthorizationMechanismCfg> impl) {
465      this.impl = impl;
466      this.pAccessTokenCacheEnabled = impl.getPropertyValue(INSTANCE.getAccessTokenCacheEnabledPropertyDefinition());
467      this.pAccessTokenCacheExpiration = impl.getPropertyValue(INSTANCE.getAccessTokenCacheExpirationPropertyDefinition());
468      this.pAccessTokenDirectory = impl.getPropertyValue(INSTANCE.getAccessTokenDirectoryPropertyDefinition());
469      this.pAuthzidJsonPointer = impl.getPropertyValue(INSTANCE.getAuthzidJsonPointerPropertyDefinition());
470      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
471      this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
472      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
473      this.pRequiredScope = impl.getPropertyValues(INSTANCE.getRequiredScopePropertyDefinition());
474    }
475
476
477
478    /** {@inheritDoc} */
479    public void addHTTPOauth2FileAuthorizationMechanismChangeListener(
480        ConfigurationChangeListener<HTTPOauth2FileAuthorizationMechanismCfg> listener) {
481      impl.registerChangeListener(listener);
482    }
483
484
485
486    /** {@inheritDoc} */
487    public void removeHTTPOauth2FileAuthorizationMechanismChangeListener(
488        ConfigurationChangeListener<HTTPOauth2FileAuthorizationMechanismCfg> listener) {
489      impl.deregisterChangeListener(listener);
490    }
491    /** {@inheritDoc} */
492    public void addHTTPOauth2AuthorizationMechanismChangeListener(
493        ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener) {
494      impl.registerChangeListener(listener);
495    }
496
497
498
499    /** {@inheritDoc} */
500    public void removeHTTPOauth2AuthorizationMechanismChangeListener(
501        ConfigurationChangeListener<HTTPOauth2AuthorizationMechanismCfg> listener) {
502      impl.deregisterChangeListener(listener);
503    }
504    /** {@inheritDoc} */
505    public void addChangeListener(
506        ConfigurationChangeListener<HTTPAuthorizationMechanismCfg> listener) {
507      impl.registerChangeListener(listener);
508    }
509
510
511
512    /** {@inheritDoc} */
513    public void removeChangeListener(
514        ConfigurationChangeListener<HTTPAuthorizationMechanismCfg> listener) {
515      impl.deregisterChangeListener(listener);
516    }
517
518
519
520    /** {@inheritDoc} */
521    public boolean isAccessTokenCacheEnabled() {
522      return pAccessTokenCacheEnabled;
523    }
524
525
526
527    /** {@inheritDoc} */
528    public Long getAccessTokenCacheExpiration() {
529      return pAccessTokenCacheExpiration;
530    }
531
532
533
534    /** {@inheritDoc} */
535    public String getAccessTokenDirectory() {
536      return pAccessTokenDirectory;
537    }
538
539
540
541    /** {@inheritDoc} */
542    public String getAuthzidJsonPointer() {
543      return pAuthzidJsonPointer;
544    }
545
546
547
548    /** {@inheritDoc} */
549    public boolean isEnabled() {
550      return pEnabled;
551    }
552
553
554
555    /** {@inheritDoc} */
556    public String getIdentityMapper() {
557      return pIdentityMapper;
558    }
559
560
561
562    /**
563     * {@inheritDoc}
564     */
565    public DN getIdentityMapperDN() {
566      String value = getIdentityMapper();
567      if (value == null) return null;
568      return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value);
569    }
570
571
572
573    /** {@inheritDoc} */
574    public String getJavaClass() {
575      return pJavaClass;
576    }
577
578
579
580    /** {@inheritDoc} */
581    public SortedSet<String> getRequiredScope() {
582      return pRequiredScope;
583    }
584
585
586
587    /** {@inheritDoc} */
588    public Class<? extends HTTPOauth2FileAuthorizationMechanismCfg> configurationClass() {
589      return HTTPOauth2FileAuthorizationMechanismCfg.class;
590    }
591
592
593
594    /** {@inheritDoc} */
595    public DN dn() {
596      return impl.getDN();
597    }
598
599
600
601    /** {@inheritDoc} */
602    public String toString() {
603      return impl.toString();
604    }
605  }
606}