001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2016 ForgeRock AS.
016 */
017package org.opends.server.controls;
018import org.forgerock.i18n.LocalizableMessage;
019
020
021
022import org.forgerock.opendj.io.ASN1Writer;
023import org.opends.server.types.*;
024import org.forgerock.opendj.ldap.DN;
025import org.forgerock.opendj.ldap.ResultCode;
026import org.forgerock.opendj.ldap.ByteString;
027import static org.opends.messages.ProtocolMessages.*;
028import static org.opends.server.util.ServerConstants.*;
029
030import java.io.IOException;
031
032
033/**
034 * This class implements the authorization identity response control as defined
035 * in RFC 3829.  It may be included in a bind response message to provide the
036 * authorization ID resulting for a client after the bind operation as
037 * completed.
038 */
039public class AuthorizationIdentityResponseControl
040       extends Control
041{
042  /** ControlDecoder implementation to decode this control from a ByteString. */
043  private static final class Decoder
044      implements ControlDecoder<AuthorizationIdentityResponseControl>
045  {
046    @Override
047    public AuthorizationIdentityResponseControl decode(boolean isCritical,
048                                                       ByteString value)
049        throws DirectoryException
050    {
051      if (value == null)
052      {
053        LocalizableMessage message = ERR_AUTHZIDRESP_NO_CONTROL_VALUE.get();
054        throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message);
055      }
056
057      try
058      {
059        String authID = value.toString();
060        return new AuthorizationIdentityResponseControl(isCritical,
061            authID);
062      }
063      catch(Exception e)
064      {
065        // TODO: message.
066        throw new DirectoryException(ResultCode.PROTOCOL_ERROR, LocalizableMessage.EMPTY);
067      }
068    }
069
070    @Override
071    public String getOID()
072    {
073      return OID_AUTHZID_RESPONSE;
074    }
075
076  }
077
078  /** The Control Decoder that can be used to decode this control. */
079  public static final ControlDecoder<AuthorizationIdentityResponseControl>
080      DECODER = new Decoder();
081
082
083  /** The authorization ID for this control. */
084  private String authorizationID;
085
086
087
088  /**
089   * Creates a new authorization identity response control using the default
090   * settings to indicate an anonymous authentication.
091   */
092  public AuthorizationIdentityResponseControl()
093  {
094    this(false);
095  }
096
097  /**
098   * Creates a new authorization identity response control using the default
099   * settings to indicate an anonymous authentication.
100   *
101   * @param  isCritical  Indicates whether this control should be
102   *                     considered critical in processing the
103   *                     request.
104   */
105  public AuthorizationIdentityResponseControl(boolean isCritical)
106  {
107    super(OID_AUTHZID_RESPONSE, isCritical);
108  }
109
110
111
112  /**
113   * Creates a new authorization identity response control with the provided
114   * information.
115   *
116   * @param  authorizationID  The authorization ID for this control.
117   */
118  public AuthorizationIdentityResponseControl(String authorizationID)
119  {
120    this(false, authorizationID);
121  }
122
123
124  /**
125   * Creates a new authorization identity response control with the provided
126   * information.
127   *
128   * @param  isCritical  Indicates whether this control should be
129   *                     considered critical in processing the
130   *                     request.
131   * @param  authorizationID  The authorization ID for this control.
132   */
133  public AuthorizationIdentityResponseControl(boolean isCritical,
134                                              String authorizationID)
135  {
136    super(OID_AUTHZID_RESPONSE, isCritical);
137
138
139    this.authorizationID = authorizationID;
140  }
141
142
143
144
145  /**
146   * Creates a new authorization identity response control with the provided
147   * information.
148   *
149   * @param  authorizationDN  The authorization DN for this control.
150   */
151  public AuthorizationIdentityResponseControl(DN authorizationDN)
152  {
153    super(OID_AUTHZID_RESPONSE, false);
154
155
156    if (authorizationDN == null)
157    {
158      this.authorizationID = "dn:";
159    }
160    else
161    {
162      this.authorizationID = "dn:" + authorizationDN;
163    }
164  }
165
166  @Override
167  public void writeValue(ASN1Writer writer) throws IOException {
168    writer.writeOctetString(authorizationID);
169  }
170
171
172
173  /**
174   * Retrieves the authorization ID for this authorization identity response
175   * control.
176   *
177   * @return  The authorization ID for this authorization identity response
178   *          control.
179   */
180  public String getAuthorizationID()
181  {
182    return authorizationID;
183  }
184
185  @Override
186  public void toString(StringBuilder buffer)
187  {
188    buffer.append("AuthorizationIdentityResponseControl(authzID=\"");
189    buffer.append(authorizationID);
190    buffer.append("\")");
191  }
192}
193