use of com.unboundid.ldap.matchingrules.BooleanMatchingRule in project ldapsdk by pingidentity.
the class ScrambleAttributeTransformation method scrambleAttribute.
/**
* Creates a copy of the provided attribute with its values scrambled if
* appropriate.
*
* @param a The attribute to scramble.
*
* @return A copy of the provided attribute with its values scrambled, or
* the original attribute if no scrambling should be performed.
*/
@Nullable()
public Attribute scrambleAttribute(@NotNull final Attribute a) {
if ((a == null) || (a.size() == 0)) {
return a;
}
final String baseName = StaticUtils.toLowerCase(a.getBaseName());
final MatchingRule matchingRule = attributes.get(baseName);
if (matchingRule == null) {
return a;
}
if (matchingRule instanceof BooleanMatchingRule) {
// results. We will just pick boolean values at random.
if (a.size() == 1) {
return new Attribute(a.getName(), schema, ThreadLocalRandom.get().nextBoolean() ? "TRUE" : "FALSE");
} else {
// regardless of how many values the provided attribute actually had.
return new Attribute(a.getName(), schema, "TRUE", "FALSE");
}
} else if (matchingRule instanceof DistinguishedNameMatchingRule) {
final String[] originalValues = a.getValues();
final String[] scrambledValues = new String[originalValues.length];
for (int i = 0; i < originalValues.length; i++) {
try {
scrambledValues[i] = scrambleDN(new DN(originalValues[i])).toString();
} catch (final Exception e) {
Debug.debugException(e);
scrambledValues[i] = scrambleString(originalValues[i]);
}
}
return new Attribute(a.getName(), schema, scrambledValues);
} else if (matchingRule instanceof GeneralizedTimeMatchingRule) {
final String[] originalValues = a.getValues();
final String[] scrambledValues = new String[originalValues.length];
for (int i = 0; i < originalValues.length; i++) {
scrambledValues[i] = scrambleGeneralizedTime(originalValues[i]);
}
return new Attribute(a.getName(), schema, scrambledValues);
} else if ((matchingRule instanceof IntegerMatchingRule) || (matchingRule instanceof NumericStringMatchingRule) || (matchingRule instanceof TelephoneNumberMatchingRule)) {
final String[] originalValues = a.getValues();
final String[] scrambledValues = new String[originalValues.length];
for (int i = 0; i < originalValues.length; i++) {
scrambledValues[i] = scrambleNumericValue(originalValues[i]);
}
return new Attribute(a.getName(), schema, scrambledValues);
} else if (matchingRule instanceof OctetStringMatchingRule) {
// If the target attribute is userPassword, then treat it like an encoded
// password.
final byte[][] originalValues = a.getValueByteArrays();
final byte[][] scrambledValues = new byte[originalValues.length][];
for (int i = 0; i < originalValues.length; i++) {
if (baseName.equals("userpassword") || baseName.equals("2.5.4.35")) {
scrambledValues[i] = StaticUtils.getBytes(scrambleEncodedPassword(StaticUtils.toUTF8String(originalValues[i])));
} else {
scrambledValues[i] = scrambleBinaryValue(originalValues[i]);
}
}
return new Attribute(a.getName(), schema, scrambledValues);
} else {
final String[] originalValues = a.getValues();
final String[] scrambledValues = new String[originalValues.length];
for (int i = 0; i < originalValues.length; i++) {
if (baseName.equals("userpassword") || baseName.equals("2.5.4.35") || baseName.equals("authpassword") || baseName.equals("1.3.6.1.4.1.4203.1.3.4")) {
scrambledValues[i] = scrambleEncodedPassword(originalValues[i]);
} else if (originalValues[i].startsWith("{") && originalValues[i].endsWith("}")) {
scrambledValues[i] = scrambleJSONObject(originalValues[i]);
} else {
scrambledValues[i] = scrambleString(originalValues[i]);
}
}
return new Attribute(a.getName(), schema, scrambledValues);
}
}
Aggregations