Search in sources :

Example 1 with OctetStringMatchingRule

use of com.unboundid.ldap.matchingrules.OctetStringMatchingRule in project ldapsdk by pingidentity.

the class ScrambleAttributeTransformation method scrambleAttribute.

/**
 * Creates a copy of the provided attribute with its values scrambled if
 * appropriate.
 *
 * @param  a  The attribute to scramble.
 *
 * @return  A copy of the provided attribute with its values scrambled, or
 *          the original attribute if no scrambling should be performed.
 */
@Nullable()
public Attribute scrambleAttribute(@NotNull final Attribute a) {
    if ((a == null) || (a.size() == 0)) {
        return a;
    }
    final String baseName = StaticUtils.toLowerCase(a.getBaseName());
    final MatchingRule matchingRule = attributes.get(baseName);
    if (matchingRule == null) {
        return a;
    }
    if (matchingRule instanceof BooleanMatchingRule) {
        // results.  We will just  pick boolean values at random.
        if (a.size() == 1) {
            return new Attribute(a.getName(), schema, ThreadLocalRandom.get().nextBoolean() ? "TRUE" : "FALSE");
        } else {
            // regardless of how many values the provided attribute actually had.
            return new Attribute(a.getName(), schema, "TRUE", "FALSE");
        }
    } else if (matchingRule instanceof DistinguishedNameMatchingRule) {
        final String[] originalValues = a.getValues();
        final String[] scrambledValues = new String[originalValues.length];
        for (int i = 0; i < originalValues.length; i++) {
            try {
                scrambledValues[i] = scrambleDN(new DN(originalValues[i])).toString();
            } catch (final Exception e) {
                Debug.debugException(e);
                scrambledValues[i] = scrambleString(originalValues[i]);
            }
        }
        return new Attribute(a.getName(), schema, scrambledValues);
    } else if (matchingRule instanceof GeneralizedTimeMatchingRule) {
        final String[] originalValues = a.getValues();
        final String[] scrambledValues = new String[originalValues.length];
        for (int i = 0; i < originalValues.length; i++) {
            scrambledValues[i] = scrambleGeneralizedTime(originalValues[i]);
        }
        return new Attribute(a.getName(), schema, scrambledValues);
    } else if ((matchingRule instanceof IntegerMatchingRule) || (matchingRule instanceof NumericStringMatchingRule) || (matchingRule instanceof TelephoneNumberMatchingRule)) {
        final String[] originalValues = a.getValues();
        final String[] scrambledValues = new String[originalValues.length];
        for (int i = 0; i < originalValues.length; i++) {
            scrambledValues[i] = scrambleNumericValue(originalValues[i]);
        }
        return new Attribute(a.getName(), schema, scrambledValues);
    } else if (matchingRule instanceof OctetStringMatchingRule) {
        // If the target attribute is userPassword, then treat it like an encoded
        // password.
        final byte[][] originalValues = a.getValueByteArrays();
        final byte[][] scrambledValues = new byte[originalValues.length][];
        for (int i = 0; i < originalValues.length; i++) {
            if (baseName.equals("userpassword") || baseName.equals("2.5.4.35")) {
                scrambledValues[i] = StaticUtils.getBytes(scrambleEncodedPassword(StaticUtils.toUTF8String(originalValues[i])));
            } else {
                scrambledValues[i] = scrambleBinaryValue(originalValues[i]);
            }
        }
        return new Attribute(a.getName(), schema, scrambledValues);
    } else {
        final String[] originalValues = a.getValues();
        final String[] scrambledValues = new String[originalValues.length];
        for (int i = 0; i < originalValues.length; i++) {
            if (baseName.equals("userpassword") || baseName.equals("2.5.4.35") || baseName.equals("authpassword") || baseName.equals("1.3.6.1.4.1.4203.1.3.4")) {
                scrambledValues[i] = scrambleEncodedPassword(originalValues[i]);
            } else if (originalValues[i].startsWith("{") && originalValues[i].endsWith("}")) {
                scrambledValues[i] = scrambleJSONObject(originalValues[i]);
            } else {
                scrambledValues[i] = scrambleString(originalValues[i]);
            }
        }
        return new Attribute(a.getName(), schema, scrambledValues);
    }
}
Also used : GeneralizedTimeMatchingRule(com.unboundid.ldap.matchingrules.GeneralizedTimeMatchingRule) Attribute(com.unboundid.ldap.sdk.Attribute) NumericStringMatchingRule(com.unboundid.ldap.matchingrules.NumericStringMatchingRule) IntegerMatchingRule(com.unboundid.ldap.matchingrules.IntegerMatchingRule) DN(com.unboundid.ldap.sdk.DN) RDN(com.unboundid.ldap.sdk.RDN) JSONString(com.unboundid.util.json.JSONString) BooleanMatchingRule(com.unboundid.ldap.matchingrules.BooleanMatchingRule) TelephoneNumberMatchingRule(com.unboundid.ldap.matchingrules.TelephoneNumberMatchingRule) DistinguishedNameMatchingRule(com.unboundid.ldap.matchingrules.DistinguishedNameMatchingRule) OctetStringMatchingRule(com.unboundid.ldap.matchingrules.OctetStringMatchingRule) MatchingRule(com.unboundid.ldap.matchingrules.MatchingRule) NumericStringMatchingRule(com.unboundid.ldap.matchingrules.NumericStringMatchingRule) IntegerMatchingRule(com.unboundid.ldap.matchingrules.IntegerMatchingRule) BooleanMatchingRule(com.unboundid.ldap.matchingrules.BooleanMatchingRule) DistinguishedNameMatchingRule(com.unboundid.ldap.matchingrules.DistinguishedNameMatchingRule) TelephoneNumberMatchingRule(com.unboundid.ldap.matchingrules.TelephoneNumberMatchingRule) GeneralizedTimeMatchingRule(com.unboundid.ldap.matchingrules.GeneralizedTimeMatchingRule) CaseIgnoreStringMatchingRule(com.unboundid.ldap.matchingrules.CaseIgnoreStringMatchingRule) OctetStringMatchingRule(com.unboundid.ldap.matchingrules.OctetStringMatchingRule) Nullable(com.unboundid.util.Nullable)

Aggregations

BooleanMatchingRule (com.unboundid.ldap.matchingrules.BooleanMatchingRule)1 CaseIgnoreStringMatchingRule (com.unboundid.ldap.matchingrules.CaseIgnoreStringMatchingRule)1 DistinguishedNameMatchingRule (com.unboundid.ldap.matchingrules.DistinguishedNameMatchingRule)1 GeneralizedTimeMatchingRule (com.unboundid.ldap.matchingrules.GeneralizedTimeMatchingRule)1 IntegerMatchingRule (com.unboundid.ldap.matchingrules.IntegerMatchingRule)1 MatchingRule (com.unboundid.ldap.matchingrules.MatchingRule)1 NumericStringMatchingRule (com.unboundid.ldap.matchingrules.NumericStringMatchingRule)1 OctetStringMatchingRule (com.unboundid.ldap.matchingrules.OctetStringMatchingRule)1 TelephoneNumberMatchingRule (com.unboundid.ldap.matchingrules.TelephoneNumberMatchingRule)1 Attribute (com.unboundid.ldap.sdk.Attribute)1 DN (com.unboundid.ldap.sdk.DN)1 RDN (com.unboundid.ldap.sdk.RDN)1 Nullable (com.unboundid.util.Nullable)1 JSONString (com.unboundid.util.json.JSONString)1