use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.
the class SASLUtilsTestCase method testValidTOTPBindWithAuthzID.
/**
* Tests the ability to create a valid UNBOUNDID-TOTP bind request with an
* alternate authorization ID.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testValidTOTPBindWithAuthzID() throws Exception {
final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "authzID=u:another.user", "totpPassword=123456", "promptForStaticPassword=false");
assertNotNull(bindRequest);
assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
assertNotNull(totpBind.getAuthenticationID());
assertEquals(totpBind.getAuthenticationID(), "u:test.user");
assertNotNull(totpBind.getAuthorizationID());
assertEquals(totpBind.getAuthorizationID(), "u:another.user");
assertNotNull(totpBind.getStaticPassword());
assertEquals(totpBind.getStaticPassword().stringValue(), "password");
assertNotNull(totpBind.getTOTPPassword());
assertEquals(totpBind.getTOTPPassword(), "123456");
}
use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.
the class SASLUtilsTestCase method testValidTOTPBindWithoutAuthzID.
/**
* Tests the ability to create a valid UNBOUNDID-TOTP bind request without an
* alternate authorization ID.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testValidTOTPBindWithoutAuthzID() throws Exception {
final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456");
assertNotNull(bindRequest);
assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
assertNotNull(totpBind.getAuthenticationID());
assertEquals(totpBind.getAuthenticationID(), "u:test.user");
assertNull(totpBind.getAuthorizationID());
assertNotNull(totpBind.getStaticPassword());
assertEquals(totpBind.getStaticPassword().stringValue(), "password");
assertNotNull(totpBind.getTOTPPassword());
assertEquals(totpBind.getTOTPPassword(), "123456");
}
use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.
the class SASLUtils method createUNBOUNDIDTOTPBindRequest.
/**
* Creates a SASL UNBOUNDID-TOTP bind request using the provided password and
* set of options.
*
* @param password The password to use for the bind request.
* @param tool The command-line tool whose input and output streams
* should be used when prompting for the bind password. It
* may be {@code null} only if {@code promptForPassword} is
* {@code false}.
* @param options The set of SASL options for the bind request.
* @param controls The set of controls to include in the request.
*
* @return The SASL UNBOUNDID-TOTP bind request that was created.
*
* @throws LDAPException If a problem is encountered while trying to create
* the SASL bind request.
*/
@NotNull()
private static SingleUseTOTPBindRequest createUNBOUNDIDTOTPBindRequest(@Nullable final byte[] password, @Nullable final CommandLineTool tool, @NotNull final Map<String, String> options, @Nullable final Control... controls) throws LDAPException {
// The authID option is required.
final String authID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTH_ID));
if (authID == null) {
throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_AUTH_ID, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
}
// The TOTP password option is required.
final String totpPassword = options.remove(StaticUtils.toLowerCase(SASL_OPTION_TOTP_PASSWORD));
if (totpPassword == null) {
throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_TOTP_PASSWORD, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
}
// The authzID option is optional.
byte[] pwBytes = password;
final String authzID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTHZ_ID));
// The promptForStaticPassword option is optional.
final String promptStr = options.remove(StaticUtils.toLowerCase(SASL_OPTION_PROMPT_FOR_STATIC_PW));
if (promptStr != null) {
if (promptStr.equalsIgnoreCase("true")) {
if (pwBytes == null) {
tool.getOriginalOut().print(INFO_SASL_ENTER_STATIC_PW.get());
pwBytes = PasswordReader.readPassword();
tool.getOriginalOut().println();
} else {
throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_PROVIDED_PW.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
}
} else if (!promptStr.equalsIgnoreCase("false")) {
throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_STATIC_PW_BAD_VALUE.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
}
}
// Ensure no unsupported options were provided.
ensureNoUnsupportedOptions(options, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME);
return new SingleUseTOTPBindRequest(authID, authzID, totpPassword, pwBytes, controls);
}
use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.
the class SASLUtilsTestCase method testValidTOTPBindWithStaticPasswordPrompt.
/**
* Tests the ability to create a valid UNBOUNDID-TOTP bind request when
* prompting for the static password.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testValidTOTPBindWithStaticPasswordPrompt() throws Exception {
final LDAPSearch tool = new LDAPSearch(null, null);
final BindRequest bindRequest;
try {
PasswordReader.setTestReader(new BufferedReader(new InputStreamReader(new ByteArrayInputStream("password\n".getBytes("UTF-8")))));
bindRequest = SASLUtils.createBindRequest(null, (byte[]) null, false, tool, null, Arrays.asList("mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456", "promptForStaticPassword=true"));
} finally {
PasswordReader.setTestReader(null);
}
assertNotNull(bindRequest);
assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
assertNotNull(totpBind.getAuthenticationID());
assertEquals(totpBind.getAuthenticationID(), "u:test.user");
assertNull(totpBind.getAuthorizationID());
assertNotNull(totpBind.getStaticPassword());
assertEquals(totpBind.getStaticPassword().stringValue(), "password");
assertNotNull(totpBind.getTOTPPassword());
assertEquals(totpBind.getTOTPPassword(), "123456");
}
Aggregations