Examples with SingleUseTOTPBindRequest com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest used on opensource projects

Example 1 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request with an
 * alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "authzID=u:another.user", "totpPassword=123456", "promptForStaticPassword=false");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNotNull(totpBind.getAuthorizationID());
    assertEquals(totpBind.getAuthorizationID(), "u:another.user");
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}

Example 2 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithoutAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request without an
 * alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithoutAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNull(totpBind.getAuthorizationID());
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}

Example 3 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtils method createUNBOUNDIDTOTPBindRequest.

/**
 * Creates a SASL UNBOUNDID-TOTP bind request using the provided password and
 * set of options.
 *
 * @param  password  The password to use for the bind request.
 * @param  tool      The command-line tool whose input and output streams
 *                   should be used when prompting for the bind password.  It
 *                   may be {@code null} only if {@code promptForPassword} is
 *                   {@code false}.
 * @param  options   The set of SASL options for the bind request.
 * @param  controls  The set of controls to include in the request.
 *
 * @return  The SASL UNBOUNDID-TOTP bind request that was created.
 *
 * @throws  LDAPException  If a problem is encountered while trying to create
 *                         the SASL bind request.
 */
@NotNull()
private static SingleUseTOTPBindRequest createUNBOUNDIDTOTPBindRequest(@Nullable final byte[] password, @Nullable final CommandLineTool tool, @NotNull final Map<String, String> options, @Nullable final Control... controls) throws LDAPException {
    // The authID option is required.
    final String authID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTH_ID));
    if (authID == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_AUTH_ID, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
    }
    // The TOTP password option is required.
    final String totpPassword = options.remove(StaticUtils.toLowerCase(SASL_OPTION_TOTP_PASSWORD));
    if (totpPassword == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_TOTP_PASSWORD, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
    }
    // The authzID option is optional.
    byte[] pwBytes = password;
    final String authzID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTHZ_ID));
    // The promptForStaticPassword option is optional.
    final String promptStr = options.remove(StaticUtils.toLowerCase(SASL_OPTION_PROMPT_FOR_STATIC_PW));
    if (promptStr != null) {
        if (promptStr.equalsIgnoreCase("true")) {
            if (pwBytes == null) {
                tool.getOriginalOut().print(INFO_SASL_ENTER_STATIC_PW.get());
                pwBytes = PasswordReader.readPassword();
                tool.getOriginalOut().println();
            } else {
                throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_PROVIDED_PW.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
            }
        } else if (!promptStr.equalsIgnoreCase("false")) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_STATIC_PW_BAD_VALUE.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
        }
    }
    // Ensure no unsupported options were provided.
    ensureNoUnsupportedOptions(options, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME);
    return new SingleUseTOTPBindRequest(authID, authzID, totpPassword, pwBytes, controls);
}

Example 4 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithStaticPasswordPrompt.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request when
 * prompting for the static password.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithStaticPasswordPrompt() throws Exception {
    final LDAPSearch tool = new LDAPSearch(null, null);
    final BindRequest bindRequest;
    try {
        PasswordReader.setTestReader(new BufferedReader(new InputStreamReader(new ByteArrayInputStream("password\n".getBytes("UTF-8")))));
        bindRequest = SASLUtils.createBindRequest(null, (byte[]) null, false, tool, null, Arrays.asList("mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456", "promptForStaticPassword=true"));
    } finally {
        PasswordReader.setTestReader(null);
    }
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNull(totpBind.getAuthorizationID());
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}