Search in sources :

Example 1 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request with an
 * alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "authzID=u:another.user", "totpPassword=123456", "promptForStaticPassword=false");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNotNull(totpBind.getAuthorizationID());
    assertEquals(totpBind.getAuthorizationID(), "u:another.user");
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}
Also used : ANONYMOUSBindRequest(com.unboundid.ldap.sdk.ANONYMOUSBindRequest) GSSAPIBindRequest(com.unboundid.ldap.sdk.GSSAPIBindRequest) UnboundIDCertificatePlusPasswordBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDCertificatePlusPasswordBindRequest) BindRequest(com.unboundid.ldap.sdk.BindRequest) SCRAMSHA512BindRequest(com.unboundid.ldap.sdk.SCRAMSHA512BindRequest) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) UnboundIDYubiKeyOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest) EXTERNALBindRequest(com.unboundid.ldap.sdk.EXTERNALBindRequest) DIGESTMD5BindRequest(com.unboundid.ldap.sdk.DIGESTMD5BindRequest) UnboundIDDeliveredOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDDeliveredOTPBindRequest) OAUTHBEARERBindRequest(com.unboundid.ldap.sdk.OAUTHBEARERBindRequest) UnboundIDTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDTOTPBindRequest) SCRAMSHA1BindRequest(com.unboundid.ldap.sdk.SCRAMSHA1BindRequest) SCRAMSHA256BindRequest(com.unboundid.ldap.sdk.SCRAMSHA256BindRequest) CRAMMD5BindRequest(com.unboundid.ldap.sdk.CRAMMD5BindRequest) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) Test(org.testng.annotations.Test)

Example 2 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithoutAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request without an
 * alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithoutAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNull(totpBind.getAuthorizationID());
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}
Also used : ANONYMOUSBindRequest(com.unboundid.ldap.sdk.ANONYMOUSBindRequest) GSSAPIBindRequest(com.unboundid.ldap.sdk.GSSAPIBindRequest) UnboundIDCertificatePlusPasswordBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDCertificatePlusPasswordBindRequest) BindRequest(com.unboundid.ldap.sdk.BindRequest) SCRAMSHA512BindRequest(com.unboundid.ldap.sdk.SCRAMSHA512BindRequest) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) UnboundIDYubiKeyOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest) EXTERNALBindRequest(com.unboundid.ldap.sdk.EXTERNALBindRequest) DIGESTMD5BindRequest(com.unboundid.ldap.sdk.DIGESTMD5BindRequest) UnboundIDDeliveredOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDDeliveredOTPBindRequest) OAUTHBEARERBindRequest(com.unboundid.ldap.sdk.OAUTHBEARERBindRequest) UnboundIDTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDTOTPBindRequest) SCRAMSHA1BindRequest(com.unboundid.ldap.sdk.SCRAMSHA1BindRequest) SCRAMSHA256BindRequest(com.unboundid.ldap.sdk.SCRAMSHA256BindRequest) CRAMMD5BindRequest(com.unboundid.ldap.sdk.CRAMMD5BindRequest) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) Test(org.testng.annotations.Test)

Example 3 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtils method createUNBOUNDIDTOTPBindRequest.

/**
 * Creates a SASL UNBOUNDID-TOTP bind request using the provided password and
 * set of options.
 *
 * @param  password  The password to use for the bind request.
 * @param  tool      The command-line tool whose input and output streams
 *                   should be used when prompting for the bind password.  It
 *                   may be {@code null} only if {@code promptForPassword} is
 *                   {@code false}.
 * @param  options   The set of SASL options for the bind request.
 * @param  controls  The set of controls to include in the request.
 *
 * @return  The SASL UNBOUNDID-TOTP bind request that was created.
 *
 * @throws  LDAPException  If a problem is encountered while trying to create
 *                         the SASL bind request.
 */
@NotNull()
private static SingleUseTOTPBindRequest createUNBOUNDIDTOTPBindRequest(@Nullable final byte[] password, @Nullable final CommandLineTool tool, @NotNull final Map<String, String> options, @Nullable final Control... controls) throws LDAPException {
    // The authID option is required.
    final String authID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTH_ID));
    if (authID == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_AUTH_ID, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
    }
    // The TOTP password option is required.
    final String totpPassword = options.remove(StaticUtils.toLowerCase(SASL_OPTION_TOTP_PASSWORD));
    if (totpPassword == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_TOTP_PASSWORD, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME));
    }
    // The authzID option is optional.
    byte[] pwBytes = password;
    final String authzID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTHZ_ID));
    // The promptForStaticPassword option is optional.
    final String promptStr = options.remove(StaticUtils.toLowerCase(SASL_OPTION_PROMPT_FOR_STATIC_PW));
    if (promptStr != null) {
        if (promptStr.equalsIgnoreCase("true")) {
            if (pwBytes == null) {
                tool.getOriginalOut().print(INFO_SASL_ENTER_STATIC_PW.get());
                pwBytes = PasswordReader.readPassword();
                tool.getOriginalOut().println();
            } else {
                throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_PROVIDED_PW.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
            }
        } else if (!promptStr.equalsIgnoreCase("false")) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_STATIC_PW_BAD_VALUE.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
        }
    }
    // Ensure no unsupported options were provided.
    ensureNoUnsupportedOptions(options, UnboundIDTOTPBindRequest.UNBOUNDID_TOTP_MECHANISM_NAME);
    return new SingleUseTOTPBindRequest(authID, authzID, totpPassword, pwBytes, controls);
}
Also used : LDAPException(com.unboundid.ldap.sdk.LDAPException) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest)

Example 4 with SingleUseTOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidTOTPBindWithStaticPasswordPrompt.

/**
 * Tests the ability to create a valid UNBOUNDID-TOTP bind request when
 * prompting for the static password.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidTOTPBindWithStaticPasswordPrompt() throws Exception {
    final LDAPSearch tool = new LDAPSearch(null, null);
    final BindRequest bindRequest;
    try {
        PasswordReader.setTestReader(new BufferedReader(new InputStreamReader(new ByteArrayInputStream("password\n".getBytes("UTF-8")))));
        bindRequest = SASLUtils.createBindRequest(null, (byte[]) null, false, tool, null, Arrays.asList("mech=UNBOUNDID-TOTP", "authID=u:test.user", "totpPassword=123456", "promptForStaticPassword=true"));
    } finally {
        PasswordReader.setTestReader(null);
    }
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof SingleUseTOTPBindRequest);
    final SingleUseTOTPBindRequest totpBind = (SingleUseTOTPBindRequest) bindRequest;
    assertNotNull(totpBind.getAuthenticationID());
    assertEquals(totpBind.getAuthenticationID(), "u:test.user");
    assertNull(totpBind.getAuthorizationID());
    assertNotNull(totpBind.getStaticPassword());
    assertEquals(totpBind.getStaticPassword().stringValue(), "password");
    assertNotNull(totpBind.getTOTPPassword());
    assertEquals(totpBind.getTOTPPassword(), "123456");
}
Also used : InputStreamReader(java.io.InputStreamReader) ByteArrayInputStream(java.io.ByteArrayInputStream) LDAPSearch(com.unboundid.ldap.sdk.examples.LDAPSearch) ANONYMOUSBindRequest(com.unboundid.ldap.sdk.ANONYMOUSBindRequest) GSSAPIBindRequest(com.unboundid.ldap.sdk.GSSAPIBindRequest) UnboundIDCertificatePlusPasswordBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDCertificatePlusPasswordBindRequest) BindRequest(com.unboundid.ldap.sdk.BindRequest) SCRAMSHA512BindRequest(com.unboundid.ldap.sdk.SCRAMSHA512BindRequest) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) UnboundIDYubiKeyOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest) EXTERNALBindRequest(com.unboundid.ldap.sdk.EXTERNALBindRequest) DIGESTMD5BindRequest(com.unboundid.ldap.sdk.DIGESTMD5BindRequest) UnboundIDDeliveredOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDDeliveredOTPBindRequest) OAUTHBEARERBindRequest(com.unboundid.ldap.sdk.OAUTHBEARERBindRequest) UnboundIDTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.UnboundIDTOTPBindRequest) SCRAMSHA1BindRequest(com.unboundid.ldap.sdk.SCRAMSHA1BindRequest) SCRAMSHA256BindRequest(com.unboundid.ldap.sdk.SCRAMSHA256BindRequest) CRAMMD5BindRequest(com.unboundid.ldap.sdk.CRAMMD5BindRequest) BufferedReader(java.io.BufferedReader) SingleUseTOTPBindRequest(com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest) Test(org.testng.annotations.Test)

Aggregations

SingleUseTOTPBindRequest (com.unboundid.ldap.sdk.unboundidds.SingleUseTOTPBindRequest)4 ANONYMOUSBindRequest (com.unboundid.ldap.sdk.ANONYMOUSBindRequest)3 BindRequest (com.unboundid.ldap.sdk.BindRequest)3 CRAMMD5BindRequest (com.unboundid.ldap.sdk.CRAMMD5BindRequest)3 DIGESTMD5BindRequest (com.unboundid.ldap.sdk.DIGESTMD5BindRequest)3 EXTERNALBindRequest (com.unboundid.ldap.sdk.EXTERNALBindRequest)3 GSSAPIBindRequest (com.unboundid.ldap.sdk.GSSAPIBindRequest)3 OAUTHBEARERBindRequest (com.unboundid.ldap.sdk.OAUTHBEARERBindRequest)3 PLAINBindRequest (com.unboundid.ldap.sdk.PLAINBindRequest)3 SCRAMSHA1BindRequest (com.unboundid.ldap.sdk.SCRAMSHA1BindRequest)3 SCRAMSHA256BindRequest (com.unboundid.ldap.sdk.SCRAMSHA256BindRequest)3 SCRAMSHA512BindRequest (com.unboundid.ldap.sdk.SCRAMSHA512BindRequest)3 UnboundIDCertificatePlusPasswordBindRequest (com.unboundid.ldap.sdk.unboundidds.UnboundIDCertificatePlusPasswordBindRequest)3 UnboundIDDeliveredOTPBindRequest (com.unboundid.ldap.sdk.unboundidds.UnboundIDDeliveredOTPBindRequest)3 UnboundIDTOTPBindRequest (com.unboundid.ldap.sdk.unboundidds.UnboundIDTOTPBindRequest)3 UnboundIDYubiKeyOTPBindRequest (com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest)3 Test (org.testng.annotations.Test)3 LDAPException (com.unboundid.ldap.sdk.LDAPException)1 LDAPSearch (com.unboundid.ldap.sdk.examples.LDAPSearch)1 BufferedReader (java.io.BufferedReader)1