Examples with UnboundIDYubiKeyOTPBindRequest com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest used on opensource projects

Example 1 with UnboundIDYubiKeyOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtils method createUNBOUNDIDYUBIKEYOTPBindRequest.

/**
 * Creates a SASL UNBOUNDID-YUBIKEY-OTP bind request using the provided
 * password and set of options.
 *
 * @param  password  The password to use for the bind request.
 * @param  tool      The command-line tool whose input and output streams
 *                   should be used when prompting for the bind password.  It
 *                   may be {@code null} only if {@code promptForPassword} is
 *                   {@code false}.
 * @param  options   The set of SASL options for the bind request.
 * @param  controls  The set of controls to include in the request.
 *
 * @return  The SASL UNBOUNDID-YUBIKEY-OTP bind request that was created.
 *
 * @throws  LDAPException  If a problem is encountered while trying to create
 *                         the SASL bind request.
 */
@NotNull()
private static UnboundIDYubiKeyOTPBindRequest createUNBOUNDIDYUBIKEYOTPBindRequest(@Nullable final byte[] password, @Nullable final CommandLineTool tool, @NotNull final Map<String, String> options, @Nullable final Control... controls) throws LDAPException {
    // The authID option is required.
    final String authID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTH_ID));
    if (authID == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_AUTH_ID, UnboundIDYubiKeyOTPBindRequest.UNBOUNDID_YUBIKEY_OTP_MECHANISM_NAME));
    }
    // The otp option is required.
    final String otp = options.remove(StaticUtils.toLowerCase(SASL_OPTION_OTP));
    if (otp == null) {
        throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_MISSING_REQUIRED_OPTION.get(SASL_OPTION_OTP, UnboundIDYubiKeyOTPBindRequest.UNBOUNDID_YUBIKEY_OTP_MECHANISM_NAME));
    }
    // The authzID option is optional.
    final String authzID = options.remove(StaticUtils.toLowerCase(SASL_OPTION_AUTHZ_ID));
    // The promptForStaticPassword option is optional.
    byte[] pwBytes = password;
    final String promptStr = options.remove(StaticUtils.toLowerCase(SASL_OPTION_PROMPT_FOR_STATIC_PW));
    if (promptStr != null) {
        if (promptStr.equalsIgnoreCase("true")) {
            if (pwBytes == null) {
                tool.getOriginalOut().print(INFO_SASL_ENTER_STATIC_PW.get());
                pwBytes = PasswordReader.readPassword();
                tool.getOriginalOut().println();
            } else {
                throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_PROVIDED_PW.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
            }
        } else if (!promptStr.equalsIgnoreCase("false")) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_SASL_PROMPT_FOR_STATIC_PW_BAD_VALUE.get(SASL_OPTION_PROMPT_FOR_STATIC_PW));
        }
    }
    // Ensure no unsupported options were provided.
    ensureNoUnsupportedOptions(options, UnboundIDYubiKeyOTPBindRequest.UNBOUNDID_YUBIKEY_OTP_MECHANISM_NAME);
    return new UnboundIDYubiKeyOTPBindRequest(authID, authzID, pwBytes, otp, controls);
}

Example 2 with UnboundIDYubiKeyOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidYubiKeyOTPBindWithAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-YUBIKEY-OTP bind request with
 * an alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidYubiKeyOTPBindWithAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-YUBIKEY-OTP", "authID=u:test.user", "authzID=u:another.user", "otp=YubiKeyOTP");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof UnboundIDYubiKeyOTPBindRequest);
    final UnboundIDYubiKeyOTPBindRequest yubiKeyBind = (UnboundIDYubiKeyOTPBindRequest) bindRequest;
    assertNotNull(yubiKeyBind.getAuthenticationID());
    assertEquals(yubiKeyBind.getAuthenticationID(), "u:test.user");
    assertNotNull(yubiKeyBind.getAuthorizationID());
    assertEquals(yubiKeyBind.getAuthorizationID(), "u:another.user");
    assertNotNull(yubiKeyBind.getStaticPasswordString());
    assertEquals(yubiKeyBind.getStaticPasswordString(), "password");
    assertNotNull(yubiKeyBind.getYubiKeyOTP());
    assertEquals(yubiKeyBind.getYubiKeyOTP(), "YubiKeyOTP");
}

Example 3 with UnboundIDYubiKeyOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidYubiKeyOTPBindPromptForStaticPassword.

/**
 * Tests the ability to create a valid UNBOUNDID-YUBIKEY-OTP bind request
 * when prompting for a static password.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidYubiKeyOTPBindPromptForStaticPassword() throws Exception {
    final LDAPSearch tool = new LDAPSearch(null, null);
    final BindRequest bindRequest;
    try {
        PasswordReader.setTestReader(new BufferedReader(new InputStreamReader(new ByteArrayInputStream("password\n".getBytes("UTF-8")))));
        bindRequest = SASLUtils.createBindRequest(null, (byte[]) null, false, tool, null, Arrays.asList("mech=UNBOUNDID-YUBIKEY-OTP", "authID=u:test.user", "otp=YubiKeyOTP", "promptForStaticPassword=true"));
    } finally {
        PasswordReader.setTestReader(null);
    }
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof UnboundIDYubiKeyOTPBindRequest);
    final UnboundIDYubiKeyOTPBindRequest yubiKeyBind = (UnboundIDYubiKeyOTPBindRequest) bindRequest;
    assertNotNull(yubiKeyBind.getAuthenticationID());
    assertEquals(yubiKeyBind.getAuthenticationID(), "u:test.user");
    assertNull(yubiKeyBind.getAuthorizationID());
    assertNotNull(yubiKeyBind.getStaticPasswordString());
    assertEquals(yubiKeyBind.getStaticPasswordString(), "password");
    assertNotNull(yubiKeyBind.getYubiKeyOTP());
    assertEquals(yubiKeyBind.getYubiKeyOTP(), "YubiKeyOTP");
}

Example 4 with UnboundIDYubiKeyOTPBindRequest

use of com.unboundid.ldap.sdk.unboundidds.UnboundIDYubiKeyOTPBindRequest in project ldapsdk by pingidentity.

the class SASLUtilsTestCase method testValidYubiKeyOTPBindWithoutAuthzID.

/**
 * Tests the ability to create a valid UNBOUNDID-YUBIKEY-OTP bind request
 * without an alternate authorization ID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidYubiKeyOTPBindWithoutAuthzID() throws Exception {
    final BindRequest bindRequest = SASLUtils.createBindRequest(null, "password", null, "mech=UNBOUNDID-YUBIKEY-OTP", "authID=u:test.user", "otp=YubiKeyOTP");
    assertNotNull(bindRequest);
    assertTrue(bindRequest instanceof UnboundIDYubiKeyOTPBindRequest);
    final UnboundIDYubiKeyOTPBindRequest yubiKeyBind = (UnboundIDYubiKeyOTPBindRequest) bindRequest;
    assertNotNull(yubiKeyBind.getAuthenticationID());
    assertEquals(yubiKeyBind.getAuthenticationID(), "u:test.user");
    assertNull(yubiKeyBind.getAuthorizationID());
    assertNotNull(yubiKeyBind.getStaticPasswordString());
    assertEquals(yubiKeyBind.getStaticPasswordString(), "password");
    assertNotNull(yubiKeyBind.getYubiKeyOTP());
    assertEquals(yubiKeyBind.getYubiKeyOTP(), "YubiKeyOTP");
}