Example 71 with Nullable
use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.
the class DeliverOneTimePasswordExtendedResult method encodeValue.
/**
* Encodes the provided information into an ASN.1 octet string suitable for
* use as the value of this extended result.
*
* @param deliveryMechanism The name of the mechanism by which the one-time
* password was delivered, if available. This
* should be non-{@code null} for a success result.
* @param recipientDN The DN of the user to whom the one-time password
* was sent. This should be non-{@code null} for a
* success result.
* @param recipientID An identifier for the user to whom the one-time
* password was delivered. It may be {@code null}
* if no password was delivered or there is no
* appropriate identifier, but if a value is
* provided then it should appropriate for the
* delivery mechanism (e.g., the user's e-mail
* address if delivered via e-mail, a phone number
* if delivered via SMS or voice call, etc.).
* @param deliveryMessage A message providing additional information about
* the one-time password delivery, if available.
* If this is non-{@code null}, then the delivery
* mechanism must also be non-null.
*
* @return An ASN.1 octet string containing the encoded value, or
* {@code null} if the extended result should not have a value.
*/
@Nullable()
private static ASN1OctetString encodeValue(@Nullable final String deliveryMechanism, @Nullable final String recipientDN, @Nullable final String recipientID, @Nullable final String deliveryMessage) {
if (deliveryMechanism == null) {
Validator.ensureTrue((recipientID == null), "The delivery mechanism must be non-null if the recipient ID " + "is non-null.");
Validator.ensureTrue((deliveryMessage == null), "The delivery mechanism must be non-null if the delivery message " + "is non-null.");
return null;
}
Validator.ensureTrue((recipientDN != null), "If a delivery mechanism is provided, then a recipient DN must also " + "be provided.");
final ArrayList<ASN1Element> elements = new ArrayList<>(4);
elements.add(new ASN1OctetString(TYPE_MECH, deliveryMechanism));
elements.add(new ASN1OctetString(TYPE_RECIPIENT_DN, recipientDN));
if (recipientID != null) {
elements.add(new ASN1OctetString(TYPE_RECIPIENT_ID, recipientID));
}
if (deliveryMessage != null) {
elements.add(new ASN1OctetString(TYPE_MESSAGE, deliveryMessage));
}
return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
Also used :
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
ASN1Sequence(com.unboundid.asn1.ASN1Sequence)
ASN1Element(com.unboundid.asn1.ASN1Element)
ArrayList(java.util.ArrayList)
Nullable(com.unboundid.util.Nullable)
Example 72 with Nullable
use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.
the class DeliverSingleUseTokenExtendedResult method encodeValue.
/**
* Encodes the provided information into an ASN.1 octet string suitable for
* use as the value of this extended result.
*
* @param deliveryMechanism The name of the mechanism by which the token was
* delivered, if available. This should be
* non-{@code null} for a success result.
* @param recipientID An identifier for the user to whom the token was
* delivered. It may be {@code null} if no token
* was delivered or there is no appropriate
* identifier, but if a value is provided then it
* should appropriate for the delivery mechanism
* (e.g., the user's e-mail address if delivered
* via e-mail, a phone number if delivered via SMS
* or voice call, etc.).
* @param deliveryMessage An optional message providing additional
* information about the token delivery, if
* available. If this is non-{@code null}, then
* the delivery mechanism must also be
* non-{@code null}.
*
* @return An ASN.1 octet string containing the encoded value, or
* {@code null} if the extended result should not have a value.
*/
@Nullable()
private static ASN1OctetString encodeValue(@Nullable final String deliveryMechanism, @Nullable final String recipientID, @Nullable final String deliveryMessage) {
if (deliveryMechanism == null) {
Validator.ensureTrue((recipientID == null), "The delivery mechanism must be non-null if the recipient ID " + "is non-null.");
Validator.ensureTrue((deliveryMessage == null), "The delivery mechanism must be non-null if the delivery message " + "is non-null.");
return null;
}
final ArrayList<ASN1Element> elements = new ArrayList<>(3);
elements.add(new ASN1OctetString(deliveryMechanism));
if (recipientID != null) {
elements.add(new ASN1OctetString(RECIPIENT_ID_BER_TYPE, recipientID));
}
if (deliveryMessage != null) {
elements.add(new ASN1OctetString(DELIVERY_MESSAGE_BER_TYPE, deliveryMessage));
}
return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
Also used :
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
ASN1Sequence(com.unboundid.asn1.ASN1Sequence)
ASN1Element(com.unboundid.asn1.ASN1Element)
ArrayList(java.util.ArrayList)
Nullable(com.unboundid.util.Nullable)
Example 73 with Nullable
use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.
the class GeneratePasswordExtendedRequest method encodeValue.
/**
* Uses the provided information to generate an ASN.1 octet string that may be
* used as the value of a generate password extended request.
*
* @param passwordPolicySelectionType
* The password policy selection type to use. It must not be
* {@code null}.
* @param passwordPolicyDN
* The password policy DN to use in conjunction with the
* {@link GeneratePasswordPolicySelectionType#PASSWORD_POLICY_DN}
* password policy selection type. It must be non-{@code null}
* when used in conjunction with that policy selection type, and
* it must be {@code null} for all other selection types.
* @param targetEntryDN
* The target entry DN to use in conjunction with the
* {@link GeneratePasswordPolicySelectionType#TARGET_ENTRY_DN}
* password policy selection type. It must be non-{@code null}
* when used in conjunction with that policy selection type, and
* it must be {@code null} for all other selection types.
* @param numberOfPasswords
* The number of passwords to generate. The value must be
* greater than or equal to one.
* @param numberOfValidationAttempts
* The number of attempts that should be made to generate each
* password in an attempt to obtain a password that satisfies the
* associated set of password validators. The value must be
* greater than or equal to zero.
*
* @return An ASN.1 octet string that may be used as the value of a generate
* password extended request with the provided information, or
* {@code null} if the request uses all the default settings and no
* value is needed.
*/
@Nullable()
private static ASN1OctetString encodeValue(@NotNull final GeneratePasswordPolicySelectionType passwordPolicySelectionType, @Nullable final String passwordPolicyDN, @Nullable final String targetEntryDN, final int numberOfPasswords, final int numberOfValidationAttempts) {
Validator.ensureNotNullWithMessage(passwordPolicySelectionType, "GeneratePasswordExtendedRequest.passwordPolicySelectionType must " + "not be null.");
final List<ASN1Element> elements = new ArrayList<>(3);
switch(passwordPolicySelectionType) {
case DEFAULT_POLICY:
Validator.ensureTrue((passwordPolicyDN == null), "GeneratePasswordExtendedRequest.passwordPolicyDN must be null " + "when using a password policy selection type of " + passwordPolicySelectionType + '.');
Validator.ensureTrue((targetEntryDN == null), "GeneratePasswordExtendedRequest.targetEntryDN must be null " + "when using a password policy selection type of " + passwordPolicySelectionType + '.');
if ((numberOfPasswords == DEFAULT_NUMBER_OF_PASSWORDS) && (numberOfValidationAttempts == DEFAULT_VALIDATION_ATTEMPTS)) {
return null;
}
elements.add(new ASN1Null(passwordPolicySelectionType.getBERType()));
break;
case PASSWORD_POLICY_DN:
Validator.ensureNotNullWithMessage(passwordPolicyDN, "GeneratePasswordExtendedRequest.passwordPolicyDN must not be " + "null when using a password policy selection type of " + passwordPolicySelectionType + '.');
Validator.ensureTrue((targetEntryDN == null), "GeneratePasswordExtendedRequest.targetEntryDN must be null " + "when using a password policy selection type of " + passwordPolicySelectionType + '.');
elements.add(new ASN1OctetString(passwordPolicySelectionType.getBERType(), passwordPolicyDN));
break;
case TARGET_ENTRY_DN:
Validator.ensureTrue((passwordPolicyDN == null), "GeneratePasswordExtendedRequest.passwordPolicyDN must be null " + "when using a password policy selection type of " + passwordPolicySelectionType + '.');
Validator.ensureNotNullWithMessage(targetEntryDN, "GeneratePasswordExtendedRequest.targetEntryDN must not be null " + "when using a password policy selection type of " + passwordPolicySelectionType + '.');
elements.add(new ASN1OctetString(passwordPolicySelectionType.getBERType(), targetEntryDN));
break;
}
if (numberOfPasswords != DEFAULT_NUMBER_OF_PASSWORDS) {
Validator.ensureTrue((numberOfPasswords >= 1), "GeneratePasswordExtendedRequest.numberOfPasswords must be " + "greater than or equal to one.");
elements.add(new ASN1Integer(TYPE_NUMBER_OF_PASSWORDS, numberOfPasswords));
}
if (numberOfValidationAttempts != DEFAULT_VALIDATION_ATTEMPTS) {
Validator.ensureTrue((numberOfValidationAttempts >= 0), "GeneratePasswordExtendedRequest.validationAttempts must be " + "greater than or equal to zero.");
elements.add(new ASN1Integer(TYPE_VALIDATION_ATTEMPTS, numberOfValidationAttempts));
}
return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
Also used :
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
ASN1Sequence(com.unboundid.asn1.ASN1Sequence)
ASN1Element(com.unboundid.asn1.ASN1Element)
ArrayList(java.util.ArrayList)
ASN1Integer(com.unboundid.asn1.ASN1Integer)
ASN1Null(com.unboundid.asn1.ASN1Null)
Nullable(com.unboundid.util.Nullable)
Example 74 with Nullable
use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.
the class CollectSupportData method parseTimeRange.
/**
* Parses the provided string as a time range. If both start and end time
* values are provided, then they must be separated by a comma; otherwise,
* there must only be a start time value. Each timestamp must be in either
* the generalized time format or the Ping Identity Directory Server's default
* access log format (with or without millisecond precision).
*
* @param timeRangeStr The string to be parsed as a time range. It must not
* be {@code null}.
* @param strict Indicates whether to require strict compliance with
* the timestamp format. This should be {@code true}
* when the useRemoteServer argument was provided, and
* {@code false} otherwise.
*
* @return An object pair in which the first value is the start time for
* the range and the second value is the end time for the range. The
* first element will always be non-{@code null}, but the second
* element may be {@code null} if the time range did not specify an
* end time. The entire return value may be {@code null} if the
* time range string could not be parsed and {@code strict} is
* {@code false}.
*
* @throws LDAPException If a problem is encountered while parsing the
* provided string as a time range, or if the start
* time is greater than the end time.
*/
@Nullable()
static ObjectPair<Date, Date> parseTimeRange(@NotNull final String timeRangeStr, final boolean strict) throws LDAPException {
final Date startTime;
final Date endTime;
try {
// See if there is a comma to separate the before and after times. If so,
// then parse each value separately. Otherwise, the value will be just
// the start time and the current time will be used as the end time.
final int commaPos = timeRangeStr.indexOf(',');
if (commaPos > 0) {
startTime = parseTimestamp(timeRangeStr.substring(0, commaPos).trim());
endTime = parseTimestamp(timeRangeStr.substring(commaPos + 1).trim());
} else {
startTime = parseTimestamp(timeRangeStr);
endTime = null;
}
} catch (final LDAPException e) {
Debug.debugException(e);
// server-side code otherwise.
if (strict) {
throw e;
} else {
return null;
}
}
if ((endTime != null) && (startTime.getTime() > endTime.getTime())) {
throw new LDAPException(ResultCode.PARAM_ERROR, ERR_CSD_TIME_RANGE_START_GREATER_THAN_END.get());
}
return new ObjectPair<>(startTime, endTime);
}
Also used :
LDAPException(com.unboundid.ldap.sdk.LDAPException)
Date(java.util.Date)
ObjectPair(com.unboundid.util.ObjectPair)
Nullable(com.unboundid.util.Nullable)
Example 75 with Nullable
use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.
the class CollectSupportData method getEncryptionPassphraseForExtOpProcessing.
/**
* Retrieves the passphrase to use to generate the key for encrypting the
* support data archive. This method should only be used when the tool
* processing will be performed using an extended operation.
*
* @return The passphrase to use to generate the key for encrypting the
* support data archive.
*
* @throws LDAPException If a problem is encountered while attempting to
* obtain the passphrase.
*/
@Nullable()
private ASN1OctetString getEncryptionPassphraseForExtOpProcessing() throws LDAPException {
if (!encryptArg.isPresent()) {
return null;
}
if (passphraseFileArg.isPresent()) {
final File passphraseFile = passphraseFileArg.getValue();
if (generatePassphraseArg.isPresent()) {
// Generate a passphrase as a base64url-encoded representation of some
// randomly generated data.
final byte[] randomBytes = new byte[64];
ThreadLocalSecureRandom.get().nextBytes(randomBytes);
final String passphrase = Base64.urlEncode(randomBytes, false);
try (PrintWriter writer = new PrintWriter(passphraseFile)) {
writer.println(passphrase);
} catch (final Exception e) {
Debug.debugException(e);
throw new LDAPException(ResultCode.LOCAL_ERROR, ERR_CSD_CANNOT_WRITE_GENERATED_PASSPHRASE.get(passphraseFile.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
}
return new ASN1OctetString(passphrase);
} else {
try {
final char[] passphrase = getPasswordFileReader().readPassword(passphraseFile);
return new ASN1OctetString(new String(passphrase));
} catch (final Exception e) {
Debug.debugException(e);
ResultCode resultCode = ResultCode.LOCAL_ERROR;
if (e instanceof LDAPException) {
resultCode = ((LDAPException) e).getResultCode();
}
throw new LDAPException(resultCode, ERR_CSD_CANNOT_READ_PASSPHRASE.get(passphraseFile.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
}
}
}
// Prompt for the encryption passphrase.
while (true) {
try {
getOut().print(INFO_CSD_PASSPHRASE_INITIAL_PROMPT.get());
final byte[] passphraseBytes = PasswordReader.readPassword();
getOut().print(INFO_CSD_PASSPHRASE_CONFIRM_PROMPT.get());
final byte[] confirmBytes = PasswordReader.readPassword();
if (Arrays.equals(passphraseBytes, confirmBytes)) {
return new ASN1OctetString(passphraseBytes);
} else {
wrapErr(0, WRAP_COLUMN, ERR_CSD_PASSPHRASE_MISMATCH.get());
err();
}
} catch (final Exception e) {
throw new LDAPException(ResultCode.LOCAL_ERROR, ERR_CSD_PASSPHRASE_PROMPT_READ_ERROR.get(StaticUtils.getExceptionMessage(e)), e);
}
}
}
Also used :
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
LDAPException(com.unboundid.ldap.sdk.LDAPException)
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
File(java.io.File)
ArgumentException(com.unboundid.util.args.ArgumentException)
LDAPException(com.unboundid.ldap.sdk.LDAPException)
IOException(java.io.IOException)
ResultCode(com.unboundid.ldap.sdk.ResultCode)
PrintWriter(java.io.PrintWriter)
Nullable(com.unboundid.util.Nullable)
Aggregations
Nullable (com.unboundid.util.Nullable)149
ArrayList (java.util.ArrayList)47
ASN1OctetString (com.unboundid.asn1.ASN1OctetString)42
Entry (com.unboundid.ldap.sdk.Entry)30
LDAPException (com.unboundid.ldap.sdk.LDAPException)30
ASN1Sequence (com.unboundid.asn1.ASN1Sequence)21
Attribute (com.unboundid.ldap.sdk.Attribute)21
ASN1Element (com.unboundid.asn1.ASN1Element)20
Filter (com.unboundid.ldap.sdk.Filter)20
SearchResult (com.unboundid.ldap.sdk.SearchResult)18
IOException (java.io.IOException)16
ReadOnlyEntry (com.unboundid.ldap.sdk.ReadOnlyEntry)14
File (java.io.File)14
DN (com.unboundid.ldap.sdk.DN)12
ArgumentException (com.unboundid.util.args.ArgumentException)10
RDN (com.unboundid.ldap.sdk.RDN)9
LDIFException (com.unboundid.ldif.LDIFException)8
ChangeLogEntry (com.unboundid.ldap.sdk.ChangeLogEntry)7
Modification (com.unboundid.ldap.sdk.Modification)7
LDIFModifyChangeRecord (com.unboundid.ldif.LDIFModifyChangeRecord)7
