001/*
002 * Copyright 2015-2020 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2015-2020 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2015-2020 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.sdk.unboundidds.extensions;
037
038
039
040import com.unboundid.asn1.ASN1Element;
041import com.unboundid.asn1.ASN1OctetString;
042import com.unboundid.asn1.ASN1Sequence;
043import com.unboundid.ldap.sdk.Control;
044import com.unboundid.ldap.sdk.ExtendedRequest;
045import com.unboundid.ldap.sdk.LDAPException;
046import com.unboundid.ldap.sdk.ResultCode;
047import com.unboundid.util.Debug;
048import com.unboundid.util.NotMutable;
049import com.unboundid.util.StaticUtils;
050import com.unboundid.util.ThreadSafety;
051import com.unboundid.util.ThreadSafetyLevel;
052import com.unboundid.util.Validator;
053
054import static com.unboundid.ldap.sdk.unboundidds.extensions.ExtOpMessages.*;
055
056
057
058/**
059 * This class provides an implementation of an extended request that can be used
060 * to consume a single-use token that was generated and provided to the user
061 * through the deliver single-use token extended operation.  Once a token has
062 * been consumed, it cannot be used again, although a new token can be generated
063 * and delivered to the user if necessary.
064 * <BR>
065 * <BLOCKQUOTE>
066 *   <B>NOTE:</B>  This class, and other classes within the
067 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
068 *   supported for use against Ping Identity, UnboundID, and
069 *   Nokia/Alcatel-Lucent 8661 server products.  These classes provide support
070 *   for proprietary functionality or for external specifications that are not
071 *   considered stable or mature enough to be guaranteed to work in an
072 *   interoperable way with other types of LDAP servers.
073 * </BLOCKQUOTE>
074 * <BR>
075 * This extended request has an OID of "1.3.6.1.4.1.30221.2.6.51" and it must
076 * have a value with the following encoding:
077 * <PRE>
078 *   ConsumeSingleUseTokenRequestValue ::= SEQUENCE {
079 *        userDN      LDAPDN,
080 *        tokenID     OCTET STRING,
081 *        tokenValue  OCTET STRING
082 *        ... }
083 * </PRE>
084 *
085 * @see  DeliverSingleUseTokenExtendedResult
086 */
087@NotMutable()
088@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
089public final class ConsumeSingleUseTokenExtendedRequest
090     extends ExtendedRequest
091{
092  /**
093   * The OID (1.3.6.1.4.1.30221.2.6.51) for the consume single-use token
094   * extended request.
095   */
096  public static final String CONSUME_SINGLE_USE_TOKEN_REQUEST_OID =
097       "1.3.6.1.4.1.30221.2.6.51";
098
099
100
101  /**
102   * The serial version UID for this serializable class.
103   */
104  private static final long serialVersionUID = -3162206445662323272L;
105
106
107
108  // The identifier for the token to consume.
109  private final String tokenID;
110
111  // The value for the single-use token to consume.
112  private final String tokenValue;
113
114  // The DN of the user whose account contains the token to consume.
115  private final String userDN;
116
117
118
119  /**
120   * Creates a new consume single-use token extended request with the provided
121   * information.
122   *
123   * @param  userDN      The DN of the user whose account contains the token to
124   *                     consume.  It must not be {@code null}.
125   * @param  tokenID     The identifier for the token to consume.  It must not
126   *                     be {@code null}.
127   * @param  tokenValue  The value for the single-use token to consume.  It
128   *                     must not be {@code null}.
129   * @param  controls    An optional set of controls to include in the request.
130   *                     It may be {@code null} or empty if no controls are
131   *                     required.
132   */
133  public ConsumeSingleUseTokenExtendedRequest(final String userDN,
134                                              final String tokenID,
135                                              final String tokenValue,
136                                              final Control... controls)
137  {
138    super(CONSUME_SINGLE_USE_TOKEN_REQUEST_OID,
139         encodeValue(userDN, tokenID, tokenValue),
140         controls);
141
142    this.userDN     = userDN;
143    this.tokenID    = tokenID;
144    this.tokenValue = tokenValue;
145  }
146
147
148
149  /**
150   * Decodes the provided extended request as a consume single-use token
151   * extended request.
152   *
153   * @param  request  The extended request to decode as a consume single-use
154   *                  token extended request.
155   *
156   * @throws  LDAPException  If the provided extended request cannot be decoded
157   *                         as a consume single-use token request.
158   */
159  public ConsumeSingleUseTokenExtendedRequest(final ExtendedRequest request)
160         throws LDAPException
161  {
162    super(request);
163
164    final ASN1OctetString value = request.getValue();
165    if (value == null)
166    {
167      throw new LDAPException(ResultCode.DECODING_ERROR,
168           ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_NO_VALUE.get());
169    }
170
171    try
172    {
173      final ASN1Element[] elements =
174           ASN1Sequence.decodeAsSequence(value.getValue()).elements();
175      userDN = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue();
176      tokenID = ASN1OctetString.decodeAsOctetString(elements[1]).stringValue();
177      tokenValue =
178           ASN1OctetString.decodeAsOctetString(elements[2]).stringValue();
179    }
180    catch (final Exception e)
181    {
182      Debug.debugException(e);
183      throw new LDAPException(ResultCode.DECODING_ERROR,
184           ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_CANNOT_DECODE.get(
185                StaticUtils.getExceptionMessage(e)),
186           e);
187    }
188  }
189
190
191
192  /**
193   * Encodes the provided information into an ASN.1 octet string suitable for
194   * use as the value of the extended request.
195   *
196   * @param  userDN      The DN of the user whose account contains the token to
197   *                     consume.  It must not be {@code null}.
198   * @param  tokenID     The identifier for the token to consume.  It must not
199   *                     be {@code null}.
200   * @param  tokenValue  The value for the single-use token to consume.  It
201   *                     must not be {@code null}.
202   *
203   * @return  An ASN.1 octet string containing the encoded value.
204   */
205  private static ASN1OctetString encodeValue(final String userDN,
206       final String tokenID, final String tokenValue)
207  {
208    Validator.ensureNotNull(userDN);
209    Validator.ensureNotNull(tokenID);
210    Validator.ensureNotNull(tokenValue);
211
212    final ASN1Sequence valueSequence = new ASN1Sequence(
213         new ASN1OctetString(userDN),
214         new ASN1OctetString(tokenID),
215         new ASN1OctetString(tokenValue));
216    return new ASN1OctetString(valueSequence.encode());
217  }
218
219
220
221  /**
222   * Retrieves the DN of the user whose account contains the token to consume.
223   *
224   * @return  The DN of the user whose account contains the token to consume.
225   */
226  public String getUserDN()
227  {
228    return userDN;
229  }
230
231
232
233  /**
234   * Retrieves the identifier for the token to consume.
235   *
236   * @return  The identifier for the token to consume.
237   */
238  public String getTokenID()
239  {
240    return tokenID;
241  }
242
243
244
245  /**
246   * Retrieves the value for the token to consume.
247   *
248   * @return  The value for the token to consume.
249   */
250  public String getTokenValue()
251  {
252    return tokenValue;
253  }
254
255
256
257  /**
258   * {@inheritDoc}.
259   */
260  @Override()
261  public ConsumeSingleUseTokenExtendedRequest duplicate()
262  {
263    return duplicate(getControls());
264  }
265
266
267
268  /**
269   * {@inheritDoc}.
270   */
271  @Override()
272  public ConsumeSingleUseTokenExtendedRequest duplicate(
273                                                   final Control[] controls)
274  {
275    final ConsumeSingleUseTokenExtendedRequest r =
276         new ConsumeSingleUseTokenExtendedRequest(userDN, tokenID, tokenValue,
277              controls);
278    r.setResponseTimeoutMillis(getResponseTimeoutMillis(null));
279    return r;
280  }
281
282
283
284  /**
285   * {@inheritDoc}
286   */
287  @Override()
288  public String getExtendedRequestName()
289  {
290    return INFO_EXTENDED_REQUEST_NAME_CONSUME_SINGLE_USE_TOKEN.get();
291  }
292
293
294
295  /**
296   * {@inheritDoc}
297   */
298  @Override()
299  public void toString(final StringBuilder buffer)
300  {
301    buffer.append("ConsumeSingleUseTokenExtendedRequest(userDN='");
302    buffer.append(userDN);
303    buffer.append("', tokenID='");
304    buffer.append(tokenID);
305    buffer.append('\'');
306
307    final Control[] controls = getControls();
308    if (controls.length > 0)
309    {
310      buffer.append(", controls={");
311      for (int i=0; i < controls.length; i++)
312      {
313        if (i > 0)
314        {
315          buffer.append(", ");
316        }
317
318        buffer.append(controls[i]);
319      }
320      buffer.append('}');
321    }
322
323    buffer.append(')');
324  }
325}