1 package org.argeo.osgi.useradmin;
2
3 import static org.argeo.naming.LdapAttrs.description;
4 import static org.argeo.naming.LdapAttrs.owner;
5
6 import java.security.Principal;
7 import java.time.Instant;
8 import java.util.HashSet;
9 import java.util.Set;
10
11 import javax.naming.InvalidNameException;
12 import javax.naming.ldap.LdapName;
13 import javax.security.auth.Subject;
14
15 import org.argeo.naming.NamingUtils;
16 import org.osgi.service.useradmin.Group;
17
18
19
20
21 public class TokenUtils {
22 public static Set<String> tokensUsed(Subject subject, String tokensBaseDn) {
23 Set<String> res = new HashSet<>();
24 for (Principal principal : subject.getPrincipals()) {
25 String name = principal.getName();
26 if (name.endsWith(tokensBaseDn)) {
27 try {
28 LdapName ldapName = new LdapName(name);
29 String token = ldapName.getRdn(ldapName.size()).getValue().toString();
30 res.add(token);
31 } catch (InvalidNameException e) {
32 throw new UserDirectoryException("Invalid principal " + principal, e);
33 }
34 }
35 }
36 return res;
37 }
38
39
40 public static String userDn(Group tokenGroup) {
41 return (String) tokenGroup.getProperties().get(owner.name());
42 }
43
44 public static boolean isExpired(Group tokenGroup) {
45 return isExpired(tokenGroup, Instant.now());
46
47 }
48
49 public static boolean isExpired(Group tokenGroup, Instant instant) {
50 String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
51 if (expiryDateStr != null) {
52 Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
53 if (expiryDate.isBefore(instant)) {
54 return true;
55 }
56 }
57 return false;
58 }
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87 }