View Javadoc
1   package org.argeo.osgi.useradmin;
2   
3   import static org.argeo.naming.LdapAttrs.description;
4   import static org.argeo.naming.LdapAttrs.owner;
5   
6   import java.security.Principal;
7   import java.time.Instant;
8   import java.util.HashSet;
9   import java.util.Set;
10  
11  import javax.naming.InvalidNameException;
12  import javax.naming.ldap.LdapName;
13  import javax.security.auth.Subject;
14  
15  import org.argeo.naming.NamingUtils;
16  import org.osgi.service.useradmin.Group;
17  
18  /**
19   * Canonically implements the Argeo token conventions.
20   */
21  public class TokenUtils {
22  	public static Set<String> tokensUsed(Subject subject, String tokensBaseDn) {
23  		Set<String> res = new HashSet<>();
24  		for (Principal principal : subject.getPrincipals()) {
25  			String name = principal.getName();
26  			if (name.endsWith(tokensBaseDn)) {
27  				try {
28  					LdapName ldapName = new LdapName(name);
29  					String token = ldapName.getRdn(ldapName.size()).getValue().toString();
30  					res.add(token);
31  				} catch (InvalidNameException e) {
32  					throw new UserDirectoryException("Invalid principal " + principal, e);
33  				}
34  			}
35  		}
36  		return res;
37  	}
38  
39  	/** The user related to this token group */
40  	public static String userDn(Group tokenGroup) {
41  		return (String) tokenGroup.getProperties().get(owner.name());
42  	}
43  
44  	public static boolean isExpired(Group tokenGroup) {
45  		return isExpired(tokenGroup, Instant.now());
46  
47  	}
48  
49  	public static boolean isExpired(Group tokenGroup, Instant instant) {
50  		String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
51  		if (expiryDateStr != null) {
52  			Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
53  			if (expiryDate.isBefore(instant)) {
54  				return true;
55  			}
56  		}
57  		return false;
58  	}
59  
60  //	private final String token;
61  //
62  //	public TokenUtils(String token) {
63  //		this.token = token;
64  //	}
65  //
66  //	public String getToken() {
67  //		return token;
68  //	}
69  //
70  //	@Override
71  //	public int hashCode() {
72  //		return token.hashCode();
73  //	}
74  //
75  //	@Override
76  //	public boolean equals(Object obj) {
77  //		if ((obj instanceof TokenUtils) && ((TokenUtils) obj).token.equals(token))
78  //			return true;
79  //		return false;
80  //	}
81  //
82  //	@Override
83  //	public String toString() {
84  //		return "Token #" + hashCode();
85  //	}
86  
87  }