001/* 002 * Copyright 2017-2024 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2017-2024 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2017-2024 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.listener; 037 038 039 040import java.util.Arrays; 041import java.util.List; 042 043import com.unboundid.ldap.sdk.LDAPException; 044import com.unboundid.ldap.sdk.Modification; 045import com.unboundid.ldap.sdk.ReadOnlyEntry; 046import com.unboundid.util.NotNull; 047import com.unboundid.util.Nullable; 048import com.unboundid.util.ThreadSafety; 049import com.unboundid.util.ThreadSafetyLevel; 050 051 052 053/** 054 * This class provides an implementation of an in-memory directory server 055 * password encoder that leaves the password in the clear. This doesn't provide 056 * any more protection than leaving passwords unencoded, but it does make it 057 * possible to store these passwords with a prefix, and to use an optional 058 * output format (e.g., to format the clear-text value in base64 or 059 * hexadecimal). 060 */ 061@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 062public final class ClearInMemoryPasswordEncoder 063 extends InMemoryPasswordEncoder 064{ 065 /** 066 * Creates a new instance of this in-memory directory server password encoder 067 * with the provided information. 068 * 069 * @param prefix The string that will appear at the beginning of 070 * encoded passwords. It must not be {@code null} or 071 * empty. 072 * @param outputFormatter The output formatter that will be used to format 073 * the encoded representation of clear-text 074 * passwords. It may be {@code null} if no 075 * special formatting should be applied to the raw 076 * bytes. 077 */ 078 public ClearInMemoryPasswordEncoder(@NotNull final String prefix, 079 @Nullable final PasswordEncoderOutputFormatter outputFormatter) 080 { 081 super(prefix, outputFormatter); 082 } 083 084 085 086 /** 087 * {@inheritDoc} 088 */ 089 @Override() 090 @NotNull() 091 protected byte[] encodePassword(@NotNull final byte[] clearPassword, 092 @NotNull final ReadOnlyEntry userEntry, 093 @NotNull final List<Modification> modifications) 094 throws LDAPException 095 { 096 return clearPassword; 097 } 098 099 100 101 /** 102 * {@inheritDoc} 103 */ 104 @Override() 105 protected void ensurePreEncodedPasswordAppearsValid( 106 @NotNull final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 107 @NotNull final ReadOnlyEntry userEntry, 108 @NotNull final List<Modification> modifications) 109 throws LDAPException 110 { 111 // No validation is required. 112 } 113 114 115 116 /** 117 * {@inheritDoc} 118 */ 119 @Override() 120 protected boolean passwordMatches(@NotNull final byte[] clearPasswordBytes, 121 @NotNull final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 122 @NotNull final ReadOnlyEntry userEntry) 123 throws LDAPException 124 { 125 return Arrays.equals(clearPasswordBytes, 126 unPrefixedUnFormattedEncodedPasswordBytes); 127 } 128 129 130 131 /** 132 * {@inheritDoc} 133 */ 134 @Override() 135 @NotNull() 136 protected byte[] extractClearPassword( 137 @NotNull final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 138 @NotNull final ReadOnlyEntry userEntry) 139 throws LDAPException 140 { 141 return unPrefixedUnFormattedEncodedPasswordBytes; 142 } 143 144 145 146 /** 147 * {@inheritDoc} 148 */ 149 @Override() 150 public void toString(@NotNull final StringBuilder buffer) 151 { 152 buffer.append("ClearInMemoryPasswordEncoder(prefix='"); 153 buffer.append(getPrefix()); 154 buffer.append("', outputFormatter="); 155 156 final PasswordEncoderOutputFormatter outputFormatter = 157 getOutputFormatter(); 158 if (outputFormatter == null) 159 { 160 buffer.append("null"); 161 } 162 else 163 { 164 outputFormatter.toString(buffer); 165 } 166 167 buffer.append(')'); 168 } 169}