001/*
002 * Copyright 2015-2022 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2015-2022 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2015-2022 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.sdk.unboundidds.extensions;
037
038
039
040import com.unboundid.asn1.ASN1Element;
041import com.unboundid.asn1.ASN1OctetString;
042import com.unboundid.asn1.ASN1Sequence;
043import com.unboundid.ldap.sdk.Control;
044import com.unboundid.ldap.sdk.ExtendedRequest;
045import com.unboundid.ldap.sdk.LDAPException;
046import com.unboundid.ldap.sdk.ResultCode;
047import com.unboundid.util.Debug;
048import com.unboundid.util.NotMutable;
049import com.unboundid.util.NotNull;
050import com.unboundid.util.Nullable;
051import com.unboundid.util.StaticUtils;
052import com.unboundid.util.ThreadSafety;
053import com.unboundid.util.ThreadSafetyLevel;
054import com.unboundid.util.Validator;
055
056import static com.unboundid.ldap.sdk.unboundidds.extensions.ExtOpMessages.*;
057
058
059
060/**
061 * This class provides an implementation of an extended request that can be used
062 * to consume a single-use token that was generated and provided to the user
063 * through the deliver single-use token extended operation.  Once a token has
064 * been consumed, it cannot be used again, although a new token can be generated
065 * and delivered to the user if necessary.
066 * <BR>
067 * <BLOCKQUOTE>
068 *   <B>NOTE:</B>  This class, and other classes within the
069 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
070 *   supported for use against Ping Identity, UnboundID, and
071 *   Nokia/Alcatel-Lucent 8661 server products.  These classes provide support
072 *   for proprietary functionality or for external specifications that are not
073 *   considered stable or mature enough to be guaranteed to work in an
074 *   interoperable way with other types of LDAP servers.
075 * </BLOCKQUOTE>
076 * <BR>
077 * This extended request has an OID of "1.3.6.1.4.1.30221.2.6.51" and it must
078 * have a value with the following encoding:
079 * <PRE>
080 *   ConsumeSingleUseTokenRequestValue ::= SEQUENCE {
081 *        userDN      LDAPDN,
082 *        tokenID     OCTET STRING,
083 *        tokenValue  OCTET STRING
084 *        ... }
085 * </PRE>
086 *
087 * @see  DeliverSingleUseTokenExtendedResult
088 */
089@NotMutable()
090@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
091public final class ConsumeSingleUseTokenExtendedRequest
092     extends ExtendedRequest
093{
094  /**
095   * The OID (1.3.6.1.4.1.30221.2.6.51) for the consume single-use token
096   * extended request.
097   */
098  @NotNull public static final String CONSUME_SINGLE_USE_TOKEN_REQUEST_OID =
099       "1.3.6.1.4.1.30221.2.6.51";
100
101
102
103  /**
104   * The serial version UID for this serializable class.
105   */
106  private static final long serialVersionUID = -3162206445662323272L;
107
108
109
110  // The identifier for the token to consume.
111  @NotNull private final String tokenID;
112
113  // The value for the single-use token to consume.
114  @NotNull private final String tokenValue;
115
116  // The DN of the user whose account contains the token to consume.
117  @NotNull private final String userDN;
118
119
120
121  /**
122   * Creates a new consume single-use token extended request with the provided
123   * information.
124   *
125   * @param  userDN      The DN of the user whose account contains the token to
126   *                     consume.  It must not be {@code null}.
127   * @param  tokenID     The identifier for the token to consume.  It must not
128   *                     be {@code null}.
129   * @param  tokenValue  The value for the single-use token to consume.  It
130   *                     must not be {@code null}.
131   * @param  controls    An optional set of controls to include in the request.
132   *                     It may be {@code null} or empty if no controls are
133   *                     required.
134   */
135  public ConsumeSingleUseTokenExtendedRequest(@NotNull final String userDN,
136              @NotNull final String tokenID,
137              @NotNull final String tokenValue,
138              @Nullable final Control... controls)
139  {
140    super(CONSUME_SINGLE_USE_TOKEN_REQUEST_OID,
141         encodeValue(userDN, tokenID, tokenValue),
142         controls);
143
144    this.userDN     = userDN;
145    this.tokenID    = tokenID;
146    this.tokenValue = tokenValue;
147  }
148
149
150
151  /**
152   * Decodes the provided extended request as a consume single-use token
153   * extended request.
154   *
155   * @param  request  The extended request to decode as a consume single-use
156   *                  token extended request.
157   *
158   * @throws  LDAPException  If the provided extended request cannot be decoded
159   *                         as a consume single-use token request.
160   */
161  public ConsumeSingleUseTokenExtendedRequest(
162              @NotNull final ExtendedRequest request)
163         throws LDAPException
164  {
165    super(request);
166
167    final ASN1OctetString value = request.getValue();
168    if (value == null)
169    {
170      throw new LDAPException(ResultCode.DECODING_ERROR,
171           ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_NO_VALUE.get());
172    }
173
174    try
175    {
176      final ASN1Element[] elements =
177           ASN1Sequence.decodeAsSequence(value.getValue()).elements();
178      userDN = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue();
179      tokenID = ASN1OctetString.decodeAsOctetString(elements[1]).stringValue();
180      tokenValue =
181           ASN1OctetString.decodeAsOctetString(elements[2]).stringValue();
182    }
183    catch (final Exception e)
184    {
185      Debug.debugException(e);
186      throw new LDAPException(ResultCode.DECODING_ERROR,
187           ERR_CONSUME_SINGLE_USE_TOKEN_REQUEST_CANNOT_DECODE.get(
188                StaticUtils.getExceptionMessage(e)),
189           e);
190    }
191  }
192
193
194
195  /**
196   * Encodes the provided information into an ASN.1 octet string suitable for
197   * use as the value of the extended request.
198   *
199   * @param  userDN      The DN of the user whose account contains the token to
200   *                     consume.  It must not be {@code null}.
201   * @param  tokenID     The identifier for the token to consume.  It must not
202   *                     be {@code null}.
203   * @param  tokenValue  The value for the single-use token to consume.  It
204   *                     must not be {@code null}.
205   *
206   * @return  An ASN.1 octet string containing the encoded value.
207   */
208  @NotNull()
209  private static ASN1OctetString encodeValue(@NotNull final String userDN,
210       @NotNull final String tokenID, @NotNull final String tokenValue)
211  {
212    Validator.ensureNotNull(userDN);
213    Validator.ensureNotNull(tokenID);
214    Validator.ensureNotNull(tokenValue);
215
216    final ASN1Sequence valueSequence = new ASN1Sequence(
217         new ASN1OctetString(userDN),
218         new ASN1OctetString(tokenID),
219         new ASN1OctetString(tokenValue));
220    return new ASN1OctetString(valueSequence.encode());
221  }
222
223
224
225  /**
226   * Retrieves the DN of the user whose account contains the token to consume.
227   *
228   * @return  The DN of the user whose account contains the token to consume.
229   */
230  @NotNull()
231  public String getUserDN()
232  {
233    return userDN;
234  }
235
236
237
238  /**
239   * Retrieves the identifier for the token to consume.
240   *
241   * @return  The identifier for the token to consume.
242   */
243  @NotNull()
244  public String getTokenID()
245  {
246    return tokenID;
247  }
248
249
250
251  /**
252   * Retrieves the value for the token to consume.
253   *
254   * @return  The value for the token to consume.
255   */
256  @NotNull()
257  public String getTokenValue()
258  {
259    return tokenValue;
260  }
261
262
263
264  /**
265   * {@inheritDoc}.
266   */
267  @Override()
268  @NotNull()
269  public ConsumeSingleUseTokenExtendedRequest duplicate()
270  {
271    return duplicate(getControls());
272  }
273
274
275
276  /**
277   * {@inheritDoc}.
278   */
279  @Override()
280  @NotNull()
281  public ConsumeSingleUseTokenExtendedRequest duplicate(
282              @Nullable final Control[] controls)
283  {
284    final ConsumeSingleUseTokenExtendedRequest r =
285         new ConsumeSingleUseTokenExtendedRequest(userDN, tokenID, tokenValue,
286              controls);
287    r.setResponseTimeoutMillis(getResponseTimeoutMillis(null));
288    return r;
289  }
290
291
292
293  /**
294   * {@inheritDoc}
295   */
296  @Override()
297  @NotNull()
298  public String getExtendedRequestName()
299  {
300    return INFO_EXTENDED_REQUEST_NAME_CONSUME_SINGLE_USE_TOKEN.get();
301  }
302
303
304
305  /**
306   * {@inheritDoc}
307   */
308  @Override()
309  public void toString(@NotNull final StringBuilder buffer)
310  {
311    buffer.append("ConsumeSingleUseTokenExtendedRequest(userDN='");
312    buffer.append(userDN);
313    buffer.append("', tokenID='");
314    buffer.append(tokenID);
315    buffer.append('\'');
316
317    final Control[] controls = getControls();
318    if (controls.length > 0)
319    {
320      buffer.append(", controls={");
321      for (int i=0; i < controls.length; i++)
322      {
323        if (i > 0)
324        {
325          buffer.append(", ");
326        }
327
328        buffer.append(controls[i]);
329      }
330      buffer.append('}');
331    }
332
333    buffer.append(')');
334  }
335}