|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.unboundid.ldap.sdk.LDAPRequest
com.unboundid.ldap.sdk.ExtendedRequest
com.unboundid.ldap.sdk.unboundidds.extensions.DeliverSingleUseTokenExtendedRequest
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class DeliverSingleUseTokenExtendedRequest
NOTE: This class is part of the Commercial Edition of the UnboundID LDAP SDK for Java. It is not available for use in applications that include only the Standard Edition of the LDAP SDK, and is not supported for use in conjunction with non-UnboundID products.This class provides an implementation of an extended request that can be used to trigger the delivery of a temporary single-use token to a specified user via some out-of-band mechanism. It can be used for security purposes (e.g., as part of step-up authentication), for data validation purposes (e.g., to verify that a user can receive e-mail messages at a given address or SMS messages at a given phone number), or for other purposes in which it could be useful to deliver and consume a token through some out-of-band mechanism.
DeliverSingleUseTokenRequestValue ::= SEQUENCE { userDN LDAPDN, tokenID OCTET STRING, validityDurationMillis [0] INTEGER OPTIONAL, messageSubject [1] OCTET STRING OPTIONAL, fullTextBeforeToken [2] OCTET STRING OPTIONAL, fullTextAfterToken [3] OCTET STRING OPTIONAL, compactTextBeforeToken [4] OCTET STRING OPTIONAL, compactTextAfterToken [5] OCTET STRING OPTIONAL, preferredDeliveryMechanism [6] SEQUENCE OF SEQUENCE { mechanismName OCTET STRING, recipientID OCTET STRING OPTIONAL }, deliverIfPasswordExpired [7] BOOLEAN DEFAULT FALSE, deliverIfAccountLocked [8] BOOLEAN DEFAULT FALSE, deliverIfAccountDisabled [9] BOOLEAN DEFAULT FALSE, deliverIfAccountExpired [10] BOOLEAN DEFAULT FALSE, ... }
DeliverSingleUseTokenExtendedResult
,
ConsumeSingleUseTokenExtendedRequest
,
Serialized FormField Summary | |
---|---|
static java.lang.String |
DELIVER_SINGLE_USE_TOKEN_REQUEST_OID
The OID (1.3.6.1.4.1.30221.2.6.49) for the deliver single-use token extended request. |
Fields inherited from class com.unboundid.ldap.sdk.ExtendedRequest |
---|
TYPE_EXTENDED_REQUEST_OID, TYPE_EXTENDED_REQUEST_VALUE |
Constructor Summary | |
---|---|
DeliverSingleUseTokenExtendedRequest(ExtendedRequest request)
Decodes the provided extended request as a deliver single-use token extended request. |
|
DeliverSingleUseTokenExtendedRequest(java.lang.String userDN,
java.lang.String tokenID,
java.lang.Long validityDurationMillis,
java.lang.String messageSubject,
java.lang.String fullTextBeforeToken,
java.lang.String fullTextAfterToken,
java.lang.String compactTextBeforeToken,
java.lang.String compactTextAfterToken,
java.util.List<ObjectPair<java.lang.String,java.lang.String>> preferredDeliveryMechanisms,
boolean deliverIfPasswordExpired,
boolean deliverIfAccountLocked,
boolean deliverIfAccountDisabled,
boolean deliverIfAccountExpired,
Control... controls)
Creates a new deliver single-use token extended request with the provided information. |
Method Summary | |
---|---|
boolean |
deliverIfAccountDisabled()
Indicates whether to attempt to generate and deliver a token if the target user's account has been disabled by an administrator. |
boolean |
deliverIfAccountExpired()
Indicates whether to attempt to generate and deliver a token if the target user's account has expired. |
boolean |
deliverIfAccountLocked()
Indicates whether to attempt to generate and deliver a token if the target user's account is locked for some reason (e.g., because there have been too many failed authentication attempts, because the account has been idle for too long, or because the password was not changed soon enough after an administrative reset). |
boolean |
deliverIfPasswordExpired()
Indicates whether to attempt to generate and deliver a token if the target user's password is expired. |
DeliverSingleUseTokenExtendedRequest |
duplicate()
Creates a new instance of this LDAP request that may be modified without impacting this request. |
DeliverSingleUseTokenExtendedRequest |
duplicate(Control[] controls)
Creates a new instance of this LDAP request that may be modified without impacting this request. |
java.lang.String |
getCompactTextAfterToken()
Retrieves the text (if any) that should appear after the single-use token in the message delivered to the user via a mechanism that imposes significant constraints on message size. |
java.lang.String |
getCompactTextBeforeToken()
Retrieves the text (if any) that should appear before the single-use token in the message delivered to the user via a mechanism that imposes significant constraints on message size. |
java.lang.String |
getExtendedRequestName()
Retrieves the user-friendly name for the extended request, if available. |
java.lang.String |
getFullTextAfterToken()
Retrieves the text (if any) that should appear after the single-use token in the message delivered to the user via a mechanism that does not impose significant constraints on message size. |
java.lang.String |
getFullTextBeforeToken()
Retrieves the text (if any) that should appear before the single-use token in the message delivered to the user via a mechanism that does not impose significant constraints on message size. |
java.lang.String |
getMessageSubject()
Retrieves the text (if any) that should be used as the message subject for delivery mechanisms that can make use of a subject. |
java.util.List<ObjectPair<java.lang.String,java.lang.String>> |
getPreferredDeliveryMechanisms()
Retrieves a list of the preferred delivery mechanisms that should be used to provide the generated token to the target user. |
java.lang.String |
getTokenID()
Retrieves an identifier for the token, which can differentiate between separate uses of this extended operation for different purposes, and should be provided when consuming the token via the ConsumeSingleUseTokenExtendedRequest . |
java.lang.String |
getUserDN()
Retrieves the DN of the user for whom the token should be generated and delivered. |
java.lang.Long |
getValidityDurationMillis()
Retrieves the maximum length of time in milliseconds that the generated token should be considered valid, if defined. |
DeliverSingleUseTokenExtendedResult |
process(LDAPConnection connection,
int depth)
Sends this extended request to the directory server over the provided connection and returns the associated response. |
void |
toString(java.lang.StringBuilder buffer)
Appends a string representation of this request to the provided buffer. |
Methods inherited from class com.unboundid.ldap.sdk.ExtendedRequest |
---|
encodeProtocolOp, getLastMessageID, getOID, getOperationType, getProtocolOpType, getValue, hasValue, responseReceived, writeTo |
Methods inherited from class com.unboundid.ldap.sdk.LDAPRequest |
---|
followReferrals, getControl, getControlList, getControls, getIntermediateResponseListener, getResponseTimeoutMillis, hasControl, hasControl, setFollowReferrals, setIntermediateResponseListener, setResponseTimeoutMillis, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String DELIVER_SINGLE_USE_TOKEN_REQUEST_OID
Constructor Detail |
---|
public DeliverSingleUseTokenExtendedRequest(java.lang.String userDN, java.lang.String tokenID, java.lang.Long validityDurationMillis, java.lang.String messageSubject, java.lang.String fullTextBeforeToken, java.lang.String fullTextAfterToken, java.lang.String compactTextBeforeToken, java.lang.String compactTextAfterToken, java.util.List<ObjectPair<java.lang.String,java.lang.String>> preferredDeliveryMechanisms, boolean deliverIfPasswordExpired, boolean deliverIfAccountLocked, boolean deliverIfAccountDisabled, boolean deliverIfAccountExpired, Control... controls)
userDN
- The DN of the user for whom the token
should be generated and delivered. It
must not be null
.tokenID
- An identifier for the token, which can
differentiate between separate uses of
this extended operation for different
purposes. This token ID should be
provided in the request to consume the
token that has been delivered. It
must not be null
.validityDurationMillis
- The maximum length of time in
milliseconds that the generated token
should be considered valid. It may be
null
if the server should
determine the token validity duration.
If it is non-null
, then the
value must be greater than zero.messageSubject
- The text (if any) that should be used
as the message subject if the delivery
mechanism accepts a subject. This may
be null
if no subject is
required or a subject should be
automatically generated.fullTextBeforeToken
- The text (if any) that should appear
before the generated single-use token
in the message delivered to the user
via a delivery mechanism that does not
impose significant constraints on
message size. This may be
null
if no text is required
before the token.fullTextAfterToken
- The text (if any) that should appear
after the generated single-use token
in the message delivered to the user
via a delivery mechanism that does not
impose significant constraints on
message size. This may be
null
if no text is required
after the token.compactTextBeforeToken
- The text (if any) that should appear
before the generated single-use token
in the message delivered to the user
via a delivery mechanism that imposes
significant constraints on message
size. This may be null
if no
text is required before the token.compactTextAfterToken
- The text (if any) that should appear
after the generated single-use token
in the message delivered to the user
via a delivery mechanism that imposes
significant constraints on message
size. This may be null
if no
text is required after the token.preferredDeliveryMechanisms
- An optional list of the preferred
delivery mechanisms that should be
used to convey the token to the target
user. It may be null
or empty
if the server should determine the
delivery mechanisms to attempt. If
a list of preferred delivery
mechanisms is provided, the server
will only attempt to deliver the token
through these mechanisms, with
attempts made in the order specified
in this list.deliverIfPasswordExpired
- Indicates whether to generate and
deliver a token if the target user's
password is expired.deliverIfAccountLocked
- Indicates whether to generate and
deliver a token if the target user's
account is locked for some reason
(e.g., too many failed authentication
attempts, the account has been idle
for too long, the user failed to
change his/her password in a timely
manner after an administrative reset,
etc.).deliverIfAccountDisabled
- Indicates whether to generate and
deliver a token if the target user's
account has been disabled by an
administrator.deliverIfAccountExpired
- Indicates whether to generate and
deliver a token if the target user's
account has expired.controls
- An optional set of controls to include
in the request. It may be
null
or empty if no controls
are required.public DeliverSingleUseTokenExtendedRequest(ExtendedRequest request) throws LDAPException
request
- The extended request to decode as a deliver single-use
token extended request.
LDAPException
- If the provided extended request cannot be decoded
as a deliver single-use token request.Method Detail |
---|
public java.lang.String getUserDN()
public java.lang.String getTokenID()
ConsumeSingleUseTokenExtendedRequest
.
public java.lang.Long getValidityDurationMillis()
null
if the client
did not specify a value and the token validity duration will be
determined by the server.public java.lang.String getMessageSubject()
null
if no
subject should be used, or if the delivery mechanism should
attempt to automatically determine a subject.public java.lang.String getFullTextBeforeToken()
null
if there
should not be any text before the token.public java.lang.String getFullTextAfterToken()
null
if there
should not be any text after the token.public java.lang.String getCompactTextBeforeToken()
null
if there
should not be any text before the token.public java.lang.String getCompactTextAfterToken()
null
if there
should not be any text after the token.public java.util.List<ObjectPair<java.lang.String,java.lang.String>> getPreferredDeliveryMechanisms()
public boolean deliverIfPasswordExpired()
true
if the server should attempt to deliver a token to a
user with an expired password, or false
if not.public boolean deliverIfAccountLocked()
true
if the server should attempt to deliver a token to a
user with a locked account, or false
if not.public boolean deliverIfAccountDisabled()
true
if the server should attempt to deliver a token to a
user with a disabled account, or false
if not.public boolean deliverIfAccountExpired()
true
if the server should attempt to deliver a token to a
user with an expired account, or false
if not.public DeliverSingleUseTokenExtendedResult process(LDAPConnection connection, int depth) throws LDAPException
process
in class ExtendedRequest
connection
- The connection to use to communicate with the directory
server.depth
- The current referral depth for this request. It should
always be one for the initial request, and should only
be incremented when following referrals.
LDAPException
- If a problem occurs while sending the request or
reading the response.public DeliverSingleUseTokenExtendedRequest duplicate()
duplicate
in interface ReadOnlyLDAPRequest
duplicate
in class ExtendedRequest
public DeliverSingleUseTokenExtendedRequest duplicate(Control[] controls)
duplicate
in interface ReadOnlyLDAPRequest
duplicate
in class ExtendedRequest
controls
- The set of controls to include in the duplicate request.
public java.lang.String getExtendedRequestName()
getExtendedRequestName
in class ExtendedRequest
public void toString(java.lang.StringBuilder buffer)
toString
in interface ProtocolOp
toString
in interface ReadOnlyLDAPRequest
toString
in class ExtendedRequest
buffer
- The buffer to which to append a string representation of
this request.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |