X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FTokenUtils.java;fp=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FTokenUtils.java;h=83c1d76f68499a2cd1449f181f114f83acd5ac82;hb=31d7eccd2b0effdadaaa5b6349e5b6b6ea753e3c;hp=0000000000000000000000000000000000000000;hpb=429d790d9f11eed27d7cfbb1da2d6d52f9bb82ed;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/TokenUtils.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/TokenUtils.java
new file mode 100644
index 000000000..83c1d76f6
--- /dev/null
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/TokenUtils.java
@@ -0,0 +1,87 @@
+package org.argeo.osgi.useradmin;
+
+import static org.argeo.naming.LdapAttrs.description;
+import static org.argeo.naming.LdapAttrs.owner;
+
+import java.security.Principal;
+import java.time.Instant;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.naming.InvalidNameException;
+import javax.naming.ldap.LdapName;
+import javax.security.auth.Subject;
+
+import org.argeo.naming.NamingUtils;
+import org.osgi.service.useradmin.Group;
+
+/**
+ * Canonically implements the Argeo token conventions.
+ */
+public class TokenUtils {
+	public static Set<String> tokensUsed(Subject subject, String tokensBaseDn) {
+		Set<String> res = new HashSet<>();
+		for (Principal principal : subject.getPrincipals()) {
+			String name = principal.getName();
+			if (name.endsWith(tokensBaseDn)) {
+				try {
+					LdapName ldapName = new LdapName(name);
+					String token = ldapName.getRdn(ldapName.size()).getValue().toString();
+					res.add(token);
+				} catch (InvalidNameException e) {
+					throw new UserDirectoryException("Invalid principal " + principal, e);
+				}
+			}
+		}
+		return res;
+	}
+
+	/** The user related to this token group */
+	public static String userDn(Group tokenGroup) {
+		return (String) tokenGroup.getProperties().get(owner.name());
+	}
+
+	public static boolean isExpired(Group tokenGroup) {
+		return isExpired(tokenGroup, Instant.now());
+
+	}
+
+	public static boolean isExpired(Group tokenGroup, Instant instant) {
+		String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
+		if (expiryDateStr != null) {
+			Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
+			if (expiryDate.isBefore(instant)) {
+				return true;
+			}
+		}
+		return false;
+	}
+
+//	private final String token;
+//
+//	public TokenUtils(String token) {
+//		this.token = token;
+//	}
+//
+//	public String getToken() {
+//		return token;
+//	}
+//
+//	@Override
+//	public int hashCode() {
+//		return token.hashCode();
+//	}
+//
+//	@Override
+//	public boolean equals(Object obj) {
+//		if ((obj instanceof TokenUtils) && ((TokenUtils) obj).token.equals(token))
+//			return true;
+//		return false;
+//	}
+//
+//	@Override
+//	public String toString() {
+//		return "Token #" + hashCode();
+//	}
+
+}