import junit.framework.TestCase;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.digest.DigestUtils;
import org.osgi.service.useradmin.Authorization;
import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.Role;
public void testBasicUserAdmin() {
LdifUserAdmin userAdmin = new LdifUserAdmin(getClass()
.getResourceAsStream("basic.ldif"));
+
+ // users
User rootUser = (User) userAdmin.getRole(ROOT_USER_DN);
assertNotNull(rootUser);
User demoUser = (User) userAdmin.getRole(DEMO_USER_DN);
assertNotNull(demoUser);
+ // groups
Group adminGroup = (Group) userAdmin.getRole(ADMIN_GROUP_DN);
assertNotNull(adminGroup);
Role[] members = adminGroup.getMembers();
assertTrue(rootRoles.contains(ROOT_USER_DN));
assertTrue(rootRoles.contains(ADMIN_GROUP_DN));
assertTrue(rootRoles.contains(EDITOR_GROUP_DN));
+
+ // properties
+ assertEquals("root@localhost", rootUser.getProperties().get("mail"));
+
+ // credentials
+ byte[] hashedPassword = ("{SHA}" + Base64
+ .encodeBase64String(DigestUtils.sha1("demo".getBytes())))
+ .getBytes();
+ assertTrue(rootUser.hasCredential("userpassword", hashedPassword));
+ assertTrue(demoUser.hasCredential("userpassword", hashedPassword));
}
}
package org.argeo.osgi.useradmin;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.Dictionary;
import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.List;
+import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
-class AttributeDictionary extends Dictionary {
+class AttributeDictionary extends Dictionary<String,Object> {
private final Attributes attributes;
+ private final List<String> effectiveKeys = new ArrayList<String>();
+ private final List<String> attrFilter;
+ private final Boolean includeFilter;
- public AttributeDictionary(Attributes attributes) {
+ public AttributeDictionary(Attributes attributes, List<String> attrFilter,
+ Boolean includeFilter) {
this.attributes = attributes;
+ this.attrFilter = attrFilter;
+ this.includeFilter = includeFilter;
+ try {
+ NamingEnumeration<String> ids = attributes.getIDs();
+ while (ids.hasMore()) {
+ String id = ids.next();
+ if (includeFilter && attrFilter.contains(id))
+ effectiveKeys.add(id);
+ else if (!includeFilter && !attrFilter.contains(id))
+ effectiveKeys.add(id);
+ }
+ } catch (NamingException e) {
+ throw new ArgeoUserAdminException(
+ "Cannot initialise attribute dictionary", e);
+ }
}
@Override
public int size() {
- return attributes.size();
+ return effectiveKeys.size();
}
@Override
public boolean isEmpty() {
- return attributes.size() == 0;
+ return effectiveKeys.size() == 0;
}
@Override
public Enumeration<String> keys() {
- return attributes.getIDs();
+ return Collections.enumeration(effectiveKeys);
}
@Override
public Enumeration<Object> elements() {
- throw new UnsupportedOperationException();
+ final Iterator<String> it = effectiveKeys.iterator();
+ return new Enumeration<Object>() {
+
+ @Override
+ public boolean hasMoreElements() {
+ return it.hasNext();
+ }
+
+ @Override
+ public Object nextElement() {
+ String key = it.next();
+ try {
+ return attributes.get(key).get();
+ } catch (NamingException e) {
+ throw new ArgeoUserAdminException(
+ "Cannot get value for key " + key, e);
+ }
+ }
+
+ };
}
@Override
public Object get(Object key) {
try {
- return attributes.get(key.toString()).get();
+ Attribute attr = attributes.get(key.toString());
+ if (attr == null)
+ return null;
+ return attr.get();
} catch (NamingException e) {
throw new ArgeoUserAdminException("Cannot get value for attribute "
+ key, e);
}
@Override
- public Object put(Object key, Object value) {
+ public Object put(String key, Object value) {
if (!(value instanceof String || value instanceof byte[]))
- throw new IllegalArgumentException(
- "Value muste be String or byte[]");
+ throw new IllegalArgumentException("Value must be String or byte[]");
+
+ if (includeFilter && !attrFilter.contains(key))
+ throw new IllegalArgumentException("Key " + key + " not included");
+ else if (!includeFilter && attrFilter.contains(key))
+ throw new IllegalArgumentException("Key " + key + " excluded");
+
try {
Attribute attribute = attributes.get(key.toString());
attribute = new BasicAttribute(key.toString());
@Override
public Object remove(Object key) {
- throw new UnsupportedOperationException();
- }
+ if (includeFilter && !attrFilter.contains(key))
+ throw new IllegalArgumentException("Key " + key + " not included");
+ else if (!includeFilter && attrFilter.contains(key))
+ throw new IllegalArgumentException("Key " + key + " excluded");
+ try {
+ Attribute attr = attributes.remove(key.toString());
+ if (attr != null)
+ return attr.get();
+ else
+ return null;
+ } catch (NamingException e) {
+ throw new ArgeoUserAdminException("Cannot remove attribute " + key,
+ e);
+ }
+ }
}
package org.argeo.osgi.useradmin;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Dictionary;
import java.util.List;
private final LdapName dn;
private Attributes attributes;
+ private final AttributeDictionary properties;
+ private final AttributeDictionary credentials;
+
+ private List<String> credentialAttributes = Arrays
+ .asList(new String[] { "userpassword" });
+
LdifUser(LdapName dn, Attributes attributes) {
this.dn = dn;
this.attributes = attributes;
+ properties = new AttributeDictionary(attributes, credentialAttributes,
+ false);
+ credentials = new AttributeDictionary(attributes, credentialAttributes,
+ true);
}
@Override
@Override
public Dictionary<String, Object> getProperties() {
- if (attributes == null)
- throw new ArgeoUserAdminException(
- "Must be loaded from user admin service");
- return new AttributeDictionary(attributes);
+ return properties;
}
@Override
public Dictionary<String, Object> getCredentials() {
- // TODO Auto-generated method stub
- return null;
+ return credentials;
}
@Override
public boolean hasCredential(String key, Object value) {
- // TODO Auto-generated method stub
+ Object storedValue = getCredentials().get(key);
+ if (storedValue == null || value == null)
+ return false;
+ if (!(value instanceof String || value instanceof byte[]))
+ return false;
+ if (storedValue instanceof String && value instanceof String)
+ return storedValue.equals(value);
+ if (storedValue instanceof byte[] && value instanceof byte[])
+ return Arrays.equals((byte[]) storedValue, (byte[]) value);
return false;
}
public String toString() {
return dn.toString();
}
-
}