org.argeo.util/src/org/argeo/osgi/useradmin/TokenUtils.java

   1 package org.argeo.osgi.useradmin;
   2
   3 import static org.argeo.util.naming.LdapAttrs.description;
   4 import static org.argeo.util.naming.LdapAttrs.owner;
   5
   6 import java.security.Principal;
   7 import java.time.Instant;
   8 import java.util.HashSet;
   9 import java.util.Set;
  10
  11 import javax.naming.InvalidNameException;
  12 import javax.naming.ldap.LdapName;
  13 import javax.security.auth.Subject;
  14
  15 import org.argeo.util.naming.NamingUtils;
  16 import org.osgi.service.useradmin.Group;
  17
  18 /**
  19  * Canonically implements the Argeo token conventions.
  20  */
  21 public class TokenUtils {
  22         public static Set<String> tokensUsed(Subject subject, String tokensBaseDn) {
  23                 Set<String> res = new HashSet<>();
  24                 for (Principal principal : subject.getPrincipals()) {
  25                         String name = principal.getName();
  26                         if (name.endsWith(tokensBaseDn)) {
  27                                 try {
  28                                         LdapName ldapName = new LdapName(name);
  29                                         String token = ldapName.getRdn(ldapName.size()).getValue().toString();
  30                                         res.add(token);
  31                                 } catch (InvalidNameException e) {
  32                                         throw new IllegalArgumentException("Invalid principal " + principal, e);
  33                                 }
  34                         }
  35                 }
  36                 return res;
  37         }
  38
  39         /** The user related to this token group */
  40         public static String userDn(Group tokenGroup) {
  41                 return (String) tokenGroup.getProperties().get(owner.name());
  42         }
  43
  44         public static boolean isExpired(Group tokenGroup) {
  45                 return isExpired(tokenGroup, Instant.now());
  46
  47         }
  48
  49         public static boolean isExpired(Group tokenGroup, Instant instant) {
  50                 String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
  51                 if (expiryDateStr != null) {
  52                         Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
  53                         if (expiryDate.isBefore(instant)) {
  54                                 return true;
  55                         }
  56                 }
  57                 return false;
  58         }
  59
  60 //      private final String token;
  61 //
  62 //      public TokenUtils(String token) {
  63 //              this.token = token;
  64 //      }
  65 //
  66 //      public String getToken() {
  67 //              return token;
  68 //      }
  69 //
  70 //      @Override
  71 //      public int hashCode() {
  72 //              return token.hashCode();
  73 //      }
  74 //
  75 //      @Override
  76 //      public boolean equals(Object obj) {
  77 //              if ((obj instanceof TokenUtils) && ((TokenUtils) obj).token.equals(token))
  78 //                      return true;
  79 //              return false;
  80 //      }
  81 //
  82 //      @Override
  83 //      public String toString() {
  84 //              return "Token #" + hashCode();
  85 //      }
  86
  87 }