X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifUser.java;h=c4c02a748f8e0eb4130eb9da2cc9bbce4ab70496;hb=eb4324be6ac9cdff15828a21ee7d3f6ca2f19fb9;hp=135645a1233a8e1940dfeb20015a81bfdb984057;hpb=820bdbaef7c69ad478b780ae4241e19563d771ca;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUser.java b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUser.java index 135645a12..c4c02a748 100644 --- a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUser.java +++ b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUser.java @@ -10,10 +10,9 @@ import java.util.Base64; import java.util.Collections; import java.util.Dictionary; import java.util.Enumeration; -import java.util.HashSet; import java.util.Iterator; import java.util.List; -import java.util.Set; +import java.util.StringJoiner; import javax.naming.NamingEnumeration; import javax.naming.NamingException; @@ -24,10 +23,11 @@ import javax.naming.ldap.LdapName; import org.argeo.util.naming.AuthPassword; import org.argeo.util.naming.LdapAttrs; +import org.argeo.util.naming.LdapObjs; import org.argeo.util.naming.SharedSecret; /** Directory user implementation */ -class LdifUser implements DirectoryUser { +abstract class LdifUser implements DirectoryUser { private final AbstractUserDirectory userAdmin; private final LdapName dn; @@ -156,7 +156,7 @@ class LdifUser implements DirectoryUser { byte[] sha1hash(char[] password) { byte[] hashedPassword = ("{SHA}" + Base64.getEncoder().encodeToString(DigestUtils.sha1(DigestUtils.charsToBytes(password)))) - .getBytes(StandardCharsets.UTF_8); + .getBytes(StandardCharsets.UTF_8); return hashedPassword; } @@ -207,9 +207,9 @@ class LdifUser implements DirectoryUser { publishedAttributes = modifiedAttributes; } - public DirectoryUser getPublished() { - return new LdifUser(userAdmin, dn, publishedAttributes, true); - } +// public DirectoryUser getPublished() { +// return new LdifUser(userAdmin, dn, publishedAttributes, true); +// } @Override public int hashCode() { @@ -241,21 +241,23 @@ class LdifUser implements DirectoryUser { private final List attrFilter; private final Boolean includeFilter; - public AttributeDictionary(Boolean includeFilter) { + public AttributeDictionary(Boolean credentials) { this.attrFilter = userAdmin.getCredentialAttributeIds(); - this.includeFilter = includeFilter; + this.includeFilter = credentials; try { NamingEnumeration ids = getAttributes().getIDs(); while (ids.hasMore()) { String id = ids.next(); - if (includeFilter && attrFilter.contains(id)) + if (credentials && attrFilter.contains(id)) effectiveKeys.add(id); - else if (!includeFilter && !attrFilter.contains(id)) + else if (!credentials && !attrFilter.contains(id)) effectiveKeys.add(id); } } catch (NamingException e) { throw new UserDirectoryException("Cannot initialise attribute dictionary", e); } + if (!credentials) + effectiveKeys.add(LdapAttrs.objectClasses.name()); } @Override @@ -295,7 +297,8 @@ class LdifUser implements DirectoryUser { @Override public Object get(Object key) { try { - Attribute attr = getAttributes().get(key.toString()); + Attribute attr = !key.equals(LdapAttrs.objectClasses.name()) ? getAttributes().get(key.toString()) + : getAttributes().get(LdapAttrs.objectClass.name()); if (attr == null) return null; Object value = attr.get(); @@ -307,24 +310,38 @@ class LdifUser implements DirectoryUser { } if (attr.size() == 1) return value; - if (!attr.getID().equals(LdapAttrs.objectClass.name())) - return value; // special case for object class - NamingEnumeration en = attr.getAll(); - Set objectClasses = new HashSet(); - while (en.hasMore()) { - String objectClass = en.next().toString(); - objectClasses.add(objectClass); + if (key.equals(LdapAttrs.objectClass.name())) { + // TODO support multiple object classes + NamingEnumeration en = attr.getAll(); + String first = null; + attrs: while (en.hasMore()) { + String v = en.next().toString(); + if (v.equalsIgnoreCase(LdapObjs.top.name())) + continue attrs; + if (first == null) + first = v; + if (v.equalsIgnoreCase(userAdmin.getUserObjectClass())) + return userAdmin.getUserObjectClass(); + else if (v.equalsIgnoreCase(userAdmin.getGroupObjectClass())) + return userAdmin.getGroupObjectClass(); + } + if (first != null) + return first; + throw new IllegalStateException("Cannot find objectClass in " + value); + } else { + NamingEnumeration en = attr.getAll(); + StringJoiner values = new StringJoiner("\n"); + while (en.hasMore()) { + String v = en.next().toString(); + values.add(v); + } + return values.toString(); } - - if (objectClasses.contains(userAdmin.getUserObjectClass())) - return userAdmin.getUserObjectClass(); - else if (objectClasses.contains(userAdmin.getGroupObjectClass())) - return userAdmin.getGroupObjectClass(); - else - return value; +// else +// return value; } catch (NamingException e) { - throw new UserDirectoryException("Cannot get value for attribute " + key, e); + throw new IllegalStateException("Cannot get value for attribute " + key, e); } } @@ -410,4 +427,11 @@ class LdifUser implements DirectoryUser { return ch >= 32 && ch < 127; } + static class LdifPerson extends LdifUser implements Person { + + public LdifPerson(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) { + super(userAdmin, dn, attributes); + } + + } }