001/* 002 * Copyright 2017-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2017-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2017-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.listener; 037 038 039 040import java.util.Arrays; 041import java.util.List; 042 043import com.unboundid.ldap.sdk.LDAPException; 044import com.unboundid.ldap.sdk.Modification; 045import com.unboundid.ldap.sdk.ReadOnlyEntry; 046import com.unboundid.util.ThreadSafety; 047import com.unboundid.util.ThreadSafetyLevel; 048 049 050 051/** 052 * This class provides an implementation of an in-memory directory server 053 * password encoder that leaves the password in the clear. This doesn't provide 054 * any more protection than leaving passwords unencoded, but it does make it 055 * possible to store these passwords with a prefix, and to use an optional 056 * output format (e.g., to format the clear-text value in base64 or 057 * hexadecimal). 058 */ 059@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 060public final class ClearInMemoryPasswordEncoder 061 extends InMemoryPasswordEncoder 062{ 063 /** 064 * Creates a new instance of this in-memory directory server password encoder 065 * with the provided information. 066 * 067 * @param prefix The string that will appear at the beginning of 068 * encoded passwords. It must not be {@code null} or 069 * empty. 070 * @param outputFormatter The output formatter that will be used to format 071 * the encoded representation of clear-text 072 * passwords. It may be {@code null} if no 073 * special formatting should be applied to the raw 074 * bytes. 075 */ 076 public ClearInMemoryPasswordEncoder(final String prefix, 077 final PasswordEncoderOutputFormatter outputFormatter) 078 { 079 super(prefix, outputFormatter); 080 } 081 082 083 084 /** 085 * {@inheritDoc} 086 */ 087 @Override() 088 protected byte[] encodePassword(final byte[] clearPassword, 089 final ReadOnlyEntry userEntry, 090 final List<Modification> modifications) 091 throws LDAPException 092 { 093 return clearPassword; 094 } 095 096 097 098 /** 099 * {@inheritDoc} 100 */ 101 @Override() 102 protected void ensurePreEncodedPasswordAppearsValid( 103 final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 104 final ReadOnlyEntry userEntry, 105 final List<Modification> modifications) 106 throws LDAPException 107 { 108 // No validation is required. 109 } 110 111 112 113 /** 114 * {@inheritDoc} 115 */ 116 @Override() 117 protected boolean passwordMatches(final byte[] clearPasswordBytes, 118 final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 119 final ReadOnlyEntry userEntry) 120 throws LDAPException 121 { 122 return Arrays.equals(clearPasswordBytes, 123 unPrefixedUnFormattedEncodedPasswordBytes); 124 } 125 126 127 128 /** 129 * {@inheritDoc} 130 */ 131 @Override() 132 protected byte[] extractClearPassword( 133 final byte[] unPrefixedUnFormattedEncodedPasswordBytes, 134 final ReadOnlyEntry userEntry) 135 throws LDAPException 136 { 137 return unPrefixedUnFormattedEncodedPasswordBytes; 138 } 139 140 141 142 /** 143 * {@inheritDoc} 144 */ 145 @Override() 146 public void toString(final StringBuilder buffer) 147 { 148 buffer.append("ClearInMemoryPasswordEncoder(prefix='"); 149 buffer.append(getPrefix()); 150 buffer.append("', outputFormatter="); 151 152 final PasswordEncoderOutputFormatter outputFormatter = 153 getOutputFormatter(); 154 if (outputFormatter == null) 155 { 156 buffer.append("null"); 157 } 158 else 159 { 160 outputFormatter.toString(buffer); 161 } 162 163 buffer.append(')'); 164 } 165}