001/* 002 * Copyright 2016-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2016-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2016-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.extensions; 037 038 039 040import com.unboundid.asn1.ASN1Element; 041import com.unboundid.asn1.ASN1OctetString; 042import com.unboundid.asn1.ASN1Sequence; 043import com.unboundid.ldap.sdk.Control; 044import com.unboundid.ldap.sdk.ExtendedResult; 045import com.unboundid.ldap.sdk.LDAPException; 046import com.unboundid.ldap.sdk.ResultCode; 047import com.unboundid.util.Debug; 048import com.unboundid.util.NotMutable; 049import com.unboundid.util.StaticUtils; 050import com.unboundid.util.ThreadSafety; 051import com.unboundid.util.ThreadSafetyLevel; 052import com.unboundid.util.Validator; 053 054import static com.unboundid.ldap.sdk.unboundidds.extensions.ExtOpMessages.*; 055 056 057 058/** 059 * This class provides an implementation of an extended result that may be used 060 * to provide the client with a TOTP shared secret generated by the server in 061 * response to a {@link GenerateTOTPSharedSecretExtendedRequest}. 062 * <BR> 063 * <BLOCKQUOTE> 064 * <B>NOTE:</B> This class, and other classes within the 065 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 066 * supported for use against Ping Identity, UnboundID, and 067 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 068 * for proprietary functionality or for external specifications that are not 069 * considered stable or mature enough to be guaranteed to work in an 070 * interoperable way with other types of LDAP servers. 071 * </BLOCKQUOTE> 072 * <BR> 073 * If the extended request was processed successfully, then this result will 074 * have an OID of 1.3.6.1.4.1.30221.2.6.57 and a value with the following 075 * encoding: 076 * <BR><BR> 077 * <PRE> 078 * GenerateTOTPSharedSecretResult ::= SEQUENCE { 079 * totpSharedSecret [0] OCTET STRING } 080 * ... } 081 * </PRE> 082 */ 083@NotMutable() 084@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 085public final class GenerateTOTPSharedSecretExtendedResult 086 extends ExtendedResult 087{ 088 /** 089 * The OID (1.3.6.1.4.1.30221.2.6.57) for the generate TOTP shared secret 090 * extended result. 091 */ 092 public static final String GENERATE_TOTP_SHARED_SECRET_RESULT_OID = 093 "1.3.6.1.4.1.30221.2.6.57"; 094 095 096 097 /** 098 * The BER type for the TOTP shared secret element of the result value 099 * sequence. 100 */ 101 private static final byte TYPE_TOTP_SHARED_SECRET = (byte) 0x80; 102 103 104 105 /** 106 * The serial version UID for this serializable class. 107 */ 108 private static final long serialVersionUID = 8505040895542971346L; 109 110 111 112 // The base32-encoded representation TOTP shared secret generated by the 113 // server. 114 private final String totpSharedSecret; 115 116 117 118 /** 119 * Generates a new generate TOTP shared secret extended result for the case in 120 * which the server was able to generate the requested TOTP shared secret. 121 * 122 * @param messageID The message ID for the LDAP message that is 123 * associated with this LDAP result. 124 * @param totpSharedSecret The base32-encoded representation of the TOTP 125 * shared secret generated by the server. It must 126 * not be {@code null}. 127 * @param responseControls The set of controls from the response, if 128 * available. 129 */ 130 public GenerateTOTPSharedSecretExtendedResult(final int messageID, 131 final String totpSharedSecret, final Control... responseControls) 132 { 133 this(messageID, ResultCode.SUCCESS, null, null, null, totpSharedSecret, 134 responseControls); 135 } 136 137 138 139 /** 140 * Creates a new generate TOTP shared secret extended result with the provided 141 * information. 142 * 143 * @param messageID The message ID for the LDAP message that is 144 * associated with this LDAP result. 145 * @param resultCode The result code from the response. 146 * @param diagnosticMessage The diagnostic message from the response, if 147 * available. 148 * @param matchedDN The matched DN from the response, if available. 149 * @param referralURLs The set of referral URLs from the response, if 150 * available. 151 * @param totpSharedSecret The base32-encoded representation of the TOTP 152 * shared secret generated by the server, if 153 * available. 154 * @param responseControls The set of controls from the response, if 155 * available. 156 */ 157 public GenerateTOTPSharedSecretExtendedResult(final int messageID, 158 final ResultCode resultCode, final String diagnosticMessage, 159 final String matchedDN, final String[] referralURLs, 160 final String totpSharedSecret, final Control... responseControls) 161 { 162 super(messageID, resultCode, diagnosticMessage, matchedDN, referralURLs, 163 ((totpSharedSecret == null) 164 ? null 165 : GENERATE_TOTP_SHARED_SECRET_RESULT_OID), 166 encodeValue(totpSharedSecret), responseControls); 167 168 this.totpSharedSecret = totpSharedSecret; 169 170 if (totpSharedSecret == null) 171 { 172 Validator.ensureTrue((resultCode != ResultCode.SUCCESS), 173 "If the result code is SUCCESS, the TOTP shared secret must be " + 174 "non-null"); 175 } 176 } 177 178 179 180 /** 181 * Creates a new generate TOTP shared secret extended result from the provided 182 * extended result. 183 * 184 * @param extendedResult The extended result to be decoded as a generate 185 * TOTP shared secret extended result. It must not be 186 * {@code null}. 187 * 188 * @throws LDAPException If the provided extended result cannot be decoded 189 * as a generate TOTP shared secret result. 190 */ 191 public GenerateTOTPSharedSecretExtendedResult( 192 final ExtendedResult extendedResult) 193 throws LDAPException 194 { 195 super(extendedResult); 196 197 final ASN1OctetString value = extendedResult.getValue(); 198 if (value == null) 199 { 200 totpSharedSecret = null; 201 } 202 else 203 { 204 try 205 { 206 final ASN1Element[] elements = 207 ASN1Sequence.decodeAsSequence(value.getValue()).elements(); 208 totpSharedSecret = 209 ASN1OctetString.decodeAsOctetString(elements[0]).stringValue(); 210 } 211 catch (final Exception e) 212 { 213 Debug.debugException(e); 214 throw new LDAPException(ResultCode.DECODING_ERROR, 215 ERR_GEN_TOTP_SECRET_RESULT_ERROR_DECODING_VALUE.get( 216 StaticUtils.getExceptionMessage(e))); 217 } 218 } 219 } 220 221 222 223 /** 224 * Encodes the provided information into an ASN.1 octet string suitable for 225 * use as the value of this extended result. 226 * 227 * @param totpSharedSecret The base32-encoded representation of the TOTP 228 * shared secret generated by the server, if 229 * available. 230 * 231 * @return The ASN.1 octet string suitable for use as the value of this 232 * extended result, or {@code null} if there should be no value. 233 */ 234 private static ASN1OctetString encodeValue(final String totpSharedSecret) 235 { 236 if (totpSharedSecret == null) 237 { 238 return null; 239 } 240 241 return new ASN1OctetString(new ASN1Sequence(new ASN1OctetString( 242 TYPE_TOTP_SHARED_SECRET, totpSharedSecret)).encode()); 243 } 244 245 246 247 /** 248 * Retrieves the base32-encoded representation of the TOTP shared secret 249 * generated by the server, if available. 250 * 251 * @return The base32-encoded representation of the TOTP shared secret 252 * generated by the server, or {@code null} if none was provided. 253 */ 254 public String getTOTPSharedSecret() 255 { 256 return totpSharedSecret; 257 } 258 259 260 261 /** 262 * {@inheritDoc} 263 */ 264 @Override() 265 public String getExtendedResultName() 266 { 267 return INFO_GEN_TOTP_SECRET_RESULT_NAME.get(); 268 } 269 270 271 272 /** 273 * Appends a string representation of this extended result to the provided 274 * buffer. 275 * 276 * @param buffer The buffer to which a string representation of this 277 * extended result will be appended. 278 */ 279 @Override() 280 public void toString(final StringBuilder buffer) 281 { 282 buffer.append("GenerateTOTPSharedSecretExtendedResult(resultCode="); 283 buffer.append(getResultCode()); 284 285 final int messageID = getMessageID(); 286 if (messageID >= 0) 287 { 288 buffer.append(", messageID="); 289 buffer.append(messageID); 290 } 291 292 final String diagnosticMessage = getDiagnosticMessage(); 293 if (diagnosticMessage != null) 294 { 295 buffer.append(", diagnosticMessage='"); 296 buffer.append(diagnosticMessage); 297 buffer.append('\''); 298 } 299 300 final String matchedDN = getMatchedDN(); 301 if (matchedDN != null) 302 { 303 buffer.append(", matchedDN='"); 304 buffer.append(matchedDN); 305 buffer.append('\''); 306 } 307 308 final String[] referralURLs = getReferralURLs(); 309 if (referralURLs.length > 0) 310 { 311 buffer.append(", referralURLs={"); 312 for (int i=0; i < referralURLs.length; i++) 313 { 314 if (i > 0) 315 { 316 buffer.append(", "); 317 } 318 319 buffer.append('\''); 320 buffer.append(referralURLs[i]); 321 buffer.append('\''); 322 } 323 buffer.append('}'); 324 } 325 326 final Control[] responseControls = getResponseControls(); 327 if (responseControls.length > 0) 328 { 329 buffer.append(", responseControls={"); 330 for (int i=0; i < responseControls.length; i++) 331 { 332 if (i > 0) 333 { 334 buffer.append(", "); 335 } 336 337 buffer.append(responseControls[i]); 338 } 339 buffer.append('}'); 340 } 341 342 buffer.append(')'); 343 } 344}