001/* 002 * Copyright 2013-2022 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2013-2022 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2013-2022 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.NotNull; 045import com.unboundid.util.ThreadSafety; 046import com.unboundid.util.ThreadSafetyLevel; 047 048import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 049 050 051 052/** 053 * This class provides a request control that can be included in a modify 054 * request or a password modify extended request in order to indicate that if 055 * the operation results in changing the password for a user, the user's former 056 * password should be marked as "retired", which may allow it to remain in use 057 * for a brief period of time (as configured in the password policy governing 058 * that user) to allow for applications which may have been configured with that 059 * password can be updated to use the new password. 060 * <BR> 061 * <BLOCKQUOTE> 062 * <B>NOTE:</B> This class, and other classes within the 063 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 064 * supported for use against Ping Identity, UnboundID, and 065 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 066 * for proprietary functionality or for external specifications that are not 067 * considered stable or mature enough to be guaranteed to work in an 068 * interoperable way with other types of LDAP servers. 069 * </BLOCKQUOTE> 070 * <BR> 071 * This control has an OID of "1.3.6.1.4.1.30221.2.5.31" and does not have a 072 * value. The criticality may be either true (in which case the operation will 073 * succeed only if the user's password policy allows passwords to be retired by 074 * a request control) or false (in which case if the password policy does not 075 * allow the use of this control, the operation will be processed as if the 076 * control had not been included in the request). 077 * <BR><BR> 078 * <H2>Example</H2> 079 * The following example demonstrates the use of the retire password request 080 * control to request that a user's current password be retired in the course of 081 * a password change. 082 * <PRE> 083 * Control[] requestControls = 084 * { 085 * new RetirePasswordRequestControl(true) 086 * }; 087 * 088 * PasswordModifyExtendedRequest passwordModifyRequest = 089 * new PasswordModifyExtendedRequest( 090 * "uid=test.user,ou=People,dc=example,dc=com", // The user to update 091 * null, // The current password -- we don't know it. 092 * "newPassword", // The new password to assign to the user. 093 * requestControls); // The controls to include in the request. 094 * PasswordModifyExtendedResult passwordModifyResult = 095 * (PasswordModifyExtendedResult) 096 * connection.processExtendedOperation(passwordModifyRequest); 097 * </PRE> 098 * 099 * @see PurgePasswordRequestControl 100 */ 101@NotMutable() 102@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 103public final class RetirePasswordRequestControl 104 extends Control 105{ 106 /** 107 * The OID (1.3.6.1.4.1.30221.2.5.31) for the retire password request control. 108 */ 109 @NotNull public static final String RETIRE_PASSWORD_REQUEST_OID = 110 "1.3.6.1.4.1.30221.2.5.31"; 111 112 113 114 /** 115 * The serial version UID for this serializable class. 116 */ 117 private static final long serialVersionUID = 7261376468186883355L; 118 119 120 121 /** 122 * Creates a new retire password request control with the specified 123 * criticality. 124 * 125 * @param isCritical Indicates whether the control should be considered 126 * critical. 127 */ 128 public RetirePasswordRequestControl(final boolean isCritical) 129 { 130 super(RETIRE_PASSWORD_REQUEST_OID, isCritical, null); 131 } 132 133 134 135 /** 136 * Creates a new retire password request control which is decoded from the 137 * provided generic control. 138 * 139 * @param control The generic control to be decoded as a retire password 140 * request control. 141 * 142 * @throws LDAPException If the provided control cannot be decoded as a 143 * retire password request control. 144 */ 145 public RetirePasswordRequestControl(@NotNull final Control control) 146 throws LDAPException 147 { 148 super(control); 149 150 if (control.hasValue()) 151 { 152 throw new LDAPException(ResultCode.DECODING_ERROR, 153 ERR_RETIRE_PASSWORD_REQUEST_CONTROL_HAS_VALUE.get()); 154 } 155 } 156 157 158 159 /** 160 * {@inheritDoc} 161 */ 162 @Override() 163 @NotNull() 164 public String getControlName() 165 { 166 return INFO_CONTROL_NAME_RETIRE_PASSWORD_REQUEST.get(); 167 } 168 169 170 171 /** 172 * {@inheritDoc} 173 */ 174 @Override() 175 public void toString(@NotNull final StringBuilder buffer) 176 { 177 buffer.append("RetirePasswordRequestControl(isCritical="); 178 buffer.append(isCritical()); 179 buffer.append(')'); 180 } 181}