001/* 002 * Copyright 2013-2022 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2013-2022 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2013-2022 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.NotNull; 045import com.unboundid.util.ThreadSafety; 046import com.unboundid.util.ThreadSafetyLevel; 047 048import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 049 050 051 052/** 053 * This class provides a request control that can be included in a modify 054 * request or a password modify extended request in order to indicate that if 055 * the operation results in changing the password for a user, the user's former 056 * password should be purged from the entry rather than retired, and any 057 * existing retired password should also be purged. 058 * <BR> 059 * <BLOCKQUOTE> 060 * <B>NOTE:</B> This class, and other classes within the 061 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 062 * supported for use against Ping Identity, UnboundID, and 063 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 064 * for proprietary functionality or for external specifications that are not 065 * considered stable or mature enough to be guaranteed to work in an 066 * interoperable way with other types of LDAP servers. 067 * </BLOCKQUOTE> 068 * <BR> 069 * This control has an OID of "1.3.6.1.4.1.30221.2.5.32" and does not have a 070 * value. The criticality may be either true (in which case the operation will 071 * succeed only if the user's password policy allows passwords to be retired by 072 * a request control) or false (in which case if the password policy does not 073 * allow the use of this control, the operation will be processed as if the 074 * control had not been included in the request). 075 * <BR><BR> 076 * <H2>Example</H2> 077 * The following example demonstrates the use of the purge password request 078 * control to request that a user's current password be purged in the course of 079 * a password change. 080 * <PRE> 081 * Control[] requestControls = 082 * { 083 * new PurgePasswordRequestControl(true) 084 * }; 085 * 086 * PasswordModifyExtendedRequest passwordModifyRequest = 087 * new PasswordModifyExtendedRequest( 088 * "uid=test.user,ou=People,dc=example,dc=com", // The user to update 089 * null, // The current password -- we don't know it. 090 * "newPassword", // The new password to assign to the user. 091 * requestControls); // The controls to include in the request. 092 * PasswordModifyExtendedResult passwordModifyResult = 093 * (PasswordModifyExtendedResult) 094 * connection.processExtendedOperation(passwordModifyRequest); 095 * </PRE> 096 * 097 * @see RetirePasswordRequestControl 098 */ 099@NotMutable() 100@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 101public final class PurgePasswordRequestControl 102 extends Control 103{ 104 /** 105 * The OID (1.3.6.1.4.1.30221.2.5.32) for the purge password request control. 106 */ 107 @NotNull public static final String PURGE_PASSWORD_REQUEST_OID = 108 "1.3.6.1.4.1.30221.2.5.32"; 109 110 111 112 /** 113 * The serial version UID for this serializable class. 114 */ 115 private static final long serialVersionUID = -3756801088881565921L; 116 117 118 119 /** 120 * Creates a new retire password request control with the specified 121 * criticality. 122 * 123 * @param isCritical Indicates whether the control should be considered 124 * critical. 125 */ 126 public PurgePasswordRequestControl(final boolean isCritical) 127 { 128 super(PURGE_PASSWORD_REQUEST_OID, isCritical, null); 129 } 130 131 132 133 /** 134 * Creates a new retire password request control which is decoded from the 135 * provided generic control. 136 * 137 * @param control The generic control to be decoded as a retire password 138 * request control. 139 * 140 * @throws LDAPException If the provided control cannot be decoded as a 141 * retire password request control. 142 */ 143 public PurgePasswordRequestControl(@NotNull final Control control) 144 throws LDAPException 145 { 146 super(control); 147 148 if (control.hasValue()) 149 { 150 throw new LDAPException(ResultCode.DECODING_ERROR, 151 ERR_PURGE_PASSWORD_REQUEST_CONTROL_HAS_VALUE.get()); 152 } 153 } 154 155 156 157 /** 158 * {@inheritDoc} 159 */ 160 @Override() 161 @NotNull() 162 public String getControlName() 163 { 164 return INFO_CONTROL_NAME_PURGE_PASSWORD_REQUEST.get(); 165 } 166 167 168 169 /** 170 * {@inheritDoc} 171 */ 172 @Override() 173 public void toString(@NotNull final StringBuilder buffer) 174 { 175 buffer.append("PurgePasswordRequestControl(isCritical="); 176 buffer.append(isCritical()); 177 buffer.append(')'); 178 } 179}