001/* 002 * Copyright 2007-2022 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2007-2022 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2007-2022 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.NotNull; 045import com.unboundid.util.ThreadSafety; 046import com.unboundid.util.ThreadSafetyLevel; 047 048import static com.unboundid.ldap.sdk.controls.ControlMessages.*; 049 050 051 052/** 053 * This class provides an implementation of the authorization identity bind 054 * request control as described in 055 * <A HREF="http://www.ietf.org/rfc/rfc3829.txt">RFC 3829</A>. It may be 056 * included in a bind request to request that the server include the 057 * authorization identity associated with the client connection in the bind 058 * response message, in the form of an 059 * {@link AuthorizationIdentityResponseControl}. 060 * <BR><BR> 061 * The authorization identity request control is similar to the "Who Am I?" 062 * extended request as implemented in the 063 * {@link com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest} class. The 064 * primary difference between them is that the "Who Am I?" extended request can 065 * be used at any time but requires a separate operation, while the 066 * authorization identity request control can be included only with a bind 067 * request but does not require a separate operation. 068 * <BR><BR> 069 * <H2>Example</H2> 070 * The following example demonstrates the use of the authorization identity 071 * request and response controls. It authenticates to the directory server and 072 * attempts to retrieve the authorization identity from the response: 073 * <PRE> 074 * String authzID = null; 075 * BindRequest bindRequest = 076 * new SimpleBindRequest("uid=test.user,ou=People,dc=example,dc=com", 077 * "password", new AuthorizationIdentityRequestControl()); 078 * 079 * BindResult bindResult = connection.bind(bindRequest); 080 * AuthorizationIdentityResponseControl authzIdentityResponse = 081 * AuthorizationIdentityResponseControl.get(bindResult); 082 * if (authzIdentityResponse != null) 083 * { 084 * authzID = authzIdentityResponse.getAuthorizationID(); 085 * } 086 * </PRE> 087 */ 088@NotMutable() 089@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 090public final class AuthorizationIdentityRequestControl 091 extends Control 092{ 093 /** 094 * The OID (2.16.840.1.113730.3.4.16) for the authorization identity request 095 * control. 096 */ 097 @NotNull public static final String AUTHORIZATION_IDENTITY_REQUEST_OID = 098 "2.16.840.1.113730.3.4.16"; 099 100 101 102 /** 103 * The serial version UID for this serializable class. 104 */ 105 private static final long serialVersionUID = -4059607155175828138L; 106 107 108 109 /** 110 * Creates a new authorization identity request control. The control will not 111 * be marked critical. 112 */ 113 public AuthorizationIdentityRequestControl() 114 { 115 super(AUTHORIZATION_IDENTITY_REQUEST_OID, false, null); 116 } 117 118 119 120 /** 121 * Creates a new authorization identity request control. 122 * 123 * @param isCritical Indicates whether the control should be marked 124 * critical. 125 */ 126 public AuthorizationIdentityRequestControl(final boolean isCritical) 127 { 128 super(AUTHORIZATION_IDENTITY_REQUEST_OID, isCritical, null); 129 } 130 131 132 133 /** 134 * Creates a new authorization identity request control which is decoded from 135 * the provided generic control. 136 * 137 * @param control The generic control to be decoded as an authorization 138 * identity request control. 139 * 140 * @throws LDAPException If the provided control cannot be decoded as an 141 * authorization identity request control. 142 */ 143 public AuthorizationIdentityRequestControl(@NotNull final Control control) 144 throws LDAPException 145 { 146 super(control); 147 148 if (control.hasValue()) 149 { 150 throw new LDAPException(ResultCode.DECODING_ERROR, 151 ERR_AUTHZID_REQUEST_HAS_VALUE.get()); 152 } 153 } 154 155 156 157 /** 158 * {@inheritDoc} 159 */ 160 @Override() 161 @NotNull() 162 public String getControlName() 163 { 164 return INFO_CONTROL_NAME_AUTHZID_REQUEST.get(); 165 } 166 167 168 169 /** 170 * {@inheritDoc} 171 */ 172 @Override() 173 public void toString(@NotNull final StringBuilder buffer) 174 { 175 buffer.append("AuthorizationIdentityRequestControl(isCritical="); 176 buffer.append(isCritical()); 177 buffer.append(')'); 178 } 179}