package org.apereo.cas.gua.impl;
import com.google.common.io.ByteSource;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.gua.GraphicalUserAuthenticationProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.gua.api.UserGraphicalAuthenticationRepository;
import org.apereo.cas.util.LdapUtils;
import org.ldaptive.LdapAttribute;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.Response;
import org.ldaptive.ReturnAttributes;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.Arrays;
/**
* This is {@link LdapUserGraphicalAuthenticationRepository}.
*
* @author Misagh Moayyed
* @since 5.1.0
*/
public class LdapUserGraphicalAuthenticationRepository implements UserGraphicalAuthenticationRepository {
private static final long serialVersionUID = 421732017215881244L;
private static final Logger LOGGER = LoggerFactory.getLogger(LdapUserGraphicalAuthenticationRepository.class);
@Autowired
private CasConfigurationProperties casProperties;
@Override
public ByteSource getGraphics(final String username) {
try {
final GraphicalUserAuthenticationProperties gua = casProperties.getAuthn().getGua();
final Response<SearchResult> response = searchForId(username);
if (LdapUtils.containsResultEntry(response)) {
final LdapEntry entry = response.getResult().getEntry();
final LdapAttribute attribute = entry.getAttribute(gua.getLdap().getImageAttribute());
if (attribute != null && attribute.isBinary()) {
return ByteSource.wrap(attribute.getBinaryValue());
}
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return ByteSource.empty();
}
private Response<SearchResult> searchForId(final String id) throws LdapException {
final GraphicalUserAuthenticationProperties gua = casProperties.getAuthn().getGua();
final SearchFilter filter = Beans.newLdaptiveSearchFilter(gua.getLdap().getUserFilter(),
Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME,
Arrays.asList(id));
return LdapUtils.executeSearchOperation(
Beans.newLdaptiveConnectionFactory(gua.getLdap()),
gua.getLdap().getBaseDn(), filter,
new String[]{gua.getLdap().getImageAttribute()},
ReturnAttributes.NONE.value());
}
}