SecurityPolicyUtil.java example

Explorer
midpoint-master
package com.evolveum.midpoint.schema.util;

import java.util.ArrayList;
import java.util.List;

import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractAuthenticationPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.MailAuthenticationPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SmsAuthenticationPolicyType;

public class SecurityPolicyUtil {

	public static AbstractAuthenticationPolicyType getAuthenticationPolicy(String authPolicyName,
			SecurityPolicyType securityPolicy) throws SchemaException {
		MailAuthenticationPolicyType mailAuthPolicy = getMailAuthenticationPolicy(
				authPolicyName, securityPolicy);
		SmsAuthenticationPolicyType smsAuthPolicy = getSmsAuthenticationPolicy(
				authPolicyName, securityPolicy);
		return checkAndGetAuthPolicyConsistence(mailAuthPolicy, smsAuthPolicy);

	}
	
	
	
	public static NonceCredentialsPolicyType getCredentialPolicy(String policyName,
			SecurityPolicyType securityPolicy) throws SchemaException {
		CredentialsPolicyType credentialsPolicy = securityPolicy.getCredentials();
		if (credentialsPolicy == null) {
			return null;
		}

		List<NonceCredentialsPolicyType> noncePolicies = credentialsPolicy.getNonce();

		List<NonceCredentialsPolicyType> availableNoncePolicies = new ArrayList<>();
		for (NonceCredentialsPolicyType noncePolicy : noncePolicies) {
			if (noncePolicy.getName() == null && policyName == null) {
				availableNoncePolicies.add(noncePolicy);
			}

			if (noncePolicy.getName() == null && policyName != null) {
				continue;
			}

			if (noncePolicy.getName() != null && policyName == null) {
				continue;
			}

			if (noncePolicy.getName().equals(policyName)) {
				availableNoncePolicies.add(noncePolicy);
			}
		}

		if (availableNoncePolicies.size() > 1) {
			throw new SchemaException(
					"Found more than one nonce credentials policy. Please review your configuration");
		}

		if (availableNoncePolicies.size() == 0) {
			return null;
		}

		return availableNoncePolicies.iterator().next();
	}
	
	private static MailAuthenticationPolicyType getMailAuthenticationPolicy(String authName,
			SecurityPolicyType securityPolicy) throws SchemaException {
		AuthenticationsPolicyType authPolicies = securityPolicy.getAuthentication();
		if (authPolicies == null) {
			return null;
		}
		return getAuthenticationPolicy(authName, authPolicies.getMailAuthentication());
	}

	private static SmsAuthenticationPolicyType getSmsAuthenticationPolicy(String authName,
			SecurityPolicyType securityPolicy) throws SchemaException {
		AuthenticationsPolicyType authPolicies = securityPolicy.getAuthentication();
		if (authPolicies == null) {
			return null;
		}
		return getAuthenticationPolicy(authName, authPolicies.getSmsAuthentication());
	}

	private static AbstractAuthenticationPolicyType checkAndGetAuthPolicyConsistence(
			MailAuthenticationPolicyType mailPolicy, SmsAuthenticationPolicyType smsPolicy)
					throws SchemaException {
		if (mailPolicy != null && smsPolicy != null) {
			throw new SchemaException(
					"Found both, mail and sms authentication method for registration. Only one of them can be present at the moment");
		}

		if (mailPolicy != null) {
			return mailPolicy;
		}

		return smsPolicy;

	}
	
	private static <T extends AbstractAuthenticationPolicyType> T getAuthenticationPolicy(String authName,
			List<T> authPolicies) throws SchemaException {

		List<T> smsPolicies = new ArrayList<>();

		for (T smsAuthPolicy : authPolicies) {
			if (smsAuthPolicy.getName() == null && authName != null) {
				continue;
			}

			if (smsAuthPolicy.getName() != null && authName == null) {
				continue;
			}

			if (smsAuthPolicy.getName() == null && authName == null) {
				smsPolicies.add(smsAuthPolicy);
			}

			if (smsAuthPolicy.getName().equals(authName)) {
				smsPolicies.add(smsAuthPolicy);
			}

		}

		if (smsPolicies.size() > 1) {
			throw new SchemaException(
					"Found more than one mail authentication policy. Please review your configuration");
		}

		if (smsPolicies.size() == 0) {
			return null;
		}

		return smsPolicies.iterator().next();

	}

	
}