ContextUtil.java

/*
 * The contents of this file are subject to the terms of the Common Development and
 * Distribution License (the License). You may not use this file except in compliance with the
 * License.
 *
 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
 * specific language governing permission and limitations under the License.
 *
 * When distributing Covered Software, include this CDDL Header Notice in each file and include
 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
 * Header, with the fields enclosed by brackets [] replaced by your own identifying
 * information: "Portions Copyrighted [year] [name of copyright owner]".
 *
 * Copyright © 2014-2015 ForgeRock AS. All rights reserved.
 */
package org.forgerock.openidm.util;

import static org.forgerock.services.context.ClientContext.newInternalClientContext;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.forgerock.services.context.ClientContext;
import org.forgerock.services.context.Context;
import org.forgerock.services.context.RootContext;
import org.forgerock.services.context.SecurityContext;

/**
 */
public class ContextUtil {

    public static final String INTERNAL_AUTHENTICATION_ID = "system";

    /**
     * {@code ContextUtil} instances should NOT be constructed in standard
     * programming. Instead, the class should be used as
     * {@code ContextUtil.createInternalSecurityContext(...);}.
     */
    private ContextUtil() {
        super();
    }

    /**
     * Tests whether the context represents an external routed request, by checking if the client context
     * is present and that it is external
     *
     * @param context the context to inspect
     * @return true if the context represents an external request;
     *      false otherwise, or if the {@link ClientContext} could not be found
     */
    public static boolean isExternal(Context context) {
        return context.containsContext(ClientContext.class)
                && context.asContext(ClientContext.class).isExternal();
    }
    /**
     * Create a internal context used for trusted, internal calls.
     * <p>
     * If the request is initiated in a non-authenticated location (
     * {@code BundleActivator}, {@code Scheduler}, {@code ConfigurationAdmin})
     * this context should be used. The AUTHORIZATION module grants full access
     * to this context.
     *
     * @return a new {@link ClientContext}
     */
    public static Context createInternalContext() {
        // Ideally, we would have an internal system user that we could point to;
        // point to it now and build it later
        final Map<String, Object> authzid = new HashMap<String, Object>();
        authzid.put(SecurityContext.AUTHZID_ID, INTERNAL_AUTHENTICATION_ID);
        List<String> roles = new ArrayList<String>();
        roles.add("system");
        authzid.put(SecurityContext.AUTHZID_ROLES, roles);
        authzid.put(SecurityContext.AUTHZID_COMPONENT, "internal/user");
        return newInternalClientContext(new SecurityContext(new RootContext(), INTERNAL_AUTHENTICATION_ID, authzid));
    }
}