/*
* Copyright 2002-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.ldap.userdetails;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
import java.util.Collections;
import java.util.List;
import java.util.Map;
/**
* An authority that contains at least a DN and a role name for an LDAP entry but can also
* contain other desired attributes to be fetched during an LDAP authority search.
*
* @author Filip Hanik
*/
public class LdapAuthority implements GrantedAuthority {
private String dn;
private String role;
private Map<String, List<String>> attributes;
/**
* Constructs an LdapAuthority that has a role and a DN but no other attributes
*
* @param role
* @param dn
*/
public LdapAuthority(String role, String dn) {
this(role, dn, null);
}
/**
* Constructs an LdapAuthority with the given role, DN and other LDAP attributes
*
* @param role
* @param dn
* @param attributes
*/
public LdapAuthority(String role, String dn, Map<String, List<String>> attributes) {
Assert.notNull(role, "role can not be null");
Assert.notNull(dn, "dn can not be null");
this.role = role;
this.dn = dn;
this.attributes = attributes;
}
/**
* Returns the LDAP attributes
*
* @return the LDAP attributes, map can be null
*/
public Map<String, List<String>> getAttributes() {
return attributes;
}
/**
* Returns the DN for this LDAP authority
*
* @return
*/
public String getDn() {
return dn;
}
/**
* Returns the values for a specific attribute
*
* @param name the attribute name
* @return a String array, never null but may be zero length
*/
public List<String> getAttributeValues(String name) {
List<String> result = null;
if (attributes != null) {
result = attributes.get(name);
}
if (result == null) {
result = Collections.emptyList();
}
return result;
}
/**
* Returns the first attribute value for a specified attribute
*
* @param name
* @return the first attribute value for a specified attribute, may be null
*/
public String getFirstAttributeValue(String name) {
List<String> result = getAttributeValues(name);
if (result.isEmpty()) {
return null;
}
else {
return result.get(0);
}
}
/**
* {@inheritDoc}
*/
public String getAuthority() {
return role;
}
/**
* Compares the LdapAuthority based on {@link #getAuthority()} and {@link #getDn()}
* values {@inheritDoc}
*/
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
}
if (!(o instanceof LdapAuthority)) {
return false;
}
LdapAuthority that = (LdapAuthority) o;
if (!dn.equals(that.dn)) {
return false;
}
return role.equals(that.role);
}
@Override
public int hashCode() {
int result = dn.hashCode();
result = 31 * result + (role != null ? role.hashCode() : 0);
return result;
}
@Override
public String toString() {
return "LdapAuthority{" + "dn='" + dn + '\'' + ", role='" + role + '\'' + '}';
}
}