LdapAuthority.java

/*
 * Copyright 2002-2014 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.ldap.userdetails;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;

import java.util.Collections;
import java.util.List;
import java.util.Map;

/**
 * An authority that contains at least a DN and a role name for an LDAP entry but can also
 * contain other desired attributes to be fetched during an LDAP authority search.
 *
 * @author Filip Hanik
 */
public class LdapAuthority implements GrantedAuthority {

	private String dn;
	private String role;
	private Map<String, List<String>> attributes;

	/**
	 * Constructs an LdapAuthority that has a role and a DN but no other attributes
	 *
	 * @param role
	 * @param dn
	 */
	public LdapAuthority(String role, String dn) {
		this(role, dn, null);
	}

	/**
	 * Constructs an LdapAuthority with the given role, DN and other LDAP attributes
	 *
	 * @param role
	 * @param dn
	 * @param attributes
	 */
	public LdapAuthority(String role, String dn, Map<String, List<String>> attributes) {
		Assert.notNull(role, "role can not be null");
		Assert.notNull(dn, "dn can not be null");

		this.role = role;
		this.dn = dn;
		this.attributes = attributes;
	}

	/**
	 * Returns the LDAP attributes
	 *
	 * @return the LDAP attributes, map can be null
	 */
	public Map<String, List<String>> getAttributes() {
		return attributes;
	}

	/**
	 * Returns the DN for this LDAP authority
	 *
	 * @return
	 */
	public String getDn() {
		return dn;
	}

	/**
	 * Returns the values for a specific attribute
	 *
	 * @param name the attribute name
	 * @return a String array, never null but may be zero length
	 */
	public List<String> getAttributeValues(String name) {
		List<String> result = null;
		if (attributes != null) {
			result = attributes.get(name);
		}
		if (result == null) {
			result = Collections.emptyList();
		}
		return result;
	}

	/**
	 * Returns the first attribute value for a specified attribute
	 *
	 * @param name
	 * @return the first attribute value for a specified attribute, may be null
	 */
	public String getFirstAttributeValue(String name) {
		List<String> result = getAttributeValues(name);
		if (result.isEmpty()) {
			return null;
		}
		else {
			return result.get(0);
		}
	}

	/**
	 * {@inheritDoc}
	 */
	public String getAuthority() {
		return role;
	}

	/**
	 * Compares the LdapAuthority based on {@link #getAuthority()} and {@link #getDn()}
	 * values {@inheritDoc}
	 */
	@Override
	public boolean equals(Object o) {
		if (this == o) {
			return true;
		}
		if (!(o instanceof LdapAuthority)) {
			return false;
		}

		LdapAuthority that = (LdapAuthority) o;

		if (!dn.equals(that.dn)) {
			return false;
		}
		return role.equals(that.role);
	}

	@Override
	public int hashCode() {
		int result = dn.hashCode();
		result = 31 * result + (role != null ? role.hashCode() : 0);
		return result;
	}

	@Override
	public String toString() {
		return "LdapAuthority{" + "dn='" + dn + '\'' + ", role='" + role + '\'' + '}';
	}
}