2 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.controller.usermanager;
11 import java.io.Serializable;
12 import java.util.ArrayList;
13 import java.util.Iterator;
14 import java.util.List;
15 import java.util.regex.Matcher;
16 import java.util.regex.Pattern;
18 import org.opendaylight.controller.sal.authorization.AuthResultEnum;
19 import org.opendaylight.controller.sal.utils.Status;
20 import org.opendaylight.controller.sal.utils.StatusCode;
21 import org.opendaylight.controller.usermanager.AuthResponse;
24 * Configuration Java Object which represents a Local AAA user configuration
25 * information for User Manager.
27 public class UserConfig implements Serializable {
28 private static final long serialVersionUID = 1L;
31 * Clear text password as we are moving to some MD5 digest for when saving
34 protected String user;
35 protected List<String> roles;
36 private String password;
37 private static final int USERNAME_MAXLENGTH = 32;
38 private static final int PASSWORD_MINLENGTH = 5;
39 private static final int PASSWORD_MAXLENGTH = 256;
40 private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern
41 .compile("([/\\s\\.\\?#%;\\\\]+)");
46 public UserConfig(String user, String password, List<String> roles) {
48 this.password = password;
49 this.roles = (roles == null) ? new ArrayList<String>()
50 : new ArrayList<String>(roles);
53 public String getUser() {
57 public String getPassword() {
61 public List<String> getRoles() {
62 return new ArrayList<String>(roles);
66 public int hashCode() {
69 result = prime * result
70 + ((password == null) ? 0 : password.hashCode());
71 result = prime * result + ((roles == null) ? 0 : roles.hashCode());
72 result = prime * result + ((user == null) ? 0 : user.hashCode());
77 public boolean equals(Object obj) {
82 if (getClass() != obj.getClass())
84 UserConfig other = (UserConfig) obj;
85 if (password == null) {
86 if (other.password != null)
88 } else if (!password.equals(other.password))
91 if (other.roles != null)
93 } else if (!roles.equals(other.roles))
96 if (other.user != null)
98 } else if (!user.equals(other.user))
104 public String toString() {
105 return "UserConfig[user=" + user + ", password=" + password + ", roles=" + roles +"]";
108 public Status validate() {
109 Status validCheck = validateRoles();
110 if (validCheck.isSuccess()) {
111 validCheck = validateUsername();
113 if (validCheck.isSuccess()) {
114 validCheck = validatePassword();
119 protected Status validateUsername() {
120 if (user == null || user.isEmpty()) {
121 return new Status(StatusCode.BADREQUEST, "Username cannot be empty");
124 Matcher mUser = UserConfig.INVALID_USERNAME_CHARACTERS.matcher(user);
125 if (user.length() > UserConfig.USERNAME_MAXLENGTH
126 || mUser.find() == true) {
127 return new Status(StatusCode.BADREQUEST,
128 "Username can have 1-32 non-whitespace "
129 + "alphanumeric characters and any special "
130 + "characters except ./#%;?\\");
133 return new Status(StatusCode.SUCCESS);
136 private Status validatePassword() {
137 if (password == null || password.isEmpty()) {
138 return new Status(StatusCode.BADREQUEST, "Password cannot be empty");
141 if (password.length() < UserConfig.PASSWORD_MINLENGTH
142 || password.length() > UserConfig.PASSWORD_MAXLENGTH) {
143 return new Status(StatusCode.BADREQUEST,
144 "Password should have 5-256 characters");
146 return new Status(StatusCode.SUCCESS);
149 protected Status validateRoles() {
150 if (roles == null || roles.isEmpty()) {
151 return new Status(StatusCode.BADREQUEST, "No role specified");
153 return new Status(StatusCode.SUCCESS);
156 public Status update(String currentPassword, String newPassword,
157 List<String> newRoles) {
158 // To make any changes to a user configured profile, current password
159 // must always be provided
160 if (!this.password.equals(currentPassword)) {
161 return new Status(StatusCode.BADREQUEST,
162 "Current password is incorrect");
165 // Create a new object with the proposed modifications
166 UserConfig proposed = new UserConfig();
167 proposed.user = this.user;
168 proposed.password = (newPassword != null)? newPassword : this.password;
169 proposed.roles = (newRoles != null)? newRoles : this.roles;
172 Status status = proposed.validate();
173 if (!status.isSuccess()) {
177 // Accept the modifications
178 this.user = proposed.user;
179 this.password = proposed.password;
180 this.roles = new ArrayList<String>(proposed.roles);
185 public AuthResponse authenticate(String clearTextPass) {
186 AuthResponse locResponse = new AuthResponse();
187 if (password.equals(clearTextPass)) {
188 locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
189 locResponse.addData(getRolesString());
191 locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
196 protected String getRolesString() {
197 StringBuffer buffer = new StringBuffer();
198 if (!roles.isEmpty()) {
199 Iterator<String> iter = roles.iterator();
200 buffer.append(iter.next());
201 while (iter.hasNext()) {
203 buffer.append(iter.next());
206 return buffer.toString();