1 /*
2 * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.security.sasl;
27
28 import javax.security.sasl.*;
29
30 /**
31 * Implements the EXTERNAL SASL client mechanism.
32 * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>).
33 * The EXTERNAL mechanism returns the optional authorization ID as
34 * the initial response. It processes no challenges.
35 *
36 * @author Rosanna Lee
37 */
38 final class ExternalClient implements SaslClient {
39 private byte[] username;
40 private boolean completed = false;
41
42 /**
43 * Constructs an External mechanism with optional authorization ID.
44 *
45 * @param authorizationID If non-null, used to specify authorization ID.
46 * @throws SaslException if cannot convert authorizationID into UTF-8
47 * representation.
48 */
49 ExternalClient(String authorizationID) throws SaslException {
50 if (authorizationID != null) {
51 try {
52 username = authorizationID.getBytes("UTF8");
53 } catch (java.io.UnsupportedEncodingException e) {
54 throw new SaslException("Cannot convert " + authorizationID +
55 " into UTF-8", e);
56 }
57 } else {
58 username = new byte[0];
59 }
60 }
61
62 /**
63 * Retrieves this mechanism's name for initiating the "EXTERNAL" protocol
64 * exchange.
65 *
66 * @return The string "EXTERNAL".
67 */
68 public String getMechanismName() {
69 return "EXTERNAL";
70 }
71
72 /**
73 * This mechanism has an initial response.
74 */
75 public boolean hasInitialResponse() {
76 return true;
77 }
78
79 public void dispose() throws SaslException {
80 }
81
82 /**
83 * Processes the challenge data.
84 * It returns the EXTERNAL mechanism's initial response,
85 * which is the authorization id encoded in UTF-8.
86 * This is the optional information that is sent along with the SASL command.
87 * After this method is called, isComplete() returns true.
88 *
89 * @param challengeData Ignored.
90 * @return The possible empty initial response.
91 * @throws SaslException If authentication has already been called.
92 */
93 public byte[] evaluateChallenge(byte[] challengeData)
94 throws SaslException {
95 if (completed) {
96 throw new IllegalStateException(
97 "EXTERNAL authentication already completed");
98 }
99 completed = true;
100 return username;
101 }
102
103 /**
104 * Returns whether this mechanism is complete.
105 * @return true if initial response has been sent; false otherwise.
106 */
107 public boolean isComplete() {
108 return completed;
109 }
110
111 /**
112 * Unwraps the incoming buffer.
113 *
114 * @throws SaslException Not applicable to this mechanism.
115 */
116 public byte[] unwrap(byte[] incoming, int offset, int len)
117 throws SaslException {
118 if (completed) {
119 throw new SaslException("EXTERNAL has no supported QOP");
120 } else {
121 throw new IllegalStateException(
122 "EXTERNAL authentication Not completed");
123 }
124 }
125
126 /**
127 * Wraps the outgoing buffer.
128 *
129 * @throws SaslException Not applicable to this mechanism.
130 */
131 public byte[] wrap(byte[] outgoing, int offset, int len)
132 throws SaslException {
133 if (completed) {
134 throw new SaslException("EXTERNAL has no supported QOP");
135 } else {
136 throw new IllegalStateException(
137 "EXTERNAL authentication not completed");
138 }
139 }
140
141 /**
142 * Retrieves the negotiated property.
143 * This method can be called only after the authentication exchange has
144 * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, a
145 * <tt>IllegalStateException</tt> is thrown.
146 *
147 * @return null No property is applicable to this mechanism.
148 * @exception IllegalStateException if this authentication exchange
149 * has not completed
150 */
151 public Object getNegotiatedProperty(String propName) {
152 if (completed) {
153 return null;
154 } else {
155 throw new IllegalStateException(
156 "EXTERNAL authentication not completed");
157 }
158 }
159 }