From f2ba5ed4af5beac50fdc51b267d109d6f22147a5 Mon Sep 17 00:00:00 2001
From: Jean-Noël Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Mon, 16 Nov 2015 16:49:54 +0000
Subject: [PATCH] Code cleanup
---
opendj-server-legacy/src/main/java/org/opends/server/extensions/PasswordModifyExtendedOperation.java | 183 +++++++++---------------------------
opendj-server-legacy/src/main/java/org/opends/server/controls/PasswordPolicyWarningType.java | 24 ----
opendj-server-legacy/src/main/java/org/opends/server/protocols/http/SdkConnectionAdapter.java | 34 +-----
3 files changed, 57 insertions(+), 184 deletions(-)
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/controls/PasswordPolicyWarningType.java b/opendj-server-legacy/src/main/java/org/opends/server/controls/PasswordPolicyWarningType.java
index 69eb66e..3e5b039 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/controls/PasswordPolicyWarningType.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/controls/PasswordPolicyWarningType.java
@@ -48,8 +48,6 @@
TIME_BEFORE_EXPIRATION((byte) 0x80,
INFO_PWPWARNTYPE_DESCRIPTION_TIME_BEFORE_EXPIRATION.get()),
-
-
/**
* The warning type that will be used to indicate that the user is
* authenticating using a grace login and to provide the number of grace
@@ -58,8 +56,6 @@
GRACE_LOGINS_REMAINING((byte) 0x81,
INFO_PWPWARNTYPE_DESCRIPTION_GRACE_LOGINS_REMAINING.get());
-
-
/** A lookup table for resolving a warning type from its BER type. */
private static final Map<Byte, PasswordPolicyWarningType> TABLE = new HashMap<>();
static
@@ -67,23 +63,14 @@
for (PasswordPolicyWarningType value : PasswordPolicyWarningType.values())
{
TABLE.put(value.type, value);
- TABLE.put(value.type, value);
}
}
-
-
- /**
- * The BER type to use for the associated element in the password policy
- * control.
- */
+ /** The BER type to use for the associated element in the password policy control. */
private final byte type;
-
/** The message ID for the description of this password policy error type. */
private final LocalizableMessage description;
-
-
/**
* Creates a new instance of a password policy warning type with the provided
* BER type.
@@ -99,8 +86,6 @@
this.description = description;
}
-
-
/**
* Retrieves the BER type to use for the associated element in the password
* policy control.
@@ -113,8 +98,6 @@
return type;
}
-
-
/**
* Retrieves the password policy warning type for the provided BER type.
*
@@ -129,8 +112,6 @@
return TABLE.get(Byte.valueOf(type));
}
-
-
/**
* Retrieves a string representation of this password policy warning type.
*
@@ -139,7 +120,6 @@
@Override
public String toString()
{
- return description == null ? null : description.toString();
+ return description != null ? description.toString() : null;
}
}
-
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opendj-server-legacy/src/main/java/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index 21a900d..af9b0ee 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -28,6 +28,7 @@
import static org.opends.messages.CoreMessages.*;
import static org.opends.messages.ExtensionMessages.*;
+import static org.opends.server.controls.PasswordPolicyErrorType.*;
import static org.opends.server.extensions.ExtensionsConstants.*;
import static org.opends.server.protocols.internal.InternalClientConnection.*;
import static org.opends.server.types.AccountStatusNotificationType.*;
@@ -56,7 +57,6 @@
import org.opends.server.api.*;
import org.opends.server.controls.PasswordPolicyErrorType;
import org.opends.server.controls.PasswordPolicyResponseControl;
-import org.opends.server.controls.PasswordPolicyWarningType;
import org.opends.server.core.DirectoryServer;
import org.opends.server.core.ExtendedOperation;
import org.opends.server.core.ModifyOperation;
@@ -82,13 +82,10 @@
/** The name of the attachment which will be used to store the fully resolved target entry. */
public static final String AUTHZ_DN_ATTACHMENT;
-
/** The name of the attachment which will be used to store the password attribute. */
public static final String PWD_ATTRIBUTE_ATTACHMENT;
-
/** The clear text password, which may not be present if the provided password was pre-encoded. */
public static final String CLEAR_PWD_ATTACHMENT;
-
/** A list containing the encoded passwords: plugins can perform changes atomically via CAS. */
public static final String ENCODED_PWD_ATTACHMENT;
@@ -121,21 +118,6 @@
super(newHashSet(OID_LDAP_NOOP_OPENLDAP_ASSIGNED, OID_PASSWORD_POLICY_CONTROL));
}
-
- /**
- * Initializes this extended operation handler based on the information in the provided configuration.
- * It should also register itself with the Directory Server for the particular kinds of extended operations
- * that it will process.
- *
- * @param config The configuration that contains the information
- * to use to initialize this extended operation handler.
- *
- * @throws ConfigException If an unrecoverable problem arises in the
- * process of performing the initialization.
- *
- * @throws InitializationException If a problem occurs during initialization
- * that is not related to the server configuration.
- */
@Override
public void initializeExtendedOperationHandler(PasswordModifyExtendedOperationHandlerCfg config)
throws ConfigException, InitializationException
@@ -146,8 +128,7 @@
identityMapper = DirectoryServer.getIdentityMapper(identityMapperDN);
if (identityMapper == null)
{
- LocalizableMessage message = ERR_EXTOP_PASSMOD_NO_SUCH_ID_MAPPER.get(identityMapperDN, config.dn());
- throw new ConfigException(message);
+ throw new ConfigException(ERR_EXTOP_PASSMOD_NO_SUCH_ID_MAPPER.get(identityMapperDN, config.dn()));
}
}
catch (Exception e)
@@ -167,11 +148,6 @@
super.initializeExtendedOperationHandler(config);
}
-
- /**
- * Performs any finalization that may be necessary for this extended operation handler.
- * By default, no finalization is performed.
- */
@Override
public void finalizeExtendedOperationHandler()
{
@@ -180,12 +156,6 @@
super.finalizeExtendedOperationHandler();
}
-
- /**
- * Processes the provided extended operation.
- *
- * @param operation The extended operation to be processed.
- */
@Override
public void processExtendedOperation(ExtendedOperation operation)
{
@@ -197,9 +167,6 @@
// Look at the set of controls included in the request, if there are any.
boolean noOpRequested = false;
boolean pwPolicyRequested = false;
- int pwPolicyWarningValue = 0;
- PasswordPolicyErrorType pwPolicyErrorType = null;
- PasswordPolicyWarningType pwPolicyWarningType = null;
List<Control> controls = operation.getRequestControls();
if (controls != null)
{
@@ -252,8 +219,7 @@
// Get the entry for the user that issued the request.
Entry requestorEntry = operation.getAuthorizationEntry();
- // See if a user identity was provided. If so, then try to resolve it to
- // an actual user.
+ // See if a user identity was provided. If so, then try to resolve it to an actual user.
DN userDN = null;
Entry userEntry = null;
DNLock userLock = null;
@@ -425,12 +391,7 @@
// See if the account is locked. If so, then reject the request.
if (pwPolicyState.isDisabled())
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.ACCOUNT_LOCKED;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, ACCOUNT_LOCKED);
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_ACCOUNT_DISABLED.get());
@@ -438,12 +399,7 @@
}
else if (selfChange && pwPolicyState.isLocked())
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.ACCOUNT_LOCKED;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, ACCOUNT_LOCKED);
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_ACCOUNT_LOCKED.get());
@@ -457,16 +413,10 @@
if (selfChange
&& pwPolicyState.getAuthenticationPolicy().isPasswordChangeRequiresCurrentPassword())
{
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, MUST_SUPPLY_OLD_PASSWORD);
+
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_REQUIRE_CURRENT_PW.get());
-
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.MUST_SUPPLY_OLD_PASSWORD;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
-
return;
}
}
@@ -506,12 +456,7 @@
if (selfChange
&& !pwPolicyState.getAuthenticationPolicy().isAllowUserPasswordChanges())
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.PASSWORD_MOD_NOT_ALLOWED;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, PASSWORD_MOD_NOT_ALLOWED);
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_USER_PW_CHANGES_NOT_ALLOWED.get());
@@ -530,12 +475,7 @@
// If it's a self-change request and the user is within the minimum age, then reject it.
if (selfChange && pwPolicyState.isWithinMinimumAge())
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.PASSWORD_TOO_YOUNG;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, PASSWORD_TOO_YOUNG);
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_IN_MIN_AGE.get());
@@ -547,12 +487,7 @@
&& pwPolicyState.isPasswordExpired()
&& !pwPolicyState.getAuthenticationPolicy().isAllowExpiredPasswordChanges())
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.PASSWORD_EXPIRED;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, PasswordPolicyErrorType.PASSWORD_EXPIRED);
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_PASSWORD_IS_EXPIRED.get());
@@ -626,12 +561,7 @@
LocalizableMessageBuilder invalidReason = new LocalizableMessageBuilder();
if (!pwPolicyState.passwordIsAcceptable(operation, userEntry, newPassword, clearPasswords, invalidReason))
{
- if (pwPolicyRequested)
- {
- pwPolicyErrorType = PasswordPolicyErrorType.INSUFFICIENT_PASSWORD_QUALITY;
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, INSUFFICIENT_PASSWORD_QUALITY);
operation.setResultCode(ResultCode.CONSTRAINT_VIOLATION);
operation.appendErrorMessage(ERR_EXTOP_PASSMOD_UNACCEPTABLE_PW.get(invalidReason));
@@ -825,34 +755,9 @@
operation.getClientConnection().setMustChangePassword(false);
}
- // If the password policy control was requested, then add the appropriate response control.
- if (pwPolicyRequested)
- {
- operation.addResponseControl(
- new PasswordPolicyResponseControl(pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType));
- }
+ addPwPolicyErrorResponseControl(operation, pwPolicyRequested, null);
- // Handle Account Status Notifications that may be needed.
- // They are not handled by the backend for internal operations.
- List<ByteString> currentPasswords = null;
- if (oldPassword != null)
- {
- currentPasswords = newArrayList(oldPassword);
- }
- List<ByteString> newPasswords = newArrayList(newPassword);
-
- Map<AccountStatusNotificationProperty, List<String>> notifProperties =
- AccountStatusNotification.createProperties(pwPolicyState, false, -1, currentPasswords, newPasswords);
- if (selfChange)
- {
- pwPolicyState.generateAccountStatusNotification(
- PASSWORD_CHANGED, userEntry, INFO_MODIFY_PASSWORD_CHANGED.get(), notifProperties);
- }
- else
- {
- pwPolicyState.generateAccountStatusNotification(
- PASSWORD_RESET, userEntry, INFO_MODIFY_PASSWORD_RESET.get(), notifProperties);
- }
+ generateAccountStatusNotification(oldPassword, newPassword, userEntry, pwPolicyState, selfChange);
}
finally
{
@@ -863,6 +768,39 @@
}
}
+ private void addPwPolicyErrorResponseControl(ExtendedOperation operation, boolean pwPolicyRequested,
+ PasswordPolicyErrorType pwPolicyErrorType)
+ {
+ if (pwPolicyRequested)
+ {
+ operation.addResponseControl(new PasswordPolicyResponseControl(null, 0, pwPolicyErrorType));
+ }
+ }
+
+ private void generateAccountStatusNotification(ByteString oldPassword, ByteString newPassword, Entry userEntry,
+ PasswordPolicyState pwPolicyState, boolean selfChange)
+ {
+ List<ByteString> currentPasswords = null;
+ if (oldPassword != null)
+ {
+ currentPasswords = newArrayList(oldPassword);
+ }
+ List<ByteString> newPasswords = newArrayList(newPassword);
+
+ Map<AccountStatusNotificationProperty, List<String>> notifProperties =
+ AccountStatusNotification.createProperties(pwPolicyState, false, -1, currentPasswords, newPasswords);
+ if (selfChange)
+ {
+ pwPolicyState.generateAccountStatusNotification(
+ PASSWORD_CHANGED, userEntry, INFO_MODIFY_PASSWORD_CHANGED.get(), notifProperties);
+ }
+ else
+ {
+ pwPolicyState.generateAccountStatusNotification(
+ PASSWORD_RESET, userEntry, INFO_MODIFY_PASSWORD_RESET.get(), notifProperties);
+ }
+ }
+
private String[] decodePassword(PasswordPolicyState pwPolicyState, String encodedPassword) throws DirectoryException
{
return pwPolicyState.getAuthenticationPolicy().isAuthPasswordSyntax()
@@ -973,7 +911,6 @@
return null;
}
- /** {@inheritDoc} */
@Override
public boolean isConfigurationAcceptable(ExtendedOperationHandlerCfg configuration,
List<LocalizableMessage> unacceptableReasons)
@@ -982,19 +919,6 @@
return isConfigurationChangeAcceptable(config, unacceptableReasons);
}
-
-
- /**
- * Indicates whether the provided configuration entry has an acceptable configuration for this component.
- * If it does not, then detailed information about the problem(s) should be added to the provided list.
- *
- * @param config The configuration entry for which to make the determination.
- * @param unacceptableReasons A list that can be used to hold messages about why the provided entry does not
- * have an acceptable configuration.
- *
- * @return <CODE>true</CODE> if the provided entry has an acceptable configuration for this component,
- * or <CODE>false</CODE> if not.
- */
@Override
public boolean isConfigurationChangeAcceptable(PasswordModifyExtendedOperationHandlerCfg config,
List<LocalizableMessage> unacceptableReasons)
@@ -1020,19 +944,6 @@
}
}
-
-
- /**
- * Makes a best-effort attempt to apply the configuration contained in the provided entry.
- * Information about the result of this processing should be added to the provided message list.
- * Information should always be added to this list if a configuration change could not be applied.
- * If detailed results are requested, then information about the changes applied successfully (and optionally
- * about parameters that were not changed) should also be included.
- *
- * @param config The entry containing the new configuration to apply for this component.
- *
- * @return Information about the result of the configuration update.
- */
@Override
public ConfigChangeResult applyConfigurationChange(PasswordModifyExtendedOperationHandlerCfg config)
{
@@ -1073,14 +984,12 @@
return ccr;
}
- /** {@inheritDoc} */
@Override
public String getExtendedOperationOID()
{
return OID_PASSWORD_MODIFY_REQUEST;
}
- /** {@inheritDoc} */
@Override
public String getExtendedOperationName()
{
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/SdkConnectionAdapter.java b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/SdkConnectionAdapter.java
index c21c870..f7e2e23 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/SdkConnectionAdapter.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/SdkConnectionAdapter.java
@@ -25,6 +25,11 @@
*/
package org.opends.server.protocols.http;
+import static org.forgerock.opendj.adapter.server3x.Converters.*;
+import static org.forgerock.opendj.ldap.ByteString.*;
+import static org.forgerock.opendj.ldap.LdapException.*;
+import static org.forgerock.opendj.ldap.spi.LdapPromiseImpl.*;
+
import java.util.LinkedHashSet;
import java.util.concurrent.atomic.AtomicInteger;
@@ -34,9 +39,8 @@
import org.forgerock.opendj.ldap.AbstractAsynchronousConnection;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.ConnectionEventListener;
-import org.forgerock.opendj.ldap.LdapPromise;
-import org.forgerock.opendj.ldap.spi.LdapPromiseImpl;
import org.forgerock.opendj.ldap.IntermediateResponseHandler;
+import org.forgerock.opendj.ldap.LdapPromise;
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.ldap.SearchResultHandler;
import org.forgerock.opendj.ldap.requests.AbandonRequest;
@@ -54,6 +58,7 @@
import org.forgerock.opendj.ldap.responses.CompareResult;
import org.forgerock.opendj.ldap.responses.ExtendedResult;
import org.forgerock.opendj.ldap.responses.Result;
+import org.forgerock.opendj.ldap.spi.LdapPromiseImpl;
import org.opends.server.core.AbandonOperation;
import org.opends.server.core.AbandonOperationBasis;
import org.opends.server.core.AddOperation;
@@ -92,11 +97,6 @@
import org.opends.server.types.DisconnectReason;
import org.opends.server.types.Operation;
-import static org.forgerock.opendj.adapter.server3x.Converters.*;
-import static org.forgerock.opendj.ldap.ByteString.*;
-import static org.forgerock.opendj.ldap.LdapException.*;
-import static org.forgerock.opendj.ldap.spi.LdapPromiseImpl.*;
-
/**
* Adapter class between LDAP SDK's {@link org.forgerock.opendj.ldap.Connection}
* and OpenDJ server's
@@ -239,7 +239,6 @@
throw new RuntimeException("Not implemented for operation " + operation);
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Void> abandonAsync(AbandonRequest request)
{
@@ -248,7 +247,6 @@
to(request.getControls()), request.getRequestID()));
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Result> addAsync(AddRequest request, IntermediateResponseHandler intermediateResponseHandler)
{
@@ -257,14 +255,12 @@
valueOfObject(request.getName()), to(request.getAllAttributes())));
}
- /** {@inheritDoc} */
@Override
public void addConnectionEventListener(ConnectionEventListener listener)
{
// not useful so far
}
- /** {@inheritDoc} */
@Override
public LdapPromise<BindResult> bindAsync(BindRequest request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -276,7 +272,6 @@
"3", ByteString.valueOfUtf8(userName), ByteString.wrap(password)));
}
- /** {@inheritDoc} */
@Override
public void close(UnbindRequest request, String reason)
{
@@ -284,9 +279,8 @@
if (authInfo != null && authInfo.isAuthenticated())
{
final int messageID = nextMessageID.getAndIncrement();
- final UnbindOperationBasis operation =
- new UnbindOperationBasis(clientConnection, messageID, messageID,
- to(request.getControls()));
+ final UnbindOperationBasis operation = new UnbindOperationBasis(
+ clientConnection, messageID, messageID, to(request.getControls()));
operation.setInnerOperation(this.clientConnection.isInnerConnection());
// run synchronous
@@ -304,7 +298,6 @@
isClosed = true;
}
- /** {@inheritDoc} */
@Override
public LdapPromise<CompareResult> compareAsync(CompareRequest request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -316,7 +309,6 @@
request.getAssertionValue()));
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Result> deleteAsync(DeleteRequest request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -326,7 +318,6 @@
to(request.getControls()), valueOfObject(request.getName())));
}
- /** {@inheritDoc} */
@Override
public <R extends ExtendedResult> LdapPromise<R> extendedRequestAsync(ExtendedRequest<R> request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -347,21 +338,18 @@
return queueingStrategy;
}
- /** {@inheritDoc} */
@Override
public boolean isClosed()
{
return isClosed;
}
- /** {@inheritDoc} */
@Override
public boolean isValid()
{
return this.clientConnection.isConnectionValid();
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Result> modifyAsync(ModifyRequest request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -372,7 +360,6 @@
toModifications(request.getModifications())));
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Result> modifyDNAsync(ModifyDNRequest request,
IntermediateResponseHandler intermediateResponseHandler)
@@ -384,14 +371,12 @@
.getNewSuperior())));
}
- /** {@inheritDoc} */
@Override
public void removeConnectionEventListener(ConnectionEventListener listener)
{
// not useful so far
}
- /** {@inheritDoc} */
@Override
public LdapPromise<Result> searchAsync(final SearchRequest request,
final IntermediateResponseHandler intermediateResponseHandler, final SearchResultHandler entryHandler)
@@ -405,7 +390,6 @@
new LinkedHashSet<String>(request.getAttributes())), entryHandler);
}
- /** {@inheritDoc} */
@Override
public String toString()
{
--
Gitblit v1.10.0