2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden/*
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * The contents of this file are subject to the terms of the Common Development and
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Distribution License (the License). You may not use this file except in compliance with the
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * License.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden *
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * specific language governing permission and limitations under the License.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden *
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * When distributing Covered Software, include this CDDL Header Notice in each file and include
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Header, with the fields enclosed by brackets [] replaced by your own identifying
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * information: "Portions copyright [year] [name of copyright owner]".
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden *
c19b3c136aa63b9eb38c0b210e93b582ae5b4ad8Mark de Reeper * Copyright 2014-2015 ForgeRock AS.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden */
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Maddenpackage com.sun.identity.authentication.client;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2dd75eff92ef66e22cca286b6f4fe5a9c929af9dPhill Cunningtonimport org.forgerock.json.JsonValue;
c19b3c136aa63b9eb38c0b210e93b582ae5b4ad8Mark de Reeperimport org.forgerock.openam.utils.CollectionUtils;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Maddenimport java.util.Collections;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Maddenimport java.util.Set;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2dd75eff92ef66e22cca286b6f4fe5a9c929af9dPhill Cunningtonimport static org.forgerock.json.JsonValue.*;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden/**
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Interface to different methods for configuring Zero Page Login (ZPL). For local authentication, this uses the
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * LoginState, otherwise (DAS) it uses system properties.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden */
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Maddenpublic final class ZeroPageLoginConfig {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden private final boolean enabled;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden private final Set<String> whitelist;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden private final boolean allowWithoutReferer;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public ZeroPageLoginConfig(final boolean enabled, final Set<String> whitelist, final boolean allowWithoutReferer) {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden this.enabled = enabled;
c19b3c136aa63b9eb38c0b210e93b582ae5b4ad8Mark de Reeper this.whitelist = whitelist == null ? Collections.<String>emptySet() :
c19b3c136aa63b9eb38c0b210e93b582ae5b4ad8Mark de Reeper Collections.unmodifiableSet(CollectionUtils.removeBlankEntries(whitelist));
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden this.allowWithoutReferer = allowWithoutReferer;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden /**
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Indicates whether ZPL is enabled at all.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden */
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public boolean isEnabled() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return enabled;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden /**
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Returns the whitelist of allowed Referer URLs.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden */
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public Set<String> getRefererWhitelist() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return whitelist;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden /**
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden * Indicates whether ZPL requests should be allowed if the request does not include a Referer header.
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden */
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public boolean isAllowedWithoutReferer() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return allowWithoutReferer;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden @Override
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public boolean equals(final Object o) {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden if (this == o) {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return true;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden if (o == null || getClass() != o.getClass()) {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return false;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden final ZeroPageLoginConfig that = (ZeroPageLoginConfig) o;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return allowWithoutReferer == that.allowWithoutReferer && enabled == that.enabled &&
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden whitelist.equals(that.whitelist);
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden @Override
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public int hashCode() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden int result = (enabled ? 1 : 0);
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden result = 31 * result + whitelist.hashCode();
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden result = 31 * result + (allowWithoutReferer ? 1 : 0);
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return result;
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public JsonValue toJson() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return json(object(field("enabled", enabled),
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden field("whitelist", whitelist),
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden field("allowWithoutReferer", allowWithoutReferer)));
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden @Override
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden public String toString() {
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden return toJson().toString();
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden }
2cdbc4fc62ed8b9c2c8ef660adc4fe0188b65407Neil Madden}