/*
* Copyright 2006-2008 Sxip Identity Corporation
*/
package org.openid4java.message.pape;
import org.openid4java.message.MessageException;
import org.openid4java.message.Parameter;
import org.openid4java.message.ParameterList;
import org.openid4java.OpenIDException;
import java.util.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* Implements the extension for OpenID Provider Authentication Policy requests.
*
* @see PapeMessage Message
* @author Marius Scurtescu, Johnny Bufu
*/
public class PapeRequest extends PapeMessage
{
private static Log _log = LogFactory.getLog(PapeRequest.class);
private static final boolean DEBUG = _log.isDebugEnabled();
protected final static List PAPE_FIELDS = Arrays.asList( new String[] {
"preferred_auth_policies", "preferred_auth_level_types", "max_auth_age"
});
/**
* Constructs a Pape Request with an empty parameter list.
*/
protected PapeRequest()
{
set("preferred_auth_policies", "");
if (DEBUG) _log.debug("Created empty Pape request.");
}
/**
* Constructs a Pape Request with an empty parameter list.
*/
public static PapeRequest createPapeRequest()
{
return new PapeRequest();
}
/**
* Constructs a PapeRequest from a parameter list.
* <p>
* The parameter list can be extracted from a received message with the
* getExtensionParams method of the Message class, and MUST NOT contain
* the "openid.<extension_alias>." prefix.
*/
protected PapeRequest(ParameterList params)
{
super(params);
}
/**
* Constructs a PapeRequest from a parameter list.
* <p>
* The parameter list can be extracted from a received message with the
* getExtensionParams method of the Message class, and MUST NOT contain
* the "openid.<extension_alias>." prefix.
*/
public static PapeRequest createPapeRequest(ParameterList params)
throws MessageException
{
PapeRequest req = new PapeRequest(params);
req.validate();
if (DEBUG)
_log.debug("Created PAPE request from parameter list:\n" + params);
return req;
}
/**
* Gets the preferred_auth_policies parameter value.
*/
public String getPreferredAuthPolicies()
{
return getParameterValue("preferred_auth_policies");
}
/**
* Sets a new value for the preferred_auth_policies parameter.
*
* The previous value of the parameter will be owerwritten.
*
* @param policyUris Space separated list of authentication policy
* URIs to be set.
* @see #addPreferredAuthPolicy(String)
*/
public void setPreferredAuthPolicies(String policyUris)
{
// todo: enforce that policyUri is a valid URI?
set("preferred_auth_policies", policyUris);
}
/**
* Adds an authentication policy URI to the preferred_auth_policies
* parameter.
*
* @param policyUri The authentication policy URI to be set.
* @see #setPreferredAuthPolicies(String)
*/
public void addPreferredAuthPolicy(String policyUri)
{
// todo: check that policyUri isn't already in the list?
String policies = getPreferredAuthPolicies();
if (policies == null || policies.length() == 0)
setPreferredAuthPolicies(policyUri);
else
setPreferredAuthPolicies(policies + " " + policyUri);
}
/**
* Gets a list with the preferred_auth_policies. An empty list is
* returned if no authentication policies exist.
*
*/
public List getPreferredAuthPoliciesList()
{
String policies = getParameterValue("preferred_auth_policies");
if (policies != null)
return Arrays.asList(policies.split(" "));
else
return new ArrayList();
}
/**
* Sets the max_auth_age parameter.
*
* @param seconds The number of seconds within which the OP is
* requested to have actively authenticated the user.
*/
public void setMaxAuthAge(int seconds)
{
set("max_auth_age", Integer.toString(seconds));
}
/**
* Gets the max_auth_age parameter.
*
* @return The number of seconds within which the OP is
* requested to have actively authenticated the user,
* or -1 if max_auth_age is not present in the request.
*/
public int getMaxAuthAge()
{
String maxAuthAge = getParameterValue("max_auth_age");
if (maxAuthAge != null)
return Integer.parseInt(maxAuthAge);
else
return -1;
}
/**
* Checks the validity of the extension.
* <p>
* Used when constructing a extension from a parameter list.
*
* @throws MessageException if the PapeRequest is not valid.
*/
public void validate() throws MessageException
{
if (! _parameters.hasParameter("preferred_auth_policies"))
{
throw new MessageException(
"preferred_auth_policies is required in a PAPE request.",
OpenIDException.PAPE_ERROR);
}
Iterator it = _parameters.getParameters().iterator();
while (it.hasNext())
{
String paramName = ((Parameter) it.next()).getKey();
if (! PAPE_FIELDS.contains(paramName) && ! paramName.startsWith(PapeMessage.AUTH_LEVEL_NS_PREFIX))
{
throw new MessageException(
"Invalid parameter name in PAPE request: " + paramName,
OpenIDException.PAPE_ERROR);
}
}
}
public void addPreferredCustomAuthLevel(String authLevelTypeUri)
{
String alias = addAuthLevelExtension(authLevelTypeUri);
String preferred = getParameterValue("preferred_auth_level_types");
set("preferred_auth_level_types", preferred == null ? alias : preferred + " " + alias);
}
}