libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-10942 Support eDirectory GUID

Browse source 
Convert eDirectory GUID which is in binary format to a UUID in dashed
string format.
This commit is contained in:
Sven-Torben Janus 2019-08-19 16:36:32 +02:00 committed by Marek Posolda
parent 515727c944
commit f261c43fab
5 changed files with 41 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPConfig.java
View file

@ -179,6 +179,10 @@ public class LDAPConfig {
return getUuidLDAPAttributeName().equalsIgnoreCase(LDAPConstants.OBJECT_GUID); return getUuidLDAPAttributeName().equalsIgnoreCase(LDAPConstants.OBJECT_GUID);
} }
public boolean isEdirectoryGUID() {
return isEdirectory() && getUuidLDAPAttributeName().equalsIgnoreCase(LDAPConstants.NOVELL_EDIRECTORY_GUID);
}
public boolean isPagination() { public boolean isPagination() {
String pagination = config.getFirst(LDAPConstants.PAGINATION); String pagination = config.getFirst(LDAPConstants.PAGINATION);
return Boolean.parseBoolean(pagination); return Boolean.parseBoolean(pagination);
@ -257,6 +261,10 @@ public class LDAPConfig {
return true; return true;
} }
public boolean isEdirectory() {
return LDAPConstants.VENDOR_NOVELL_EDIRECTORY.equalsIgnoreCase(getVendor());
}
@Override @Override
public int hashCode() { public int hashCode() {
return config.hashCode() * 13 + binaryAttributeNames.hashCode(); return config.hashCode() * 13 + binaryAttributeNames.hashCode();
@ -270,4 +278,5 @@ public class LDAPConfig {
.append(", binaryAttributes: ").append(binaryAttributeNames) .append(", binaryAttributes: ").append(binaryAttributeNames)
.toString(); .toString();
} }
} }

3
federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPContextManager.java
View file

@ -176,6 +176,9 @@ public final class LDAPContextManager implements AutoCloseable {
if (ldapConfig.isObjectGUID()) { if (ldapConfig.isObjectGUID()) {
binaryAttrsBuilder.append(LDAPConstants.OBJECT_GUID).append(" "); binaryAttrsBuilder.append(LDAPConstants.OBJECT_GUID).append(" ");
} }
if (ldapConfig.isEdirectory()) {
binaryAttrsBuilder.append(LDAPConstants.NOVELL_EDIRECTORY_GUID).append(" ");
}
for (String attrName : ldapConfig.getBinaryAttributeNames()) { for (String attrName : ldapConfig.getBinaryAttributeNames()) {
binaryAttrsBuilder.append(attrName).append(" "); binaryAttrsBuilder.append(attrName).append(" ");
} }

16
federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java
View file

@ -388,7 +388,7 @@ public class LDAPOperationManager {
byte[] objectGUID = (byte[]) attributes.get(LDAPConstants.OBJECT_GUID).get(); byte[] objectGUID = (byte[]) attributes.get(LDAPConstants.OBJECT_GUID).get();
filter = "(&(objectClass=*)(" + getUuidAttributeName() + LDAPConstants.EQUAL + LDAPUtil.convertObjectGUIToByteString(objectGUID) + "))"; filter = "(&(objectClass=*)(" + getUuidAttributeName() + LDAPConstants.EQUAL + LDAPUtil.convertObjectGUIDToByteString(objectGUID) + "))";
} catch (NamingException ne) { } catch (NamingException ne) {
filter = null; filter = null;
} }
@ -659,13 +659,15 @@ public class LDAPOperationManager {
public String decodeEntryUUID(final Object entryUUID) { public String decodeEntryUUID(final Object entryUUID) {
String id; String id;
if (this.config.isObjectGUID() && entryUUID instanceof byte[]) { if (entryUUID instanceof byte[]) {
id = LDAPUtil.decodeObjectGUID((byte[]) entryUUID); if (this.config.isObjectGUID()) {
} else { return LDAPUtil.decodeObjectGUID((byte[]) entryUUID);
id = entryUUID.toString(); }
if (this.config.isEdirectory() && this.config.isEdirectoryGUID()) {
return LDAPUtil.decodeGuid((byte[]) entryUUID);
}
} }
return entryUUID.toString();
return id;
} }
private <R> R execute(LdapOperation<R> operation) throws NamingException { private <R> R execute(LdapOperation<R> operation) throws NamingException {

27
federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPUtil.java
View file

@ -89,7 +89,7 @@ public class LDAPUtil {
* <p>The returned string is useful to perform queries on AD based on the <code>objectGUID</code> value. Eg.:</p> * <p>The returned string is useful to perform queries on AD based on the <code>objectGUID</code> value. Eg.:</p>
* *
* <p> * <p>
* String filter = "(&(objectClass=*)(objectGUID" + EQUAL + convertObjectGUIToByteString(objectGUID) + "))"; * String filter = "(&(objectClass=*)(objectGUID" + EQUAL + convertObjectGUIDToByteString(objectGUID) + "))";
* </p> * </p>
* *
* @param objectGUID A raw byte array representing the value of the <code>objectGUID</code> attribute retrieved from * @param objectGUID A raw byte array representing the value of the <code>objectGUID</code> attribute retrieved from
@ -97,7 +97,7 @@ public class LDAPUtil {
* *
* @return A byte-based String representation in the form of \[0]\[1]\[2]\[3]\[4]\[5]\[6]\[7]\[8]\[9]\[10]\[11]\[12]\[13]\[14]\[15] * @return A byte-based String representation in the form of \[0]\[1]\[2]\[3]\[4]\[5]\[6]\[7]\[8]\[9]\[10]\[11]\[12]\[13]\[14]\[15]
*/ */
public static String convertObjectGUIToByteString(byte[] objectGUID) { public static String convertObjectGUIDToByteString(byte[] objectGUID) {
StringBuilder result = new StringBuilder(); StringBuilder result = new StringBuilder();
for (int i = 0; i < objectGUID.length; i++) { for (int i = 0; i < objectGUID.length; i++) {
@ -129,24 +129,35 @@ public class LDAPUtil {
public static String decodeObjectGUID(byte[] objectGUID) { public static String decodeObjectGUID(byte[] objectGUID) {
StringBuilder displayStr = new StringBuilder(); StringBuilder displayStr = new StringBuilder();
displayStr.append(convertToDashedString(objectGUID)); byte[] withLittleEndian = new byte[] { objectGUID[3], objectGUID[2], objectGUID[1], objectGUID[0],
objectGUID[5], objectGUID[4],
objectGUID[7], objectGUID[6],
objectGUID[8], objectGUID[9], objectGUID[10], objectGUID[11], objectGUID[12], objectGUID[13], objectGUID[14], objectGUID[15]
};
displayStr.append(convertToDashedString(withLittleEndian));
return displayStr.toString(); return displayStr.toString();
} }
public static String decodeGuid(byte[] guid) {
StringBuilder displayStr = new StringBuilder();
displayStr.append(convertToDashedString(guid));
return displayStr.toString();
}
private static String convertToDashedString(byte[] objectGUID) { private static String convertToDashedString(byte[] objectGUID) {
StringBuilder displayStr = new StringBuilder(); StringBuilder displayStr = new StringBuilder();
displayStr.append(prefixZeros((int) objectGUID[3] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[2] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[1] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[0] & 0xFF)); displayStr.append(prefixZeros((int) objectGUID[0] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[1] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[2] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[3] & 0xFF));
displayStr.append("-"); displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[5] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[4] & 0xFF)); displayStr.append(prefixZeros((int) objectGUID[4] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[5] & 0xFF));
displayStr.append("-"); displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[7] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[6] & 0xFF)); displayStr.append(prefixZeros((int) objectGUID[6] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[7] & 0xFF));
displayStr.append("-"); displayStr.append("-");
displayStr.append(prefixZeros((int) objectGUID[8] & 0xFF)); displayStr.append(prefixZeros((int) objectGUID[8] & 0xFF));
displayStr.append(prefixZeros((int) objectGUID[9] & 0xFF)); displayStr.append(prefixZeros((int) objectGUID[9] & 0xFF));

1
server-spi-private/src/main/java/org/keycloak/models/LDAPConstants.java
View file

@ -122,6 +122,7 @@ public class LDAPConstants {
public static final String CUSTOM_ATTRIBUTE_EXPIRY_DATE = "expiryDate"; public static final String CUSTOM_ATTRIBUTE_EXPIRY_DATE = "expiryDate";
public static final String ENTRY_UUID = "entryUUID"; public static final String ENTRY_UUID = "entryUUID";
public static final String OBJECT_GUID = "objectGUID"; public static final String OBJECT_GUID = "objectGUID";
public static final String NOVELL_EDIRECTORY_GUID = "guid";
public static final String CREATE_TIMESTAMP = "createTimestamp"; public static final String CREATE_TIMESTAMP = "createTimestamp";
public static final String MODIFY_TIMESTAMP = "modifyTimestamp"; public static final String MODIFY_TIMESTAMP = "modifyTimestamp";