1
2
3
4
5
6
7
8
9
10
11
12
13
14 package waffle.servlet;
15
16 import java.io.Serializable;
17 import java.security.Principal;
18 import java.util.ArrayList;
19 import java.util.HashMap;
20 import java.util.List;
21 import java.util.Map;
22
23 import com.google.common.base.Joiner;
24
25 import waffle.windows.auth.IWindowsAccount;
26 import waffle.windows.auth.IWindowsIdentity;
27 import waffle.windows.auth.PrincipalFormat;
28 import waffle.windows.auth.WindowsAccount;
29
30
31
32
33
34
35 public class WindowsPrincipal implements Principal, Serializable {
36
37
38 private static final long serialVersionUID = 1L;
39
40
41 private final String fqn;
42
43
44 private final byte[] sid;
45
46
47 private final String sidString;
48
49
50 private final List<String> roles;
51
52
53 private transient IWindowsIdentity identity;
54
55
56 private final Map<String, WindowsAccount> groups;
57
58
59
60
61
62
63
64 public WindowsPrincipal(final IWindowsIdentity windowsIdentity) {
65 this(windowsIdentity, PrincipalFormat.FQN, PrincipalFormat.FQN);
66 }
67
68
69
70
71
72
73
74
75
76
77
78 public WindowsPrincipal(final IWindowsIdentity windowsIdentity, final PrincipalFormat principalFormat,
79 final PrincipalFormat roleFormat) {
80 this.identity = windowsIdentity;
81 this.fqn = windowsIdentity.getFqn();
82 this.sid = windowsIdentity.getSid();
83 this.sidString = windowsIdentity.getSidString();
84 this.groups = WindowsPrincipal.getGroups(windowsIdentity.getGroups());
85 this.roles = WindowsPrincipal.getRoles(windowsIdentity, principalFormat, roleFormat);
86 }
87
88
89
90
91
92
93
94
95
96
97
98
99 private static List<String> getRoles(final IWindowsIdentity windowsIdentity, final PrincipalFormat principalFormat,
100 final PrincipalFormat roleFormat) {
101 final List<String> roles = new ArrayList<String>();
102 roles.addAll(WindowsPrincipal.getPrincipalNames(windowsIdentity, principalFormat));
103 for (final IWindowsAccount group : windowsIdentity.getGroups()) {
104 roles.addAll(WindowsPrincipal.getRoleNames(group, roleFormat));
105 }
106 return roles;
107 }
108
109
110
111
112
113
114
115
116 private static Map<String, WindowsAccount> getGroups(final IWindowsAccount[] groups) {
117 final Map<String, WindowsAccount> groupMap = new HashMap<String, WindowsAccount>();
118 for (final IWindowsAccount group : groups) {
119 groupMap.put(group.getFqn(), new WindowsAccount(group));
120 }
121 return groupMap;
122 }
123
124
125
126
127
128
129 public byte[] getSid() {
130 return this.sid.clone();
131 }
132
133
134
135
136
137
138 public String getSidString() {
139 return this.sidString;
140 }
141
142
143
144
145
146
147 public Map<String, WindowsAccount> getGroups() {
148 return this.groups;
149 }
150
151
152
153
154
155
156
157
158
159
160 private static List<String> getRoleNames(final IWindowsAccount group, final PrincipalFormat principalFormat) {
161 final List<String> principals = new ArrayList<String>();
162 switch (principalFormat) {
163 case FQN:
164 principals.add(group.getFqn());
165 break;
166 case SID:
167 principals.add(group.getSidString());
168 break;
169 case BOTH:
170 principals.add(group.getFqn());
171 principals.add(group.getSidString());
172 break;
173 case NONE:
174 break;
175 default:
176 break;
177 }
178 return principals;
179 }
180
181
182
183
184
185
186
187
188
189
190 private static List<String> getPrincipalNames(final IWindowsIdentity windowsIdentity,
191 final PrincipalFormat principalFormat) {
192 final List<String> principals = new ArrayList<String>();
193 switch (principalFormat) {
194 case FQN:
195 principals.add(windowsIdentity.getFqn());
196 break;
197 case SID:
198 principals.add(windowsIdentity.getSidString());
199 break;
200 case BOTH:
201 principals.add(windowsIdentity.getFqn());
202 principals.add(windowsIdentity.getSidString());
203 break;
204 case NONE:
205 break;
206 default:
207 break;
208 }
209 return principals;
210 }
211
212
213
214
215
216
217 public String getRolesString() {
218 return Joiner.on(", ").join(this.roles);
219 }
220
221
222
223
224
225
226
227
228 public boolean hasRole(final String role) {
229 return this.roles.contains(role);
230 }
231
232
233
234
235
236
237 @Override
238 public String getName() {
239 return this.fqn;
240 }
241
242
243
244
245
246
247 public IWindowsIdentity getIdentity() {
248 return this.identity;
249 }
250
251
252
253
254 @Override
255 public String toString() {
256 return this.getName();
257 }
258
259 }