Package org.wildfly.security.auth.realm.jdbc.mapper

Class PasswordKeyMapper

java.lang.Object

org.wildfly.security.auth.realm.jdbc.mapper.PasswordKeyMapper

All Implemented Interfaces:

ColumnMapper, KeyMapper

public class PasswordKeyMapper
extends Object
implements KeyMapper

A KeyMapper that knows how to map columns from a SQL query to attributes of specific Password type as defined by the algorithm.

Author:

Pedro Igor

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	PasswordKeyMapper.Builder	A builder for PasswordKeyMapper instances.

Field Summary

Fields

Modifier and Type	Field	Description
private int	algorithmColumn
private String	defaultAlgorithm
private int	defaultIterationCount
private int	hashColumn
private Encoding	hashEncoding
private int	iterationCountColumn
private int	saltColumn
private Encoding	saltEncoding

Constructor Summary

Constructors

Constructor	Description
PasswordKeyMapper(PasswordKeyMapper.Builder builder)

Method Summary

Modifier and Type	Method	Description
static PasswordKeyMapper.Builder	builder()	Construct a builder for password key mappers.
private static byte[]	decodeColumn(String string, Encoding encoding)
int	getAlgorithmColumn()	Get the column index of the algorithm name column.
private static byte[]	getBinaryColumn(ResultSetMetaData metaData, ResultSet resultSet, int column, Encoding encoding)
SupportLevel	getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)	Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.
String	getDefaultAlgorithm()	Returns the name of the algorithm being used.
int	getDefaultIterationCount()	Get the default iteration count.
SupportLevel	getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)	Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.
int	getHashColumn()	Returns an integer representing the column index from where the password in its clear, hash or encoded form is obtained.
int	getIterationCountColumn()	Returns an integer representing the column index from where the iteration count (if supported) is obtained.
int	getSaltColumn()	Returns an integer representing the column index from where the salt (if supported) is obtained.
private static String	getStringColumn(ResultSetMetaData metaData, ResultSet resultSet, int column)
Credential	map(ResultSet resultSet, Supplier<Provider[]> providers)	Maps the given ResultSet to some internal representation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

hashColumn

private final int hashColumn

saltColumn

private final int saltColumn

iterationCountColumn

private final int iterationCountColumn

defaultIterationCount

private final int defaultIterationCount

algorithmColumn

private final int algorithmColumn

defaultAlgorithm

private final String defaultAlgorithm

hashEncoding

private final Encoding hashEncoding

saltEncoding

private final Encoding saltEncoding

Constructor Detail

PasswordKeyMapper

PasswordKeyMapper(PasswordKeyMapper.Builder builder)

Method Detail

getCredentialAcquireSupport

public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType,
                                                String algorithmName,
                                                AlgorithmParameterSpec parameterSpec)

Description copied from interface: KeyMapper

Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.

Specified by:

getCredentialAcquireSupport in interface KeyMapper

Parameters:

credentialType - the exact credential type (must not be null)

algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names

parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters

Returns:

the level of support for this credential

getEvidenceVerifySupport

public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType,
                                             String algorithmName)

Description copied from interface: KeyMapper

Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.

Specified by:

getEvidenceVerifySupport in interface KeyMapper

Parameters:

evidenceType - the type of evidence to be verified (must not be null)

algorithmName - the algorithm name, or null if any algorithm is acceptable or the evidence type does not support algorithm names

Returns:

the level of support for this evidence type

getDefaultAlgorithm

public String getDefaultAlgorithm()

Returns the name of the algorithm being used.

Returns:

the algorithm

getHashColumn

public int getHashColumn()

Returns an integer representing the column index from where the password in its clear, hash or encoded form is obtained.

Returns:

the column index

getSaltColumn

public int getSaltColumn()

Returns an integer representing the column index from where the salt (if supported) is obtained.

Returns:

the column index

getIterationCountColumn

public int getIterationCountColumn()

Returns an integer representing the column index from where the iteration count (if supported) is obtained.

Returns:

the column index

getDefaultIterationCount

public int getDefaultIterationCount()

Get the default iteration count. This count is used if there is no iteration count column but the password algorithm uses an iteration count.

Returns:

the default iteration count

getAlgorithmColumn

public int getAlgorithmColumn()

Get the column index of the algorithm name column.

Returns:

the column index of the algorithm name column, or -1 if there is no algorithm column defined

getBinaryColumn

private static byte[] getBinaryColumn(ResultSetMetaData metaData,
                                      ResultSet resultSet,
                                      int column,
                                      Encoding encoding)
                               throws SQLException

Throws:

SQLException

decodeColumn

private static byte[] decodeColumn(String string,
                                   Encoding encoding)

getStringColumn

private static String getStringColumn(ResultSetMetaData metaData,
                                      ResultSet resultSet,
                                      int column)
                               throws SQLException

Throws:

SQLException

map

public Credential map(ResultSet resultSet,
                      Supplier<Provider[]> providers)
               throws SQLException

Description copied from interface: ColumnMapper

Maps the given ResultSet to some internal representation.

Specified by:

map in interface ColumnMapper

Specified by:

map in interface KeyMapper

Parameters:

resultSet - the result set previously created based on a query

providers - the providers to use if required

Returns:

the resulting object mapped from the given ResultSet

Throws:

SQLException - if any error occurs when manipulating the given ResultSet

builder

public static PasswordKeyMapper.Builder builder()

Construct a builder for password key mappers.

Returns:

the new builder (not null)