core/src/main/java/org/apache/shiro/authc/SimpleAuthenticationInfo.java - shiro - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro.authc;

 import org.apache.shiro.lang.util.ByteSource;
 import org.apache.shiro.lang.util.SimpleByteSource;
 import org.apache.shiro.subject.MutablePrincipalCollection;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.SimplePrincipalCollection;

 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Objects;
 import java.util.Set;


 /**
  * Simple implementation of the {@link org.apache.shiro.authc.MergableAuthenticationInfo} interface that holds the principals and
  * credentials.
  *
  * @see org.apache.shiro.realm.AuthenticatingRealm
  * @since 0.9
  */
 public class SimpleAuthenticationInfo implements MergableAuthenticationInfo, SaltedAuthenticationInfo {

     private static final long serialVersionUID = 5390456512469696779L;
     /**
      * The principals identifying the account associated with this AuthenticationInfo instance.
      */
     protected PrincipalCollection principals;
     /**
      * The credentials verifying the account principals.
      */
     protected Object credentials;

     /**
      * Any salt used in hashing the credentials.
      *
      * @since 1.1
      */
     protected ByteSource credentialsSalt = SimpleByteSource.empty();

     /**
      * Default no-argument constructor.
      */
     public SimpleAuthenticationInfo() {
     }

     /**
      * Constructor that takes in a single 'primary' principal of the account and its corresponding credentials,
      * associated with the specified realm.
      * <p/>
      * This is a convenience constructor and will construct a {@link PrincipalCollection PrincipalCollection} based
      * on the {@code principal} and {@code realmName} argument.
      *
      * @param principal   the 'primary' principal associated with the specified realm.
      * @param credentials the credentials that verify the given principal.
      * @param realmName   the realm from where the principal and credentials were acquired.
      */
     public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {
         this.principals = new SimplePrincipalCollection(principal, realmName);
         this.credentials = credentials;
     }

     /**
      * Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials,
      * the salt used to hash the credentials, and the name of the realm to associate with the principals.
      * <p/>
      * This is a convenience constructor and will construct a {@link PrincipalCollection PrincipalCollection} based
      * on the <code>principal</code> and <code>realmName</code> argument.
      *
      * @param principal         the 'primary' principal associated with the specified realm.
      * @param hashedCredentials the hashed credentials that verify the given principal.
      * @param credentialsSalt   the salt used when hashing the given hashedCredentials
      * @param realmName         the realm from where the principal and credentials were acquired.
      * @see org.apache.shiro.authc.credential.HashedCredentialsMatcher HashedCredentialsMatcher
      * @since 1.1
      */
     public SimpleAuthenticationInfo(Object principal, Object hashedCredentials, ByteSource credentialsSalt, String realmName) {
         this.principals = new SimplePrincipalCollection(principal, realmName);
         this.credentials = hashedCredentials;
         this.credentialsSalt = credentialsSalt;
     }

     /**
      * Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify
      * the principals.
      *
      * @param principals  a Realm's account's identifying principal(s)
      * @param credentials the accounts corresponding principals that verify the principals.
      */
     public SimpleAuthenticationInfo(PrincipalCollection principals, Object credentials) {
         this.principals = new SimplePrincipalCollection(principals);
         this.credentials = credentials;
     }

     /**
      * Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the
      * principals, and the salt used when hashing the credentials.
      *
      * @param principals        a Realm's account's identifying principal(s)
      * @param hashedCredentials the hashed credentials that verify the principals.
      * @param credentialsSalt   the salt used when hashing the hashedCredentials.
      * @see org.apache.shiro.authc.credential.HashedCredentialsMatcher HashedCredentialsMatcher
      * @since 1.1
      */
     public SimpleAuthenticationInfo(PrincipalCollection principals, Object hashedCredentials, ByteSource credentialsSalt) {
         this.principals = new SimplePrincipalCollection(principals);
         this.credentials = hashedCredentials;
         this.credentialsSalt = credentialsSalt;
     }


     @Override
     public PrincipalCollection getPrincipals() {
         return principals;
     }

     /**
      * Sets the identifying principal(s) represented by this instance.
      *
      * @param principals the identifying attributes of the corresponding Realm account.
      */
     public void setPrincipals(PrincipalCollection principals) {
         this.principals = principals;
     }

     @Override
     public Object getCredentials() {
         return credentials;
     }

     /**
      * Sets the credentials that verify the principals/identity of the associated Realm account.
      *
      * @param credentials attribute(s) that verify the account's identity/principals, such as a password or private key.
      */
     public void setCredentials(Object credentials) {
         this.credentials = credentials;
     }

     /**
      * Returns the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
      * hashed at all.
      * <p/>
      * Note that this attribute is <em>NOT</em> handled in the
      * {@link #merge(AuthenticationInfo) merge} method - a hash salt is only useful within a single realm (as each
      * realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further
      * use for salts.  Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
      *
      * @return the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
      *         hashed at all.
      * @since 1.1
      */
     @Override
     public ByteSource getCredentialsSalt() {
         return credentialsSalt;
     }

     /**
      * Sets the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
      * hashed at all.
      * <p/>
      * Note that this attribute is <em>NOT</em> handled in the
      * {@link #merge(AuthenticationInfo) merge} method - a hash salt is only useful within a single realm (as each
      * realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further
      * use for salts.  Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
      *
      * @param salt the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
      *             hashed at all.
      * @since 1.1
      */
     public void setCredentialsSalt(ByteSource salt) {
         this.credentialsSalt = salt;
     }

     /**
      * Takes the specified <code>info</code> argument and adds its principals and credentials into this instance.
      *
      * @param info the <code>AuthenticationInfo</code> to add into this instance.
      */
     @Override
     @SuppressWarnings("unchecked")
     public void merge(AuthenticationInfo info) {
         if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) {
             return;
         }

         if (this.principals == null) {
             this.principals = info.getPrincipals();
         } else {
             if (!(this.principals instanceof MutablePrincipalCollection)) {
                 this.principals = new SimplePrincipalCollection(this.principals);
             }
             ((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
         }

         //only mess with a salt value if we don't have one yet.  It doesn't make sense
         //to merge salt values from different realms because a salt is used only within
         //the realm's credential matching process.  But if the current instance's salt
         //is null, then it can't hurt to pull in a non-null value if one exists.
         //
         //since 1.1:
         if (this.credentialsSalt == null && info instanceof SaltedAuthenticationInfo) {
             this.credentialsSalt = ((SaltedAuthenticationInfo) info).getCredentialsSalt();
         }

         Object thisCredentials = getCredentials();
         Object otherCredentials = info.getCredentials();

         if (otherCredentials == null) {
             return;
         }

         if (thisCredentials == null) {
             this.credentials = otherCredentials;
             return;
         }

         if (!(thisCredentials instanceof Collection)) {
             Set newSet = new HashSet();
             newSet.add(thisCredentials);
             setCredentials(newSet);
         }

         // At this point, the credentials should be a collection
         Collection credentialCollection = (Collection) getCredentials();
         if (otherCredentials instanceof Collection) {
             credentialCollection.addAll((Collection) otherCredentials);
         } else {
             credentialCollection.add(otherCredentials);
         }
     }

     /**
      * Returns <code>true</code> if the Object argument is an <code>instanceof SimpleAuthenticationInfo</code> and
      * its {@link #getPrincipals() principals} are equal to this instance's principals, <code>false</code> otherwise.
      *
      * @param o the object to compare for equality.
      * @return <code>true</code> if the Object argument is an <code>instanceof SimpleAuthenticationInfo</code> and
      *         its {@link #getPrincipals() principals} are equal to this instance's principals, <code>false</code> otherwise.
      */
     @Override
     public boolean equals(Object o) {
         if (this == o) {
             return true;
         }
         if (!(o instanceof SimpleAuthenticationInfo)) {
             return false;
         }

         SimpleAuthenticationInfo that = (SimpleAuthenticationInfo) o;

         //noinspection RedundantIfStatement
         if (!Objects.equals(principals, that.principals)) {
             return false;
         }

         return true;
     }

     /**
      * Returns the hashcode of the internal {@link #getPrincipals() principals} instance.
      *
      * @return the hashcode of the internal {@link #getPrincipals() principals} instance.
      */
     @Override
     public int hashCode() {
         return (principals != null ? principals.hashCode() : 0);
     }

     /**
      * Simple implementation that merely returns <code>{@link #getPrincipals() principals}.toString()</code>
      *
      * @return <code>{@link #getPrincipals() principals}.toString()</code>
      */
     @Override
     public String toString() {
         return principals.toString();
     }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.shiro.authc;

	import org.apache.shiro.lang.util.ByteSource;
	import org.apache.shiro.lang.util.SimpleByteSource;
	import org.apache.shiro.subject.MutablePrincipalCollection;
	import org.apache.shiro.subject.PrincipalCollection;
	import org.apache.shiro.subject.SimplePrincipalCollection;

	import java.util.Collection;
	import java.util.HashSet;
	import java.util.Objects;
	import java.util.Set;


	/**
	* Simple implementation of the {@link org.apache.shiro.authc.MergableAuthenticationInfo} interface that holds the principals and
	* credentials.
	*
	* @see org.apache.shiro.realm.AuthenticatingRealm
	* @since 0.9
	*/
	public class SimpleAuthenticationInfo implements MergableAuthenticationInfo, SaltedAuthenticationInfo {

	private static final long serialVersionUID = 5390456512469696779L;
	/**
	* The principals identifying the account associated with this AuthenticationInfo instance.
	*/
	protected PrincipalCollection principals;
	/**
	* The credentials verifying the account principals.
	*/
	protected Object credentials;

	/**
	* Any salt used in hashing the credentials.
	*
	* @since 1.1
	*/
	protected ByteSource credentialsSalt = SimpleByteSource.empty();

	/**
	* Default no-argument constructor.
	*/
	public SimpleAuthenticationInfo() {
	}

	/**
	* Constructor that takes in a single 'primary' principal of the account and its corresponding credentials,
	* associated with the specified realm.
	* <p/>
	* This is a convenience constructor and will construct a {@link PrincipalCollection PrincipalCollection} based
	* on the {@code principal} and {@code realmName} argument.
	*
	* @param principal the 'primary' principal associated with the specified realm.
	* @param credentials the credentials that verify the given principal.
	* @param realmName the realm from where the principal and credentials were acquired.
	*/
	public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {
	this.principals = new SimplePrincipalCollection(principal, realmName);
	this.credentials = credentials;
	}

	/**
	* Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials,
	* the salt used to hash the credentials, and the name of the realm to associate with the principals.
	* <p/>
	* This is a convenience constructor and will construct a {@link PrincipalCollection PrincipalCollection} based
	* on the <code>principal</code> and <code>realmName</code> argument.
	*
	* @param principal the 'primary' principal associated with the specified realm.
	* @param hashedCredentials the hashed credentials that verify the given principal.
	* @param credentialsSalt the salt used when hashing the given hashedCredentials
	* @param realmName the realm from where the principal and credentials were acquired.
	* @see org.apache.shiro.authc.credential.HashedCredentialsMatcher HashedCredentialsMatcher
	* @since 1.1
	*/
	public SimpleAuthenticationInfo(Object principal, Object hashedCredentials, ByteSource credentialsSalt, String realmName) {
	this.principals = new SimplePrincipalCollection(principal, realmName);
	this.credentials = hashedCredentials;
	this.credentialsSalt = credentialsSalt;
	}

	/**
	* Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify
	* the principals.
	*
	* @param principals a Realm's account's identifying principal(s)
	* @param credentials the accounts corresponding principals that verify the principals.
	*/
	public SimpleAuthenticationInfo(PrincipalCollection principals, Object credentials) {
	this.principals = new SimplePrincipalCollection(principals);
	this.credentials = credentials;
	}

	/**
	* Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the
	* principals, and the salt used when hashing the credentials.
	*
	* @param principals a Realm's account's identifying principal(s)
	* @param hashedCredentials the hashed credentials that verify the principals.
	* @param credentialsSalt the salt used when hashing the hashedCredentials.
	* @see org.apache.shiro.authc.credential.HashedCredentialsMatcher HashedCredentialsMatcher
	* @since 1.1
	*/
	public SimpleAuthenticationInfo(PrincipalCollection principals, Object hashedCredentials, ByteSource credentialsSalt) {
	this.principals = new SimplePrincipalCollection(principals);
	this.credentials = hashedCredentials;
	this.credentialsSalt = credentialsSalt;
	}


	@Override
	public PrincipalCollection getPrincipals() {
	return principals;
	}

	/**
	* Sets the identifying principal(s) represented by this instance.
	*
	* @param principals the identifying attributes of the corresponding Realm account.
	*/
	public void setPrincipals(PrincipalCollection principals) {
	this.principals = principals;
	}

	@Override
	public Object getCredentials() {
	return credentials;
	}

	/**
	* Sets the credentials that verify the principals/identity of the associated Realm account.
	*
	* @param credentials attribute(s) that verify the account's identity/principals, such as a password or private key.
	*/
	public void setCredentials(Object credentials) {
	this.credentials = credentials;
	}

	/**
	* Returns the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
	* hashed at all.
	* <p/>
	* Note that this attribute is <em>NOT</em> handled in the
	* {@link #merge(AuthenticationInfo) merge} method - a hash salt is only useful within a single realm (as each
	* realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further
	* use for salts. Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
	*
	* @return the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
	* hashed at all.
	* @since 1.1
	*/
	@Override
	public ByteSource getCredentialsSalt() {
	return credentialsSalt;
	}

	/**
	* Sets the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
	* hashed at all.
	* <p/>
	* Note that this attribute is <em>NOT</em> handled in the
	* {@link #merge(AuthenticationInfo) merge} method - a hash salt is only useful within a single realm (as each
	* realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further
	* use for salts. Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
	*
	* @param salt the salt used to hash the credentials, or {@code null} if no salt was used or credentials were not
	* hashed at all.
	* @since 1.1
	*/
	public void setCredentialsSalt(ByteSource salt) {
	this.credentialsSalt = salt;
	}

	/**
	* Takes the specified <code>info</code> argument and adds its principals and credentials into this instance.
	*
	* @param info the <code>AuthenticationInfo</code> to add into this instance.
	*/
	@Override
	@SuppressWarnings("unchecked")
	public void merge(AuthenticationInfo info) {
	if (info == null \|\| info.getPrincipals() == null \|\| info.getPrincipals().isEmpty()) {
	return;
	}

	if (this.principals == null) {
	this.principals = info.getPrincipals();
	} else {
	if (!(this.principals instanceof MutablePrincipalCollection)) {
	this.principals = new SimplePrincipalCollection(this.principals);
	}
	((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
	}

	//only mess with a salt value if we don't have one yet. It doesn't make sense
	//to merge salt values from different realms because a salt is used only within
	//the realm's credential matching process. But if the current instance's salt
	//is null, then it can't hurt to pull in a non-null value if one exists.
	//
	//since 1.1:
	if (this.credentialsSalt == null && info instanceof SaltedAuthenticationInfo) {
	this.credentialsSalt = ((SaltedAuthenticationInfo) info).getCredentialsSalt();
	}

	Object thisCredentials = getCredentials();
	Object otherCredentials = info.getCredentials();

	if (otherCredentials == null) {
	return;
	}

	if (thisCredentials == null) {
	this.credentials = otherCredentials;
	return;
	}

	if (!(thisCredentials instanceof Collection)) {
	Set newSet = new HashSet();
	newSet.add(thisCredentials);
	setCredentials(newSet);
	}

	// At this point, the credentials should be a collection
	Collection credentialCollection = (Collection) getCredentials();
	if (otherCredentials instanceof Collection) {
	credentialCollection.addAll((Collection) otherCredentials);
	} else {
	credentialCollection.add(otherCredentials);
	}
	}

	/**
	* Returns <code>true</code> if the Object argument is an <code>instanceof SimpleAuthenticationInfo</code> and
	* its {@link #getPrincipals() principals} are equal to this instance's principals, <code>false</code> otherwise.
	*
	* @param o the object to compare for equality.
	* @return <code>true</code> if the Object argument is an <code>instanceof SimpleAuthenticationInfo</code> and
	* its {@link #getPrincipals() principals} are equal to this instance's principals, <code>false</code> otherwise.
	*/
	@Override
	public boolean equals(Object o) {
	if (this == o) {
	return true;
	}
	if (!(o instanceof SimpleAuthenticationInfo)) {
	return false;
	}

	SimpleAuthenticationInfo that = (SimpleAuthenticationInfo) o;

	//noinspection RedundantIfStatement
	if (!Objects.equals(principals, that.principals)) {
	return false;
	}

	return true;
	}

	/**
	* Returns the hashcode of the internal {@link #getPrincipals() principals} instance.
	*
	* @return the hashcode of the internal {@link #getPrincipals() principals} instance.
	*/
	@Override
	public int hashCode() {
	return (principals != null ? principals.hashCode() : 0);
	}

	/**
	* Simple implementation that merely returns <code>{@link #getPrincipals() principals}.toString()</code>
	*
	* @return <code>{@link #getPrincipals() principals}.toString()</code>
	*/
	@Override
	public String toString() {
	return principals.toString();
	}

	}