View Javadoc

1   /**
2    * Copyright 2013 OPS4J
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.ops4j.pax.useradmin.service.spi;
18  
19  import org.osgi.service.useradmin.User;
20  
21  /**
22   * Provides access to user credential attributes, all methods here are called
23   * after several checks are made:
24   * <ul>
25   * <li>The caller is allowed to access the credential</li>
26   * <li>The key is a String</li>
27   * <li>The value is either a String or a byte[]</li>
28   * </ul>
29   */
30  public interface CredentialProvider {
31  
32      /**
33       * gets a <code>String</code> credential to a user.
34       * 
35       * @param decryptor
36       *            The {@link Decryptor} to validate and decrypt values
37       * @param user
38       *            The <code>User</code> to get the credential from.
39       * @param key
40       *            The key of the credential.
41       * @throws StorageException
42       */
43      Object getUserCredential(Decryptor decryptor, User user, String key) throws StorageException;
44  
45      /**
46       * Check a <code>String</code> credential to a user.
47       * @param decryptor
48       *            The {@link Decryptor} to validate and decrypt values
49       * @param user
50       *            The {@link User} to check the credential to.
51       * @param key
52       *            The key of the credential.
53       * @param value
54       *            The value of the credential.
55       * 
56       * @throws StorageException
57       */
58      boolean hasUserCredential(Decryptor decryptor, User user, String key, Object value) throws StorageException;
59  
60      /**
61       * Sets a <code>String</code> credential to a user.
62       * 
63       * @param encryptor
64       *            the {@link Encryptor} to use for encrypt sensitive values
65       * @param user
66       *            The <code>User</code> to set the credential to.
67       * @param key
68       *            The key of the credential.
69       * @param value
70       *            The value of the credential.
71       * @throws StorageException
72       */
73      void setUserCredential(Encryptor encryptor, User user, String key, Object value) throws StorageException;
74  
75      /**
76       * Removes a credential from a role.
77       * 
78       * @param user
79       *            The <code>User</code> to remove the credential from.
80       * @param key
81       *            The key of the credential.
82       * @throws StorageException
83       */
84      void removeUserCredential(User user, String key) throws StorageException;
85  
86      /**
87       * Removes all credentials for a user.
88       * 
89       * @param user
90       *            The <code>User</code> to remove the credentials for.
91       * @throws StorageException
92       */
93      void clearUserCredentials(User user) throws StorageException;
94  }