001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.authc.pam;
020
021import org.apache.shiro.authc.*;
022import org.apache.shiro.realm.Realm;
023
024import java.util.Collection;
025
026
027/**
028 * Abstract base implementation for Shiro's concrete <code>AuthenticationStrategy</code>
029 * implementations.
030 *
031 * @since 0.9
032 */
033public abstract class AbstractAuthenticationStrategy implements AuthenticationStrategy {
034
035    /**
036     * Simply returns <code>new {@link org.apache.shiro.authc.SimpleAuthenticationInfo SimpleAuthenticationInfo}();</code>, which supports
037     * aggregating account data across realms.
038     */
039    public AuthenticationInfo beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token) throws AuthenticationException {
040        return new SimpleAuthenticationInfo();
041    }
042
043    /**
044     * Simply returns the <code>aggregate</code> method argument, without modification.
045     */
046    public AuthenticationInfo beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
047        return aggregate;
048    }
049
050    /**
051     * Base implementation that will aggregate the specified <code>singleRealmInfo</code> into the
052     * <code>aggregateInfo</code> and then returns the aggregate.  Can be overridden by subclasses for custom behavior.
053     */
054    public AuthenticationInfo afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo singleRealmInfo, AuthenticationInfo aggregateInfo, Throwable t) throws AuthenticationException {
055        AuthenticationInfo info;
056        if (singleRealmInfo == null) {
057            info = aggregateInfo;
058        } else {
059            if (aggregateInfo == null) {
060                info = singleRealmInfo;
061            } else {
062                info = merge(singleRealmInfo, aggregateInfo);
063            }
064        }
065
066        return info;
067    }
068
069    /**
070     * Merges the specified <code>info</code> argument into the <code>aggregate</code> argument and then returns an
071     * aggregate for continued use throughout the login process.
072     * <p/>
073     * This implementation merely checks to see if the specified <code>aggregate</code> argument is an instance of
074     * {@link org.apache.shiro.authc.MergableAuthenticationInfo MergableAuthenticationInfo}, and if so, calls
075     * <code>aggregate.merge(info)</code>  If it is <em>not</em> an instance of
076     * <code>MergableAuthenticationInfo</code>, an {@link IllegalArgumentException IllegalArgumentException} is thrown.
077     * Can be overridden by subclasses for custom merging behavior if implementing the
078     * {@link org.apache.shiro.authc.MergableAuthenticationInfo MergableAuthenticationInfo} is not desired for some reason.
079     */
080    protected AuthenticationInfo merge(AuthenticationInfo info, AuthenticationInfo aggregate) {
081        if( aggregate instanceof MergableAuthenticationInfo ) {
082            ((MergableAuthenticationInfo)aggregate).merge(info);
083            return aggregate;
084        } else {
085            throw new IllegalArgumentException( "Attempt to merge authentication info from multiple realms, but aggregate " +
086                      "AuthenticationInfo is not of type MergableAuthenticationInfo." );
087        }
088    }
089
090    /**
091     * Simply returns the <code>aggregate</code> argument without modification.  Can be overridden for custom behavior.
092     */
093    public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
094        return aggregate;
095    }
096}