PasswordPolicyState pwpState,
PasswordPolicy policy)
throws IOException
{
ByteStringBuilder builder = new ByteStringBuilder();
ASN1Writer writer = ASN1.getWriter(builder);
writer.writeStartSequence();
writer.writeOctetString(dnString);
writer.writeStartSequence();
if (returnAll || returnTypes.contains(OP_GET_PASSWORD_POLICY_DN))
{
encode(writer, OP_GET_PASSWORD_POLICY_DN,
policy.getConfigEntryDN().toString());
}
if (returnAll || returnTypes.contains(OP_GET_ACCOUNT_DISABLED_STATE))
{
encode(writer, OP_GET_ACCOUNT_DISABLED_STATE,
String.valueOf(pwpState.isDisabled()));
}
if (returnAll || returnTypes.contains(OP_GET_ACCOUNT_EXPIRATION_TIME))
{
String expTimeStr;
long expTime = pwpState.getAccountExpirationTime();
if (expTime < 0)
{
expTimeStr = null;
}
else
{
expTimeStr = GeneralizedTimeSyntax.format(expTime);
}
encode(writer, OP_GET_ACCOUNT_EXPIRATION_TIME, expTimeStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION))
{
String secondsStr;
long expTime = pwpState.getAccountExpirationTime();
if (expTime < 0)
{
secondsStr = null;
}
else
{
secondsStr =
String.valueOf((expTime - pwpState.getCurrentTime()) / 1000);
}
encode(writer, OP_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION,
secondsStr);
}
if (returnAll || returnTypes.contains(OP_GET_PASSWORD_CHANGED_TIME))
{
String timeStr;
long changedTime = pwpState.getPasswordChangedTime();
if (changedTime < 0)
{
timeStr = null;
}
else
{
timeStr = GeneralizedTimeSyntax.format(changedTime);
}
encode(writer, OP_GET_PASSWORD_CHANGED_TIME, timeStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_PASSWORD_EXPIRATION_WARNED_TIME))
{
String timeStr;
long warnedTime = pwpState.getWarnedTime();
if (warnedTime < 0)
{
timeStr = null;
}
else
{
timeStr = GeneralizedTimeSyntax.format(warnedTime);
}
encode(writer, OP_GET_PASSWORD_EXPIRATION_WARNED_TIME, timeStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_SECONDS_UNTIL_PASSWORD_EXPIRATION))
{
String secondsStr;
int secondsUntilExp = pwpState.getSecondsUntilExpiration();
if (secondsUntilExp < 0)
{
secondsStr = null;
}
else
{
secondsStr = String.valueOf(secondsUntilExp);
}
encode(writer, OP_GET_SECONDS_UNTIL_PASSWORD_EXPIRATION,
secondsStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_SECONDS_UNTIL_PASSWORD_EXPIRATION_WARNING))
{
String secondsStr;
int secondsUntilExp = pwpState.getSecondsUntilExpiration();
if (secondsUntilExp < 0)
{
secondsStr = null;
}
else
{
int secondsUntilWarning = secondsUntilExp - policy.getWarningInterval();
if (secondsUntilWarning <= 0)
{
secondsStr = "0";
}
else
{
secondsStr = String.valueOf(secondsUntilWarning);
}
}
encode(writer, OP_GET_SECONDS_UNTIL_PASSWORD_EXPIRATION_WARNING,
secondsStr);
}
if (returnAll || returnTypes.contains(OP_GET_AUTHENTICATION_FAILURE_TIMES))
{
encode(writer, OP_GET_AUTHENTICATION_FAILURE_TIMES,
pwpState.getAuthFailureTimes());
}
if (returnAll || returnTypes.contains(
OP_GET_SECONDS_UNTIL_AUTHENTICATION_FAILURE_UNLOCK))
{
// We have to check whether the account is locked due to failures before
// we can get the length of time until the account is unlocked.
String secondsStr;
if (pwpState.lockedDueToFailures())
{
int seconds = pwpState.getSecondsUntilUnlock();
if (seconds <= 0)
{
secondsStr = null;
}
else
{
secondsStr = String.valueOf(seconds);
}
}
else
{
secondsStr = null;
}
encode(writer, OP_GET_SECONDS_UNTIL_AUTHENTICATION_FAILURE_UNLOCK,
secondsStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_REMAINING_AUTHENTICATION_FAILURE_COUNT))
{
String remainingFailuresStr;
int allowedFailureCount = policy.getLockoutFailureCount();
if (allowedFailureCount > 0)
{
int remainingFailures =
allowedFailureCount - pwpState.getAuthFailureTimes().size();
if (remainingFailures < 0)
{
remainingFailures = 0;
}
remainingFailuresStr = String.valueOf(remainingFailures);
}
else
{
remainingFailuresStr = null;
}
encode(writer, OP_GET_REMAINING_AUTHENTICATION_FAILURE_COUNT,
remainingFailuresStr);
}
if (returnAll || returnTypes.contains(OP_GET_LAST_LOGIN_TIME))
{
String timeStr;
long lastLoginTime = pwpState.getLastLoginTime();
if (lastLoginTime < 0)
{
timeStr = null;
}
else
{
timeStr = GeneralizedTimeSyntax.format(lastLoginTime);
}
encode(writer, OP_GET_LAST_LOGIN_TIME, timeStr);
}
if (returnAll || returnTypes.contains(OP_GET_SECONDS_UNTIL_IDLE_LOCKOUT))
{
String secondsStr;
int lockoutInterval = policy.getIdleLockoutInterval();
if (lockoutInterval > 0)
{
long lastLoginTime = pwpState.getLastLoginTime();
if (lastLoginTime < 0)
{
secondsStr = "0";
}
else
{
long lockoutTime = lastLoginTime + (lockoutInterval*1000);
long currentTime = pwpState.getCurrentTime();
int secondsUntilLockout = (int) ((lockoutTime - currentTime) / 1000);
if (secondsUntilLockout <= 0)
{
secondsStr = "0";
}
else
{
secondsStr = String.valueOf(secondsUntilLockout);
}
}
}
else
{
secondsStr = null;
}
encode(writer, OP_GET_SECONDS_UNTIL_IDLE_LOCKOUT, secondsStr);
}
if (returnAll || returnTypes.contains(OP_GET_PASSWORD_RESET_STATE))
{
encode(writer, OP_GET_PASSWORD_RESET_STATE,
String.valueOf(pwpState.mustChangePassword()));
}
if (returnAll ||
returnTypes.contains(OP_GET_SECONDS_UNTIL_PASSWORD_RESET_LOCKOUT))
{
String secondsStr;
if (pwpState.mustChangePassword())
{
int maxAge = policy.getMaximumPasswordResetAge();
if (maxAge > 0)
{
long currentTime = pwpState.getCurrentTime();
long changedTime = pwpState.getPasswordChangedTime();
int changeAge = (int) ((currentTime - changedTime) / 1000);
int timeToLockout = maxAge - changeAge;
if (timeToLockout <= 0)
{
secondsStr = "0";
}
else
{
secondsStr = String.valueOf(timeToLockout);
}
}
else
{
secondsStr = null;
}
}
else
{
secondsStr = null;
}
encode(writer, OP_GET_SECONDS_UNTIL_PASSWORD_RESET_LOCKOUT,
secondsStr);
}
if (returnAll || returnTypes.contains(OP_GET_GRACE_LOGIN_USE_TIMES))
{
encode(writer, OP_GET_GRACE_LOGIN_USE_TIMES,
pwpState.getGraceLoginTimes());
}
if (returnAll || returnTypes.contains(OP_GET_REMAINING_GRACE_LOGIN_COUNT))
{
String remainingStr;
int remainingGraceLogins = pwpState.getGraceLoginsRemaining();
if (remainingGraceLogins <= 0)
{
remainingStr = "0";
}
else
{
remainingStr = String.valueOf(remainingGraceLogins);
}
encode(writer, OP_GET_REMAINING_GRACE_LOGIN_COUNT, remainingStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_PASSWORD_CHANGED_BY_REQUIRED_TIME))
{
String timeStr;
long requiredChangeTime = pwpState.getRequiredChangeTime();
if (requiredChangeTime < 0)
{
timeStr = null;
}
else
{
timeStr = GeneralizedTimeSyntax.format(requiredChangeTime);
}
encode(writer, OP_GET_PASSWORD_CHANGED_BY_REQUIRED_TIME, timeStr);
}
if (returnAll ||
returnTypes.contains(OP_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME))
{
String secondsStr;
long policyRequiredChangeTime = policy.getRequireChangeByTime();
if (policyRequiredChangeTime > 0)
{
long accountRequiredChangeTime = pwpState.getRequiredChangeTime();
if (accountRequiredChangeTime >= policyRequiredChangeTime)
{
secondsStr = null;
}
else
{
long currentTime = pwpState.getCurrentTime();
if (currentTime >= policyRequiredChangeTime)
{
secondsStr = "0";
}
else
{
secondsStr =
String.valueOf((policyRequiredChangeTime-currentTime) / 1000);
}
}
}
else
{
secondsStr = null;
}
encode(writer, OP_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME,
secondsStr);
}
if (returnAll || returnTypes.contains(OP_GET_PASSWORD_HISTORY))
{
encode(writer, OP_GET_PASSWORD_HISTORY,
pwpState.getPasswordHistoryValues());
}
writer.writeEndSequence();
writer.writeEndSequence();
return builder.toByteString();
}