1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 package javax.security.auth.callback; 19 20 import java.io.Serializable; 21 import java.util.Arrays; 22 23 /** 24 * Used in conjunction with a {@link CallbackHandler} to retrieve a password 25 * when needed. 26 */ 27 public class PasswordCallback implements Callback, Serializable { 28 29 private static final long serialVersionUID = 2267422647454909926L; 30 31 private String prompt; 32 33 boolean echoOn; 34 35 private char[] inputPassword; 36 37 private void setPrompt(String prompt) throws IllegalArgumentException { 38 if (prompt == null || prompt.length() == 0) { 39 throw new IllegalArgumentException("Invalid prompt"); 40 } 41 this.prompt = prompt; 42 } 43 44 /** 45 * Creates a new {@code PasswordCallback} instance. 46 * 47 * @param prompt 48 * the message that should be displayed to the user 49 * @param echoOn 50 * determines whether the user input should be echoed 51 */ 52 public PasswordCallback(String prompt, boolean echoOn) { 53 setPrompt(prompt); 54 this.echoOn = echoOn; 55 } 56 57 /** 58 * Returns the prompt that was specified when creating this {@code 59 * PasswordCallback} 60 * 61 * @return the prompt 62 */ 63 public String getPrompt() { 64 return prompt; 65 } 66 67 /** 68 * Queries whether this {@code PasswordCallback} expects user input to be 69 * echoed, which is specified during the creation of the object. 70 * 71 * @return {@code true} if (and only if) user input should be echoed 72 */ 73 public boolean isEchoOn() { 74 return echoOn; 75 } 76 77 /** 78 * Sets the password. The {@link CallbackHandler} that performs the actual 79 * provisioning or input of the password needs to call this method to hand 80 * back the password to the security service that requested it. 81 * 82 * @param password 83 * the password. A copy of this is stored, so subsequent changes 84 * to the input array do not affect the {@code PasswordCallback}. 85 */ 86 public void setPassword(char[] password) { 87 if (password == null) { 88 this.inputPassword = password; 89 } else { 90 inputPassword = new char[password.length]; 91 System.arraycopy(password, 0, inputPassword, 0, inputPassword.length); 92 } 93 } 94 95 /** 96 * Returns the password. The security service that needs the password 97 * usually calls this method once the {@link CallbackHandler} has finished 98 * its work. 99 * 100 * @return the password. A copy of the internal password is created and 101 * returned, so subsequent changes to the internal password do not 102 * affect the result. 103 */ 104 public char[] getPassword() { 105 if (inputPassword != null) { 106 char[] tmp = new char[inputPassword.length]; 107 System.arraycopy(inputPassword, 0, tmp, 0, tmp.length); 108 return tmp; 109 } 110 return null; 111 } 112 113 /** 114 * Clears the password stored in this {@code PasswordCallback}. 115 */ 116 public void clearPassword() { 117 if (inputPassword != null) { 118 Arrays.fill(inputPassword, '\u0000'); 119 } 120 } 121 } 122