/* Copyright 2004, 2005 Acegi Technology Pty Limited
    *
    * Licensed under the Apache License, Version 2.0 (the "License");
    * you may not use this file except in compliance with the License.
    * You may obtain a copy of the License at
    *
    *     http://www.apache.org/licenses/LICENSE-2.0
    *
    * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  
  package org.acegisecurity.providers;
  
  import org.acegisecurity.GrantedAuthority;
  
  
  /***
   * An {@link org.acegisecurity.Authentication} implementation that is
   * designed for simple presentation of a username and password.
   * 
   * <p>
   * The <code>principal</code> and <code>credentials</code> should be set with
   * an <code>Object</code> that provides the respective property via its
   * <code>Object.toString()</code> method. The simplest such
   * <code>Object</code> to use is <code>String</code>.
   * </p>
   *
   * @author Ben Alex
   * @version $Id: UsernamePasswordAuthenticationToken.java,v 1.9 2005/11/17 00:55:49 benalex Exp $
   */
  public class UsernamePasswordAuthenticationToken
      extends AbstractAuthenticationToken {
      //~ Instance fields ========================================================
  
      private Object credentials;
      private Object details = null;
      private Object principal;
      private GrantedAuthority[] authorities;
      private boolean authenticated;
  
      //~ Constructors ===========================================================
  
      /***
       * This constructor can be safely used by any code that wishes to create a
       * <code>UsernamePasswordAuthenticationToken</code>, as the {@link
       * #isAuthenticated()} will return <code>false</code>.
       *
       * @param principal DOCUMENT ME!
       * @param credentials DOCUMENT ME!
       */
      public UsernamePasswordAuthenticationToken(Object principal,
          Object credentials) {
          this.principal = principal;
          this.credentials = credentials;
          this.authenticated = false;
      }
  
      /***
       * This constructor should only be used by
       * <code>AuthenticationManager</code> or
       * <code>AuthenticationProvider</code> implementations that are satisfied
       * with producing a trusted (ie {@link #isAuthenticated()} =
       * <code>true</code>) authentication token.
       *
       * @param principal
       * @param credentials
       * @param authorities
       */
      public UsernamePasswordAuthenticationToken(Object principal,
          Object credentials, GrantedAuthority[] authorities) {
          this.principal = principal;
          this.credentials = credentials;
          this.authorities = authorities;
          this.authenticated = true;
      }
  
      protected UsernamePasswordAuthenticationToken() {
          throw new IllegalArgumentException("Cannot use default constructor");
      }
  
      //~ Methods ================================================================
  
      public void setAuthenticated(boolean isAuthenticated)
          throws IllegalArgumentException {
          if (isAuthenticated) {
              throw new IllegalArgumentException(
                  "Cannot set this token to trusted - use constructor containing GrantedAuthority[]s instead");
          }
  
          this.authenticated = isAuthenticated;
      }
  
      public boolean isAuthenticated() {
          return this.authenticated;
      }
 
     public GrantedAuthority[] getAuthorities() {
         return this.authorities;
     }
 
     public Object getCredentials() {
         return this.credentials;
     }
 
     public void setDetails(Object details) {
         this.details = details;
     }
 
     /***
      * Usually a {@link org.acegisecurity.ui.WebAuthenticationDetails}.
      *
      * @return the authentication request details, or <code>null</code>
      */
     public Object getDetails() {
         return details;
     }
 
     public Object getPrincipal() {
         return this.principal;
     }
 }