CR-3457 / OPENICF-223 - The C# delegate type is not compatible with Java and it does not work in PowerShell Runspace

CR-3457 / OPENICF-224 - The SyncDelta can not hold the ObjectClass of deleted object for Sync operation with ObjectClass.ALL

Author: Laszlo Hordos

Common/Security.cs

@@ -74,16 +74,39 @@ public interface UnmanagedArray<T> : IDisposable
     /// </remarks>
     public sealed class GuardedByteArray : IDisposable
     {
+
         /// <summary>
-        /// This method will be called with the clear text of the byte array.
+        /// Callback interface for those times that it is necessary to access the
+        /// clear text of the guarded bytes.
         /// </summary>
-        /// <remarks>
-        /// After the call the clearBytes array will be automatically zeroed
-        /// out, thus keeping the window of potential exposure to a bare-minimum.
-        /// </remarks>
-        /// <param name="clearChars"></param>
-        public delegate void Accessor(UnmanagedArray<byte> clearBytes);
+        public interface Accessor
+        {
+
+            /// <summary>
+            /// This method will be called with the clear text of the byte array.
+            /// </summary>
+            /// <remarks>
+            /// After the call the clearBytes array will be automatically zeroed
+            /// out, thus keeping the window of potential exposure to a bare-minimum.
+            /// </remarks>
+            /// <param name="clearBytes"></param>
+            void Access(UnmanagedArray<byte> clearBytes);
+        }
+
+        public class LambdaAccessor : Accessor
+        {
+            private readonly Action<UnmanagedArray<byte>> _accessor;
+
+            public LambdaAccessor(Action<UnmanagedArray<byte>> accessor)
+            {
+                _accessor = accessor;
+            }
 
+            public void Access(UnmanagedArray<byte> clearBytes)
+            {
+                _accessor(clearBytes);
+            }
+        }
 
         private SecureString _target;
         private String _base64SHA1Hash;
@@ -128,7 +151,7 @@ public void Access(Accessor accessor)
         {
             using (SecureStringToByteArrayAdapter adapter = new SecureStringToByteArrayAdapter(_target))
             {
-                accessor(adapter);
+                accessor.Access(adapter);
             }
         }
 
@@ -140,7 +163,7 @@ public void Access(Accessor accessor)
         /// appended, and then it will be re-encrypted.
         /// </remarks>
         /// <param name="b">The byte to append.</param>
-        /// <exception cref="IllegalStateException">If the byte array is read-only</exception>
+        /// <exception cref="InvalidOperationException">If the byte array is read-only</exception>
         /// <exception cref="IllegalStateException">If the byte array has been disposed</exception>
         public void AppendByte(byte b)
         {
@@ -251,10 +274,10 @@ public override int GetHashCode()
 
         private void ComputeHash()
         {
-            Access(array =>
+            Access(new LambdaAccessor(array =>
             {
                 _base64SHA1Hash = SecurityUtil.ComputeBase64SHA1Hash(array);
-            });
+            }));
         }
 
     }
@@ -292,16 +315,39 @@ private void ComputeHash()
     /// </remarks>
     public sealed class GuardedString : IDisposable
     {
+
         /// <summary>
-        /// This method will be called with the clear text of the string.
+        /// Callback interface for those times that it is necessary to access the
+        /// clear text of the secure string.
         /// </summary>
-        /// <remarks>
-        /// After the call the clearChars array will be automatically zeroed
-        /// out, thus keeping the window of potential exposure to a bare-minimum.
-        /// </remarks>
-        /// <param name="clearChars"></param>
-        public delegate void Accessor(UnmanagedArray<char> clearChars);
+        public interface Accessor
+        {
+
+            /// <summary>
+            /// This method will be called with the clear text of the string.
+            /// </summary>
+            /// <remarks>
+            /// After the call the clearChars array will be automatically zeroed
+            /// out, thus keeping the window of potential exposure to a bare-minimum.
+            /// </remarks>
+            /// <param name="clearChars"></param>
+            void Access(UnmanagedArray<char> clearChars);
+        }
+
+        public class LambdaAccessor : Accessor
+        {
+            private readonly Action<UnmanagedArray<char>> _accessor;
+
+            public LambdaAccessor(Action<UnmanagedArray<char>> accessor)
+            {
+                _accessor = accessor;
+            }
 
+            public void Access(UnmanagedArray<char> clearBytes)
+            {
+                _accessor(clearBytes);
+            }
+        }
 
         private SecureString _target;
         private String _base64SHA1Hash;
@@ -340,7 +386,7 @@ public void Access(Accessor accessor)
         {
             using (SecureStringAdapter adapter = new SecureStringAdapter(_target))
             {
-                accessor(adapter);
+                accessor.Access(adapter);
             }
         }
 
@@ -459,10 +505,10 @@ public SecureString ToSecureString()
 
         private void ComputeHash()
         {
-            Access(array =>
+            Access(new LambdaAccessor(array =>
             {
                 _base64SHA1Hash = SecurityUtil.ComputeBase64SHA1Hash(array);
-            });
+            }));
         }
 
     }
@@ -827,14 +873,14 @@ public static bool VerifyBase64SHA1Hash(UnmanagedArray<char> input, string hash)
         public static string Decrypt(GuardedString guardedString)
         {
             StringBuilder buf = new StringBuilder();
-            guardedString.Access(
+            guardedString.Access(new GuardedString.LambdaAccessor(
                                             array =>
                                             {
                                                 for (int i = 0; i < array.Length; i++)
                                                 {
                                                     buf.Append(array[i]);
                                                 }
-                                            });
+                                            }));
             return buf.ToString();
         }
 
@@ -848,15 +894,15 @@ public static string Decrypt(GuardedString guardedString)
         public static byte[] Decrypt(GuardedByteArray guardedByteArray)
         {
             byte[] result = null;
-            guardedByteArray.Access(
+            guardedByteArray.Access(new GuardedByteArray.LambdaAccessor(
                                             array =>
                                             {
                                                 result = new byte[array.Length];
                                                 for (int i = 0; i < array.Length; i++)
                                                 {
                                                     result[i] = array[i];
                                                 }
-                                            });
+                                            }));
             return result;
         }
     }

Framework/CommonObjects.cs

@@ -4662,6 +4662,7 @@ public sealed class SyncDelta
         private readonly SyncToken _token;
         private readonly SyncDeltaType _deltaType;
         private readonly Uid _previousUid;
+        private readonly ObjectClass _objectClass;
         private readonly Uid _uid;
         private readonly ConnectorObject _object;
 
@@ -4670,20 +4671,22 @@ public sealed class SyncDelta
         /// </summary>
         /// <param name="token">The token. Must not be null.</param>
         /// <param name="deltaType">The delta. Must not be null.</param>
+        /// <param name="previousUid">The previousUid. Can be null.</param>
+        /// <param name="objectClass">The objectClass. Can be null.</param>
         /// <param name="uid">The uid. Must not be null.</param>
-        /// <param name="object">The object that has changed. May be null for delete.</param>
+        /// <param name="obj">The object that has changed. May be null for delete.</param>
         internal SyncDelta(SyncToken token, SyncDeltaType deltaType,
-                Uid previousUid, Uid uid,
+                Uid previousUid, ObjectClass objectClass, Uid uid,
                 ConnectorObject obj)
         {
             Assertions.NullCheck(token, "token");
             Assertions.NullCheck(deltaType, "deltaType");
             Assertions.NullCheck(uid, "uid");
 
             //do not allow previous Uid for anything else than create or update
-            if (previousUid != null && deltaType == SyncDeltaType.DELETE)
+            if (previousUid != null && (deltaType == SyncDeltaType.DELETE || deltaType == SyncDeltaType.CREATE))
             {
-                throw new ArgumentException("The previous Uid can only be specified for create or update.");
+                throw new ArgumentException("The previous Uid can only be specified for create_or_update or udate.");
             }
 
             //only allow null object for delete
@@ -4701,11 +4704,16 @@ internal SyncDelta(SyncToken token, SyncDeltaType deltaType,
                 {
                     throw new ArgumentException("Uid does not match that of the object.");
                 }
+                if (!objectClass.Equals(obj.ObjectClass))
+                {
+                    throw new ArgumentException("ObjectClass does not match that of the object.");
+                }
             }
 
             _token = token;
             _deltaType = deltaType;
             _previousUid = previousUid;
+            _objectClass = objectClass;
             _uid = uid;
             _object = obj;
 
@@ -4730,6 +4738,22 @@ public Uid PreviousUid
             }
         }
 
+        /// <summary>
+        /// If the change described by this <code>SyncDelta.DELETE</code> and the
+        /// deleted object value is <code>null</code>, this method returns the
+        /// ObjectClass of the deleted object. If operation syncs
+        /// <seealso cref="Org.IdentityConnectors.Framework.Common.Objects.ObjectClass#ALL"/>
+        /// this must be set, otherwise this method can return <code>null</code>.
+        /// </summary>
+        /// <returns> the ObjectClass of the deleted object. </returns>
+        public ObjectClass ObjectClass
+        {
+            get
+            {
+                return _objectClass;
+            }
+        }
+
         /// <summary>
         /// Returns the <code>Uid</code> of the object that changed.
         /// </summary>
@@ -4790,14 +4814,29 @@ public override String ToString()
             values["Token"] = _token;
             values["DeltaType"] = _deltaType;
             values["PreviousUid"] = _previousUid;
+            values["ObjectClass"] = _objectClass;
             values["Uid"] = _uid;
             values["Object"] = _object;
             return values.ToString();
         }
 
         public override int GetHashCode()
         {
-            return _uid.GetHashCode();
+            unchecked
+            {
+                int hashCode = (_token != null ? _token.GetHashCode() : 0);
+                hashCode = (hashCode * 397) ^ (int)_deltaType;
+                hashCode = (hashCode * 397) ^ (_previousUid != null ? _previousUid.GetHashCode() : 0);
+                hashCode = (hashCode * 397) ^ (_objectClass != null ? _objectClass.GetHashCode() : 0);
+                hashCode = (hashCode * 397) ^ (_uid != null ? _uid.GetHashCode() : 0);
+                hashCode = (hashCode * 397) ^ (_object != null ? _object.GetHashCode() : 0);
+                return hashCode;
+            }
+        }
+
+        private bool Equals(SyncDelta other)
+        {
+            return Equals(_token, other._token) && _deltaType == other._deltaType && Equals(_previousUid, other._previousUid) && Equals(_objectClass, other._objectClass) && Equals(_uid, other._uid) && Equals(_object, other._object);
         }
 
         public override bool Equals(Object o)
@@ -4824,6 +4863,17 @@ public override bool Equals(Object o)
                 {
                     return false;
                 }
+                if (_objectClass == null)
+                {
+                    if (other._objectClass != null)
+                    {
+                        return false;
+                    }
+                }
+                else if (!_objectClass.Equals(other._objectClass))
+                {
+                    return false;
+                }
                 if (!_uid.Equals(other._uid))
                 {
                     return false;
@@ -4855,6 +4905,7 @@ public sealed class SyncDeltaBuilder
         private SyncToken _token;
         private SyncDeltaType _deltaType;
         private Uid _previousUid;
+        private ObjectClass _objectClass;
         private Uid _uid;
         private ConnectorObject _object;
 
@@ -4876,6 +4927,7 @@ public SyncDeltaBuilder(SyncDelta delta)
             _token = delta.Token;
             _deltaType = delta.DeltaType;
             _previousUid = delta.PreviousUid;
+            _objectClass = delta.ObjectClass;
             _uid = delta.Uid;
             _object = delta.Object;
         }
@@ -4928,6 +4980,23 @@ public Uid PreviousUid
             }
         }
 
+        /// <summary>
+        /// Returns the <code>ObjectClass</code> of Deleted object.
+        /// </summary>
+        /// <returns>the <code>ObjectClass</code> of Deleted object.</returns>
+        public ObjectClass ObjectClass
+        {
+            get
+            {
+                return _objectClass;
+            }
+            set
+            {
+                _objectClass = value;
+            }
+        }
+
+
         /// <summary>
         /// Returns the <code>Uid</code> of the object that changed.
         /// </summary>
@@ -4969,6 +5038,7 @@ public ConnectorObject Object
                 if (value != null)
                 {
                     _uid = value.Uid;
+                    _objectClass = value.ObjectClass;
                 }
             }
         }
@@ -4999,7 +5069,7 @@ public ConnectorObject Object
         /// </remarks>
         public SyncDelta Build()
         {
-            return new SyncDelta(_token, _deltaType, _previousUid, _uid, _object);
+            return new SyncDelta(_token, _deltaType, _previousUid, _objectClass, _uid, _object);
         }
     }
     #endregion