Examples with IdSearchResults com.sun.identity.idm.IdSearchResults used on opensource projects

Example 56 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class OpenAMClientRegistrationStore method getIdentity.

@SuppressWarnings("unchecked")
private AMIdentity getIdentity(String uName, String realm, OAuth2Request request) throws InvalidClientException {
    final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
    final AMIdentity theID;
    try {
        final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
        final IdSearchControl idsc = new IdSearchControl();
        idsc.setRecursive(true);
        idsc.setAllReturnAttributes(true);
        // search for the identity
        Set<AMIdentity> results = Collections.emptySet();
        idsc.setMaxResults(0);
        IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.AGENT, uName, idsc);
        if (searchResults != null) {
            results = searchResults.getSearchResults();
        }
        if (results == null || results.size() != 1) {
            throw failureFactory.getException(request, "Client authentication failed");
        }
        theID = results.iterator().next();
        //if the client is deactivated throw InvalidClientException
        if (theID.isActive()) {
            return theID;
        } else {
            throw failureFactory.getException(request, "Client authentication failed");
        }
    } catch (SSOException e) {
        logger.error("ClientVerifierImpl::Unable to get client AMIdentity: ", e);
        throw failureFactory.getException(request, "Client authentication failed");
    } catch (IdRepoException e) {
        logger.error("ClientVerifierImpl::Unable to get client AMIdentity: ", e);
        throw failureFactory.getException(request, "Client authentication failed");
    }
}

Example 57 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdentityManager method getResourceOwnerIdentity.

/**
     * Gets a resource owner's identity.
     *
     * @param username The resource owner's username.
     * @param realm The resource owner's realm.
     * @return The resource owner's identity.
     * @throws UnauthorizedClientException If the resource owner's identity cannot be found.
     */
public AMIdentity getResourceOwnerIdentity(String username, final String realm) throws UnauthorizedClientException {
    final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
    final AMIdentity amIdentity;
    try {
        final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
        final IdSearchControl idsc = new IdSearchControl();
        idsc.setRecursive(true);
        idsc.setAllReturnAttributes(true);
        // search for the identity
        final Set<AMIdentity> results = new HashSet<AMIdentity>();
        idsc.setMaxResults(0);
        IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.USER, username, idsc);
        if (searchResults != null && !searchResults.getResultAttributes().isEmpty()) {
            results.addAll(searchResults.getSearchResults());
        } else {
            OAuth2ProviderSettings settings = providerSettingsFactory.get(new OAuth2Request() {

                public <T> T getRequest() {
                    throw new UnsupportedOperationException("Realm parameter only OAuth2Request");
                }

                public <T> T getParameter(String name) {
                    if ("realm".equals(name)) {
                        return (T) realm;
                    }
                    throw new UnsupportedOperationException("Realm parameter only OAuth2Request");
                }

                public JsonValue getBody() {
                    throw new UnsupportedOperationException("Realm parameter only OAuth2Request");
                }

                @Override
                public Locale getLocale() {
                    throw new UnsupportedOperationException();
                }
            });
            final Map<String, Set<String>> avPairs = toAvPairMap(settings.getResourceOwnerAuthenticatedAttributes(), username);
            idsc.setSearchModifiers(IdSearchOpModifier.OR, avPairs);
            searchResults = amIdRepo.searchIdentities(IdType.USER, "*", idsc);
            if (searchResults != null) {
                results.addAll(searchResults.getSearchResults());
            }
        }
        if (results.size() != 1) {
            logger.error("No user profile or more than one profile found.");
            throw new UnauthorizedClientException("Not able to get user from OpenAM");
        }
        amIdentity = results.iterator().next();
        //if the client is deactivated return null
        if (amIdentity.isActive()) {
            return amIdentity;
        } else {
            return null;
        }
    } catch (Exception e) {
        logger.error("Unable to get client AMIdentity: ", e);
        throw new UnauthorizedClientException("Not able to get client from OpenAM");
    }
}

Example 58 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class OpenAMScopeValidator method getTimestamps.

private AMHashMap getTimestamps(String username, String realm, String modifyTimestamp, String createTimestamp) throws IdRepoException, SSOException {
    final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
    final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
    final IdSearchControl searchConfig = new IdSearchControl();
    searchConfig.setReturnAttributes(new HashSet<String>(Arrays.asList(modifyTimestamp, createTimestamp)));
    searchConfig.setMaxResults(0);
    final IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.USER, username, searchConfig);
    final Iterator searchResultsItr = searchResults.getResultAttributes().values().iterator();
    if (searchResultsItr.hasNext()) {
        return (AMHashMap) searchResultsItr.next();
    } else {
        logger.warning("Error retrieving timestamps from datastore");
        throw new IdRepoException();
    }
}

Example 59 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdRepoTest method deleteIdentity.

@Parameters({ "realm", "uid" })
@AfterTest(groups = { "cli-idrepo", "delete-identities" })
public void deleteIdentity(String realm, String uid) throws CLIException, IdRepoException, SSOException {
    String[] param = { realm, uid };
    entering("deleteRealm", param);
    String[] args = { "delete-identities", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME, realm, CLIConstants.PREFIX_ARGUMENT_LONG + IdentityCommand.ARGUMENT_ID_TYPE, "User", CLIConstants.PREFIX_ARGUMENT_LONG + IdentityCommand.ARGUMENT_ID_NAMES, uid };
    SSOToken adminSSOToken = getAdminSSOToken();
    CLIRequest req = new CLIRequest(null, args, adminSSOToken);
    cmdManager.addToRequestQueue(req);
    cmdManager.serviceRequestQueue();
    AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
    IdSearchControl isCtl = new IdSearchControl();
    IdSearchResults isr = amir.searchIdentities(IdType.USER, uid, isCtl);
    Set results = isr.getSearchResults();
    assert (results.isEmpty());
    exiting("deleteIdentities");
}

Example 60 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class UmaPolicyApplicationListener method getIdentityAttributes.

@SuppressWarnings("unchecked")
private Map<String, Set<String>> getIdentityAttributes(AMIdentity identity) throws IdRepoException, SSOException {
    IdSearchControl searchControl = new IdSearchControl();
    searchControl.setAllReturnAttributes(true);
    searchControl.setMaxResults(0);
    SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
    IdSearchResults searchResults = idRepoFactory.create(identity.getRealm(), adminToken).searchIdentities(IdType.AGENT, identity.getName(), searchControl);
    if (searchResults.getSearchResults().size() != 1) {
        throw new IdRepoException("UmaPolicyApplicationListener.getIdentityAttributes : More than one agent found");
    }
    return new HashMap<String, Set<String>>((Map) searchResults.getResultAttributes().values().iterator().next());
}