Example 1 with UserDetails
use of com.sun.identity.idsvcs.UserDetails in project OpenAM by OpenRock.
the class IdentityServicesImpl method attributes.
private UserDetails attributes(List<String> attributeNames, Token subject, Boolean refresh) throws TokenExpired, GeneralFailure, AccessDenied {
UserDetails details = new UserDetails();
try {
SSOToken ssoToken = getSSOToken(subject);
if (refresh != null && refresh) {
SSOTokenManager.getInstance().refreshSession(ssoToken);
}
Map<String, Set<String>> sessionAttributes = new HashMap<>();
Set<String> s;
if (attributeNames != null) {
String propertyNext;
for (String attrNext : attributeNames) {
s = new HashSet<>();
if (attrNext.equalsIgnoreCase("idletime")) {
s.add(Long.toString(ssoToken.getIdleTime()));
} else if (attrNext.equalsIgnoreCase("timeleft")) {
s.add(Long.toString(ssoToken.getTimeLeft()));
} else if (attrNext.equalsIgnoreCase("maxsessiontime")) {
s.add(Long.toString(ssoToken.getMaxSessionTime()));
} else if (attrNext.equalsIgnoreCase("maxidletime")) {
s.add(Long.toString(ssoToken.getMaxIdleTime()));
} else {
propertyNext = ssoToken.getProperty(attrNext);
if (propertyNext != null && !propertyNext.isEmpty()) {
s.add(propertyNext);
}
}
if (!s.isEmpty()) {
sessionAttributes.put(attrNext, s);
}
}
}
// Obtain user memberships (roles and groups)
AMIdentity userIdentity = IdUtils.getIdentity(ssoToken);
if (isSpecialUser(userIdentity)) {
throw new AccessDenied("Cannot retrieve attributes for this user.");
}
// Determine the types that can have members
SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
AMIdentityRepository idrepo = new AMIdentityRepository(userIdentity.getRealm(), adminToken);
Set<IdType> supportedTypes = idrepo.getSupportedIdTypes();
Set<IdType> membersTypes = new HashSet<>();
for (IdType type : supportedTypes) {
if (type.canHaveMembers().contains(userIdentity.getType())) {
membersTypes.add(type);
}
}
// Determine the roles and groups
List<String> roles = new ArrayList<>();
for (IdType type : membersTypes) {
try {
Set<AMIdentity> memberships = userIdentity.getMemberships(type);
for (AMIdentity membership : memberships) {
roles.add(membership.getUniversalId());
}
} catch (IdRepoException ire) {
debug.message("IdentityServicesImpl:attributes", ire);
// Ignore and continue
}
}
String[] r = new String[roles.size()];
details.setRoles(roles.toArray(r));
Map<String, Set<String>> userAttributes;
if (attributeNames != null) {
Set<String> attrNames = new HashSet<>(attributeNames);
userAttributes = userIdentity.getAttributes(attrNames);
} else {
userAttributes = userIdentity.getAttributes();
}
if (userAttributes != null) {
for (Map.Entry<String, Set<String>> entry : sessionAttributes.entrySet()) {
if (userAttributes.keySet().contains(entry.getKey())) {
userAttributes.get(entry.getKey()).addAll(entry.getValue());
} else {
userAttributes.put(entry.getKey(), entry.getValue());
}
}
} else {
userAttributes = sessionAttributes;
}
List<Attribute> attributes = new ArrayList<>(userAttributes.size());
for (String name : userAttributes.keySet()) {
Attribute attribute = new Attribute();
attribute.setName(name);
Set<String> value = userAttributes.get(name);
if (value != null && !value.isEmpty()) {
List<String> valueList = new ArrayList<>(value.size());
// Convert the set to a List of String
for (String next : value) {
if (next != null) {
valueList.add(next);
}
}
String[] v = new String[valueList.size()];
attribute.setValues(valueList.toArray(v));
attributes.add(attribute);
}
}
Attribute[] a = new Attribute[attributes.size()];
details.setAttributes(attributes.toArray(a));
} catch (IdRepoException e) {
debug.error("IdentityServicesImpl:attributes", e);
throw new GeneralFailure(e.getMessage());
} catch (SSOException e) {
debug.error("IdentityServicesImpl:attributes", e);
throw new GeneralFailure(e.getMessage());
} catch (TokenExpired e) {
debug.warning("IdentityServicesImpl:attributes original error", e);
throw new TokenExpired("Cannot retrieve Token.");
}
//TODO handle token translation
details.setToken(subject);
return details;
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
Attribute(com.sun.identity.idsvcs.Attribute)
ArrayList(java.util.ArrayList)
SSOException(com.iplanet.sso.SSOException)
UserDetails(com.sun.identity.idsvcs.UserDetails)
TokenExpired(com.sun.identity.idsvcs.TokenExpired)
HashSet(java.util.HashSet)
IdRepoException(com.sun.identity.idm.IdRepoException)
AccessDenied(com.sun.identity.idsvcs.AccessDenied)
IdType(com.sun.identity.idm.IdType)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
GeneralFailure(com.sun.identity.idsvcs.GeneralFailure)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
SSOException (com.iplanet.sso.SSOException)1
SSOToken (com.iplanet.sso.SSOToken)1
AMIdentity (com.sun.identity.idm.AMIdentity)1
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)1
IdRepoException (com.sun.identity.idm.IdRepoException)1
IdType (com.sun.identity.idm.IdType)1
AccessDenied (com.sun.identity.idsvcs.AccessDenied)1
Attribute (com.sun.identity.idsvcs.Attribute)1
GeneralFailure (com.sun.identity.idsvcs.GeneralFailure)1
TokenExpired (com.sun.identity.idsvcs.TokenExpired)1
UserDetails (com.sun.identity.idsvcs.UserDetails)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
Map (java.util.Map)1
Set (java.util.Set)1
