Example 6 with User
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class ADProvider method doFindUser.
private User doFindUser(String userID, Set<String> attributes, StringBuffer filter, LDAPConnection con) throws LDAPException {
boolean externalUser = false;
LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
LDAPEntry ldapUser = null;
if (!res.hasMore()) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
} else {
try {
ldapUser = res.next();
while (res.hasMore()) res.next();
} catch (LDAPReferralException e) {
}
if (ldapUser == null) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
}
}
User user = new User(userID);
Iterator<LDAPAttribute> it = ldapUser.getAttributeSet().iterator();
while (it.hasNext()) {
LDAPAttribute attr = it.next();
Attribute userAttr = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (int i = 0; i < vals.length; i++) {
userAttr.getValues().add(vals[i]);
}
user.getAttribs().put(userAttr.getName(), userAttr);
}
if (externalUser) {
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("\\\\\\\\,","\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, equal(this.externalGroupAttr, ldapUser.getDN()).toString(), new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
} else {
StringBuffer f = new StringBuffer();
String ldapf = equal("member", ldapUser.getDN()).toString();
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("[\\\\][,]","\\\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, ldapf, new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
}
return user;
}
Also used :
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
User(com.tremolosecurity.provisioning.core.User)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
Example 7 with User
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class AttributeChange method createInternalUser.
private void createInternalUser(User user, Set<String> attributes, Map<String, Object> request, int approvalID, Workflow workflow) throws ProvisioningException {
JSONObject root = new JSONObject();
if (user.getAttribs().get("accountEnabled") != null) {
root.put("accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0).equalsIgnoreCase("true"));
}
root.put("displayName", user.getAttribs().get("displayName").getValues().get(0));
if (user.getAttribs().get("onPremisesImmutableId") != null) {
root.put("onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
String mail;
if (user.getAttribs().get("mail") != null) {
mail = user.getAttribs().get("mail").getValues().get(0);
} else {
mail = user.getAttribs().get("userPrincipalName").getValues().get(0);
}
String mailNickName = mail.substring(0, mail.indexOf('@'));
root.put("mailNickname", mailNickName);
root.put("userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
JSONObject passwordPolicy = new JSONObject();
if (user.getPassword() != null && !user.getPassword().isEmpty()) {
passwordPolicy.put("password", user.getPassword());
} else {
passwordPolicy.put("password", new GenPasswd(50, true, true, true, true).getPassword());
}
passwordPolicy.put("forceChangePasswordNextSignIn", request.get("tremolo.azuread.create.forceChangePasswordNextSignIn") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignIn").equals("true"));
passwordPolicy.put("forceChangePasswordNextSignInWithMfa", request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa").equals("true"));
root.put("passwordProfile", passwordPolicy);
HttpCon con = null;
try {
con = this.createClient();
String json = this.callWSPostJsonReesponseExpected(con, "/users", root.toString());
JSONObject resp = (JSONObject) new JSONParser().parse(json);
user.getAttribs().put("id", new Attribute("id", (String) resp.get("id")));
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "password", "*********8");
if (user.getAttribs().get("accountEnabled") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0));
}
if (user.getAttribs().get("onPremisesImmutableId") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
User fromAzure = new User(user.getUserID());
fromAzure.getAttribs().put("id", new Attribute("id", user.getAttribs().get("id").getValues().get(0)));
fromAzure.getAttribs().put("userPrincipalName", new Attribute("displayName", user.getAttribs().get("userPrincipalName").getValues().get(0)));
this.synUser(user, true, attributes, fromAzure, approvalID, workflow);
} catch (Exception e) {
throw new ProvisioningException("Could not create user", e);
} finally {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
Also used :
GenPasswd(com.tremolosecurity.provisioning.util.GenPasswd)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
User(com.tremolosecurity.provisioning.core.User)
JSONObject(org.json.simple.JSONObject)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONParser(org.json.simple.parser.JSONParser)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 8 with User
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class AttributeChange method syncUser.
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
User fromAzure = this.findUser(user.getUserID(), attributes, request);
if (fromAzure == null) {
this.createUser(user, attributes, request);
return;
}
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
synUser(user, addOnly, attributes, fromAzure, approvalID, workflow);
}Example 9 with User
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method deleteUser.
@Override
public void deleteUser(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
HashSet<String> attrs = new HashSet<String>();
attrs.add("id");
attrs.add("username");
User fromServer = this.findUser(user.getUserID(), attrs, request);
if (fromServer == null) {
logger.warn("User '" + user.getUserID() + "' not found");
return;
}
String id = fromServer.getAttribs().get("id").getValues().get(0);
StringBuilder sb = new StringBuilder();
sb.append("/api/v4/users/").append(id);
HttpCon con = null;
try {
con = this.createClient();
String jsonFromMatterMost = this.callDeleteWS(con, sb.toString());
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, "delete_at", "0");
} catch (Exception e) {
throw new ProvisioningException("Could not delete '" + user.getUserID() + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Also used :
User(com.tremolosecurity.provisioning.core.User)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
HashSet(java.util.HashSet)
Example 10 with User
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method findUser.
@Override
public User findUser(String userID, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
userID = userID.toLowerCase();
HttpCon con = null;
try {
con = this.createClient();
JSONObject mmUser = loadUserJson(userID, con);
if (mmUser == null) {
return null;
}
User user = new User(userID);
for (String attribute : attributes) {
Object val = mmUser.get(attribute);
if (val != null) {
user.getAttribs().put(attribute, new Attribute(attribute, val.toString()));
}
}
String groups = (String) mmUser.get("roles");
if (groups != null) {
StringTokenizer toker = new StringTokenizer(groups, " ", false);
while (toker.hasMoreTokens()) {
user.getGroups().add(toker.nextToken());
}
}
return user;
} catch (Exception e) {
throw new ProvisioningException("Could not load '" + userID + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Also used :
StringTokenizer(java.util.StringTokenizer)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
User(com.tremolosecurity.provisioning.core.User)
JSONObject(org.json.simple.JSONObject)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONObject(org.json.simple.JSONObject)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
Aggregations
User (com.tremolosecurity.provisioning.core.User)64
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)44
Attribute (com.tremolosecurity.saml.Attribute)33
IOException (java.io.IOException)25
ArrayList (java.util.ArrayList)21
HttpCon (com.tremolosecurity.provisioning.util.HttpCon)18
LDAPAttribute (com.novell.ldap.LDAPAttribute)17
HashMap (java.util.HashMap)17
Workflow (com.tremolosecurity.provisioning.core.Workflow)16
ClientProtocolException (org.apache.http.client.ClientProtocolException)16
UnsupportedEncodingException (java.io.UnsupportedEncodingException)15
LDAPException (com.novell.ldap.LDAPException)14
HashSet (java.util.HashSet)14
LDAPEntry (com.novell.ldap.LDAPEntry)13
JSONObject (org.json.simple.JSONObject)13
ParseException (org.json.simple.parser.ParseException)13
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)11
JSONArray (org.json.simple.JSONArray)10
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9
SQLException (java.sql.SQLException)9
