use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class ADProvider method doFindUser.
private User doFindUser(String userID, Set<String> attributes, StringBuffer filter, LDAPConnection con) throws LDAPException {
boolean externalUser = false;
LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
LDAPEntry ldapUser = null;
if (!res.hasMore()) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
} else {
try {
ldapUser = res.next();
while (res.hasMore()) res.next();
} catch (LDAPReferralException e) {
}
if (ldapUser == null) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
}
}
User user = new User(userID);
Iterator<LDAPAttribute> it = ldapUser.getAttributeSet().iterator();
while (it.hasNext()) {
LDAPAttribute attr = it.next();
Attribute userAttr = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (int i = 0; i < vals.length; i++) {
userAttr.getValues().add(vals[i]);
}
user.getAttribs().put(userAttr.getName(), userAttr);
}
if (externalUser) {
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("\\\\\\\\,","\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, equal(this.externalGroupAttr, ldapUser.getDN()).toString(), new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
} else {
StringBuffer f = new StringBuffer();
String ldapf = equal("member", ldapUser.getDN()).toString();
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("[\\\\][,]","\\\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, ldapf, new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
}
return user;
}
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class AttributeChange method createInternalUser.
private void createInternalUser(User user, Set<String> attributes, Map<String, Object> request, int approvalID, Workflow workflow) throws ProvisioningException {
JSONObject root = new JSONObject();
if (user.getAttribs().get("accountEnabled") != null) {
root.put("accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0).equalsIgnoreCase("true"));
}
root.put("displayName", user.getAttribs().get("displayName").getValues().get(0));
if (user.getAttribs().get("onPremisesImmutableId") != null) {
root.put("onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
String mail;
if (user.getAttribs().get("mail") != null) {
mail = user.getAttribs().get("mail").getValues().get(0);
} else {
mail = user.getAttribs().get("userPrincipalName").getValues().get(0);
}
String mailNickName = mail.substring(0, mail.indexOf('@'));
root.put("mailNickname", mailNickName);
root.put("userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
JSONObject passwordPolicy = new JSONObject();
if (user.getPassword() != null && !user.getPassword().isEmpty()) {
passwordPolicy.put("password", user.getPassword());
} else {
passwordPolicy.put("password", new GenPasswd(50, true, true, true, true).getPassword());
}
passwordPolicy.put("forceChangePasswordNextSignIn", request.get("tremolo.azuread.create.forceChangePasswordNextSignIn") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignIn").equals("true"));
passwordPolicy.put("forceChangePasswordNextSignInWithMfa", request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa").equals("true"));
root.put("passwordProfile", passwordPolicy);
HttpCon con = null;
try {
con = this.createClient();
String json = this.callWSPostJsonReesponseExpected(con, "/users", root.toString());
JSONObject resp = (JSONObject) new JSONParser().parse(json);
user.getAttribs().put("id", new Attribute("id", (String) resp.get("id")));
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "password", "*********8");
if (user.getAttribs().get("accountEnabled") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0));
}
if (user.getAttribs().get("onPremisesImmutableId") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
User fromAzure = new User(user.getUserID());
fromAzure.getAttribs().put("id", new Attribute("id", user.getAttribs().get("id").getValues().get(0)));
fromAzure.getAttribs().put("userPrincipalName", new Attribute("displayName", user.getAttribs().get("userPrincipalName").getValues().get(0)));
this.synUser(user, true, attributes, fromAzure, approvalID, workflow);
} catch (Exception e) {
throw new ProvisioningException("Could not create user", e);
} finally {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class AttributeChange method syncUser.
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
User fromAzure = this.findUser(user.getUserID(), attributes, request);
if (fromAzure == null) {
this.createUser(user, attributes, request);
return;
}
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
synUser(user, addOnly, attributes, fromAzure, approvalID, workflow);
}
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method deleteUser.
@Override
public void deleteUser(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
HashSet<String> attrs = new HashSet<String>();
attrs.add("id");
attrs.add("username");
User fromServer = this.findUser(user.getUserID(), attrs, request);
if (fromServer == null) {
logger.warn("User '" + user.getUserID() + "' not found");
return;
}
String id = fromServer.getAttribs().get("id").getValues().get(0);
StringBuilder sb = new StringBuilder();
sb.append("/api/v4/users/").append(id);
HttpCon con = null;
try {
con = this.createClient();
String jsonFromMatterMost = this.callDeleteWS(con, sb.toString());
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, "delete_at", "0");
} catch (Exception e) {
throw new ProvisioningException("Could not delete '" + user.getUserID() + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
use of com.tremolosecurity.provisioning.core.User in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method findUser.
@Override
public User findUser(String userID, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
userID = userID.toLowerCase();
HttpCon con = null;
try {
con = this.createClient();
JSONObject mmUser = loadUserJson(userID, con);
if (mmUser == null) {
return null;
}
User user = new User(userID);
for (String attribute : attributes) {
Object val = mmUser.get(attribute);
if (val != null) {
user.getAttribs().put(attribute, new Attribute(attribute, val.toString()));
}
}
String groups = (String) mmUser.get("roles");
if (groups != null) {
StringTokenizer toker = new StringTokenizer(groups, " ", false);
while (toker.hasMoreTokens()) {
user.getGroups().add(toker.nextToken());
}
}
return user;
} catch (Exception e) {
throw new ProvisioningException("Could not load '" + userID + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Aggregations