use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class OktaTarget method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
com.okta.sdk.resource.user.User forOkta = null;
UserBuilder ub = UserBuilder.instance();
HashMap<String, Object> profile = new HashMap<String, Object>();
for (String attrName : user.getAttribs().keySet()) {
if (attributes.contains(attrName)) {
profile.put(attrName, user.getAttribs().get(attrName).getValues().get(0));
}
}
ub.setProfileProperties(profile);
for (String group : user.getGroups()) {
GroupList gl = okta.listGroups(group, null, null);
ub.addGroup(gl.iterator().next().getId());
}
ub.buildAndCreate(this.okta);
this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "login", user.getUserID());
for (String attrName : user.getAttribs().keySet()) {
if (attributes.contains(attrName)) {
profile.put(attrName, user.getAttribs().get(attrName).getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, attrName, user.getAttribs().get(attrName).getValues().get(0));
}
}
for (String group : user.getGroups()) {
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "group", group);
}
}
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class OktaTarget method deleteUser.
@Override
public void deleteUser(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
com.okta.sdk.resource.user.User fromOkta = null;
try {
fromOkta = okta.getUser(user.getUserID());
} catch (ResourceException e) {
throw new ProvisioningException("Could not lookup user", e);
}
fromOkta.deactivate();
fromOkta.delete();
this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Delete, approvalID, workflow, "login", user.getUserID());
}
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method syncUser.
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
Gson gson = new Gson();
User fromServer = this.findUser(user.getUserID(), attributes, request);
if (fromServer == null) {
this.createUser(user, attributes, request);
} else {
StringBuffer b = new StringBuffer();
String token = null;
if (attributes.contains("fullName")) {
if (user.getAttribs().get("fullName") != null) {
String fullName = user.getAttribs().get("fullName").getValues().get(0);
String fromServerFullName = fromServer.getAttribs().get("fullName") != null ? fromServer.getAttribs().get("fullName").getValues().get(0) : null;
if (fromServerFullName == null || !fromServerFullName.equalsIgnoreCase(fullName)) {
try {
token = setFullName(user, approvalID, workflow, gson, b);
} catch (Exception e) {
throw new ProvisioningException("Could not set fullName from " + user.getUserID(), e);
}
}
} else {
if (!addOnly) {
try {
token = deleteFullName(user, approvalID, workflow, gson, b);
} catch (Exception e) {
throw new ProvisioningException("Could not delete fullName from " + user.getUserID(), e);
}
}
}
}
try {
syncGroups(user, addOnly, approvalID, workflow, fromServer, token);
} catch (Exception e) {
throw new ProvisioningException("Could not sync groups for " + user.getUserID(), e);
}
}
}
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
com.tremolosecurity.unison.openshiftv3.model.users.User osUser = new com.tremolosecurity.unison.openshiftv3.model.users.User();
osUser.setKind("User");
osUser.setApiVersion("user.openshift.io/v1");
osUser.getMetadata().put("name", user.getUserID());
if (user.getAttribs().get("fullName") != null) {
osUser.setFullName(user.getAttribs().get("fullName").getValues().get(0));
}
Gson gson = new Gson();
try {
String token = this.getAuthToken();
HttpCon con = this.createClient();
try {
String json = gson.toJson(osUser);
StringBuffer b = new StringBuffer();
b.append("/apis/user.openshift.io/v1/users");
osUser = gson.fromJson(this.callWSPost(token, con, b.toString(), json), com.tremolosecurity.unison.openshiftv3.model.users.User.class);
if (!osUser.getKind().equals("User")) {
throw new ProvisioningException("Could not create user " + user.getUserID() + " - " + osUser.getReason());
}
this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "name", user.getUserID());
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "name", (String) osUser.getMetadata().get("name"));
if (user.getAttribs().get("fullName") != null) {
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "fullName", osUser.getFullName());
}
for (String groupName : user.getGroups()) {
this.addUserToGroup(token, con, user.getUserID(), groupName, approvalID, workflow);
}
} finally {
if (con != null) {
con.getBcm().shutdown();
}
}
} catch (Exception e) {
throw new ProvisioningException("Could not create user", e);
}
}
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method addGroup.
@Override
public void addGroup(String name, Map<String, String> additionalAttributes, User user, Map<String, Object> request) throws ProvisioningException {
HttpCon con = null;
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
try {
String token = this.getAuthToken();
con = this.createClient();
Gson gson = new Gson();
// first lets see if the group exists
StringBuilder sb = new StringBuilder();
sb.append("/apis/user.openshift.io/v1/groups/").append(name);
com.tremolosecurity.unison.openshiftv3.model.groups.Group group = new com.tremolosecurity.unison.openshiftv3.model.groups.Group();
group.setKind("Group");
group.setApiVersion("user.openshift.io/v1");
group.setMetadata(new HashMap<String, Object>());
group.getMetadata().put("name", name);
group.getMetadata().put("creationTimestamp", null);
group.setUsers(null);
String jsonInput = gson.toJson(group);
if (!this.isObjectExists(token, con, "/apis/user.openshift.io/v1/groups", jsonInput)) {
String json = this.callWSPost(token, con, "/apis/user.openshift.io/v1/groups", jsonInput);
Response resp = gson.fromJson(json, Response.class);
if (resp.getKind().equalsIgnoreCase("Group")) {
this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "group-object", name);
} else {
throw new ProvisioningException("Unknown response : '" + json + "'");
}
}
} catch (Exception e) {
throw new ProvisioningException("Could not load group", e);
} finally {
if (con != null) {
con.getBcm().close();
}
}
}
Aggregations