Search in sources :

Example 6 with Workflow

use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.

the class ADProvider method doSync.

private void doSync(User user, boolean fromUserOnly, Set<String> attributes, StringBuffer filter, LDAPConnection con, Map<String, Object> request) throws LDAPException, ProvisioningException {
    LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
    int approvalID = 0;
    boolean isExternal = false;
    LDAPEntry ldapUser = null;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    if (!res.hasMore()) {
        if (this.supportExternalUsers) {
            ldapUser = this.getMyVDUser(filter);
            if (ldapUser == null) {
                this.createUser(user, attributes, request);
            } else {
                isExternal = true;
                ArrayList<LDAPModification> mods = new ArrayList<LDAPModification>();
                HashSet<String> done = new HashSet<String>();
                syncUser(user, fromUserOnly, attributes, con, approvalID, workflow, mods, done, ldapUser, isExternal, request);
            }
        } else {
            this.createUser(user, attributes, request);
        }
    } else {
        ArrayList<LDAPModification> mods = new ArrayList<LDAPModification>();
        HashSet<String> done = new HashSet<String>();
        try {
            ldapUser = res.next();
            try {
                while (res.hasMore()) res.next();
            } catch (LDAPReferralException e) {
            }
        } catch (LDAPReferralException e) {
            if (this.supportExternalUsers) {
                ldapUser = this.getMyVDUser(filter);
                if (ldapUser == null) {
                    this.createUser(user, attributes, request);
                    return;
                } else {
                    isExternal = true;
                }
            } else {
                this.createUser(user, attributes, request);
                return;
            }
        }
        syncUser(user, fromUserOnly, attributes, con, approvalID, workflow, mods, done, ldapUser, isExternal, request);
    }
}
Also used : LDAPReferralException(com.novell.ldap.LDAPReferralException) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPModification(com.novell.ldap.LDAPModification) ArrayList(java.util.ArrayList) Workflow(com.tremolosecurity.provisioning.core.Workflow) HashSet(java.util.HashSet)

Example 7 with Workflow

use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.

the class ADProvider method doSetPassword.

private void doSetPassword(User user, StringBuffer filter, LDAPConnection con, Map<String, Object> request) throws LDAPException, ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    LDAPSearchResults res = con.search(this.searchBase, 2, filter.toString(), new String[] { "1.1" }, false);
    if (!res.hasMore()) {
        throw new ProvisioningException("Could not find user");
    }
    LDAPEntry entry = res.next();
    String dn = entry.getDN();
    StringBuffer password = new StringBuffer();
    password.append('"').append(user.getPassword()).append('"');
    byte[] unicodePwd;
    try {
        unicodePwd = password.toString().getBytes("UTF-16LE");
    } catch (UnsupportedEncodingException e) {
        throw new ProvisioningException("Could not generate password", e);
    }
    LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, new LDAPAttribute("unicodePwd", unicodePwd));
    try {
        con.modify(dn, mod);
        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Replace, approvalID, workflow, "unicodePwd", "*******");
    } catch (LDAPException e) {
        throw new ProvisioningException("Could not set password", e);
    }
    res = con.search(dn, 0, "(objectClass=*)", new String[] { "userAccountControl" }, false);
    res.hasMore();
    entry = res.next();
    LDAPAttribute attr = entry.getAttribute("userAccountControl");
    int val = Integer.parseInt(attr.getStringValue());
    if (!user.getAttribs().containsKey("userAccountControl")) {
        if ((val & 2) == 2) {
            val -= 2;
        }
        if ((val & 65536) != 65536) {
            val += 65536;
        }
        mod = new LDAPModification(LDAPModification.REPLACE, new LDAPAttribute("userAccountControl", Integer.toString(val)));
        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Replace, approvalID, workflow, "userAccountControl", Integer.toString(val));
        con.modify(dn, mod);
    } else {
        int userAccountControlFromUser = Integer.parseInt(user.getAttribs().get("userAccountControl").getValues().get(0));
        if (val != userAccountControlFromUser) {
            mod = new LDAPModification(LDAPModification.REPLACE, new LDAPAttribute("userAccountControl", Integer.toString(userAccountControlFromUser)));
            this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Replace, approvalID, workflow, "userAccountControl", Integer.toString(userAccountControlFromUser));
            con.modify(dn, mod);
        }
    }
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPException(com.novell.ldap.LDAPException) LDAPModification(com.novell.ldap.LDAPModification) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) Workflow(com.tremolosecurity.provisioning.core.Workflow) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 8 with Workflow

use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.

the class AttributeChange method syncUser.

@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
    User fromAzure = this.findUser(user.getUserID(), attributes, request);
    if (fromAzure == null) {
        this.createUser(user, attributes, request);
        return;
    }
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    synUser(user, addOnly, attributes, fromAzure, approvalID, workflow);
}
Also used : User(com.tremolosecurity.provisioning.core.User) Workflow(com.tremolosecurity.provisioning.core.Workflow)

Example 9 with Workflow

use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.

the class MatterMostProvider method deleteUser.

@Override
public void deleteUser(User user, Map<String, Object> request) throws ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    HashSet<String> attrs = new HashSet<String>();
    attrs.add("id");
    attrs.add("username");
    User fromServer = this.findUser(user.getUserID(), attrs, request);
    if (fromServer == null) {
        logger.warn("User '" + user.getUserID() + "' not found");
        return;
    }
    String id = fromServer.getAttribs().get("id").getValues().get(0);
    StringBuilder sb = new StringBuilder();
    sb.append("/api/v4/users/").append(id);
    HttpCon con = null;
    try {
        con = this.createClient();
        String jsonFromMatterMost = this.callDeleteWS(con, sb.toString());
        this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, "delete_at", "0");
    } catch (Exception e) {
        throw new ProvisioningException("Could not delete '" + user.getUserID() + "'", e);
    } finally {
        if (con != null) {
            try {
                con.getHttp().close();
            } catch (IOException e) {
            }
            con.getBcm().close();
        }
    }
}
Also used : User(com.tremolosecurity.provisioning.core.User) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) Workflow(com.tremolosecurity.provisioning.core.Workflow) IOException(java.io.IOException) ClientProtocolException(org.apache.http.client.ClientProtocolException) ParseException(org.json.simple.parser.ParseException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) HashSet(java.util.HashSet)

Example 10 with Workflow

use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.

the class MatterMostProvider method createUser.

@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    String userID = user.getUserID();
    HttpCon con = null;
    try {
        con = this.createClient();
        JSONObject newUser = new JSONObject();
        for (String attribute : attributes) {
            Attribute attr = user.getAttribs().get(attribute);
            if (attr != null) {
                newUser.put(attr.getName(), attr.getValues().get(0));
            }
        }
        StringBuilder sb = new StringBuilder();
        for (String group : user.getGroups()) {
            sb.append(group).append(' ');
        }
        String groups = sb.toString().trim();
        if (!groups.isEmpty()) {
            newUser.put("roles", groups);
        }
        if (user.getPassword() != null) {
            // user.setPassword(new GenPasswd(25,true,true,true,true).getPassword());
            newUser.put("password", user.getPassword());
        }
        this.callWSPost(con, "/api/v4/users", newUser.toString());
        this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "username", userID);
        for (String attribute : attributes) {
            Attribute attr = user.getAttribs().get(attribute);
            if (attr != null) {
                this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attr.getName(), attr.getValues().get(0));
            }
        }
        if (user.getPassword() != null) {
            this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "password", "*******");
        }
        for (String group : user.getGroups()) {
            this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "role", group);
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could create '" + userID + "'", e);
    } finally {
        if (con != null) {
            try {
                con.getHttp().close();
            } catch (IOException e) {
            }
            con.getBcm().close();
        }
    }
}
Also used : HttpCon(com.tremolosecurity.provisioning.util.HttpCon) JSONObject(org.json.simple.JSONObject) Attribute(com.tremolosecurity.saml.Attribute) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) Workflow(com.tremolosecurity.provisioning.core.Workflow) IOException(java.io.IOException) ClientProtocolException(org.apache.http.client.ClientProtocolException) ParseException(org.json.simple.parser.ParseException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException)

Aggregations

Workflow (com.tremolosecurity.provisioning.core.Workflow)78 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)68 HttpCon (com.tremolosecurity.provisioning.util.HttpCon)32 IOException (java.io.IOException)30 UnsupportedEncodingException (java.io.UnsupportedEncodingException)22 ClientProtocolException (org.apache.http.client.ClientProtocolException)21 Attribute (com.tremolosecurity.saml.Attribute)19 ArrayList (java.util.ArrayList)18 LDAPException (com.novell.ldap.LDAPException)17 HashMap (java.util.HashMap)17 User (com.tremolosecurity.provisioning.core.User)16 HashSet (java.util.HashSet)15 ParseException (org.json.simple.parser.ParseException)14 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)12 JSONObject (org.json.simple.JSONObject)12 Gson (com.google.gson.Gson)11 LDAPEntry (com.novell.ldap.LDAPEntry)11 LDAPAttribute (com.novell.ldap.LDAPAttribute)10 GitLabApiException (org.gitlab4j.api.GitLabApiException)10 SQLException (java.sql.SQLException)9