Examples with TremoloUser com.tremolosecurity.provisioning.service.util.TremoloUser used on opensource projects

Example 1 with TremoloUser

use of com.tremolosecurity.provisioning.service.util.TremoloUser in project OpenUnison by TremoloSecurity.

the class ResetUserPasswordOnLogout method handleLogout.

@Override
public void handleLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException {
    WFCall wfCall = new WFCall();
    wfCall.setName(this.workflow);
    wfCall.setReason("Logout");
    wfCall.setUidAttributeName(this.uidAttributeName);
    TremoloUser tu = new TremoloUser();
    tu.setUid(this.userID);
    tu.getAttributes().add(new Attribute(this.uidAttributeName, this.userID));
    wfCall.setUser(tu);
    try {
        com.tremolosecurity.provisioning.workflow.ExecuteWorkflow exec = new com.tremolosecurity.provisioning.workflow.ExecuteWorkflow();
        exec.execute(wfCall, GlobalEntries.getGlobalEntries().getConfigManager());
    } catch (Exception e) {
        logger.error("Could not update user", e);
    }
}

Example 2 with TremoloUser

use of com.tremolosecurity.provisioning.service.util.TremoloUser in project OpenUnison by TremoloSecurity.

the class TremoloTarget method executeWorkFlow.

private void executeWorkFlow(String wfName, User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
    StringBuffer surl = new StringBuffer();
    surl.append(this.wfUrlBase).append("/services/wf/login");
    HttpGet get = new HttpGet(surl.toString());
    try {
        try {
            httpclient.execute(get);
        } catch (ClientProtocolException e1) {
        } catch (IOException e1) {
        }
    } finally {
        get.releaseConnection();
    }
    surl.setLength(0);
    surl.append(this.wfUrlBase).append("/services/wf/execute");
    HttpPost post = new HttpPost(surl.toString());
    try {
        TremoloUser tu = new TremoloUser();
        tu.setAttributes(new ArrayList<Attribute>());
        tu.setUid(user.getUserID());
        tu.setUserPassword(user.getPassword());
        for (String attrName : user.getAttribs().keySet()) {
            Attribute attr = user.getAttribs().get(attrName);
            if (attributes.size() == 0 || attributes.contains(attrName)) {
                tu.getAttributes().add(attr);
            }
        }
        WFCall wfcall = new WFCall();
        wfcall.setName(wfName);
        wfcall.setUidAttributeName(this.uidAttrName);
        wfcall.setUser(tu);
        wfcall.setRequestParams(new HashMap<String, Object>());
        wfcall.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
        Gson gson = new Gson();
        String jsonOut = gson.toJson(wfcall);
        List<NameValuePair> formparams = new ArrayList<NameValuePair>();
        formparams.add(new BasicNameValuePair("wfcall", jsonOut));
        UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formparams, "UTF-8");
        post.setEntity(entity);
        HttpResponse response = httpclient.execute(post);
        BufferedReader in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
        String line = null;
        StringBuffer res = new StringBuffer();
        while ((line = in.readLine()) != null) {
            // System.out.println(line);
            res.append(line).append('\n');
        }
        ProvisioningResult provRes = gson.fromJson(res.toString(), ProvisioningResult.class);
        if (!provRes.isSuccess()) {
            throw new ProvisioningException(provRes.getError().getError());
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not execute workflow", e);
    } finally {
        post.releaseConnection();
    }
}

Example 3 with TremoloUser

use of com.tremolosecurity.provisioning.service.util.TremoloUser in project OpenUnison by TremoloSecurity.

the class DeleteGroupMembers method doTask.

@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
    String localWorkflowName = task.renderTemplate(this.workflowName, request);
    String localGroupToDelete = task.renderTemplate(this.groupToDelete, request);
    String localGroupNameAttribute = task.renderTemplate(this.groupNameAttribute, request);
    String memberAttr = task.getConfigManager().getCfg().getGroupMemberAttribute();
    String[] members = null;
    String groupName = null;
    try {
        LDAPSearchResults rs = task.getConfigManager().getMyVD().search(localGroupToDelete, 0, "(objectClass=*)", new ArrayList<String>());
        rs.hasMore();
        LDAPEntry group = rs.next();
        while (rs.hasMore()) rs.next();
        if (group.getAttribute(memberAttr) != null) {
            members = group.getAttribute(memberAttr).getStringValueArray();
        } else {
            members = new String[] {};
        }
        if (group.getAttribute(localGroupNameAttribute) != null) {
            groupName = group.getAttribute(localGroupNameAttribute).getStringValue();
        } else {
            throw new ProvisioningException("Group '" + localGroupToDelete + "' has no '" + localGroupNameAttribute + "' attribute");
        }
    } catch (LDAPException e) {
        throw new ProvisioningException("Could not load from group", e);
    }
    for (String member : members) {
        try {
            LDAPSearchResults rs = task.getConfigManager().getMyVD().search(member, 0, "(objectClass=*)", new ArrayList<String>());
            rs.hasMore();
            LDAPEntry ldapMember = rs.next();
            TremoloUser userToUpdate = new TremoloUser();
            userToUpdate.setUid(ldapMember.getAttribute(this.uidAttribute).getStringValue());
            userToUpdate.getAttributes().add(new Attribute(this.uidAttribute, userToUpdate.getUid()));
            Workflow wf = task.getConfigManager().getProvisioningEngine().getWorkFlow(localWorkflowName);
            WFCall call = new WFCall();
            call.setReason("removing from to be deleted group " + localGroupToDelete);
            call.setUidAttributeName(this.uidAttribute);
            call.setUser(userToUpdate);
            call.setRequestor(this.requestor);
            call.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
            call.getRequestParams().put("openunison_grouptoremove", groupName);
            wf.executeWorkflow(call);
        } catch (LDAPException e) {
            logger.warn("Could not remove user '" + member + "'", e);
        }
    }
    return true;
}

Example 4 with TremoloUser

use of com.tremolosecurity.provisioning.service.util.TremoloUser in project OpenUnison by TremoloSecurity.

the class WorkflowImpl method executeWorkflow.

/* (non-Javadoc)
	 * @see com.tremolosecurity.provisioning.core.Workflow#executeWorkflow(com.tremolosecurity.provisioning.service.util.WFCall)
	 */
@Override
public Map<String, Object> executeWorkflow(WFCall call) throws ProvisioningException {
    TremoloUser userFromCall = call.getUser();
    String uidAttr = call.getUidAttributeName();
    HashMap<String, Attribute> attrs = new HashMap<String, Attribute>();
    for (Attribute attr : userFromCall.getAttributes()) {
        attrs.put(attr.getName(), attr);
    }
    Attribute uid = attrs.get(uidAttr);
    if (uid == null) {
        throw new ProvisioningException("No uid attribute " + uidAttr);
    }
    User user = new User(uid.getValues().get(0));
    user.getGroups().addAll(userFromCall.getGroups());
    user.getAttribs().putAll(attrs);
    if (userFromCall.getUserPassword() != null) {
        user.setPassword(userFromCall.getUserPassword());
    }
    if (call.getReason() != null) {
        user.setRequestReason(call.getReason());
    }
    return this.executeWorkflow(user, call.getRequestParams(), call.getRequestor());
}

Example 5 with TremoloUser

use of com.tremolosecurity.provisioning.service.util.TremoloUser in project OpenUnison by TremoloSecurity.

the class WebAuthnUtils method storeWebAuthnUserData.

public static void storeWebAuthnUserData(WebAuthnUserData webAuthnUserData, String encryptionKeyName, AuthInfo userData, String workflowName, String uidAttributeName, String challengeStoreAttribute) throws Exception {
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream oos = new ObjectOutputStream(baos);
    oos.writeObject(webAuthnUserData);
    EncryptedMessage msg = new EncryptedMessage();
    SecretKey key = GlobalEntries.getGlobalEntries().getConfigManager().getSecretKey(encryptionKeyName);
    if (key == null) {
        throw new Exception("User data message encryption key not found");
    }
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, key);
    msg.setMsg(cipher.doFinal(baos.toByteArray()));
    msg.setIv(cipher.getIV());
    baos = new ByteArrayOutputStream();
    DeflaterOutputStream compressor = new DeflaterOutputStream(baos, new Deflater(Deflater.BEST_COMPRESSION, true));
    Gson gson = new Gson();
    compressor.write(gson.toJson(msg).getBytes("UTF-8"));
    compressor.flush();
    compressor.close();
    String b64 = new String(java.util.Base64.getEncoder().encodeToString(baos.toByteArray()));
    userData.getAttribs().put(challengeStoreAttribute, new Attribute(challengeStoreAttribute, b64));
    WFCall wc = new WFCall();
    wc.setName(workflowName);
    wc.setUidAttributeName(uidAttributeName);
    TremoloUser tu = new TremoloUser();
    tu.setUid(userData.getAttribs().get(uidAttributeName).getValues().get(0));
    tu.getAttributes().add(new Attribute(uidAttributeName, userData.getAttribs().get(uidAttributeName).getValues().get(0)));
    tu.getAttributes().add(new Attribute(challengeStoreAttribute, b64));
    wc.setUser(tu);
    Map<String, Object> req = new HashMap<String, Object>();
    req.put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
    wc.setRequestParams(req);
    GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getWorkFlow(workflowName).executeWorkflow(wc);
}