Example 1 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class ResetUserPasswordOnLogout method handleLogout.
@Override
public void handleLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException {
WFCall wfCall = new WFCall();
wfCall.setName(this.workflow);
wfCall.setReason("Logout");
wfCall.setUidAttributeName(this.uidAttributeName);
TremoloUser tu = new TremoloUser();
tu.setUid(this.userID);
tu.getAttributes().add(new Attribute(this.uidAttributeName, this.userID));
wfCall.setUser(tu);
try {
com.tremolosecurity.provisioning.workflow.ExecuteWorkflow exec = new com.tremolosecurity.provisioning.workflow.ExecuteWorkflow();
exec.execute(wfCall, GlobalEntries.getGlobalEntries().getConfigManager());
} catch (Exception e) {
logger.error("Could not update user", e);
}
}
Also used :
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
Attribute(com.tremolosecurity.saml.Attribute)
ServletException(javax.servlet.ServletException)
Example 2 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class TremoloTarget method executeWorkFlow.
private void executeWorkFlow(String wfName, User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
StringBuffer surl = new StringBuffer();
surl.append(this.wfUrlBase).append("/services/wf/login");
HttpGet get = new HttpGet(surl.toString());
try {
try {
httpclient.execute(get);
} catch (ClientProtocolException e1) {
} catch (IOException e1) {
}
} finally {
get.releaseConnection();
}
surl.setLength(0);
surl.append(this.wfUrlBase).append("/services/wf/execute");
HttpPost post = new HttpPost(surl.toString());
try {
TremoloUser tu = new TremoloUser();
tu.setAttributes(new ArrayList<Attribute>());
tu.setUid(user.getUserID());
tu.setUserPassword(user.getPassword());
for (String attrName : user.getAttribs().keySet()) {
Attribute attr = user.getAttribs().get(attrName);
if (attributes.size() == 0 || attributes.contains(attrName)) {
tu.getAttributes().add(attr);
}
}
WFCall wfcall = new WFCall();
wfcall.setName(wfName);
wfcall.setUidAttributeName(this.uidAttrName);
wfcall.setUser(tu);
wfcall.setRequestParams(new HashMap<String, Object>());
wfcall.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
Gson gson = new Gson();
String jsonOut = gson.toJson(wfcall);
List<NameValuePair> formparams = new ArrayList<NameValuePair>();
formparams.add(new BasicNameValuePair("wfcall", jsonOut));
UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formparams, "UTF-8");
post.setEntity(entity);
HttpResponse response = httpclient.execute(post);
BufferedReader in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
String line = null;
StringBuffer res = new StringBuffer();
while ((line = in.readLine()) != null) {
// System.out.println(line);
res.append(line).append('\n');
}
ProvisioningResult provRes = gson.fromJson(res.toString(), ProvisioningResult.class);
if (!provRes.isSuccess()) {
throw new ProvisioningException(provRes.getError().getError());
}
} catch (Exception e) {
throw new ProvisioningException("Could not execute workflow", e);
} finally {
post.releaseConnection();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
NameValuePair(org.apache.http.NameValuePair)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
InputStreamReader(java.io.InputStreamReader)
Attribute(com.tremolosecurity.saml.Attribute)
HttpGet(org.apache.http.client.methods.HttpGet)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
ArrayList(java.util.ArrayList)
Gson(com.google.gson.Gson)
HttpResponse(org.apache.http.HttpResponse)
IOException(java.io.IOException)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
MalformedCookieException(org.apache.http.cookie.MalformedCookieException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
BufferedReader(java.io.BufferedReader)
Example 3 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class ExecuteWorkflow method doPost.
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Gson gson = new Gson();
String wfcall = req.getParameter("wfcall");
if (wfcall == null) {
logger.error("Could not get workflow call");
resp.setStatus(500);
ProvisioningError pe = new ProvisioningError();
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(false);
pres.setError(pe);
pe.setError("Could not get workflow call");
gson = new Gson();
resp.getOutputStream().print(gson.toJson(pres));
return;
}
String line;
StringBuffer json = new StringBuffer();
BufferedReader in = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(wfcall.getBytes("UTF-8"))));
while ((line = in.readLine()) != null) {
json.append(line).append('\n');
}
WFCall wfCall = gson.fromJson(json.toString(), WFCall.class);
if (wfCall == null) {
logger.error("Could not get workflow call");
resp.setStatus(500);
ProvisioningError pe = new ProvisioningError();
pe.setError("Could not get workflow call");
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(false);
pres.setError(pe);
gson = new Gson();
resp.getOutputStream().print(gson.toJson(pres));
return;
}
List<ApprovalData> autoApprovals = null;
try {
// TremoloContext.getContext().getConfigManager("proxy").getProvisioningEngine().getWorkFlow(wfCall.getName()).executeWorkflow(wfCall);
com.tremolosecurity.provisioning.workflow.ExecuteWorkflow exec = new com.tremolosecurity.provisioning.workflow.ExecuteWorkflow();
exec.execute(wfCall, GlobalEntries.getGlobalEntries().getConfigManager());
ProvisioningResult res = new ProvisioningResult();
res.setSuccess(true);
resp.getOutputStream().print(gson.toJson(res));
} catch (Throwable t) {
logger.error("Error executing workflow", t);
resp.setStatus(500);
ProvisioningError pe = new ProvisioningError();
pe.setError("Error executing workflow");
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(false);
pres.setError(pe);
gson = new Gson();
resp.getOutputStream().print(gson.toJson(pres));
}
}
Also used :
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
InputStreamReader(java.io.InputStreamReader)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
Gson(com.google.gson.Gson)
ApprovalData(com.tremolosecurity.provisioning.workflow.ApprovalData)
ProvisioningError(com.tremolosecurity.provisioning.service.util.ProvisioningError)
ByteArrayInputStream(java.io.ByteArrayInputStream)
BufferedReader(java.io.BufferedReader)
Example 4 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class DeleteGroupMembers method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
String localWorkflowName = task.renderTemplate(this.workflowName, request);
String localGroupToDelete = task.renderTemplate(this.groupToDelete, request);
String localGroupNameAttribute = task.renderTemplate(this.groupNameAttribute, request);
String memberAttr = task.getConfigManager().getCfg().getGroupMemberAttribute();
String[] members = null;
String groupName = null;
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(localGroupToDelete, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry group = rs.next();
while (rs.hasMore()) rs.next();
if (group.getAttribute(memberAttr) != null) {
members = group.getAttribute(memberAttr).getStringValueArray();
} else {
members = new String[] {};
}
if (group.getAttribute(localGroupNameAttribute) != null) {
groupName = group.getAttribute(localGroupNameAttribute).getStringValue();
} else {
throw new ProvisioningException("Group '" + localGroupToDelete + "' has no '" + localGroupNameAttribute + "' attribute");
}
} catch (LDAPException e) {
throw new ProvisioningException("Could not load from group", e);
}
for (String member : members) {
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(member, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry ldapMember = rs.next();
TremoloUser userToUpdate = new TremoloUser();
userToUpdate.setUid(ldapMember.getAttribute(this.uidAttribute).getStringValue());
userToUpdate.getAttributes().add(new Attribute(this.uidAttribute, userToUpdate.getUid()));
Workflow wf = task.getConfigManager().getProvisioningEngine().getWorkFlow(localWorkflowName);
WFCall call = new WFCall();
call.setReason("removing from to be deleted group " + localGroupToDelete);
call.setUidAttributeName(this.uidAttribute);
call.setUser(userToUpdate);
call.setRequestor(this.requestor);
call.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
call.getRequestParams().put("openunison_grouptoremove", groupName);
wf.executeWorkflow(call);
} catch (LDAPException e) {
logger.warn("Could not remove user '" + member + "'", e);
}
}
return true;
}
Also used :
LDAPEntry(com.novell.ldap.LDAPEntry)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
Example 5 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class WebAuthnUtils method storeWebAuthnUserData.
public static void storeWebAuthnUserData(WebAuthnUserData webAuthnUserData, String encryptionKeyName, AuthInfo userData, String workflowName, String uidAttributeName, String challengeStoreAttribute) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(webAuthnUserData);
EncryptedMessage msg = new EncryptedMessage();
SecretKey key = GlobalEntries.getGlobalEntries().getConfigManager().getSecretKey(encryptionKeyName);
if (key == null) {
throw new Exception("User data message encryption key not found");
}
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
msg.setMsg(cipher.doFinal(baos.toByteArray()));
msg.setIv(cipher.getIV());
baos = new ByteArrayOutputStream();
DeflaterOutputStream compressor = new DeflaterOutputStream(baos, new Deflater(Deflater.BEST_COMPRESSION, true));
Gson gson = new Gson();
compressor.write(gson.toJson(msg).getBytes("UTF-8"));
compressor.flush();
compressor.close();
String b64 = new String(java.util.Base64.getEncoder().encodeToString(baos.toByteArray()));
userData.getAttribs().put(challengeStoreAttribute, new Attribute(challengeStoreAttribute, b64));
WFCall wc = new WFCall();
wc.setName(workflowName);
wc.setUidAttributeName(uidAttributeName);
TremoloUser tu = new TremoloUser();
tu.setUid(userData.getAttribs().get(uidAttributeName).getValues().get(0));
tu.getAttributes().add(new Attribute(uidAttributeName, userData.getAttribs().get(uidAttributeName).getValues().get(0)));
tu.getAttributes().add(new Attribute(challengeStoreAttribute, b64));
wc.setUser(tu);
Map<String, Object> req = new HashMap<String, Object>();
req.put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
wc.setRequestParams(req);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getWorkFlow(workflowName).executeWorkflow(wc);
}
Also used :
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
Attribute(com.tremolosecurity.saml.Attribute)
HashMap(java.util.HashMap)
Gson(com.google.gson.Gson)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ObjectOutputStream(java.io.ObjectOutputStream)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
SecretKey(javax.crypto.SecretKey)
Deflater(java.util.zip.Deflater)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
EncryptedMessage(com.tremolosecurity.provisioning.util.EncryptedMessage)
DeflaterOutputStream(java.util.zip.DeflaterOutputStream)
Cipher(javax.crypto.Cipher)
Aggregations
WFCall (com.tremolosecurity.provisioning.service.util.WFCall)18
TremoloUser (com.tremolosecurity.provisioning.service.util.TremoloUser)15
Attribute (com.tremolosecurity.saml.Attribute)15
Gson (com.google.gson.Gson)9
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)9
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)9
AuthController (com.tremolosecurity.proxy.auth.AuthController)8
HashMap (java.util.HashMap)8
IOException (java.io.IOException)7
LDAPException (com.novell.ldap.LDAPException)6
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)6
LDAPEntry (com.novell.ldap.LDAPEntry)5
ScaleError (com.tremolosecurity.scalejs.data.ScaleError)5
MalformedURLException (java.net.MalformedURLException)5
ConfigManager (com.tremolosecurity.config.util.ConfigManager)4
ArrayList (java.util.ArrayList)4
LDAPAttribute (com.novell.ldap.LDAPAttribute)3
Workflow (com.tremolosecurity.provisioning.core.Workflow)3
ScaleAttribute (com.tremolosecurity.scalejs.cfg.ScaleAttribute)3
Matcher (java.util.regex.Matcher)3
