Example 16 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class CallRemoteWorkflow method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
HashMap<String, Object> newRequest = new HashMap<String, Object>();
for (String name : this.fromRequest) {
newRequest.put(name, request.get(name));
}
for (String key : this.staticRequest.keySet()) {
newRequest.put(key, this.staticRequest.get(key));
}
WFCall wfCall = new WFCall();
wfCall.setName(this.workflowName);
wfCall.setRequestParams(newRequest);
wfCall.setUser(new TremoloUser());
wfCall.getUser().setUid(user.getUserID());
wfCall.getUser().setUserPassword(user.getPassword());
wfCall.getUser().setGroups(user.getGroups());
wfCall.getUser().setAttributes(new ArrayList<Attribute>());
wfCall.getUser().getAttributes().addAll(user.getAttribs().values());
wfCall.setUidAttributeName(uidAttributeName);
wfCall.setReason(task.getWorkflow().getUser().getRequestReason());
if (task.getWorkflow().getRequester() != null) {
wfCall.setRequestor(task.getWorkflow().getRequester().getUserID());
} else {
wfCall.setRequestor(this.lastMileUser);
}
DateTime notBefore = new DateTime();
notBefore = notBefore.minusSeconds(timeSkew);
DateTime notAfter = new DateTime();
notAfter = notAfter.plusSeconds(timeSkew);
com.tremolosecurity.lastmile.LastMile lastmile = null;
try {
lastmile = new com.tremolosecurity.lastmile.LastMile(this.uri, notBefore, notAfter, 0, "oauth2");
} catch (URISyntaxException e) {
throw new ProvisioningException("Could not generate lastmile", e);
}
Attribute attrib = new Attribute(this.lastMileUid, this.lastMileUser);
lastmile.getAttributes().add(attrib);
String encryptedXML = null;
try {
encryptedXML = lastmile.generateLastMileToken(this.task.getConfigManager().getSecretKey(this.lastmileKeyName));
} catch (Exception e) {
throw new ProvisioningException("Could not generate lastmile", e);
}
StringBuffer header = new StringBuffer();
header.append("Bearer ").append(encryptedXML);
BasicHttpClientConnectionManager bhcm = null;
CloseableHttpClient http = null;
try {
bhcm = new BasicHttpClientConnectionManager(this.task.getConfigManager().getHttpClientSocketRegistry());
RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).setRedirectsEnabled(false).build();
http = HttpClients.custom().setConnectionManager(bhcm).setDefaultRequestConfig(rc).build();
HttpPost post = new HttpPost(this.url);
post.addHeader(new BasicHeader("Authorization", header.toString()));
Gson gson = new Gson();
StringEntity str = new StringEntity(gson.toJson(wfCall), ContentType.APPLICATION_JSON);
post.setEntity(str);
HttpResponse resp = http.execute(post);
if (resp.getStatusLine().getStatusCode() != 200) {
throw new ProvisioningException("Call failed");
}
} catch (IOException e) {
throw new ProvisioningException("Could not make call", e);
} finally {
if (http != null) {
try {
http.close();
} catch (IOException e) {
logger.warn(e);
}
}
if (bhcm != null) {
bhcm.close();
}
}
return true;
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
HashMap(java.util.HashMap)
Attribute(com.tremolosecurity.saml.Attribute)
Gson(com.google.gson.Gson)
URISyntaxException(java.net.URISyntaxException)
DateTime(org.joda.time.DateTime)
StringEntity(org.apache.http.entity.StringEntity)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
RequestConfig(org.apache.http.client.config.RequestConfig)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
HttpResponse(org.apache.http.HttpResponse)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
URISyntaxException(java.net.URISyntaxException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
BasicHeader(org.apache.http.message.BasicHeader)
Example 17 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class CopyGroupMembers method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
String localWorkflowName = task.renderTemplate(this.workflowName, request);
String localCopyFrom = task.renderTemplate(this.copyFrom, request);
String localCopyTo = task.renderTemplate(this.copyTo, request);
String memberAttr = task.getConfigManager().getCfg().getGroupMemberAttribute();
String[] members = null;
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(localCopyFrom, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry group = rs.next();
while (rs.hasMore()) rs.next();
members = group.getAttribute(memberAttr).getStringValueArray();
} catch (LDAPException e) {
throw new ProvisioningException("Could not load from group", e);
}
for (String member : members) {
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(member, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry ldapMember = rs.next();
TremoloUser userToUpdate = new TremoloUser();
userToUpdate.setUid(ldapMember.getAttribute(this.uidAttribute).getStringValue());
userToUpdate.getAttributes().add(new Attribute(this.uidAttribute, userToUpdate.getUid()));
userToUpdate.getGroups().add(localCopyTo);
Workflow wf = task.getConfigManager().getProvisioningEngine().getWorkFlow(localWorkflowName);
WFCall call = new WFCall();
call.setReason("auto-creating approval group " + localCopyTo);
call.setUidAttributeName(this.uidAttribute);
call.setUser(userToUpdate);
call.setRequestor(this.requestor);
call.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
wf.executeWorkflow(call);
} catch (LDAPException e) {
logger.warn("Could not load user '" + member + "'", e);
}
}
return true;
}
Also used :
LDAPEntry(com.novell.ldap.LDAPEntry)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
Example 18 with WFCall
use of com.tremolosecurity.provisioning.service.util.WFCall in project OpenUnison by TremoloSecurity.
the class CopyGroupMembers method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
String localWorkflowName = task.renderTemplate(this.workflowName, request);
String localCopyFrom = task.renderTemplate(this.copyFrom, request);
String localCopyTo = task.renderTemplate(this.copyTo, request);
String memberAttr = task.getConfigManager().getCfg().getGroupMemberAttribute();
String[] members = null;
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(localCopyFrom, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry group = rs.next();
while (rs.hasMore()) rs.next();
if (group != null && group.getAttribute(memberAttr) != null) {
members = group.getAttribute(memberAttr).getStringValueArray();
} else {
members = new String[0];
}
} catch (LDAPException e) {
throw new ProvisioningException("Could not load from group", e);
}
for (String member : members) {
try {
LDAPSearchResults rs = task.getConfigManager().getMyVD().search(member, 0, "(objectClass=*)", new ArrayList<String>());
rs.hasMore();
LDAPEntry ldapMember = rs.next();
TremoloUser userToUpdate = new TremoloUser();
userToUpdate.setUid(ldapMember.getAttribute(this.uidAttribute).getStringValue());
userToUpdate.getAttributes().add(new Attribute(this.uidAttribute, userToUpdate.getUid()));
userToUpdate.getGroups().add(localCopyTo);
Workflow wf = task.getConfigManager().getProvisioningEngine().getWorkFlow(localWorkflowName);
WFCall call = new WFCall();
call.setReason("auto-creating approval group " + localCopyTo);
call.setUidAttributeName(this.uidAttribute);
call.setUser(userToUpdate);
call.setRequestor(this.requestor);
call.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
wf.executeWorkflow(call);
} catch (LDAPException e) {
logger.warn("Could not load user '" + member + "'", e);
}
}
return true;
}
Also used :
LDAPEntry(com.novell.ldap.LDAPEntry)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
Aggregations
WFCall (com.tremolosecurity.provisioning.service.util.WFCall)18
TremoloUser (com.tremolosecurity.provisioning.service.util.TremoloUser)15
Attribute (com.tremolosecurity.saml.Attribute)15
Gson (com.google.gson.Gson)9
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)9
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)9
AuthController (com.tremolosecurity.proxy.auth.AuthController)8
HashMap (java.util.HashMap)8
IOException (java.io.IOException)7
LDAPException (com.novell.ldap.LDAPException)6
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)6
LDAPEntry (com.novell.ldap.LDAPEntry)5
ScaleError (com.tremolosecurity.scalejs.data.ScaleError)5
MalformedURLException (java.net.MalformedURLException)5
ConfigManager (com.tremolosecurity.config.util.ConfigManager)4
ArrayList (java.util.ArrayList)4
LDAPAttribute (com.novell.ldap.LDAPAttribute)3
Workflow (com.tremolosecurity.provisioning.core.Workflow)3
ScaleAttribute (com.tremolosecurity.scalejs.cfg.ScaleAttribute)3
Matcher (java.util.regex.Matcher)3
