Example 46 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class KeystoneProvisioningTarget method syncUser.
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
HttpCon con = null;
Gson gson = new Gson();
try {
con = this.createClient();
KSToken token = this.getToken(con);
UserAndID fromKS = this.lookupUser(user.getUserID(), attributes, request, token, con);
if (fromKS == null) {
this.createUser(user, attributes, request);
} else {
// check attributes
HashMap<String, String> attrsUpdate = new HashMap<String, String>();
KSUser toPatch = new KSUser();
if (!rolesOnly) {
if (attributes.contains("email")) {
String fromKSVal = null;
String newVal = null;
if (fromKS.getUser().getAttribs().get("email") != null) {
fromKSVal = fromKS.getUser().getAttribs().get("email").getValues().get(0);
}
if (user.getAttribs().get("email") != null) {
newVal = user.getAttribs().get("email").getValues().get(0);
}
if (newVal != null && (fromKSVal == null || !fromKSVal.equalsIgnoreCase(newVal))) {
toPatch.setEmail(newVal);
attrsUpdate.put("email", newVal);
} else if (!addOnly && newVal == null && fromKSVal != null) {
toPatch.setEmail("");
attrsUpdate.put("email", "");
}
}
if (attributes.contains("enabled")) {
String fromKSVal = null;
String newVal = null;
if (fromKS.getUser().getAttribs().get("enabled") != null) {
fromKSVal = fromKS.getUser().getAttribs().get("enabled").getValues().get(0);
}
if (user.getAttribs().get("enabled") != null) {
newVal = user.getAttribs().get("enabled").getValues().get(0);
}
if (newVal != null && (fromKSVal == null || !fromKSVal.equalsIgnoreCase(newVal))) {
toPatch.setName(newVal);
attrsUpdate.put("enabled", newVal);
} else if (!addOnly && newVal == null && fromKSVal != null) {
toPatch.setEnabled(false);
attrsUpdate.put("enabled", "");
}
}
if (attributes.contains("description")) {
String fromKSVal = null;
String newVal = null;
if (fromKS.getUser().getAttribs().get("description") != null) {
fromKSVal = fromKS.getUser().getAttribs().get("description").getValues().get(0);
}
if (user.getAttribs().get("description") != null) {
newVal = user.getAttribs().get("description").getValues().get(0);
}
if (newVal != null && (fromKSVal == null || !fromKSVal.equalsIgnoreCase(newVal))) {
toPatch.setDescription(newVal);
attrsUpdate.put("description", newVal);
} else if (!addOnly && newVal == null && fromKSVal != null) {
toPatch.setDescription("");
attrsUpdate.put("description", "");
}
}
if (!attrsUpdate.isEmpty()) {
UserHolder holder = new UserHolder();
holder.setUser(toPatch);
String json = gson.toJson(holder);
StringBuffer b = new StringBuffer();
b.append(this.url).append("/users/").append(fromKS.getId());
json = this.callWSPotch(token.getAuthToken(), con, b.toString(), json);
for (String attr : attrsUpdate.keySet()) {
String val = attrsUpdate.get(attr);
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Replace, approvalID, workflow, attr, val);
}
}
for (String group : user.getGroups()) {
if (!fromKS.getUser().getGroups().contains(group)) {
String groupID = this.getGroupID(token.getAuthToken(), con, group);
StringBuffer b = new StringBuffer();
b.append(this.url).append("/groups/").append(groupID).append("/users/").append(fromKS.getId());
if (this.callWSPutNoData(token.getAuthToken(), con, b.toString())) {
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Add, approvalID, workflow, "group", group);
} else {
throw new ProvisioningException("Could not add group " + group);
}
}
}
if (!addOnly) {
for (String group : fromKS.getUser().getGroups()) {
if (!user.getGroups().contains(group)) {
String groupID = this.getGroupID(token.getAuthToken(), con, group);
StringBuffer b = new StringBuffer();
b.append(this.url).append("/groups/").append(groupID).append("/users/").append(fromKS.getId());
this.callWSDelete(token.getAuthToken(), con, b.toString());
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Delete, approvalID, workflow, "group", group);
}
}
}
}
if (attributes.contains("roles")) {
HashSet<Role> currentRoles = new HashSet<Role>();
if (fromKS.getUser().getAttribs().get("roles") != null) {
Attribute attr = fromKS.getUser().getAttribs().get("roles");
for (String jsonRole : attr.getValues()) {
currentRoles.add(gson.fromJson(jsonRole, Role.class));
}
}
if (user.getAttribs().containsKey("roles")) {
StringBuffer b = new StringBuffer();
Attribute attr = user.getAttribs().get("roles");
for (String jsonRole : attr.getValues()) {
Role role = gson.fromJson(jsonRole, Role.class);
if (!currentRoles.contains(role)) {
if (role.getScope().equalsIgnoreCase("project")) {
String projectid = this.getProjectID(token.getAuthToken(), con, role.getProject());
if (projectid == null) {
throw new ProvisioningException("Project " + role.getDomain() + " does not exist");
}
String roleid = this.getRoleID(token.getAuthToken(), con, role.getName());
if (roleid == null) {
throw new ProvisioningException("Role " + role.getName() + " does not exist");
}
b.setLength(0);
b.append(this.url).append("/projects/").append(projectid).append("/users/").append(fromKS.getId()).append("/roles/").append(roleid);
if (this.callWSPutNoData(token.getAuthToken(), con, b.toString())) {
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Add, approvalID, workflow, "role", jsonRole);
} else {
throw new ProvisioningException("Could not add role " + jsonRole);
}
} else {
String domainid = this.getDomainID(token.getAuthToken(), con, role.getDomain());
if (domainid == null) {
throw new ProvisioningException("Domain " + role.getDomain() + " does not exist");
}
String roleid = this.getRoleID(token.getAuthToken(), con, role.getName());
if (roleid == null) {
throw new ProvisioningException("Role " + role.getName() + " does not exist");
}
b.setLength(0);
b.append(this.url).append("/domains/").append(domainid).append("/users/").append(fromKS.getId()).append("/roles/").append(roleid);
if (this.callWSPutNoData(token.getAuthToken(), con, b.toString())) {
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Add, approvalID, workflow, "role", jsonRole);
} else {
throw new ProvisioningException("Could not add role " + jsonRole);
}
}
}
}
}
}
if (!addOnly) {
if (attributes.contains("roles")) {
HashSet<Role> currentRoles = new HashSet<Role>();
if (user.getAttribs().get("roles") != null) {
Attribute attr = user.getAttribs().get("roles");
for (String jsonRole : attr.getValues()) {
currentRoles.add(gson.fromJson(jsonRole, Role.class));
}
}
if (fromKS.getUser().getAttribs().containsKey("roles")) {
StringBuffer b = new StringBuffer();
Attribute attr = fromKS.getUser().getAttribs().get("roles");
for (String jsonRole : attr.getValues()) {
Role role = gson.fromJson(jsonRole, Role.class);
if (!currentRoles.contains(role)) {
if (role.getScope().equalsIgnoreCase("project")) {
String projectid = this.getProjectID(token.getAuthToken(), con, role.getProject());
if (projectid == null) {
throw new ProvisioningException("Project " + role.getDomain() + " does not exist");
}
String roleid = this.getRoleID(token.getAuthToken(), con, role.getName());
if (roleid == null) {
throw new ProvisioningException("Role " + role.getName() + " does not exist");
}
b.setLength(0);
b.append(this.url).append("/projects/").append(projectid).append("/users/").append(fromKS.getId()).append("/roles/").append(roleid);
this.callWSDelete(token.getAuthToken(), con, b.toString());
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Delete, approvalID, workflow, "role", jsonRole);
} else {
String domainid = this.getDomainID(token.getAuthToken(), con, role.getDomain());
if (domainid == null) {
throw new ProvisioningException("Domain " + role.getDomain() + " does not exist");
}
String roleid = this.getRoleID(token.getAuthToken(), con, role.getName());
if (roleid == null) {
throw new ProvisioningException("Role " + role.getName() + " does not exist");
}
b.setLength(0);
b.append(this.url).append("/domains/").append(domainid).append("/users/").append(fromKS.getId()).append("/roles/").append(roleid);
this.callWSDelete(token.getAuthToken(), con, b.toString());
this.cfgMgr.getProvisioningEngine().logAction(user.getUserID(), false, ActionType.Delete, approvalID, workflow, "role", jsonRole);
}
}
}
}
}
}
}
} catch (Exception e) {
throw new ProvisioningException("Could not work with keystone", e);
} finally {
if (con != null) {
con.getBcm().shutdown();
}
}
}
Also used :
UserAndID(com.tremolosecurity.unison.openstack.model.UserAndID)
HashMap(java.util.HashMap)
Attribute(com.tremolosecurity.saml.Attribute)
KSUser(com.tremolosecurity.unison.openstack.model.KSUser)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
Gson(com.google.gson.Gson)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
IOException(java.io.IOException)
KSRole(com.tremolosecurity.unison.openstack.model.KSRole)
Role(com.tremolosecurity.unison.openstack.model.Role)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
KSToken(com.tremolosecurity.unison.openstack.util.KSToken)
UserHolder(com.tremolosecurity.unison.openstack.model.UserHolder)
HashSet(java.util.HashSet)
Example 47 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class KeystoneProvisioningTarget method lookupUser.
public UserAndID lookupUser(String userID, Set<String> attributes, Map<String, Object> request, KSToken token, HttpCon con) throws Exception {
KSUser fromKS = null;
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
qparams.add(new BasicNameValuePair("domain_id", this.usersDomain));
qparams.add(new BasicNameValuePair("name", userID));
StringBuffer b = new StringBuffer();
b.append(this.url).append("/users?").append(URLEncodedUtils.format(qparams, "UTF-8"));
String fullURL = b.toString();
String json = this.callWS(token.getAuthToken(), con, fullURL);
Gson gson = new Gson();
UserLookupResponse resp = gson.fromJson(json, UserLookupResponse.class);
if (resp.getUsers().isEmpty()) {
return null;
} else {
fromKS = resp.getUsers().get(0);
User user = new User(fromKS.getName());
if (attributes.contains("name")) {
user.getAttribs().put("name", new Attribute("name", fromKS.getName()));
}
if (attributes.contains("id")) {
user.getAttribs().put("id", new Attribute("id", fromKS.getId()));
}
if (attributes.contains("email") && fromKS.getEmail() != null) {
user.getAttribs().put("email", new Attribute("email", fromKS.getEmail()));
}
if (attributes.contains("description") && fromKS.getDescription() != null) {
user.getAttribs().put("description", new Attribute("description", fromKS.getEmail()));
}
if (attributes.contains("enabled")) {
user.getAttribs().put("enabled", new Attribute("enabled", Boolean.toString(fromKS.getEnabled())));
}
if (!rolesOnly) {
b.setLength(0);
b.append(this.url).append("/users/").append(fromKS.getId()).append("/groups");
json = this.callWS(token.getAuthToken(), con, b.toString());
GroupLookupResponse gresp = gson.fromJson(json, GroupLookupResponse.class);
for (KSGroup group : gresp.getGroups()) {
user.getGroups().add(group.getName());
}
}
if (attributes.contains("roles")) {
b.setLength(0);
b.append(this.url).append("/role_assignments?user.id=").append(fromKS.getId()).append("&include_names=true");
json = this.callWS(token.getAuthToken(), con, b.toString());
RoleAssignmentResponse rar = gson.fromJson(json, RoleAssignmentResponse.class);
Attribute attr = new Attribute("roles");
for (KSRoleAssignment role : rar.getRole_assignments()) {
if (role.getScope().getProject() != null) {
attr.getValues().add(gson.toJson(new Role(role.getRole().getName(), "project", role.getScope().getProject().getDomain().getName(), role.getScope().getProject().getName())));
} else {
attr.getValues().add(gson.toJson(new Role(role.getRole().getName(), "domain", role.getScope().getDomain().getName())));
}
}
if (!attr.getValues().isEmpty()) {
user.getAttribs().put("roles", attr);
}
}
UserAndID userAndId = new UserAndID();
userAndId.setUser(user);
userAndId.setId(fromKS.getId());
return userAndId;
}
}
Also used :
NameValuePair(org.apache.http.NameValuePair)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
UserAndID(com.tremolosecurity.unison.openstack.model.UserAndID)
User(com.tremolosecurity.provisioning.core.User)
KSUser(com.tremolosecurity.unison.openstack.model.KSUser)
KSGroup(com.tremolosecurity.unison.openstack.model.KSGroup)
Attribute(com.tremolosecurity.saml.Attribute)
GroupLookupResponse(com.tremolosecurity.unison.openstack.model.GroupLookupResponse)
KSUser(com.tremolosecurity.unison.openstack.model.KSUser)
ArrayList(java.util.ArrayList)
KSRoleAssignment(com.tremolosecurity.unison.openstack.model.KSRoleAssignment)
Gson(com.google.gson.Gson)
RoleAssignmentResponse(com.tremolosecurity.unison.openstack.model.RoleAssignmentResponse)
KSRole(com.tremolosecurity.unison.openstack.model.KSRole)
Role(com.tremolosecurity.unison.openstack.model.Role)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
UserLookupResponse(com.tremolosecurity.unison.openstack.model.UserLookupResponse)
Example 48 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class Drupal7GetSequence method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
try {
if (logger.isDebugEnabled()) {
logger.debug("Searching for users.id");
logger.debug("Looking for user : '" + user.getUserID() + "'");
}
User looking = task.getConfigManager().getProvisioningEngine().getTarget(this.targetName).findUser(user.getUserID(), new HashMap<String, Object>());
if (logger.isDebugEnabled()) {
logger.debug("User object : '" + looking + "'");
}
if (looking == null) {
if (logger.isDebugEnabled()) {
logger.debug("User not found");
}
}
if (looking != null) {
if (logger.isDebugEnabled()) {
logger.debug("User found, setting to user id : '" + looking.getAttribs().get("uid").getValues().get(0) + "'");
}
user.getAttribs().put("drupalid", new Attribute("drupalid", looking.getAttribs().get("uid").getValues().get(0)));
return true;
}
} catch (ProvisioningException pe) {
// do nothing
pe.printStackTrace();
}
UserStoreProvider provider = task.getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
BasicDBInterface dbprovider = (BasicDBInterface) provider;
Connection con = null;
try {
if (logger.isDebugEnabled()) {
logger.debug("Getting Connection");
}
con = dbprovider.getDS().getConnection();
if (logger.isDebugEnabled()) {
logger.debug("Preparing Statement");
}
PreparedStatement ps = con.prepareStatement("INSERT INTO sequences () VALUES ()", Statement.RETURN_GENERATED_KEYS);
if (logger.isDebugEnabled()) {
logger.debug("Executing Statement");
}
ps.executeUpdate();
if (logger.isDebugEnabled()) {
logger.debug("Getting key");
}
ResultSet rs = ps.getGeneratedKeys();
rs.next();
int id = rs.getInt(1);
if (logger.isDebugEnabled()) {
logger.debug("ID: '" + id + "'");
}
rs.close();
ps.close();
user.getAttribs().put("drupalid", new Attribute("drupalid", Integer.toString(id)));
return true;
} catch (SQLException e) {
throw new ProvisioningException("Could not generate userid", e);
} finally {
if (con != null) {
try {
logger.info("Closing connection");
con.close();
} catch (Exception e1) {
// do nothing
}
}
}
}
Also used :
User(com.tremolosecurity.provisioning.core.User)
Attribute(com.tremolosecurity.saml.Attribute)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
BasicDBInterface(com.tremolosecurity.provisioning.core.providers.BasicDBInterface)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
SQLException(java.sql.SQLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ResultSet(java.sql.ResultSet)
UserStoreProvider(com.tremolosecurity.provisioning.core.UserStoreProvider)
Example 49 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class GitlabUserProvider method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
org.gitlab4j.api.models.User newUser = new org.gitlab4j.api.models.User();
newUser.setUsername(user.getUserID());
for (String attrName : attributes) {
Attribute attr = user.getAttribs().get(attrName);
if (attr != null) {
try {
this.beanUtils.setProperty(newUser, attrName, attr.getValues().get(0));
} catch (IllegalAccessException | InvocationTargetException e) {
throw new ProvisioningException("Could not set " + attrName + " for " + user.getUserID(), e);
}
}
}
try {
this.userApi.createUser(newUser, new GenPasswd(50).getPassword(), false);
} catch (GitLabApiException e) {
throw new ProvisioningException("Could not create user", e);
}
newUser = this.findUserByName(user.getUserID());
int numTries = 0;
while (newUser == null) {
if (numTries > 10) {
throw new ProvisioningException("User " + user.getUserID() + " never created");
}
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
}
newUser = this.findUserByName(user.getUserID());
numTries++;
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "id", newUser.getId().toString());
for (String attrName : attributes) {
Attribute attr = user.getAttribs().get(attrName);
if (attr != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attrName, attr.getValues().get(0));
}
}
List<GitlabFedIdentity> ids = (List<GitlabFedIdentity>) request.get(GitlabUserProvider.GITLAB_IDENTITIES);
if (ids != null) {
ArrayList<Header> defheaders = new ArrayList<Header>();
defheaders.add(new BasicHeader("Private-Token", this.token));
BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager(cfgMgr.getHttpClientSocketRegistry());
RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).setRedirectsEnabled(false).build();
CloseableHttpClient http = HttpClients.custom().setConnectionManager(bhcm).setDefaultHeaders(defheaders).setDefaultRequestConfig(rc).build();
try {
for (GitlabFedIdentity id : ids) {
HttpPut getmembers = new HttpPut(new StringBuilder().append(this.url).append("/api/v4/users/").append(newUser.getId()).append("?provider=").append(id.getProvider()).append("&extern_uid=").append(URLEncoder.encode(user.getUserID(), "UTF-8")).toString());
CloseableHttpResponse resp = http.execute(getmembers);
if (resp.getStatusLine().getStatusCode() != 200) {
throw new IOException("Invalid response " + resp.getStatusLine().getStatusCode());
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "identity-provider", id.getProvider());
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "identity-externid", id.getExternalUid());
}
} catch (IOException e) {
throw new ProvisioningException("Could not set identity", e);
} finally {
try {
http.close();
} catch (IOException e) {
}
bhcm.close();
}
}
HashMap<String, Integer> groupmap = (HashMap<String, Integer>) request.get(GitlabUserProvider.GITLAB_GROUP_ENTITLEMENTS);
if (groupmap == null) {
groupmap = new HashMap<String, Integer>();
}
for (String group : user.getGroups()) {
try {
Group groupObj = this.findGroupByName(group);
if (groupObj == null) {
logger.warn("Group " + group + " does not exist");
} else {
int accessLevel = AccessLevel.DEVELOPER.ordinal();
if (groupmap.containsKey(group)) {
accessLevel = groupmap.get(group);
}
this.groupApi.addMember(groupObj.getId(), newUser.getId(), accessLevel);
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", group);
}
} catch (GitLabApiException e) {
throw new ProvisioningException("Could not find group " + group, e);
}
}
}
Also used :
Group(org.gitlab4j.api.models.Group)
UserStoreProviderWithAddGroup(com.tremolosecurity.provisioning.core.UserStoreProviderWithAddGroup)
User(com.tremolosecurity.provisioning.core.User)
Attribute(com.tremolosecurity.saml.Attribute)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
HttpPut(org.apache.http.client.methods.HttpPut)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
ArrayList(java.util.ArrayList)
List(java.util.List)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
GenPasswd(com.tremolosecurity.provisioning.util.GenPasswd)
RequestConfig(org.apache.http.client.config.RequestConfig)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
IOException(java.io.IOException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Header(org.apache.http.Header)
BasicHeader(org.apache.http.message.BasicHeader)
BasicHeader(org.apache.http.message.BasicHeader)
Example 50 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class JavaScriptMapping method doMapping.
@Override
public Attribute doMapping(User user, String attrname) {
String jsmapping = null;
LoadJavaScriptMappingFromK8s fromk8sns;
synchronized (fromk8s) {
fromk8sns = fromk8s.get(this.key);
if (fromk8sns == null) {
fromk8sns = new LoadJavaScriptMappingFromK8s();
try {
fromk8sns.loadJavaScriptMappings(GlobalEntries.getGlobalEntries().getConfigManager(), target, namespace);
} catch (ProvisioningException e) {
logger.warn("Could not create watch on " + target + "." + namespace, e);
return new Attribute(attrname);
}
fromk8s.put(key, fromk8sns);
}
}
String js = fromk8sns.getMapping(this.name);
if (js == null) {
logger.warn("JavaScriptMapping " + target + "." + namespace + "." + name + " does not exist");
return new Attribute(attrname);
}
Context context = Context.newBuilder("js").allowAllAccess(true).build();
try {
Value initicalCtx = context.eval("js", js);
Value doMapping = context.getBindings("js").getMember("doMapping");
if (doMapping == null) {
throw new ProvisioningException(target + "." + namespace + "." + name + " doMapping function does not exist");
}
if (!doMapping.canExecute()) {
throw new ProvisioningException(target + "." + namespace + "." + name + " doMapping is not a function");
}
Value finishedMapping = doMapping.execute(user, attrname);
return finishedMapping.as(Attribute.class);
} catch (Throwable t) {
logger.warn("Could not execute " + target + "." + namespace + "." + name, t);
return new Attribute(attrname);
} finally {
context.close();
}
}
Also used :
Context(org.graalvm.polyglot.Context)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Value(org.graalvm.polyglot.Value)
LoadJavaScriptMappingFromK8s(com.tremolosecurity.proxy.dynamicconfiguration.LoadJavaScriptMappingFromK8s)
Aggregations
Attribute (com.tremolosecurity.saml.Attribute)268
LDAPAttribute (com.novell.ldap.LDAPAttribute)90
HashMap (java.util.HashMap)89
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)87
IOException (java.io.IOException)69
ArrayList (java.util.ArrayList)53
LDAPException (com.novell.ldap.LDAPException)51
ServletException (javax.servlet.ServletException)48
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)46
AuthController (com.tremolosecurity.proxy.auth.AuthController)45
LDAPEntry (com.novell.ldap.LDAPEntry)43
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)43
HttpSession (javax.servlet.http.HttpSession)40
Gson (com.google.gson.Gson)35
User (com.tremolosecurity.provisioning.core.User)33
HttpServletRequest (javax.servlet.http.HttpServletRequest)33
UrlHolder (com.tremolosecurity.config.util.UrlHolder)31
UnsupportedEncodingException (java.io.UnsupportedEncodingException)30
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)28
HashSet (java.util.HashSet)26
