Example 21 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class AttributeChange method createInternalUser.
private void createInternalUser(User user, Set<String> attributes, Map<String, Object> request, int approvalID, Workflow workflow) throws ProvisioningException {
JSONObject root = new JSONObject();
if (user.getAttribs().get("accountEnabled") != null) {
root.put("accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0).equalsIgnoreCase("true"));
}
root.put("displayName", user.getAttribs().get("displayName").getValues().get(0));
if (user.getAttribs().get("onPremisesImmutableId") != null) {
root.put("onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
String mail;
if (user.getAttribs().get("mail") != null) {
mail = user.getAttribs().get("mail").getValues().get(0);
} else {
mail = user.getAttribs().get("userPrincipalName").getValues().get(0);
}
String mailNickName = mail.substring(0, mail.indexOf('@'));
root.put("mailNickname", mailNickName);
root.put("userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
JSONObject passwordPolicy = new JSONObject();
if (user.getPassword() != null && !user.getPassword().isEmpty()) {
passwordPolicy.put("password", user.getPassword());
} else {
passwordPolicy.put("password", new GenPasswd(50, true, true, true, true).getPassword());
}
passwordPolicy.put("forceChangePasswordNextSignIn", request.get("tremolo.azuread.create.forceChangePasswordNextSignIn") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignIn").equals("true"));
passwordPolicy.put("forceChangePasswordNextSignInWithMfa", request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa") != null && request.get("tremolo.azuread.create.forceChangePasswordNextSignInWithMfa").equals("true"));
root.put("passwordProfile", passwordPolicy);
HttpCon con = null;
try {
con = this.createClient();
String json = this.callWSPostJsonReesponseExpected(con, "/users", root.toString());
JSONObject resp = (JSONObject) new JSONParser().parse(json);
user.getAttribs().put("id", new Attribute("id", (String) resp.get("id")));
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "userPrincipalName", user.getAttribs().get("userPrincipalName").getValues().get(0));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "password", "*********8");
if (user.getAttribs().get("accountEnabled") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "accountEnabled", user.getAttribs().get("accountEnabled").getValues().get(0));
}
if (user.getAttribs().get("onPremisesImmutableId") != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "onPremisesImmutableId", user.getAttribs().get("onPremisesImmutableId").getValues().get(0));
}
User fromAzure = new User(user.getUserID());
fromAzure.getAttribs().put("id", new Attribute("id", user.getAttribs().get("id").getValues().get(0)));
fromAzure.getAttribs().put("userPrincipalName", new Attribute("displayName", user.getAttribs().get("userPrincipalName").getValues().get(0)));
this.synUser(user, true, attributes, fromAzure, approvalID, workflow);
} catch (Exception e) {
throw new ProvisioningException("Could not create user", e);
} finally {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
Also used :
GenPasswd(com.tremolosecurity.provisioning.util.GenPasswd)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
User(com.tremolosecurity.provisioning.core.User)
JSONObject(org.json.simple.JSONObject)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONParser(org.json.simple.parser.JSONParser)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 22 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
String userID = user.getUserID();
HttpCon con = null;
try {
con = this.createClient();
JSONObject newUser = new JSONObject();
for (String attribute : attributes) {
Attribute attr = user.getAttribs().get(attribute);
if (attr != null) {
newUser.put(attr.getName(), attr.getValues().get(0));
}
}
StringBuilder sb = new StringBuilder();
for (String group : user.getGroups()) {
sb.append(group).append(' ');
}
String groups = sb.toString().trim();
if (!groups.isEmpty()) {
newUser.put("roles", groups);
}
if (user.getPassword() != null) {
// user.setPassword(new GenPasswd(25,true,true,true,true).getPassword());
newUser.put("password", user.getPassword());
}
this.callWSPost(con, "/api/v4/users", newUser.toString());
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "username", userID);
for (String attribute : attributes) {
Attribute attr = user.getAttribs().get(attribute);
if (attr != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attr.getName(), attr.getValues().get(0));
}
}
if (user.getPassword() != null) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "password", "*******");
}
for (String group : user.getGroups()) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "role", group);
}
} catch (Exception e) {
throw new ProvisioningException("Could create '" + userID + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Also used :
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
JSONObject(org.json.simple.JSONObject)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
Example 23 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method findUser.
@Override
public User findUser(String userID, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
userID = userID.toLowerCase();
HttpCon con = null;
try {
con = this.createClient();
JSONObject mmUser = loadUserJson(userID, con);
if (mmUser == null) {
return null;
}
User user = new User(userID);
for (String attribute : attributes) {
Object val = mmUser.get(attribute);
if (val != null) {
user.getAttribs().put(attribute, new Attribute(attribute, val.toString()));
}
}
String groups = (String) mmUser.get("roles");
if (groups != null) {
StringTokenizer toker = new StringTokenizer(groups, " ", false);
while (toker.hasMoreTokens()) {
user.getGroups().add(toker.nextToken());
}
}
return user;
} catch (Exception e) {
throw new ProvisioningException("Could not load '" + userID + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Also used :
StringTokenizer(java.util.StringTokenizer)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
User(com.tremolosecurity.provisioning.core.User)
JSONObject(org.json.simple.JSONObject)
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONObject(org.json.simple.JSONObject)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
Example 24 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class TremoloTarget method executeWorkFlow.
private void executeWorkFlow(String wfName, User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
StringBuffer surl = new StringBuffer();
surl.append(this.wfUrlBase).append("/services/wf/login");
HttpGet get = new HttpGet(surl.toString());
try {
try {
httpclient.execute(get);
} catch (ClientProtocolException e1) {
} catch (IOException e1) {
}
} finally {
get.releaseConnection();
}
surl.setLength(0);
surl.append(this.wfUrlBase).append("/services/wf/execute");
HttpPost post = new HttpPost(surl.toString());
try {
TremoloUser tu = new TremoloUser();
tu.setAttributes(new ArrayList<Attribute>());
tu.setUid(user.getUserID());
tu.setUserPassword(user.getPassword());
for (String attrName : user.getAttribs().keySet()) {
Attribute attr = user.getAttribs().get(attrName);
if (attributes.size() == 0 || attributes.contains(attrName)) {
tu.getAttributes().add(attr);
}
}
WFCall wfcall = new WFCall();
wfcall.setName(wfName);
wfcall.setUidAttributeName(this.uidAttrName);
wfcall.setUser(tu);
wfcall.setRequestParams(new HashMap<String, Object>());
wfcall.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
Gson gson = new Gson();
String jsonOut = gson.toJson(wfcall);
List<NameValuePair> formparams = new ArrayList<NameValuePair>();
formparams.add(new BasicNameValuePair("wfcall", jsonOut));
UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formparams, "UTF-8");
post.setEntity(entity);
HttpResponse response = httpclient.execute(post);
BufferedReader in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
String line = null;
StringBuffer res = new StringBuffer();
while ((line = in.readLine()) != null) {
// System.out.println(line);
res.append(line).append('\n');
}
ProvisioningResult provRes = gson.fromJson(res.toString(), ProvisioningResult.class);
if (!provRes.isSuccess()) {
throw new ProvisioningException(provRes.getError().getError());
}
} catch (Exception e) {
throw new ProvisioningException("Could not execute workflow", e);
} finally {
post.releaseConnection();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
NameValuePair(org.apache.http.NameValuePair)
WFCall(com.tremolosecurity.provisioning.service.util.WFCall)
InputStreamReader(java.io.InputStreamReader)
Attribute(com.tremolosecurity.saml.Attribute)
HttpGet(org.apache.http.client.methods.HttpGet)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
ArrayList(java.util.ArrayList)
Gson(com.google.gson.Gson)
HttpResponse(org.apache.http.HttpResponse)
IOException(java.io.IOException)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
MalformedCookieException(org.apache.http.cookie.MalformedCookieException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
BufferedReader(java.io.BufferedReader)
Example 25 with Attribute
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class Attribute2Groups method init.
@Override
public void init(WorkflowTask task, Map<String, Attribute> params) throws ProvisioningException {
Attribute attr = params.get("attributeName");
if (attr == null) {
throw new ProvisioningException("attributeName not specified");
}
this.attributeName = attr.getValues().get(0);
this.task = task;
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Aggregations
Attribute (com.tremolosecurity.saml.Attribute)268
LDAPAttribute (com.novell.ldap.LDAPAttribute)90
HashMap (java.util.HashMap)89
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)87
IOException (java.io.IOException)69
ArrayList (java.util.ArrayList)53
LDAPException (com.novell.ldap.LDAPException)51
ServletException (javax.servlet.ServletException)48
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)46
AuthController (com.tremolosecurity.proxy.auth.AuthController)45
LDAPEntry (com.novell.ldap.LDAPEntry)43
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)43
HttpSession (javax.servlet.http.HttpSession)40
Gson (com.google.gson.Gson)35
User (com.tremolosecurity.provisioning.core.User)33
HttpServletRequest (javax.servlet.http.HttpServletRequest)33
UrlHolder (com.tremolosecurity.config.util.UrlHolder)31
UnsupportedEncodingException (java.io.UnsupportedEncodingException)30
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)28
HashSet (java.util.HashSet)26
