Search in sources :

Example 11 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method deleteGroup.

@Override
public void deleteGroup(String name, User user, Map<String, Object> request) throws ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    IPACall groupSearch = new IPACall();
    groupSearch.setId(0);
    groupSearch.setMethod("group_del");
    ArrayList<String> groupArray = new ArrayList<String>();
    groupArray.add(name);
    groupSearch.getParams().add(groupArray);
    HashMap<String, String> additionalParams = new HashMap<String, String>();
    groupSearch.getParams().add(additionalParams);
    HttpCon con = null;
    try {
        con = this.createClient();
        IPAResponse resp = this.executeIPACall(groupSearch, con);
        this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Delete, approvalID, workflow, "group-object", name);
    } catch (Exception e) {
        throw new ProvisioningException("Could not find groups", e);
    } finally {
        if (con != null) {
            con.getBcm().close();
        }
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ArrayList(java.util.ArrayList) Workflow(com.tremolosecurity.provisioning.core.Workflow) ClientProtocolException(org.apache.http.client.ClientProtocolException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 12 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method createUser.

public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
    UserPrincipal principal = new UserPrincipal(user.getUserID(), multiDomain, primaryDomain);
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    try {
        HttpCon con = this.createClient();
        try {
            if (principal.isPrimaryDomain()) {
                IPACall createUser = new IPACall();
                createUser.setId(0);
                createUser.setMethod("user_add");
                ArrayList<String> userArray = new ArrayList<String>();
                userArray.add(principal.getUid());
                createUser.getParams().add(userArray);
                HashMap<String, Object> userAttrs = new HashMap<String, Object>();
                for (String attrName : attributes) {
                    Attribute attr = user.getAttribs().get(attrName);
                    if (attr != null && !attr.getName().equalsIgnoreCase("uid")) {
                        if (attr.getValues().size() == 1) {
                            userAttrs.put(attr.getName(), attr.getValues().get(0));
                        } else {
                            ArrayList vals = new ArrayList<String>();
                            vals.addAll(attr.getValues());
                            userAttrs.put(attr.getName(), vals);
                        }
                    }
                }
                createUser.getParams().add(userAttrs);
                IPAResponse resp = this.executeIPACall(createUser, con);
                this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "uid", user.getUserID());
                this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "uid", user.getUserID());
                for (String attrName : userAttrs.keySet()) {
                    Object o = userAttrs.get(attrName);
                    if (o instanceof String) {
                        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, attrName, (String) o);
                    } else {
                        List<String> vals = (List<String>) o;
                        for (String val : vals) {
                            this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, attrName, val);
                        }
                    }
                }
                for (String group : user.getGroups()) {
                    this.addGroup(principal, group, con, approvalID, workflow);
                }
                if (this.createShadowAccount) {
                    String password = new BigInteger(130, random).toString(32);
                    password = PBKDF2.generateHash(password);
                    user.setPassword(password);
                    this.setUserPassword(user, request);
                }
            } else {
                IPACall idOveride = new IPACall();
                idOveride.setId(0);
                idOveride.setMethod("idoverrideuser_add");
                List<String> params = new ArrayList<String>();
                params.add(this.trustViewName);
                params.add(principal.getUPN());
                idOveride.getParams().add(params);
                Map<String, Object> param2 = new HashMap<String, Object>();
                for (String attrName : attributes) {
                    Attribute attr = user.getAttribs().get(attrName);
                    if (attr != null) {
                        if (attr.getName().equalsIgnoreCase("uid") && !attr.getValues().get(0).equals(user.getUserID())) {
                            param2.put(attr.getName(), attr.getValues().get(0));
                        } else if (!attr.getName().equalsIgnoreCase("uid")) {
                            param2.put(attr.getName(), attr.getValues().get(0));
                        }
                    }
                }
                idOveride.getParams().add(param2);
                IPAResponse resp = this.executeIPACall(idOveride, con);
                this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "uid", user.getUserID());
                this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "uid", user.getUserID());
                for (String attrName : attributes) {
                    Attribute attr = user.getAttribs().get(attrName);
                    if (attr != null) {
                        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, attrName, attr.getValues().get(0));
                    }
                }
                for (String group : user.getGroups()) {
                    this.addGroup(principal, group, con, approvalID, workflow);
                }
            }
        } finally {
            if (con != null) {
                con.getBcm().shutdown();
            }
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not run search", e);
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) HashMap(java.util.HashMap) Attribute(com.tremolosecurity.saml.Attribute) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ArrayList(java.util.ArrayList) Workflow(com.tremolosecurity.provisioning.core.Workflow) ClientProtocolException(org.apache.http.client.ClientProtocolException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) BigInteger(java.math.BigInteger) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

IPACall (com.tremolosecurity.unison.freeipa.json.IPACall)12 IPAResponse (com.tremolosecurity.unison.freeipa.json.IPAResponse)12 ArrayList (java.util.ArrayList)12 HashMap (java.util.HashMap)12 IPAException (com.tremolosecurity.unison.freeipa.util.IPAException)9 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)7 HttpCon (com.tremolosecurity.provisioning.util.HttpCon)6 IOException (java.io.IOException)6 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 ClientProtocolException (org.apache.http.client.ClientProtocolException)6 Workflow (com.tremolosecurity.provisioning.core.Workflow)5 List (java.util.List)3 Attribute (com.tremolosecurity.saml.Attribute)2 Map (java.util.Map)2 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)1 ConfigManager (com.tremolosecurity.config.util.ConfigManager)1 User (com.tremolosecurity.provisioning.core.User)1 AzException (com.tremolosecurity.proxy.az.AzException)1 IPABatchResponse (com.tremolosecurity.unison.freeipa.json.IPABatchResponse)1 IPATopResult (com.tremolosecurity.unison.freeipa.json.IPATopResult)1