Example 1 with ConfidentialString
use of eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method getFullAccountObject.
/**
* Returns fully loaded AccountObject with guarded strings.
*
* @param provisioningOperation
* @return
*/
@Override
public Map<ProvisioningAttributeDto, Object> getFullAccountObject(SysProvisioningOperationDto provisioningOperation) {
if (provisioningOperation == null || provisioningOperation.getProvisioningContext() == null || provisioningOperation.getProvisioningContext().getAccountObject() == null) {
return null;
}
//
Map<ProvisioningAttributeDto, Object> fullAccountObject = new HashMap<>();
Map<ProvisioningAttributeDto, Object> accountObject = provisioningOperation.getProvisioningContext().getAccountObject();
for (Entry<ProvisioningAttributeDto, Object> entry : accountObject.entrySet()) {
if (entry.getValue() == null) {
fullAccountObject.put(entry.getKey(), entry.getValue());
continue;
}
Object idmValue = entry.getValue();
// single value
if (idmValue instanceof ConfidentialString) {
fullAccountObject.put(entry.getKey(), confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) idmValue).getKey()));
continue;
}
// array
if (idmValue.getClass().isArray()) {
if (!idmValue.getClass().getComponentType().isPrimitive()) {
// objects only, we dont want pto proces byte, boolean etc.
Object[] idmValues = (Object[]) idmValue;
List<GuardedString> processedValues = new ArrayList<>();
for (int j = 0; j < idmValues.length; j++) {
Object singleValue = idmValues[j];
if (singleValue instanceof ConfidentialString) {
processedValues.add(confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey()));
}
}
if (!processedValues.isEmpty()) {
fullAccountObject.put(entry.getKey(), processedValues.toArray(new GuardedString[processedValues.size()]));
continue;
}
}
} else // collection
if (idmValue instanceof Collection) {
Collection<?> idmValues = (Collection<?>) idmValue;
List<GuardedString> processedValues = new ArrayList<>();
idmValues.forEach(singleValue -> {
if (singleValue instanceof ConfidentialString) {
processedValues.add(confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey()));
}
});
if (!processedValues.isEmpty()) {
fullAccountObject.put(entry.getKey(), processedValues);
continue;
}
}
// copy value
fullAccountObject.put(entry.getKey(), entry.getValue());
}
return fullAccountObject;
}
Also used :
NotificationManager(eu.bcvsolutions.idm.core.notification.api.service.NotificationManager)
IcPasswordAttribute(eu.bcvsolutions.idm.ic.api.IcPasswordAttribute)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
Pageable(org.springframework.data.domain.Pageable)
Sort(org.springframework.data.domain.Sort)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService)
PageRequest(org.springframework.data.domain.PageRequest)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
Serializable(java.io.Serializable)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
List(java.util.List)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Entry(java.util.Map.Entry)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
IcPasswordAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcPasswordAttributeImpl)
HashMap(java.util.HashMap)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysProvisioningBatchDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningBatchDto)
SysProvisioningOperationRepository(eu.bcvsolutions.idm.acc.repository.SysProvisioningOperationRepository)
ArrayList(java.util.ArrayList)
ConfidentialStorage(eu.bcvsolutions.idm.core.api.service.ConfidentialStorage)
Service(org.springframework.stereotype.Service)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
AbstractReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadWriteDtoService)
Direction(org.springframework.data.domain.Sort.Direction)
SysProvisioningOperation_(eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation_)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
AccModuleDescriptor(eu.bcvsolutions.idm.acc.AccModuleDescriptor)
SysProvisioningArchiveService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningArchiveService)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
SysProvisioningOperation(eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysProvisioningBatchService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningBatchService)
IdmMessageDto(eu.bcvsolutions.idm.core.notification.api.dto.IdmMessageDto)
Collections(java.util.Collections)
ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysProvisioningOperation(eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
Collection(java.util.Collection)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
List(java.util.List)
ArrayList(java.util.ArrayList)
Example 2 with ConfidentialString
use of eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method getFullConnectorObject.
/**
* Returns fully loaded ConnectorObject with guarded strings.
*
* TODO: don't update connectorObject in provisioningOperation (needs attribute defensive clone)
*
* @param provisioningOperation
* @return
*/
@Override
public IcConnectorObject getFullConnectorObject(SysProvisioningOperationDto provisioningOperation) {
if (provisioningOperation == null || provisioningOperation.getProvisioningContext() == null || provisioningOperation.getProvisioningContext().getConnectorObject() == null) {
return null;
}
List<IcAttribute> attributes = new ArrayList<>();
//
IcConnectorObject connectorObject = provisioningOperation.getProvisioningContext().getConnectorObject();
connectorObject.getAttributes().forEach(attribute -> {
IcAttribute attributeCopy = null;
if (attribute.isMultiValue()) {
List<Object> values = (List<Object>) attribute.getValues();
attributeCopy = new IcAttributeImpl(attribute.getName(), values, true);
} else if (attribute instanceof IcPasswordAttribute && attribute.getValue() != null) {
attributeCopy = new IcPasswordAttributeImpl(attribute.getName(), confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) attribute.getValue()).getKey()));
} else if (attribute instanceof IcPasswordAttribute && attribute.getValue() == null) {
attributeCopy = new IcPasswordAttributeImpl(attribute.getName(), (GuardedString) null);
} else {
attributeCopy = new IcAttributeImpl(attribute.getName(), attribute.getValue());
}
attributes.add(attributeCopy);
});
IcConnectorObject newConnectorObject = new IcConnectorObjectImpl(connectorObject.getUidValue(), connectorObject.getObjectClass(), attributes);
return newConnectorObject;
}
Also used :
ArrayList(java.util.ArrayList)
SysProvisioningOperation(eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
IcPasswordAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcPasswordAttributeImpl)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
List(java.util.List)
ArrayList(java.util.ArrayList)
IcPasswordAttribute(eu.bcvsolutions.idm.ic.api.IcPasswordAttribute)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
Example 3 with ConfidentialString
use of eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationServiceUnitTest method testReplaceArrayGuardedStringsInAccountObject.
@Test
public void testReplaceArrayGuardedStringsInAccountObject() {
ProvisioningContext context = new ProvisioningContext();
Map<ProvisioningAttributeDto, Object> accoutObject = new HashMap<>();
context.setAccountObject(accoutObject);
//
// fill properties
ProvisioningAttributeDto guarded = new ProvisioningAttributeDto("guarded", AttributeMappingStrategyType.SET);
GuardedString guardedOne = new GuardedString("one");
GuardedString guardedTwo = new GuardedString("two");
accoutObject.put(guarded, new GuardedString[] { guardedOne, guardedTwo });
//
// run
Map<String, Serializable> confidentiaValues = service.replaceGuardedStrings(context);
//
// check
assertEquals(2, confidentiaValues.size());
assertEquals(guardedOne.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 0)));
assertEquals(guardedTwo.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 1)));
assertEquals(2, ((Object[]) accoutObject.get(guarded)).length);
assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 0), ((ConfidentialString) ((Object[]) accoutObject.get(guarded))[0]).getKey());
assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 1), ((ConfidentialString) ((Object[]) accoutObject.get(guarded))[1]).getKey());
}
Also used :
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Serializable(java.io.Serializable)
HashMap(java.util.HashMap)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest)
Test(org.junit.Test)
Example 4 with ConfidentialString
use of eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationServiceUnitTest method testReplaceCollectionGuardedStringsInAccountObject.
@Test
public void testReplaceCollectionGuardedStringsInAccountObject() {
ProvisioningContext context = new ProvisioningContext();
Map<ProvisioningAttributeDto, Object> accoutObject = new HashMap<>();
context.setAccountObject(accoutObject);
//
// fill properties
ProvisioningAttributeDto guarded = new ProvisioningAttributeDto("guarded", AttributeMappingStrategyType.SET);
GuardedString guardedOne = new GuardedString("one");
GuardedString guardedTwo = new GuardedString("two");
accoutObject.put(guarded, Lists.newArrayList(guardedOne, guardedTwo));
//
// run
Map<String, Serializable> confidentiaValues = service.replaceGuardedStrings(context);
//
// check
assertEquals(2, confidentiaValues.size());
assertEquals(guardedOne.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 0)));
assertEquals(guardedTwo.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 1)));
assertEquals(2, ((List<?>) accoutObject.get(guarded)).size());
assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 0), ((ConfidentialString) ((List<?>) accoutObject.get(guarded)).get(0)).getKey());
assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 1), ((ConfidentialString) ((List<?>) accoutObject.get(guarded)).get(1)).getKey());
}
Also used :
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Serializable(java.io.Serializable)
HashMap(java.util.HashMap)
List(java.util.List)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest)
Test(org.junit.Test)
Example 5 with ConfidentialString
use of eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method deleteConfidentialStrings.
/**
* Deletes persisted confidential storage values
*
* @param provisioningOperation
*/
protected void deleteConfidentialStrings(SysProvisioningOperationDto provisioningOperation) {
Assert.notNull(provisioningOperation);
//
ProvisioningContext context = provisioningOperation.getProvisioningContext();
if (context == null) {
return;
}
Map<ProvisioningAttributeDto, Object> accountObject = context.getAccountObject();
if (accountObject != null) {
for (Entry<ProvisioningAttributeDto, Object> entry : accountObject.entrySet()) {
Object idmValue = entry.getValue();
if (idmValue == null) {
continue;
}
// single value
if (idmValue instanceof ConfidentialString) {
confidentialStorage.delete(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) entry.getValue()).getKey());
} else // array
if (idmValue.getClass().isArray()) {
if (!idmValue.getClass().getComponentType().isPrimitive()) {
Object[] idmValues = (Object[]) idmValue;
for (int j = 0; j < idmValues.length; j++) {
Object singleValue = idmValues[j];
if (singleValue instanceof ConfidentialString) {
confidentialStorage.delete(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey());
}
}
}
} else // collection
if (idmValue instanceof Collection) {
Collection<?> idmValues = (Collection<?>) idmValue;
idmValues.forEach(singleValue -> {
if (singleValue instanceof ConfidentialString) {
confidentialStorage.delete(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey());
}
});
}
}
}
//
IcConnectorObject connectorObject = context.getConnectorObject();
if (connectorObject != null) {
connectorObject.getAttributes().forEach(attribute -> {
if (attribute.getValues() != null) {
attribute.getValues().forEach(attributeValue -> {
if (attributeValue instanceof ConfidentialString) {
confidentialStorage.delete(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) attributeValue).getKey());
}
});
}
});
}
}
Also used :
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Collection(java.util.Collection)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysProvisioningOperation(eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
Aggregations
ConfidentialString (eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)6
ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)5
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)5
ProvisioningContext (eu.bcvsolutions.idm.acc.domain.ProvisioningContext)4
IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)4
Serializable (java.io.Serializable)4
List (java.util.List)4
SysProvisioningOperation (eu.bcvsolutions.idm.acc.entity.SysProvisioningOperation)3
IcAttribute (eu.bcvsolutions.idm.ic.api.IcAttribute)3
ArrayList (java.util.ArrayList)3
HashMap (java.util.HashMap)3
CoreException (eu.bcvsolutions.idm.core.api.exception.CoreException)2
IcPasswordAttribute (eu.bcvsolutions.idm.ic.api.IcPasswordAttribute)2
IcAttributeImpl (eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)2
IcConnectorObjectImpl (eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)2
IcPasswordAttributeImpl (eu.bcvsolutions.idm.ic.impl.IcPasswordAttributeImpl)2
AbstractVerifiableUnitTest (eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest)2
Collection (java.util.Collection)2
Test (org.junit.Test)2
ImmutableMap (com.google.common.collect.ImmutableMap)1
