use of io.jans.model.GluuAttribute in project jans by JanssenProject.
the class ScopeService method fillClaims.
private void fillClaims(Map<String, Object> claims, List<String> scopeClaims, User user) throws InvalidClaimException {
for (String claimDn : scopeClaims) {
GluuAttribute gluuAttribute = attributeService.getAttributeByDn(claimDn);
String claimName = gluuAttribute.getClaimName();
String ldapName = gluuAttribute.getName();
if (StringUtils.isBlank(claimName)) {
log.error("Failed to get claim because claim name is not set for attribute, id: {}", gluuAttribute.getDn());
continue;
}
if (StringUtils.isBlank(ldapName)) {
log.error("Failed to get claim because name is not set for attribute, id: {}", gluuAttribute.getDn());
continue;
}
setClaimField(ldapName, claimName, user, gluuAttribute, claims);
}
}
use of io.jans.model.GluuAttribute in project jans by JanssenProject.
the class AttributesResource method patchAtribute.
@PATCH
@Consumes(MediaType.APPLICATION_JSON_PATCH_JSON)
@ProtectedApi(scopes = { ApiAccessConstants.ATTRIBUTES_WRITE_ACCESS })
@Path(ApiConstants.INUM_PATH)
public Response patchAtribute(@PathParam(ApiConstants.INUM) @NotNull String inum, @NotNull String pathString) throws JsonPatchException, IOException {
log.debug(" GluuAttribute details to patch - inum = " + inum + " , pathString = " + pathString);
GluuAttribute existingAttribute = attributeService.getAttributeByInum(inum);
checkResourceNotNull(existingAttribute, GLUU_ATTRIBUTE);
existingAttribute = Jackson.applyPatch(pathString, existingAttribute);
attributeService.updateAttribute(existingAttribute);
return Response.ok(existingAttribute).build();
}
use of io.jans.model.GluuAttribute in project jans by JanssenProject.
the class ExtensionService method getResourceExtensions.
public List<Extension> getResourceExtensions(Class<? extends BaseScimResource> cls) {
List<Extension> list = new ArrayList<>();
try {
// Currently support one extension only for User Resource
if (cls.equals(UserResource.class)) {
Map<String, ExtensionField> fields = new HashMap<>();
for (GluuAttribute attribute : attributeService.getSCIMRelatedAttributes()) {
if (Optional.ofNullable(attribute.getScimCustomAttr()).orElse(false)) {
// first non-null check is needed because certain entries do not have the multivalue attribute set
ExtensionField field = new ExtensionField();
field.setDescription(attribute.getDescription());
field.setType(attribute.getDataType());
field.setMultiValued(Optional.ofNullable(attribute.getOxMultiValuedAttribute()).orElse(false));
field.setName(attribute.getName());
fields.put(attribute.getName(), field);
}
}
String uri = appConfiguration.getUserExtensionSchemaURI();
if (StringUtils.isEmpty(uri)) {
uri = USER_EXT_SCHEMA_ID;
}
Extension ext = new Extension(uri);
ext.setFields(fields);
if (uri.equals(USER_EXT_SCHEMA_ID)) {
ext.setName(USER_EXT_SCHEMA_NAME);
ext.setDescription(USER_EXT_SCHEMA_DESCRIPTION);
}
list.add(ext);
}
} catch (Exception e) {
log.error("An error ocurred when building extension for {}", cls.getName());
log.error(e.getMessage(), e);
}
return list;
}
use of io.jans.model.GluuAttribute in project jans by JanssenProject.
the class RegisterRestWebServiceImpl method getJSONObject.
private JSONObject getJSONObject(Client client) throws JSONException, StringEncrypter.EncryptionException {
JSONObject responseJsonObject = new JSONObject();
JsonApplier.getInstance().apply(client, responseJsonObject);
JsonApplier.getInstance().apply(client.getAttributes(), responseJsonObject);
Util.addToJSONObjectIfNotNull(responseJsonObject, RegisterResponseParam.CLIENT_ID.toString(), client.getClientId());
if (isTrue(appConfiguration.getReturnClientSecretOnRead())) {
Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_SECRET.toString(), clientService.decryptSecret(client.getClientSecret()));
}
Util.addToJSONObjectIfNotNull(responseJsonObject, RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString(), client.getRegistrationAccessToken());
Util.addToJSONObjectIfNotNull(responseJsonObject, REGISTRATION_CLIENT_URI.toString(), appConfiguration.getRegistrationEndpoint() + "?" + RegisterResponseParam.CLIENT_ID.toString() + "=" + client.getClientId());
responseJsonObject.put(CLIENT_ID_ISSUED_AT.toString(), client.getClientIdIssuedAt().getTime() / 1000);
responseJsonObject.put(CLIENT_SECRET_EXPIRES_AT.toString(), client.getClientSecretExpiresAt() != null && client.getClientSecretExpiresAt().getTime() > 0 ? client.getClientSecretExpiresAt().getTime() / 1000 : 0);
Util.addToJSONObjectIfNotNull(responseJsonObject, REDIRECT_URIS.toString(), client.getRedirectUris());
Util.addToJSONObjectIfNotNull(responseJsonObject, CLAIMS_REDIRECT_URIS.toString(), client.getClaimRedirectUris());
Util.addToJSONObjectIfNotNull(responseJsonObject, RESPONSE_TYPES.toString(), ResponseType.toStringArray(client.getResponseTypes()));
Util.addToJSONObjectIfNotNull(responseJsonObject, GRANT_TYPES.toString(), GrantType.toStringArray(client.getGrantTypes()));
Util.addToJSONObjectIfNotNull(responseJsonObject, APPLICATION_TYPE.toString(), client.getApplicationType());
Util.addToJSONObjectIfNotNull(responseJsonObject, CONTACTS.toString(), client.getContacts());
Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_NAME.toString(), client.getClientName());
Util.addToJSONObjectIfNotNull(responseJsonObject, LOGO_URI.toString(), client.getLogoUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_URI.toString(), client.getClientUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, POLICY_URI.toString(), client.getPolicyUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, TOS_URI.toString(), client.getTosUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, JWKS_URI.toString(), client.getJwksUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, SECTOR_IDENTIFIER_URI.toString(), client.getSectorIdentifierUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, SUBJECT_TYPE.toString(), client.getSubjectType());
Util.addToJSONObjectIfNotNull(responseJsonObject, AUTHORIZATION_SIGNED_RESPONSE_ALG.toString(), client.getAttributes().getAuthorizationSignedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, AUTHORIZATION_ENCRYPTED_RESPONSE_ALG.toString(), client.getAttributes().getAuthorizationEncryptedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, AUTHORIZATION_ENCRYPTED_RESPONSE_ENC.toString(), client.getAttributes().getAuthorizationEncryptedResponseEnc());
Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_SIGNED_RESPONSE_ALG.toString(), client.getIdTokenSignedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_ENCRYPTED_RESPONSE_ALG.toString(), client.getIdTokenEncryptedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_ENCRYPTED_RESPONSE_ENC.toString(), client.getIdTokenEncryptedResponseEnc());
Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_SIGNED_RESPONSE_ALG.toString(), client.getUserInfoSignedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_ENCRYPTED_RESPONSE_ALG.toString(), client.getUserInfoEncryptedResponseAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_ENCRYPTED_RESPONSE_ENC.toString(), client.getUserInfoEncryptedResponseEnc());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_SIGNING_ALG.toString(), client.getRequestObjectSigningAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_ENCRYPTION_ALG.toString(), client.getRequestObjectEncryptionAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_ENCRYPTION_ENC.toString(), client.getRequestObjectEncryptionEnc());
Util.addToJSONObjectIfNotNull(responseJsonObject, TOKEN_ENDPOINT_AUTH_METHOD.toString(), client.getTokenEndpointAuthMethod());
Util.addToJSONObjectIfNotNull(responseJsonObject, TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString(), client.getTokenEndpointAuthSigningAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, DEFAULT_MAX_AGE.toString(), client.getDefaultMaxAge());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUIRE_AUTH_TIME.toString(), client.getRequireAuthTime());
Util.addToJSONObjectIfNotNull(responseJsonObject, DEFAULT_ACR_VALUES.toString(), client.getDefaultAcrValues());
Util.addToJSONObjectIfNotNull(responseJsonObject, INITIATE_LOGIN_URI.toString(), client.getInitiateLoginUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, POST_LOGOUT_REDIRECT_URIS.toString(), client.getPostLogoutRedirectUris());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_URIS.toString(), client.getRequestUris());
Util.addToJSONObjectIfNotNull(responseJsonObject, AUTHORIZED_ORIGINS.toString(), client.getAuthorizedOrigins());
Util.addToJSONObjectIfNotNull(responseJsonObject, RPT_AS_JWT.toString(), client.isRptAsJwt());
Util.addToJSONObjectIfNotNull(responseJsonObject, TLS_CLIENT_AUTH_SUBJECT_DN.toString(), client.getAttributes().getTlsClientAuthSubjectDn());
Util.addToJSONObjectIfNotNull(responseJsonObject, ALLOW_SPONTANEOUS_SCOPES.toString(), client.getAttributes().getAllowSpontaneousScopes());
Util.addToJSONObjectIfNotNull(responseJsonObject, SPONTANEOUS_SCOPES.toString(), client.getAttributes().getSpontaneousScopes());
Util.addToJSONObjectIfNotNull(responseJsonObject, RUN_INTROSPECTION_SCRIPT_BEFORE_ACCESS_TOKEN_CREATION_AS_JWT_AND_INCLUDE_CLAIMS.toString(), client.getAttributes().getRunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims());
Util.addToJSONObjectIfNotNull(responseJsonObject, KEEP_CLIENT_AUTHORIZATION_AFTER_EXPIRATION.toString(), client.getAttributes().getKeepClientAuthorizationAfterExpiration());
Util.addToJSONObjectIfNotNull(responseJsonObject, ACCESS_TOKEN_AS_JWT.toString(), client.isAccessTokenAsJwt());
Util.addToJSONObjectIfNotNull(responseJsonObject, ACCESS_TOKEN_SIGNING_ALG.toString(), client.getAccessTokenSigningAlg());
Util.addToJSONObjectIfNotNull(responseJsonObject, ACCESS_TOKEN_LIFETIME.toString(), client.getAccessTokenLifetime());
Util.addToJSONObjectIfNotNull(responseJsonObject, PAR_LIFETIME.toString(), client.getAttributes().getParLifetime());
Util.addToJSONObjectIfNotNull(responseJsonObject, REQUIRE_PAR.toString(), client.getAttributes().getRequirePar());
Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_ID.toString(), client.getSoftwareId());
Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_VERSION.toString(), client.getSoftwareVersion());
Util.addToJSONObjectIfNotNull(responseJsonObject, SOFTWARE_STATEMENT.toString(), client.getSoftwareStatement());
Util.addToJSONObjectIfNotNull(responseJsonObject, PUBLIC_SUBJECT_IDENTIFIER_ATTRIBUTE.getName(), client.getAttributes().getPublicSubjectIdentifierAttribute());
if (!Util.isNullOrEmpty(client.getJwks())) {
Util.addToJSONObjectIfNotNull(responseJsonObject, JWKS.toString(), new JSONObject(client.getJwks()));
}
// Logout params
Util.addToJSONObjectIfNotNull(responseJsonObject, FRONT_CHANNEL_LOGOUT_URI.toString(), client.getFrontChannelLogoutUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString(), client.getFrontChannelLogoutSessionRequired());
Util.addToJSONObjectIfNotNull(responseJsonObject, BACKCHANNEL_LOGOUT_URI.toString(), client.getAttributes().getBackchannelLogoutUri());
Util.addToJSONObjectIfNotNull(responseJsonObject, BACKCHANNEL_LOGOUT_SESSION_REQUIRED.toString(), client.getAttributes().getBackchannelLogoutSessionRequired());
// Custom Params
String[] scopeNames = null;
String[] scopeDns = client.getScopes();
if (scopeDns != null) {
scopeNames = new String[scopeDns.length];
for (int i = 0; i < scopeDns.length; i++) {
Scope scope = scopeService.getScopeByDn(scopeDns[i]);
scopeNames[i] = scope.getId();
}
}
Util.addToJSONObjectIfNotNull(responseJsonObject, SCOPE.toString(), implode(scopeNames, " "));
String[] claimNames = null;
String[] claimDns = client.getClaims();
if (claimDns != null) {
claimNames = new String[claimDns.length];
for (int i = 0; i < claimDns.length; i++) {
GluuAttribute gluuAttribute = attributeService.getAttributeByDn(claimDns[i]);
claimNames[i] = gluuAttribute.getClaimName();
}
}
putCustomAttributesInResponse(client, responseJsonObject);
if (claimNames != null && claimNames.length > 0) {
Util.addToJSONObjectIfNotNull(responseJsonObject, CLAIMS.toString(), implode(claimNames, " "));
}
cibaRegisterClientResponseService.updateResponse(responseJsonObject, client);
return responseJsonObject;
}
use of io.jans.model.GluuAttribute in project jans by JanssenProject.
the class JansConfigurationWS method createScopeToClaimsMapping.
private Map<String, Set<String>> createScopeToClaimsMapping() {
Map<String, Set<String>> result = new HashMap<>();
try {
for (Scope scope : scopeService.getAllScopesList()) {
final Set<String> claimsList = new HashSet<>();
result.put(scope.getId(), claimsList);
final List<String> claimIdList = scope.getClaims();
if (claimIdList != null && !claimIdList.isEmpty()) {
for (String claimDn : claimIdList) {
final GluuAttribute attribute = attributeService.getAttributeByDn(claimDn);
final String claimName = attribute.getClaimName();
if (StringUtils.isNotBlank(claimName)) {
claimsList.add(claimName);
}
}
}
}
} catch (Exception e) {
log.error(e.getMessage(), e);
}
return result;
}
Aggregations