Search in sources :

Example 1 with ScimCustomPerson

use of io.jans.scim.model.scim.ScimCustomPerson in project jans by JanssenProject.

the class Scim2UserService method transferAttributesToUserResource.

public void transferAttributesToUserResource(ScimCustomPerson person, UserResource res, String url) {
    log.debug("transferAttributesToUserResource");
    res.setId(person.getInum());
    res.setExternalId(person.getAttribute("jansExtId"));
    Meta meta = new Meta();
    meta.setResourceType(ScimResourceUtil.getType(res.getClass()));
    meta.setCreated(person.getAttribute("jansMetaCreated"));
    if (meta.getCreated() == null) {
        Date date = person.getCreationDate();
        meta.setCreated(date == null ? null : DateUtil.millisToISOString(date.getTime()));
    }
    meta.setLastModified(person.getAttribute("jansMetaLastMod"));
    if (meta.getLastModified() == null) {
        Date date = person.getUpdatedAt();
        meta.setLastModified(date == null ? null : DateUtil.millisToISOString(date.getTime()));
    }
    meta.setLocation(person.getAttribute("jansMetaLocation"));
    if (meta.getLocation() == null) {
        meta.setLocation(url + "/" + person.getInum());
    }
    res.setMeta(meta);
    // Set values in order of appearance in UserResource class
    res.setUserName(person.getUid());
    Name name = new Name();
    name.setGivenName(person.getGivenName());
    name.setFamilyName(person.getSurname());
    name.setMiddleName(person.getAttribute("middleName"));
    name.setHonorificPrefix(person.getAttribute("jansHonorificPrefix"));
    name.setHonorificSuffix(person.getAttribute("jansHonorificSuffix"));
    String formatted = person.getAttribute("jansNameFormatted");
    if (formatted == null) {
        // recomputes the formatted name if absent in LDAP
        name.computeFormattedName();
    } else {
        name.setFormatted(formatted);
    }
    res.setName(name);
    res.setDisplayName(person.getDisplayName());
    res.setNickName(person.getAttribute("nickname"));
    res.setProfileUrl(person.getAttribute("jansProfileURL"));
    res.setTitle(person.getAttribute("jansTitle"));
    res.setUserType(person.getAttribute("jansUsrTyp"));
    res.setPreferredLanguage(person.getPreferredLanguage());
    res.setLocale(person.getAttribute("locale"));
    res.setTimezone(person.getTimezone());
    res.setActive(Boolean.valueOf(person.getAttribute("jansActive")) || GluuBoolean.getByValue(person.getAttribute("jansStatus")).isBooleanValue());
    res.setPassword(person.getUserPassword());
    res.setEmails(getAttributeListValue(person, Email.class, "jansEmail"));
    if (res.getEmails() == null) {
        // There can be cases where jansEmail is not synced with mail attribute....
        List<Email> emails = person.getAttributeList("mail").stream().map(m -> {
            Email email = new Email();
            email.setValue(m);
            email.setPrimary(false);
            return email;
        }).collect(Collectors.toList());
        res.setEmails(emails.size() == 0 ? null : emails);
    }
    res.setPhoneNumbers(getAttributeListValue(person, PhoneNumber.class, "jansPhoneValue"));
    res.setIms(getAttributeListValue(person, InstantMessagingAddress.class, "jansImsValue"));
    res.setPhotos(getAttributeListValue(person, Photo.class, "jansPhotos"));
    res.setAddresses(getAttributeListValue(person, Address.class, "jansAddres"));
    List<String> listOfGroups = person.getMemberOf();
    if (listOfGroups != null && listOfGroups.size() > 0) {
        List<Group> groupList = new ArrayList<>();
        for (String groupDN : listOfGroups) {
            try {
                GluuGroup gluuGroup = groupService.getGroupByDn(groupDN);
                Group group = new Group();
                group.setValue(gluuGroup.getInum());
                String reference = groupEndpointUrl + "/" + gluuGroup.getInum();
                group.setRef(reference);
                group.setDisplay(gluuGroup.getDisplayName());
                // Only support direct membership: see section 4.1.2 of RFC 7644
                group.setType(Group.Type.DIRECT);
                groupList.add(group);
            } catch (Exception e) {
                log.warn("transferAttributesToUserResource. Group with dn {} could not be added to User Resource. {}", groupDN, person.getUid());
                log.error(e.getMessage(), e);
            }
        }
        if (groupList.size() > 0) {
            res.setGroups(groupList);
        }
    }
    res.setEntitlements(getAttributeListValue(person, Entitlement.class, "jansEntitlements"));
    res.setRoles(getAttributeListValue(person, Role.class, "jansRole"));
    res.setX509Certificates(getAttributeListValue(person, X509Certificate.class, "jansx509Certificate"));
    res.setPairwiseIdentifiers(person.getPpid());
    transferExtendedAttributesToResource(person, res);
}
Also used : ExtensionField(io.jans.scim.model.scim2.extensions.ExtensionField) StringUtils(org.apache.commons.lang.StringUtils) Date(java.util.Date) Path(javax.ws.rs.Path) Meta(io.jans.scim.model.scim2.Meta) PhoneNumber(io.jans.scim.model.scim2.user.PhoneNumber) GluuStatus(io.jans.model.GluuStatus) BaseScimResource(io.jans.scim.model.scim2.BaseScimResource) Map(java.util.Map) GluuGroup(io.jans.scim.model.GluuGroup) SortOrder(io.jans.orm.model.SortOrder) ScimCustomPerson(io.jans.scim.model.scim.ScimCustomPerson) UserResource(io.jans.scim.model.scim2.user.UserResource) Collection(java.util.Collection) IntrospectUtil(io.jans.scim.model.scim2.util.IntrospectUtil) AppConfiguration(io.jans.scim.model.conf.AppConfiguration) Address(io.jans.scim.model.scim2.user.Address) ScimFilterParserService(io.jans.scim.service.antlr.scimFilter.ScimFilterParserService) Collectors(java.util.stream.Collectors) PersistenceEntryManager(io.jans.orm.PersistenceEntryManager) X509Certificate(io.jans.scim.model.scim2.user.X509Certificate) Serializable(java.io.Serializable) List(java.util.List) Group(io.jans.scim.model.scim2.user.Group) PostConstruct(javax.annotation.PostConstruct) Optional(java.util.Optional) WebApplicationException(javax.ws.rs.WebApplicationException) ApplicationScoped(javax.enterprise.context.ApplicationScoped) GluuBoolean(io.jans.scim.model.GluuBoolean) GroupService(io.jans.scim.service.GroupService) Photo(io.jans.scim.model.scim2.user.Photo) Filter(io.jans.orm.search.filter.Filter) Extension(io.jans.scim.model.scim2.extensions.Extension) Email(io.jans.scim.model.scim2.user.Email) HashMap(java.util.HashMap) DateUtil(io.jans.scim.model.scim2.util.DateUtil) PairwiseIdentifier(io.jans.as.persistence.model.PairwiseIdentifier) ArrayList(java.util.ArrayList) ScimResourceUtil(io.jans.scim.model.scim2.util.ScimResourceUtil) Inject(javax.inject.Inject) InstantMessagingAddress(io.jans.scim.model.scim2.user.InstantMessagingAddress) PersonService(io.jans.scim.service.PersonService) Role(io.jans.scim.model.scim2.user.Role) Entitlement(io.jans.scim.model.scim2.user.Entitlement) GroupWebService(io.jans.scim.ws.rs.scim2.GroupWebService) ServiceUtil(io.jans.scim.util.ServiceUtil) Status(javax.ws.rs.core.Response.Status) Logger(org.slf4j.Logger) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Name(io.jans.scim.model.scim2.user.Name) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) ExternalScimService(io.jans.scim.service.external.ExternalScimService) PagedResult(io.jans.orm.model.PagedResult) Meta(io.jans.scim.model.scim2.Meta) GluuGroup(io.jans.scim.model.GluuGroup) Group(io.jans.scim.model.scim2.user.Group) Email(io.jans.scim.model.scim2.user.Email) Address(io.jans.scim.model.scim2.user.Address) InstantMessagingAddress(io.jans.scim.model.scim2.user.InstantMessagingAddress) ArrayList(java.util.ArrayList) Photo(io.jans.scim.model.scim2.user.Photo) GluuGroup(io.jans.scim.model.GluuGroup) Date(java.util.Date) WebApplicationException(javax.ws.rs.WebApplicationException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) X509Certificate(io.jans.scim.model.scim2.user.X509Certificate) Name(io.jans.scim.model.scim2.user.Name) Role(io.jans.scim.model.scim2.user.Role) PhoneNumber(io.jans.scim.model.scim2.user.PhoneNumber) Entitlement(io.jans.scim.model.scim2.user.Entitlement) InstantMessagingAddress(io.jans.scim.model.scim2.user.InstantMessagingAddress)

Example 2 with ScimCustomPerson

use of io.jans.scim.model.scim.ScimCustomPerson in project jans by JanssenProject.

the class Scim2UserService method preCreateUser.

public ScimCustomPerson preCreateUser(UserResource user) {
    log.info("Preparing to create user {}", user.getUserName());
    // There is no need to check attributes mutability in this case as there are no
    // original attributes (the resource does not exist yet)
    ScimCustomPerson gluuPerson = new ScimCustomPerson();
    transferAttributesToPerson(user, gluuPerson);
    assignComputedAttributesToPerson(gluuPerson);
    return gluuPerson;
}
Also used : ScimCustomPerson(io.jans.scim.model.scim.ScimCustomPerson)

Example 3 with ScimCustomPerson

use of io.jans.scim.model.scim.ScimCustomPerson in project jans by JanssenProject.

the class UserPersistenceHelper method removeUserFromGroups.

/**
 * "Detaches" a person from all groups he is currently member of
 * @param person The person in question
 * @throws Exception
 */
public void removeUserFromGroups(ScimCustomPerson person) {
    String dn = person.getDn();
    List<String> groups = person.getMemberOf();
    for (String oneGroup : groups) {
        try {
            GluuGroup aGroup = groupService.getGroupByDn(oneGroup);
            List<String> groupMembers = aGroup.getMembers();
            int idx = Optional.ofNullable(groupMembers).map(l -> l.indexOf(dn)).orElse(-1);
            if (idx >= 0) {
                List<String> newMembers = new ArrayList<>();
                newMembers.addAll(groupMembers.subList(0, idx));
                newMembers.addAll(groupMembers.subList(idx + 1, groupMembers.size()));
                aGroup.setMembers(newMembers.isEmpty() ? null : newMembers);
                groupService.updateGroup(aGroup);
            }
        } catch (Exception e) {
            log.error(e.getMessage());
        }
    }
}
Also used : LdapEntryManagerFactory(io.jans.orm.ldap.impl.LdapEntryManagerFactory) AttributeService(io.jans.scim.service.AttributeService) GroupService(io.jans.scim.service.GroupService) ScimCustomPerson(io.jans.scim.model.scim.ScimCustomPerson) Logger(org.slf4j.Logger) Date(java.util.Date) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Set(java.util.Set) Email(io.jans.scim.model.scim2.user.Email) DateUtil(io.jans.scim.model.scim2.util.DateUtil) Collectors(java.util.stream.Collectors) PersistenceEntryManager(io.jans.orm.PersistenceEntryManager) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) Inject(javax.inject.Inject) List(java.util.List) PersonService(io.jans.scim.service.PersonService) Stream(java.util.stream.Stream) Optional(java.util.Optional) GluuGroup(io.jans.scim.model.GluuGroup) ApplicationScoped(javax.enterprise.context.ApplicationScoped) ServiceUtil(io.jans.scim.util.ServiceUtil) ArrayList(java.util.ArrayList) GluuGroup(io.jans.scim.model.GluuGroup)

Example 4 with ScimCustomPerson

use of io.jans.scim.model.scim.ScimCustomPerson in project jans by JanssenProject.

the class Scim2UserService method searchUsers.

public PagedResult<BaseScimResource> searchUsers(String filter, String sortBy, SortOrder sortOrder, int startIndex, int count, String url, int maxCount) throws Exception {
    Filter ldapFilter = scimFilterParserService.createFilter(filter, Filter.createPresenceFilter("inum"), UserResource.class);
    log.info("Executing search for users using: ldapfilter '{}', sortBy '{}', sortOrder '{}', startIndex '{}', count '{}'", ldapFilter.toString(), sortBy, sortOrder.getValue(), startIndex, count);
    PagedResult<ScimCustomPerson> list = ldapEntryManager.findPagedEntries(personService.getDnForPerson(null), ScimCustomPerson.class, ldapFilter, null, sortBy, sortOrder, startIndex - 1, count, maxCount);
    List<BaseScimResource> resources = new ArrayList<>();
    if (externalScimService.isEnabled() && !externalScimService.executeScimPostSearchUsersMethods(list)) {
        throw new WebApplicationException("Failed to execute SCIM script successfully", Status.PRECONDITION_FAILED);
    }
    for (ScimCustomPerson person : list.getEntries()) {
        UserResource scimUsr = new UserResource();
        transferAttributesToUserResource(person, scimUsr, url);
        resources.add(scimUsr);
    }
    log.info("Found {} matching entries - returning {}", list.getTotalEntriesCount(), list.getEntries().size());
    PagedResult<BaseScimResource> result = new PagedResult<>();
    result.setEntries(resources);
    result.setTotalEntriesCount(list.getTotalEntriesCount());
    return result;
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) Filter(io.jans.orm.search.filter.Filter) ScimCustomPerson(io.jans.scim.model.scim.ScimCustomPerson) BaseScimResource(io.jans.scim.model.scim2.BaseScimResource) ArrayList(java.util.ArrayList) UserResource(io.jans.scim.model.scim2.user.UserResource) PagedResult(io.jans.orm.model.PagedResult)

Example 5 with ScimCustomPerson

use of io.jans.scim.model.scim.ScimCustomPerson in project jans by JanssenProject.

the class UserWebService method deleteUser.

@Path("{id}")
@DELETE
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi(scopes = { "https://jans.io/scim/users.write" })
public Response deleteUser(@PathParam("id") String id) {
    Response response;
    try {
        log.debug("Executing web service method. deleteUser");
        ScimCustomPerson person = userPersistenceHelper.getPersonByInum(id);
        if (person == null)
            return notFoundResponse(id, userResourceType);
        response = externalConstraintsService.applyEntityCheck(person, null, httpHeaders, uriInfo, HttpMethod.DELETE, userResourceType);
        if (response != null)
            return response;
        scim2UserService.deleteUser(person);
        response = Response.noContent().build();
    } catch (Exception e) {
        log.error("Failure at deleteUser method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : Response(javax.ws.rs.core.Response) ScimCustomPerson(io.jans.scim.model.scim.ScimCustomPerson) URISyntaxException(java.net.URISyntaxException) SCIMException(io.jans.scim.model.exception.SCIMException) DuplicateEntryException(io.jans.orm.exception.operation.DuplicateEntryException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) Path(javax.ws.rs.Path) DefaultValue(javax.ws.rs.DefaultValue) DELETE(javax.ws.rs.DELETE) HeaderParam(javax.ws.rs.HeaderParam) Produces(javax.ws.rs.Produces) ProtectedApi(io.jans.scim.service.filter.ProtectedApi)

Aggregations

ScimCustomPerson (io.jans.scim.model.scim.ScimCustomPerson)11 ProtectedApi (io.jans.scim.service.filter.ProtectedApi)6 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)6 Produces (javax.ws.rs.Produces)6 Response (javax.ws.rs.core.Response)6 DuplicateEntryException (io.jans.orm.exception.operation.DuplicateEntryException)5 SCIMException (io.jans.scim.model.exception.SCIMException)5 UserResource (io.jans.scim.model.scim2.user.UserResource)5 URISyntaxException (java.net.URISyntaxException)5 DefaultValue (javax.ws.rs.DefaultValue)5 HeaderParam (javax.ws.rs.HeaderParam)5 Path (javax.ws.rs.Path)5 RefAdjusted (io.jans.scim.service.scim2.interceptor.RefAdjusted)4 URI (java.net.URI)4 Filter (io.jans.orm.search.filter.Filter)3 ArrayList (java.util.ArrayList)3 Consumes (javax.ws.rs.Consumes)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 PersistenceEntryManager (io.jans.orm.PersistenceEntryManager)2 PagedResult (io.jans.orm.model.PagedResult)2