Search in sources :

Example 31 with BaseScimResource

use of io.jans.scim.model.scim2.BaseScimResource in project jans by JanssenProject.

the class ResourceValidator method validateSchemasAttribute.

/**
 * Inspects the {@link BaseScimResource#getSchemas() schemas} attribute of the resource passed in the constructor and
 * checks the default schema <code>urn</code> associated to the resource type is present in the list. If some of the
 * <code>urn</code>s part of the <code>Extension</code>s passed in the constructor are contained in the list, the validation is also
 * successful.
 * <p>This method should be called after a successful call to {@link #validateRequiredAttributes()}.</p>
 * @throws SCIMException If there is no {@link BaseScimResource#getSchemas() schemas} in this resource or if some of
 * the <code>urn</code>s there are not known.
 */
public void validateSchemasAttribute() throws SCIMException {
    Set<String> schemaList = new HashSet<>(resource.getSchemas());
    if (schemaList.isEmpty())
        throw new SCIMException(WRONG_SCHEMAS_ATTR);
    Set<String> allSchemas = new HashSet<>();
    allSchemas.add(ScimResourceUtil.getDefaultSchemaUrn(resourceClass));
    for (Extension ext : extensions) allSchemas.add(ext.getUrn());
    schemaList.removeAll(allSchemas);
    if (// means that some wrong extension urn is there
    schemaList.size() > 0)
        throw new SCIMException(WRONG_SCHEMAS_ATTR);
}
Also used : Extension(io.jans.scim.model.scim2.extensions.Extension) SCIMException(io.jans.scim.model.exception.SCIMException)

Example 32 with BaseScimResource

use of io.jans.scim.model.scim2.BaseScimResource in project jans by JanssenProject.

the class ResourceValidator method validateExtendedAttributes.

/**
 * Inspects the resource passed in the constructor and for every extended attribute (see {@link BaseScimResource#getCustomAttributes()},
 * the attribute's value is checked to see if it complies with the data type it is supposed to belong to. This
 * information is obtained from the list of <code>Extension</code>s passed in the constructor (every {@link ExtensionField}
 * has an associated {@link ExtensionField#getType() type}.
 * <p>When an attribute is {@link ExtensionField#isMultiValued() multi-valued}, every single item inside the collection
 * is validated.</p>
 * @throws SCIMException When any of the validations do not pass or an attribute seems not to be part of a known schema.
 */
public void validateExtendedAttributes() throws SCIMException {
    // Note: throughout this method, we always ignore presence of nulls
    // Gets all extended attributes (see the @JsonAnySetter annotation in BaseScimResource)
    Map<String, Object> extendedAttributes = resource.getCustomAttributes();
    // Iterate over every extension of the resource object (in practice it will be just one at most)
    for (String schema : extendedAttributes.keySet()) {
        // Validate if the schema referenced in the extended attributes is contained in the valid set of extension
        Extension extension = null;
        for (Extension ext : extensions) if (ext.getUrn().equals(schema)) {
            extension = ext;
            break;
        }
        if (extension != null) {
            log.debug("validateExtendedAttributes. Revising attributes under schema {}", schema);
            try {
                // Obtains a generic map consisting of all name/value(s) pairs associated to this schema
                Map<String, Object> attrsMap = IntrospectUtil.strObjMap(extendedAttributes.get(schema));
                for (String attr : attrsMap.keySet()) {
                    Object value = attrsMap.get(attr);
                    if (value != null) {
                        /*
                             Gets the class associated to the value of current attribute. For extended attributes, we
                             should only see coming: String, Integer, Double, boolean, and Collection.
                             Different things will be rejected
                             */
                        Class cls = value.getClass();
                        boolean isCollection = IntrospectUtil.isCollection(cls);
                        // If the attribute coming is unknown, NPE will be thrown and we are covered
                        log.debug("validateExtendedAttributes. Got value(s) for attribute '{}'", attr);
                        // Check if the multivalued custom attribute is consistent with the nature of the value itself
                        if (isCollection == extension.getFields().get(attr).isMultiValued()) {
                            if (isCollection) {
                                for (Object elem : (Collection) value) if (elem != null)
                                    validateDataTypeExtendedAttr(extension, attr, elem);
                            } else
                                validateDataTypeExtendedAttr(extension, attr, value);
                        } else
                            throw new SCIMException(ERROR_PARSING_EXTENDED);
                    }
                }
            } catch (Exception e) {
                log.error(e.getMessage(), e);
                throw new SCIMException(ERROR_PARSING_EXTENDED);
            }
        } else
            throw new SCIMException(String.format(UNKNOWN_EXTENSION, schema));
    }
}
Also used : Extension(io.jans.scim.model.scim2.extensions.Extension) SCIMException(io.jans.scim.model.exception.SCIMException) SCIMException(io.jans.scim.model.exception.SCIMException)

Example 33 with BaseScimResource

use of io.jans.scim.model.scim2.BaseScimResource in project jans by JanssenProject.

the class ScimResourceSerializer method buildIncludeSet.

private void buildIncludeSet(SortedSet<String> include, Class<? extends BaseScimResource> resourceClass, List<String> schemas, String attributes, String exclussions) {
    Set<String> tempSet;
    Set<String> alwaysSet = IntrospectUtil.alwaysCoreAttrs.get(resourceClass).keySet();
    Set<String> neverSet = IntrospectUtil.neverCoreAttrs.get(resourceClass).keySet();
    Set<String> defaultSet = new HashSet<>();
    // Here we assume all attributes part of extensions have returnability="default"...
    SortedSet<String> extendedSet = new TreeSet<>();
    for (Extension ext : extService.getResourceExtensions(resourceClass)) {
        extendedSet.add(ext.getUrn());
        extendedSet.addAll(IntrospectUtil.getPathsInExtension(ext));
    }
    defaultSet.addAll(IntrospectUtil.defaultCoreAttrs.get(resourceClass).keySet());
    defaultSet.addAll(extendedSet);
    String defaultSchema = ScimResourceUtil.getDefaultSchemaUrn(resourceClass);
    if (attributes != null) {
        log.info("buildIncludeSet. Processing attributes query param (excludedAttributes ignored)");
        extendedSet.addAll(IntrospectUtil.allAttrs.get(resourceClass));
        tempSet = expandAttributesPaths(attributes, defaultSchema, schemas, extendedSet);
        tempSet.removeAll(neverSet);
        include.addAll(tempSet);
    } else if (exclussions != null) {
        log.info("buildIncludeSet. Processing excludedAttributes query param");
        extendedSet.addAll(IntrospectUtil.allAttrs.get(resourceClass));
        tempSet = defaultSet;
        tempSet.removeAll(expandAttributesPaths(exclussions, defaultSchema, schemas, extendedSet));
        include.addAll(tempSet);
    } else {
        log.info("buildIncludeSet. No attributes neither excludedAttributes query param were passed");
        include.addAll(defaultSet);
    }
    include.addAll(alwaysSet);
}
Also used : Extension(io.jans.scim.model.scim2.extensions.Extension) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet)

Example 34 with BaseScimResource

use of io.jans.scim.model.scim2.BaseScimResource in project jans by JanssenProject.

the class FidoDeviceWebService method doSearchDevices.

private Response doSearchDevices(String userId, String filter, Integer startIndex, Integer count, String sortBy, String sortOrder, String attrsList, String excludedAttrsList, String method) {
    Response response;
    try {
        SearchRequest searchReq = new SearchRequest();
        response = prepareSearchRequest(searchReq.getSchemas(), filter, sortBy, sortOrder, startIndex, count, attrsList, excludedAttrsList, searchReq);
        if (response != null)
            return response;
        response = externalConstraintsService.applySearchCheck(searchReq, httpHeaders, uriInfo, method, fidoResourceType);
        if (response != null)
            return response;
        response = validateExistenceOfUser(userId);
        if (response != null)
            return response;
        PagedResult<BaseScimResource> resources = searchDevices(userId, searchReq.getFilter(), translateSortByAttribute(FidoDeviceResource.class, searchReq.getSortBy()), SortOrder.getByValue(searchReq.getSortOrder()), searchReq.getStartIndex(), searchReq.getCount());
        String json = getListResponseSerialized(resources.getTotalEntriesCount(), searchReq.getStartIndex(), resources.getEntries(), searchReq.getAttributesStr(), searchReq.getExcludedAttributesStr(), searchReq.getCount() == 0);
        response = Response.ok(json).location(new URI(endpointUrl)).build();
    } catch (SCIMException e) {
        log.error(e.getMessage(), e);
        response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_FILTER, e.getMessage());
    } catch (Exception e) {
        log.error("Failure at searchDevices method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : Response(javax.ws.rs.core.Response) SearchRequest(io.jans.scim.model.scim2.SearchRequest) SCIMException(io.jans.scim.model.exception.SCIMException) FidoDeviceResource(io.jans.scim.model.scim2.fido.FidoDeviceResource) BaseScimResource(io.jans.scim.model.scim2.BaseScimResource) URI(java.net.URI) URISyntaxException(java.net.URISyntaxException) SCIMException(io.jans.scim.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException)

Example 35 with BaseScimResource

use of io.jans.scim.model.scim2.BaseScimResource in project jans by JanssenProject.

the class SchemaWebService method setup.

@PostConstruct
public void setup() {
    // Do not use getClass() here... a typical weld issue...
    endpointUrl = appConfiguration.getBaseEndpoint() + SchemaWebService.class.getAnnotation(Path.class).value();
    List<Class<? extends BaseScimResource>> excludedResources = Arrays.asList(SchemaResource.class, ResourceType.class, ServiceProviderConfig.class);
    resourceSchemas = new HashMap<>();
    // Fill map with urn vs. resource
    for (Class<? extends BaseScimResource> cls : IntrospectUtil.allAttrs.keySet()) {
        if (!excludedResources.contains(cls)) {
            resourceSchemas.put(ScimResourceUtil.getDefaultSchemaUrn(cls), cls);
            for (Extension extension : extService.getResourceExtensions(cls)) resourceSchemas.put(extension.getUrn(), cls);
        }
    }
}
Also used : Path(javax.ws.rs.Path) Extension(io.jans.scim.model.scim2.extensions.Extension) BaseScimResource(io.jans.scim.model.scim2.BaseScimResource) PostConstruct(javax.annotation.PostConstruct)

Aggregations

BaseScimResource (io.jans.scim.model.scim2.BaseScimResource)12 Extension (io.jans.scim.model.scim2.extensions.Extension)12 ArrayList (java.util.ArrayList)12 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)12 Response (javax.ws.rs.core.Response)11 SCIMException (io.jans.scim.model.exception.SCIMException)10 BaseScimResource (org.gluu.oxtrust.model.scim2.BaseScimResource)9 URI (java.net.URI)8 ExtensionField (io.jans.scim.model.scim2.extensions.ExtensionField)7 ListResponse (io.jans.scim.model.scim2.ListResponse)6 URISyntaxException (java.net.URISyntaxException)6 ListViewResponse (org.gluu.persist.model.ListViewResponse)6 SearchRequest (io.jans.scim.model.scim2.SearchRequest)5 UserResource (io.jans.scim.model.scim2.user.UserResource)5 PagedResult (io.jans.orm.model.PagedResult)4 Filter (io.jans.orm.search.filter.Filter)4 Attribute (io.jans.scim.model.scim2.annotations.Attribute)4 DefaultValue (javax.ws.rs.DefaultValue)4 GET (javax.ws.rs.GET)4 HeaderParam (javax.ws.rs.HeaderParam)4