use of io.jans.scim.model.scim2.Validations in project jans by JanssenProject.
the class ResourceValidator method validateExtendedAttributes.
/**
* Inspects the resource passed in the constructor and for every extended attribute (see {@link BaseScimResource#getCustomAttributes()},
* the attribute's value is checked to see if it complies with the data type it is supposed to belong to. This
* information is obtained from the list of <code>Extension</code>s passed in the constructor (every {@link ExtensionField}
* has an associated {@link ExtensionField#getType() type}.
* <p>When an attribute is {@link ExtensionField#isMultiValued() multi-valued}, every single item inside the collection
* is validated.</p>
* @throws SCIMException When any of the validations do not pass or an attribute seems not to be part of a known schema.
*/
public void validateExtendedAttributes() throws SCIMException {
// Note: throughout this method, we always ignore presence of nulls
// Gets all extended attributes (see the @JsonAnySetter annotation in BaseScimResource)
Map<String, Object> extendedAttributes = resource.getCustomAttributes();
// Iterate over every extension of the resource object (in practice it will be just one at most)
for (String schema : extendedAttributes.keySet()) {
// Validate if the schema referenced in the extended attributes is contained in the valid set of extension
Extension extension = null;
for (Extension ext : extensions) if (ext.getUrn().equals(schema)) {
extension = ext;
break;
}
if (extension != null) {
log.debug("validateExtendedAttributes. Revising attributes under schema {}", schema);
try {
// Obtains a generic map consisting of all name/value(s) pairs associated to this schema
Map<String, Object> attrsMap = IntrospectUtil.strObjMap(extendedAttributes.get(schema));
for (String attr : attrsMap.keySet()) {
Object value = attrsMap.get(attr);
if (value != null) {
/*
Gets the class associated to the value of current attribute. For extended attributes, we
should only see coming: String, Integer, Double, boolean, and Collection.
Different things will be rejected
*/
Class cls = value.getClass();
boolean isCollection = IntrospectUtil.isCollection(cls);
// If the attribute coming is unknown, NPE will be thrown and we are covered
log.debug("validateExtendedAttributes. Got value(s) for attribute '{}'", attr);
// Check if the multivalued custom attribute is consistent with the nature of the value itself
if (isCollection == extension.getFields().get(attr).isMultiValued()) {
if (isCollection) {
for (Object elem : (Collection) value) if (elem != null)
validateDataTypeExtendedAttr(extension, attr, elem);
} else
validateDataTypeExtendedAttr(extension, attr, value);
} else
throw new SCIMException(ERROR_PARSING_EXTENDED);
}
}
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new SCIMException(ERROR_PARSING_EXTENDED);
}
} else
throw new SCIMException(String.format(UNKNOWN_EXTENSION, schema));
}
}
use of io.jans.scim.model.scim2.Validations in project jans by JanssenProject.
the class UserWebService method patchUser.
@Path("{id}")
@PATCH
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi(scopes = { "https://jans.io/scim/users.write" })
@RefAdjusted
public Response patchUser(PatchRequest request, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
Response response;
try {
log.debug("Executing web service method. patchUser");
response = inspectPatchRequest(request, UserResource.class);
if (response != null)
return response;
ScimCustomPerson person = userPersistenceHelper.getPersonByInum(id);
if (person == null)
return notFoundResponse(id, userResourceType);
response = externalConstraintsService.applyEntityCheck(person, request, httpHeaders, uriInfo, HttpMethod.PATCH, userResourceType);
if (response != null)
return response;
UserResource user = new UserResource();
// Fill user instance with all info from person
scim2UserService.transferAttributesToUserResource(person, user, endpointUrl);
// Apply patches one by one in sequence
for (PatchOperation po : request.getOperations()) {
// Handle special case: https://github.com/GluuFederation/oxTrust/issues/800
if (po.getType().equals(REMOVE) && po.getPath().equals("pairwiseIdentifiers")) {
// If this block weren't here, the implementation will throw error because read-only attribute cannot be altered
person.setPpid(null);
user.setPairwiseIdentifiers(null);
scim2UserService.removePPIDsBranch(person.getDn());
} else {
user = (UserResource) scim2PatchService.applyPatchOperation(user, po);
}
}
// Throws exception if final representation does not pass overall validation
log.debug("patchUser. Revising final resource representation still passes validations");
executeValidation(user);
ScimResourceUtil.adjustPrimarySubAttributes(user);
// Update timestamp
user.getMeta().setLastModified(DateUtil.millisToISOString(System.currentTimeMillis()));
// Replaces the information found in person with the contents of user
scim2UserService.replacePersonInfo(person, user, endpointUrl);
String json = resourceSerializer.serialize(user, attrsList, excludedAttrsList);
response = Response.ok(new URI(user.getMeta().getLocation())).entity(json).build();
} catch (InvalidAttributeValueException e) {
log.error(e.getMessage(), e);
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
} catch (SCIMException e) {
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_SYNTAX, e.getMessage());
} catch (Exception e) {
log.error("Failure at patchUser method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
Aggregations