use of io.jans.scim.model.scim2.annotations.Attribute in project jans by JanssenProject.
the class FidoDeviceWebService method updateDevice.
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi(scopes = { "https://jans.io/scim/fido.write" })
@RefAdjusted
public Response updateDevice(FidoDeviceResource fidoDeviceResource, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
Response response;
try {
log.debug("Executing web service method. updateDevice");
// remove externalId, no place to store it in LDAP
fidoDeviceResource.setExternalId(null);
if (fidoDeviceResource.getId() != null && !fidoDeviceResource.getId().equals(id))
throw new SCIMException("Parameter id does not match id attribute of Device");
String userId = fidoDeviceResource.getUserId();
GluuCustomFidoDevice device = fidoDeviceService.getGluuCustomFidoDeviceById(userId, id);
if (device == null)
return notFoundResponse(id, fidoResourceType);
response = externalConstraintsService.applyEntityCheck(device, fidoDeviceResource, httpHeaders, uriInfo, HttpMethod.PUT, fidoResourceType);
if (response != null)
return response;
executeValidation(fidoDeviceResource, true);
FidoDeviceResource updatedResource = new FidoDeviceResource();
transferAttributesToFidoResource(device, updatedResource, endpointUrl, userId);
updatedResource.getMeta().setLastModified(DateUtil.millisToISOString(System.currentTimeMillis()));
updatedResource = (FidoDeviceResource) ScimResourceUtil.transferToResourceReplace(fidoDeviceResource, updatedResource, extService.getResourceExtensions(updatedResource.getClass()));
transferAttributesToDevice(updatedResource, device);
fidoDeviceService.updateGluuCustomFidoDevice(device);
String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
} catch (SCIMException e) {
log.error("Validation check error: {}", e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_VALUE, e.getMessage());
} catch (InvalidAttributeValueException e) {
log.error(e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
} catch (Exception e) {
log.error("Failure at updateDevice method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
use of io.jans.scim.model.scim2.annotations.Attribute in project jans by JanssenProject.
the class Fido2DeviceWebService method updateF2Device.
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi(scopes = { "https://jans.io/scim/fido2.write" })
@RefAdjusted
public Response updateF2Device(Fido2DeviceResource fidoDeviceResource, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
Response response;
try {
log.debug("Executing web service method. updateDevice");
// remove externalId, no place to store it in LDAP
fidoDeviceResource.setExternalId(null);
if (fidoDeviceResource.getId() != null && !fidoDeviceResource.getId().equals(id))
throw new SCIMException("Parameter id does not match id attribute of Device");
String userId = fidoDeviceResource.getUserId();
GluuFido2Device device = fidoDeviceService.getFido2DeviceById(userId, id);
if (device == null)
return notFoundResponse(id, fido2ResourceType);
response = externalConstraintsService.applyEntityCheck(device, fidoDeviceResource, httpHeaders, uriInfo, HttpMethod.PUT, fido2ResourceType);
if (response != null)
return response;
executeValidation(fidoDeviceResource, true);
Fido2DeviceResource updatedResource = new Fido2DeviceResource();
transferAttributesToFido2Resource(device, updatedResource, endpointUrl, userId);
updatedResource.getMeta().setLastModified(DateUtil.millisToISOString(System.currentTimeMillis()));
updatedResource = (Fido2DeviceResource) ScimResourceUtil.transferToResourceReplace(fidoDeviceResource, updatedResource, extService.getResourceExtensions(updatedResource.getClass()));
transferAttributesToDevice(updatedResource, device);
fidoDeviceService.updateFido2Device(device);
String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
} catch (SCIMException e) {
log.error("Validation check error: {}", e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_VALUE, e.getMessage());
} catch (InvalidAttributeValueException e) {
log.error(e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
} catch (Exception e) {
log.error("Failure at updateDevice method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
use of io.jans.scim.model.scim2.annotations.Attribute in project jans by JanssenProject.
the class GroupWebService method updateGroup.
/**
* This implementation differs from spec in the following aspects:
* - Passing a null value for an attribute, does not modify the attribute in the destination, however passing an
* empty array for a multivalued attribute does clear the attribute. Thus, to clear single-valued attribute, PATCH
* operation should be used
*/
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi(scopes = { "https://jans.io/scim/groups.write" })
@RefAdjusted
public Response updateGroup(GroupResource group, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
Response response;
try {
log.debug("Executing web service method. updateGroup");
// empty externalId, no place to store it in LDAP
group.setExternalId(null);
// Check if the ids match in case the group coming has one
if (group.getId() != null && !group.getId().equals(id))
throw new SCIMException("Parameter id does not match with id attribute of Group");
GluuGroup gluuGroup = groupService.getGroupByInum(id);
if (gluuGroup == null)
return notFoundResponse(id, groupResourceType);
response = externalConstraintsService.applyEntityCheck(gluuGroup, group, httpHeaders, uriInfo, HttpMethod.PUT, groupResourceType);
if (response != null)
return response;
executeValidation(group, true);
if (StringUtils.isNotEmpty(group.getDisplayName())) {
checkDisplayNameExistence(group.getDisplayName(), id);
}
boolean skipValidation = isMembersValidationSkipped();
boolean displayExcluded = isDisplayExcluded(skipValidation, attrsList, excludedAttrsList);
GroupResource updatedResource = scim2GroupService.updateGroup(gluuGroup, group, skipValidation, !displayExcluded, endpointUrl, usersUrl);
String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
} catch (DuplicateEntryException e) {
log.error(e.getMessage());
response = getErrorResponse(Response.Status.CONFLICT, ErrorScimType.UNIQUENESS, e.getMessage());
} catch (SCIMException e) {
log.error("Validation check at updateGroup returned: {}", e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_VALUE, e.getMessage());
} catch (InvalidAttributeValueException e) {
log.error(e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
} catch (Exception e) {
log.error("Failure at updateGroup method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
use of io.jans.scim.model.scim2.annotations.Attribute in project jans by JanssenProject.
the class Scim2UserService method transferAttributesToUserResource.
public void transferAttributesToUserResource(ScimCustomPerson person, UserResource res, String url) {
log.debug("transferAttributesToUserResource");
res.setId(person.getInum());
res.setExternalId(person.getAttribute("jansExtId"));
Meta meta = new Meta();
meta.setResourceType(ScimResourceUtil.getType(res.getClass()));
meta.setCreated(person.getAttribute("jansMetaCreated"));
if (meta.getCreated() == null) {
Date date = person.getCreationDate();
meta.setCreated(date == null ? null : DateUtil.millisToISOString(date.getTime()));
}
meta.setLastModified(person.getAttribute("jansMetaLastMod"));
if (meta.getLastModified() == null) {
Date date = person.getUpdatedAt();
meta.setLastModified(date == null ? null : DateUtil.millisToISOString(date.getTime()));
}
meta.setLocation(person.getAttribute("jansMetaLocation"));
if (meta.getLocation() == null) {
meta.setLocation(url + "/" + person.getInum());
}
res.setMeta(meta);
// Set values in order of appearance in UserResource class
res.setUserName(person.getUid());
Name name = new Name();
name.setGivenName(person.getGivenName());
name.setFamilyName(person.getSurname());
name.setMiddleName(person.getAttribute("middleName"));
name.setHonorificPrefix(person.getAttribute("jansHonorificPrefix"));
name.setHonorificSuffix(person.getAttribute("jansHonorificSuffix"));
String formatted = person.getAttribute("jansNameFormatted");
if (formatted == null) {
// recomputes the formatted name if absent in LDAP
name.computeFormattedName();
} else {
name.setFormatted(formatted);
}
res.setName(name);
res.setDisplayName(person.getDisplayName());
res.setNickName(person.getAttribute("nickname"));
res.setProfileUrl(person.getAttribute("jansProfileURL"));
res.setTitle(person.getAttribute("jansTitle"));
res.setUserType(person.getAttribute("jansUsrTyp"));
res.setPreferredLanguage(person.getPreferredLanguage());
res.setLocale(person.getAttribute("locale"));
res.setTimezone(person.getTimezone());
res.setActive(Boolean.valueOf(person.getAttribute("jansActive")) || GluuBoolean.getByValue(person.getAttribute("jansStatus")).isBooleanValue());
res.setPassword(person.getUserPassword());
res.setEmails(getAttributeListValue(person, Email.class, "jansEmail"));
if (res.getEmails() == null) {
// There can be cases where jansEmail is not synced with mail attribute....
List<Email> emails = person.getAttributeList("mail").stream().map(m -> {
Email email = new Email();
email.setValue(m);
email.setPrimary(false);
return email;
}).collect(Collectors.toList());
res.setEmails(emails.size() == 0 ? null : emails);
}
res.setPhoneNumbers(getAttributeListValue(person, PhoneNumber.class, "jansPhoneValue"));
res.setIms(getAttributeListValue(person, InstantMessagingAddress.class, "jansImsValue"));
res.setPhotos(getAttributeListValue(person, Photo.class, "jansPhotos"));
res.setAddresses(getAttributeListValue(person, Address.class, "jansAddres"));
List<String> listOfGroups = person.getMemberOf();
if (listOfGroups != null && listOfGroups.size() > 0) {
List<Group> groupList = new ArrayList<>();
for (String groupDN : listOfGroups) {
try {
GluuGroup gluuGroup = groupService.getGroupByDn(groupDN);
Group group = new Group();
group.setValue(gluuGroup.getInum());
String reference = groupEndpointUrl + "/" + gluuGroup.getInum();
group.setRef(reference);
group.setDisplay(gluuGroup.getDisplayName());
// Only support direct membership: see section 4.1.2 of RFC 7644
group.setType(Group.Type.DIRECT);
groupList.add(group);
} catch (Exception e) {
log.warn("transferAttributesToUserResource. Group with dn {} could not be added to User Resource. {}", groupDN, person.getUid());
log.error(e.getMessage(), e);
}
}
if (groupList.size() > 0) {
res.setGroups(groupList);
}
}
res.setEntitlements(getAttributeListValue(person, Entitlement.class, "jansEntitlements"));
res.setRoles(getAttributeListValue(person, Role.class, "jansRole"));
res.setX509Certificates(getAttributeListValue(person, X509Certificate.class, "jansx509Certificate"));
res.setPairwiseIdentifiers(person.getPpid());
transferExtendedAttributesToResource(person, res);
}
use of io.jans.scim.model.scim2.annotations.Attribute in project jans by JanssenProject.
the class BaseScimWebService method executeValidation.
protected void executeValidation(BaseScimResource resource, boolean laxRequiredness) throws SCIMException {
ResourceValidator rv = new ResourceValidator(resource, extService.getResourceExtensions(resource.getClass()));
if (!laxRequiredness) {
rv.validateSchemasAttribute();
}
rv.validateRequiredAttributes(laxRequiredness);
rv.validateValidableAttributes();
// By section 7 of RFC 7643, we are not forced to constrain attribute values when they have a list of canonical values associated
// rv.validateCanonicalizedAttributes();
rv.validateExtendedAttributes();
}
Aggregations