Example 6 with IntAttrName
use of org.apache.syncope.core.provisioning.api.IntAttrName in project syncope by apache.
the class MappingManagerImpl method prepareAttr.
/**
* Prepare an attribute to be sent to a connector instance.
*
* @param provision external resource
* @param mapItem mapping item for the given attribute
* @param any given any object
* @param password clear-text password
* @return connObjectKey + prepared attribute
*/
private Pair<String, Attribute> prepareAttr(final Provision provision, final Item mapItem, final Any<?> any, final String password) {
IntAttrName intAttrName;
try {
intAttrName = intAttrNameParser.parse(mapItem.getIntAttrName(), provision.getAnyType().getKind());
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}' specified, ignoring", mapItem.getIntAttrName(), e);
return null;
}
boolean readOnlyVirSchema = false;
Schema schema = null;
AttrSchemaType schemaType = AttrSchemaType.String;
if (intAttrName.getSchemaType() != null) {
switch(intAttrName.getSchemaType()) {
case PLAIN:
schema = plainSchemaDAO.find(intAttrName.getSchemaName());
if (schema != null) {
schemaType = schema.getType();
}
break;
case VIRTUAL:
schema = virSchemaDAO.find(intAttrName.getSchemaName());
readOnlyVirSchema = (schema != null && schema.isReadonly());
break;
default:
}
}
List<PlainAttrValue> values = getIntValues(provision, mapItem, intAttrName, any);
LOG.debug("Define mapping for: " + "\n* ExtAttrName " + mapItem.getExtAttrName() + "\n* is connObjectKey " + mapItem.isConnObjectKey() + "\n* is password " + mapItem.isPassword() + "\n* mandatory condition " + mapItem.getMandatoryCondition() + "\n* Schema " + intAttrName.getSchemaName() + "\n* ClassType " + schemaType.getType().getName() + "\n* Values " + values);
Pair<String, Attribute> result;
if (readOnlyVirSchema) {
result = null;
} else {
List<Object> objValues = new ArrayList<>();
for (PlainAttrValue value : values) {
if (FrameworkUtil.isSupportedAttributeType(schemaType.getType())) {
objValues.add(value.getValue());
} else {
objValues.add(value.getValueAsString(schemaType));
}
}
if (mapItem.isConnObjectKey()) {
result = Pair.of(objValues.isEmpty() ? null : objValues.iterator().next().toString(), null);
} else if (mapItem.isPassword() && any instanceof User) {
String passwordAttrValue = password;
if (StringUtils.isBlank(passwordAttrValue)) {
User user = (User) any;
if (user.canDecodePassword()) {
try {
passwordAttrValue = ENCRYPTOR.decode(user.getPassword(), user.getCipherAlgorithm());
} catch (Exception e) {
LOG.error("Could not decode password for {}", user, e);
}
} else if (provision.getResource().isRandomPwdIfNotProvided()) {
try {
passwordAttrValue = passwordGenerator.generate(provision.getResource());
} catch (InvalidPasswordRuleConf e) {
LOG.error("Could not generate policy-compliant random password for {}", user, e);
}
}
}
if (passwordAttrValue == null) {
result = null;
} else {
result = Pair.of(null, AttributeBuilder.buildPassword(passwordAttrValue.toCharArray()));
}
} else if (schema != null && schema.isMultivalue()) {
result = Pair.of(null, AttributeBuilder.build(mapItem.getExtAttrName(), objValues));
} else {
result = Pair.of(null, objValues.isEmpty() ? AttributeBuilder.build(mapItem.getExtAttrName()) : AttributeBuilder.build(mapItem.getExtAttrName(), objValues.iterator().next()));
}
}
return result;
}
Also used :
User(org.apache.syncope.core.persistence.api.entity.user.User)
Attribute(org.identityconnectors.framework.common.objects.Attribute)
InvalidPasswordRuleConf(org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf)
Schema(org.apache.syncope.core.persistence.api.entity.Schema)
PlainSchema(org.apache.syncope.core.persistence.api.entity.PlainSchema)
DerSchema(org.apache.syncope.core.persistence.api.entity.DerSchema)
VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema)
ArrayList(java.util.ArrayList)
ParseException(java.text.ParseException)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
AttrSchemaType(org.apache.syncope.common.lib.types.AttrSchemaType)
PlainAttrValue(org.apache.syncope.core.persistence.api.entity.PlainAttrValue)
AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)
ParseException(java.text.ParseException)
Example 7 with IntAttrName
use of org.apache.syncope.core.provisioning.api.IntAttrName in project syncope by apache.
the class MappingManagerImpl method setIntValues.
@Transactional(readOnly = true)
@Override
public void setIntValues(final Item mapItem, final Attribute attr, final AnyTO anyTO, final AnyUtils anyUtils) {
List<Object> values = null;
if (attr != null) {
values = attr.getValue();
for (ItemTransformer transformer : MappingUtils.getItemTransformers(mapItem)) {
values = transformer.beforePull(mapItem, anyTO, values);
}
}
values = values == null ? Collections.emptyList() : values;
IntAttrName intAttrName;
try {
intAttrName = intAttrNameParser.parse(mapItem.getIntAttrName(), anyUtils.getAnyTypeKind());
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}' specified, ignoring", mapItem.getIntAttrName(), e);
return;
}
if (intAttrName.getField() != null) {
switch(intAttrName.getField()) {
case "password":
if (anyTO instanceof UserTO && !values.isEmpty()) {
((UserTO) anyTO).setPassword(ConnObjectUtils.getPassword(values.get(0)));
}
break;
case "username":
if (anyTO instanceof UserTO) {
((UserTO) anyTO).setUsername(values.isEmpty() || values.get(0) == null ? null : values.get(0).toString());
}
break;
case "name":
if (anyTO instanceof GroupTO) {
((GroupTO) anyTO).setName(values.isEmpty() || values.get(0) == null ? null : values.get(0).toString());
} else if (anyTO instanceof AnyObjectTO) {
((AnyObjectTO) anyTO).setName(values.isEmpty() || values.get(0) == null ? null : values.get(0).toString());
}
break;
case "mustChangePassword":
if (anyTO instanceof UserTO && !values.isEmpty() && values.get(0) != null) {
((UserTO) anyTO).setMustChangePassword(BooleanUtils.toBoolean(values.get(0).toString()));
}
break;
case "userOwner":
case "groupOwner":
if (anyTO instanceof GroupTO && attr != null) {
// using a special attribute (with schema "", that will be ignored) for carrying the
// GroupOwnerSchema value
AttrTO attrTO = new AttrTO();
attrTO.setSchema(StringUtils.EMPTY);
if (values.isEmpty() || values.get(0) == null) {
attrTO.getValues().add(StringUtils.EMPTY);
} else {
attrTO.getValues().add(values.get(0).toString());
}
((GroupTO) anyTO).getPlainAttrs().add(attrTO);
}
break;
default:
}
} else if (intAttrName.getSchemaType() != null) {
GroupableRelatableTO groupableTO = null;
Group group = null;
if (anyTO instanceof GroupableRelatableTO && intAttrName.getMembershipOfGroup() != null) {
groupableTO = (GroupableRelatableTO) anyTO;
group = groupDAO.findByName(intAttrName.getMembershipOfGroup());
}
switch(intAttrName.getSchemaType()) {
case PLAIN:
AttrTO attrTO = new AttrTO();
attrTO.setSchema(intAttrName.getSchemaName());
PlainSchema schema = plainSchemaDAO.find(intAttrName.getSchemaName());
for (Object value : values) {
AttrSchemaType schemaType = schema == null ? AttrSchemaType.String : schema.getType();
if (value != null) {
PlainAttrValue attrValue = anyUtils.newPlainAttrValue();
switch(schemaType) {
case String:
attrValue.setStringValue(value.toString());
break;
case Binary:
attrValue.setBinaryValue((byte[]) value);
break;
default:
try {
attrValue.parseValue(schema, value.toString());
} catch (ParsingValidationException e) {
LOG.error("While parsing provided value {}", value, e);
attrValue.setStringValue(value.toString());
schemaType = AttrSchemaType.String;
}
break;
}
attrTO.getValues().add(attrValue.getValueAsString(schemaType));
}
}
if (groupableTO == null || group == null) {
anyTO.getPlainAttrs().add(attrTO);
} else {
Optional<MembershipTO> membership = groupableTO.getMembership(group.getKey());
if (!membership.isPresent()) {
membership = Optional.of(new MembershipTO.Builder().group(group.getKey(), group.getName()).build());
groupableTO.getMemberships().add(membership.get());
}
membership.get().getPlainAttrs().add(attrTO);
}
break;
case DERIVED:
attrTO = new AttrTO();
attrTO.setSchema(intAttrName.getSchemaName());
if (groupableTO == null || group == null) {
anyTO.getDerAttrs().add(attrTO);
} else {
Optional<MembershipTO> membership = groupableTO.getMembership(group.getKey());
if (!membership.isPresent()) {
membership = Optional.of(new MembershipTO.Builder().group(group.getKey(), group.getName()).build());
groupableTO.getMemberships().add(membership.get());
}
membership.get().getDerAttrs().add(attrTO);
}
break;
case VIRTUAL:
attrTO = new AttrTO();
attrTO.setSchema(intAttrName.getSchemaName());
// virtual attributes don't get transformed, iterate over original attr.getValue()
if (attr != null && attr.getValue() != null && !attr.getValue().isEmpty()) {
attr.getValue().stream().filter(value -> value != null).forEachOrdered(value -> attrTO.getValues().add(value.toString()));
}
if (groupableTO == null || group == null) {
anyTO.getVirAttrs().add(attrTO);
} else {
Optional<MembershipTO> membership = groupableTO.getMembership(group.getKey());
if (!membership.isPresent()) {
membership = Optional.of(new MembershipTO.Builder().group(group.getKey(), group.getName()).build());
groupableTO.getMemberships().add(membership.get());
}
membership.get().getVirAttrs().add(attrTO);
}
break;
default:
}
}
}
Also used :
Date(java.util.Date)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
PlainAttr(org.apache.syncope.core.persistence.api.entity.PlainAttr)
LoggerFactory(org.slf4j.LoggerFactory)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Schema(org.apache.syncope.core.persistence.api.entity.Schema)
InvalidPasswordRuleConf(org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf)
StringUtils(org.apache.commons.lang3.StringUtils)
Attribute(org.identityconnectors.framework.common.objects.Attribute)
GroupDAO(org.apache.syncope.core.persistence.api.dao.GroupDAO)
Pair(org.apache.commons.lang3.tuple.Pair)
AttrSchemaType(org.apache.syncope.common.lib.types.AttrSchemaType)
AnyObjectDAO(org.apache.syncope.core.persistence.api.dao.AnyObjectDAO)
ConnObjectUtils(org.apache.syncope.core.provisioning.java.utils.ConnObjectUtils)
GroupableRelatableTO(org.apache.syncope.common.lib.to.GroupableRelatableTO)
OrgUnit(org.apache.syncope.core.persistence.api.entity.resource.OrgUnit)
ParseException(java.text.ParseException)
OperationalAttributes(org.identityconnectors.framework.common.objects.OperationalAttributes)
UserDAO(org.apache.syncope.core.persistence.api.dao.UserDAO)
OrgUnitItem(org.apache.syncope.core.persistence.api.entity.resource.OrgUnitItem)
DerAttrHandler(org.apache.syncope.core.provisioning.api.DerAttrHandler)
Set(java.util.Set)
PlainAttrValue(org.apache.syncope.core.persistence.api.entity.PlainAttrValue)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
MappingItem(org.apache.syncope.core.persistence.api.entity.resource.MappingItem)
List(java.util.List)
DerSchemaDAO(org.apache.syncope.core.persistence.api.dao.DerSchemaDAO)
Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision)
AttributeUtil(org.identityconnectors.framework.common.objects.AttributeUtil)
AttributeBuilder(org.identityconnectors.framework.common.objects.AttributeBuilder)
PlainSchema(org.apache.syncope.core.persistence.api.entity.PlainSchema)
Group(org.apache.syncope.core.persistence.api.entity.group.Group)
Optional(java.util.Optional)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
VirAttrCache(org.apache.syncope.core.provisioning.api.cache.VirAttrCache)
ApplicationDAO(org.apache.syncope.core.persistence.api.dao.ApplicationDAO)
ItemTransformer(org.apache.syncope.core.provisioning.api.data.ItemTransformer)
AttrTO(org.apache.syncope.common.lib.to.AttrTO)
AnyUtilsFactory(org.apache.syncope.core.persistence.api.entity.AnyUtilsFactory)
RealmTO(org.apache.syncope.common.lib.to.RealmTO)
GroupableRelatable(org.apache.syncope.core.persistence.api.entity.GroupableRelatable)
AnyTO(org.apache.syncope.common.lib.to.AnyTO)
FrameworkUtil(org.identityconnectors.framework.common.FrameworkUtil)
BooleanUtils(org.apache.commons.lang3.BooleanUtils)
PasswordGenerator(org.apache.syncope.core.spring.security.PasswordGenerator)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Application(org.apache.syncope.core.persistence.api.entity.Application)
DerSchema(org.apache.syncope.core.persistence.api.entity.DerSchema)
MappingManager(org.apache.syncope.core.provisioning.api.MappingManager)
FieldUtils(org.apache.commons.lang3.reflect.FieldUtils)
Item(org.apache.syncope.core.persistence.api.entity.resource.Item)
RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO)
MembershipTO(org.apache.syncope.common.lib.to.MembershipTO)
Mapping(org.apache.syncope.core.persistence.api.entity.resource.Mapping)
Encryptor(org.apache.syncope.core.spring.security.Encryptor)
Logger(org.slf4j.Logger)
AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)
PlainSchemaDAO(org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO)
VirAttrHandler(org.apache.syncope.core.provisioning.api.VirAttrHandler)
User(org.apache.syncope.core.persistence.api.entity.user.User)
Membership(org.apache.syncope.core.persistence.api.entity.Membership)
Name(org.identityconnectors.framework.common.objects.Name)
VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema)
MappingUtils(org.apache.syncope.core.provisioning.java.utils.MappingUtils)
Component(org.springframework.stereotype.Component)
VirSchemaDAO(org.apache.syncope.core.persistence.api.dao.VirSchemaDAO)
UserTO(org.apache.syncope.common.lib.to.UserTO)
AnyUtils(org.apache.syncope.core.persistence.api.entity.AnyUtils)
Collections(java.util.Collections)
Any(org.apache.syncope.core.persistence.api.entity.Any)
DateFormatUtils(org.apache.commons.lang3.time.DateFormatUtils)
AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
Transactional(org.springframework.transaction.annotation.Transactional)
Group(org.apache.syncope.core.persistence.api.entity.group.Group)
Optional(java.util.Optional)
ItemTransformer(org.apache.syncope.core.provisioning.api.data.ItemTransformer)
AttrTO(org.apache.syncope.common.lib.to.AttrTO)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO)
GroupableRelatableTO(org.apache.syncope.common.lib.to.GroupableRelatableTO)
UserTO(org.apache.syncope.common.lib.to.UserTO)
AttrSchemaType(org.apache.syncope.common.lib.types.AttrSchemaType)
MembershipTO(org.apache.syncope.common.lib.to.MembershipTO)
PlainAttrValue(org.apache.syncope.core.persistence.api.entity.PlainAttrValue)
AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)
ParseException(java.text.ParseException)
PlainSchema(org.apache.syncope.core.persistence.api.entity.PlainSchema)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 8 with IntAttrName
use of org.apache.syncope.core.provisioning.api.IntAttrName in project syncope by apache.
the class ResourceDataBinderImpl method populateMapping.
private void populateMapping(final MappingTO mappingTO, final Mapping mapping, final AnyTypeClassTO allowedSchemas) {
mapping.setConnObjectLink(mappingTO.getConnObjectLink());
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
SyncopeClientException invalidMapping = SyncopeClientException.build(ClientExceptionType.InvalidMapping);
SyncopeClientException requiredValuesMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
for (ItemTO itemTO : mappingTO.getItems()) {
if (itemTO == null) {
LOG.error("Null {}", ItemTO.class.getSimpleName());
invalidMapping.getElements().add("Null " + ItemTO.class.getSimpleName());
} else if (itemTO.getIntAttrName() == null) {
requiredValuesMissing.getElements().add("intAttrName");
scce.addException(requiredValuesMissing);
} else {
IntAttrName intAttrName = null;
try {
intAttrName = intAttrNameParser.parse(itemTO.getIntAttrName(), mapping.getProvision().getAnyType().getKind());
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}'", itemTO.getIntAttrName(), e);
}
if (intAttrName == null || intAttrName.getSchemaType() == null && intAttrName.getField() == null && intAttrName.getPrivilegesOfApplication() == null) {
LOG.error("'{}' not existing", itemTO.getIntAttrName());
invalidMapping.getElements().add("'" + itemTO.getIntAttrName() + "' not existing");
} else {
boolean allowed = true;
if (intAttrName.getSchemaType() != null && intAttrName.getEnclosingGroup() == null && intAttrName.getRelatedAnyObject() == null && intAttrName.getPrivilegesOfApplication() == null) {
switch(intAttrName.getSchemaType()) {
case PLAIN:
allowed = allowedSchemas.getPlainSchemas().contains(intAttrName.getSchemaName());
break;
case DERIVED:
allowed = allowedSchemas.getDerSchemas().contains(intAttrName.getSchemaName());
break;
case VIRTUAL:
allowed = allowedSchemas.getVirSchemas().contains(intAttrName.getSchemaName());
break;
default:
}
}
if (allowed) {
// no mandatory condition implies mandatory condition false
if (!JexlUtils.isExpressionValid(itemTO.getMandatoryCondition() == null ? "false" : itemTO.getMandatoryCondition())) {
SyncopeClientException invalidMandatoryCondition = SyncopeClientException.build(ClientExceptionType.InvalidValues);
invalidMandatoryCondition.getElements().add(itemTO.getMandatoryCondition());
scce.addException(invalidMandatoryCondition);
}
MappingItem item = entityFactory.newEntity(MappingItem.class);
BeanUtils.copyProperties(itemTO, item, ITEM_IGNORE_PROPERTIES);
item.setMapping(mapping);
if (item.isConnObjectKey()) {
if (intAttrName.getSchemaType() == SchemaType.VIRTUAL) {
invalidMapping.getElements().add("Virtual attributes cannot be set as ConnObjectKey");
}
if ("password".equals(intAttrName.getField())) {
invalidMapping.getElements().add("Password attributes cannot be set as ConnObjectKey");
}
mapping.setConnObjectKeyItem(item);
} else {
mapping.add(item);
}
itemTO.getTransformers().forEach(transformerKey -> {
Implementation transformer = implementationDAO.find(transformerKey);
if (transformer == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", transformerKey);
} else {
item.add(transformer);
}
});
// remove all implementations not contained in the TO
item.getTransformers().removeIf(implementation -> !itemTO.getTransformers().contains(implementation.getKey()));
if (intAttrName.getEnclosingGroup() != null && item.getPurpose() != MappingPurpose.PROPAGATION) {
invalidMapping.getElements().add("Only " + MappingPurpose.PROPAGATION.name() + " allowed when referring to groups");
}
if (intAttrName.getRelatedAnyObject() != null && item.getPurpose() != MappingPurpose.PROPAGATION) {
invalidMapping.getElements().add("Only " + MappingPurpose.PROPAGATION.name() + " allowed when referring to any objects");
}
if (intAttrName.getPrivilegesOfApplication() != null && item.getPurpose() != MappingPurpose.PROPAGATION) {
invalidMapping.getElements().add("Only " + MappingPurpose.PROPAGATION.name() + " allowed when referring to privileges");
}
if (intAttrName.getSchemaType() == SchemaType.DERIVED && item.getPurpose() != MappingPurpose.PROPAGATION) {
invalidMapping.getElements().add("Only " + MappingPurpose.PROPAGATION.name() + " allowed for derived");
}
if (intAttrName.getSchemaType() == SchemaType.VIRTUAL) {
if (item.getPurpose() != MappingPurpose.PROPAGATION) {
invalidMapping.getElements().add("Only " + MappingPurpose.PROPAGATION.name() + " allowed for virtual");
}
VirSchema schema = virSchemaDAO.find(item.getIntAttrName());
if (schema != null && schema.getProvision().equals(item.getMapping().getProvision())) {
invalidMapping.getElements().add("No need to map virtual schema on linking resource");
}
}
} else {
LOG.error("'{}' not allowed", itemTO.getIntAttrName());
invalidMapping.getElements().add("'" + itemTO.getIntAttrName() + "' not allowed");
}
}
}
}
if (!invalidMapping.getElements().isEmpty()) {
scce.addException(invalidMapping);
}
if (scce.hasExceptions()) {
throw scce;
}
}
Also used :
ProvisionTO(org.apache.syncope.common.lib.to.ProvisionTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
Date(java.util.Date)
LoggerFactory(org.slf4j.LoggerFactory)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
JexlUtils(org.apache.syncope.core.provisioning.java.jexl.JexlUtils)
OrgUnit(org.apache.syncope.core.persistence.api.entity.resource.OrgUnit)
AuthContextUtils(org.apache.syncope.core.spring.security.AuthContextUtils)
ParseException(java.text.ParseException)
ImplementationDAO(org.apache.syncope.core.persistence.api.dao.ImplementationDAO)
AnyTypeClass(org.apache.syncope.core.persistence.api.entity.AnyTypeClass)
MappingTO(org.apache.syncope.common.lib.to.MappingTO)
OrgUnitItem(org.apache.syncope.core.persistence.api.entity.resource.OrgUnitItem)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
SchemaType(org.apache.syncope.common.lib.types.SchemaType)
ConnInstanceDAO(org.apache.syncope.core.persistence.api.dao.ConnInstanceDAO)
ResourceDataBinder(org.apache.syncope.core.provisioning.api.data.ResourceDataBinder)
Collectors(java.util.stream.Collectors)
MappingItem(org.apache.syncope.core.persistence.api.entity.resource.MappingItem)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
EntityFactory(org.apache.syncope.core.persistence.api.entity.EntityFactory)
List(java.util.List)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision)
ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass)
PolicyDAO(org.apache.syncope.core.persistence.api.dao.PolicyDAO)
ConfDAO(org.apache.syncope.core.persistence.api.dao.ConfDAO)
ExternalResourceHistoryConfDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceHistoryConfDAO)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
ResourceHistoryConfTO(org.apache.syncope.common.lib.to.ResourceHistoryConfTO)
BeanUtils(org.apache.syncope.core.spring.BeanUtils)
HashSet(java.util.HashSet)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
ItemTO(org.apache.syncope.common.lib.to.ItemTO)
SyncopeClientCompositeException(org.apache.syncope.common.lib.SyncopeClientCompositeException)
ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType)
Item(org.apache.syncope.core.persistence.api.entity.resource.Item)
AnyTypeClassTO(org.apache.syncope.common.lib.to.AnyTypeClassTO)
Mapping(org.apache.syncope.core.persistence.api.entity.resource.Mapping)
Logger(org.slf4j.Logger)
Iterator(java.util.Iterator)
ResourceTO(org.apache.syncope.common.lib.to.ResourceTO)
ItemContainerTO(org.apache.syncope.common.lib.to.ItemContainerTO)
IteratorChain(org.apache.syncope.common.lib.collections.IteratorChain)
ExternalResourceHistoryConf(org.apache.syncope.core.persistence.api.entity.resource.ExternalResourceHistoryConf)
ConnInstance(org.apache.syncope.core.persistence.api.entity.ConnInstance)
VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Component(org.springframework.stereotype.Component)
MappingPurpose(org.apache.syncope.common.lib.types.MappingPurpose)
OrgUnitTO(org.apache.syncope.common.lib.to.OrgUnitTO)
VirSchemaDAO(org.apache.syncope.core.persistence.api.dao.VirSchemaDAO)
IntAttrNameParser(org.apache.syncope.core.provisioning.java.IntAttrNameParser)
Collections(java.util.Collections)
AnyTypeClassDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeClassDAO)
SyncopeClientCompositeException(org.apache.syncope.common.lib.SyncopeClientCompositeException)
MappingItem(org.apache.syncope.core.persistence.api.entity.resource.MappingItem)
VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
ParseException(java.text.ParseException)
ItemTO(org.apache.syncope.common.lib.to.ItemTO)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
Example 9 with IntAttrName
use of org.apache.syncope.core.provisioning.api.IntAttrName in project syncope by apache.
the class SAML2UserManager method findMatchingUser.
@Transactional(readOnly = true)
public List<String> findMatchingUser(final String keyValue, final String idpKey) {
List<String> result = new ArrayList<>();
SAML2IdP idp = idpDAO.find(idpKey);
if (idp == null) {
LOG.warn("Invalid IdP: {}", idpKey);
return result;
}
String transformed = keyValue;
for (ItemTransformer transformer : MappingUtils.getItemTransformers(idp.getConnObjectKeyItem().get())) {
List<Object> output = transformer.beforePull(null, null, Collections.<Object>singletonList(transformed));
if (output != null && !output.isEmpty()) {
transformed = output.get(0).toString();
}
}
IntAttrName intAttrName;
try {
intAttrName = intAttrNameParser.parse(idp.getConnObjectKeyItem().get().getIntAttrName(), AnyTypeKind.USER);
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}' specified, ignoring", idp.getConnObjectKeyItem().get().getIntAttrName(), e);
return result;
}
if (intAttrName.getField() != null) {
switch(intAttrName.getField()) {
case "key":
User byKey = userDAO.find(transformed);
if (byKey != null) {
result.add(byKey.getUsername());
}
break;
case "username":
User byUsername = userDAO.findByUsername(transformed);
if (byUsername != null) {
result.add(byUsername.getUsername());
}
break;
default:
}
} else if (intAttrName.getSchemaType() != null) {
switch(intAttrName.getSchemaType()) {
case PLAIN:
PlainAttrValue value = entityFactory.newEntity(UPlainAttrValue.class);
PlainSchema schema = plainSchemaDAO.find(intAttrName.getSchemaName());
if (schema == null) {
value.setStringValue(transformed);
} else {
try {
value.parseValue(schema, transformed);
} catch (ParsingValidationException e) {
LOG.error("While parsing provided key value {}", transformed, e);
value.setStringValue(transformed);
}
}
result.addAll(userDAO.findByPlainAttrValue(intAttrName.getSchemaName(), value).stream().map(user -> user.getUsername()).collect(Collectors.toList()));
break;
case DERIVED:
result.addAll(userDAO.findByDerAttrValue(intAttrName.getSchemaName(), transformed).stream().map(user -> user.getUsername()).collect(Collectors.toList()));
break;
default:
}
}
return result;
}
Also used :
ItemTransformer(org.apache.syncope.core.provisioning.api.data.ItemTransformer)
AttrTO(org.apache.syncope.common.lib.to.AttrTO)
LoggerFactory(org.slf4j.LoggerFactory)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SerializationUtils(org.apache.commons.lang3.SerializationUtils)
AbstractBeanDefinition(org.springframework.beans.factory.support.AbstractBeanDefinition)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
SAML2IdP(org.apache.syncope.core.persistence.api.entity.SAML2IdP)
ArrayList(java.util.ArrayList)
AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind)
UPlainAttrValue(org.apache.syncope.core.persistence.api.entity.user.UPlainAttrValue)
Pair(org.apache.commons.lang3.tuple.Pair)
Propagation(org.springframework.transaction.annotation.Propagation)
UserDataBinder(org.apache.syncope.core.provisioning.api.data.UserDataBinder)
SAML2LoginResponseTO(org.apache.syncope.common.lib.to.SAML2LoginResponseTO)
PropagationStatus(org.apache.syncope.common.lib.to.PropagationStatus)
SAML2IdPDAO(org.apache.syncope.core.persistence.api.dao.SAML2IdPDAO)
ParseException(java.text.ParseException)
TemplateUtils(org.apache.syncope.core.provisioning.java.utils.TemplateUtils)
SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants)
Logger(org.slf4j.Logger)
UserDAO(org.apache.syncope.core.persistence.api.dao.UserDAO)
PlainSchemaDAO(org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO)
User(org.apache.syncope.core.persistence.api.entity.user.User)
PlainAttrValue(org.apache.syncope.core.persistence.api.entity.PlainAttrValue)
Collectors(java.util.stream.Collectors)
MappingUtils(org.apache.syncope.core.provisioning.java.utils.MappingUtils)
EntityFactory(org.apache.syncope.core.persistence.api.entity.EntityFactory)
List(java.util.List)
Component(org.springframework.stereotype.Component)
SAML2IdPActions(org.apache.syncope.core.provisioning.api.SAML2IdPActions)
UserProvisioningManager(org.apache.syncope.core.provisioning.api.UserProvisioningManager)
PlainSchema(org.apache.syncope.core.persistence.api.entity.PlainSchema)
Optional(java.util.Optional)
IntAttrNameParser(org.apache.syncope.core.provisioning.java.IntAttrNameParser)
UserTO(org.apache.syncope.common.lib.to.UserTO)
ApplicationContextProvider(org.apache.syncope.core.spring.ApplicationContextProvider)
Collections(java.util.Collections)
AnyOperations(org.apache.syncope.common.lib.AnyOperations)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
Transactional(org.springframework.transaction.annotation.Transactional)
UPlainAttrValue(org.apache.syncope.core.persistence.api.entity.user.UPlainAttrValue)
User(org.apache.syncope.core.persistence.api.entity.user.User)
ItemTransformer(org.apache.syncope.core.provisioning.api.data.ItemTransformer)
ArrayList(java.util.ArrayList)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
ParsingValidationException(org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)
SAML2IdP(org.apache.syncope.core.persistence.api.entity.SAML2IdP)
UPlainAttrValue(org.apache.syncope.core.persistence.api.entity.user.UPlainAttrValue)
PlainAttrValue(org.apache.syncope.core.persistence.api.entity.PlainAttrValue)
ParseException(java.text.ParseException)
PlainSchema(org.apache.syncope.core.persistence.api.entity.PlainSchema)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with IntAttrName
use of org.apache.syncope.core.provisioning.api.IntAttrName in project syncope by apache.
the class SAML2UserManager method fill.
public void fill(final String idpKey, final SAML2LoginResponseTO responseTO, final UserTO userTO) {
SAML2IdP idp = idpDAO.find(idpKey);
if (idp == null) {
LOG.warn("Invalid IdP: {}", idpKey);
return;
}
idp.getItems().forEach(item -> {
List<String> values = Collections.emptyList();
Optional<AttrTO> samlAttr = responseTO.getAttr(item.getExtAttrName());
if (samlAttr.isPresent() && !samlAttr.get().getValues().isEmpty()) {
values = samlAttr.get().getValues();
List<Object> transformed = new ArrayList<>(values);
for (ItemTransformer transformer : MappingUtils.getItemTransformers(item)) {
transformed = transformer.beforePull(null, userTO, transformed);
}
values.clear();
for (Object value : transformed) {
values.add(value.toString());
}
}
IntAttrName intAttrName = null;
try {
intAttrName = intAttrNameParser.parse(item.getIntAttrName(), AnyTypeKind.USER);
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}' specified, ignoring", item.getIntAttrName(), e);
}
if (intAttrName != null && intAttrName.getField() != null) {
switch(intAttrName.getField()) {
case "username":
if (!values.isEmpty()) {
userTO.setUsername(values.get(0));
}
break;
default:
LOG.warn("Unsupported: {}", intAttrName.getField());
}
} else if (intAttrName != null && intAttrName.getSchemaType() != null) {
switch(intAttrName.getSchemaType()) {
case PLAIN:
Optional<AttrTO> attr = userTO.getPlainAttr(intAttrName.getSchemaName());
if (!attr.isPresent()) {
attr = Optional.of(new AttrTO.Builder().schema(intAttrName.getSchemaName()).build());
userTO.getPlainAttrs().add(attr.get());
} else {
attr.get().getValues().clear();
}
attr.get().getValues().addAll(values);
break;
default:
LOG.warn("Unsupported: {} {}", intAttrName.getSchemaType(), intAttrName.getSchemaName());
}
}
});
}
Also used :
Optional(java.util.Optional)
ItemTransformer(org.apache.syncope.core.provisioning.api.data.ItemTransformer)
AttrTO(org.apache.syncope.common.lib.to.AttrTO)
ArrayList(java.util.ArrayList)
IntAttrName(org.apache.syncope.core.provisioning.api.IntAttrName)
SAML2IdP(org.apache.syncope.core.persistence.api.entity.SAML2IdP)
ParseException(java.text.ParseException)
Aggregations
IntAttrName (org.apache.syncope.core.provisioning.api.IntAttrName)17
ParseException (java.text.ParseException)11
ArrayList (java.util.ArrayList)8
PlainAttrValue (org.apache.syncope.core.persistence.api.entity.PlainAttrValue)6
Test (org.junit.jupiter.api.Test)6
List (java.util.List)5
Optional (java.util.Optional)5
VirSchema (org.apache.syncope.core.persistence.api.entity.VirSchema)5
ItemTransformer (org.apache.syncope.core.provisioning.api.data.ItemTransformer)5
Collections (java.util.Collections)4
AttrTO (org.apache.syncope.common.lib.to.AttrTO)4
ParsingValidationException (org.apache.syncope.core.persistence.api.attrvalue.validation.ParsingValidationException)4
PlainSchema (org.apache.syncope.core.persistence.api.entity.PlainSchema)4
AnyObject (org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)4
User (org.apache.syncope.core.persistence.api.entity.user.User)4
Attribute (org.identityconnectors.framework.common.objects.Attribute)4
Date (java.util.Date)3
HashSet (java.util.HashSet)3
Pair (org.apache.commons.lang3.tuple.Pair)3
AttrSchemaType (org.apache.syncope.common.lib.types.AttrSchemaType)3
