Example 1 with CustomTokenOperation
use of org.forgerock.openam.sts.config.user.CustomTokenOperation in project OpenAM by OpenRock.
the class RestSTSInstanceConfig method marshalToAttributeMap.
/*
This method will marshal this state into the Map<String>, Set<String>> required for persistence in the SMS. The intent
is to leverage the toJson functionality, as a JsonValue is essentially a map, with the following exceptions:
1. the non-complex objects are not Set<String>, but rather <String>, and thus must be marshaled to a Set<String>. It seems
like I could go through all of the values in the map, and if any entry is simply a String, I could marshal it to a Set<String>
2. the complex objects (e.g. deploymentConfig, saml2Config, supportedTokenTransforms, etc) are themselves maps, and
thus must be 'flattened' into a single map. This is done by calling each of these encapsulated objects to provide a
map representation, and then insert these values into the top-level map.
Note also, that the SMS Map<String, Set<String>> representations of optional, null objects should be set to the empty
values. This is to support the update operation invoked from the Admin UI when an existing rest-sts instance is
edited. In this case, it could be that the SAML2Config of a published rest-sts instance is removed, as it should no
longer issue SAML2 assertions. When the updated RestSTSInstanceConfig is marshalled from the Map<String, Set<String>>
dispatched from the AdminUI (necessary to generate good error messages, and necessary to create the Injector necessary
for rest-sts instance creation), the SAML2Config instance will be null, and thus when this method is called, to get
the SMS persistence state, no SAML2-related attributes will be written, thereby leaving the previous, non-empty values
unchanged. Thus this method should be sure to create empty Set<String> entries for all attributes defined for all
complex, optional, but null objects. This applies to the SAML2Config and OpenIdConnectTokenConfig objects.
*/
public Map<String, Set<String>> marshalToAttributeMap() {
Map<String, Set<String>> interimMap = MapMarshallUtils.toSmsMap(toJson().asMap());
interimMap.remove(DEPLOYMENT_CONFIG);
interimMap.putAll(deploymentConfig.marshalToAttributeMap());
/*
Here the values are already contained in a set. I want to remove the referenced complex-object, but
then add each of the TokenTransformConfig instances in the supportTokenTranslationsSet to a Set<String>, obtaining
a string representation for each TokenTransformConfig instance, and adding it to the Set<String>
*/
interimMap.remove(SUPPORTED_TOKEN_TRANSFORMS);
Set<String> supportedTransforms = new HashSet<>();
interimMap.put(SUPPORTED_TOKEN_TRANSFORMS, supportedTransforms);
for (TokenTransformConfig ttc : supportedTokenTransforms) {
supportedTransforms.add(ttc.toSMSString());
}
interimMap.remove(CUSTOM_TOKEN_TRANSFORMS);
Set<String> customTransforms = new HashSet<>();
interimMap.put(CUSTOM_TOKEN_TRANSFORMS, customTransforms);
for (TokenTransformConfig ttc : customTokenTransforms) {
customTransforms.add(ttc.toSMSString());
}
interimMap.remove(CUSTOM_TOKEN_VALIDATORS);
Set<String> customValidators = new HashSet<>();
interimMap.put(CUSTOM_TOKEN_VALIDATORS, customValidators);
for (CustomTokenOperation cto : customTokenValidators) {
customValidators.add(cto.toSMSString());
}
interimMap.remove(CUSTOM_TOKEN_PROVIDERS);
Set<String> customProviders = new HashSet<>();
interimMap.put(CUSTOM_TOKEN_PROVIDERS, customProviders);
for (CustomTokenOperation cto : customTokenProviders) {
customProviders.add(cto.toSMSString());
}
interimMap.remove(SAML2_CONFIG);
if (saml2Config != null) {
interimMap.putAll(saml2Config.marshalToAttributeMap());
} else {
/*
Generate empty values for all of the SAML2Config attribute keys, in case this method is called as part of
an update, and previous values need to be over-written.
*/
interimMap.putAll(SAML2Config.getEmptySMSAttributeState());
}
interimMap.remove(OIDC_ID_TOKEN_CONFIG);
if (openIdConnectTokenConfig != null) {
interimMap.putAll(openIdConnectTokenConfig.marshalToAttributeMap());
} else {
/*
Generate empty values for all of the OpenIdConnectTokenConfig attribute keys, in case this method is called as part of
an update, and previous values need to be over-written.
*/
interimMap.putAll(OpenIdConnectTokenConfig.getEmptySMSAttributeState());
}
return interimMap;
}
Also used :
CustomTokenOperation(org.forgerock.openam.sts.config.user.CustomTokenOperation)
Example 2 with CustomTokenOperation
use of org.forgerock.openam.sts.config.user.CustomTokenOperation in project OpenAM by OpenRock.
the class RestSTSInstanceConfig method fromJson.
public static RestSTSInstanceConfig fromJson(JsonValue json) {
if (json == null) {
throw new NullPointerException("JsonValue cannot be null!");
}
STSInstanceConfig baseConfig = STSInstanceConfig.fromJson(json);
RestSTSInstanceConfigBuilderBase<?> builder = RestSTSInstanceConfig.builder().saml2Config(baseConfig.getSaml2Config()).oidcIdTokenConfig(baseConfig.getOpenIdConnectTokenConfig()).persistIssuedTokensInCTS(baseConfig.persistIssuedTokensInCTS()).deploymentConfig(DeploymentConfig.fromJson(json.get(DEPLOYMENT_CONFIG)));
JsonValue supportedTranslations = json.get(SUPPORTED_TOKEN_TRANSFORMS);
if (!supportedTranslations.isNull()) {
if (!supportedTranslations.isList()) {
throw new IllegalStateException("Unexpected value for the " + SUPPORTED_TOKEN_TRANSFORMS + " field: " + supportedTranslations.asString());
}
List<TokenTransformConfig> transformConfigList = new ArrayList<>();
for (Object translation : supportedTranslations.asList()) {
transformConfigList.add(TokenTransformConfig.fromJson(new JsonValue(translation)));
}
builder.setSupportedTokenTransforms(transformConfigList);
}
JsonValue customTranslations = json.get(CUSTOM_TOKEN_TRANSFORMS);
if (!customTranslations.isNull()) {
if (!customTranslations.isList()) {
throw new IllegalStateException("Unexpected value for the " + CUSTOM_TOKEN_TRANSFORMS + " field: " + customTranslations.asString());
}
List<TokenTransformConfig> transformConfigList = new ArrayList<>();
for (Object translation : customTranslations.asList()) {
transformConfigList.add(TokenTransformConfig.fromJson(new JsonValue(translation)));
}
builder.setCustomTokenTransforms(transformConfigList);
}
JsonValue customValidators = json.get(CUSTOM_TOKEN_VALIDATORS);
if (!customValidators.isNull()) {
if (!customValidators.isList()) {
throw new IllegalStateException("Unexpected value for the " + CUSTOM_TOKEN_VALIDATORS + " field: " + customValidators.asString());
}
List<CustomTokenOperation> customValidatorsList = new ArrayList<>();
for (Object translation : customValidators.asList()) {
customValidatorsList.add(CustomTokenOperation.fromJson(new JsonValue(translation)));
}
builder.setCustomValidators(customValidatorsList);
}
JsonValue customProviders = json.get(CUSTOM_TOKEN_PROVIDERS);
if (!customProviders.isNull()) {
if (!customProviders.isList()) {
throw new IllegalStateException("Unexpected value for the " + CUSTOM_TOKEN_PROVIDERS + " field: " + customProviders.asString());
}
List<CustomTokenOperation> customProvidersList = new ArrayList<>();
for (Object translation : customProviders.asList()) {
customProvidersList.add(CustomTokenOperation.fromJson(new JsonValue(translation)));
}
builder.setCustomProviders(customProvidersList);
}
return builder.build();
}
Also used :
JsonValue(org.forgerock.json.JsonValue)
CustomTokenOperation(org.forgerock.openam.sts.config.user.CustomTokenOperation)
STSInstanceConfig(org.forgerock.openam.sts.config.user.STSInstanceConfig)
Example 3 with CustomTokenOperation
use of org.forgerock.openam.sts.config.user.CustomTokenOperation in project OpenAM by OpenRock.
the class RestSTSInstanceConfig method toJson.
public JsonValue toJson() {
JsonValue baseValue = super.toJson();
baseValue.add(DEPLOYMENT_CONFIG, deploymentConfig.toJson());
if (!supportedTokenTransforms.isEmpty()) {
List<JsonValue> translationList = new ArrayList<>(supportedTokenTransforms.size());
for (TokenTransformConfig tokenTransformConfig : supportedTokenTransforms) {
translationList.add(tokenTransformConfig.toJson());
}
JsonValue supportedTranslations = new JsonValue(translationList);
baseValue.add(SUPPORTED_TOKEN_TRANSFORMS, supportedTranslations);
}
if (!customTokenValidators.isEmpty()) {
List<JsonValue> customValidatorsList = new ArrayList<>(customTokenValidators.size());
for (CustomTokenOperation customTokenOperation : customTokenValidators) {
customValidatorsList.add(customTokenOperation.toJson());
}
JsonValue customValidators = new JsonValue(customValidatorsList);
baseValue.add(CUSTOM_TOKEN_VALIDATORS, customValidators);
}
if (!customTokenProviders.isEmpty()) {
List<JsonValue> customProvidersList = new ArrayList<>(customTokenProviders.size());
for (CustomTokenOperation customTokenOperation : customTokenProviders) {
customProvidersList.add(customTokenOperation.toJson());
}
JsonValue customProviders = new JsonValue(customProvidersList);
baseValue.add(CUSTOM_TOKEN_PROVIDERS, customProviders);
}
if (!customTokenTransforms.isEmpty()) {
List<JsonValue> customTranslationsList = new ArrayList<>(customTokenTransforms.size());
for (TokenTransformConfig tokenTransformConfig : customTokenTransforms) {
customTranslationsList.add(tokenTransformConfig.toJson());
}
JsonValue customTranslations = new JsonValue(customTranslationsList);
baseValue.add(CUSTOM_TOKEN_TRANSFORMS, customTranslations);
}
return baseValue;
}
Also used :
JsonValue(org.forgerock.json.JsonValue)
CustomTokenOperation(org.forgerock.openam.sts.config.user.CustomTokenOperation)
Aggregations
CustomTokenOperation (org.forgerock.openam.sts.config.user.CustomTokenOperation)3
JsonValue (org.forgerock.json.JsonValue)2
STSInstanceConfig (org.forgerock.openam.sts.config.user.STSInstanceConfig)1
