Search in sources :

Example 6 with RequestCtx

use of org.wso2.balana.ctx.xacml3.RequestCtx in project carbon-identity-framework by wso2.

the class EntitlementEngine method evaluateReturnResponseCtx.

/**
 * Evaluates the given XACML request and returns the ResponseCtx Response that the EntitlementEngine will
 * hand back to the PEP. PEP needs construct the XACML request before sending it to the
 * EntitlementEngine
 *
 * @param xacmlRequest XACML request as String
 * @return ResponseCtx response
 * @throws org.wso2.balana.ParsingException                          throws
 * @throws org.wso2.carbon.identity.entitlement.EntitlementException throws
 * @throws javax.xml.parsers.ParserConfigurationException            throws
 * @throws org.xml.sax.SAXException                                  throws
 * @throws java.io.IOException                                       throws
 */
public ResponseCtx evaluateReturnResponseCtx(String xacmlRequest) throws EntitlementException, ParsingException, ParserConfigurationException, SAXException, IOException {
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_REQUEST)) {
        log.debug("XACML Request : " + xacmlRequest);
    }
    String xacmlResponse;
    ResponseCtx responseCtx;
    if ((xacmlResponse = (String) getFromCache(xacmlRequest, false)) != null) {
        if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
            log.debug("XACML Response : " + xacmlResponse);
        }
        DocumentBuilderFactory documentBuilderFactory = IdentityUtil.getSecuredDocumentBuilderFactory();
        Element node = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(xacmlResponse.getBytes())).getDocumentElement();
        return (ResponseCtx.getInstance(node));
    }
    Map<PIPExtension, Properties> extensions = EntitlementServiceComponent.getEntitlementConfig().getExtensions();
    if (extensions != null && !extensions.isEmpty()) {
        PolicyRequestBuilder policyRequestBuilder = new PolicyRequestBuilder();
        Element xacmlRequestElement = policyRequestBuilder.getXacmlRequest(xacmlRequest);
        AbstractRequestCtx requestCtx = RequestCtxFactory.getFactory().getRequestCtx(xacmlRequestElement);
        Set<PIPExtension> pipExtensions = extensions.keySet();
        for (PIPExtension pipExtension : pipExtensions) {
            pipExtension.update(requestCtx);
        }
        responseCtx = pdp.evaluate(requestCtx);
    } else {
        responseCtx = pdp.evaluateReturnResponseCtx(xacmlRequest);
    }
    xacmlResponse = responseCtx.encode();
    addToCache(xacmlRequest, xacmlResponse, false);
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
        log.debug("XACML Response : " + xacmlResponse);
    }
    return responseCtx;
}
Also used : DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) AbstractRequestCtx(org.wso2.balana.ctx.AbstractRequestCtx) ByteArrayInputStream(java.io.ByteArrayInputStream) PIPExtension(org.wso2.carbon.identity.entitlement.pip.PIPExtension) Element(org.w3c.dom.Element) Properties(java.util.Properties) ResponseCtx(org.wso2.balana.ctx.ResponseCtx) PolicyRequestBuilder(org.wso2.carbon.identity.entitlement.policy.PolicyRequestBuilder)

Example 7 with RequestCtx

use of org.wso2.balana.ctx.xacml3.RequestCtx in project carbon-identity-framework by wso2.

the class EntitlementEngine method evaluate.

/**
 * Evaluates the given XACML request and returns the Response
 *
 * @param requestCtx Balana Object model for request
 * @param xacmlRequest Balana Object model for request
 * @return ResponseCtx  Balana Object model for response
 */
public ResponseCtx evaluate(AbstractRequestCtx requestCtx, String xacmlRequest) {
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_REQUEST)) {
        log.debug("XACML Request : " + xacmlRequest);
    }
    ResponseCtx xacmlResponse;
    if ((xacmlResponse = (ResponseCtx) getFromCache(xacmlRequest, false)) != null) {
        if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
            log.debug("XACML Response : " + xacmlResponse);
        }
        return xacmlResponse;
    }
    xacmlResponse = pdp.evaluate(requestCtx);
    addToCache(xacmlRequest, xacmlResponse, false);
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
        log.debug("XACML Response : " + xacmlResponse);
    }
    return xacmlResponse;
}
Also used : ResponseCtx(org.wso2.balana.ctx.ResponseCtx)

Aggregations

ResponseCtx (org.wso2.balana.ctx.ResponseCtx)5 AbstractRequestCtx (org.wso2.balana.ctx.AbstractRequestCtx)3 RequestCtx (org.wso2.balana.ctx.xacml3.RequestCtx)3 HashSet (java.util.HashSet)2 Properties (java.util.Properties)2 Element (org.w3c.dom.Element)2 Attributes (org.wso2.balana.xacml3.Attributes)2 PIPExtension (org.wso2.carbon.identity.entitlement.pip.PIPExtension)2 PolicyRequestBuilder (org.wso2.carbon.identity.entitlement.policy.PolicyRequestBuilder)2 JsonElement (com.google.gson.JsonElement)1 JsonObject (com.google.gson.JsonObject)1 JsonParseException (com.google.gson.JsonParseException)1 ApiOperation (io.swagger.annotations.ApiOperation)1 ApiResponses (io.swagger.annotations.ApiResponses)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 ArrayList (java.util.ArrayList)1 Map (java.util.Map)1 Set (java.util.Set)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1