use of org.wso2.carbon.apimgt.impl.token.ClaimsRetriever in project carbon-apimgt by wso2.
the class JWTGenerator method populateCustomClaims.
@Override
public Map<String, String> populateCustomClaims(TokenValidationContext validationContext) throws APIManagementException {
APIManagerConfiguration apiManagerConfiguration = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
JWTConfigurationDto jwtConfigurationDto = apiManagerConfiguration.getJwtConfigurationDto();
Map<String, String> customClaims = new HashMap<>();
Map<String, Object> properties = new HashMap<>();
String username = validationContext.getValidationInfoDTO().getEndUserName();
int tenantId = APIUtil.getTenantId(username);
if (jwtConfigurationDto.isEnableUserClaims()) {
String accessToken = validationContext.getAccessToken();
if (accessToken != null) {
properties.put(APIConstants.KeyManager.ACCESS_TOKEN, accessToken);
}
String dialectURI = jwtConfigurationDto.getConsumerDialectUri();
if (!StringUtils.isEmpty(dialectURI)) {
properties.put(APIConstants.KeyManager.CLAIM_DIALECT, dialectURI);
String keymanagerName = validationContext.getValidationInfoDTO().getKeyManager();
KeyManager keymanager = KeyManagerHolder.getKeyManagerInstance(APIUtil.getTenantDomainFromTenantId(tenantId), keymanagerName);
if (keymanager != null) {
customClaims = keymanager.getUserClaims(username, properties);
if (log.isDebugEnabled()) {
log.debug("Retrieved claims :" + customClaims);
}
}
}
}
ClaimsRetriever claimsRetriever = getClaimsRetriever();
if (claimsRetriever != null) {
customClaims.putAll(claimsRetriever.getClaims(username));
}
return customClaims;
}
use of org.wso2.carbon.apimgt.impl.token.ClaimsRetriever in project carbon-apimgt by wso2.
the class JWTGenerator method populateStandardClaims.
@Override
public Map<String, String> populateStandardClaims(TokenValidationContext validationContext) throws APIManagementException {
// generating expiring timestamp
long currentTime = System.currentTimeMillis();
long expireIn = currentTime + getTTL() * 1000;
String dialect;
ClaimsRetriever claimsRetriever = getClaimsRetriever();
if (claimsRetriever != null) {
dialect = claimsRetriever.getDialectURI(validationContext.getValidationInfoDTO().getEndUserName());
} else {
dialect = getDialectURI();
}
// dialect is either empty or '/' do not append a backslash. otherwise append a backslash '/'
if (!"".equals(dialect) && !"/".equals(dialect)) {
dialect = dialect + "/";
}
String subscriber = validationContext.getValidationInfoDTO().getSubscriber();
String applicationName = validationContext.getValidationInfoDTO().getApplicationName();
String applicationId = validationContext.getValidationInfoDTO().getApplicationId();
String tier = validationContext.getValidationInfoDTO().getTier();
String endUserName = validationContext.getValidationInfoDTO().getEndUserName();
String keyType = validationContext.getValidationInfoDTO().getType();
String userType = validationContext.getValidationInfoDTO().getUserType();
String applicationTier = validationContext.getValidationInfoDTO().getApplicationTier();
String enduserTenantId = String.valueOf(APIUtil.getTenantId(endUserName));
String apiName = validationContext.getValidationInfoDTO().getApiName();
Application application = getApplicationById(validationContext.getValidationInfoDTO().getSubscriberTenantDomain(), Integer.parseInt(applicationId));
String uuid = null;
Map<String, String> appAttributes = null;
if (application != null) {
appAttributes = application.getAttributes();
uuid = application.getUUID();
}
Map<String, String> claims = new LinkedHashMap<String, String>(20);
claims.put("iss", API_GATEWAY_ID);
claims.put("exp", String.valueOf(expireIn));
claims.put(dialect + "subscriber", subscriber);
claims.put(dialect + "applicationid", applicationId);
claims.put(dialect + "applicationname", applicationName);
claims.put(dialect + "applicationtier", applicationTier);
claims.put(dialect + "apiname", apiName);
claims.put(dialect + "apicontext", validationContext.getContext());
claims.put(dialect + "version", validationContext.getVersion());
claims.put(dialect + "tier", tier);
claims.put(dialect + "keytype", keyType);
claims.put(dialect + "usertype", userType);
claims.put(dialect + "enduser", APIUtil.getUserNameWithTenantSuffix(endUserName));
claims.put(dialect + "enduserTenantId", enduserTenantId);
claims.put(dialect + "applicationUUId", uuid);
try {
if (appAttributes != null && !appAttributes.isEmpty()) {
String stringAppAttributes = new ObjectMapper().writeValueAsString(appAttributes);
claims.put(dialect + "applicationAttributes", stringAppAttributes);
}
} catch (JsonProcessingException e) {
log.error("Error in converting Map to String");
}
return claims;
}
use of org.wso2.carbon.apimgt.impl.token.ClaimsRetriever in project carbon-apimgt by wso2.
the class JWTGenerator method convertClaimMap.
protected Map<String, String> convertClaimMap(Map<ClaimMapping, String> userAttributes, String username) throws APIManagementException {
Map<String, String> userClaims = new HashMap<>();
Map<String, String> userClaimsCopy = new HashMap<>();
for (Map.Entry<ClaimMapping, String> entry : userAttributes.entrySet()) {
Claim claimObject = entry.getKey().getLocalClaim();
if (claimObject == null) {
claimObject = entry.getKey().getRemoteClaim();
}
userClaims.put(claimObject.getClaimUri(), entry.getValue());
userClaimsCopy.put(claimObject.getClaimUri(), entry.getValue());
}
String convertClaimsFromOIDCtoConsumerDialect = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty(APIConstants.CONVERT_CLAIMS_TO_CONSUMER_DIALECT);
if (convertClaimsFromOIDCtoConsumerDialect != null && !Boolean.parseBoolean(convertClaimsFromOIDCtoConsumerDialect)) {
return userClaims;
}
int tenantId = APIUtil.getTenantId(username);
String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
String dialect;
ClaimsRetriever claimsRetriever = getClaimsRetriever();
if (claimsRetriever != null) {
dialect = claimsRetriever.getDialectURI(username);
} else {
dialect = getDialectURI();
}
// (key) configuredDialectClaimURI -> (value)
Map<String, String> configuredDialectToCarbonClaimMapping = null;
// carbonClaimURI
// (key) carbonClaimURI -> value (oidcClaimURI)
Map<String, String> carbonToOIDCclaimMapping = null;
Set<String> claimUris = new HashSet<String>(userClaims.keySet());
try {
carbonToOIDCclaimMapping = new ClaimMetadataHandler().getMappingsMapFromOtherDialectToCarbon(OIDC_DIALECT_URI, claimUris, tenantDomain, true);
configuredDialectToCarbonClaimMapping = ClaimManagerHandler.getInstance().getMappingsMapFromCarbonDialectToOther(dialect, carbonToOIDCclaimMapping.keySet(), tenantDomain);
} catch (ClaimMetadataException e) {
String error = "Error while mapping claims from Carbon dialect to " + OIDC_DIALECT_URI + " dialect";
throw new APIManagementException(error, e);
} catch (ClaimManagementException e) {
String error = "Error while mapping claims from configured dialect to Carbon dialect";
throw new APIManagementException(error, e);
}
for (Map.Entry<String, String> oidcClaimValEntry : userClaims.entrySet()) {
for (Map.Entry<String, String> carbonToOIDCEntry : carbonToOIDCclaimMapping.entrySet()) {
if (oidcClaimValEntry.getKey().equals(carbonToOIDCEntry.getValue())) {
for (Map.Entry<String, String> configuredToCarbonEntry : configuredDialectToCarbonClaimMapping.entrySet()) {
if (configuredToCarbonEntry.getValue().equals(carbonToOIDCEntry.getKey())) {
userClaimsCopy.remove(oidcClaimValEntry.getKey());
userClaimsCopy.put(configuredToCarbonEntry.getKey(), oidcClaimValEntry.getValue());
}
}
}
}
}
return userClaimsCopy;
}
use of org.wso2.carbon.apimgt.impl.token.ClaimsRetriever in project carbon-apimgt by wso2.
the class NewAPIVersionEmailNotifierTest method testShouldNotThrowExceptionWhenRetrievingNotifiers.
@Test
public void testShouldNotThrowExceptionWhenRetrievingNotifiers() throws APIManagementException {
NewAPIVersionEmailNotifier emailNotifier = new NewAPIVersionEmailNotifierWrapper(registry, claimsRetriever);
ClaimsRetriever claimsRetriever = Mockito.mock(ClaimsRetriever.class);
Mockito.doNothing().when(claimsRetriever).init();
try {
emailNotifier.getNotifierSet(notificationDTO);
} catch (NotificationException e) {
Assert.fail("Should not throw any exceptions");
}
}
use of org.wso2.carbon.apimgt.impl.token.ClaimsRetriever in project carbon-apimgt by wso2.
the class NewAPIVersionEmailNotifierTest method setup.
@Before
public void setup() {
notifier = new NewAPIVersionEmailNotifier();
registry = Mockito.mock(Registry.class);
claimsRetriever = Mockito.mock(ClaimsRetriever.class);
Subscriber subscriber = new Subscriber(ADMIN);
Set<Subscriber> subscribersOfAPI = new HashSet<Subscriber>();
subscribersOfAPI.add(subscriber);
Properties properties = new Properties();
properties.put(NotifierConstants.API_KEY, new APIIdentifier(ADMIN, API_NAME, "1.0.0"));
properties.put(NotifierConstants.NEW_API_KEY, new APIIdentifier(ADMIN, API_NAME, "2.0.0"));
properties.put(NotifierConstants.TITLE_KEY, "New Version");
properties.put(NotifierConstants.SUBSCRIBERS_PER_API, subscribersOfAPI);
properties.put(NotifierConstants.CLAIMS_RETRIEVER_IMPL_CLASS, "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever");
properties.put(NotifierConstants.TEMPLATE_KEY, "<html>$1</html>");
notificationDTO = new NotificationDTO(properties, NotifierConstants.NOTIFICATION_TYPE_NEW_VERSION);
notificationDTO.setTenantID(TENANT_ID);
}
Aggregations