Search in sources :

Example 46 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIConsumerImpl method requestApprovalForApplicationRegistration.

/**
 * This method specifically implemented for REST API by removing application and data access logic
 * from host object layer. So as per new implementation we need to pass requested scopes to this method
 * as tokenScope. So we will do scope related other logic here in this method.
 * So host object should only pass required 9 parameters.
 */
@Override
public Map<String, Object> requestApprovalForApplicationRegistration(String userId, Application application, String tokenType, String callbackUrl, String[] allowedDomains, String validityTime, String tokenScope, String jsonString, String keyManagerName, String tenantDomain, boolean isImportMode) throws APIManagementException {
    boolean isTenantFlowStarted = false;
    if (StringUtils.isEmpty(tenantDomain)) {
        tenantDomain = MultitenantUtils.getTenantDomain(userId);
    } else {
        int tenantId = APIUtil.getInternalOrganizationId(tenantDomain);
        // To handle choreo scenario.
        if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
            tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
        }
    }
    String keyManagerId = null;
    if (keyManagerName != null) {
        KeyManagerConfigurationDTO keyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByName(tenantDomain, keyManagerName);
        if (keyManagerConfiguration == null) {
            keyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByUUID(keyManagerName);
            if (keyManagerConfiguration != null) {
                keyManagerId = keyManagerName;
                keyManagerName = keyManagerConfiguration.getName();
            }
        } else {
            keyManagerId = keyManagerConfiguration.getUuid();
        }
        if (keyManagerConfiguration == null || !keyManagerConfiguration.isEnabled()) {
            throw new APIManagementException("Key Manager " + keyManagerName + " doesn't exist in Tenant " + tenantDomain, ExceptionCodes.KEY_MANAGER_NOT_REGISTERED);
        }
        if (KeyManagerConfiguration.TokenType.EXCHANGED.toString().equals(keyManagerConfiguration.getTokenType())) {
            throw new APIManagementException("Key Manager " + keyManagerName + " doesn't support to generate" + " Client Application", ExceptionCodes.KEY_MANAGER_NOT_SUPPORT_OAUTH_APP_CREATION);
        }
        Object enableOauthAppCreation = keyManagerConfiguration.getProperty(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION);
        if (enableOauthAppCreation != null && !(Boolean) enableOauthAppCreation) {
            if (isImportMode) {
                log.debug("Importing application when KM OAuth App creation is disabled. Trying to map keys");
                // in the `jsonString` and ApplicationUtils#createOauthAppRequest logic handles it.
                return mapExistingOAuthClient(jsonString, userId, null, application.getName(), tokenType, APIConstants.DEFAULT_TOKEN_TYPE, keyManagerName, tenantDomain);
            } else {
                throw new APIManagementException("Key Manager " + keyManagerName + " doesn't support to generate" + " Client Application", ExceptionCodes.KEY_MANAGER_NOT_SUPPORT_OAUTH_APP_CREATION);
            }
        }
    }
    try {
        if (tenantDomain != null && !MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
            isTenantFlowStarted = startTenantFlowForTenantDomain(tenantDomain);
        }
        // check if there are any existing key mappings set for the application and the key manager.
        if (apiMgtDAO.isKeyMappingExistsForApplication(application.getId(), keyManagerName, keyManagerId, tokenType)) {
            throw new APIManagementException("Key Mappings already exists for application " + application.getName(), ExceptionCodes.KEY_MAPPING_ALREADY_EXIST);
        }
        // initiate WorkflowExecutor
        WorkflowExecutor appRegistrationWorkflow = null;
        // initiate ApplicationRegistrationWorkflowDTO
        ApplicationRegistrationWorkflowDTO appRegWFDto = null;
        ApplicationKeysDTO appKeysDto = new ApplicationKeysDTO();
        boolean isCaseInsensitiveComparisons = Boolean.parseBoolean(getAPIManagerConfiguration().getFirstProperty(APIConstants.API_STORE_FORCE_CI_COMPARISIONS));
        boolean isUserAppOwner;
        if (isCaseInsensitiveComparisons) {
            isUserAppOwner = application.getSubscriber().getName().equalsIgnoreCase(userId);
        } else {
            isUserAppOwner = application.getSubscriber().getName().equals(userId);
        }
        if (!isUserAppOwner) {
            throw new APIManagementException("user: " + application.getSubscriber().getName() + ", " + "attempted to generate tokens for application owned by: " + userId);
        }
        // if its a PRODUCTION application.
        if (APIConstants.API_KEY_TYPE_PRODUCTION.equals(tokenType)) {
            // initiate workflow type. By default simple work flow will be
            // executed.
            appRegistrationWorkflow = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
            appRegWFDto = (ApplicationRegistrationWorkflowDTO) WorkflowExecutorFactory.getInstance().createWorkflowDTO(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
        } else // if it is a sandBox application.
        if (APIConstants.API_KEY_TYPE_SANDBOX.equals(tokenType)) {
            // if its a SANDBOX application.
            appRegistrationWorkflow = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
            appRegWFDto = (ApplicationRegistrationWorkflowDTO) WorkflowExecutorFactory.getInstance().createWorkflowDTO(WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
        } else {
            throw new APIManagementException("Invalid Token Type '" + tokenType + "' requested.");
        }
        // check whether callback url is empty and set null
        if (StringUtils.isBlank(callbackUrl)) {
            callbackUrl = null;
        }
        String applicationTokenType = application.getTokenType();
        if (StringUtils.isEmpty(application.getTokenType())) {
            applicationTokenType = APIConstants.DEFAULT_TOKEN_TYPE;
        }
        // Build key manager instance and create oAuthAppRequest by jsonString.
        OAuthAppRequest request = ApplicationUtils.createOauthAppRequest(application.getName(), null, callbackUrl, tokenScope, jsonString, applicationTokenType, tenantDomain, keyManagerName);
        request.getOAuthApplicationInfo().addParameter(ApplicationConstants.VALIDITY_PERIOD, validityTime);
        request.getOAuthApplicationInfo().addParameter(ApplicationConstants.APP_KEY_TYPE, tokenType);
        request.getOAuthApplicationInfo().addParameter(ApplicationConstants.APP_CALLBACK_URL, callbackUrl);
        request.getOAuthApplicationInfo().setApplicationUUID(application.getUUID());
        // Setting request values in WorkflowDTO - In future we should keep
        // Application/OAuthApplication related
        // information in the respective entities not in the workflowDTO.
        appRegWFDto.setStatus(WorkflowStatus.CREATED);
        appRegWFDto.setCreatedTime(System.currentTimeMillis());
        appRegWFDto.setTenantDomain(tenantDomain);
        appRegWFDto.setTenantId(tenantId);
        appRegWFDto.setExternalWorkflowReference(appRegistrationWorkflow.generateUUID());
        appRegWFDto.setWorkflowReference(appRegWFDto.getExternalWorkflowReference());
        appRegWFDto.setApplication(application);
        appRegWFDto.setKeyManager(keyManagerId);
        request.setMappingId(appRegWFDto.getWorkflowReference());
        if (!application.getSubscriber().getName().equals(userId)) {
            appRegWFDto.setUserName(application.getSubscriber().getName());
        } else {
            appRegWFDto.setUserName(userId);
        }
        appRegWFDto.setCallbackUrl(appRegistrationWorkflow.getCallbackURL());
        appRegWFDto.setAppInfoDTO(request);
        appRegWFDto.setDomainList(allowedDomains);
        appRegWFDto.setKeyDetails(appKeysDto);
        appRegistrationWorkflow.execute(appRegWFDto);
        Map<String, Object> keyDetails = new HashMap<String, Object>();
        keyDetails.put(APIConstants.FrontEndParameterNames.KEY_STATE, appRegWFDto.getStatus().toString());
        OAuthApplicationInfo applicationInfo = appRegWFDto.getApplicationInfo();
        String keyMappingId = apiMgtDAO.getKeyMappingIdFromApplicationIdKeyTypeAndKeyManager(application.getId(), tokenType, keyManagerId);
        keyDetails.put(APIConstants.FrontEndParameterNames.KEY_MAPPING_ID, keyMappingId);
        if (applicationInfo != null) {
            keyDetails.put(APIConstants.FrontEndParameterNames.CONSUMER_KEY, applicationInfo.getClientId());
            keyDetails.put(APIConstants.FrontEndParameterNames.CONSUMER_SECRET, applicationInfo.getClientSecret());
            keyDetails.put(ApplicationConstants.OAUTH_APP_DETAILS, applicationInfo.getJsonString());
            keyDetails.put(APIConstants.FrontEndParameterNames.MODE, APIConstants.OAuthAppMode.CREATED.name());
        }
        // There can be instances where generating the Application Token is
        // not required. In those cases,
        // token info will have nothing.
        AccessTokenInfo tokenInfo = appRegWFDto.getAccessTokenInfo();
        if (tokenInfo != null) {
            keyDetails.put("accessToken", tokenInfo.getAccessToken());
            keyDetails.put("validityTime", tokenInfo.getValidityPeriod());
            keyDetails.put("tokenDetails", tokenInfo.getJSONString());
            keyDetails.put("tokenScope", tokenInfo.getScopes());
        }
        JSONObject appLogObject = new JSONObject();
        appLogObject.put("Generated keys for application", application.getName());
        APIUtil.logAuditMessage(APIConstants.AuditLogConstants.APPLICATION, appLogObject.toString(), APIConstants.AuditLogConstants.UPDATED, this.username);
        // if its a PRODUCTION application.
        if (APIConstants.API_KEY_TYPE_PRODUCTION.equals(tokenType)) {
            // get the workflow state once the executor is executed.
            WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(appRegWFDto.getExternalWorkflowReference(), WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_PRODUCTION);
            // wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
            if (wfDTO != null) {
                if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus())) {
                    ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
                    APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
                }
            } else {
                ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
                APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
            }
        } else if (APIConstants.API_KEY_TYPE_SANDBOX.equals(tokenType)) {
            // get the workflow state once the executor is executed.
            WorkflowDTO wfDTO = apiMgtDAO.retrieveWorkflowFromInternalReference(appRegWFDto.getExternalWorkflowReference(), WorkflowConstants.WF_TYPE_AM_APPLICATION_REGISTRATION_SANDBOX);
            // wfDTO is null when simple wf executor is used because wf state is not stored in the db and is always approved.
            if (wfDTO != null) {
                if (WorkflowStatus.APPROVED.equals(wfDTO.getStatus())) {
                    ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
                    APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
                }
            } else {
                ApplicationRegistrationEvent applicationRegistrationEvent = new ApplicationRegistrationEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.APPLICATION_REGISTRATION_CREATE.name(), tenantId, tenantDomain, application.getId(), application.getUUID(), applicationInfo.getClientId(), tokenType, keyManagerName);
                APIUtil.sendNotification(applicationRegistrationEvent, APIConstants.NotifierType.APPLICATION_REGISTRATION.name());
            }
        }
        return keyDetails;
    } catch (WorkflowException e) {
        log.error("Could not execute Workflow", e);
        throw new APIManagementException(e);
    } finally {
        if (isTenantFlowStarted) {
            endTenantFlow();
        }
    }
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) ApplicationRegistrationWorkflowDTO(org.wso2.carbon.apimgt.impl.dto.ApplicationRegistrationWorkflowDTO) ApplicationWorkflowDTO(org.wso2.carbon.apimgt.impl.dto.ApplicationWorkflowDTO) WorkflowDTO(org.wso2.carbon.apimgt.impl.dto.WorkflowDTO) ApplicationRegistrationWorkflowDTO(org.wso2.carbon.apimgt.impl.dto.ApplicationRegistrationWorkflowDTO) SubscriptionWorkflowDTO(org.wso2.carbon.apimgt.impl.dto.SubscriptionWorkflowDTO) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) WorkflowException(org.wso2.carbon.apimgt.impl.workflow.WorkflowException) ApplicationRegistrationEvent(org.wso2.carbon.apimgt.impl.notifier.events.ApplicationRegistrationEvent) AccessTokenInfo(org.wso2.carbon.apimgt.api.model.AccessTokenInfo) ApplicationKeysDTO(org.wso2.carbon.apimgt.api.model.ApplicationKeysDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) JSONObject(org.json.simple.JSONObject) OAuthAppRequest(org.wso2.carbon.apimgt.api.model.OAuthAppRequest) OAuthApplicationInfo(org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo) JSONObject(org.json.simple.JSONObject) WorkflowExecutor(org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor)

Example 47 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method addKeyManagerConfiguration.

@Override
public KeyManagerConfigurationDTO addKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
    if (apiMgtDAO.isKeyManagerConfigurationExistByName(keyManagerConfigurationDTO.getName(), keyManagerConfigurationDTO.getOrganization())) {
        throw new APIManagementException("Key manager Already Exist by Name " + keyManagerConfigurationDTO.getName() + " in tenant " + keyManagerConfigurationDTO.getOrganization(), ExceptionCodes.KEY_MANAGER_ALREADY_EXIST);
    }
    if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
        validateKeyManagerConfiguration(keyManagerConfigurationDTO);
        validateKeyManagerEndpointConfiguration(keyManagerConfigurationDTO);
    }
    if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
        keyManagerConfigurationDTO.setUuid(UUID.randomUUID().toString());
        try {
            IdentityProvider identityProvider = IdentityProviderManager.getInstance().addIdPWithResourceId(createIdp(keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
            keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
        } catch (IdentityProviderManagementException e) {
            throw new APIManagementException("IdP adding failed. " + e.getMessage(), e, ExceptionCodes.IDP_ADDING_FAILED);
        }
    }
    if (StringUtils.isBlank(keyManagerConfigurationDTO.getUuid())) {
        keyManagerConfigurationDTO.setUuid(UUID.randomUUID().toString());
    }
    KeyManagerConfigurationDTO keyManagerConfigurationToStore = new KeyManagerConfigurationDTO(keyManagerConfigurationDTO);
    encryptKeyManagerConfigurationValues(null, keyManagerConfigurationToStore);
    apiMgtDAO.addKeyManagerConfiguration(keyManagerConfigurationToStore);
    new KeyMgtNotificationSender().notify(keyManagerConfigurationDTO, APIConstants.KeyManager.KeyManagerEvent.ACTION_ADD);
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) KeyMgtNotificationSender(org.wso2.carbon.apimgt.impl.keymgt.KeyMgtNotificationSender)

Example 48 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method deleteIdentityProvider.

@Override
public void deleteIdentityProvider(String organization, KeyManagerConfigurationDTO kmConfig) throws APIManagementException {
    if (kmConfig != null) {
        if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), kmConfig.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), kmConfig.getTokenType())) {
            try {
                if (kmConfig.getExternalReferenceId() != null) {
                    String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                    if (log.isDebugEnabled()) {
                        log.debug("Retrieving key manager reference IDP for tenant domain : " + tenantDomain);
                    }
                    IdentityProviderManager.getInstance().deleteIdPByResourceId(kmConfig.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(organization));
                }
            } catch (IdentityProviderManagementException e) {
                throw new APIManagementException("IdP deletion failed. " + e.getMessage(), e, ExceptionCodes.IDP_DELETION_FAILED);
            }
        }
    }
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Example 49 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method createIdp.

private IdentityProvider createIdp(KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
    IdentityProvider identityProvider = new IdentityProvider();
    String idpName = sanitizeName(getSubstringOfTen(keyManagerConfigurationDTO.getName()) + "_" + keyManagerConfigurationDTO.getOrganization() + "_" + keyManagerConfigurationDTO.getUuid());
    identityProvider.setIdentityProviderName(idpName);
    identityProvider.setDisplayName(keyManagerConfigurationDTO.getDisplayName());
    identityProvider.setPrimary(Boolean.FALSE);
    identityProvider.setIdentityProviderDescription(keyManagerConfigurationDTO.getDescription());
    identityProvider.setAlias(keyManagerConfigurationDTO.getAlias());
    String certificate = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
        certificate = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_VALUE);
    }
    String certificateType = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
        certificateType = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_TYPE);
    }
    List<IdentityProviderProperty> idpProperties = new ArrayList<>();
    if (StringUtils.isNotEmpty(certificate) && StringUtils.isNotEmpty(certificateType)) {
        if (APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT.equals(certificateType)) {
            if (StringUtils.isNotBlank(certificate)) {
                IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
                jwksProperty.setName(APIConstants.JWKS_URI);
                jwksProperty.setValue(certificate);
                idpProperties.add(jwksProperty);
            }
        } else if (APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE.equals(certificateType)) {
            identityProvider.setCertificate(String.join(certificate, ""));
        }
    }
    if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER) != null) {
        IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
        identityProviderProperty.setName(IdentityApplicationConstants.IDP_ISSUER_NAME);
        identityProviderProperty.setValue((String) keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER));
        idpProperties.add(identityProviderProperty);
    }
    if (idpProperties.size() > 0) {
        identityProvider.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
    }
    identityProvider.setEnable(keyManagerConfigurationDTO.isEnabled());
    Object claims = keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.CLAIM_MAPPING);
    updateClaims(identityProvider, claims);
    return identityProvider;
}
Also used : IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ArrayList(java.util.ArrayList) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) JsonObject(com.google.gson.JsonObject) JSONObject(org.json.simple.JSONObject)

Example 50 with KeyManagerConfigurationDTO

use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerConfigurationDTO in project carbon-apimgt by wso2.

the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.

private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
    keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
    keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
    IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
    if (identityProviderProperties.length > 0) {
        for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
            if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
            }
            if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
            }
        }
    } else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
    }
    keyManagerDTO.setEnabled(identityProvider.isEnable());
    keyManagerDTO.setAlias(identityProvider.getAlias());
    ClaimConfig claimConfig = identityProvider.getClaimConfig();
    JsonArray claimArray = new JsonArray();
    for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
        JsonObject claimMappingEntryDTO = new JsonObject();
        claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
        claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
        claimArray.add(claimMappingEntryDTO);
    }
    keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Also used : JsonArray(com.google.gson.JsonArray) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) JsonObject(com.google.gson.JsonObject)

Aggregations

KeyManagerConfigurationDTO (org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)43 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)30 Gson (com.google.gson.Gson)16 ArrayList (java.util.ArrayList)13 HashMap (java.util.HashMap)12 OAuthApplicationInfo (org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo)11 JSONObject (org.json.simple.JSONObject)10 JsonObject (com.google.gson.JsonObject)9 PreparedStatement (java.sql.PreparedStatement)9 KeyManager (org.wso2.carbon.apimgt.api.model.KeyManager)9 OAuthAppRequest (org.wso2.carbon.apimgt.api.model.OAuthAppRequest)9 Map (java.util.Map)8 APIAdmin (org.wso2.carbon.apimgt.api.APIAdmin)8 APIAdminImpl (org.wso2.carbon.apimgt.impl.APIAdminImpl)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 Connection (java.sql.Connection)7 SQLException (java.sql.SQLException)7 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)7 LinkedHashMap (java.util.LinkedHashMap)6 Application (org.wso2.carbon.apimgt.api.model.Application)6