Example 1 with ConsentManager
use of org.wso2.carbon.consent.mgt.core.ConsentManager in project carbon-identity-framework by wso2.
the class ConsentDeletionUserEventHandler method handleEvent.
/**
* Delete consents issued against a particular user when a user is deleted.
*
* @param event Post User Delete event.
* @throws IdentityEventException IdentityEventException.
*/
@Override
public void handleEvent(Event event) throws IdentityEventException {
IdentityEventMessageContext eventContext = new IdentityEventMessageContext(event);
if (!isEnabled(eventContext)) {
if (log.isDebugEnabled()) {
log.debug("ConsentDeletionUserEventHandler is disabled. Not handling the " + event.getEventName() + " event.");
}
return;
}
Map<String, Object> eventProperties = event.getEventProperties();
String userName = (String) eventProperties.get(IdentityEventConstants.EventProperty.USER_NAME);
UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get(IdentityEventConstants.EventProperty.USER_STORE_MANAGER);
String domainName = userStoreManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
String tenantDomain = getUserTenantDomain(eventProperties);
String usernameWithUserStoreDomain = UserCoreUtil.addDomainToName(userName, domainName);
if (log.isDebugEnabled()) {
log.debug(String.format("Deleting consents for user: %s , in tenant domain :%s", usernameWithUserStoreDomain, tenantDomain));
}
ConsentManager consentManager = IdentityConsentDataHolder.getInstance().getPrivilegedConsentManager();
try {
List<ReceiptListResponse> receiptListResponses = consentManager.searchReceipts(consentSearchLimit, 0, usernameWithUserStoreDomain, null, "*", null);
if (log.isDebugEnabled()) {
log.debug(String.format("Found %d receipts issued for user: %s, in tenant domain: %s", receiptListResponses.size(), usernameWithUserStoreDomain, tenantDomain));
}
receiptListResponses.forEach(rethrowConsumer(receiptListResponse -> {
if (log.isDebugEnabled()) {
log.debug(String.format("Deleting receipt with ID : %s, issued for application %s", receiptListResponse.getConsentReceiptId(), receiptListResponse.getSpDisplayName()));
}
consentManager.deleteReceipt(receiptListResponse.getConsentReceiptId());
}));
} catch (ConsentManagementException e) {
throw new IdentityEventException("Error while deleting consents for user " + userName, e);
}
}
Also used :
IdentityConsentMgtUtils(org.wso2.carbon.identity.consent.mgt.IdentityConsentMgtUtils)
IdentityConsentDataHolder(org.wso2.carbon.identity.consent.mgt.internal.IdentityConsentDataHolder)
InitConfig(org.wso2.carbon.identity.core.handler.InitConfig)
IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException)
LambdaExceptionUtils.rethrowConsumer(org.wso2.carbon.identity.core.util.LambdaExceptionUtils.rethrowConsumer)
AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
Event(org.wso2.carbon.identity.event.event.Event)
UserCoreConstants(org.wso2.carbon.user.core.UserCoreConstants)
MessageContext(org.wso2.carbon.identity.core.bean.context.MessageContext)
IdentityRuntimeException(org.wso2.carbon.identity.base.IdentityRuntimeException)
UserStoreManager(org.wso2.carbon.user.core.UserStoreManager)
List(java.util.List)
Map(java.util.Map)
ReceiptListResponse(org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)
IdentityEventMessageContext(org.wso2.carbon.identity.event.bean.IdentityEventMessageContext)
IdentityEventConstants(org.wso2.carbon.identity.event.IdentityEventConstants)
UserCoreUtil(org.wso2.carbon.user.core.util.UserCoreUtil)
Log(org.apache.commons.logging.Log)
LogFactory(org.apache.commons.logging.LogFactory)
IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException)
ReceiptListResponse(org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
UserStoreManager(org.wso2.carbon.user.core.UserStoreManager)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
IdentityEventMessageContext(org.wso2.carbon.identity.event.bean.IdentityEventMessageContext)
Example 2 with ConsentManager
use of org.wso2.carbon.consent.mgt.core.ConsentManager in project carbon-identity-framework by wso2.
the class ApplicationManagementServiceImpl method deleteApplication.
// Will be supported with 'Advance Consent Management Feature'.
/*
private void validateConsentPurposes(ServiceProvider serviceProvider) throws
IdentityApplicationManagementException {
ConsentManager consentManager = ApplicationManagementServiceComponentHolder.getInstance().getConsentManager();
ConsentConfig consentConfig = serviceProvider.getConsentConfig();
if (nonNull(consentConfig)) {
ConsentPurposeConfigs consentPurposeConfigs = consentConfig.getConsentPurposeConfigs();
if (nonNull(consentPurposeConfigs)) {
ConsentPurpose[] consentPurposes = consentPurposeConfigs.getConsentPurpose();
if (nonNull(consentPurposes)) {
for (ConsentPurpose consentPurpose : consentPurposes) {
int purposeId = consentPurpose.getPurposeId();
try {
Purpose purpose = consentManager.getPurpose(purposeId);
if (isNull(purpose)) {
if (log.isDebugEnabled()) {
log.debug("ConsentManager returned null for Purpose ID: " + purposeId);
}
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId);
}
if (!isSPSpecificPurpose(serviceProvider, purpose) && !isSharedPurpose(purpose)) {
String message = "Purpose: %s with ID: %s is not defined under purposes for SP:" +
" %s or 'SHARED' purposes.";
String error = String.format(message, purpose.getName(), purpose.getId(),
serviceProvider.getApplicationName());
throw new IdentityApplicationManagementException(error);
}
} catch (ConsentManagementException e) {
if (ERROR_CODE_PURPOSE_ID_INVALID.getCode().equals(e.getErrorCode())) {
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId, e);
}
throw new IdentityApplicationManagementException("Error while retrieving consent purpose " +
"with ID: " + purposeId, e);
}
}
}
}
}
}
private boolean isSharedPurpose(Purpose purpose) {
return PURPOSE_GROUP_SHARED.equals(purpose.getGroup()) && PURPOSE_GROUP_TYPE_SYSTEM.equals(
purpose.getGroupType());
}
private boolean isSPSpecificPurpose(ServiceProvider serviceProvider, Purpose purpose) {
return serviceProvider.getApplicationName().equals(purpose.getGroup())&& PURPOSE_GROUP_TYPE_SP.equals(
purpose.getGroupType());
}
*/
@Override
public void deleteApplication(String applicationName, String tenantDomain, String username) throws IdentityApplicationManagementException {
ServiceProvider serviceProvider;
// invoking the listeners
Collection<ApplicationMgtListener> listeners = getApplicationMgtListeners();
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPreDeleteApplication(applicationName, tenantDomain, username)) {
throw buildServerException("Pre Delete application operation of listener: " + getName(listener) + " failed for application: " + applicationName + " of tenantDomain: " + tenantDomain);
}
}
try {
startTenantFlow(tenantDomain, username);
doPreDeleteChecks(applicationName, tenantDomain, username);
ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
if (serviceProvider != null) {
ApplicationMgtUtil.deleteAppRole(applicationName);
ApplicationMgtUtil.deletePermissions(applicationName);
appDAO.deleteApplication(applicationName);
} else {
if (log.isDebugEnabled()) {
log.debug("Application cannot be found for name: " + applicationName + " in tenantDomain: " + tenantDomain);
}
return;
}
} catch (Exception e) {
String error = "Error occurred while deleting the application: " + applicationName + ". " + e.getMessage();
throw buildServerException(error, e);
} finally {
endTenantFlow();
}
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPostDeleteApplication(serviceProvider, tenantDomain, username)) {
log.error("Post Delete application operation of listener: " + getName(listener) + " failed for " + "application with name: " + applicationName + " of tenantDomain: " + tenantDomain);
return;
}
}
triggerAuditLogEvent(getInitiatorId(username, tenantDomain), getInitiatorId(username, tenantDomain), USER, CarbonConstants.LogEventConstants.EventCatalog.DELETE_APPLICATION.getEventId(), getAppId(serviceProvider), getApplicationName(serviceProvider), TARGET_APPLICATION, null);
}
Also used :
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
AbstractApplicationMgtListener(org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener)
ApplicationMgtListener(org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener)
PaginatableFilterableApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.PaginatableFilterableApplicationDAO)
ApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.ApplicationDAO)
FileBasedApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.impl.FileBasedApplicationDAO)
IdentityApplicationManagementClientException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException)
TransformerException(javax.xml.transform.TransformerException)
RegistryException(org.wso2.carbon.registry.api.RegistryException)
IOException(java.io.IOException)
IdentityApplicationManagementValidationException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementValidationException)
IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)
JAXBException(javax.xml.bind.JAXBException)
IdentityApplicationRegistrationFailureException(org.wso2.carbon.identity.application.common.IdentityApplicationRegistrationFailureException)
SAXException(org.xml.sax.SAXException)
DefaultAuthSeqMgtException(org.wso2.carbon.identity.application.mgt.defaultsequence.DefaultAuthSeqMgtException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityApplicationManagementServerException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementServerException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Example 3 with ConsentManager
use of org.wso2.carbon.consent.mgt.core.ConsentManager in project carbon-identity-framework by wso2.
the class JITProvisioningPostAuthenticationHandler method addConsent.
/**
* Persist the consents received from the user, while user creation.
*
* @param receiptInput Relevant receipt input representing consent data.
* @param tenantDomain Relevant tenant domain.
* @throws PostAuthenticationFailedException Post Authentication Failed Exception.
*/
private void addConsent(ReceiptInput receiptInput, String tenantDomain) throws PostAuthenticationFailedException {
ConsentManager consentManager = FrameworkServiceDataHolder.getInstance().getConsentManager();
if (receiptInput.getServices().size() == 0) {
throw new PostAuthenticationFailedException(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain));
}
// There should be one receipt
ReceiptServiceInput receiptServiceInput = receiptInput.getServices().get(0);
receiptServiceInput.setTenantDomain(tenantDomain);
try {
setIDPData(tenantDomain, receiptServiceInput);
receiptInput.setTenantDomain(tenantDomain);
consentManager.addConsent(receiptInput);
} catch (ConsentManagementException e) {
handleExceptions(String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain), ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), e);
}
}
Also used :
ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
PostAuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException)
Example 4 with ConsentManager
use of org.wso2.carbon.consent.mgt.core.ConsentManager in project carbon-identity-framework by wso2.
the class SSOConsentServiceImplTest method testGetConsentRequiredClaimsWithExistingConsents.
@Test
public void testGetConsentRequiredClaimsWithExistingConsents() throws Exception {
ServiceProvider serviceProvider = new ServiceProvider();
serviceProvider.setApplicationName("Travelocity.com");
User user = new User();
user.setTenantDomain("carbon.super");
user.setUserStoreDomain("PRIMARY");
serviceProvider.setOwner(user);
ClaimConfig claimConfig = new ClaimConfig();
Claim tempClaim1 = new Claim();
tempClaim1.setClaimUri("http://wso2.org/claims/organization");
ClaimMapping tempClaimMapping1 = new ClaimMapping();
tempClaimMapping1.setRequested(true);
tempClaimMapping1.setMandatory(false);
tempClaimMapping1.setLocalClaim(tempClaim1);
tempClaimMapping1.setRemoteClaim(tempClaim1);
Claim tempClaim2 = new Claim();
tempClaim2.setClaimUri("http://wso2.org/claims/country");
ClaimMapping tempClaimMapping2 = new ClaimMapping();
tempClaimMapping2.setRequested(true);
tempClaimMapping2.setMandatory(true);
tempClaimMapping2.setLocalClaim(tempClaim2);
tempClaimMapping2.setRemoteClaim(tempClaim2);
claimConfig.setClaimMappings(new ClaimMapping[] { tempClaimMapping1, tempClaimMapping2 });
serviceProvider.setClaimConfig(claimConfig);
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
localAndOutboundAuthenticationConfig.setSubjectClaimUri(null);
serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
AuthenticatedUser authenticatedUser = getAuthenticatedUser();
mockStatic(IdentityUtil.class);
when(IdentityUtil.getProperty("Consent.PromptSubjectClaimRequestedConsent")).thenReturn(null);
mockCarbonContextForTenant();
mockStatic(FrameworkServiceDataHolder.class);
when(FrameworkServiceDataHolder.getInstance()).thenReturn(frameworkServiceDataHolder);
setConsentManagerConfigurationHolder();
RealmService realmService = mock(RealmService.class);
configurationHolder.setRealmService(realmService);
ConsentManager consentManager = new ConsentManagerImpl(configurationHolder);
when(frameworkServiceDataHolder.getConsentManager()).thenReturn(consentManager);
mockStatic(ConsentUtils.class);
when(ConsentUtils.getTenantDomainFromCarbonContext()).thenReturn("carbon.super");
mockRealmService(realmService);
when(frameworkServiceDataHolder.getClaimMetadataManagementService()).thenReturn(claimMetadataManagementService);
List<LocalClaim> localClaims = new ArrayList<>();
LocalClaim localClaim = new LocalClaim("http://wso2.org/claims/country");
LocalClaim localClaim2 = new LocalClaim("http://wso2.org/claims/organization");
localClaims.add(localClaim);
localClaims.add(localClaim2);
when(claimMetadataManagementService.getLocalClaims(anyString())).thenReturn(localClaims);
ConsentClaimsData consentClaimsData = ssoConsentService.getConsentRequiredClaimsWithExistingConsents(serviceProvider, authenticatedUser);
assertEquals(consentClaimsData.getRequestedClaims().get(0).getClaimUri(), "http://wso2.org/claims/organization", "Incorrect requested claim URI");
assertEquals(consentClaimsData.getMandatoryClaims().get(0).getClaimUri(), "http://wso2.org/claims/country", "Incorrect mandatory claim URI");
assertNotNull(consentClaimsData.getMandatoryClaims().get(0).getClaimUri());
}
Also used :
User(org.wso2.carbon.identity.application.common.model.User)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
ConsentManagerImpl(org.wso2.carbon.consent.mgt.core.ConsentManagerImpl)
ArrayList(java.util.ArrayList)
LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
RealmService(org.wso2.carbon.user.core.service.RealmService)
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
Claim(org.wso2.carbon.identity.application.common.model.Claim)
LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 5 with ConsentManager
use of org.wso2.carbon.consent.mgt.core.ConsentManager in project carbon-identity-framework by wso2.
the class SSOConsentServiceImplTest method testGetClaimsWithConsents.
@Test
public void testGetClaimsWithConsents() throws Exception {
ServiceProvider serviceProvider = new ServiceProvider();
serviceProvider.setApplicationName("Travelocity.com");
User user = new User();
user.setTenantDomain("carbon.super");
user.setUserStoreDomain("PRIMARY");
serviceProvider.setOwner(user);
ClaimConfig claimConfig = new ClaimConfig();
Claim tempClaim = new Claim();
tempClaim.setClaimUri(TEMPORARY_CLAIM_URI);
ClaimMapping tempClaimMapping = new ClaimMapping();
tempClaimMapping.setRequested(true);
tempClaimMapping.setLocalClaim(tempClaim);
tempClaimMapping.setRemoteClaim(tempClaim);
claimConfig.setClaimMappings(new ClaimMapping[] { tempClaimMapping });
serviceProvider.setClaimConfig(claimConfig);
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
localAndOutboundAuthenticationConfig.setSubjectClaimUri(null);
serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
AuthenticatedUser authenticatedUser = getAuthenticatedUser();
mockCarbonContextForTenant();
mockStatic(FrameworkServiceDataHolder.class);
when(FrameworkServiceDataHolder.getInstance()).thenReturn(frameworkServiceDataHolder);
setConsentManagerConfigurationHolder();
RealmService realmService = mock(RealmService.class);
configurationHolder.setRealmService(realmService);
ConsentManager consentManager = new ConsentManagerImpl(configurationHolder);
when(frameworkServiceDataHolder.getConsentManager()).thenReturn(consentManager);
mockStatic(ConsentUtils.class);
when(ConsentUtils.getTenantDomainFromCarbonContext()).thenReturn("carbon.super");
mockRealmService(realmService);
assertNotNull(ssoConsentService.getClaimsWithConsents(serviceProvider, authenticatedUser));
}
Also used :
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
User(org.wso2.carbon.identity.application.common.model.User)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
RealmService(org.wso2.carbon.user.core.service.RealmService)
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
ConsentManagerImpl(org.wso2.carbon.consent.mgt.core.ConsentManagerImpl)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
Claim(org.wso2.carbon.identity.application.common.model.Claim)
LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Aggregations
ConsentManager (org.wso2.carbon.consent.mgt.core.ConsentManager)12
ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)7
Test (org.testng.annotations.Test)6
ReceiptListResponse (org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)5
RealmService (org.wso2.carbon.user.core.service.RealmService)5
ArrayList (java.util.ArrayList)3
List (java.util.List)3
Receipt (org.wso2.carbon.consent.mgt.core.model.Receipt)3
ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)3
TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)3
Gson (com.google.gson.Gson)2
Map (java.util.Map)2
Log (org.apache.commons.logging.Log)2
LogFactory (org.apache.commons.logging.LogFactory)2
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2
ConsentManagerImpl (org.wso2.carbon.consent.mgt.core.ConsentManagerImpl)2
Purpose (org.wso2.carbon.consent.mgt.core.model.Purpose)2
ReceiptInput (org.wso2.carbon.consent.mgt.core.model.ReceiptInput)2
ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)2
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)2
