Example 1 with ConsentManagementException
use of org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException in project carbon-identity-framework by wso2.
the class ConsentDeletionUserEventHandler method handleEvent.
/**
* Delete consents issued against a particular user when a user is deleted.
*
* @param event Post User Delete event.
* @throws IdentityEventException IdentityEventException.
*/
@Override
public void handleEvent(Event event) throws IdentityEventException {
IdentityEventMessageContext eventContext = new IdentityEventMessageContext(event);
if (!isEnabled(eventContext)) {
if (log.isDebugEnabled()) {
log.debug("ConsentDeletionUserEventHandler is disabled. Not handling the " + event.getEventName() + " event.");
}
return;
}
Map<String, Object> eventProperties = event.getEventProperties();
String userName = (String) eventProperties.get(IdentityEventConstants.EventProperty.USER_NAME);
UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get(IdentityEventConstants.EventProperty.USER_STORE_MANAGER);
String domainName = userStoreManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
String tenantDomain = getUserTenantDomain(eventProperties);
String usernameWithUserStoreDomain = UserCoreUtil.addDomainToName(userName, domainName);
if (log.isDebugEnabled()) {
log.debug(String.format("Deleting consents for user: %s , in tenant domain :%s", usernameWithUserStoreDomain, tenantDomain));
}
ConsentManager consentManager = IdentityConsentDataHolder.getInstance().getPrivilegedConsentManager();
try {
List<ReceiptListResponse> receiptListResponses = consentManager.searchReceipts(consentSearchLimit, 0, usernameWithUserStoreDomain, null, "*", null);
if (log.isDebugEnabled()) {
log.debug(String.format("Found %d receipts issued for user: %s, in tenant domain: %s", receiptListResponses.size(), usernameWithUserStoreDomain, tenantDomain));
}
receiptListResponses.forEach(rethrowConsumer(receiptListResponse -> {
if (log.isDebugEnabled()) {
log.debug(String.format("Deleting receipt with ID : %s, issued for application %s", receiptListResponse.getConsentReceiptId(), receiptListResponse.getSpDisplayName()));
}
consentManager.deleteReceipt(receiptListResponse.getConsentReceiptId());
}));
} catch (ConsentManagementException e) {
throw new IdentityEventException("Error while deleting consents for user " + userName, e);
}
}
Also used :
IdentityConsentMgtUtils(org.wso2.carbon.identity.consent.mgt.IdentityConsentMgtUtils)
IdentityConsentDataHolder(org.wso2.carbon.identity.consent.mgt.internal.IdentityConsentDataHolder)
InitConfig(org.wso2.carbon.identity.core.handler.InitConfig)
IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException)
LambdaExceptionUtils.rethrowConsumer(org.wso2.carbon.identity.core.util.LambdaExceptionUtils.rethrowConsumer)
AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
Event(org.wso2.carbon.identity.event.event.Event)
UserCoreConstants(org.wso2.carbon.user.core.UserCoreConstants)
MessageContext(org.wso2.carbon.identity.core.bean.context.MessageContext)
IdentityRuntimeException(org.wso2.carbon.identity.base.IdentityRuntimeException)
UserStoreManager(org.wso2.carbon.user.core.UserStoreManager)
List(java.util.List)
Map(java.util.Map)
ReceiptListResponse(org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)
IdentityEventMessageContext(org.wso2.carbon.identity.event.bean.IdentityEventMessageContext)
IdentityEventConstants(org.wso2.carbon.identity.event.IdentityEventConstants)
UserCoreUtil(org.wso2.carbon.user.core.util.UserCoreUtil)
Log(org.apache.commons.logging.Log)
LogFactory(org.apache.commons.logging.LogFactory)
IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException)
ReceiptListResponse(org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
UserStoreManager(org.wso2.carbon.user.core.UserStoreManager)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
IdentityEventMessageContext(org.wso2.carbon.identity.event.bean.IdentityEventMessageContext)
Example 2 with ConsentManagementException
use of org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException in project carbon-identity-framework by wso2.
the class TenantConsentMgtListener method deleteAllConsents.
/**
* Delete all consents belongs to a given tenant id.
*
* @param tenantId The id of the tenant.
* @throws StratosException throws when an error occurs in deleting consents.
*/
protected void deleteAllConsents(int tenantId) throws StratosException {
try {
PrivilegedConsentManager privilegedConsentManager = IdentityConsentDataHolder.getInstance().getPrivilegedConsentManager();
privilegedConsentManager.deletePurposeCategories(tenantId);
privilegedConsentManager.deletePIICategories(tenantId);
privilegedConsentManager.deletePurposes(tenantId);
privilegedConsentManager.deleteReceipts(tenantId);
} catch (ConsentManagementException e) {
throw new StratosException("Error in deleting consents of tenant:" + tenantId, e);
}
}
Also used :
PrivilegedConsentManager(org.wso2.carbon.consent.mgt.core.PrivilegedConsentManager)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
StratosException(org.wso2.carbon.stratos.common.exception.StratosException)
Example 3 with ConsentManagementException
use of org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException in project carbon-identity-framework by wso2.
the class ApplicationManagementServiceImpl method deleteApplication.
// Will be supported with 'Advance Consent Management Feature'.
/*
private void validateConsentPurposes(ServiceProvider serviceProvider) throws
IdentityApplicationManagementException {
ConsentManager consentManager = ApplicationManagementServiceComponentHolder.getInstance().getConsentManager();
ConsentConfig consentConfig = serviceProvider.getConsentConfig();
if (nonNull(consentConfig)) {
ConsentPurposeConfigs consentPurposeConfigs = consentConfig.getConsentPurposeConfigs();
if (nonNull(consentPurposeConfigs)) {
ConsentPurpose[] consentPurposes = consentPurposeConfigs.getConsentPurpose();
if (nonNull(consentPurposes)) {
for (ConsentPurpose consentPurpose : consentPurposes) {
int purposeId = consentPurpose.getPurposeId();
try {
Purpose purpose = consentManager.getPurpose(purposeId);
if (isNull(purpose)) {
if (log.isDebugEnabled()) {
log.debug("ConsentManager returned null for Purpose ID: " + purposeId);
}
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId);
}
if (!isSPSpecificPurpose(serviceProvider, purpose) && !isSharedPurpose(purpose)) {
String message = "Purpose: %s with ID: %s is not defined under purposes for SP:" +
" %s or 'SHARED' purposes.";
String error = String.format(message, purpose.getName(), purpose.getId(),
serviceProvider.getApplicationName());
throw new IdentityApplicationManagementException(error);
}
} catch (ConsentManagementException e) {
if (ERROR_CODE_PURPOSE_ID_INVALID.getCode().equals(e.getErrorCode())) {
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId, e);
}
throw new IdentityApplicationManagementException("Error while retrieving consent purpose " +
"with ID: " + purposeId, e);
}
}
}
}
}
}
private boolean isSharedPurpose(Purpose purpose) {
return PURPOSE_GROUP_SHARED.equals(purpose.getGroup()) && PURPOSE_GROUP_TYPE_SYSTEM.equals(
purpose.getGroupType());
}
private boolean isSPSpecificPurpose(ServiceProvider serviceProvider, Purpose purpose) {
return serviceProvider.getApplicationName().equals(purpose.getGroup())&& PURPOSE_GROUP_TYPE_SP.equals(
purpose.getGroupType());
}
*/
@Override
public void deleteApplication(String applicationName, String tenantDomain, String username) throws IdentityApplicationManagementException {
ServiceProvider serviceProvider;
// invoking the listeners
Collection<ApplicationMgtListener> listeners = getApplicationMgtListeners();
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPreDeleteApplication(applicationName, tenantDomain, username)) {
throw buildServerException("Pre Delete application operation of listener: " + getName(listener) + " failed for application: " + applicationName + " of tenantDomain: " + tenantDomain);
}
}
try {
startTenantFlow(tenantDomain, username);
doPreDeleteChecks(applicationName, tenantDomain, username);
ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
if (serviceProvider != null) {
ApplicationMgtUtil.deleteAppRole(applicationName);
ApplicationMgtUtil.deletePermissions(applicationName);
appDAO.deleteApplication(applicationName);
} else {
if (log.isDebugEnabled()) {
log.debug("Application cannot be found for name: " + applicationName + " in tenantDomain: " + tenantDomain);
}
return;
}
} catch (Exception e) {
String error = "Error occurred while deleting the application: " + applicationName + ". " + e.getMessage();
throw buildServerException(error, e);
} finally {
endTenantFlow();
}
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPostDeleteApplication(serviceProvider, tenantDomain, username)) {
log.error("Post Delete application operation of listener: " + getName(listener) + " failed for " + "application with name: " + applicationName + " of tenantDomain: " + tenantDomain);
return;
}
}
triggerAuditLogEvent(getInitiatorId(username, tenantDomain), getInitiatorId(username, tenantDomain), USER, CarbonConstants.LogEventConstants.EventCatalog.DELETE_APPLICATION.getEventId(), getAppId(serviceProvider), getApplicationName(serviceProvider), TARGET_APPLICATION, null);
}
Also used :
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
AbstractApplicationMgtListener(org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener)
ApplicationMgtListener(org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener)
PaginatableFilterableApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.PaginatableFilterableApplicationDAO)
ApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.ApplicationDAO)
FileBasedApplicationDAO(org.wso2.carbon.identity.application.mgt.dao.impl.FileBasedApplicationDAO)
IdentityApplicationManagementClientException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException)
TransformerException(javax.xml.transform.TransformerException)
RegistryException(org.wso2.carbon.registry.api.RegistryException)
IOException(java.io.IOException)
IdentityApplicationManagementValidationException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementValidationException)
IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)
JAXBException(javax.xml.bind.JAXBException)
IdentityApplicationRegistrationFailureException(org.wso2.carbon.identity.application.common.IdentityApplicationRegistrationFailureException)
SAXException(org.xml.sax.SAXException)
DefaultAuthSeqMgtException(org.wso2.carbon.identity.application.mgt.defaultsequence.DefaultAuthSeqMgtException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityApplicationManagementServerException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementServerException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Example 4 with ConsentManagementException
use of org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException in project carbon-identity-framework by wso2.
the class JITProvisioningPostAuthenticationHandler method addConsent.
/**
* Persist the consents received from the user, while user creation.
*
* @param receiptInput Relevant receipt input representing consent data.
* @param tenantDomain Relevant tenant domain.
* @throws PostAuthenticationFailedException Post Authentication Failed Exception.
*/
private void addConsent(ReceiptInput receiptInput, String tenantDomain) throws PostAuthenticationFailedException {
ConsentManager consentManager = FrameworkServiceDataHolder.getInstance().getConsentManager();
if (receiptInput.getServices().size() == 0) {
throw new PostAuthenticationFailedException(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain));
}
// There should be one receipt
ReceiptServiceInput receiptServiceInput = receiptInput.getServices().get(0);
receiptServiceInput.setTenantDomain(tenantDomain);
try {
setIDPData(tenantDomain, receiptServiceInput);
receiptInput.setTenantDomain(tenantDomain);
consentManager.addConsent(receiptInput);
} catch (ConsentManagementException e) {
handleExceptions(String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain), ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), e);
}
}
Also used :
ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
PostAuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException)
Example 5 with ConsentManagementException
use of org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method addDefaultPurpose.
private Purpose addDefaultPurpose() throws SSOConsentServiceException {
Purpose purpose;
Purpose defaultPurpose = new Purpose(DEFAULT_PURPOSE, "For core functionalities of the product", DEFAULT_PURPOSE_GROUP, DEFAULT_PURPOSE_GROUP_TYPE);
try {
purpose = getConsentManager().addPurpose(defaultPurpose);
} catch (ConsentManagementException e) {
throw new SSOConsentServiceException("Consent purpose error", "Error while adding purpose: " + DEFAULT_PURPOSE, e);
}
return purpose;
}
Also used :
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)
ConsentPurpose(org.wso2.carbon.consent.mgt.core.model.ConsentPurpose)
Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose)
Aggregations
ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)17
ConsentManager (org.wso2.carbon.consent.mgt.core.ConsentManager)7
SSOConsentServiceException (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)7
ReceiptListResponse (org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)5
Purpose (org.wso2.carbon.consent.mgt.core.model.Purpose)3
Receipt (org.wso2.carbon.consent.mgt.core.model.Receipt)3
ReceiptInput (org.wso2.carbon.consent.mgt.core.model.ReceiptInput)3
Gson (com.google.gson.Gson)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
Map (java.util.Map)2
Log (org.apache.commons.logging.Log)2
LogFactory (org.apache.commons.logging.LogFactory)2
PIICategory (org.wso2.carbon.consent.mgt.core.model.PIICategory)2
PurposeCategory (org.wso2.carbon.consent.mgt.core.model.PurposeCategory)2
ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)2
IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)2
AbstractApplicationMgtListener (org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener)2
ApplicationMgtListener (org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener)2
IdentityRecoveryServerException (org.wso2.carbon.identity.recovery.IdentityRecoveryServerException)2
