Search in sources :

Example 1 with PIICategory

use of org.wso2.carbon.consent.mgt.core.model.PIICategory in project carbon-identity-framework by wso2.

the class ConsentUtilityService method filterPIIsFromReceipt.

/**
 * If the consent is not given for a PII
 *
 * @param keySet
 * @param receipt
 * @return
 * @throws ConsentUtilityServiceException
 */
public Set<String> filterPIIsFromReceipt(Set<String> keySet, ReceiptInput receipt) throws ConsentUtilityServiceException {
    if (keySet == null || receipt == null) {
        throw new ConsentUtilityServiceException("Key set and receipt should not be null");
    }
    List<ReceiptServiceInput> services = receipt.getServices();
    Set<String> consentedPIIs = new HashSet<>();
    for (ReceiptServiceInput service : services) {
        List<ReceiptPurposeInput> purposes = service.getPurposes();
        for (ReceiptPurposeInput consentPurpose : purposes) {
            List<PIICategoryValidity> piiCategories = consentPurpose.getPiiCategory();
            for (PIICategoryValidity piiCategory : piiCategories) {
                consentedPIIs.add(getPIIName(consentPurpose.getPurposeId(), piiCategory.getId()));
            }
        }
    }
    keySet.retainAll(consentedPIIs);
    return keySet;
}
Also used : ConsentUtilityServiceException(org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException) ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) HashSet(java.util.HashSet)

Example 2 with PIICategory

use of org.wso2.carbon.consent.mgt.core.model.PIICategory in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method getReceiptPurposeInputs.

/**
 * To get the receive purpose inputs from json object from the client side.
 *
 * @param receiptPurpose Relevant receipt purpose.
 * @return receipt purpose input, based on receipt purpose object.
 */
private ReceiptPurposeInput getReceiptPurposeInputs(JSONObject receiptPurpose) {
    ReceiptPurposeInput receiptPurposeInput = new ReceiptPurposeInput();
    receiptPurposeInput.setConsentType(FrameworkConstants.Consent.EXPLICIT_CONSENT_TYPE);
    receiptPurposeInput.setPrimaryPurpose(true);
    receiptPurposeInput.setThirdPartyDisclosure(false);
    receiptPurposeInput.setPurposeId(receiptPurpose.getInt("purposeId"));
    JSONArray purposeCategoryId = receiptPurpose.getJSONArray("purposeCategoryId");
    List<Integer> purposeCategoryIdArray = new ArrayList<>();
    for (int index = 0; index < purposeCategoryId.length(); index++) {
        purposeCategoryIdArray.add(purposeCategoryId.getInt(index));
    }
    receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
    receiptPurposeInput.setPurposeCategoryId(purposeCategoryIdArray);
    receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
    List<PIICategoryValidity> piiCategoryValidities = new ArrayList<>();
    JSONArray piiCategories = (JSONArray) receiptPurpose.get(FrameworkConstants.Consent.PII_CATEGORY);
    for (int categoryIndex = 0; categoryIndex < piiCategories.length(); categoryIndex++) {
        JSONObject piiCategory = (JSONObject) piiCategories.get(categoryIndex);
        PIICategoryValidity piiCategoryValidity = new PIICategoryValidity(piiCategory.getInt("piiCategoryId"), FrameworkConstants.Consent.INFINITE_TERMINATION);
        piiCategoryValidity.setConsented(true);
        piiCategoryValidities.add(piiCategoryValidity);
    }
    receiptPurposeInput.setPiiCategory(piiCategoryValidities);
    return receiptPurposeInput;
}
Also used : JSONObject(org.json.JSONObject) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) JSONArray(org.json.JSONArray) ArrayList(java.util.ArrayList) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)

Example 3 with PIICategory

use of org.wso2.carbon.consent.mgt.core.model.PIICategory in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method getPiiCategoryValidityForRequestedClaims.

private List<PIICategoryValidity> getPiiCategoryValidityForRequestedClaims(List<ClaimMetaData> requestedClaims, boolean isConsented, String termination) throws SSOConsentServiceException {
    List<PIICategoryValidity> piiCategoryIds = new ArrayList<>();
    if (CollectionUtils.isEmpty(requestedClaims)) {
        return piiCategoryIds;
    }
    for (ClaimMetaData requestedClaim : requestedClaims) {
        if (requestedClaim == null || requestedClaim.getClaimUri() == null) {
            continue;
        }
        PIICategory piiCategory;
        try {
            piiCategory = getConsentManager().getPIICategoryByName(requestedClaim.getClaimUri());
        } catch (ConsentManagementClientException e) {
            if (isInvalidPIICategoryError(e)) {
                piiCategory = addPIICategoryForClaim(requestedClaim);
            } else {
                throw new SSOConsentServiceException("Consent PII category error", "Error while retrieving" + " PII category: " + DEFAULT_PURPOSE_CATEGORY, e);
            }
        } catch (ConsentManagementException e) {
            throw new SSOConsentServiceException("Consent PII category error", "Error while retrieving " + "PII category: " + DEFAULT_PURPOSE_CATEGORY, e);
        }
        PIICategoryValidity piiCategoryValidity = new PIICategoryValidity(piiCategory.getId(), termination);
        piiCategoryValidity.setConsented(isConsented);
        piiCategoryIds.add(piiCategoryValidity);
    }
    return piiCategoryIds;
}
Also used : PIICategory(org.wso2.carbon.consent.mgt.core.model.PIICategory) ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException) ArrayList(java.util.ArrayList) SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) ConsentManagementClientException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementClientException)

Example 4 with PIICategory

use of org.wso2.carbon.consent.mgt.core.model.PIICategory in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method addPIICategoryForClaim.

private PIICategory addPIICategoryForClaim(ClaimMetaData claim) throws SSOConsentServiceException {
    PIICategory piiCategory;
    PIICategory piiCategoryInput = new PIICategory(claim.getClaimUri(), claim.getDescription(), false, claim.getDisplayName());
    try {
        piiCategory = getConsentManager().addPIICategory(piiCategoryInput);
    } catch (ConsentManagementException e) {
        throw new SSOConsentServiceException("Consent PII category error", "Error while adding" + " PII category:" + DEFAULT_PURPOSE_CATEGORY, e);
    }
    return piiCategory;
}
Also used : PIICategory(org.wso2.carbon.consent.mgt.core.model.PIICategory) ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException) SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)

Example 5 with PIICategory

use of org.wso2.carbon.consent.mgt.core.model.PIICategory in project identity-governance by wso2-extensions.

the class UtilsTest method testGetConsentReceiptDTO.

@Test
public void testGetConsentReceiptDTO() throws Exception {
    Receipt receipt = new Receipt();
    receipt.setConsentReceiptId(CONSENT_RECEIPT_ID);
    receipt.setVersion(RECEIPT_VERSION);
    receipt.setJurisdiction(RECEIPT_JURISDICTION);
    receipt.setCollectionMethod(RECEIPT_COLLECTION_METHOD);
    receipt.setLanguage(RECEIPT_LANGUAGE);
    receipt.setPiiPrincipalId(USERNAME_CLAIM_VALUE);
    receipt.setConsentTimestamp(1517447315404L);
    PiiController piiController = new PiiController(PII_CONTROLLER_NAME, false, PII_CONTROLLER_CONTACT, PII_CONTROLLER_EMAIL, PII_CONTROLLER_PHONE, PII_CONTROLLER_URL, new Address(ADDRESS_COUNTRY, ADDRESS_LOCALITY, ADDRESS_REGION, ADDRESS_OFFICE_BOX_NUMBER, ADDRESS_POSTAL_CODE, ADDRESS_STREET_ADDRESS));
    List<PiiController> piiControllers = new ArrayList<>();
    piiControllers.add(piiController);
    receipt.setPiiControllers(piiControllers);
    ReceiptService receiptService = new ReceiptService();
    receiptService.setService(SERVICE_TRAVELOCITY);
    receiptService.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    receiptService.setTenantId(MultitenantConstants.SUPER_TENANT_ID);
    receiptService.setReceiptToServiceId(1);
    ConsentPurpose consentPurpose = new ConsentPurpose();
    consentPurpose.setPurpose(CONSENT_PURPOSE);
    List<String> purposeCategories = new ArrayList<>();
    purposeCategories.add(PURPOSE_CATEGORY);
    consentPurpose.setPurposeCategory(purposeCategories);
    consentPurpose.setConsentType(CONSENT_TYPE);
    PIICategoryValidity piiCategory = new PIICategoryValidity(PII_CATEGORY_ID, PII_CATEGORY_VALIDITY);
    List<PIICategoryValidity> piiCategories = new ArrayList<>();
    piiCategories.add(piiCategory);
    consentPurpose.setPiiCategory(piiCategories);
    consentPurpose.setPrimaryPurpose(true);
    consentPurpose.setTermination(CONSENT_TERMINATION);
    consentPurpose.setThirdPartyDisclosure(false);
    consentPurpose.setServiceToPurposeId(1);
    List<ConsentPurpose> purposes = new ArrayList<>();
    purposes.add(consentPurpose);
    receiptService.setPurposes(purposes);
    List<ReceiptService> receiptServices = new ArrayList<>();
    receiptServices.add(receiptService);
    receipt.setServices(receiptServices);
    receipt.setPolicyUrl(RECEIPT_POLICY_URL);
    receipt.setSensitive(true);
    receipt.setState(RECEIPT_STATE);
    receipt.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    receipt.setTenantId(-1234);
    List<String> spiCategory = new ArrayList<>();
    spiCategory.add(SPI_CATEGORY);
    receipt.setSpiCat(spiCategory);
    ConsentReceiptDTO consentReceiptDTO = Utils.getConsentReceiptDTO(receipt);
    Assert.assertEquals(consentReceiptDTO.getConsentReceiptID(), CONSENT_RECEIPT_ID);
    Assert.assertEquals(consentReceiptDTO.getVersion(), RECEIPT_VERSION);
    Assert.assertEquals(consentReceiptDTO.getJurisdiction(), RECEIPT_JURISDICTION);
    Assert.assertEquals(consentReceiptDTO.getCollectionMethod(), RECEIPT_COLLECTION_METHOD);
    Assert.assertEquals(consentReceiptDTO.getLanguage(), RECEIPT_LANGUAGE);
    Assert.assertEquals(consentReceiptDTO.getPolicyUrl(), RECEIPT_POLICY_URL);
    Assert.assertEquals(consentReceiptDTO.getSensitive(), Boolean.TRUE);
    Assert.assertEquals(consentReceiptDTO.getState(), RECEIPT_STATE);
    Assert.assertEquals(consentReceiptDTO.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    Assert.assertEquals(consentReceiptDTO.getConsentTimestamp(), Long.valueOf(RECEIPT_CONSENT_TIMESTAMP));
    Assert.assertEquals(consentReceiptDTO.getSpiCat().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getSpiCat().get(0), SPI_CATEGORY);
    List<PiiControllerDTO> piiControllersFromDTO = consentReceiptDTO.getPiiControllers();
    Assert.assertEquals(piiControllersFromDTO.size(), 1);
    Assert.assertEquals(piiControllersFromDTO.get(0).getContact(), PII_CONTROLLER_CONTACT);
    Assert.assertEquals(piiControllersFromDTO.get(0).getEmail(), PII_CONTROLLER_EMAIL);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPhone(), PII_CONTROLLER_PHONE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPiiControllerUrl(), PII_CONTROLLER_URL);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPiiController(), PII_CONTROLLER_NAME);
    Assert.assertEquals(piiControllersFromDTO.get(0).getOnBehalf(), Boolean.FALSE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressCountry(), ADDRESS_COUNTRY);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressLocality(), ADDRESS_LOCALITY);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressRegion(), ADDRESS_REGION);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostalCode(), ADDRESS_POSTAL_CODE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostOfficeBoxNumber(), ADDRESS_OFFICE_BOX_NUMBER);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getStreetAddress(), ADDRESS_STREET_ADDRESS);
    Assert.assertEquals(consentReceiptDTO.getServices().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getService(), SERVICE_TRAVELOCITY);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getConsentType(), CONSENT_TYPE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurpose(), CONSENT_PURPOSE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getTermination(), CONSENT_TERMINATION);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyName(), null);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyDisclosure(), Boolean.FALSE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPrimaryPurpose(), Boolean.TRUE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().get(0).getValidity(), PII_CATEGORY_VALIDITY);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().get(0), PURPOSE_CATEGORY);
}
Also used : PiiController(org.wso2.carbon.consent.mgt.core.model.PiiController) ConsentReceiptDTO(org.wso2.carbon.identity.user.export.core.dto.ConsentReceiptDTO) Receipt(org.wso2.carbon.consent.mgt.core.model.Receipt) ReceiptService(org.wso2.carbon.consent.mgt.core.model.ReceiptService) Address(org.wso2.carbon.consent.mgt.core.model.Address) PiiControllerDTO(org.wso2.carbon.identity.user.export.core.dto.PiiControllerDTO) ArrayList(java.util.ArrayList) ConsentPurpose(org.wso2.carbon.consent.mgt.core.model.ConsentPurpose) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) Test(org.testng.annotations.Test)

Aggregations

PIICategoryValidity (org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)4 ArrayList (java.util.ArrayList)3 Test (org.testng.annotations.Test)2 ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)2 PIICategory (org.wso2.carbon.consent.mgt.core.model.PIICategory)2 ReceiptPurposeInput (org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput)2 SSOConsentServiceException (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)2 HashSet (java.util.HashSet)1 Resource (org.apache.wink.client.Resource)1 RestClient (org.apache.wink.client.RestClient)1 JSONArray (org.json.JSONArray)1 JSONObject (org.json.JSONObject)1 JSONObject (org.json.simple.JSONObject)1 User (org.wso2.carbon.automation.engine.context.beans.User)1 ConsentManagementClientException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementClientException)1 Address (org.wso2.carbon.consent.mgt.core.model.Address)1 ConsentPurpose (org.wso2.carbon.consent.mgt.core.model.ConsentPurpose)1 PiiController (org.wso2.carbon.consent.mgt.core.model.PiiController)1 Receipt (org.wso2.carbon.consent.mgt.core.model.Receipt)1 ReceiptService (org.wso2.carbon.consent.mgt.core.model.ReceiptService)1