use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method getClaimsFromPIICategoryValidity.
private List<ClaimMetaData> getClaimsFromPIICategoryValidity(List<PIICategoryValidity> piiCategories) {
List<ClaimMetaData> claimMetaDataList = new ArrayList<>();
for (PIICategoryValidity piiCategoryValidity : piiCategories) {
if (isConsentForClaimValid(piiCategoryValidity)) {
ClaimMetaData claimMetaData = new ClaimMetaData();
claimMetaData.setClaimUri(piiCategoryValidity.getName());
claimMetaData.setDisplayName(piiCategoryValidity.getDisplayName());
claimMetaDataList.add(claimMetaData);
}
}
return claimMetaDataList;
}
use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method buildReceiptInput.
private ReceiptInput buildReceiptInput(String subject, ServiceProvider serviceProvider, String spTenantDomain, List<ClaimMetaData> claimsWithConsent, List<ClaimMetaData> claimsDeniedConsent) throws SSOConsentServiceException {
String collectionMethod = "Web Form - Sign-in";
String jurisdiction = "NONE";
String language = "us_EN";
String consentType = "EXPLICIT";
String termination = CONSENT_VALIDITY_TYPE_VALID_UNTIL + CONSENT_VALIDITY_TYPE_SEPARATOR + CONSENT_VALIDITY_TYPE_VALID_UNTIL_INDEFINITE;
String policyUrl = "NONE";
Purpose purpose = getDefaultPurpose();
PurposeCategory purposeCategory = getDefaultPurposeCategory();
List<PIICategoryValidity> piiCategoryIds = getPiiCategoryValidityForClaims(claimsWithConsent, claimsDeniedConsent, termination);
List<ReceiptServiceInput> serviceInputs = new ArrayList<>();
List<ReceiptPurposeInput> purposeInputs = new ArrayList<>();
List<Integer> purposeCategoryIds = new ArrayList<>();
Map<String, String> properties = new HashMap<>();
purposeCategoryIds.add(purposeCategory.getId());
ReceiptPurposeInput purposeInput = getReceiptPurposeInput(consentType, termination, purpose, piiCategoryIds, purposeCategoryIds);
purposeInputs.add(purposeInput);
ReceiptServiceInput serviceInput = getReceiptServiceInput(serviceProvider, spTenantDomain, purposeInputs);
serviceInputs.add(serviceInput);
return getReceiptInput(subject, collectionMethod, jurisdiction, language, policyUrl, serviceInputs, properties);
}
use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.
the class ConsentUtilityService method validateReceiptPIIs.
/**
* Validate a given receipt with with respective purposes.
*
* @param receiptInput User given receipt.
* @param purposes Configured purposes.
* @throws ConsentUtilityServiceException ConsentUtilityServiceException.
*/
public void validateReceiptPIIs(ReceiptInput receiptInput, List<Purpose> purposes) throws ConsentUtilityServiceException {
if (purposes == null || receiptInput == null) {
throw new IllegalArgumentException("Receipt Input and purposes should not be null");
}
if (log.isDebugEnabled()) {
log.debug("Validating receipt against purposes.");
}
List<ReceiptServiceInput> services = receiptInput.getServices();
for (Purpose purpose : purposes) {
purpose = fillPurpose(purpose);
boolean purposeConsented = false;
Set<Integer> mandatoryPIIs = getMandatoryPIIs(purpose);
if (log.isDebugEnabled()) {
log.debug("Mandatory PIIs for purpose : " + purpose.getName() + " : " + Arrays.toString(mandatoryPIIs.toArray()));
}
for (ReceiptServiceInput service : services) {
List<ReceiptPurposeInput> consentPurposes = service.getPurposes();
for (ReceiptPurposeInput consentPurpose : consentPurposes) {
if (Objects.equals(consentPurpose.getPurposeId(), purpose.getId())) {
purposeConsented = true;
List<PIICategoryValidity> pIICategories = consentPurpose.getPiiCategory();
Set<Integer> consentedPIIs = getPIIs(pIICategories);
if (log.isDebugEnabled()) {
log.debug("Consented PIIs: " + Arrays.toString(consentedPIIs.toArray()));
}
if (!consentedPIIs.containsAll(mandatoryPIIs)) {
throw new ConsentUtilityServiceException("One or more mandatory attributes are missing in" + " the given receipt");
}
}
}
if (!purposeConsented && !mandatoryPIIs.isEmpty()) {
throw new ConsentUtilityServiceException("Consent receipt does not contain consent for " + "purpose " + purpose.getName() + " with ID: " + purpose.getId() + ", which has " + "mandatory PIIs");
}
}
}
}
use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project identity-governance by wso2-extensions.
the class UtilsTest method testGetConsentReceiptDTO.
@Test
public void testGetConsentReceiptDTO() throws Exception {
Receipt receipt = new Receipt();
receipt.setConsentReceiptId(CONSENT_RECEIPT_ID);
receipt.setVersion(RECEIPT_VERSION);
receipt.setJurisdiction(RECEIPT_JURISDICTION);
receipt.setCollectionMethod(RECEIPT_COLLECTION_METHOD);
receipt.setLanguage(RECEIPT_LANGUAGE);
receipt.setPiiPrincipalId(USERNAME_CLAIM_VALUE);
receipt.setConsentTimestamp(1517447315404L);
PiiController piiController = new PiiController(PII_CONTROLLER_NAME, false, PII_CONTROLLER_CONTACT, PII_CONTROLLER_EMAIL, PII_CONTROLLER_PHONE, PII_CONTROLLER_URL, new Address(ADDRESS_COUNTRY, ADDRESS_LOCALITY, ADDRESS_REGION, ADDRESS_OFFICE_BOX_NUMBER, ADDRESS_POSTAL_CODE, ADDRESS_STREET_ADDRESS));
List<PiiController> piiControllers = new ArrayList<>();
piiControllers.add(piiController);
receipt.setPiiControllers(piiControllers);
ReceiptService receiptService = new ReceiptService();
receiptService.setService(SERVICE_TRAVELOCITY);
receiptService.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
receiptService.setTenantId(MultitenantConstants.SUPER_TENANT_ID);
receiptService.setReceiptToServiceId(1);
ConsentPurpose consentPurpose = new ConsentPurpose();
consentPurpose.setPurpose(CONSENT_PURPOSE);
List<String> purposeCategories = new ArrayList<>();
purposeCategories.add(PURPOSE_CATEGORY);
consentPurpose.setPurposeCategory(purposeCategories);
consentPurpose.setConsentType(CONSENT_TYPE);
PIICategoryValidity piiCategory = new PIICategoryValidity(PII_CATEGORY_ID, PII_CATEGORY_VALIDITY);
List<PIICategoryValidity> piiCategories = new ArrayList<>();
piiCategories.add(piiCategory);
consentPurpose.setPiiCategory(piiCategories);
consentPurpose.setPrimaryPurpose(true);
consentPurpose.setTermination(CONSENT_TERMINATION);
consentPurpose.setThirdPartyDisclosure(false);
consentPurpose.setServiceToPurposeId(1);
List<ConsentPurpose> purposes = new ArrayList<>();
purposes.add(consentPurpose);
receiptService.setPurposes(purposes);
List<ReceiptService> receiptServices = new ArrayList<>();
receiptServices.add(receiptService);
receipt.setServices(receiptServices);
receipt.setPolicyUrl(RECEIPT_POLICY_URL);
receipt.setSensitive(true);
receipt.setState(RECEIPT_STATE);
receipt.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
receipt.setTenantId(-1234);
List<String> spiCategory = new ArrayList<>();
spiCategory.add(SPI_CATEGORY);
receipt.setSpiCat(spiCategory);
ConsentReceiptDTO consentReceiptDTO = Utils.getConsentReceiptDTO(receipt);
Assert.assertEquals(consentReceiptDTO.getConsentReceiptID(), CONSENT_RECEIPT_ID);
Assert.assertEquals(consentReceiptDTO.getVersion(), RECEIPT_VERSION);
Assert.assertEquals(consentReceiptDTO.getJurisdiction(), RECEIPT_JURISDICTION);
Assert.assertEquals(consentReceiptDTO.getCollectionMethod(), RECEIPT_COLLECTION_METHOD);
Assert.assertEquals(consentReceiptDTO.getLanguage(), RECEIPT_LANGUAGE);
Assert.assertEquals(consentReceiptDTO.getPolicyUrl(), RECEIPT_POLICY_URL);
Assert.assertEquals(consentReceiptDTO.getSensitive(), Boolean.TRUE);
Assert.assertEquals(consentReceiptDTO.getState(), RECEIPT_STATE);
Assert.assertEquals(consentReceiptDTO.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
Assert.assertEquals(consentReceiptDTO.getConsentTimestamp(), Long.valueOf(RECEIPT_CONSENT_TIMESTAMP));
Assert.assertEquals(consentReceiptDTO.getSpiCat().size(), 1);
Assert.assertEquals(consentReceiptDTO.getSpiCat().get(0), SPI_CATEGORY);
List<PiiControllerDTO> piiControllersFromDTO = consentReceiptDTO.getPiiControllers();
Assert.assertEquals(piiControllersFromDTO.size(), 1);
Assert.assertEquals(piiControllersFromDTO.get(0).getContact(), PII_CONTROLLER_CONTACT);
Assert.assertEquals(piiControllersFromDTO.get(0).getEmail(), PII_CONTROLLER_EMAIL);
Assert.assertEquals(piiControllersFromDTO.get(0).getPhone(), PII_CONTROLLER_PHONE);
Assert.assertEquals(piiControllersFromDTO.get(0).getPiiControllerUrl(), PII_CONTROLLER_URL);
Assert.assertEquals(piiControllersFromDTO.get(0).getPiiController(), PII_CONTROLLER_NAME);
Assert.assertEquals(piiControllersFromDTO.get(0).getOnBehalf(), Boolean.FALSE);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressCountry(), ADDRESS_COUNTRY);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressLocality(), ADDRESS_LOCALITY);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressRegion(), ADDRESS_REGION);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostalCode(), ADDRESS_POSTAL_CODE);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostOfficeBoxNumber(), ADDRESS_OFFICE_BOX_NUMBER);
Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getStreetAddress(), ADDRESS_STREET_ADDRESS);
Assert.assertEquals(consentReceiptDTO.getServices().size(), 1);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getService(), SERVICE_TRAVELOCITY);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().size(), 1);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getConsentType(), CONSENT_TYPE);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurpose(), CONSENT_PURPOSE);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getTermination(), CONSENT_TERMINATION);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyName(), null);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyDisclosure(), Boolean.FALSE);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPrimaryPurpose(), Boolean.TRUE);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().size(), 1);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().get(0).getValidity(), PII_CATEGORY_VALIDITY);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().size(), 1);
Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().get(0), PURPOSE_CATEGORY);
}
Aggregations