Search in sources :

Example 6 with PIICategoryValidity

use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method getClaimsFromPIICategoryValidity.

private List<ClaimMetaData> getClaimsFromPIICategoryValidity(List<PIICategoryValidity> piiCategories) {
    List<ClaimMetaData> claimMetaDataList = new ArrayList<>();
    for (PIICategoryValidity piiCategoryValidity : piiCategories) {
        if (isConsentForClaimValid(piiCategoryValidity)) {
            ClaimMetaData claimMetaData = new ClaimMetaData();
            claimMetaData.setClaimUri(piiCategoryValidity.getName());
            claimMetaData.setDisplayName(piiCategoryValidity.getDisplayName());
            claimMetaDataList.add(claimMetaData);
        }
    }
    return claimMetaDataList;
}
Also used : ArrayList(java.util.ArrayList) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)

Example 7 with PIICategoryValidity

use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method buildReceiptInput.

private ReceiptInput buildReceiptInput(String subject, ServiceProvider serviceProvider, String spTenantDomain, List<ClaimMetaData> claimsWithConsent, List<ClaimMetaData> claimsDeniedConsent) throws SSOConsentServiceException {
    String collectionMethod = "Web Form - Sign-in";
    String jurisdiction = "NONE";
    String language = "us_EN";
    String consentType = "EXPLICIT";
    String termination = CONSENT_VALIDITY_TYPE_VALID_UNTIL + CONSENT_VALIDITY_TYPE_SEPARATOR + CONSENT_VALIDITY_TYPE_VALID_UNTIL_INDEFINITE;
    String policyUrl = "NONE";
    Purpose purpose = getDefaultPurpose();
    PurposeCategory purposeCategory = getDefaultPurposeCategory();
    List<PIICategoryValidity> piiCategoryIds = getPiiCategoryValidityForClaims(claimsWithConsent, claimsDeniedConsent, termination);
    List<ReceiptServiceInput> serviceInputs = new ArrayList<>();
    List<ReceiptPurposeInput> purposeInputs = new ArrayList<>();
    List<Integer> purposeCategoryIds = new ArrayList<>();
    Map<String, String> properties = new HashMap<>();
    purposeCategoryIds.add(purposeCategory.getId());
    ReceiptPurposeInput purposeInput = getReceiptPurposeInput(consentType, termination, purpose, piiCategoryIds, purposeCategoryIds);
    purposeInputs.add(purposeInput);
    ReceiptServiceInput serviceInput = getReceiptServiceInput(serviceProvider, spTenantDomain, purposeInputs);
    serviceInputs.add(serviceInput);
    return getReceiptInput(subject, collectionMethod, jurisdiction, language, policyUrl, serviceInputs, properties);
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) ConsentPurpose(org.wso2.carbon.consent.mgt.core.model.ConsentPurpose) Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) PurposeCategory(org.wso2.carbon.consent.mgt.core.model.PurposeCategory)

Example 8 with PIICategoryValidity

use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project carbon-identity-framework by wso2.

the class ConsentUtilityService method validateReceiptPIIs.

/**
 * Validate a given receipt with with respective purposes.
 *
 * @param receiptInput User given receipt.
 * @param purposes     Configured purposes.
 * @throws ConsentUtilityServiceException ConsentUtilityServiceException.
 */
public void validateReceiptPIIs(ReceiptInput receiptInput, List<Purpose> purposes) throws ConsentUtilityServiceException {
    if (purposes == null || receiptInput == null) {
        throw new IllegalArgumentException("Receipt Input and purposes should not be null");
    }
    if (log.isDebugEnabled()) {
        log.debug("Validating receipt against purposes.");
    }
    List<ReceiptServiceInput> services = receiptInput.getServices();
    for (Purpose purpose : purposes) {
        purpose = fillPurpose(purpose);
        boolean purposeConsented = false;
        Set<Integer> mandatoryPIIs = getMandatoryPIIs(purpose);
        if (log.isDebugEnabled()) {
            log.debug("Mandatory PIIs for purpose : " + purpose.getName() + " : " + Arrays.toString(mandatoryPIIs.toArray()));
        }
        for (ReceiptServiceInput service : services) {
            List<ReceiptPurposeInput> consentPurposes = service.getPurposes();
            for (ReceiptPurposeInput consentPurpose : consentPurposes) {
                if (Objects.equals(consentPurpose.getPurposeId(), purpose.getId())) {
                    purposeConsented = true;
                    List<PIICategoryValidity> pIICategories = consentPurpose.getPiiCategory();
                    Set<Integer> consentedPIIs = getPIIs(pIICategories);
                    if (log.isDebugEnabled()) {
                        log.debug("Consented PIIs: " + Arrays.toString(consentedPIIs.toArray()));
                    }
                    if (!consentedPIIs.containsAll(mandatoryPIIs)) {
                        throw new ConsentUtilityServiceException("One or more mandatory attributes are missing in" + " the given receipt");
                    }
                }
            }
            if (!purposeConsented && !mandatoryPIIs.isEmpty()) {
                throw new ConsentUtilityServiceException("Consent receipt does not contain consent for " + "purpose " + purpose.getName() + " with ID: " + purpose.getId() + ", which has " + "mandatory PIIs");
            }
        }
    }
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) ConsentUtilityServiceException(org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)

Example 9 with PIICategoryValidity

use of org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity in project identity-governance by wso2-extensions.

the class UtilsTest method testGetConsentReceiptDTO.

@Test
public void testGetConsentReceiptDTO() throws Exception {
    Receipt receipt = new Receipt();
    receipt.setConsentReceiptId(CONSENT_RECEIPT_ID);
    receipt.setVersion(RECEIPT_VERSION);
    receipt.setJurisdiction(RECEIPT_JURISDICTION);
    receipt.setCollectionMethod(RECEIPT_COLLECTION_METHOD);
    receipt.setLanguage(RECEIPT_LANGUAGE);
    receipt.setPiiPrincipalId(USERNAME_CLAIM_VALUE);
    receipt.setConsentTimestamp(1517447315404L);
    PiiController piiController = new PiiController(PII_CONTROLLER_NAME, false, PII_CONTROLLER_CONTACT, PII_CONTROLLER_EMAIL, PII_CONTROLLER_PHONE, PII_CONTROLLER_URL, new Address(ADDRESS_COUNTRY, ADDRESS_LOCALITY, ADDRESS_REGION, ADDRESS_OFFICE_BOX_NUMBER, ADDRESS_POSTAL_CODE, ADDRESS_STREET_ADDRESS));
    List<PiiController> piiControllers = new ArrayList<>();
    piiControllers.add(piiController);
    receipt.setPiiControllers(piiControllers);
    ReceiptService receiptService = new ReceiptService();
    receiptService.setService(SERVICE_TRAVELOCITY);
    receiptService.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    receiptService.setTenantId(MultitenantConstants.SUPER_TENANT_ID);
    receiptService.setReceiptToServiceId(1);
    ConsentPurpose consentPurpose = new ConsentPurpose();
    consentPurpose.setPurpose(CONSENT_PURPOSE);
    List<String> purposeCategories = new ArrayList<>();
    purposeCategories.add(PURPOSE_CATEGORY);
    consentPurpose.setPurposeCategory(purposeCategories);
    consentPurpose.setConsentType(CONSENT_TYPE);
    PIICategoryValidity piiCategory = new PIICategoryValidity(PII_CATEGORY_ID, PII_CATEGORY_VALIDITY);
    List<PIICategoryValidity> piiCategories = new ArrayList<>();
    piiCategories.add(piiCategory);
    consentPurpose.setPiiCategory(piiCategories);
    consentPurpose.setPrimaryPurpose(true);
    consentPurpose.setTermination(CONSENT_TERMINATION);
    consentPurpose.setThirdPartyDisclosure(false);
    consentPurpose.setServiceToPurposeId(1);
    List<ConsentPurpose> purposes = new ArrayList<>();
    purposes.add(consentPurpose);
    receiptService.setPurposes(purposes);
    List<ReceiptService> receiptServices = new ArrayList<>();
    receiptServices.add(receiptService);
    receipt.setServices(receiptServices);
    receipt.setPolicyUrl(RECEIPT_POLICY_URL);
    receipt.setSensitive(true);
    receipt.setState(RECEIPT_STATE);
    receipt.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    receipt.setTenantId(-1234);
    List<String> spiCategory = new ArrayList<>();
    spiCategory.add(SPI_CATEGORY);
    receipt.setSpiCat(spiCategory);
    ConsentReceiptDTO consentReceiptDTO = Utils.getConsentReceiptDTO(receipt);
    Assert.assertEquals(consentReceiptDTO.getConsentReceiptID(), CONSENT_RECEIPT_ID);
    Assert.assertEquals(consentReceiptDTO.getVersion(), RECEIPT_VERSION);
    Assert.assertEquals(consentReceiptDTO.getJurisdiction(), RECEIPT_JURISDICTION);
    Assert.assertEquals(consentReceiptDTO.getCollectionMethod(), RECEIPT_COLLECTION_METHOD);
    Assert.assertEquals(consentReceiptDTO.getLanguage(), RECEIPT_LANGUAGE);
    Assert.assertEquals(consentReceiptDTO.getPolicyUrl(), RECEIPT_POLICY_URL);
    Assert.assertEquals(consentReceiptDTO.getSensitive(), Boolean.TRUE);
    Assert.assertEquals(consentReceiptDTO.getState(), RECEIPT_STATE);
    Assert.assertEquals(consentReceiptDTO.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    Assert.assertEquals(consentReceiptDTO.getConsentTimestamp(), Long.valueOf(RECEIPT_CONSENT_TIMESTAMP));
    Assert.assertEquals(consentReceiptDTO.getSpiCat().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getSpiCat().get(0), SPI_CATEGORY);
    List<PiiControllerDTO> piiControllersFromDTO = consentReceiptDTO.getPiiControllers();
    Assert.assertEquals(piiControllersFromDTO.size(), 1);
    Assert.assertEquals(piiControllersFromDTO.get(0).getContact(), PII_CONTROLLER_CONTACT);
    Assert.assertEquals(piiControllersFromDTO.get(0).getEmail(), PII_CONTROLLER_EMAIL);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPhone(), PII_CONTROLLER_PHONE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPiiControllerUrl(), PII_CONTROLLER_URL);
    Assert.assertEquals(piiControllersFromDTO.get(0).getPiiController(), PII_CONTROLLER_NAME);
    Assert.assertEquals(piiControllersFromDTO.get(0).getOnBehalf(), Boolean.FALSE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressCountry(), ADDRESS_COUNTRY);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressLocality(), ADDRESS_LOCALITY);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getAddressRegion(), ADDRESS_REGION);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostalCode(), ADDRESS_POSTAL_CODE);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getPostOfficeBoxNumber(), ADDRESS_OFFICE_BOX_NUMBER);
    Assert.assertEquals(piiControllersFromDTO.get(0).getAddress().getStreetAddress(), ADDRESS_STREET_ADDRESS);
    Assert.assertEquals(consentReceiptDTO.getServices().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getService(), SERVICE_TRAVELOCITY);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getConsentType(), CONSENT_TYPE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurpose(), CONSENT_PURPOSE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getTermination(), CONSENT_TERMINATION);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyName(), null);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getThirdPartyDisclosure(), Boolean.FALSE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPrimaryPurpose(), Boolean.TRUE);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPiiCategory().get(0).getValidity(), PII_CATEGORY_VALIDITY);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().size(), 1);
    Assert.assertEquals(consentReceiptDTO.getServices().get(0).getPurposes().get(0).getPurposeCategory().get(0), PURPOSE_CATEGORY);
}
Also used : PiiController(org.wso2.carbon.consent.mgt.core.model.PiiController) ConsentReceiptDTO(org.wso2.carbon.identity.user.export.core.dto.ConsentReceiptDTO) Receipt(org.wso2.carbon.consent.mgt.core.model.Receipt) ReceiptService(org.wso2.carbon.consent.mgt.core.model.ReceiptService) Address(org.wso2.carbon.consent.mgt.core.model.Address) PiiControllerDTO(org.wso2.carbon.identity.user.export.core.dto.PiiControllerDTO) ArrayList(java.util.ArrayList) ConsentPurpose(org.wso2.carbon.consent.mgt.core.model.ConsentPurpose) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) Test(org.testng.annotations.Test)

Aggregations

PIICategoryValidity (org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)7 ArrayList (java.util.ArrayList)5 ReceiptPurposeInput (org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput)5 ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)3 ConsentPurpose (org.wso2.carbon.consent.mgt.core.model.ConsentPurpose)2 Purpose (org.wso2.carbon.consent.mgt.core.model.Purpose)2 ConsentUtilityServiceException (org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException)2 ConsentReceiptDTO (org.wso2.carbon.identity.user.export.core.dto.ConsentReceiptDTO)2 PiiControllerDTO (org.wso2.carbon.identity.user.export.core.dto.PiiControllerDTO)2 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 JSONArray (org.json.JSONArray)1 JSONObject (org.json.JSONObject)1 Test (org.testng.annotations.Test)1 ConsentManagementClientException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementClientException)1 ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)1 Address (org.wso2.carbon.consent.mgt.core.model.Address)1 PIICategory (org.wso2.carbon.consent.mgt.core.model.PIICategory)1 PiiController (org.wso2.carbon.consent.mgt.core.model.PiiController)1 PurposeCategory (org.wso2.carbon.consent.mgt.core.model.PurposeCategory)1