Examples with Receipt org.wso2.carbon.consent.mgt.core.model.Receipt used on opensource projects

Example 1 with Receipt

use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.

the class ConsentDeletionUserEventHandler method handleEvent.

/**
 * Delete consents issued against a particular user when a user is deleted.
 *
 * @param event Post User Delete event.
 * @throws IdentityEventException IdentityEventException.
 */
@Override
public void handleEvent(Event event) throws IdentityEventException {
    IdentityEventMessageContext eventContext = new IdentityEventMessageContext(event);
    if (!isEnabled(eventContext)) {
        if (log.isDebugEnabled()) {
            log.debug("ConsentDeletionUserEventHandler is disabled. Not handling the " + event.getEventName() + " event.");
        }
        return;
    }
    Map<String, Object> eventProperties = event.getEventProperties();
    String userName = (String) eventProperties.get(IdentityEventConstants.EventProperty.USER_NAME);
    UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get(IdentityEventConstants.EventProperty.USER_STORE_MANAGER);
    String domainName = userStoreManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
    String tenantDomain = getUserTenantDomain(eventProperties);
    String usernameWithUserStoreDomain = UserCoreUtil.addDomainToName(userName, domainName);
    if (log.isDebugEnabled()) {
        log.debug(String.format("Deleting consents for user: %s , in tenant domain :%s", usernameWithUserStoreDomain, tenantDomain));
    }
    ConsentManager consentManager = IdentityConsentDataHolder.getInstance().getPrivilegedConsentManager();
    try {
        List<ReceiptListResponse> receiptListResponses = consentManager.searchReceipts(consentSearchLimit, 0, usernameWithUserStoreDomain, null, "*", null);
        if (log.isDebugEnabled()) {
            log.debug(String.format("Found %d receipts issued for user: %s, in tenant domain: %s", receiptListResponses.size(), usernameWithUserStoreDomain, tenantDomain));
        }
        receiptListResponses.forEach(rethrowConsumer(receiptListResponse -> {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Deleting receipt with ID : %s, issued for application %s", receiptListResponse.getConsentReceiptId(), receiptListResponse.getSpDisplayName()));
            }
            consentManager.deleteReceipt(receiptListResponse.getConsentReceiptId());
        }));
    } catch (ConsentManagementException e) {
        throw new IdentityEventException("Error while deleting consents for user " + userName, e);
    }
}

Example 2 with Receipt

use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.

the class ConsentUtilityService method filterPIIsFromReceipt.

/**
 * If the consent is not given for a PII
 *
 * @param keySet
 * @param receipt
 * @return
 * @throws ConsentUtilityServiceException
 */
public Set<String> filterPIIsFromReceipt(Set<String> keySet, ReceiptInput receipt) throws ConsentUtilityServiceException {
    if (keySet == null || receipt == null) {
        throw new ConsentUtilityServiceException("Key set and receipt should not be null");
    }
    List<ReceiptServiceInput> services = receipt.getServices();
    Set<String> consentedPIIs = new HashSet<>();
    for (ReceiptServiceInput service : services) {
        List<ReceiptPurposeInput> purposes = service.getPurposes();
        for (ReceiptPurposeInput consentPurpose : purposes) {
            List<PIICategoryValidity> piiCategories = consentPurpose.getPiiCategory();
            for (PIICategoryValidity piiCategory : piiCategories) {
                consentedPIIs.add(getPIIName(consentPurpose.getPurposeId(), piiCategory.getId()));
            }
        }
    }
    keySet.retainAll(consentedPIIs);
    return keySet;
}

Example 3 with Receipt

use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method setIDPData.

/**
 * Set the IDP releated data in the receipt service input.
 *
 * @param tenantDomain        Tenant domain.
 * @param receiptServiceInput Relevant receipt service input which the
 * @throws PostAuthenticationFailedException Post Authentication Failed Exception.
 */
private void setIDPData(String tenantDomain, ReceiptServiceInput receiptServiceInput) throws PostAuthenticationFailedException {
    String resideIdpDescription = "Resident IDP";
    IdentityProviderManager idpManager = IdentityProviderManager.getInstance();
    IdentityProvider residentIdP = null;
    try {
        residentIdP = idpManager.getResidentIdP(tenantDomain);
    } catch (IdentityProviderManagementException e) {
        handleExceptions(String.format(ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA.getMessage(), tenantDomain), ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA.getCode(), e);
    }
    if (residentIdP == null) {
        throw new PostAuthenticationFailedException(ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA_IDP_IS_NULL.getCode(), String.format(ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA_IDP_IS_NULL.getMessage(), tenantDomain));
    }
    if (StringUtils.isEmpty(receiptServiceInput.getService())) {
        if (log.isDebugEnabled()) {
            log.debug("No service name found. Hence adding resident IDP home realm ID");
        }
        receiptServiceInput.setService(residentIdP.getHomeRealmId());
    }
    if (StringUtils.isEmpty(receiptServiceInput.getTenantDomain())) {
        receiptServiceInput.setTenantDomain(tenantDomain);
    }
    if (StringUtils.isEmpty(receiptServiceInput.getSpDescription())) {
        if (StringUtils.isNotEmpty(residentIdP.getIdentityProviderDescription())) {
            receiptServiceInput.setSpDescription(residentIdP.getIdentityProviderDescription());
        } else {
            receiptServiceInput.setSpDescription(resideIdpDescription);
        }
    }
    if (StringUtils.isEmpty(receiptServiceInput.getSpDisplayName())) {
        if (StringUtils.isNotEmpty(residentIdP.getDisplayName())) {
            receiptServiceInput.setSpDisplayName(residentIdP.getDisplayName());
        } else {
            receiptServiceInput.setSpDisplayName(resideIdpDescription);
        }
    }
}

Example 4 with Receipt

use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method getReceiptPurposeInputs.

/**
 * To get the receive purpose inputs from json object from the client side.
 *
 * @param receiptPurpose Relevant receipt purpose.
 * @return receipt purpose input, based on receipt purpose object.
 */
private ReceiptPurposeInput getReceiptPurposeInputs(JSONObject receiptPurpose) {
    ReceiptPurposeInput receiptPurposeInput = new ReceiptPurposeInput();
    receiptPurposeInput.setConsentType(FrameworkConstants.Consent.EXPLICIT_CONSENT_TYPE);
    receiptPurposeInput.setPrimaryPurpose(true);
    receiptPurposeInput.setThirdPartyDisclosure(false);
    receiptPurposeInput.setPurposeId(receiptPurpose.getInt("purposeId"));
    JSONArray purposeCategoryId = receiptPurpose.getJSONArray("purposeCategoryId");
    List<Integer> purposeCategoryIdArray = new ArrayList<>();
    for (int index = 0; index < purposeCategoryId.length(); index++) {
        purposeCategoryIdArray.add(purposeCategoryId.getInt(index));
    }
    receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
    receiptPurposeInput.setPurposeCategoryId(purposeCategoryIdArray);
    receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
    List<PIICategoryValidity> piiCategoryValidities = new ArrayList<>();
    JSONArray piiCategories = (JSONArray) receiptPurpose.get(FrameworkConstants.Consent.PII_CATEGORY);
    for (int categoryIndex = 0; categoryIndex < piiCategories.length(); categoryIndex++) {
        JSONObject piiCategory = (JSONObject) piiCategories.get(categoryIndex);
        PIICategoryValidity piiCategoryValidity = new PIICategoryValidity(piiCategory.getInt("piiCategoryId"), FrameworkConstants.Consent.INFINITE_TERMINATION);
        piiCategoryValidity.setConsented(true);
        piiCategoryValidities.add(piiCategoryValidity);
    }
    receiptPurposeInput.setPiiCategory(piiCategoryValidities);
    return receiptPurposeInput;
}

Example 5 with Receipt

use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method buildConsentForResidentIDP.

/**
 * Builds consent receipt input according to consent API.
 *
 * @param piiPrincipalId P11 Principal ID
 * @param consent        Consent String which contains services.
 * @param policyURL      Policy URL.
 * @return Consent string which contains above facts.
 */
private ReceiptInput buildConsentForResidentIDP(String piiPrincipalId, String consent, String policyURL) {
    ReceiptInput receiptInput = new ReceiptInput();
    receiptInput.setJurisdiction("USA");
    receiptInput.setCollectionMethod(FrameworkConstants.Consent.COLLECTION_METHOD_JIT);
    receiptInput.setLanguage(FrameworkConstants.Consent.LANGUAGE_ENGLISH);
    receiptInput.setPiiPrincipalId(piiPrincipalId);
    receiptInput.setPolicyUrl(policyURL);
    JSONObject receipt = new JSONObject(consent);
    receiptInput.setServices(getReceiptServiceInputs(receipt));
    if (log.isDebugEnabled()) {
        log.debug("Built consent from endpoint util : " + consent);
    }
    return receiptInput;
}