Example 6 with Receipt
use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.
the class JITProvisioningPostAuthenticationHandler method addConsent.
/**
* Persist the consents received from the user, while user creation.
*
* @param receiptInput Relevant receipt input representing consent data.
* @param tenantDomain Relevant tenant domain.
* @throws PostAuthenticationFailedException Post Authentication Failed Exception.
*/
private void addConsent(ReceiptInput receiptInput, String tenantDomain) throws PostAuthenticationFailedException {
ConsentManager consentManager = FrameworkServiceDataHolder.getInstance().getConsentManager();
if (receiptInput.getServices().size() == 0) {
throw new PostAuthenticationFailedException(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain));
}
// There should be one receipt
ReceiptServiceInput receiptServiceInput = receiptInput.getServices().get(0);
receiptServiceInput.setTenantDomain(tenantDomain);
try {
setIDPData(tenantDomain, receiptServiceInput);
receiptInput.setTenantDomain(tenantDomain);
consentManager.addConsent(receiptInput);
} catch (ConsentManagementException e) {
handleExceptions(String.format(ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), tenantDomain), ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), e);
}
}
Also used :
ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager)
PostAuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException)
Example 7 with Receipt
use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method addReceipt.
private void addReceipt(String subject, String subjectTenantDomain, ServiceProvider serviceProvider, String spTenantDomain, List<ClaimMetaData> claimsWithConsent, List<ClaimMetaData> claimsDeniedConsent) throws SSOConsentServiceException {
ReceiptInput receiptInput = buildReceiptInput(subject, serviceProvider, spTenantDomain, claimsWithConsent, claimsDeniedConsent);
AddReceiptResponse receiptResponse;
try {
startTenantFlowWithUser(subject, subjectTenantDomain);
receiptResponse = getConsentManager().addConsent(receiptInput);
} catch (ConsentManagementException e) {
throw new SSOConsentServiceException("Consent receipt error", "Error while adding the consent " + "receipt", e);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
if (isDebugEnabled()) {
logDebug("Successfully added consent receipt: " + receiptResponse.getConsentReceiptId());
}
}
Also used :
AddReceiptResponse(org.wso2.carbon.consent.mgt.core.model.AddReceiptResponse)
ReceiptInput(org.wso2.carbon.consent.mgt.core.model.ReceiptInput)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)
Example 8 with Receipt
use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method getClaimsWithConsents.
/**
* Retrieves claims which a user has provided consent for a given service provider.
*
* @param serviceProvider Service provider to retrieve the consent against.
* @param authenticatedUser Authenticated user to related to consent claim retrieval.
* @return List of claim which the user has provided consent for the given service provider.
* @throws SSOConsentServiceException If error occurs while retrieve user consents.
*/
@Override
public List<ClaimMetaData> getClaimsWithConsents(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser) throws SSOConsentServiceException {
if (!isSSOConsentManagementEnabled(serviceProvider)) {
String message = "Consent management for SSO is disabled.";
throw new SSOConsentDisabledException(message, message);
}
if (serviceProvider == null) {
throw new SSOConsentServiceException("Service provider cannot be null.");
}
String spName = serviceProvider.getApplicationName();
List<ClaimMetaData> receiptConsentMetaData = new ArrayList<>();
String spTenantDomain = getSPTenantDomain(serviceProvider);
String subject = buildSubjectWithUserStoreDomain(authenticatedUser);
Receipt receipt = getConsentReceiptOfUser(serviceProvider, authenticatedUser, spName, spTenantDomain, subject);
if (receipt == null) {
return receiptConsentMetaData;
} else {
receiptConsentMetaData = getRequestedClaimsFromReceipt(receipt, true);
}
return receiptConsentMetaData;
}
Also used :
SSOConsentDisabledException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentDisabledException)
Receipt(org.wso2.carbon.consent.mgt.core.model.Receipt)
ArrayList(java.util.ArrayList)
SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)
Example 9 with Receipt
use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method processConsent.
@Override
public void processConsent(List<Integer> consentApprovedClaimIds, ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser, ConsentClaimsData consentClaimsData, boolean overrideExistingConsent) throws SSOConsentServiceException {
if (!isSSOConsentManagementEnabled(serviceProvider)) {
String message = "Consent management for SSO is disabled.";
throw new SSOConsentDisabledException(message, message);
}
if (isDebugEnabled()) {
logDebug("User: " + authenticatedUser.getAuthenticatedSubjectIdentifier() + " has approved consent.");
}
UserConsent userConsent = processUserConsent(consentApprovedClaimIds, consentClaimsData);
if (isEmpty(userConsent.getApprovedClaims()) && isEmpty(userConsent.getDisapprovedClaims())) {
if (isDebugEnabled()) {
logDebug("User: " + authenticatedUser.getAuthenticatedSubjectIdentifier() + " has not provided new " + "approved/disapproved consent. Hence skipping the consent progress.");
}
return;
}
String subject = buildSubjectWithUserStoreDomain(authenticatedUser);
List<ClaimMetaData> claimsWithConsent;
List<ClaimMetaData> claimsDeniedConsent;
if (!overrideExistingConsent) {
String spName = serviceProvider.getApplicationName();
String spTenantDomain = getSPTenantDomain(serviceProvider);
Receipt receipt = getConsentReceiptOfUser(serviceProvider, authenticatedUser, spName, spTenantDomain, subject);
claimsWithConsent = getUserRequestedClaims(receipt, userConsent, true);
claimsDeniedConsent = getUserRequestedClaims(receipt, userConsent, false);
} else {
claimsWithConsent = userConsent.getApprovedClaims();
claimsDeniedConsent = userConsent.getDisapprovedClaims();
}
String spTenantDomain = getSPTenantDomain(serviceProvider);
String subjectTenantDomain = authenticatedUser.getTenantDomain();
if (isNotEmpty(claimsWithConsent) || isNotEmpty(claimsDeniedConsent)) {
addReceipt(subject, subjectTenantDomain, serviceProvider, spTenantDomain, claimsWithConsent, claimsDeniedConsent);
}
}
Also used :
SSOConsentDisabledException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentDisabledException)
Receipt(org.wso2.carbon.consent.mgt.core.model.Receipt)
Example 10 with Receipt
use of org.wso2.carbon.consent.mgt.core.model.Receipt in project carbon-mediation by wso2.
the class AS4Receiver method generateAS4SignalMessage.
/**
* Generate <eb3:Messaging></eb3:Messaging> Signal message containing the receipt
* @param messageContext {@link MessageContext} object
* @param messaging Messaging object
*/
private void generateAS4SignalMessage(MessageContext messageContext, Messaging messaging) throws IOException, XMLStreamException, JAXBException {
String messageId = messaging.getUserMessage().getMessageInfo().getMessageId();
Messaging responseMessaging = new Messaging();
responseMessaging.setMustUnderstand("true");
SignalMessage signalMessage = new SignalMessage();
MessageInfo responseMessageInfo = new MessageInfo();
responseMessageInfo.setTimestamp(new Date());
responseMessageInfo.setMessageId(MessageIdGenerator.createMessageId());
responseMessageInfo.setRefToMessageId(messageId);
signalMessage.setMessageInfo(responseMessageInfo);
responseMessaging.setSignalMessage(signalMessage);
JAXBContext jaxbContext = JAXBContext.newInstance(Messaging.class);
Marshaller messagingMarshaller = jaxbContext.createMarshaller();
OMNode node = AS4Utils.getOMNode(messagingMarshaller, responseMessaging);
SOAPEnvelope soapEnvelope = OMAbstractFactory.getSOAP12Factory().createSOAPEnvelope();
soapEnvelope.addChild(OMAbstractFactory.getSOAP12Factory().createSOAPHeader());
soapEnvelope.addChild(OMAbstractFactory.getSOAP12Factory().createSOAPBody());
soapEnvelope.getHeader().addChild(node);
messageContext.setEnvelope(soapEnvelope);
messageContext.setTo(null);
}
Also used :
OMNode(org.apache.axiom.om.OMNode)
Marshaller(javax.xml.bind.Marshaller)
SignalMessage(org.wso2.carbon.mediation.connector.message.beans.SignalMessage)
Messaging(org.wso2.carbon.mediation.connector.message.beans.Messaging)
JAXBContext(javax.xml.bind.JAXBContext)
SOAPEnvelope(org.apache.axiom.soap.SOAPEnvelope)
Date(java.util.Date)
MessageInfo(org.wso2.carbon.mediation.connector.message.beans.MessageInfo)
Aggregations
ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)9
Receipt (org.wso2.carbon.consent.mgt.core.model.Receipt)9
ArrayList (java.util.ArrayList)8
ConsentManager (org.wso2.carbon.consent.mgt.core.ConsentManager)7
ReceiptListResponse (org.wso2.carbon.consent.mgt.core.model.ReceiptListResponse)7
JSONObject (org.json.JSONObject)6
Test (org.testng.annotations.Test)6
SSOConsentServiceException (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)6
ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)5
PIICategoryValidity (org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)4
ReceiptPurposeInput (org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput)4
ConsentReceiptDTO (org.wso2.carbon.identity.user.export.core.dto.ConsentReceiptDTO)4
HashMap (java.util.HashMap)3
List (java.util.List)3
Map (java.util.Map)3
JSONArray (org.json.JSONArray)3
ReceiptInput (org.wso2.carbon.consent.mgt.core.model.ReceiptInput)3
SSOConsentDisabledException (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentDisabledException)3
RealmService (org.wso2.carbon.user.core.service.RealmService)3
TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)3
