use of org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput in project carbon-identity-framework by wso2.
the class JITProvisioningPostAuthenticationHandler method getReceiptServiceInputs.
/**
* To build ReceiptServices from the incoming receipt.
*
* @param receipt Relevant incoming receipt send from the client side.
* @return Set of the receipt services.
*/
private List<ReceiptServiceInput> getReceiptServiceInputs(JSONObject receipt) {
JSONArray services = receipt.getJSONArray(FrameworkConstants.Consent.SERVICES);
List<ReceiptServiceInput> receiptServiceInputs = new ArrayList<>();
for (int serviceIndex = 0; serviceIndex < services.length(); serviceIndex++) {
JSONObject service = services.getJSONObject(serviceIndex);
ReceiptServiceInput receiptServiceInput = new ReceiptServiceInput();
JSONArray purposes = service.getJSONArray(FrameworkConstants.Consent.PURPOSES);
List<ReceiptPurposeInput> receiptPurposeInputs = new ArrayList<>();
for (int purposeIndex = 0; purposeIndex < purposes.length(); purposeIndex++) {
receiptPurposeInputs.add(getReceiptPurposeInputs((JSONObject) purposes.get(purposeIndex)));
}
receiptServiceInput.setPurposes(receiptPurposeInputs);
receiptServiceInputs.add(receiptServiceInput);
}
return receiptServiceInputs;
}
use of org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput in project carbon-identity-framework by wso2.
the class ConsentUtilityService method validateReceiptPIIs.
/**
* Validate a given receipt with with respective purposes.
*
* @param receiptInput User given receipt.
* @param purposes Configured purposes.
* @throws ConsentUtilityServiceException ConsentUtilityServiceException.
*/
public void validateReceiptPIIs(ReceiptInput receiptInput, List<Purpose> purposes) throws ConsentUtilityServiceException {
if (purposes == null || receiptInput == null) {
throw new IllegalArgumentException("Receipt Input and purposes should not be null");
}
if (log.isDebugEnabled()) {
log.debug("Validating receipt against purposes.");
}
List<ReceiptServiceInput> services = receiptInput.getServices();
for (Purpose purpose : purposes) {
purpose = fillPurpose(purpose);
boolean purposeConsented = false;
Set<Integer> mandatoryPIIs = getMandatoryPIIs(purpose);
if (log.isDebugEnabled()) {
log.debug("Mandatory PIIs for purpose : " + purpose.getName() + " : " + Arrays.toString(mandatoryPIIs.toArray()));
}
for (ReceiptServiceInput service : services) {
List<ReceiptPurposeInput> consentPurposes = service.getPurposes();
for (ReceiptPurposeInput consentPurpose : consentPurposes) {
if (Objects.equals(consentPurpose.getPurposeId(), purpose.getId())) {
purposeConsented = true;
List<PIICategoryValidity> pIICategories = consentPurpose.getPiiCategory();
Set<Integer> consentedPIIs = getPIIs(pIICategories);
if (log.isDebugEnabled()) {
log.debug("Consented PIIs: " + Arrays.toString(consentedPIIs.toArray()));
}
if (!consentedPIIs.containsAll(mandatoryPIIs)) {
throw new ConsentUtilityServiceException("One or more mandatory attributes are missing in" + " the given receipt");
}
}
}
if (!purposeConsented && !mandatoryPIIs.isEmpty()) {
throw new ConsentUtilityServiceException("Consent receipt does not contain consent for " + "purpose " + purpose.getName() + " with ID: " + purpose.getId() + ", which has " + "mandatory PIIs");
}
}
}
}
Aggregations