Search in sources :

Example 6 with ReceiptPurposeInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method getReceiptServiceInputs.

/**
 * To build ReceiptServices from the incoming receipt.
 *
 * @param receipt Relevant incoming receipt send from the client side.
 * @return Set of the receipt services.
 */
private List<ReceiptServiceInput> getReceiptServiceInputs(JSONObject receipt) {
    JSONArray services = receipt.getJSONArray(FrameworkConstants.Consent.SERVICES);
    List<ReceiptServiceInput> receiptServiceInputs = new ArrayList<>();
    for (int serviceIndex = 0; serviceIndex < services.length(); serviceIndex++) {
        JSONObject service = services.getJSONObject(serviceIndex);
        ReceiptServiceInput receiptServiceInput = new ReceiptServiceInput();
        JSONArray purposes = service.getJSONArray(FrameworkConstants.Consent.PURPOSES);
        List<ReceiptPurposeInput> receiptPurposeInputs = new ArrayList<>();
        for (int purposeIndex = 0; purposeIndex < purposes.length(); purposeIndex++) {
            receiptPurposeInputs.add(getReceiptPurposeInputs((JSONObject) purposes.get(purposeIndex)));
        }
        receiptServiceInput.setPurposes(receiptPurposeInputs);
        receiptServiceInputs.add(receiptServiceInput);
    }
    return receiptServiceInputs;
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) JSONObject(org.json.JSONObject) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) JSONArray(org.json.JSONArray) ArrayList(java.util.ArrayList)

Example 7 with ReceiptPurposeInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput in project carbon-identity-framework by wso2.

the class ConsentUtilityService method validateReceiptPIIs.

/**
 * Validate a given receipt with with respective purposes.
 *
 * @param receiptInput User given receipt.
 * @param purposes     Configured purposes.
 * @throws ConsentUtilityServiceException ConsentUtilityServiceException.
 */
public void validateReceiptPIIs(ReceiptInput receiptInput, List<Purpose> purposes) throws ConsentUtilityServiceException {
    if (purposes == null || receiptInput == null) {
        throw new IllegalArgumentException("Receipt Input and purposes should not be null");
    }
    if (log.isDebugEnabled()) {
        log.debug("Validating receipt against purposes.");
    }
    List<ReceiptServiceInput> services = receiptInput.getServices();
    for (Purpose purpose : purposes) {
        purpose = fillPurpose(purpose);
        boolean purposeConsented = false;
        Set<Integer> mandatoryPIIs = getMandatoryPIIs(purpose);
        if (log.isDebugEnabled()) {
            log.debug("Mandatory PIIs for purpose : " + purpose.getName() + " : " + Arrays.toString(mandatoryPIIs.toArray()));
        }
        for (ReceiptServiceInput service : services) {
            List<ReceiptPurposeInput> consentPurposes = service.getPurposes();
            for (ReceiptPurposeInput consentPurpose : consentPurposes) {
                if (Objects.equals(consentPurpose.getPurposeId(), purpose.getId())) {
                    purposeConsented = true;
                    List<PIICategoryValidity> pIICategories = consentPurpose.getPiiCategory();
                    Set<Integer> consentedPIIs = getPIIs(pIICategories);
                    if (log.isDebugEnabled()) {
                        log.debug("Consented PIIs: " + Arrays.toString(consentedPIIs.toArray()));
                    }
                    if (!consentedPIIs.containsAll(mandatoryPIIs)) {
                        throw new ConsentUtilityServiceException("One or more mandatory attributes are missing in" + " the given receipt");
                    }
                }
            }
            if (!purposeConsented && !mandatoryPIIs.isEmpty()) {
                throw new ConsentUtilityServiceException("Consent receipt does not contain consent for " + "purpose " + purpose.getName() + " with ID: " + purpose.getId() + ", which has " + "mandatory PIIs");
            }
        }
    }
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) ConsentUtilityServiceException(org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)

Aggregations

ReceiptPurposeInput (org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput)6 ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)5 PIICategoryValidity (org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)4 ArrayList (java.util.ArrayList)3 JSONArray (org.json.JSONArray)2 JSONObject (org.json.JSONObject)2 Purpose (org.wso2.carbon.consent.mgt.core.model.Purpose)2 ConsentUtilityServiceException (org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException)2 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 ConsentPurpose (org.wso2.carbon.consent.mgt.core.model.ConsentPurpose)1 PurposeCategory (org.wso2.carbon.consent.mgt.core.model.PurposeCategory)1