Search in sources :

Example 6 with ReceiptServiceInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput in project identity-governance by wso2-extensions.

the class UserSelfRegistrationManager method addConsent.

private void addConsent(String consent, String tenantDomain) throws ConsentManagementException, IdentityRecoveryServerException {
    Gson gson = new Gson();
    ReceiptInput receiptInput = gson.fromJson(consent, ReceiptInput.class);
    ConsentManager consentManager = IdentityRecoveryServiceDataHolder.getInstance().getConsentManager();
    if (receiptInput.getServices().size() < 0) {
        throw new IdentityRecoveryServerException("A service should be available in a receipt");
    }
    // There should be a one receipt
    ReceiptServiceInput receiptServiceInput = receiptInput.getServices().get(0);
    // without giving consent to any of the purposes.
    if (receiptServiceInput.getPurposes().isEmpty()) {
        if (log.isDebugEnabled()) {
            log.debug("Consent does not contain any purposes. Hence not adding consent");
        }
        return;
    }
    receiptServiceInput.setTenantDomain(tenantDomain);
    try {
        setIDPData(tenantDomain, receiptServiceInput);
    } catch (IdentityProviderManagementException e) {
        throw new ConsentManagementException("Error while retrieving identity provider data", "Error while " + "setting IDP data", e);
    }
    receiptInput.setTenantDomain(tenantDomain);
    consentManager.addConsent(receiptInput);
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) ReceiptInput(org.wso2.carbon.consent.mgt.core.model.ReceiptInput) IdentityRecoveryServerException(org.wso2.carbon.identity.recovery.IdentityRecoveryServerException) ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException) Gson(com.google.gson.Gson) ConsentManager(org.wso2.carbon.consent.mgt.core.ConsentManager) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Example 7 with ReceiptServiceInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method buildReceiptInput.

private ReceiptInput buildReceiptInput(String subject, ServiceProvider serviceProvider, String spTenantDomain, List<ClaimMetaData> claimsWithConsent, List<ClaimMetaData> claimsDeniedConsent) throws SSOConsentServiceException {
    String collectionMethod = "Web Form - Sign-in";
    String jurisdiction = "NONE";
    String language = "us_EN";
    String consentType = "EXPLICIT";
    String termination = CONSENT_VALIDITY_TYPE_VALID_UNTIL + CONSENT_VALIDITY_TYPE_SEPARATOR + CONSENT_VALIDITY_TYPE_VALID_UNTIL_INDEFINITE;
    String policyUrl = "NONE";
    Purpose purpose = getDefaultPurpose();
    PurposeCategory purposeCategory = getDefaultPurposeCategory();
    List<PIICategoryValidity> piiCategoryIds = getPiiCategoryValidityForClaims(claimsWithConsent, claimsDeniedConsent, termination);
    List<ReceiptServiceInput> serviceInputs = new ArrayList<>();
    List<ReceiptPurposeInput> purposeInputs = new ArrayList<>();
    List<Integer> purposeCategoryIds = new ArrayList<>();
    Map<String, String> properties = new HashMap<>();
    purposeCategoryIds.add(purposeCategory.getId());
    ReceiptPurposeInput purposeInput = getReceiptPurposeInput(consentType, termination, purpose, piiCategoryIds, purposeCategoryIds);
    purposeInputs.add(purposeInput);
    ReceiptServiceInput serviceInput = getReceiptServiceInput(serviceProvider, spTenantDomain, purposeInputs);
    serviceInputs.add(serviceInput);
    return getReceiptInput(subject, collectionMethod, jurisdiction, language, policyUrl, serviceInputs, properties);
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) ConsentPurpose(org.wso2.carbon.consent.mgt.core.model.ConsentPurpose) Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity) PurposeCategory(org.wso2.carbon.consent.mgt.core.model.PurposeCategory)

Example 8 with ReceiptServiceInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput in project carbon-identity-framework by wso2.

the class JITProvisioningPostAuthenticationHandler method getReceiptServiceInputs.

/**
 * To build ReceiptServices from the incoming receipt.
 *
 * @param receipt Relevant incoming receipt send from the client side.
 * @return Set of the receipt services.
 */
private List<ReceiptServiceInput> getReceiptServiceInputs(JSONObject receipt) {
    JSONArray services = receipt.getJSONArray(FrameworkConstants.Consent.SERVICES);
    List<ReceiptServiceInput> receiptServiceInputs = new ArrayList<>();
    for (int serviceIndex = 0; serviceIndex < services.length(); serviceIndex++) {
        JSONObject service = services.getJSONObject(serviceIndex);
        ReceiptServiceInput receiptServiceInput = new ReceiptServiceInput();
        JSONArray purposes = service.getJSONArray(FrameworkConstants.Consent.PURPOSES);
        List<ReceiptPurposeInput> receiptPurposeInputs = new ArrayList<>();
        for (int purposeIndex = 0; purposeIndex < purposes.length(); purposeIndex++) {
            receiptPurposeInputs.add(getReceiptPurposeInputs((JSONObject) purposes.get(purposeIndex)));
        }
        receiptServiceInput.setPurposes(receiptPurposeInputs);
        receiptServiceInputs.add(receiptServiceInput);
    }
    return receiptServiceInputs;
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) JSONObject(org.json.JSONObject) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) JSONArray(org.json.JSONArray) ArrayList(java.util.ArrayList)

Example 9 with ReceiptServiceInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput in project carbon-identity-framework by wso2.

the class SSOConsentServiceImpl method getReceiptInput.

private ReceiptInput getReceiptInput(String subject, String collectionMethod, String jurisdiction, String language, String policyUrl, List<ReceiptServiceInput> serviceInputs, Map<String, String> properties) {
    ReceiptInput receiptInput = new ReceiptInput();
    receiptInput.setCollectionMethod(collectionMethod);
    receiptInput.setJurisdiction(jurisdiction);
    receiptInput.setLanguage(language);
    receiptInput.setPolicyUrl(policyUrl);
    receiptInput.setServices(serviceInputs);
    receiptInput.setProperties(properties);
    receiptInput.setPiiPrincipalId(subject);
    return receiptInput;
}
Also used : ReceiptInput(org.wso2.carbon.consent.mgt.core.model.ReceiptInput)

Example 10 with ReceiptServiceInput

use of org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput in project carbon-identity-framework by wso2.

the class ConsentUtilityService method validateReceiptPIIs.

/**
 * Validate a given receipt with with respective purposes.
 *
 * @param receiptInput User given receipt.
 * @param purposes     Configured purposes.
 * @throws ConsentUtilityServiceException ConsentUtilityServiceException.
 */
public void validateReceiptPIIs(ReceiptInput receiptInput, List<Purpose> purposes) throws ConsentUtilityServiceException {
    if (purposes == null || receiptInput == null) {
        throw new IllegalArgumentException("Receipt Input and purposes should not be null");
    }
    if (log.isDebugEnabled()) {
        log.debug("Validating receipt against purposes.");
    }
    List<ReceiptServiceInput> services = receiptInput.getServices();
    for (Purpose purpose : purposes) {
        purpose = fillPurpose(purpose);
        boolean purposeConsented = false;
        Set<Integer> mandatoryPIIs = getMandatoryPIIs(purpose);
        if (log.isDebugEnabled()) {
            log.debug("Mandatory PIIs for purpose : " + purpose.getName() + " : " + Arrays.toString(mandatoryPIIs.toArray()));
        }
        for (ReceiptServiceInput service : services) {
            List<ReceiptPurposeInput> consentPurposes = service.getPurposes();
            for (ReceiptPurposeInput consentPurpose : consentPurposes) {
                if (Objects.equals(consentPurpose.getPurposeId(), purpose.getId())) {
                    purposeConsented = true;
                    List<PIICategoryValidity> pIICategories = consentPurpose.getPiiCategory();
                    Set<Integer> consentedPIIs = getPIIs(pIICategories);
                    if (log.isDebugEnabled()) {
                        log.debug("Consented PIIs: " + Arrays.toString(consentedPIIs.toArray()));
                    }
                    if (!consentedPIIs.containsAll(mandatoryPIIs)) {
                        throw new ConsentUtilityServiceException("One or more mandatory attributes are missing in" + " the given receipt");
                    }
                }
            }
            if (!purposeConsented && !mandatoryPIIs.isEmpty()) {
                throw new ConsentUtilityServiceException("Consent receipt does not contain consent for " + "purpose " + purpose.getName() + " with ID: " + purpose.getId() + ", which has " + "mandatory PIIs");
            }
        }
    }
}
Also used : ReceiptServiceInput(org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput) ConsentUtilityServiceException(org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException) ReceiptPurposeInput(org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput) Purpose(org.wso2.carbon.consent.mgt.core.model.Purpose) PIICategoryValidity(org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)

Aggregations

ReceiptServiceInput (org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput)7 ReceiptPurposeInput (org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput)4 PIICategoryValidity (org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity)3 ArrayList (java.util.ArrayList)2 ConsentManager (org.wso2.carbon.consent.mgt.core.ConsentManager)2 ConsentManagementException (org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)2 Purpose (org.wso2.carbon.consent.mgt.core.model.Purpose)2 ReceiptInput (org.wso2.carbon.consent.mgt.core.model.ReceiptInput)2 PostAuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException)2 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)2 ConsentUtilityServiceException (org.wso2.carbon.identity.consent.mgt.exceptions.ConsentUtilityServiceException)2 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)2 IdentityProviderManager (org.wso2.carbon.idp.mgt.IdentityProviderManager)2 Gson (com.google.gson.Gson)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 JSONArray (org.json.JSONArray)1 JSONObject (org.json.JSONObject)1 ConsentPurpose (org.wso2.carbon.consent.mgt.core.model.ConsentPurpose)1 PurposeCategory (org.wso2.carbon.consent.mgt.core.model.PurposeCategory)1