use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class DefaultRequestPathBasedSequenceHandlerTest method testHandleAuthSuccess.
/*
Request path authenticator can handle the request successfully and authentication succeeds
*/
@Test
public void testHandleAuthSuccess() throws Exception {
// mock the behaviour of the request path authenticator
when(requestPathAuthenticator.canHandle(any(HttpServletRequest.class))).thenReturn(true);
doReturn(AuthenticatorFlowStatus.SUCCESS_COMPLETED).when(requestPathAuthenticator).process(any(HttpServletRequest.class), any(HttpServletResponse.class), any(AuthenticationContext.class));
String subjectIdentifier = "H2/alice@t1.com";
AuthenticatedUser authenticatedUser = new AuthenticatedUser();
authenticatedUser.setAuthenticatedSubjectIdentifier(subjectIdentifier);
authenticatedUser.setFederatedUser(false);
context.setSubject(authenticatedUser);
mockStatic(FrameworkUtils.class);
when(FrameworkUtils.getMultiAttributeSeparator()).thenReturn(",");
requestPathBasedSequenceHandler = spy(new DefaultRequestPathBasedSequenceHandler());
// mock triggering post authentication
doNothing().when(requestPathBasedSequenceHandler).handlePostAuthentication(any(HttpServletRequest.class), any(HttpServletResponse.class), any(AuthenticationContext.class), any(AuthenticatedIdPData.class));
requestPathBasedSequenceHandler.handle(request, response, context);
assertEquals(context.getSequenceConfig().isCompleted(), true);
assertNotNull(context.getCurrentAuthenticatedIdPs());
assertEquals(context.getCurrentAuthenticatedIdPs().size(), 1);
AuthenticatedIdPData authenticatedIdPData = context.getCurrentAuthenticatedIdPs().get(FrameworkConstants.LOCAL_IDP_NAME);
assertNotNull(authenticatedIdPData);
assertEquals(authenticatedIdPData.getIdpName(), FrameworkConstants.LOCAL_IDP_NAME);
assertNotNull(authenticatedIdPData.getUser());
assertEquals(authenticatedIdPData.getUser().getAuthenticatedSubjectIdentifier(), subjectIdentifier);
assertEquals(authenticatedIdPData.getAuthenticator(), authenticatorConfig);
}
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getIdPByAuthenticatorPropertyValue.
/**
* @param dbConnection
* @param property Property which has a unique value like EntityID to specifically identify a IdentityProvider
* Unless it will return first matched IdentityProvider
* @param value
* @param tenantId
* @param tenantDomain
* @return
* @throws IdentityProviderManagementException
*/
public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
PreparedStatement prepStmt = null;
ResultSet rs = null;
IdentityProvider federatedIdp = null;
boolean dbConnectionInitialized = true;
if (dbConnection == null) {
dbConnection = IdentityDatabaseUtil.getDBConnection(false);
} else {
dbConnectionInitialized = false;
}
try {
// SP_IDP_ID, SP_IDP_NAME, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID,SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,
// SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_AUTHENTICATOR_PROPERTY;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, property);
prepStmt.setString(2, value);
prepStmt.setInt(3, tenantId);
rs = prepStmt.executeQuery();
int idpId = -1;
String idPName = "";
if (rs.next()) {
federatedIdp = new IdentityProvider();
idpId = rs.getInt("ID");
idPName = rs.getString("NAME");
federatedIdp.setIdentityProviderName(idPName);
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_PRIMARY"))) {
federatedIdp.setPrimary(true);
} else {
federatedIdp.setPrimary(false);
}
federatedIdp.setHomeRealmId(rs.getString("HOME_REALM_ID"));
federatedIdp.setCertificate(getBlobValue(rs.getBinaryStream("CERTIFICATE")));
federatedIdp.setAlias(rs.getString("ALIAS"));
JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("INBOUND_PROV_ENABLED"))) {
jitProConfig.setProvisioningEnabled(true);
} else {
jitProConfig.setProvisioningEnabled(false);
}
jitProConfig.setProvisioningUserStore(rs.getString("INBOUND_PROV_USER_STORE_ID"));
federatedIdp.setJustInTimeProvisioningConfig(jitProConfig);
String userClaimUri = rs.getString("USER_CLAIM_URI");
String roleClaimUri = rs.getString("ROLE_CLAIM_URI");
String defaultAuthenticatorName = rs.getString("DEFAULT_AUTHENTICATOR_NAME");
String defaultProvisioningConnectorConfigName = rs.getString("DEFAULT_PRO_CONNECTOR_NAME");
federatedIdp.setIdentityProviderDescription(rs.getString("DESCRIPTION"));
// IS_FEDERATION_HUB_IDP
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_FEDERATION_HUB"))) {
federatedIdp.setFederationHub(true);
} else {
federatedIdp.setFederationHub(false);
}
if (federatedIdp.getClaimConfig() == null) {
federatedIdp.setClaimConfig(new ClaimConfig());
}
// IS_LOCAL_CLAIM_DIALECT
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_LOCAL_CLAIM_DIALECT"))) {
federatedIdp.getClaimConfig().setLocalClaimDialect(true);
} else {
federatedIdp.getClaimConfig().setLocalClaimDialect(false);
}
federatedIdp.setProvisioningRole(rs.getString("PROVISIONING_ROLE"));
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_ENABLED"))) {
federatedIdp.setEnable(true);
} else {
federatedIdp.setEnable(false);
}
federatedIdp.setDisplayName(rs.getString("DISPLAY_NAME"));
if (defaultAuthenticatorName != null) {
FederatedAuthenticatorConfig defaultAuthenticator = new FederatedAuthenticatorConfig();
defaultAuthenticator.setName(defaultAuthenticatorName);
federatedIdp.setDefaultAuthenticatorConfig(defaultAuthenticator);
}
if (defaultProvisioningConnectorConfigName != null) {
ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
defaultProConnector.setName(defaultProvisioningConnectorConfigName);
federatedIdp.setDefaultProvisioningConnectorConfig(defaultProConnector);
}
// get federated authenticators.
federatedIdp.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, federatedIdp, tenantId));
if (federatedIdp.getClaimConfig().isLocalClaimDialect()) {
federatedIdp.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
} else {
// get claim configuration.
federatedIdp.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
}
// get provisioning connectors.
federatedIdp.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
// get permission and role configuration.
federatedIdp.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
List<IdentityProviderProperty> propertyList = filterIdenityProperties(federatedIdp, getIdentityPropertiesByIdpId(dbConnection, Integer.parseInt(rs.getString("ID"))));
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
propertyList = resolveConnectorProperties(propertyList, tenantDomain);
}
federatedIdp.setIdpProperties(propertyList.toArray(new IdentityProviderProperty[0]));
}
return federatedIdp;
} catch (SQLException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving Identity Provider " + "information for Authenticator Property : " + property + " and value : " + value, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving the identity connector " + "configurations.", e);
} finally {
if (dbConnectionInitialized) {
IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
} else {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
}
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class IdentityProviderManager method getIdPByAuthenticatorPropertyValue.
/**
* @param property IDP authenticator property (E.g.: IdPEntityId)
* @param value Value associated with given Property
* @param tenantDomain
* @param authenticator
* @return <code>IdentityProvider</code> Identity Provider information
* @throws IdentityProviderManagementException Error when getting Identity Provider
* information by authenticator property value
*/
public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, String value, String tenantDomain, String authenticator, boolean ignoreFileBasedIdps) throws IdentityProviderManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
if (StringUtils.isEmpty(property) || StringUtils.isEmpty(value) || StringUtils.isEmpty(authenticator)) {
String msg = "Invalid argument: Authenticator property, property value or authenticator name is empty";
throw new IdentityProviderManagementException(msg);
}
IdentityProvider identityProvider = dao.getIdPByAuthenticatorPropertyValue(null, property, value, authenticator, tenantId, tenantDomain);
if (identityProvider == null && !ignoreFileBasedIdps) {
identityProvider = new FileBasedIdPMgtDAO().getIdPByAuthenticatorPropertyValue(property, value, tenantDomain, authenticator);
}
return identityProvider;
}
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getAuthenticatorIdentifier.
private int getAuthenticatorIdentifier(Connection dbConnection, int idPId, String authnType) throws SQLException, IdentityProviderManagementException {
String sqlStmt = null;
PreparedStatement prepStmt = null;
ResultSet rs = null;
try {
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_AUTH_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, idPId);
prepStmt.setString(2, authnType);
rs = prepStmt.executeQuery();
if (rs.next()) {
return rs.getInt("ID");
} else {
throw new IdentityProviderManagementException("Cannot find authenticator : " + authnType);
}
} finally {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class IdPManagementDAO method updateIdPWithResourceId.
/**
* @param resourceId
* @param newIdentityProvider
* @param currentIdentityProvider
* @param tenantId
* @throws IdentityProviderManagementException
*/
public void updateIdPWithResourceId(String resourceId, IdentityProvider newIdentityProvider, IdentityProvider currentIdentityProvider, int tenantId) throws IdentityProviderManagementException {
if (StringUtils.isBlank(resourceId)) {
resourceId = currentIdentityProvider.getResourceId();
}
Connection dbConnection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement prepStmt1 = null;
PreparedStatement prepStmt2 = null;
ResultSet rs = null;
try {
int idPId = getIdentityProviderIdByName(dbConnection, currentIdentityProvider.getIdentityProviderName(), tenantId);
if (idPId <= 0) {
String msg = "Trying to update non-existent Identity Provider for tenant " + tenantId;
throw new IdentityProviderManagementException(msg);
}
// SP_IDP_NAME=?, SP_IDP_PRIMARY=?,SP_IDP_HOME_REALM_ID=?, SP_IDP_CERTIFICATE=?,
// SP_IDP_TOKEN_EP_ALIAS=?,
// SP_IDP_INBOUND_PROVISIONING_ENABLED=?,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID=?,
// SP_IDP_USER_CLAIM_URI=?,
// SP_IDP_ROLE_CLAIM_URI=?,SP_IDP_DEFAULT_AUTHENTICATOR_NAME=?,SP_IDP_DEFAULT_PRO_CONNECTOR_NAME=?
String sqlStmt = IdPManagementConstants.SQLQueries.UPDATE_IDP_BY_RESOURCE_ID_SQL;
if (StringUtils.isBlank(resourceId)) {
sqlStmt = IdPManagementConstants.SQLQueries.UPDATE_IDP_SQL;
}
prepStmt1 = dbConnection.prepareStatement(sqlStmt);
prepStmt1.setString(1, newIdentityProvider.getIdentityProviderName());
if (newIdentityProvider.isPrimary()) {
prepStmt1.setString(2, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt1.setString(2, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt1.setString(3, newIdentityProvider.getHomeRealmId());
if (ArrayUtils.isNotEmpty(newIdentityProvider.getCertificateInfoArray())) {
try {
IdentityApplicationManagementUtil.getCertDataArray(newIdentityProvider.getCertificateInfoArray());
} catch (CertificateException ex) {
throw new IdentityProviderManagementClientException("Malformed Public Certificate file has been " + "provided.", ex);
}
}
JSONArray certificateInfoJsonArray = new JSONArray(newIdentityProvider.getCertificateInfoArray());
setBlobValue(certificateInfoJsonArray.toString(), prepStmt1, 4);
prepStmt1.setString(5, newIdentityProvider.getAlias());
if (newIdentityProvider.getJustInTimeProvisioningConfig() != null && newIdentityProvider.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
prepStmt1.setString(6, IdPManagementConstants.IS_TRUE_VALUE);
prepStmt1.setString(7, newIdentityProvider.getJustInTimeProvisioningConfig().getProvisioningUserStore());
} else {
prepStmt1.setString(6, IdPManagementConstants.IS_FALSE_VALUE);
prepStmt1.setString(7, null);
}
if (newIdentityProvider.getClaimConfig() != null) {
prepStmt1.setString(8, newIdentityProvider.getClaimConfig().getUserClaimURI());
prepStmt1.setString(9, newIdentityProvider.getClaimConfig().getRoleClaimURI());
} else {
prepStmt1.setString(8, null);
prepStmt1.setString(9, null);
}
// update the default authenticator
if (newIdentityProvider.getDefaultAuthenticatorConfig() != null && newIdentityProvider.getDefaultAuthenticatorConfig().getName() != null) {
prepStmt1.setString(10, newIdentityProvider.getDefaultAuthenticatorConfig().getName());
} else {
// its not a must to have a default authenticator.
prepStmt1.setString(10, null);
}
// update the default provisioning connector.
if (newIdentityProvider.getDefaultProvisioningConnectorConfig() != null && newIdentityProvider.getDefaultProvisioningConnectorConfig().getName() != null) {
prepStmt1.setString(11, newIdentityProvider.getDefaultProvisioningConnectorConfig().getName());
} else {
// its not a must to have a default provisioning connector..
prepStmt1.setString(11, null);
}
prepStmt1.setString(12, newIdentityProvider.getIdentityProviderDescription());
if (newIdentityProvider.isFederationHub()) {
prepStmt1.setString(13, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt1.setString(13, IdPManagementConstants.IS_FALSE_VALUE);
}
if (newIdentityProvider.getClaimConfig() != null && newIdentityProvider.getClaimConfig().isLocalClaimDialect()) {
prepStmt1.setString(14, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt1.setString(14, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt1.setString(15, newIdentityProvider.getProvisioningRole());
if (newIdentityProvider.isEnable()) {
prepStmt1.setString(16, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt1.setString(16, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt1.setString(17, newIdentityProvider.getDisplayName());
if (StringUtils.isBlank(resourceId)) {
prepStmt1.setInt(18, tenantId);
prepStmt1.setString(19, currentIdentityProvider.getIdentityProviderName());
} else {
prepStmt1.setString(18, newIdentityProvider.getImageUrl());
prepStmt1.setString(19, resourceId);
}
prepStmt1.executeUpdate();
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_RESOURCE_ID_SQL;
if (StringUtils.isBlank(resourceId)) {
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_NAME_SQL;
}
prepStmt2 = dbConnection.prepareStatement(sqlStmt);
prepStmt2.setInt(1, tenantId);
prepStmt2.setInt(2, MultitenantConstants.SUPER_TENANT_ID);
if (StringUtils.isBlank(resourceId)) {
prepStmt2.setString(3, newIdentityProvider.getIdentityProviderName());
} else {
prepStmt2.setString(3, resourceId);
}
rs = prepStmt2.executeQuery();
if (rs.next()) {
// id of the updated identity provider.
int idpId = rs.getInt("ID");
boolean isResidentIdP = IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(newIdentityProvider.getIdentityProviderName());
// update federated authenticators.
updateFederatedAuthenticatorConfigs(newIdentityProvider.getFederatedAuthenticatorConfigs(), currentIdentityProvider.getFederatedAuthenticatorConfigs(), dbConnection, idpId, tenantId, isResidentIdP);
// update claim configuration.
updateClaimConfiguration(dbConnection, idpId, tenantId, newIdentityProvider.getClaimConfig());
// update role configuration.
updateRoleConfiguration(dbConnection, idpId, tenantId, newIdentityProvider.getPermissionAndRoleConfig());
// // update provisioning connectors.
updateProvisioningConnectorConfigs(newIdentityProvider.getProvisioningConnectorConfigs(), dbConnection, idpId, tenantId);
IdentityProviderProperty[] idpProperties = newIdentityProvider.getIdpProperties();
if (isResidentIdP) {
idpProperties = filterConnectorProperties(idpProperties, IdentityTenantUtil.getTenantDomain(tenantId)).toArray(new IdentityProviderProperty[0]);
}
List<IdentityProviderProperty> identityProviderProperties = getCombinedProperties(newIdentityProvider.getJustInTimeProvisioningConfig(), idpProperties);
updateIdentityProviderProperties(dbConnection, idpId, identityProviderProperties, tenantId);
}
IdentityDatabaseUtil.commitTransaction(dbConnection);
} catch (IOException e) {
throw new IdentityProviderManagementException("An error occurred while processing content stream.", e);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while updating Identity Provider " + "information for tenant " + tenantId, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("An error occurred while filtering IDP properties.", e);
} finally {
IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt1);
IdentityDatabaseUtil.closeStatement(prepStmt2);
}
}
Aggregations