Example 91 with Authenticator
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class CacheBackedIdPMgtDAO method getIdPByAuthenticatorPropertyValue.
/**
* @param dbConnection
* @param property
* @param value
* @param tenantId
* @param tenantDomain
* @return
* @throws IdentityProviderManagementException
*/
public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
IdPAuthPropertyCacheKey cacheKey = new IdPAuthPropertyCacheKey(property, value);
IdPCacheEntry entry = idPCacheByAuthProperty.getValueFromCache(cacheKey, tenantDomain);
if (entry != null) {
log.debug("Cache entry found for Identity Provider with authenticator property " + property + " and with value " + value);
IdentityProvider identityProvider = entry.getIdentityProvider();
return identityProvider;
} else {
log.debug("Cache entry not found for Identity Provider with authenticator property " + property + " and with value " + value + ". Fetching entry from DB");
}
IdentityProvider identityProvider = idPMgtDAO.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, tenantId, tenantDomain);
if (identityProvider != null) {
log.debug("Entry fetched from DB for Identity Provider with authenticator property " + property + " and with value " + value + ". Updating cache");
IdPNameCacheKey idPNameCacheKey = new IdPNameCacheKey(identityProvider.getIdentityProviderName());
idPCacheByName.addToCache(idPNameCacheKey, new IdPCacheEntry(identityProvider), tenantDomain);
if (identityProvider.getHomeRealmId() != null) {
IdPHomeRealmIdCacheKey homeRealmIdCacheKey = new IdPHomeRealmIdCacheKey(identityProvider.getHomeRealmId());
idPCacheByHRI.addToCache(homeRealmIdCacheKey, new IdPCacheEntry(identityProvider), tenantDomain);
}
} else {
log.debug("Entry for Identity Provider with authenticator property " + property + " and with value " + value + " not found in cache or DB");
}
return identityProvider;
}
Also used :
IdPCacheEntry(org.wso2.carbon.idp.mgt.cache.IdPCacheEntry)
IdPHomeRealmIdCacheKey(org.wso2.carbon.idp.mgt.cache.IdPHomeRealmIdCacheKey)
IdPAuthPropertyCacheKey(org.wso2.carbon.idp.mgt.cache.IdPAuthPropertyCacheKey)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IdPNameCacheKey(org.wso2.carbon.idp.mgt.cache.IdPNameCacheKey)
Example 92 with Authenticator
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class ApplicationIdentityProviderMgtListener method updateApplicationWithMultiStepFederatedAuthenticator.
/**
* Check whether the selected authenticator in multi step authentication,
* is enabled in the updated identity provider.
*
* @param identityProvider
* @param authSteps
* @throws IdentityProviderManagementException
*/
private void updateApplicationWithMultiStepFederatedAuthenticator(IdentityProvider identityProvider, AuthenticationStep[] authSteps) throws IdentityProviderManagementException {
FederatedAuthenticatorConfig[] idpFederatedConfig = identityProvider.getFederatedAuthenticatorConfigs();
for (AuthenticationStep authStep : authSteps) {
IdentityProvider[] federatedIdentityProviders = authStep.getFederatedIdentityProviders();
for (IdentityProvider federatedIdp : federatedIdentityProviders) {
if (StringUtils.equals(federatedIdp.getIdentityProviderName(), identityProvider.getIdentityProviderName())) {
FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = federatedIdp.getFederatedAuthenticatorConfigs();
String federatedConfigOption = federatedAuthenticatorConfigs[0].getName();
for (FederatedAuthenticatorConfig config : idpFederatedConfig) {
if (StringUtils.equals(config.getName(), federatedConfigOption) && !config.isEnabled()) {
throw new IdentityProviderManagementException(config.getName() + " is referred by service providers.");
}
}
}
}
}
}
Also used :
FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)
AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 93 with Authenticator
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class ApplicationIdentityProviderMgtListener method doPreUpdateIdP.
@Override
public boolean doPreUpdateIdP(String oldIdPName, IdentityProvider identityProvider, String tenantDomain) throws IdentityProviderManagementException {
try {
IdentityServiceProviderCache.getInstance().clear(tenantDomain);
IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
ConnectedAppsResult connectedApplications;
String idpId = identityProviderManager.getIdPByName(oldIdPName, tenantDomain).getResourceId();
if (identityProvider.getResourceId() == null && idpId != null) {
identityProvider.setResourceId(idpId);
}
int offset = 0;
do {
connectedApplications = identityProviderManager.getConnectedApplications(idpId, null, offset, tenantDomain);
List<ServiceProvider> serviceProvidersList = new ArrayList<>();
for (String appResourceId : connectedApplications.getApps()) {
ServiceProvider serviceProvider = ApplicationMgtSystemConfig.getInstance().getApplicationDAO().getApplicationByResourceId(appResourceId, tenantDomain);
serviceProvidersList.add(serviceProvider);
}
for (ServiceProvider serviceProvider : serviceProvidersList) {
LocalAndOutboundAuthenticationConfig localAndOutboundAuthConfig = serviceProvider.getLocalAndOutBoundAuthenticationConfig();
AuthenticationStep[] authSteps = localAndOutboundAuthConfig.getAuthenticationSteps();
OutboundProvisioningConfig outboundProvisioningConfig = serviceProvider.getOutboundProvisioningConfig();
IdentityProvider[] provisioningIdps = outboundProvisioningConfig.getProvisioningIdentityProviders();
// Check whether the identity provider is referred in a service provider
validateIdpDisable(identityProvider, authSteps, provisioningIdps);
// Validating Applications with Federated Authenticators configured.
updateApplicationWithFederatedAuthenticators(identityProvider, tenantDomain, serviceProvider, localAndOutboundAuthConfig, authSteps);
// Validating Applications with Outbound Provisioning Connectors configured.
updateApplicationWithProvisioningConnectors(identityProvider, provisioningIdps);
// Clear application caches if IDP name is updated.
if (!StringUtils.equals(oldIdPName, identityProvider.getIdentityProviderName())) {
CacheBackedApplicationDAO.clearAllAppCache(serviceProvider, tenantDomain);
}
}
offset = connectedApplications.getOffSet() + connectedApplications.getLimit();
} while (connectedApplications.getTotalAppCount() > offset);
} catch (IdentityApplicationManagementException e) {
throw new IdentityProviderManagementException("Error when updating default authenticator of service providers", e);
}
return true;
}
Also used :
ConnectedAppsResult(org.wso2.carbon.idp.mgt.model.ConnectedAppsResult)
IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)
ArrayList(java.util.ArrayList)
AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig)
LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
IdentityProviderManager(org.wso2.carbon.idp.mgt.IdentityProviderManager)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 94 with Authenticator
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class ApplicationMgtAuditLogger method buildData.
private String buildData(ServiceProvider serviceProvider) {
if (serviceProvider == null) {
return StringUtils.EMPTY;
}
StringBuilder data = new StringBuilder();
data.append("Name:").append(serviceProvider.getApplicationName()).append(", ");
data.append("Description:").append(serviceProvider.getDescription()).append(", ");
data.append("Resource ID:").append(serviceProvider.getApplicationResourceId()).append(", ");
data.append("Access URL:").append(serviceProvider.getAccessUrl()).append(", ");
data.append("Is Discoverable:").append(serviceProvider.isDiscoverable()).append(", ");
data.append("Is SaaS:").append(serviceProvider.isSaasApp()).append(", ");
if (serviceProvider.getInboundAuthenticationConfig() != null && ArrayUtils.isNotEmpty(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs())) {
InboundAuthenticationRequestConfig[] requestConfigs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
data.append("Inbound Authentication Configs:").append("[");
for (InboundAuthenticationRequestConfig requestConfig : requestConfigs) {
data.append("{");
data.append("Auth Key:").append(requestConfig.getInboundAuthKey()).append(", ");
data.append("Auth Type:").append(requestConfig.getInboundAuthType()).append(", ");
data.append("Config Type:").append(requestConfig.getInboundConfigType()).append(", ");
data.append("Inbound configuration:").append(requestConfig.getInboundConfiguration());
Property[] properties = requestConfig.getProperties();
if (ArrayUtils.isNotEmpty(properties)) {
data.append("Properties:").append("[");
String joiner = "";
for (Property property : properties) {
data.append(joiner);
joiner = ", ";
data.append("{");
data.append(property.getName()).append(":");
data.append(property.getValue());
data.append("}");
}
data.append("]");
}
data.append("}");
}
data.append("]");
}
if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() != null) {
data.append(", Local and Outbound Configuration:{");
data.append("Auth Type:").append(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType());
AuthenticationStep[] authSteps = serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationSteps();
if (ArrayUtils.isNotEmpty(authSteps)) {
data.append(", Authentication Steps:[");
for (AuthenticationStep authStep : authSteps) {
data.append("{");
data.append("Step Order:").append(authStep.getStepOrder()).append(", ");
LocalAuthenticatorConfig[] localConfigs = authStep.getLocalAuthenticatorConfigs();
if (ArrayUtils.isNotEmpty(localConfigs)) {
data.append(", Local Authenticators:[");
String joiner = "";
for (LocalAuthenticatorConfig localConfig : localConfigs) {
data.append(joiner);
joiner = ", ";
data.append(localConfig.getName());
}
data.append("]");
}
IdentityProvider[] fedIDPs = authStep.getFederatedIdentityProviders();
if (ArrayUtils.isNotEmpty(fedIDPs)) {
data.append("Federated Authenticators:[");
String joiner = "";
for (IdentityProvider provider : fedIDPs) {
data.append(joiner);
joiner = ", ";
data.append("{IDP:").append(provider.getIdentityProviderName()).append(",");
if (provider.getDefaultAuthenticatorConfig() != null) {
data.append("Authenticator:").append(provider.getDefaultAuthenticatorConfig().getName()).append("}");
}
}
data.append("]");
}
data.append("}");
}
data.append("]");
}
data.append("}");
}
if (serviceProvider.getClaimConfig() != null) {
data.append(", Claim Configuration:{");
ClaimConfig claimConfig = serviceProvider.getClaimConfig();
data.append("User Claim URI:").append(claimConfig.getUserClaimURI()).append(", ");
data.append("Role Claim URI:").append(claimConfig.getRoleClaimURI());
ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
if (ArrayUtils.isNotEmpty(claimMappings)) {
data.append(", Claim Mappings: [");
String joiner = "";
for (ClaimMapping mapping : claimMappings) {
data.append("{");
data.append(joiner);
joiner = ", ";
if (mapping.getLocalClaim() != null && StringUtils.isNotBlank(mapping.getLocalClaim().getClaimUri())) {
data.append("Local Claim:").append(mapping.getLocalClaim().getClaimUri());
}
if (mapping.getRemoteClaim() != null && StringUtils.isNotBlank(mapping.getLocalClaim().getClaimUri())) {
data.append(", ").append("Remote Claim:").append(mapping.getRemoteClaim().getClaimUri());
}
data.append("}");
}
data.append("]");
}
data.append("}");
}
if (serviceProvider.getPermissionAndRoleConfig() != null) {
RoleMapping[] roleMappings = serviceProvider.getPermissionAndRoleConfig().getRoleMappings();
if (ArrayUtils.isNotEmpty(roleMappings)) {
data.append(", Role Mappings:[");
for (RoleMapping mapping : roleMappings) {
data.append("{");
if (mapping.getLocalRole() != null && StringUtils.isNotBlank(mapping.getLocalRole().getLocalRoleName())) {
data.append("Local Role:").append(mapping.getLocalRole().getLocalRoleName());
}
if (StringUtils.isNotBlank(mapping.getRemoteRole())) {
data.append(", Remote Role:").append(mapping.getRemoteRole());
}
data.append("}");
}
data.append("]");
}
}
if (serviceProvider.getInboundProvisioningConfig() != null) {
data.append(", Inbound Provisioning Configuration:{");
data.append("Provisioning Userstore:").append(serviceProvider.getInboundProvisioningConfig().getProvisioningUserStore()).append(", ");
data.append("Is Dumb Mode:").append(serviceProvider.getInboundProvisioningConfig().isDumbMode());
data.append("}");
}
if (serviceProvider.getOutboundProvisioningConfig() != null) {
data.append(", Outbound Provisioning Configuration:{");
String[] provisionRoles = serviceProvider.getOutboundProvisioningConfig().getProvisionByRoleList();
if (ArrayUtils.isNotEmpty(provisionRoles)) {
data.append("Provisioning Roles:[");
String joiner = "";
for (String role : provisionRoles) {
data.append(joiner);
joiner = ", ";
data.append(role);
}
data.append("]");
}
IdentityProvider[] provisionIdPs = serviceProvider.getOutboundProvisioningConfig().getProvisioningIdentityProviders();
if (ArrayUtils.isNotEmpty(provisionIdPs)) {
data.append("Provisioning IDPs:[");
String joiner = "";
for (IdentityProvider provider : provisionIdPs) {
data.append(joiner);
joiner = ", ";
data.append(provider.getIdentityProviderName());
}
data.append("]");
}
data.append("}");
}
if (ArrayUtils.isNotEmpty(serviceProvider.getSpProperties())) {
data.append(", Service Provider Properties:[");
ServiceProviderProperty[] spProperties = serviceProvider.getSpProperties();
String joiner = "";
for (ServiceProviderProperty spProperty : spProperties) {
data.append(joiner);
joiner = ", ";
data.append("{").append(spProperty.getName()).append(":").append(spProperty.getValue()).append("}");
}
data.append("]");
}
return data.toString();
}
Also used :
LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)
AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep)
InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)
Property(org.wso2.carbon.identity.application.common.model.Property)
ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)
Example 95 with Authenticator
use of org.wso2.carbon.identity.api.server.authenticators.v1.model.Authenticator in project carbon-identity-framework by wso2.
the class DefaultApplicationValidator method validateRequestPathAuthenticationConfig.
/**
* Validate request path authenticator related configurations and append to the validation msg list.
*
* @param validationMsg validation error messages
* @param requestPathAuthenticatorConfigs request path authentication config
* @param tenantDomain tenant domain
* @throws IdentityApplicationManagementException Identity Application Management Exception when unable to get the
* authenticator params
*/
private void validateRequestPathAuthenticationConfig(List<String> validationMsg, RequestPathAuthenticatorConfig[] requestPathAuthenticatorConfigs, String tenantDomain) throws IdentityApplicationManagementException {
ApplicationManagementService applicationMgtService = ApplicationManagementService.getInstance();
Map<String, Property[]> allRequestPathAuthenticators = Arrays.stream(applicationMgtService.getAllRequestPathAuthenticators(tenantDomain)).collect(Collectors.toMap(RequestPathAuthenticatorConfig::getName, RequestPathAuthenticatorConfig::getProperties));
if (requestPathAuthenticatorConfigs != null) {
for (RequestPathAuthenticatorConfig config : requestPathAuthenticatorConfigs) {
if (!allRequestPathAuthenticators.containsKey(config.getName())) {
validationMsg.add(String.format(AUTHENTICATOR_NOT_AVAILABLE, config.getName()));
}
}
}
}
Also used :
RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig)
ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService)
Aggregations
FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)27
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)25
Test (org.testng.annotations.Test)23
IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)23
ArrayList (java.util.ArrayList)22
HashMap (java.util.HashMap)22
AuthenticatorConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig)22
ApplicationAuthenticator (org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator)19
StepConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig)19
SequenceConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig)16
FrameworkException (org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException)15
LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)15
ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)15
IOException (java.io.IOException)12
Map (java.util.Map)12
FederatedApplicationAuthenticator (org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator)12
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)11
RequestPathAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig)11
Property (org.wso2.carbon.identity.application.common.model.Property)10
HttpResponse (org.apache.http.HttpResponse)8
