use of org.wso2.carbon.identity.api.server.idp.v1.model.Patch in project identity-api-server by wso2.
the class ServerIdpManagementService method processPatchRequest.
/**
* Evaluate the list of patch operations and update the root level attributes of the identity provider accordingly.
*
* @param patchRequest List of patch operations.
* @param idpToUpdate Identity Provider to be updated.
*/
private void processPatchRequest(List<Patch> patchRequest, IdentityProvider idpToUpdate) {
if (CollectionUtils.isEmpty(patchRequest)) {
return;
}
for (Patch patch : patchRequest) {
String path = patch.getPath();
Patch.OperationEnum operation = patch.getOperation();
String value = patch.getValue();
boolean isCertificateUpdateRequest = path.matches(Constants.CERTIFICATE_PATH_REGEX) && path.split(Constants.PATH_SEPERATOR).length == 4;
// 'ADD', 'REPLACE' and 'REMOVE' patch operations supported.
if (operation == Patch.OperationEnum.REPLACE) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray()) && (index >= 0) && (index < idpToUpdate.getCertificateInfoArray().length)) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
if (!value.startsWith(IdentityUtil.PEM_BEGIN_CERTFICATE)) {
try {
value = base64Decode(value);
} catch (IllegalArgumentException e) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_CERTIFICATE_FORMAT, null);
}
}
if (certificates.contains(value)) {
throw handleException(Response.Status.CONFLICT, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as this certificate already exists.");
}
certificates.set(index, value);
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
} else if (ArrayUtils.isEmpty(idpToUpdate.getCertificateInfoArray()) || index >= idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as it does not exist.");
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else {
switch(path) {
case Constants.NAME_PATH:
idpToUpdate.setIdentityProviderName(value);
break;
case Constants.DESCRIPTION_PATH:
idpToUpdate.setIdentityProviderDescription(value);
break;
case Constants.IMAGE_PATH:
idpToUpdate.setImageUrl(value);
break;
case Constants.IS_PRIMARY_PATH:
idpToUpdate.setPrimary(Boolean.parseBoolean(value));
break;
case Constants.IS_ENABLED_PATH:
idpToUpdate.setEnable(Boolean.parseBoolean(value));
break;
case Constants.IS_FEDERATION_HUB_PATH:
idpToUpdate.setFederationHub(Boolean.parseBoolean(value));
break;
case Constants.HOME_REALM_PATH:
idpToUpdate.setHomeRealmId(value);
break;
case Constants.ALIAS_PATH:
idpToUpdate.setAlias(value);
break;
case Constants.IDP_ISSUER_NAME_PATH:
patchIdpProperties(idpToUpdate, Constants.IDP_ISSUER_NAME, value);
break;
case Constants.CERTIFICATE_JWKSURI_PATH:
patchIdpProperties(idpToUpdate, Constants.JWKS_URI, value);
break;
default:
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
}
} else if (operation == Patch.OperationEnum.ADD) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (index != idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Invalid index in 'path' attribute");
}
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray())) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
}
if (!value.startsWith(IdentityUtil.PEM_BEGIN_CERTFICATE)) {
try {
value = base64Decode(value);
} catch (IllegalArgumentException e) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_CERTIFICATE_FORMAT, null);
}
}
if (certificates.contains(value)) {
throw handleException(Response.Status.CONFLICT, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot add certificate as it already exists.");
}
certificates.add(index, value);
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
// Need to remove the JWKS URI property, if it exists, when adding certificates as they are
// alternate options of the property Certificate Type.
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
List<IdentityProviderProperty> idpNewProperties = new ArrayList<>();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
// Add properties to new list omitting the JWKS URI property.
if (!Constants.JWKS_URI.equals(propertyDTO.getName())) {
idpNewProperties.add(propertyDTO);
}
}
idpToUpdate.setIdpProperties(idpNewProperties.toArray(new IdentityProviderProperty[0]));
} else if (Constants.CERTIFICATE_JWKSURI_PATH.equals(path)) {
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
if (Constants.JWKS_URI.equals(propertyDTO.getName())) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot add JWKS URI as it already exists");
}
}
List<IdentityProviderProperty> idpProperties = new ArrayList<>(Arrays.asList(propertyDTOS));
IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
jwksProperty.setName(Constants.JWKS_URI);
jwksProperty.setValue(value);
idpProperties.add(jwksProperty);
idpToUpdate.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
// property Certificate Type.
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray())) {
idpToUpdate.setCertificate(null);
}
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else if (operation == Patch.OperationEnum.REMOVE) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray()) && (index >= 0) && index < idpToUpdate.getCertificateInfoArray().length) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
certificates.remove(index);
} else if (ArrayUtils.isEmpty(idpToUpdate.getCertificateInfoArray()) || index >= idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as it does not exist.");
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Invalid index in 'path' attribute");
}
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
} else if (Constants.CERTIFICATE_JWKSURI_PATH.equals(path)) {
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
List<IdentityProviderProperty> idpNewProperties = new ArrayList<>();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
// Add properties to new list omitting the JWKS URI property.
if (!Constants.JWKS_URI.equals(propertyDTO.getName())) {
idpNewProperties.add(propertyDTO);
}
}
// been available.
if (propertyDTOS.length == idpNewProperties.size()) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot remove JWKS URI as it does not exist.");
}
idpToUpdate.setIdpProperties(idpNewProperties.toArray(new IdentityProviderProperty[0]));
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else {
// Throw an error if any other patch operations are sent in the request.
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
}
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Patch in project identity-api-server by wso2.
the class SecretManagementService method patchSecret.
/**
* To make a partial update or update the specific property of the secret.
*
* @param secretType Secret type name.
* @param name Secret name.
* @param secretPatchRequest Secret's patch details.
* @return Updated secret.
*/
public SecretResponse patchSecret(String secretType, String name, SecretPatchRequest secretPatchRequest) {
Secret secret, responseDTO;
try {
secret = SecretManagementServiceHolder.getSecretConfigManager().getSecret(secretType, name);
if (secret == null) {
throw handleException(Response.Status.NOT_FOUND, SecretManagementConstants.ErrorMessage.ERROR_CODE_SECRET_NOT_FOUND, name);
}
String path = secretPatchRequest.getPath();
SecretPatchRequest.OperationEnum operation = secretPatchRequest.getOperation();
// Only the Replace operation supported with PATCH request.
if (SecretPatchRequest.OperationEnum.REPLACE.equals(operation)) {
if (SecretManagementConstants.VALUE_PATH.equals(path)) {
responseDTO = SecretManagementServiceHolder.getSecretConfigManager().updateSecretValue(secretType, name, secretPatchRequest.getValue());
} else if (SecretManagementConstants.DESCRIPTION_PATH.equals(path)) {
responseDTO = SecretManagementServiceHolder.getSecretConfigManager().updateSecretDescription(secretType, name, secretPatchRequest.getValue());
} else {
throw handleException(Response.Status.BAD_REQUEST, SecretManagementConstants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Path");
}
} else {
// Throw an error if any other patch operations are sent in the request.
throw handleException(Response.Status.BAD_REQUEST, SecretManagementConstants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Operation");
}
} catch (SecretManagementException e) {
throw handleSecretMgtException(e, SecretManagementConstants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_SECRET, name);
}
return buildSecretResponseFromResponseDTO(responseDTO);
}
use of org.wso2.carbon.identity.api.server.idp.v1.model.Patch in project identity-api-server by wso2.
the class ServerUserStoreService method patchUserStoreProperties.
/**
* To construct properties list for patch request.
*
* @param propertyDTOS array of {@link PropertyDTO}
* @return List<AddUserStorePropertiesRes>
*/
private List<AddUserStorePropertiesRes> patchUserStoreProperties(PropertyDTO[] propertyDTOS) {
List<AddUserStorePropertiesRes> propertiesToAdd = new ArrayList<>();
for (PropertyDTO propertyDTO : propertyDTOS) {
AddUserStorePropertiesRes patchUserStoreProperties = new AddUserStorePropertiesRes();
patchUserStoreProperties.setName(propertyDTO.getName());
patchUserStoreProperties.setValue(propertyDTO.getValue());
propertiesToAdd.add(patchUserStoreProperties);
}
return propertiesToAdd;
}
Aggregations