use of org.wso2.carbon.identity.application.authentication.framework.AuthenticationMethodNameTranslator in project carbon-identity-framework by wso2.
the class FrameworkServiceComponent method activate.
@SuppressWarnings("unchecked")
@Activate
protected void activate(ComponentContext ctxt) {
FrameworkServiceDataHolder dataHolder = FrameworkServiceDataHolder.getInstance();
dataHolder.setJsFunctionRegistry(new JsFunctionRegistryImpl());
BundleContext bundleContext = ctxt.getBundleContext();
bundleContext.registerService(JsFunctionRegistry.class, dataHolder.getJsFunctionRegistry(), null);
bundleContext.registerService(UserSessionManagementService.class.getName(), new UserSessionManagementServiceImpl(), null);
bundleContext.registerService(HttpIdentityRequestFactory.class.getName(), new SessionExtenderRequestFactory(), null);
bundleContext.registerService(HttpIdentityResponseFactory.class.getName(), new SessionExtenderResponseFactory(), null);
bundleContext.registerService(IdentityProcessor.class.getName(), new SessionExtenderProcessor(), null);
ServerSessionManagementService serverSessionManagementService = new ServerSessionManagementServiceImpl();
bundleContext.registerService(ServerSessionManagementService.class.getName(), serverSessionManagementService, null);
dataHolder.setServerSessionManagementService(serverSessionManagementService);
setAdaptiveAuthExecutionSupervisor();
boolean tenantDropdownEnabled = ConfigurationFacade.getInstance().getTenantDropdownEnabled();
if (tenantDropdownEnabled) {
// Register the tenant management listener for tracking changes to tenants
bundleContext.registerService(TenantMgtListener.class.getName(), new AuthenticationEndpointTenantActivityListener(), null);
if (log.isDebugEnabled()) {
log.debug("AuthenticationEndpointTenantActivityListener is registered. Tenant Domains Dropdown is " + "enabled.");
}
}
AuthenticationMethodNameTranslatorImpl authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
authenticationMethodNameTranslator.initializeConfigsWithServerConfig();
bundleContext.registerService(AuthenticationMethodNameTranslator.class, authenticationMethodNameTranslator, null);
dataHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
// Register Common servlet
Servlet commonAuthServlet = new ContextPathServletAdaptor(new CommonAuthenticationServlet(), COMMON_SERVLET_URL);
Servlet identityServlet = new ContextPathServletAdaptor(new IdentityServlet(), IDENTITY_SERVLET_URL);
Servlet loginContextServlet = new ContextPathServletAdaptor(new LoginContextServlet(), LOGIN_CONTEXT_SERVLET_URL);
try {
httpService.registerServlet(COMMON_SERVLET_URL, commonAuthServlet, null, null);
httpService.registerServlet(IDENTITY_SERVLET_URL, identityServlet, null, null);
httpService.registerServlet(LOGIN_CONTEXT_SERVLET_URL, loginContextServlet, null, null);
} catch (Exception e) {
String errMsg = "Error when registering servlets via the HttpService.";
log.error(errMsg, e);
throw new RuntimeException(errMsg, e);
}
if (promptOnLongWait()) {
Servlet longWaitStatusServlet = new ContextPathServletAdaptor(new LongWaitStatusServlet(), LONGWAITSTATUS_SERVLET_URL);
try {
httpService.registerServlet(LONGWAITSTATUS_SERVLET_URL, longWaitStatusServlet, null, null);
} catch (Exception e) {
String errMsg = "Error when registering longwaitstatus servlet via the HttpService.";
log.error(errMsg, e);
throw new RuntimeException(errMsg, e);
}
}
dataHolder.setBundleContext(bundleContext);
dataHolder.getHttpIdentityRequestFactories().add(new HttpIdentityRequestFactory());
dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLoginResponseFactory());
dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLogoutResponseFactory());
JsGraphBuilderFactory jsGraphBuilderFactory = new JsGraphBuilderFactory();
jsGraphBuilderFactory.init();
UIBasedConfigurationLoader uiBasedConfigurationLoader = new UIBasedConfigurationLoader();
dataHolder.setSequenceLoader(uiBasedConfigurationLoader);
dataHolder.setJsGraphBuilderFactory(jsGraphBuilderFactory);
PostAuthenticationMgtService postAuthenticationMgtService = new PostAuthenticationMgtService();
bundleContext.registerService(PostAuthenticationMgtService.class.getName(), postAuthenticationMgtService, null);
dataHolder.setPostAuthenticationMgtService(postAuthenticationMgtService);
// Registering missing mandatory claim handler as a post authn handler
PostAuthenticationHandler postAuthnMissingClaimHandler = new PostAuthnMissingClaimHandler();
bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthnMissingClaimHandler, null);
SSOConsentService ssoConsentService = new SSOConsentServiceImpl();
bundleContext.registerService(SSOConsentService.class.getName(), ssoConsentService, null);
dataHolder.setSSOConsentService(ssoConsentService);
bundleContext.registerService(PostAuthenticationHandler.class.getName(), consentMgtPostAuthnHandler, null);
JITProvisioningIdentityProviderMgtListener jitProvisioningIDPMgtListener = new JITProvisioningIdentityProviderMgtListener();
bundleContext.registerService(IdentityProviderMgtListener.class.getName(), jitProvisioningIDPMgtListener, null);
bundleContext.registerService(ClaimFilter.class.getName(), new DefaultClaimFilter(), null);
// this is done to load SessionDataStore class and start the cleanup tasks.
SessionDataStore.getInstance();
AsyncSequenceExecutor asyncSequenceExecutor = new AsyncSequenceExecutor();
asyncSequenceExecutor.init();
dataHolder.setAsyncSequenceExecutor(asyncSequenceExecutor);
LongWaitStatusDAOImpl daoImpl = new LongWaitStatusDAOImpl();
CacheBackedLongWaitStatusDAO cacheBackedDao = new CacheBackedLongWaitStatusDAO(daoImpl);
String connectionTimeoutString = IdentityUtil.getProperty("AdaptiveAuth.HTTPConnectionTimeout");
int connectionTimeout = 5000;
if (connectionTimeoutString != null) {
try {
connectionTimeout = Integer.parseInt(connectionTimeoutString);
} catch (NumberFormatException e) {
log.error("Error while parsing connection timeout : " + connectionTimeoutString, e);
}
}
LongWaitStatusStoreService longWaitStatusStoreService = new LongWaitStatusStoreService(cacheBackedDao, connectionTimeout);
dataHolder.setLongWaitStatusStoreService(longWaitStatusStoreService);
// Registering JIT, association and domain handler as post authentication handler
PostAuthenticationHandler postJITProvisioningHandler = JITProvisioningPostAuthenticationHandler.getInstance();
bundleContext.registerService(PostAuthenticationHandler.class.getName(), postJITProvisioningHandler, null);
PostAuthenticationHandler postAuthAssociationHandler = PostAuthAssociationHandler.getInstance();
bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthAssociationHandler, null);
PostAuthenticationHandler postAuthenticatedUserDomainHandler = PostAuthenticatedSubjectIdentifierHandler.getInstance();
bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthenticatedUserDomainHandler, null);
if (log.isDebugEnabled()) {
log.debug("Application Authentication Framework bundle is activated");
}
/**
* Load and reade the require.js file in resources.
*/
this.loadCodeForRequire();
// Set user session mapping enabled.
FrameworkServiceDataHolder.getInstance().setUserSessionMappingEnabled(FrameworkUtils.isUserSessionMappingEnabled());
if (FrameworkServiceDataHolder.getInstance().getSessionSerializer() == null) {
FrameworkServiceDataHolder.getInstance().setSessionSerializer(new JavaSessionSerializer());
}
bundleContext.registerService(ApplicationAuthenticationService.class.getName(), new ApplicationAuthenticationService(), null);
// Note : DO NOT add any activation related code below this point,
// to make sure the server doesn't start up if any activation failures
}
use of org.wso2.carbon.identity.application.authentication.framework.AuthenticationMethodNameTranslator in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultIDTokenBuilder method translateToResponse.
private List<String> translateToResponse(String internalValue) {
List<String> result = Collections.EMPTY_LIST;
AuthenticationMethodNameTranslator authenticationMethodNameTranslator = OAuth2ServiceComponentHolder.getAuthenticationMethodNameTranslator();
if (authenticationMethodNameTranslator != null) {
Set<String> externalAmrSet = authenticationMethodNameTranslator.translateToExternalAmr(internalValue, INBOUND_AUTH2_TYPE);
// When AMR mapping is not available.
if (externalAmrSet == null || externalAmrSet.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("There was no mapping found to translate AMR from internal to external URI. Internal " + "Method Reference : " + internalValue);
}
result = new ArrayList<>();
result.add(internalValue);
} else if (externalAmrSet.contains(String.valueOf(Character.MIN_VALUE))) {
// Authentication Method needs to be hidden from the ID Token.
return Collections.emptyList();
} else {
result = new ArrayList<>(externalAmrSet);
}
}
return result;
}
use of org.wso2.carbon.identity.application.authentication.framework.AuthenticationMethodNameTranslator in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultIDTokenBuilderTest method setUp.
@BeforeClass
public void setUp() throws Exception {
user = getDefaultAuthenticatedLocalUser();
messageContext = getTokenReqMessageContextForUser(user, CLIENT_ID);
messageContext.addProperty(AUTHORIZATION_CODE, AUTHORIZATION_CODE_VALUE);
tokenRespDTO = new OAuth2AccessTokenRespDTO();
tokenRespDTO.setAccessToken(ACCESS_TOKEN);
IdentityProvider idp = new IdentityProvider();
idp.setIdentityProviderName("LOCAL");
idp.setEnable(true);
Map<String, Object> configuration = new HashMap<>();
configuration.put("SSOService.EntityId", "LOCAL");
configuration.put("SSOService.SAMLECPEndpoint", "https://localhost:9443/samlecp");
configuration.put("SSOService.ArtifactResolutionEndpoint", "https://localhost:9443/samlartresolve");
configuration.put("OAuth.OpenIDConnect.IDTokenIssuerID", "https://localhost:9443/oauth2/token");
WhiteboxImpl.setInternalState(IdentityUtil.class, "configuration", configuration);
IdentityProviderManager.getInstance().addResidentIdP(idp, SUPER_TENANT_DOMAIN_NAME);
defaultIDTokenBuilder = new DefaultIDTokenBuilder();
Map<ClaimMapping, String> userAttributes = new HashMap<>();
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("username"), "username");
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("email"), "email");
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(PHONE_NUMBER_VERIFIED), "phone");
LinkedHashSet acrValuesHashSet = new LinkedHashSet<>();
acrValuesHashSet.add(new Object());
AuthorizationGrantCacheEntry authorizationGrantCacheEntry = new AuthorizationGrantCacheEntry(userAttributes);
authorizationGrantCacheEntry.setSubjectClaim(messageContext.getAuthorizedUser().getUserName());
authorizationGrantCacheEntry.setNonceValue("nonce");
authorizationGrantCacheEntry.addAmr("amr");
authorizationGrantCacheEntry.setSessionContextIdentifier("idp");
authorizationGrantCacheEntry.setAuthTime(1000);
authorizationGrantCacheEntry.setSelectedAcrValue("acr");
authorizationGrantCacheEntry.setSubjectClaim("user@carbon.super");
authorizationGrantCacheEntry.setEssentialClaims(getEssentialClaims());
AuthorizationGrantCacheKey authorizationGrantCacheKey = new AuthorizationGrantCacheKey(AUTHORIZATION_CODE_VALUE);
AuthorizationGrantCacheKey authorizationGrantCacheKeyForAccessToken = new AuthorizationGrantCacheKey("2sa9a678f890877856y66e75f605d456");
AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKey, authorizationGrantCacheEntry);
AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKeyForAccessToken, authorizationGrantCacheEntry);
ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty();
ServiceProviderProperty[] serviceProviders = new ServiceProviderProperty[] { serviceProviderProperty };
ServiceProvider serviceProvider = new ServiceProvider();
serviceProvider.setSpProperties(serviceProviders);
serviceProvider.setCertificateContent("MIIDWTCCAkGgAwIBAgIEcZgeVDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJG\n" + "UjEMMAoGA1UECBMDTVBMMQwwCgYDVQQHEwNNUEwxDTALBgNVBAoTBHRlc3QxDTAL\n" + "BgNVBAsTBHRlc3QxEzARBgNVBAMMCioudGVzdC5jb20wIBcNMjEwNTEwMTcwODU4\n" + "WhgPMjA1MTA1MDMxNzA4NThaMFwxCzAJBgNVBAYTAkZSMQwwCgYDVQQIEwNNUEwx\n" + "DDAKBgNVBAcTA01QTDENMAsGA1UEChMEdGVzdDENMAsGA1UECxMEdGVzdDETMBEG\n" + "A1UEAwwKKi50ZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + "AIkuoEuR/or5oL4h6TZ7r90Qyb1xAK6qrAHGCGWz5k1dnmCdvM39zBZF5EDGVKKe\n" + "p+BQWNgG+FST19Z2l71YJllKxVsI0syw3r9PXcAfVLahs3fn8HEa5uJqIdHRsVzz\n" + "uO+rEWYn7kx4jmwwqtb8HBnhlVgn32OWQ6X4mLll/1n87cWGMsNouVP5TCySFNyD\n" + "BFPzC3+gYiVVy7Aj1NBw6Ft4i4r0UIOZ8BPGfHrd7zB4Zmnc9KwyRNj+S3bvJECm\n" + "D1/9hMiHcIj46qnvLJw69f/HmL3LTmp1oQJUnFlA0hykrUcwjVjUEptcBMu627j4\n" + "kfY2xsI613k5NLi6eHlwx7cCAwEAAaMhMB8wHQYDVR0OBBYEFIg+fWViskGrce5K\n" + "48Oy9x1Mh0GTMA0GCSqGSIb3DQEBCwUAA4IBAQB76yS+Wkt2RBh4XEihiMsrgn9L\n" + "2RkxAvDldfVEZTtQHm0uOkjT53AG8RSK5tedWdETJnEa0cq9SGLBjuTB5ojjP18g\n" + "R3fT2HXiP2QDfqnEhj7SYOEPp+QjcgW7rPBpMVOe9qKU6BWw0/ufEFq/SgSb9/xV\n" + "dZa4puEYDVEJ4pu6uJuh/oXgvwcIcL6xURDav1gqTDuMrLnJrKui+FsabnWeC+XB\n" + "1mRWtpZPay9xB5kVWAEVdMtGePP0/wz2zxQU9uCmjwvIsIfx307CpBI54sjomXPU\n" + "DldsCG6l8QRJ3NvijWa/0olA/7BpaOtbNS6S5dBSfPScpUvVQiBYFFvMXbmd\n");
ApplicationManagementService applicationMgtService = mock(ApplicationManagementService.class);
OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService);
Map<String, ServiceProvider> fileBasedSPs = CommonTestUtils.getFileBasedSPs();
setFinalStatic(ApplicationManagementServiceComponent.class.getDeclaredField("fileBasedSPs"), fileBasedSPs);
when(applicationMgtService.getApplicationExcludingFileBasedSPs(TEST_APPLICATION_NAME, SUPER_TENANT_DOMAIN_NAME)).thenReturn(fileBasedSPs.get(TEST_APPLICATION_NAME));
when(applicationMgtService.getServiceProviderNameByClientId(anyString(), anyString(), anyString())).thenReturn(TEST_APPLICATION_NAME);
when(applicationMgtService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
AuthenticationMethodNameTranslator authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
OAuth2ServiceComponentHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
RealmService realmService = IdentityTenantUtil.getRealmService();
HashMap<String, String> claims = new HashMap<>();
claims.put("http://wso2.org/claims/username", TestConstants.USER_NAME);
realmService.getTenantUserRealm(SUPER_TENANT_ID).getUserStoreManager().addUser(TestConstants.USER_NAME, TestConstants.PASSWORD, new String[0], claims, TestConstants.DEFAULT_PROFILE);
Map<Integer, Certificate> publicCerts = new ConcurrentHashMap<>();
publicCerts.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getCertificate("wso2carbon"));
setFinalStatic(OAuth2Util.class.getDeclaredField("publicCerts"), publicCerts);
Map<Integer, Key> privateKeys = new ConcurrentHashMap<>();
privateKeys.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getKey("wso2carbon", "wso2carbon".toCharArray()));
setFinalStatic(OAuth2Util.class.getDeclaredField("privateKeys"), privateKeys);
OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
List<RequestedClaim> requestedClaims = Collections.EMPTY_LIST;
when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
OAuth2ServiceComponentHolder.setKeyIDProvider(new DefaultKeyIDProviderImpl());
ClaimProvider claimProvider = new OpenIDConnectSystemClaimImpl();
List claimProviders = new ArrayList();
claimProviders.add(claimProvider);
WhiteboxImpl.setInternalState(OpenIDConnectServiceComponentHolder.getInstance(), "claimProviders", claimProviders);
}
Aggregations