Search in sources :

Example 21 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project identity-api-server by wso2.

the class ServiceProviderToApiModel method buildAuthStep.

private AuthenticationStepModel buildAuthStep(AuthenticationStep authenticationStep) {
    AuthenticationStepModel authStep = new AuthenticationStepModel();
    authStep.setId(authenticationStep.getStepOrder());
    arrayToStream(authenticationStep.getFederatedIdentityProviders()).forEach(y -> authStep.addOptionsItem(new Authenticator().idp(y.getIdentityProviderName()).authenticator(y.getDefaultAuthenticatorConfig().getName())));
    arrayToStream(authenticationStep.getLocalAuthenticatorConfigs()).forEach(y -> authStep.addOptionsItem(new Authenticator().idp(FrameworkConstants.LOCAL_IDP_NAME).authenticator(y.getName())));
    return authStep;
}
Also used : AuthenticationStepModel(org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationStepModel) Authenticator(org.wso2.carbon.identity.api.server.application.management.v1.Authenticator)

Example 22 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project identity-api-server by wso2.

the class UpdateAuthenticationSequence method getAuthenticationSteps.

private AuthenticationStep[] getAuthenticationSteps(AuthenticationSequence authSequenceApiModel) {
    if (CollectionUtils.isEmpty(authSequenceApiModel.getSteps())) {
        throw Utils.buildBadRequestError("Authentication steps cannot be empty for user defined " + "authentication type: " + AuthenticationSequence.TypeEnum.USER_DEFINED);
    }
    // Sort the authentication steps.
    List<AuthenticationStepModel> sortedStepModelList = Optional.of(authSequenceApiModel.getSteps()).map(steps -> {
        steps.sort(Comparator.comparingInt(AuthenticationStepModel::getId));
        return steps;
    }).orElse(Collections.emptyList());
    int numSteps = sortedStepModelList.size();
    if (numSteps != sortedStepModelList.get(numSteps - 1).getId()) {
        // to be equal to number of steps.
        throw Utils.buildBadRequestError("Step ids need to be consecutive in the authentication sequence steps.");
    }
    int subjectStepId = getSubjectStepId(authSequenceApiModel.getSubjectStepId(), numSteps);
    int attributeStepId = getSubjectStepId(authSequenceApiModel.getAttributeStepId(), numSteps);
    // We create a array of size (numSteps + 1) since step order starts from 1.
    AuthenticationStep[] authenticationSteps = new AuthenticationStep[numSteps];
    int stepOrder = 1;
    for (AuthenticationStepModel stepModel : sortedStepModelList) {
        AuthenticationStep authenticationStep = buildAuthenticationStep(stepModel);
        authenticationStep.setStepOrder(stepOrder);
        if (subjectStepId == stepOrder) {
            authenticationStep.setSubjectStep(true);
        }
        if (attributeStepId == stepOrder) {
            authenticationStep.setAttributeStep(true);
        }
        authenticationSteps[stepOrder - 1] = authenticationStep;
        stepOrder++;
    }
    return authenticationSteps;
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) AuthenticationSequence(org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence) Utils(org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils) FrameworkConstants(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) ArrayList(java.util.ArrayList) AuthenticationStepModel(org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationStepModel) AuthenticationScriptConfig(org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig) ApplicationConstants(org.wso2.carbon.identity.application.mgt.ApplicationConstants) List(java.util.List) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) CollectionUtils(org.apache.commons.collections.CollectionUtils) UpdateFunction(org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction) Optional(java.util.Optional) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) Comparator(java.util.Comparator) Collections(java.util.Collections) AuthenticationStepModel(org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationStepModel) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep)

Example 23 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project identity-api-server by wso2.

the class UpdateAuthenticationSequence method buildAuthenticationStep.

private AuthenticationStep buildAuthenticationStep(AuthenticationStepModel stepModel) {
    AuthenticationStep authenticationStep = new AuthenticationStep();
    // iteration the options, divide in to federated and local and add the configs
    if (CollectionUtils.isEmpty(stepModel.getOptions())) {
        throw Utils.buildBadRequestError("Authentication Step options cannot be empty.");
    }
    List<LocalAuthenticatorConfig> localAuthOptions = new ArrayList<>();
    List<IdentityProvider> federatedAuthOptions = new ArrayList<>();
    stepModel.getOptions().forEach(option -> {
        // TODO : add validations to swagger so that we don't need to check inputs here.
        if (FrameworkConstants.LOCAL_IDP_NAME.equals(option.getIdp())) {
            LocalAuthenticatorConfig localAuthOption = new LocalAuthenticatorConfig();
            localAuthOption.setEnabled(true);
            localAuthOption.setName(option.getAuthenticator());
            localAuthOptions.add(localAuthOption);
        } else {
            FederatedAuthenticatorConfig federatedAuthConfig = new FederatedAuthenticatorConfig();
            federatedAuthConfig.setEnabled(true);
            federatedAuthConfig.setName(option.getAuthenticator());
            IdentityProvider federatedIdp = new IdentityProvider();
            federatedIdp.setIdentityProviderName(option.getIdp());
            federatedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthConfig });
            federatedIdp.setDefaultAuthenticatorConfig(federatedAuthConfig);
            federatedAuthOptions.add(federatedIdp);
        }
    });
    authenticationStep.setLocalAuthenticatorConfigs(localAuthOptions.toArray(new LocalAuthenticatorConfig[0]));
    authenticationStep.setFederatedIdentityProviders(federatedAuthOptions.toArray(new IdentityProvider[0]));
    return authenticationStep;
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) ArrayList(java.util.ArrayList) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)

Example 24 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project siddhi by wso2.

the class WindowDefinitionTestCase method testEventWindow8.

@Test(expectedExceptions = DuplicateDefinitionException.class)
public void testEventWindow8() throws InterruptedException {
    log.info("WindowDefinitionTestCase Test8");
    SiddhiManager siddhiManager = new SiddhiManager();
    String query = "define stream InStream (meta_tenantId int, contextId string, eventId string, eventType " + "string, authenticationSuccess bool, username string, localUsername string, userStoreDomain string, " + "tenantDomain string, remoteIp string, region string, inboundAuthType string, serviceProvider string," + " rememberMeEnabled bool, forceAuthEnabled bool, passiveAuthEnabled bool, rolesCommaSeparated string," + " authenticationStep string, identityProvider string, authStepSuccess bool, stepAuthenticator string," + " isFirstLogin bool, identityProviderType string, _timestamp long);\n" + "define window countWindow (meta_tenantId int, batchEndTime long, timestamp long) externalTimeBatch" + "(batchEndTime, 1 sec, 0, 10 sec, true);\n" + "from InStream\n" + "select meta_tenantId, eventId\n" + "insert into countStream;\n" + "from countStream\n" + "select meta_tenantId, eventId\n" + "insert into countWindow;";
    SiddhiAppRuntime siddhiAppRuntime = siddhiManager.createSiddhiAppRuntime(query);
    siddhiAppRuntime.shutdown();
}
Also used : SiddhiAppRuntime(org.wso2.siddhi.core.SiddhiAppRuntime) SiddhiManager(org.wso2.siddhi.core.SiddhiManager) Test(org.testng.annotations.Test)

Example 25 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method getLocalAndOutboundAuthenticationConfig.

/**
 * @param applicationId
 * @param connection
 * @param propertyList
 * @return
 * @throws SQLException
 */
private LocalAndOutboundAuthenticationConfig getLocalAndOutboundAuthenticationConfig(int applicationId, Connection connection, int tenantId, List<ServiceProviderProperty> propertyList) throws SQLException, IdentityApplicationManagementException {
    PreparedStatement getStepInfoPrepStmt = null;
    ResultSet stepInfoResultSet = null;
    if (log.isDebugEnabled()) {
        log.debug("Reading Steps of Application " + applicationId);
    }
    try {
        getStepInfoPrepStmt = connection.prepareStatement(LOAD_STEPS_INFO_BY_APP_ID);
        // STEP_ORDER, AUTHENTICATOR_ID, IS_SUBJECT_STEP, IS_ATTRIBUTE_STEP
        getStepInfoPrepStmt.setInt(1, applicationId);
        stepInfoResultSet = getStepInfoPrepStmt.executeQuery();
        Map<String, AuthenticationStep> authSteps = new HashMap<>();
        Map<String, Map<String, List<FederatedAuthenticatorConfig>>> stepFedIdPAuthenticators = new HashMap<>();
        Map<String, List<LocalAuthenticatorConfig>> stepLocalAuth = new HashMap<>();
        while (stepInfoResultSet.next()) {
            String step = String.valueOf(stepInfoResultSet.getInt(1));
            AuthenticationStep authStep;
            if (authSteps.containsKey(step)) {
                authStep = authSteps.get(step);
            } else {
                authStep = new AuthenticationStep();
                authStep.setStepOrder(stepInfoResultSet.getInt(1));
                stepLocalAuth.put(step, new ArrayList<LocalAuthenticatorConfig>());
                stepFedIdPAuthenticators.put(step, new HashMap<String, List<FederatedAuthenticatorConfig>>());
            }
            int authenticatorId = stepInfoResultSet.getInt(2);
            Map<String, String> authenticatorInfo = getAuthenticatorInfo(connection, tenantId, authenticatorId);
            if (authenticatorInfo != null && authenticatorInfo.get(ApplicationConstants.IDP_NAME) != null && ApplicationConstants.LOCAL_IDP_NAME.equals(authenticatorInfo.get("idpName"))) {
                LocalAuthenticatorConfig localAuthenticator = new LocalAuthenticatorConfig();
                localAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                localAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                stepLocalAuth.get(step).add(localAuthenticator);
            } else {
                Map<String, List<FederatedAuthenticatorConfig>> stepFedIdps = stepFedIdPAuthenticators.get(step);
                if (!stepFedIdps.containsKey(authenticatorInfo.get(ApplicationConstants.IDP_NAME))) {
                    stepFedIdps.put(authenticatorInfo.get(ApplicationConstants.IDP_NAME), new ArrayList<FederatedAuthenticatorConfig>());
                }
                List<FederatedAuthenticatorConfig> idpAuths = stepFedIdps.get(authenticatorInfo.get(ApplicationConstants.IDP_NAME));
                FederatedAuthenticatorConfig fedAuthenticator = new FederatedAuthenticatorConfig();
                fedAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                fedAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                idpAuths.add(fedAuthenticator);
            }
            authStep.setSubjectStep("1".equals(stepInfoResultSet.getString(3)));
            authStep.setAttributeStep("1".equals(stepInfoResultSet.getString(4)));
            authSteps.put(step, authStep);
        }
        LocalAndOutboundAuthenticationConfig localAndOutboundConfiguration = new LocalAndOutboundAuthenticationConfig();
        AuthenticationStep[] authenticationSteps = new AuthenticationStep[authSteps.size()];
        int authStepCount = 0;
        for (Entry<String, AuthenticationStep> entry : authSteps.entrySet()) {
            AuthenticationStep authStep = entry.getValue();
            String stepId = entry.getKey();
            List<LocalAuthenticatorConfig> localAuthenticatorList = stepLocalAuth.get(stepId);
            if (localAuthenticatorList != null && localAuthenticatorList.size() > 0) {
                authStep.setLocalAuthenticatorConfigs(localAuthenticatorList.toArray(new LocalAuthenticatorConfig[localAuthenticatorList.size()]));
            }
            Map<String, List<FederatedAuthenticatorConfig>> idpList = stepFedIdPAuthenticators.get(stepId);
            if (idpList != null && idpList.size() > 0) {
                IdentityProvider[] fedIdpList = new IdentityProvider[idpList.size()];
                int idpCount = 0;
                for (Entry<String, List<FederatedAuthenticatorConfig>> idpEntry : idpList.entrySet()) {
                    String idpName = idpEntry.getKey();
                    List<FederatedAuthenticatorConfig> fedAuthenticators = idpEntry.getValue();
                    IdentityProvider idp = new IdentityProvider();
                    idp.setIdentityProviderName(idpName);
                    idp.setFederationHub(isFederationHubIdP(idpName, connection, tenantId));
                    idp.setFederatedAuthenticatorConfigs(fedAuthenticators.toArray(new FederatedAuthenticatorConfig[fedAuthenticators.size()]));
                    idp.setDefaultAuthenticatorConfig(idp.getFederatedAuthenticatorConfigs()[0]);
                    fedIdpList[idpCount++] = idp;
                }
                authStep.setFederatedIdentityProviders(fedIdpList);
            }
            authenticationSteps[authStepCount++] = authStep;
        }
        Arrays.sort(authenticationSteps, Comparator.comparingInt(AuthenticationStep::getStepOrder));
        int numSteps = authenticationSteps.length;
        // We check if the steps have consecutive step numbers.
        if (numSteps > 0 && authenticationSteps[numSteps - 1].getStepOrder() != numSteps) {
            if (log.isDebugEnabled()) {
                log.debug("Authentication steps of Application with id: " + applicationId + "  do not have " + "consecutive numbers. This was possibility due to a IDP force deletion. Fixing the step " + "order.");
            }
            // Iterate through the steps and fix step order.
            int count = 1;
            for (AuthenticationStep step : authenticationSteps) {
                step.setStepOrder(count++);
            }
        }
        localAndOutboundConfiguration.setAuthenticationSteps(authenticationSteps);
        String authType = getAuthenticationType(applicationId, connection);
        if (StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FEDERATED) || StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FLOW)) {
            if (ArrayUtils.isEmpty(authenticationSteps)) {
                // the authType to 'default'.
                if (log.isDebugEnabled()) {
                    log.debug("Authentication type is '" + authType + "' eventhough the application with id: " + applicationId + " has zero authentication step. This was possibility due to a IDP force deletion. " + " Defaulting authentication type to " + ApplicationConstants.AUTH_TYPE_DEFAULT);
                }
                authType = ApplicationConstants.AUTH_TYPE_DEFAULT;
            }
        }
        localAndOutboundConfiguration.setAuthenticationType(authType);
        AuthenticationScriptConfig authenticationScriptConfig = getScriptConfiguration(applicationId, connection);
        if (authenticationScriptConfig != null) {
            localAndOutboundConfiguration.setAuthenticationScriptConfig(authenticationScriptConfig);
        }
        PreparedStatement localAndOutboundConfigPrepStmt = null;
        ResultSet localAndOutboundConfigResultSet = null;
        try {
            localAndOutboundConfigPrepStmt = connection.prepareStatement(LOAD_LOCAL_AND_OUTBOUND_CONFIG_BY_APP_ID);
            localAndOutboundConfigPrepStmt.setInt(1, tenantId);
            localAndOutboundConfigPrepStmt.setInt(2, applicationId);
            localAndOutboundConfigResultSet = localAndOutboundConfigPrepStmt.executeQuery();
            if (localAndOutboundConfigResultSet.next()) {
                localAndOutboundConfiguration.setUseTenantDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(1)));
                localAndOutboundConfiguration.setUseUserstoreDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(2)));
                localAndOutboundConfiguration.setEnableAuthorization("1".equals(localAndOutboundConfigResultSet.getString(3)));
                localAndOutboundConfiguration.setAlwaysSendBackAuthenticatedListOfIdPs("1".equals(localAndOutboundConfigResultSet.getString(4)));
                localAndOutboundConfiguration.setSubjectClaimUri(localAndOutboundConfigResultSet.getString(5));
                readAndSetConfigurationsFromProperties(propertyList, localAndOutboundConfiguration);
            }
        } finally {
            IdentityApplicationManagementUtil.closeStatement(localAndOutboundConfigPrepStmt);
            IdentityApplicationManagementUtil.closeResultSet(localAndOutboundConfigResultSet);
        }
        return localAndOutboundConfiguration;
    } finally {
        IdentityApplicationManagementUtil.closeStatement(getStepInfoPrepStmt);
        IdentityApplicationManagementUtil.closeResultSet(stepInfoResultSet);
    }
}
Also used : HashMap(java.util.HashMap) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) AuthenticationScriptConfig(org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig) ResultSet(java.sql.ResultSet) ArrayList(java.util.ArrayList) List(java.util.List) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) PreparedStatement(java.sql.PreparedStatement) NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) Map(java.util.Map) HashMap(java.util.HashMap)

Aggregations

AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)16 AuthenticationStep (org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)15 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)9 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)8 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig)8 ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)8 ArrayList (java.util.ArrayList)7 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)7 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig)7 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)6 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)6 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)5 Test (org.testng.annotations.Test)4 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)4 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)4 AuthenticationScriptConfig (org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig)3 IOException (java.io.IOException)2 PreparedStatement (java.sql.PreparedStatement)2