Search in sources :

Example 21 with FederatedAuthenticatorConfig

use of org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method updateLocalAndOutboundAuthenticationConfiguration.

/**
 * @param applicationId
 * @param localAndOutboundAuthConfig
 * @param connection
 * @throws SQLException
 * @throws IdentityApplicationManagementException
 */
private void updateLocalAndOutboundAuthenticationConfiguration(int applicationId, LocalAndOutboundAuthenticationConfig localAndOutboundAuthConfig, Connection connection) throws SQLException, IdentityApplicationManagementException {
    int tenantID = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    if (localAndOutboundAuthConfig == null) {
        // no local or out-bound configuration for this service provider.
        return;
    }
    updateAuthenticationScriptConfiguration(applicationId, localAndOutboundAuthConfig, connection, tenantID);
    PreparedStatement updateAuthTypePrepStmt = null;
    PreparedStatement storeSendAuthListOfIdPsPrepStmt = null;
    try {
        storeSendAuthListOfIdPsPrepStmt = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_SEND_AUTH_LIST_OF_IDPS);
        // IS_SEND_LOCAL_SUBJECT_ID=? WHERE TENANT_ID= ? AND ID = ?
        storeSendAuthListOfIdPsPrepStmt.setString(1, localAndOutboundAuthConfig.isAlwaysSendBackAuthenticatedListOfIdPs() ? "1" : "0");
        storeSendAuthListOfIdPsPrepStmt.setInt(2, tenantID);
        storeSendAuthListOfIdPsPrepStmt.setInt(3, applicationId);
        storeSendAuthListOfIdPsPrepStmt.executeUpdate();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(storeSendAuthListOfIdPsPrepStmt);
    }
    PreparedStatement storeUseTenantDomainInLocalSubjectIdStmt = null;
    try {
        storeUseTenantDomainInLocalSubjectIdStmt = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_USE_TENANT_DOMAIN_LOCAL_SUBJECT_ID);
        // IS_USE_TENANT_DIMAIN_LOCAL_SUBJECT_ID=? WHERE TENANT_ID= ? AND ID = ?
        storeUseTenantDomainInLocalSubjectIdStmt.setString(1, localAndOutboundAuthConfig.isUseTenantDomainInLocalSubjectIdentifier() ? "1" : "0");
        storeUseTenantDomainInLocalSubjectIdStmt.setInt(2, tenantID);
        storeUseTenantDomainInLocalSubjectIdStmt.setInt(3, applicationId);
        storeUseTenantDomainInLocalSubjectIdStmt.executeUpdate();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(storeUseTenantDomainInLocalSubjectIdStmt);
    }
    PreparedStatement storeUseUserstoreDomainInLocalSubjectIdStmt = null;
    try {
        storeUseUserstoreDomainInLocalSubjectIdStmt = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_USE_USERSTORE_DOMAIN_LOCAL_SUBJECT_ID);
        // IS_USE_USERSTORE_DIMAIN_LOCAL_SUBJECT_ID=? WHERE TENANT_ID= ? AND ID = ?
        storeUseUserstoreDomainInLocalSubjectIdStmt.setString(1, localAndOutboundAuthConfig.isUseUserstoreDomainInLocalSubjectIdentifier() ? "1" : "0");
        storeUseUserstoreDomainInLocalSubjectIdStmt.setInt(2, tenantID);
        storeUseUserstoreDomainInLocalSubjectIdStmt.setInt(3, applicationId);
        storeUseUserstoreDomainInLocalSubjectIdStmt.executeUpdate();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(storeUseUserstoreDomainInLocalSubjectIdStmt);
    }
    PreparedStatement enableAuthzStmt = null;
    try {
        enableAuthzStmt = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_ENABLE_AUTHORIZATION);
        enableAuthzStmt.setString(1, localAndOutboundAuthConfig.isEnableAuthorization() ? "1" : "0");
        enableAuthzStmt.setInt(2, tenantID);
        enableAuthzStmt.setInt(3, applicationId);
        enableAuthzStmt.executeUpdate();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(enableAuthzStmt);
    }
    PreparedStatement storeSubjectClaimUri = null;
    try {
        storeSubjectClaimUri = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_SUBJECT_CLAIM_URI);
        // SUBJECT_CLAIM_URI=? WHERE TENANT_ID= ? AND ID = ?
        storeSubjectClaimUri.setString(1, localAndOutboundAuthConfig.getSubjectClaimUri());
        storeSubjectClaimUri.setInt(2, tenantID);
        storeSubjectClaimUri.setInt(3, applicationId);
        storeSubjectClaimUri.executeUpdate();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(storeSubjectClaimUri);
    }
    AuthenticationStep[] authSteps = localAndOutboundAuthConfig.getAuthenticationSteps();
    if (authSteps == null || authSteps.length == 0) {
        // if no authentication steps defined - it should be the default behavior.
        localAndOutboundAuthConfig.setAuthenticationType(ApplicationConstants.AUTH_TYPE_DEFAULT);
    }
    try {
        if (localAndOutboundAuthConfig.getAuthenticationType() == null) {
            // no authentication type defined - set to default.
            localAndOutboundAuthConfig.setAuthenticationType(ApplicationConstants.AUTH_TYPE_DEFAULT);
        }
        updateAuthTypePrepStmt = connection.prepareStatement(UPDATE_BASIC_APPINFO_WITH_AUTH_TYPE);
        // AUTH_TYPE=? WHERE TENANT_ID= ? AND ID = ?
        updateAuthTypePrepStmt.setString(1, localAndOutboundAuthConfig.getAuthenticationType());
        updateAuthTypePrepStmt.setInt(2, tenantID);
        updateAuthTypePrepStmt.setInt(3, applicationId);
        updateAuthTypePrepStmt.execute();
    } finally {
        IdentityApplicationManagementUtil.closeStatement(updateAuthTypePrepStmt);
    }
    if (authSteps != null && authSteps.length > 0) {
        // we have authentications steps defined.
        PreparedStatement storeStepIDPAuthnPrepStmt = null;
        storeStepIDPAuthnPrepStmt = connection.prepareStatement(STORE_STEP_IDP_AUTH);
        try {
            if (ApplicationConstants.AUTH_TYPE_LOCAL.equalsIgnoreCase(localAndOutboundAuthConfig.getAuthenticationType())) {
                // only one local authenticator.
                if (authSteps.length != 1 || authSteps[0] == null || authSteps[0].getLocalAuthenticatorConfigs() == null || authSteps[0].getLocalAuthenticatorConfigs().length != 1 || (authSteps[0].getFederatedIdentityProviders() != null && authSteps[0].getFederatedIdentityProviders().length >= 1)) {
                    String errorMessage = "Invalid local authentication configuration." + " For local authentication there can only be only one authentication step and" + " only one local authenticator";
                    throw new IdentityApplicationManagementException(errorMessage);
                }
            } else if (ApplicationConstants.AUTH_TYPE_FEDERATED.equalsIgnoreCase(localAndOutboundAuthConfig.getAuthenticationType())) {
                // the corresponding authenticator.
                if (authSteps.length != 1 || authSteps[0] == null || authSteps[0].getFederatedIdentityProviders() == null || authSteps[0].getFederatedIdentityProviders().length != 1 || authSteps[0].getLocalAuthenticatorConfigs().length > 0) {
                    String errorMessage = "Invalid federated authentication configuration." + " For federated authentication there can only be only one authentication step and" + " only one federated authenticator";
                    throw new IdentityApplicationManagementException(errorMessage);
                }
                IdentityProvider fedIdp = authSteps[0].getFederatedIdentityProviders()[0];
                if (fedIdp.getDefaultAuthenticatorConfig() == null || fedIdp.getFederatedAuthenticatorConfigs() == null) {
                    IdentityProviderDAO idpDAO = ApplicationMgtSystemConfig.getInstance().getIdentityProviderDAO();
                    String defualtAuthName = idpDAO.getDefaultAuthenticator(fedIdp.getIdentityProviderName());
                    // set the default authenticator.
                    FederatedAuthenticatorConfig defaultAuth = new FederatedAuthenticatorConfig();
                    defaultAuth.setName(defualtAuthName);
                    fedIdp.setDefaultAuthenticatorConfig(defaultAuth);
                    fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { defaultAuth });
                }
            }
            // iterating through each step.
            for (AuthenticationStep authStep : authSteps) {
                int stepId = 0;
                IdentityProvider[] federatedIdps = authStep.getFederatedIdentityProviders();
                // provider or a local authenticator.
                if ((federatedIdps == null || federatedIdps.length == 0) && (authStep.getLocalAuthenticatorConfigs() == null || authStep.getLocalAuthenticatorConfigs().length == 0)) {
                    String errorMesssage = "Invalid authentication configuration." + "An authentication step should have at least one federated identity " + "provider or a local authenticator";
                    throw new IdentityApplicationManagementException(errorMesssage);
                }
                // we have valid federated identity providers.
                PreparedStatement storeStepPrepStmtz = null;
                ResultSet result = null;
                try {
                    String dbProductName = connection.getMetaData().getDatabaseProductName();
                    storeStepPrepStmtz = connection.prepareStatement(STORE_STEP_INFO, new String[] { DBUtils.getConvertedAutoGeneratedColumnName(dbProductName, "ID") });
                    // TENANT_ID, STEP_ORDER, APP_ID
                    storeStepPrepStmtz.setInt(1, tenantID);
                    storeStepPrepStmtz.setInt(2, authStep.getStepOrder());
                    storeStepPrepStmtz.setInt(3, applicationId);
                    storeStepPrepStmtz.setString(4, authStep.isSubjectStep() ? "1" : "0");
                    storeStepPrepStmtz.setString(5, authStep.isAttributeStep() ? "1" : "0");
                    storeStepPrepStmtz.execute();
                    result = storeStepPrepStmtz.getGeneratedKeys();
                    if (result.next()) {
                        stepId = result.getInt(1);
                    }
                } finally {
                    IdentityApplicationManagementUtil.closeResultSet(result);
                    IdentityApplicationManagementUtil.closeStatement(storeStepPrepStmtz);
                }
                if (authStep.getLocalAuthenticatorConfigs() != null && authStep.getLocalAuthenticatorConfigs().length > 0) {
                    for (LocalAuthenticatorConfig lclAuthenticator : authStep.getLocalAuthenticatorConfigs()) {
                        // set the identity provider name to LOCAL.
                        int authenticatorId = getAuthentictorID(connection, tenantID, ApplicationConstants.LOCAL_IDP_NAME, lclAuthenticator.getName());
                        if (authenticatorId < 0) {
                            authenticatorId = addAuthenticator(connection, tenantID, ApplicationConstants.LOCAL_IDP_NAME, lclAuthenticator.getName(), lclAuthenticator.getDisplayName());
                        }
                        if (authenticatorId > 0) {
                            // ID, TENANT_ID, AUTHENTICATOR_ID
                            storeStepIDPAuthnPrepStmt.setInt(1, stepId);
                            storeStepIDPAuthnPrepStmt.setInt(2, tenantID);
                            storeStepIDPAuthnPrepStmt.setInt(3, authenticatorId);
                            storeStepIDPAuthnPrepStmt.addBatch();
                        }
                        if (log.isDebugEnabled()) {
                            log.debug("Updating Local IdP of Application " + applicationId + " Step Order: " + authStep.getStepOrder() + " IdP: " + ApplicationConstants.LOCAL_IDP + " Authenticator: " + lclAuthenticator.getName());
                        }
                    }
                }
                // we have federated identity providers.
                if (federatedIdps != null && federatedIdps.length > 0) {
                    // iterating through each IDP of the step
                    for (IdentityProvider federatedIdp : federatedIdps) {
                        String idpName = federatedIdp.getIdentityProviderName();
                        // the identity provider name wso2carbon-local-idp is reserved.
                        if (ApplicationConstants.LOCAL_IDP.equalsIgnoreCase(idpName)) {
                            throw new IdentityApplicationManagementException("The federated IdP name cannot be equal to " + ApplicationConstants.LOCAL_IDP);
                        }
                        FederatedAuthenticatorConfig[] authenticators = federatedIdp.getFederatedAuthenticatorConfigs();
                        if (authenticators != null && authenticators.length > 0) {
                            for (FederatedAuthenticatorConfig authenticator : authenticators) {
                                // ID, TENANT_ID, AUTHENTICATOR_ID
                                if (authenticator != null) {
                                    int authenticatorId = getAuthentictorID(connection, tenantID, idpName, authenticator.getName());
                                    if (authenticatorId > 0) {
                                        storeStepIDPAuthnPrepStmt.setInt(1, stepId);
                                        storeStepIDPAuthnPrepStmt.setInt(2, tenantID);
                                        storeStepIDPAuthnPrepStmt.setInt(3, authenticatorId);
                                        storeStepIDPAuthnPrepStmt.addBatch();
                                        if (log.isDebugEnabled()) {
                                            log.debug("Updating Federated IdP of Application " + applicationId + " Step Order: " + authStep.getStepOrder() + " IdP: " + idpName + " Authenticator: " + authenticator);
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            storeStepIDPAuthnPrepStmt.executeBatch();
        } finally {
            IdentityApplicationManagementUtil.closeStatement(storeStepIDPAuthnPrepStmt);
        }
    }
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) PreparedStatement(java.sql.PreparedStatement) NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) ResultSet(java.sql.ResultSet) IdentityProviderDAO(org.wso2.carbon.identity.application.mgt.dao.IdentityProviderDAO)

Example 22 with FederatedAuthenticatorConfig

use of org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig in project carbon-identity-framework by wso2.

the class ApplicationBean method updateOutBoundAuthenticationConfig.

/**
 * @param request
 */
public void updateOutBoundAuthenticationConfig(HttpServletRequest request) {
    String[] authSteps = request.getParameterValues("auth_step");
    if (authSteps != null && authSteps.length > 0) {
        List<AuthenticationStep> authStepList = new ArrayList<AuthenticationStep>();
        for (String authstep : authSteps) {
            AuthenticationStep authStep = new AuthenticationStep();
            authStep.setStepOrder(Integer.parseInt(authstep));
            boolean isSubjectStep = request.getParameter("subject_step_" + authstep) != null && "on".equals(request.getParameter("subject_step_" + authstep)) ? true : false;
            authStep.setSubjectStep(isSubjectStep);
            boolean isAttributeStep = request.getParameter("attribute_step_" + authstep) != null && "on".equals(request.getParameter("attribute_step_" + authstep)) ? true : false;
            authStep.setAttributeStep(isAttributeStep);
            String[] localAuthenticatorNames = request.getParameterValues("step_" + authstep + "_local_auth");
            if (localAuthenticatorNames != null && localAuthenticatorNames.length > 0) {
                List<LocalAuthenticatorConfig> localAuthList = new ArrayList<LocalAuthenticatorConfig>();
                for (String name : localAuthenticatorNames) {
                    if (name != null) {
                        LocalAuthenticatorConfig localAuth = new LocalAuthenticatorConfig();
                        localAuth.setName(name);
                        if (localAuthenticatorConfigs != null) {
                            for (LocalAuthenticatorConfig config : localAuthenticatorConfigs) {
                                if (config.getName().equals(name)) {
                                    localAuth.setDisplayName(config.getDisplayName());
                                    break;
                                }
                            }
                        }
                        localAuthList.add(localAuth);
                    }
                }
                if (localAuthList != null && !localAuthList.isEmpty()) {
                    authStep.setLocalAuthenticatorConfigs(localAuthList.toArray(new LocalAuthenticatorConfig[localAuthList.size()]));
                }
            }
            String[] federatedIdpNames = request.getParameterValues("step_" + authstep + "_fed_auth");
            if (federatedIdpNames != null && federatedIdpNames.length > 0) {
                List<IdentityProvider> fedIdpList = new ArrayList<>();
                for (String name : federatedIdpNames) {
                    if (StringUtils.isNotBlank(name)) {
                        IdentityProvider idp = new IdentityProvider();
                        idp.setIdentityProviderName(name);
                        IdentityProvider referringIdP = federatedIdentityProvidersMap.get(name);
                        String authenticatorName = request.getParameter("step_" + authstep + "_idp_" + name + "_fed_authenticator");
                        if (StringUtils.isNotBlank(authenticatorName)) {
                            String authenticatorDisplayName = null;
                            for (FederatedAuthenticatorConfig config : referringIdP.getFederatedAuthenticatorConfigs()) {
                                if (authenticatorName.equals(config.getName())) {
                                    authenticatorDisplayName = config.getDisplayName();
                                    break;
                                }
                            }
                            FederatedAuthenticatorConfig authenticator = new FederatedAuthenticatorConfig();
                            authenticator.setName(authenticatorName);
                            authenticator.setDisplayName(authenticatorDisplayName);
                            idp.setDefaultAuthenticatorConfig(authenticator);
                            idp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { authenticator });
                            fedIdpList.add(idp);
                        }
                    }
                }
                if (fedIdpList != null && !fedIdpList.isEmpty()) {
                    authStep.setFederatedIdentityProviders(fedIdpList.toArray(new IdentityProvider[fedIdpList.size()]));
                }
            }
            if ((authStep.getFederatedIdentityProviders() != null && authStep.getFederatedIdentityProviders().length > 0) || (authStep.getLocalAuthenticatorConfigs() != null && authStep.getLocalAuthenticatorConfigs().length > 0)) {
                authStepList.add(authStep);
            }
        }
        if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() == null) {
            serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
        }
        if (CollectionUtils.isNotEmpty(authStepList)) {
            LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = serviceProvider.getLocalAndOutBoundAuthenticationConfig();
            localAndOutboundAuthenticationConfig.setAuthenticationSteps(authStepList.toArray(new AuthenticationStep[authStepList.size()]));
        }
    }
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig) ArrayList(java.util.ArrayList) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider)

Example 23 with FederatedAuthenticatorConfig

use of org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig in project carbon-identity-framework by wso2.

the class FrameworkServiceComponent method setAuthenticator.

@Reference(name = "application.authenticator", service = ApplicationAuthenticator.class, cardinality = ReferenceCardinality.AT_LEAST_ONE, policy = ReferencePolicy.DYNAMIC, unbind = "unsetAuthenticator")
protected void setAuthenticator(ApplicationAuthenticator authenticator) {
    FrameworkServiceDataHolder.getInstance().getAuthenticators().add(authenticator);
    Property[] configProperties = null;
    List<Property> configurationProperties = authenticator.getConfigurationProperties();
    if (configurationProperties == null) {
        configurationProperties = new ArrayList<>();
    }
    if (authenticator instanceof AuthenticationFlowHandler) {
        Property handlerProperty = new Property();
        handlerProperty.setName(IS_HANDLER);
        handlerProperty.setValue(TRUE);
        configurationProperties.add(handlerProperty);
    }
    if (!configurationProperties.isEmpty()) {
        configProperties = configurationProperties.toArray(new Property[0]);
    }
    if ((authenticator instanceof LocalApplicationAuthenticator) || (authenticator instanceof AuthenticationFlowHandler)) {
        LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
        localAuthenticatorConfig.setName(authenticator.getName());
        localAuthenticatorConfig.setProperties(configProperties);
        localAuthenticatorConfig.setDisplayName(authenticator.getFriendlyName());
        localAuthenticatorConfig.setTags(authenticator.getTags());
        AuthenticatorConfig fileBasedConfig = getAuthenticatorConfig(authenticator.getName());
        localAuthenticatorConfig.setEnabled(fileBasedConfig.isEnabled());
        ApplicationAuthenticatorService.getInstance().addLocalAuthenticator(localAuthenticatorConfig);
    } else if (authenticator instanceof FederatedApplicationAuthenticator) {
        FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
        federatedAuthenticatorConfig.setName(authenticator.getName());
        federatedAuthenticatorConfig.setProperties(configProperties);
        federatedAuthenticatorConfig.setDisplayName(authenticator.getFriendlyName());
        federatedAuthenticatorConfig.setTags(authenticator.getTags());
        ApplicationAuthenticatorService.getInstance().addFederatedAuthenticator(federatedAuthenticatorConfig);
    } else if (authenticator instanceof RequestPathApplicationAuthenticator) {
        RequestPathAuthenticatorConfig reqPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
        reqPathAuthenticatorConfig.setName(authenticator.getName());
        reqPathAuthenticatorConfig.setProperties(configProperties);
        reqPathAuthenticatorConfig.setDisplayName(authenticator.getFriendlyName());
        reqPathAuthenticatorConfig.setTags(authenticator.getTags());
        AuthenticatorConfig fileBasedConfig = getAuthenticatorConfig(authenticator.getName());
        reqPathAuthenticatorConfig.setEnabled(fileBasedConfig.isEnabled());
        ApplicationAuthenticatorService.getInstance().addRequestPathAuthenticator(reqPathAuthenticatorConfig);
    }
    if (log.isDebugEnabled()) {
        log.debug("Added application authenticator : " + authenticator.getName());
    }
}
Also used : RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) AuthenticatorConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) RequestPathApplicationAuthenticator(org.wso2.carbon.identity.application.authentication.framework.RequestPathApplicationAuthenticator) AuthenticationFlowHandler(org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) Property(org.wso2.carbon.identity.application.common.model.Property) LocalApplicationAuthenticator(org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator) FederatedApplicationAuthenticator(org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator) Reference(org.osgi.service.component.annotations.Reference)

Example 24 with FederatedAuthenticatorConfig

use of org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig in project carbon-identity-framework by wso2.

the class ApplicationManagementServiceImplTest method addApplicationConfigurations.

private void addApplicationConfigurations(ServiceProvider serviceProvider) {
    serviceProvider.setDescription("Created for testing");
    serviceProvider.setSaasApp(TRUE);
    // Inbound Authentication Configurations.
    InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
    InboundAuthenticationRequestConfig authRequestConfig = new InboundAuthenticationRequestConfig();
    authRequestConfig.setInboundAuthKey("auth key");
    authRequestConfig.setInboundAuthType("oauth2");
    InboundAuthenticationRequestConfig[] authRequests = new InboundAuthenticationRequestConfig[] { authRequestConfig };
    inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(authRequests);
    serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
    // Inbound Provisioning Configurations.
    InboundProvisioningConfig provisioningConfig = new InboundProvisioningConfig();
    provisioningConfig.setProvisioningUserStore("UserStore");
    serviceProvider.setInboundProvisioningConfig(provisioningConfig);
    // OutBound Provisioning Configurations.
    IdentityProvider provisioningIdP = new IdentityProvider();
    provisioningIdP.setIdentityProviderName("Provisioning IdP");
    OutboundProvisioningConfig outboundProvisioningConfig = new OutboundProvisioningConfig();
    outboundProvisioningConfig.setProvisioningIdentityProviders(new IdentityProvider[] { provisioningIdP });
    ProvisioningConnectorConfig provisioningConnectorConfig = new ProvisioningConnectorConfig();
    provisioningConnectorConfig.setName("Provisioning connector");
    provisioningIdP.setDefaultProvisioningConnectorConfig(provisioningConnectorConfig);
    serviceProvider.setOutboundProvisioningConfig(outboundProvisioningConfig);
    // Local And OutBound Authentication Configuration.
    LocalAndOutboundAuthenticationConfig authenticationConfig = new LocalAndOutboundAuthenticationConfig();
    AuthenticationStep authenticationStep = new AuthenticationStep();
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(IDP_NAME_1);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setName("Federated authenticator");
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    authenticationStep.setFederatedIdentityProviders(new IdentityProvider[] { identityProvider });
    LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
    localAuthenticatorConfig.setName("Local authenticator");
    authenticationStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticatorConfig });
    authenticationConfig.setAuthenticationSteps(new AuthenticationStep[] { authenticationStep });
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(authenticationConfig);
    // Request Path Authenticator Configuration.
    RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
    requestPathAuthenticatorConfig.setName("Request path authenticator");
    serviceProvider.setRequestPathAuthenticatorConfigs(new RequestPathAuthenticatorConfig[] { requestPathAuthenticatorConfig });
    // Claim Configurations.
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setRoleClaimURI("Role claim uri");
    claimConfig.setSpClaimDialects(new String[] { "SP claim dialect" });
    ClaimMapping claimMapping = new ClaimMapping();
    Claim localClaim = new Claim();
    localClaim.setClaimUri("Local claim uri");
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimUri("Remote claim uri");
    claimMapping.setLocalClaim(localClaim);
    claimMapping.setRemoteClaim(remoteClaim);
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    serviceProvider.setClaimConfig(claimConfig);
    // Permission Role Configurations.
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    RoleMapping roleMapping = new RoleMapping();
    LocalRole localRole = new LocalRole("Local role");
    roleMapping.setLocalRole(localRole);
    roleMapping.setRemoteRole("Remote role");
    RoleMapping[] roleMappings = new RoleMapping[] { roleMapping };
    permissionsAndRoleConfig.setRoleMappings(roleMappings);
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.InboundProvisioningConfig) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim)

Example 25 with FederatedAuthenticatorConfig

use of org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig in project carbon-identity-framework by wso2.

the class ApplicationIdentityProviderMgtListener method updateApplicationWithFederatedAuthenticator.

/**
 * Update the service providers, with the default authenticator of the identity provider.
 *
 * @param identityProvider
 * @param tenantDomain
 * @param serviceProvider
 * @param authStep
 * @throws IdentityApplicationManagementException
 * @throws IdentityProviderManagementException
 */
private void updateApplicationWithFederatedAuthenticator(IdentityProvider identityProvider, String tenantDomain, ServiceProvider serviceProvider, AuthenticationStep authStep) throws IdentityApplicationManagementException, IdentityProviderManagementException {
    IdentityProvider fedIdp = authStep.getFederatedIdentityProviders()[0];
    if (StringUtils.equals(fedIdp.getIdentityProviderName(), identityProvider.getIdentityProviderName())) {
        String defaultAuthName = fedIdp.getDefaultAuthenticatorConfig().getName();
        if (identityProvider.getDefaultAuthenticatorConfig() != null) {
            String currentDefaultAuthName = identityProvider.getDefaultAuthenticatorConfig().getName();
            boolean isCurrentDefaultAuthEnabled = identityProvider.getDefaultAuthenticatorConfig().isEnabled();
            if (!StringUtils.equals(currentDefaultAuthName, defaultAuthName)) {
                FederatedAuthenticatorConfig currentDefaultAuthenticatorConfig = identityProvider.getDefaultAuthenticatorConfig();
                fedIdp.setDefaultAuthenticatorConfig(currentDefaultAuthenticatorConfig);
                fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { currentDefaultAuthenticatorConfig });
                ApplicationMgtSystemConfig.getInstance().getApplicationDAO().updateApplication(serviceProvider, tenantDomain);
            } else if (!isCurrentDefaultAuthEnabled && StringUtils.equals(currentDefaultAuthName, defaultAuthName)) {
                throw new IdentityProviderManagementException("Error in disabling default federated authenticator" + " as it is referred by service providers.");
            }
        }
    }
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Aggregations

FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)60 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)36 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig)29 Property (org.wso2.carbon.identity.application.common.model.Property)28 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)25 ArrayList (java.util.ArrayList)21 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)17 IdentityProvider (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)16 Test (org.testng.annotations.Test)14 Property (org.wso2.carbon.identity.application.common.model.idp.xsd.Property)14 HashMap (java.util.HashMap)12 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)11 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)10 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty)10 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)9 ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)8 LocalRole (org.wso2.carbon.identity.application.common.model.LocalRole)8 PermissionsAndRoleConfig (org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)8 Map (java.util.Map)7 DataProvider (org.testng.annotations.DataProvider)7