Search in sources :

Example 66 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.

private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
    keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
    keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
    IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
    if (identityProviderProperties.length > 0) {
        for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
            if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
            }
            if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
            }
        }
    } else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
    }
    keyManagerDTO.setEnabled(identityProvider.isEnable());
    keyManagerDTO.setAlias(identityProvider.getAlias());
    ClaimConfig claimConfig = identityProvider.getClaimConfig();
    JsonArray claimArray = new JsonArray();
    for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
        JsonObject claimMappingEntryDTO = new JsonObject();
        claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
        claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
        claimArray.add(claimMappingEntryDTO);
    }
    keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Also used : JsonArray(com.google.gson.JsonArray) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) JsonObject(com.google.gson.JsonObject)

Example 67 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIAdminImpl method getKeyManagerConfigurationById.

@Override
public KeyManagerConfigurationDTO getKeyManagerConfigurationById(String organization, String id) throws APIManagementException {
    KeyManagerConfigurationDTO keyManagerConfigurationDTO = apiMgtDAO.getKeyManagerConfigurationByID(organization, id);
    if (keyManagerConfigurationDTO == null) {
        return null;
    }
    if (APIConstants.KeyManager.DEFAULT_KEY_MANAGER.equals(keyManagerConfigurationDTO.getName())) {
        APIUtil.getAndSetDefaultKeyManagerConfiguration(keyManagerConfigurationDTO);
    }
    if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
        maskValues(keyManagerConfigurationDTO);
    }
    if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
        try {
            if (keyManagerConfigurationDTO.getExternalReferenceId() != null) {
                IdentityProvider identityProvider = IdentityProviderManager.getInstance().getIdPByResourceId(keyManagerConfigurationDTO.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(organization), Boolean.FALSE);
                mergeIdpWithKeyManagerConfiguration(identityProvider, keyManagerConfigurationDTO);
            }
        } catch (IdentityProviderManagementException e) {
            throw new APIManagementException("IdP retrieval failed. " + e.getMessage(), e, ExceptionCodes.IDP_RETRIEVAL_FAILED);
        }
    }
    if (!StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType())) {
        getKeyManagerEndpoints(keyManagerConfigurationDTO);
    }
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Example 68 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIAdminImpl method updateKeyManagerConfiguration.

@Override
public KeyManagerConfigurationDTO updateKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
    if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
        validateKeyManagerConfiguration(keyManagerConfigurationDTO);
        validateKeyManagerEndpointConfiguration(keyManagerConfigurationDTO);
    }
    KeyManagerConfigurationDTO oldKeyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByID(keyManagerConfigurationDTO.getOrganization(), keyManagerConfigurationDTO.getUuid());
    if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
        IdentityProvider identityProvider;
        try {
            if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
                IdentityProvider retrievedIDP = IdentityProviderManager.getInstance().getIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()), Boolean.FALSE);
                identityProvider = IdentityProviderManager.getInstance().updateIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), updatedIDP(retrievedIDP, keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
            } else {
                identityProvider = IdentityProviderManager.getInstance().addIdPWithResourceId(createIdp(keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
                keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
            }
        } catch (IdentityProviderManagementException e) {
            throw new APIManagementException("IdP adding failed. " + e.getMessage(), e, ExceptionCodes.IDP_ADDING_FAILED);
        }
        keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
    }
    if ((StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), oldKeyManagerConfiguration.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), oldKeyManagerConfiguration.getTokenType())) && StringUtils.equals(KeyManagerConfiguration.TokenType.DIRECT.toString(), keyManagerConfigurationDTO.getTokenType())) {
        // Delete Identity Provider Created.
        if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
            try {
                IdentityProviderManager.getInstance().deleteIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
                keyManagerConfigurationDTO.setExternalReferenceId(null);
            } catch (IdentityProviderManagementException e) {
                throw new APIManagementException("IdP deletion failed. " + e.getMessage(), e, ExceptionCodes.IDP_DELETION_FAILED);
            }
        }
    }
    encryptKeyManagerConfigurationValues(oldKeyManagerConfiguration, keyManagerConfigurationDTO);
    apiMgtDAO.updateKeyManagerConfiguration(keyManagerConfigurationDTO);
    KeyManagerConfigurationDTO decryptedKeyManagerConfiguration = decryptKeyManagerConfigurationValues(keyManagerConfigurationDTO);
    new KeyMgtNotificationSender().notify(decryptedKeyManagerConfiguration, APIConstants.KeyManager.KeyManagerEvent.ACTION_UPDATE);
    return keyManagerConfigurationDTO;
}
Also used : KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) KeyMgtNotificationSender(org.wso2.carbon.apimgt.impl.keymgt.KeyMgtNotificationSender)

Example 69 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIAdminImpl method updatedIDP.

private IdentityProvider updatedIDP(IdentityProvider retrievedIDP, KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
    IdentityProvider identityProvider = cloneIdentityProvider(retrievedIDP);
    String idpName = sanitizeName(getSubstringOfTen(keyManagerConfigurationDTO.getName()) + "_" + keyManagerConfigurationDTO.getOrganization() + "_" + keyManagerConfigurationDTO.getUuid());
    identityProvider.setIdentityProviderName(idpName);
    identityProvider.setDisplayName(keyManagerConfigurationDTO.getDisplayName());
    identityProvider.setPrimary(Boolean.FALSE);
    identityProvider.setIdentityProviderDescription(keyManagerConfigurationDTO.getDescription());
    identityProvider.setAlias(keyManagerConfigurationDTO.getAlias());
    String certificate = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
        certificate = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_VALUE);
    }
    String certificateType = null;
    if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
        certificateType = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_TYPE);
    }
    List<IdentityProviderProperty> idpProperties = new ArrayList<>();
    if (StringUtils.isNotEmpty(certificate) && StringUtils.isNotEmpty(certificateType)) {
        if (APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT.equals(certificateType)) {
            if (StringUtils.isNotBlank(certificate)) {
                IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
                jwksProperty.setName(APIConstants.JWKS_URI);
                jwksProperty.setValue(certificate);
                idpProperties.add(jwksProperty);
            }
        } else if (APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE.equals(certificateType)) {
            identityProvider.setCertificate(String.join(certificate, ""));
        }
    }
    if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER) != null) {
        IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
        identityProviderProperty.setName(IdentityApplicationConstants.IDP_ISSUER_NAME);
        identityProviderProperty.setValue((String) keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER));
        idpProperties.add(identityProviderProperty);
    }
    if (idpProperties.size() > 0) {
        identityProvider.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
    }
    identityProvider.setEnable(keyManagerConfigurationDTO.isEnabled());
    Object claims = keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.CLAIM_MAPPING);
    updateClaims(identityProvider, claims);
    return identityProvider;
}
Also used : IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ArrayList(java.util.ArrayList) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) JsonObject(com.google.gson.JsonObject) JSONObject(org.json.simple.JSONObject)

Aggregations

IdentityProvider (org.wso2.carbon.apimgt.core.api.IdentityProvider)54 Test (org.testng.annotations.Test)50 ApiDAO (org.wso2.carbon.apimgt.core.dao.ApiDAO)47 API (org.wso2.carbon.apimgt.core.models.API)43 APIGateway (org.wso2.carbon.apimgt.core.api.APIGateway)35 GatewaySourceGenerator (org.wso2.carbon.apimgt.core.api.GatewaySourceGenerator)34 APILifecycleManager (org.wso2.carbon.apimgt.core.api.APILifecycleManager)20 APIBuilder (org.wso2.carbon.apimgt.core.models.API.APIBuilder)19 KeyManager (org.wso2.carbon.apimgt.core.api.KeyManager)16 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)15 FileInputStream (java.io.FileInputStream)11 LabelDAO (org.wso2.carbon.apimgt.core.dao.LabelDAO)11 Scope (org.wso2.carbon.apimgt.core.models.Scope)11 APISubscriptionDAO (org.wso2.carbon.apimgt.core.dao.APISubscriptionDAO)8 PolicyDAO (org.wso2.carbon.apimgt.core.dao.PolicyDAO)8 DedicatedGateway (org.wso2.carbon.apimgt.core.models.DedicatedGateway)8 APIPolicy (org.wso2.carbon.apimgt.core.models.policy.APIPolicy)8 SubscriptionPolicy (org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy)8 ArrayList (java.util.ArrayList)7 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)7