use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.
the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.
private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
if (identityProviderProperties.length > 0) {
for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
}
if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
}
}
} else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
}
keyManagerDTO.setEnabled(identityProvider.isEnable());
keyManagerDTO.setAlias(identityProvider.getAlias());
ClaimConfig claimConfig = identityProvider.getClaimConfig();
JsonArray claimArray = new JsonArray();
for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
JsonObject claimMappingEntryDTO = new JsonObject();
claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
claimArray.add(claimMappingEntryDTO);
}
keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.
the class APIAdminImpl method getKeyManagerConfigurationById.
@Override
public KeyManagerConfigurationDTO getKeyManagerConfigurationById(String organization, String id) throws APIManagementException {
KeyManagerConfigurationDTO keyManagerConfigurationDTO = apiMgtDAO.getKeyManagerConfigurationByID(organization, id);
if (keyManagerConfigurationDTO == null) {
return null;
}
if (APIConstants.KeyManager.DEFAULT_KEY_MANAGER.equals(keyManagerConfigurationDTO.getName())) {
APIUtil.getAndSetDefaultKeyManagerConfiguration(keyManagerConfigurationDTO);
}
if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
maskValues(keyManagerConfigurationDTO);
}
if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
try {
if (keyManagerConfigurationDTO.getExternalReferenceId() != null) {
IdentityProvider identityProvider = IdentityProviderManager.getInstance().getIdPByResourceId(keyManagerConfigurationDTO.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(organization), Boolean.FALSE);
mergeIdpWithKeyManagerConfiguration(identityProvider, keyManagerConfigurationDTO);
}
} catch (IdentityProviderManagementException e) {
throw new APIManagementException("IdP retrieval failed. " + e.getMessage(), e, ExceptionCodes.IDP_RETRIEVAL_FAILED);
}
}
if (!StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType())) {
getKeyManagerEndpoints(keyManagerConfigurationDTO);
}
return keyManagerConfigurationDTO;
}
use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.
the class APIAdminImpl method updateKeyManagerConfiguration.
@Override
public KeyManagerConfigurationDTO updateKeyManagerConfiguration(KeyManagerConfigurationDTO keyManagerConfigurationDTO) throws APIManagementException {
if (!KeyManagerConfiguration.TokenType.valueOf(keyManagerConfigurationDTO.getTokenType().toUpperCase()).equals(KeyManagerConfiguration.TokenType.EXCHANGED)) {
validateKeyManagerConfiguration(keyManagerConfigurationDTO);
validateKeyManagerEndpointConfiguration(keyManagerConfigurationDTO);
}
KeyManagerConfigurationDTO oldKeyManagerConfiguration = apiMgtDAO.getKeyManagerConfigurationByID(keyManagerConfigurationDTO.getOrganization(), keyManagerConfigurationDTO.getUuid());
if (StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), keyManagerConfigurationDTO.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), keyManagerConfigurationDTO.getTokenType())) {
IdentityProvider identityProvider;
try {
if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
IdentityProvider retrievedIDP = IdentityProviderManager.getInstance().getIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()), Boolean.FALSE);
identityProvider = IdentityProviderManager.getInstance().updateIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), updatedIDP(retrievedIDP, keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
} else {
identityProvider = IdentityProviderManager.getInstance().addIdPWithResourceId(createIdp(keyManagerConfigurationDTO), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
}
} catch (IdentityProviderManagementException e) {
throw new APIManagementException("IdP adding failed. " + e.getMessage(), e, ExceptionCodes.IDP_ADDING_FAILED);
}
keyManagerConfigurationDTO.setExternalReferenceId(identityProvider.getResourceId());
}
if ((StringUtils.equals(KeyManagerConfiguration.TokenType.EXCHANGED.toString(), oldKeyManagerConfiguration.getTokenType()) || StringUtils.equals(KeyManagerConfiguration.TokenType.BOTH.toString(), oldKeyManagerConfiguration.getTokenType())) && StringUtils.equals(KeyManagerConfiguration.TokenType.DIRECT.toString(), keyManagerConfigurationDTO.getTokenType())) {
// Delete Identity Provider Created.
if (StringUtils.isNotEmpty(oldKeyManagerConfiguration.getExternalReferenceId())) {
try {
IdentityProviderManager.getInstance().deleteIdPByResourceId(oldKeyManagerConfiguration.getExternalReferenceId(), APIUtil.getInternalOrganizationDomain(keyManagerConfigurationDTO.getOrganization()));
keyManagerConfigurationDTO.setExternalReferenceId(null);
} catch (IdentityProviderManagementException e) {
throw new APIManagementException("IdP deletion failed. " + e.getMessage(), e, ExceptionCodes.IDP_DELETION_FAILED);
}
}
}
encryptKeyManagerConfigurationValues(oldKeyManagerConfiguration, keyManagerConfigurationDTO);
apiMgtDAO.updateKeyManagerConfiguration(keyManagerConfigurationDTO);
KeyManagerConfigurationDTO decryptedKeyManagerConfiguration = decryptKeyManagerConfigurationValues(keyManagerConfigurationDTO);
new KeyMgtNotificationSender().notify(decryptedKeyManagerConfiguration, APIConstants.KeyManager.KeyManagerEvent.ACTION_UPDATE);
return keyManagerConfigurationDTO;
}
use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.
the class APIAdminImpl method updatedIDP.
private IdentityProvider updatedIDP(IdentityProvider retrievedIDP, KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
IdentityProvider identityProvider = cloneIdentityProvider(retrievedIDP);
String idpName = sanitizeName(getSubstringOfTen(keyManagerConfigurationDTO.getName()) + "_" + keyManagerConfigurationDTO.getOrganization() + "_" + keyManagerConfigurationDTO.getUuid());
identityProvider.setIdentityProviderName(idpName);
identityProvider.setDisplayName(keyManagerConfigurationDTO.getDisplayName());
identityProvider.setPrimary(Boolean.FALSE);
identityProvider.setIdentityProviderDescription(keyManagerConfigurationDTO.getDescription());
identityProvider.setAlias(keyManagerConfigurationDTO.getAlias());
String certificate = null;
if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_VALUE)) {
certificate = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_VALUE);
}
String certificateType = null;
if (keyManagerConfigurationDTO.getAdditionalProperties().containsKey(APIConstants.KeyManager.CERTIFICATE_TYPE)) {
certificateType = (String) keyManagerConfigurationDTO.getAdditionalProperties().get(APIConstants.KeyManager.CERTIFICATE_TYPE);
}
List<IdentityProviderProperty> idpProperties = new ArrayList<>();
if (StringUtils.isNotEmpty(certificate) && StringUtils.isNotEmpty(certificateType)) {
if (APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT.equals(certificateType)) {
if (StringUtils.isNotBlank(certificate)) {
IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
jwksProperty.setName(APIConstants.JWKS_URI);
jwksProperty.setValue(certificate);
idpProperties.add(jwksProperty);
}
} else if (APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE.equals(certificateType)) {
identityProvider.setCertificate(String.join(certificate, ""));
}
}
if (keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER) != null) {
IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
identityProviderProperty.setName(IdentityApplicationConstants.IDP_ISSUER_NAME);
identityProviderProperty.setValue((String) keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.ISSUER));
idpProperties.add(identityProviderProperty);
}
if (idpProperties.size() > 0) {
identityProvider.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
}
identityProvider.setEnable(keyManagerConfigurationDTO.isEnabled());
Object claims = keyManagerConfigurationDTO.getProperty(APIConstants.KeyManager.CLAIM_MAPPING);
updateClaims(identityProvider, claims);
return identityProvider;
}
Aggregations