use of org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getIDP.
/**
* @param dbConnection
* @param idPName
* @param idpId
* @param tenantId
* @param tenantDomain
* @return
* @throws IdentityProviderManagementException
*/
private IdentityProvider getIDP(Connection dbConnection, String idPName, int idpId, String resourceId, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
PreparedStatement prepStmt = null;
ResultSet rs = null;
IdentityProvider federatedIdp = null;
boolean dbConnectionInitialized = true;
if (dbConnection == null) {
dbConnection = IdentityDatabaseUtil.getDBConnection(false);
} else {
dbConnectionInitialized = false;
}
try {
// SP_IDP_ID, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID,SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,
// SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_RESOURCE_ID_SQL;
if (StringUtils.isBlank(resourceId)) {
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_NAME_SQL;
if (StringUtils.isEmpty(idPName)) {
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_ID_SQL;
}
}
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, tenantId);
prepStmt.setInt(2, MultitenantConstants.SUPER_TENANT_ID);
if (StringUtils.isNotEmpty(resourceId)) {
prepStmt.setString(3, resourceId);
} else if (StringUtils.isNotEmpty(idPName)) {
prepStmt.setString(3, idPName);
} else {
prepStmt.setInt(3, idpId);
}
rs = prepStmt.executeQuery();
if (rs.next()) {
federatedIdp = new IdentityProvider();
idpId = rs.getInt("ID");
federatedIdp.setId(Integer.toString(idpId));
idPName = rs.getString("NAME");
federatedIdp.setIdentityProviderName(idPName);
resourceId = rs.getString("UUID");
federatedIdp.setResourceId(resourceId);
federatedIdp.setImageUrl(rs.getString("IMAGE_URL"));
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_PRIMARY"))) {
federatedIdp.setPrimary(true);
} else {
federatedIdp.setPrimary(false);
}
federatedIdp.setHomeRealmId(rs.getString("HOME_REALM_ID"));
federatedIdp.setCertificate(getBlobValue(rs.getBinaryStream("CERTIFICATE")));
federatedIdp.setAlias(rs.getString("ALIAS"));
JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("INBOUND_PROV_ENABLED"))) {
jitProConfig.setProvisioningEnabled(true);
} else {
jitProConfig.setProvisioningEnabled(false);
}
jitProConfig.setProvisioningUserStore(rs.getString("INBOUND_PROV_USER_STORE_ID"));
federatedIdp.setJustInTimeProvisioningConfig(jitProConfig);
String userClaimUri = rs.getString("USER_CLAIM_URI");
String roleClaimUri = rs.getString("ROLE_CLAIM_URI");
String defaultAuthenticatorName = rs.getString("DEFAULT_AUTHENTICATOR_NAME");
String defaultProvisioningConnectorConfigName = rs.getString("DEFAULT_PRO_CONNECTOR_NAME");
federatedIdp.setIdentityProviderDescription(rs.getString("DESCRIPTION"));
// IS_FEDERATION_HUB_IDP
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_FEDERATION_HUB"))) {
federatedIdp.setFederationHub(true);
} else {
federatedIdp.setFederationHub(false);
}
if (federatedIdp.getClaimConfig() == null) {
federatedIdp.setClaimConfig(new ClaimConfig());
}
// IS_LOCAL_CLAIM_DIALECT
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_LOCAL_CLAIM_DIALECT"))) {
federatedIdp.getClaimConfig().setLocalClaimDialect(true);
} else {
federatedIdp.getClaimConfig().setLocalClaimDialect(false);
}
federatedIdp.setProvisioningRole(rs.getString("PROVISIONING_ROLE"));
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_ENABLED"))) {
federatedIdp.setEnable(true);
} else {
federatedIdp.setEnable(false);
}
federatedIdp.setDisplayName(rs.getString("DISPLAY_NAME"));
if (defaultProvisioningConnectorConfigName != null) {
ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
defaultProConnector.setName(defaultProvisioningConnectorConfigName);
federatedIdp.setDefaultProvisioningConnectorConfig(defaultProConnector);
}
// get federated authenticators.
federatedIdp.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, federatedIdp, tenantId));
if (defaultAuthenticatorName != null && federatedIdp.getFederatedAuthenticatorConfigs() != null) {
federatedIdp.setDefaultAuthenticatorConfig(IdentityApplicationManagementUtil.getFederatedAuthenticator(federatedIdp.getFederatedAuthenticatorConfigs(), defaultAuthenticatorName));
}
if (federatedIdp.getClaimConfig().isLocalClaimDialect()) {
federatedIdp.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
} else {
// get claim configuration.
federatedIdp.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
}
// get provisioning connectors.
federatedIdp.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
// get permission and role configuration.
federatedIdp.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
List<IdentityProviderProperty> propertyList = filterIdenityProperties(federatedIdp, getIdentityPropertiesByIdpId(dbConnection, idpId));
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
propertyList = resolveConnectorProperties(propertyList, tenantDomain);
}
federatedIdp.setIdpProperties(propertyList.toArray(new IdentityProviderProperty[0]));
}
return federatedIdp;
} catch (SQLException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving Identity Provider " + "information for tenant : " + tenantDomain + " and Identity Provider name : " + idPName, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving the identity connector " + "configurations.", e);
} finally {
if (dbConnectionInitialized) {
IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
} else {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
}
use of org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method filterIdenityProperties.
/**
* To filter out the properties related with just in time provisioning and to send back only the remaning IDP
* properties.
*
* @param federatedIdp Relevant IDP.
* @param identityProviderProperties Identity Provider Properties.
* @return identity provider properties after removing the relevant JIT specific properties.
*/
private List<IdentityProviderProperty> filterIdenityProperties(IdentityProvider federatedIdp, List<IdentityProviderProperty> identityProviderProperties) {
JustInTimeProvisioningConfig justInTimeProvisioningConfig = federatedIdp.getJustInTimeProvisioningConfig();
if (justInTimeProvisioningConfig != null) {
identityProviderProperties.forEach(identityProviderProperty -> {
if (identityProviderProperty.getName().equals(IdPManagementConstants.PASSWORD_PROVISIONING_ENABLED)) {
justInTimeProvisioningConfig.setPasswordProvisioningEnabled(Boolean.parseBoolean(identityProviderProperty.getValue()));
} else if (identityProviderProperty.getName().equals(IdPManagementConstants.MODIFY_USERNAME_ENABLED)) {
justInTimeProvisioningConfig.setModifyUserNameAllowed(Boolean.parseBoolean(identityProviderProperty.getValue()));
} else if (identityProviderProperty.getName().equals(IdPManagementConstants.PROMPT_CONSENT_ENABLED)) {
justInTimeProvisioningConfig.setPromptConsent(Boolean.parseBoolean(identityProviderProperty.getValue()));
}
});
}
String templateId = getTemplateId(identityProviderProperties);
if (StringUtils.isNotEmpty(templateId)) {
federatedIdp.setTemplateId(templateId);
}
identityProviderProperties.removeIf(identityProviderProperty -> (identityProviderProperty.getName().equals(IdPManagementConstants.MODIFY_USERNAME_ENABLED) || identityProviderProperty.getName().equals(IdPManagementConstants.PASSWORD_PROVISIONING_ENABLED) || identityProviderProperty.getName().equals(IdPManagementConstants.PROMPT_CONSENT_ENABLED)));
return identityProviderProperties;
}
use of org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig in project product-is by wso2.
the class SAMLIdentityFederationTestCase method testCreateIdentityProviderInPrimaryIS.
@Test(priority = 1, groups = "wso2.is", description = "Check create identity provider in primary IS")
public void testCreateIdentityProviderInPrimaryIS() throws Exception {
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setIdentityProviderName(IDENTITY_PROVIDER_NAME);
FederatedAuthenticatorConfig saml2SSOAuthnConfig = new FederatedAuthenticatorConfig();
saml2SSOAuthnConfig.setName(SAMLSSOAUTHENTICATOR);
saml2SSOAuthnConfig.setDisplayName("samlsso");
saml2SSOAuthnConfig.setEnabled(true);
saml2SSOAuthnConfig.setProperties(getSAML2SSOAuthnConfigProperties());
identityProvider.setDefaultAuthenticatorConfig(saml2SSOAuthnConfig);
identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { saml2SSOAuthnConfig });
JustInTimeProvisioningConfig jitConfig = new JustInTimeProvisioningConfig();
jitConfig.setProvisioningEnabled(true);
jitConfig.setProvisioningUserStore("PRIMARY");
identityProvider.setJustInTimeProvisioningConfig(jitConfig);
super.addIdentityProvider(PORT_OFFSET_0, identityProvider);
Assert.assertNotNull(getIdentityProvider(PORT_OFFSET_0, IDENTITY_PROVIDER_NAME), "Failed to create Identity Provider 'trustedIdP' in primary IS");
}
use of org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig in project product-is by wso2.
the class ApplicationManagementTestCase method testUpdateOutboundProvisioningData.
@Test(alwaysRun = true, description = "Testing update Outbound Provisioning Data")
public void testUpdateOutboundProvisioningData() {
String applicationName = "TestServiceProvider";
try {
ServiceProvider serviceProvider = applicationManagementServiceClient.getApplication(applicationName);
List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
String connector = "provisioning_con_idp_test";
IdentityProvider proIdp = new IdentityProvider();
proIdp.setIdentityProviderName("idp_test");
JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
jitpro.setProvisioningEnabled(true);
proIdp.setJustInTimeProvisioningConfig(jitpro);
ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
proCon.setBlocking(true);
proCon.setName(connector);
proIdp.setDefaultProvisioningConnectorConfig(proCon);
provisioningIdps.add(proIdp);
OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
applicationManagementServiceClient.updateApplicationData(serviceProvider);
ServiceProvider updatedServiceProvider = applicationManagementServiceClient.getApplication(applicationName);
IdentityProvider identityProvider = updatedServiceProvider.getOutboundProvisioningConfig().getProvisioningIdentityProviders()[0];
Assert.assertEquals(identityProvider.getIdentityProviderName(), "idp_test", "Update IDP failed");
Assert.assertEquals(identityProvider.getJustInTimeProvisioningConfig().getProvisioningEnabled(), true, "Update JIT provisioning config failed");
Assert.assertEquals(identityProvider.getDefaultProvisioningConnectorConfig().getBlocking(), true, "Set provisioning connector blocking failed");
Assert.assertEquals(identityProvider.getDefaultProvisioningConnectorConfig().getName(), connector, "Set default provisioning connector failed");
} catch (Exception e) {
Assert.fail("Error while trying to update outbound provisioning data", e);
}
}
use of org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig in project product-is by wso2.
the class OIDCIdentityFederationTestCase method createIdentityProviderInPrimaryIS.
private void createIdentityProviderInPrimaryIS() throws Exception {
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setIdentityProviderName(PRIMARY_IS_IDP_NAME);
FederatedAuthenticatorConfig oidcAuthnConfig = new FederatedAuthenticatorConfig();
oidcAuthnConfig.setName(PRIMARY_IS_IDP_AUTHENTICATOR_NAME_OIDC);
oidcAuthnConfig.setDisplayName("openidconnect");
oidcAuthnConfig.setEnabled(true);
oidcAuthnConfig.setProperties(getOIDCAuthnConfigProperties());
identityProvider.setDefaultAuthenticatorConfig(oidcAuthnConfig);
identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { oidcAuthnConfig });
JustInTimeProvisioningConfig jitConfig = new JustInTimeProvisioningConfig();
jitConfig.setProvisioningEnabled(true);
jitConfig.setProvisioningUserStore("PRIMARY");
identityProvider.setJustInTimeProvisioningConfig(jitConfig);
super.addIdentityProvider(PORT_OFFSET_0, identityProvider);
Assert.assertNotNull(getIdentityProvider(PORT_OFFSET_0, PRIMARY_IS_IDP_NAME), "Failed to create " + "Identity Provider 'trustedIdP' in primary IS");
}
Aggregations