Search in sources :

Example 21 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project product-is by wso2.

the class AbstractSAMLSSOTestCase method createApplication.

public ServiceProvider createApplication(ServiceProvider serviceProvider, SAMLConfig config, String appName) throws Exception {
    serviceProvider.setApplicationName(appName);
    serviceProvider.setDescription("This is a test Service Provider");
    applicationManagementServiceClient.createApplication(serviceProvider);
    serviceProvider = applicationManagementServiceClient.getApplication(appName);
    serviceProvider.getClaimConfig().setClaimMappings(getClaimMappings());
    InboundAuthenticationRequestConfig requestConfig = new InboundAuthenticationRequestConfig();
    requestConfig.setInboundAuthType(INBOUND_AUTH_TYPE);
    requestConfig.setInboundAuthKey(config.getApp().getArtifact());
    Property attributeConsumerServiceIndexProp = new Property();
    attributeConsumerServiceIndexProp.setName(ATTRIBUTE_CS_INDEX_NAME);
    attributeConsumerServiceIndexProp.setValue(ATTRIBUTE_CS_INDEX_VALUE);
    requestConfig.setProperties(new Property[] { attributeConsumerServiceIndexProp });
    InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
    inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(new InboundAuthenticationRequestConfig[] { requestConfig });
    if (config.httpBinding.equals(HttpBinding.HTTP_SOAP)) {
        RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
        requestPathAuthenticatorConfig.setName("BasicAuthRequestPathAuthenticator");
        serviceProvider.setRequestPathAuthenticatorConfigs(new RequestPathAuthenticatorConfig[] { requestPathAuthenticatorConfig });
    }
    if (samlArtResolve) {
        LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
        localAndOutboundAuthenticationConfig.setSkipConsent(true);
        serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
    }
    serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
    applicationManagementServiceClient.updateApplicationData(serviceProvider);
    return serviceProvider;
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.RequestPathAuthenticatorConfig) Property(org.wso2.carbon.identity.application.common.model.xsd.Property)

Example 22 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-api-server by wso2.

the class UpdateAuthenticationSequence method apply.

@Override
public void apply(ServiceProvider application, AuthenticationSequence authSequenceApiModel) {
    if (authSequenceApiModel != null) {
        updateRequestPathAuthenticatorConfigs(authSequenceApiModel, application);
        // Authentication steps
        LocalAndOutboundAuthenticationConfig localAndOutboundConfig = getLocalAndOutboundConfig(application);
        updateAuthenticationSteps(authSequenceApiModel, localAndOutboundConfig);
        updateAdaptiveAuthenticationScript(authSequenceApiModel, localAndOutboundConfig);
    }
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)

Example 23 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-api-server by wso2.

the class UpdateClaimConfiguration method updateSubjectClaimConfigs.

private void updateSubjectClaimConfigs(SubjectConfig subjectApiModel, ServiceProvider application) {
    if (subjectApiModel != null) {
        LocalAndOutboundAuthenticationConfig authConfig = getLocalAndOutboundConfig(application);
        if (subjectApiModel.getClaim() != null) {
            setIfNotNull(subjectApiModel.getClaim().getUri(), authConfig::setSubjectClaimUri);
        }
        setIfNotNull(subjectApiModel.getIncludeTenantDomain(), authConfig::setUseTenantDomainInLocalSubjectIdentifier);
        setIfNotNull(subjectApiModel.getIncludeUserDomain(), authConfig::setUseUserstoreDomainInLocalSubjectIdentifier);
        ClaimConfig claimConfig = getClaimConfig(application);
        setIfNotNull(subjectApiModel.getUseMappedLocalSubject(), claimConfig::setAlwaysSendMappedLocalSubjectId);
    }
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)

Example 24 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method getLocalAndOutboundAuthenticationConfig.

/**
 * @param applicationId
 * @param connection
 * @param propertyList
 * @return
 * @throws SQLException
 */
private LocalAndOutboundAuthenticationConfig getLocalAndOutboundAuthenticationConfig(int applicationId, Connection connection, int tenantId, List<ServiceProviderProperty> propertyList) throws SQLException, IdentityApplicationManagementException {
    PreparedStatement getStepInfoPrepStmt = null;
    ResultSet stepInfoResultSet = null;
    if (log.isDebugEnabled()) {
        log.debug("Reading Steps of Application " + applicationId);
    }
    try {
        getStepInfoPrepStmt = connection.prepareStatement(LOAD_STEPS_INFO_BY_APP_ID);
        // STEP_ORDER, AUTHENTICATOR_ID, IS_SUBJECT_STEP, IS_ATTRIBUTE_STEP
        getStepInfoPrepStmt.setInt(1, applicationId);
        stepInfoResultSet = getStepInfoPrepStmt.executeQuery();
        Map<String, AuthenticationStep> authSteps = new HashMap<>();
        Map<String, Map<String, List<FederatedAuthenticatorConfig>>> stepFedIdPAuthenticators = new HashMap<>();
        Map<String, List<LocalAuthenticatorConfig>> stepLocalAuth = new HashMap<>();
        while (stepInfoResultSet.next()) {
            String step = String.valueOf(stepInfoResultSet.getInt(1));
            AuthenticationStep authStep;
            if (authSteps.containsKey(step)) {
                authStep = authSteps.get(step);
            } else {
                authStep = new AuthenticationStep();
                authStep.setStepOrder(stepInfoResultSet.getInt(1));
                stepLocalAuth.put(step, new ArrayList<LocalAuthenticatorConfig>());
                stepFedIdPAuthenticators.put(step, new HashMap<String, List<FederatedAuthenticatorConfig>>());
            }
            int authenticatorId = stepInfoResultSet.getInt(2);
            Map<String, String> authenticatorInfo = getAuthenticatorInfo(connection, tenantId, authenticatorId);
            if (authenticatorInfo != null && authenticatorInfo.get(ApplicationConstants.IDP_NAME) != null && ApplicationConstants.LOCAL_IDP_NAME.equals(authenticatorInfo.get("idpName"))) {
                LocalAuthenticatorConfig localAuthenticator = new LocalAuthenticatorConfig();
                localAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                localAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                stepLocalAuth.get(step).add(localAuthenticator);
            } else {
                Map<String, List<FederatedAuthenticatorConfig>> stepFedIdps = stepFedIdPAuthenticators.get(step);
                if (!stepFedIdps.containsKey(authenticatorInfo.get(ApplicationConstants.IDP_NAME))) {
                    stepFedIdps.put(authenticatorInfo.get(ApplicationConstants.IDP_NAME), new ArrayList<FederatedAuthenticatorConfig>());
                }
                List<FederatedAuthenticatorConfig> idpAuths = stepFedIdps.get(authenticatorInfo.get(ApplicationConstants.IDP_NAME));
                FederatedAuthenticatorConfig fedAuthenticator = new FederatedAuthenticatorConfig();
                fedAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                fedAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                idpAuths.add(fedAuthenticator);
            }
            authStep.setSubjectStep("1".equals(stepInfoResultSet.getString(3)));
            authStep.setAttributeStep("1".equals(stepInfoResultSet.getString(4)));
            authSteps.put(step, authStep);
        }
        LocalAndOutboundAuthenticationConfig localAndOutboundConfiguration = new LocalAndOutboundAuthenticationConfig();
        AuthenticationStep[] authenticationSteps = new AuthenticationStep[authSteps.size()];
        int authStepCount = 0;
        for (Entry<String, AuthenticationStep> entry : authSteps.entrySet()) {
            AuthenticationStep authStep = entry.getValue();
            String stepId = entry.getKey();
            List<LocalAuthenticatorConfig> localAuthenticatorList = stepLocalAuth.get(stepId);
            if (localAuthenticatorList != null && localAuthenticatorList.size() > 0) {
                authStep.setLocalAuthenticatorConfigs(localAuthenticatorList.toArray(new LocalAuthenticatorConfig[localAuthenticatorList.size()]));
            }
            Map<String, List<FederatedAuthenticatorConfig>> idpList = stepFedIdPAuthenticators.get(stepId);
            if (idpList != null && idpList.size() > 0) {
                IdentityProvider[] fedIdpList = new IdentityProvider[idpList.size()];
                int idpCount = 0;
                for (Entry<String, List<FederatedAuthenticatorConfig>> idpEntry : idpList.entrySet()) {
                    String idpName = idpEntry.getKey();
                    List<FederatedAuthenticatorConfig> fedAuthenticators = idpEntry.getValue();
                    IdentityProvider idp = new IdentityProvider();
                    idp.setIdentityProviderName(idpName);
                    idp.setFederationHub(isFederationHubIdP(idpName, connection, tenantId));
                    idp.setFederatedAuthenticatorConfigs(fedAuthenticators.toArray(new FederatedAuthenticatorConfig[fedAuthenticators.size()]));
                    idp.setDefaultAuthenticatorConfig(idp.getFederatedAuthenticatorConfigs()[0]);
                    fedIdpList[idpCount++] = idp;
                }
                authStep.setFederatedIdentityProviders(fedIdpList);
            }
            authenticationSteps[authStepCount++] = authStep;
        }
        Arrays.sort(authenticationSteps, Comparator.comparingInt(AuthenticationStep::getStepOrder));
        int numSteps = authenticationSteps.length;
        // We check if the steps have consecutive step numbers.
        if (numSteps > 0 && authenticationSteps[numSteps - 1].getStepOrder() != numSteps) {
            if (log.isDebugEnabled()) {
                log.debug("Authentication steps of Application with id: " + applicationId + "  do not have " + "consecutive numbers. This was possibility due to a IDP force deletion. Fixing the step " + "order.");
            }
            // Iterate through the steps and fix step order.
            int count = 1;
            for (AuthenticationStep step : authenticationSteps) {
                step.setStepOrder(count++);
            }
        }
        localAndOutboundConfiguration.setAuthenticationSteps(authenticationSteps);
        String authType = getAuthenticationType(applicationId, connection);
        if (StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FEDERATED) || StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FLOW)) {
            if (ArrayUtils.isEmpty(authenticationSteps)) {
                // the authType to 'default'.
                if (log.isDebugEnabled()) {
                    log.debug("Authentication type is '" + authType + "' eventhough the application with id: " + applicationId + " has zero authentication step. This was possibility due to a IDP force deletion. " + " Defaulting authentication type to " + ApplicationConstants.AUTH_TYPE_DEFAULT);
                }
                authType = ApplicationConstants.AUTH_TYPE_DEFAULT;
            }
        }
        localAndOutboundConfiguration.setAuthenticationType(authType);
        AuthenticationScriptConfig authenticationScriptConfig = getScriptConfiguration(applicationId, connection);
        if (authenticationScriptConfig != null) {
            localAndOutboundConfiguration.setAuthenticationScriptConfig(authenticationScriptConfig);
        }
        PreparedStatement localAndOutboundConfigPrepStmt = null;
        ResultSet localAndOutboundConfigResultSet = null;
        try {
            localAndOutboundConfigPrepStmt = connection.prepareStatement(LOAD_LOCAL_AND_OUTBOUND_CONFIG_BY_APP_ID);
            localAndOutboundConfigPrepStmt.setInt(1, tenantId);
            localAndOutboundConfigPrepStmt.setInt(2, applicationId);
            localAndOutboundConfigResultSet = localAndOutboundConfigPrepStmt.executeQuery();
            if (localAndOutboundConfigResultSet.next()) {
                localAndOutboundConfiguration.setUseTenantDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(1)));
                localAndOutboundConfiguration.setUseUserstoreDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(2)));
                localAndOutboundConfiguration.setEnableAuthorization("1".equals(localAndOutboundConfigResultSet.getString(3)));
                localAndOutboundConfiguration.setAlwaysSendBackAuthenticatedListOfIdPs("1".equals(localAndOutboundConfigResultSet.getString(4)));
                localAndOutboundConfiguration.setSubjectClaimUri(localAndOutboundConfigResultSet.getString(5));
                readAndSetConfigurationsFromProperties(propertyList, localAndOutboundConfiguration);
            }
        } finally {
            IdentityApplicationManagementUtil.closeStatement(localAndOutboundConfigPrepStmt);
            IdentityApplicationManagementUtil.closeResultSet(localAndOutboundConfigResultSet);
        }
        return localAndOutboundConfiguration;
    } finally {
        IdentityApplicationManagementUtil.closeStatement(getStepInfoPrepStmt);
        IdentityApplicationManagementUtil.closeResultSet(stepInfoResultSet);
    }
}
Also used : HashMap(java.util.HashMap) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) AuthenticationScriptConfig(org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig) ResultSet(java.sql.ResultSet) ArrayList(java.util.ArrayList) List(java.util.List) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) PreparedStatement(java.sql.PreparedStatement) NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) Map(java.util.Map) HashMap(java.util.HashMap)

Example 25 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project carbon-identity-framework by wso2.

the class ApplicationBean method update.

/**
 * @param request
 */
public void update(HttpServletRequest request) {
    // update basic info.
    serviceProvider.setApplicationName(request.getParameter("spName"));
    serviceProvider.setDescription(request.getParameter("sp-description"));
    serviceProvider.setCertificateContent(request.getParameter("sp-certificate"));
    String jwks = request.getParameter("jwksUri");
    serviceProvider.setJwksUri(jwks);
    if (Boolean.parseBoolean(request.getParameter("deletePublicCert"))) {
        serviceProvider.setCertificateContent("");
    }
    String isSasApp = request.getParameter("isSaasApp");
    serviceProvider.setSaasApp((isSasApp != null && "on".equals(isSasApp)) ? true : false);
    String isDiscoverableApp = request.getParameter("isDiscoverableApp");
    serviceProvider.setDiscoverable("on".equals(isDiscoverableApp));
    String accessUrl = request.getParameter("accessURL");
    serviceProvider.setAccessUrl(accessUrl);
    String imageUrl = request.getParameter("imageURL");
    serviceProvider.setImageUrl(imageUrl);
    String logoutReturnUrl = request.getParameter(LOGOUT_RETURN_URL);
    if (StringUtils.isNotBlank(logoutReturnUrl)) {
        boolean logoutReturnUrlDefined = false;
        if (serviceProvider.getSpProperties() != null) {
            for (ServiceProviderProperty property : serviceProvider.getSpProperties()) {
                if (property.getName() != null && LOGOUT_RETURN_URL.equals(property.getName())) {
                    property.setValue(logoutReturnUrl);
                    logoutReturnUrlDefined = true;
                    break;
                }
            }
        }
        if (!logoutReturnUrlDefined) {
            ServiceProviderProperty property = new ServiceProviderProperty();
            property.setName(LOGOUT_RETURN_URL);
            property.setDisplayName("Logout Return URL");
            property.setValue(logoutReturnUrl);
            serviceProvider.addSpProperties(property);
        }
    }
    if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() == null) {
        // create fresh one.
        serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
    }
    // authentication type : default, local, federated or advanced.
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationType(request.getParameter("auth_type"));
    // update inbound provisioning data.
    String provisioningUserStore = request.getParameter("scim-inbound-userstore");
    InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
    inBoundProConfig.setProvisioningUserStore(provisioningUserStore);
    inBoundProConfig.setDumbMode(Boolean.parseBoolean(request.getParameter(DUMB)));
    serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
    // update outbound provisioning data.
    String[] provisioningProviders = request.getParameterValues("provisioning_idp");
    if (provisioningProviders != null && provisioningProviders.length > 0) {
        List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
        for (String proProvider : provisioningProviders) {
            String connector = request.getParameter("provisioning_con_idp_" + proProvider);
            String jitEnabled = request.getParameter("provisioning_jit_" + proProvider);
            String blocking = request.getParameter("blocking_prov_" + proProvider);
            String ruleEnabled = request.getParameter("rules_enabled_" + proProvider);
            if (connector != null) {
                IdentityProvider proIdp = new IdentityProvider();
                proIdp.setIdentityProviderName(proProvider);
                JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
                if ("on".equals(jitEnabled)) {
                    jitpro.setProvisioningEnabled(true);
                }
                proIdp.setJustInTimeProvisioningConfig(jitpro);
                ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
                if ("on".equals(ruleEnabled)) {
                    proCon.setRulesEnabled(true);
                } else {
                    proCon.setRulesEnabled(false);
                }
                if ("on".equals(blocking)) {
                    proCon.setBlocking(true);
                } else {
                    proCon.setBlocking(false);
                }
                proCon.setName(connector);
                proIdp.setDefaultProvisioningConnectorConfig(proCon);
                provisioningIdps.add(proIdp);
            }
        }
        if (CollectionUtils.isNotEmpty(provisioningIdps)) {
            OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
            outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
            serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
        }
    } else {
        serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
    }
    // get all request-path authenticators.
    String[] requestPathAuthenticators = request.getParameterValues("req_path_auth");
    if (requestPathAuthenticators != null && requestPathAuthenticators.length > 0) {
        List<RequestPathAuthenticatorConfig> reqAuthList = new ArrayList<RequestPathAuthenticatorConfig>();
        for (String name : requestPathAuthenticators) {
            if (name != null) {
                RequestPathAuthenticatorConfig reqAuth = new RequestPathAuthenticatorConfig();
                reqAuth.setName(name);
                reqAuth.setDisplayName(request.getParameter("req_path_auth_" + name));
                reqAuthList.add(reqAuth);
            }
        }
        if (CollectionUtils.isNotEmpty(reqAuthList)) {
            serviceProvider.setRequestPathAuthenticatorConfigs(reqAuthList.toArray(new RequestPathAuthenticatorConfig[reqAuthList.size()]));
        } else {
            serviceProvider.setRequestPathAuthenticatorConfigs(null);
        }
    } else {
        serviceProvider.setRequestPathAuthenticatorConfigs(null);
    }
    List<InboundAuthenticationRequestConfig> authRequestList = new ArrayList<InboundAuthenticationRequestConfig>();
    if (samlIssuer != null) {
        InboundAuthenticationRequestConfig samlAuthenticationRequest = new InboundAuthenticationRequestConfig();
        samlAuthenticationRequest.setInboundAuthKey(samlIssuer);
        samlAuthenticationRequest.setInboundAuthType("samlsso");
        if (attrConsumServiceIndex != null && !attrConsumServiceIndex.isEmpty()) {
            Property property = new Property();
            property.setName("attrConsumServiceIndex");
            property.setValue(attrConsumServiceIndex);
            Property[] properties = { property };
            samlAuthenticationRequest.setProperties(properties);
        }
        authRequestList.add(samlAuthenticationRequest);
    }
    if (kerberosServiceName != null) {
        InboundAuthenticationRequestConfig kerberosAuthenticationRequest = new InboundAuthenticationRequestConfig();
        kerberosAuthenticationRequest.setInboundAuthKey(kerberosServiceName);
        kerberosAuthenticationRequest.setInboundAuthType("kerberos");
        authRequestList.add(kerberosAuthenticationRequest);
    }
    if (oauthAppName != null) {
        InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
        opicAuthenticationRequest.setInboundAuthKey(oauthAppName);
        opicAuthenticationRequest.setInboundAuthType("oauth2");
        if (oauthConsumerSecret != null && !oauthConsumerSecret.isEmpty()) {
            Property property = new Property();
            property.setName("oauthConsumerSecret");
            property.setValue(oauthConsumerSecret);
            Property[] properties = { property };
            opicAuthenticationRequest.setProperties(properties);
        }
        authRequestList.add(opicAuthenticationRequest);
    }
    if (CollectionUtils.isNotEmpty(wstrustEp)) {
        wstrustEp.forEach(entry -> {
            InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
            opicAuthenticationRequest.setInboundAuthKey(entry);
            opicAuthenticationRequest.setInboundAuthType("wstrust");
            authRequestList.add(opicAuthenticationRequest);
        });
    }
    String passiveSTSRealm = request.getParameter("passiveSTSRealm");
    String passiveSTSWReply = request.getParameter("passiveSTSWReply");
    if (StringUtils.isNotBlank(passiveSTSRealm)) {
        InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
        opicAuthenticationRequest.setInboundAuthKey(passiveSTSRealm);
        opicAuthenticationRequest.setInboundAuthType("passivests");
        if (passiveSTSWReply != null && !passiveSTSWReply.isEmpty()) {
            Property property = new Property();
            property.setName("passiveSTSWReply");
            property.setValue(passiveSTSWReply);
            Property[] properties = { property };
            opicAuthenticationRequest.setProperties(properties);
        }
        authRequestList.add(opicAuthenticationRequest);
    }
    String openidRealm = request.getParameter("openidRealm");
    if (StringUtils.isNotBlank(openidRealm)) {
        InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
        opicAuthenticationRequest.setInboundAuthKey(openidRealm);
        opicAuthenticationRequest.setInboundAuthType("openid");
        authRequestList.add(opicAuthenticationRequest);
    }
    if (!CollectionUtils.isEmpty(inboundAuthenticationRequestConfigs)) {
        for (InboundAuthenticationRequestConfig customAuthConfig : inboundAuthenticationRequestConfigs) {
            String type = customAuthConfig.getInboundAuthType();
            Property[] properties = customAuthConfig.getProperties();
            if (!ArrayUtils.isEmpty(properties)) {
                for (Property prop : properties) {
                    String propVal = request.getParameter("custom_auth_prop_name_" + type + "_" + prop.getName());
                    prop.setValue(propVal);
                }
            }
            authRequestList.add(customAuthConfig);
        }
    }
    if (serviceProvider.getInboundAuthenticationConfig() == null) {
        serviceProvider.setInboundAuthenticationConfig(new InboundAuthenticationConfig());
    }
    if (CollectionUtils.isNotEmpty(authRequestList)) {
        serviceProvider.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs(authRequestList.toArray(new InboundAuthenticationRequestConfig[authRequestList.size()]));
    }
    // update local and out-bound authentication.
    if (AUTH_TYPE_DEFAULT.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(null);
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
    } else if (AUTH_TYPE_LOCAL.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
        AuthenticationStep authStep = new AuthenticationStep();
        LocalAuthenticatorConfig localAuthenticator = new LocalAuthenticatorConfig();
        localAuthenticator.setName(request.getParameter("local_authenticator"));
        if (localAuthenticator.getName() != null && localAuthenticatorConfigs != null) {
            for (LocalAuthenticatorConfig config : localAuthenticatorConfigs) {
                if (config.getName().equals(localAuthenticator.getName())) {
                    localAuthenticator.setDisplayName(config.getDisplayName());
                    break;
                }
            }
        }
        authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticator });
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
    } else if (AUTH_TYPE_FEDERATED.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
        AuthenticationStep authStep = new AuthenticationStep();
        IdentityProvider idp = new IdentityProvider();
        idp.setIdentityProviderName(request.getParameter("fed_idp"));
        authStep.setFederatedIdentityProviders(new IdentityProvider[] { idp });
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
        serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
    } else if (AUTH_TYPE_FLOW.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
    // already updated.
    }
    String alwaysSendAuthListOfIdPs = request.getParameter("always_send_auth_list_of_idps");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAlwaysSendBackAuthenticatedListOfIdPs(alwaysSendAuthListOfIdPs != null && "on".equals(alwaysSendAuthListOfIdPs) ? true : false);
    String useTenantDomainInLocalSubjectIdentifier = request.getParameter("use_tenant_domain_in_local_subject_identifier");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseTenantDomainInLocalSubjectIdentifier(useTenantDomainInLocalSubjectIdentifier != null && "on".equals(useTenantDomainInLocalSubjectIdentifier) ? true : false);
    String useUserstoreDomainInLocalSubjectIdentifier = request.getParameter("use_userstore_domain_in_local_subject_identifier");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInLocalSubjectIdentifier(useUserstoreDomainInLocalSubjectIdentifier != null && "on".equals(useUserstoreDomainInLocalSubjectIdentifier) ? true : false);
    String useUserstoreDomainInRoles = request.getParameter("use_userstore_domain_in_roles");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInRoles(useUserstoreDomainInRoles != null && "on".equals(useUserstoreDomainInRoles) ? true : false);
    boolean skipConsent = Boolean.parseBoolean(request.getParameter(IdentityConstants.SKIP_CONSENT));
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSkipConsent(skipConsent);
    boolean skipLogoutConsent = Boolean.parseBoolean(request.getParameter(IdentityConstants.SKIP_LOGOUT_CONSENT));
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSkipLogoutConsent(skipLogoutConsent);
    String enableAuthorization = request.getParameter("enable_authorization");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setEnableAuthorization(enableAuthorization != null && "on".equals(enableAuthorization));
    String subjectClaimUri = request.getParameter("subject_claim_uri");
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSubjectClaimUri((subjectClaimUri != null && !subjectClaimUri.isEmpty()) ? subjectClaimUri : null);
    // update application permissions.
    PermissionsAndRoleConfig permAndRoleConfig = new PermissionsAndRoleConfig();
    String[] permissions = request.getParameterValues("app_permission");
    List<ApplicationPermission> appPermList = new ArrayList<ApplicationPermission>();
    if (permissions != null && permissions.length > 0) {
        for (String permission : permissions) {
            if (permission != null && !permission.trim().isEmpty()) {
                ApplicationPermission appPermission = new ApplicationPermission();
                appPermission.setValue(permission);
                appPermList.add(appPermission);
            }
        }
    }
    if (CollectionUtils.isNotEmpty(appPermList)) {
        permAndRoleConfig.setPermissions(appPermList.toArray(new ApplicationPermission[appPermList.size()]));
    }
    // update role mapping.
    int roleMappingCount = Integer.parseInt(request.getParameter("number_of_rolemappings"));
    List<RoleMapping> roleMappingList = new ArrayList<RoleMapping>();
    for (int i = 0; i < roleMappingCount; i++) {
        RoleMapping mapping = new RoleMapping();
        LocalRole localRole = new LocalRole();
        localRole.setLocalRoleName(request.getParameter("idpRole_" + i));
        mapping.setLocalRole(localRole);
        mapping.setRemoteRole(request.getParameter("spRole_" + i));
        if (mapping.getLocalRole() != null && mapping.getRemoteRole() != null) {
            roleMappingList.add(mapping);
        }
    }
    permAndRoleConfig.setRoleMappings(roleMappingList.toArray(new RoleMapping[roleMappingList.size()]));
    serviceProvider.setPermissionAndRoleConfig(permAndRoleConfig);
    if (serviceProvider.getClaimConfig() == null) {
        serviceProvider.setClaimConfig(new ClaimConfig());
    }
    if (request.getParameter("claim_dialect") != null && "custom".equals(request.getParameter("claim_dialect"))) {
        serviceProvider.getClaimConfig().setLocalClaimDialect(false);
    } else {
        serviceProvider.getClaimConfig().setLocalClaimDialect(true);
    }
    // update claim configuration.
    int claimCount = Integer.parseInt(request.getParameter("number_of_claim_mappings"));
    List<ClaimMapping> claimMappingList = new ArrayList<ClaimMapping>();
    for (int i = 0; i < claimCount; i++) {
        ClaimMapping mapping = new ClaimMapping();
        Claim localClaim = new Claim();
        localClaim.setClaimUri(request.getParameter("idpClaim_" + i));
        Claim spClaim = new Claim();
        spClaim.setClaimUri(request.getParameter("spClaim_" + i));
        String requested = request.getParameter("spClaim_req_" + i);
        if (requested != null && "on".equals(requested)) {
            mapping.setRequested(true);
        } else {
            mapping.setRequested(false);
        }
        String mandatory = request.getParameter("spClaim_mand_" + i);
        if (mandatory != null && "on".equals(mandatory)) {
            mapping.setMandatory(true);
        } else {
            mapping.setMandatory(false);
        }
        mapping.setLocalClaim(localClaim);
        mapping.setRemoteClaim(spClaim);
        if (isLocalClaimsSelected() || mapping.getRemoteClaim().getClaimUri() == null || mapping.getRemoteClaim().getClaimUri().isEmpty()) {
            mapping.getRemoteClaim().setClaimUri(mapping.getLocalClaim().getClaimUri());
        }
        if (mapping.getLocalClaim().getClaimUri() != null && mapping.getRemoteClaim().getClaimUri() != null) {
            claimMappingList.add(mapping);
        }
    }
    String spClaimDialectParam = request.getParameter(ApplicationMgtUIConstants.Params.SP_CLAIM_DIALECT);
    String[] spClaimDialects = null;
    if (StringUtils.isNotBlank(spClaimDialectParam)) {
        spClaimDialects = spClaimDialectParam.split(",");
    }
    serviceProvider.getClaimConfig().setSpClaimDialects(spClaimDialects);
    serviceProvider.getClaimConfig().setClaimMappings(claimMappingList.toArray(new ClaimMapping[claimMappingList.size()]));
    serviceProvider.getClaimConfig().setRoleClaimURI(request.getParameter("roleClaim"));
    String alwaysSendMappedLocalSubjectId = request.getParameter("always_send_local_subject_id");
    serviceProvider.getClaimConfig().setAlwaysSendMappedLocalSubjectId(alwaysSendMappedLocalSubjectId != null && "on".equals(alwaysSendMappedLocalSubjectId) ? true : false);
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig) ArrayList(java.util.ArrayList) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.xsd.PermissionsAndRoleConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.RequestPathAuthenticatorConfig) ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty) ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty) Property(org.wso2.carbon.identity.application.common.model.xsd.Property) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider) RoleMapping(org.wso2.carbon.identity.application.common.model.xsd.RoleMapping) ApplicationPermission(org.wso2.carbon.identity.application.common.model.xsd.ApplicationPermission) ClaimMapping(org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping) ClaimConfig(org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig) LocalRole(org.wso2.carbon.identity.application.common.model.xsd.LocalRole) Claim(org.wso2.carbon.identity.application.common.model.xsd.Claim)

Aggregations

LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)24 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig)13 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)12 AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)8 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)7 AuthenticationStep (org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)7 PreparedStatement (java.sql.PreparedStatement)6 ArrayList (java.util.ArrayList)6 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)6 Test (org.testng.annotations.Test)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)6 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig)6 NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)5 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)5 ResultSet (java.sql.ResultSet)4 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)4 User (org.wso2.carbon.identity.application.common.model.User)4 InboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig)4 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)4 ApplicationConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig)3