Search in sources :

Example 1 with LocalRole

use of org.wso2.carbon.identity.application.common.model.LocalRole in project carbon-identity-framework by wso2.

the class IdentityProviderManager method getMappedIdPRoles.

/**
 * Retrieves Identity provider information about a given tenant
 *
 * @param idPName      Unique name of the IdP to which the given local roles need to be mapped
 * @param tenantDomain The tenant domain of whose local roles need to be mapped
 * @param localRoles   Local roles which need to be mapped to IdP roles
 * @throws IdentityProviderManagementException Error when getting role mappings
 */
@Override
public Set<RoleMapping> getMappedIdPRoles(String idPName, String tenantDomain, LocalRole[] localRoles) throws IdentityProviderManagementException {
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    if (StringUtils.isEmpty(idPName)) {
        String msg = "Invalid argument: Identity Provider Name value is empty";
        throw new IdentityProviderManagementException(msg);
    }
    IdentityProvider identityProvider = dao.getIdPByName(null, idPName, tenantId, tenantDomain);
    if (identityProvider == null) {
        identityProvider = new FileBasedIdPMgtDAO().getIdPByName(idPName, tenantDomain);
    }
    if (identityProvider == null) {
        identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get(IdentityApplicationConstants.DEFAULT_IDP_CONFIG);
    }
    PermissionsAndRoleConfig roleConfiguration = identityProvider.getPermissionAndRoleConfig();
    if (roleConfiguration != null) {
        RoleMapping[] roleMappings = roleConfiguration.getRoleMappings();
        if (roleMappings != null && roleMappings.length > 0 && localRoles != null) {
            Set<RoleMapping> returnSet = new HashSet<RoleMapping>();
            for (LocalRole localRole : localRoles) {
                for (RoleMapping roleMapping : roleMappings) {
                    if (roleMapping.getLocalRole().equals(localRole)) {
                        returnSet.add(roleMapping);
                        break;
                    }
                }
            }
            return returnSet;
        }
    }
    return new HashSet<RoleMapping>();
}
Also used : FileBasedIdPMgtDAO(org.wso2.carbon.idp.mgt.dao.FileBasedIdPMgtDAO) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) HashSet(java.util.HashSet)

Example 2 with LocalRole

use of org.wso2.carbon.identity.application.common.model.LocalRole in project carbon-identity-framework by wso2.

the class IdentityProviderManager method getMappedIdPRolesMap.

/**
 * Retrieves Identity provider information about a given tenant
 *
 * @param idPName      Unique name of the IdP to which the given local roles need to be mapped
 * @param tenantDomain The tenant domain of whose local roles need to be mapped
 * @param localRoles   Local roles which need to be mapped to IdP roles
 * @throws IdentityProviderManagementException Error when getting role mappings
 */
@Override
public Map<LocalRole, String> getMappedIdPRolesMap(String idPName, String tenantDomain, LocalRole[] localRoles) throws IdentityProviderManagementException {
    Set<RoleMapping> roleMappings = getMappedIdPRoles(idPName, tenantDomain, localRoles);
    Map<LocalRole, String> returnMap = new HashMap<LocalRole, String>();
    for (RoleMapping roleMapping : roleMappings) {
        returnMap.put(roleMapping.getLocalRole(), roleMapping.getRemoteRole());
    }
    return returnMap;
}
Also used : HashMap(java.util.HashMap) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)

Example 3 with LocalRole

use of org.wso2.carbon.identity.application.common.model.LocalRole in project carbon-identity-framework by wso2.

the class IdPManagementDAO method getPermissionsAndRoleConfiguration.

/**
 * @param dbConnection
 * @param idPName
 * @param tenantId
 * @return
 * @throws IdentityProviderManagementException
 * @throws SQLException
 */
public PermissionsAndRoleConfig getPermissionsAndRoleConfiguration(Connection dbConnection, String idPName, int idPId, int tenantId) throws SQLException {
    PreparedStatement prepStmt1 = null;
    PreparedStatement prepStmt2 = null;
    ResultSet rs1 = null;
    ResultSet rs2 = null;
    PermissionsAndRoleConfig permissionRoleConfiguration = new PermissionsAndRoleConfig();
    try {
        List<String> idpRoleList = new ArrayList<String>();
        // SP_IDP_ROLE
        String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_ROLES_SQL;
        prepStmt1 = dbConnection.prepareStatement(sqlStmt);
        prepStmt1.setInt(1, idPId);
        rs1 = prepStmt1.executeQuery();
        while (rs1.next()) {
            idpRoleList.add(rs1.getString("ROLE"));
        }
        permissionRoleConfiguration.setIdpRoles(idpRoleList.toArray(new String[idpRoleList.size()]));
        List<RoleMapping> roleMappings = new ArrayList<RoleMapping>();
        // SP_IDP_ROLE_MAPPINGS.SP_USER_STORE_ID, SP_IDP_ROLE_MAPPINGS.SP_LOCAL_ROLE,
        // SP_IDP_ROLES.SP_IDP_ROLE
        sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_ROLE_MAPPINGS_SQL;
        prepStmt2 = dbConnection.prepareStatement(sqlStmt);
        prepStmt2.setInt(1, idPId);
        rs2 = prepStmt2.executeQuery();
        while (rs2.next()) {
            LocalRole localRole = new LocalRole(rs2.getString("USER_STORE_ID"), rs2.getString("LOCAL_ROLE"));
            RoleMapping roleMapping = new RoleMapping(localRole, rs2.getString("ROLE"));
            roleMappings.add(roleMapping);
        }
        permissionRoleConfiguration.setRoleMappings(roleMappings.toArray(new RoleMapping[roleMappings.size()]));
        return permissionRoleConfiguration;
    } finally {
        IdentityDatabaseUtil.closeAllConnections(null, rs2, prepStmt2);
        IdentityDatabaseUtil.closeAllConnections(null, rs1, prepStmt1);
    }
}
Also used : PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) ResultSet(java.sql.ResultSet) ArrayList(java.util.ArrayList) PreparedStatement(java.sql.PreparedStatement) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)

Example 4 with LocalRole

use of org.wso2.carbon.identity.application.common.model.LocalRole in project carbon-identity-framework by wso2.

the class IdentityProviderManagementServiceTest method addTestIdps.

private void addTestIdps() throws IdentityProviderManagementException {
    // Initialize Test Identity Provider 1.
    IdentityProvider idp1 = new IdentityProvider();
    idp1.setIdentityProviderName("testIdP1");
    idp1.setIdentityProviderDescription("Test Idp 1");
    idp1.setHomeRealmId("1");
    idp1.setEnable(true);
    idp1.setPrimary(true);
    idp1.setFederationHub(true);
    idp1.setCertificate("");
    RoleMapping roleMapping1 = new RoleMapping();
    roleMapping1.setRemoteRole("Role1");
    roleMapping1.setLocalRole(new LocalRole("1", "LocalRole1"));
    RoleMapping roleMapping2 = new RoleMapping();
    roleMapping2.setRemoteRole("Role2");
    roleMapping2.setLocalRole(new LocalRole("2", "LocalRole2"));
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    permissionsAndRoleConfig.setIdpRoles(new String[] { "Role1", "Role2" });
    permissionsAndRoleConfig.setRoleMappings(new RoleMapping[] { roleMapping1, roleMapping2 });
    idp1.setPermissionAndRoleConfig(permissionsAndRoleConfig);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setDisplayName("DisplayName1");
    federatedAuthenticatorConfig.setName("Name");
    federatedAuthenticatorConfig.setEnabled(true);
    Property property1 = new Property();
    property1.setName("Property1");
    property1.setValue("value1");
    property1.setConfidential(true);
    Property property2 = new Property();
    property2.setName("Property2");
    property2.setValue("value2");
    property2.setConfidential(false);
    federatedAuthenticatorConfig.setProperties(new Property[] { property1, property2 });
    idp1.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    ProvisioningConnectorConfig provisioningConnectorConfig1 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig1.setName("ProvisiningConfig1");
    provisioningConnectorConfig1.setProvisioningProperties(new Property[] { property1 });
    ProvisioningConnectorConfig provisioningConnectorConfig2 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig2.setName("ProvisiningConfig2");
    provisioningConnectorConfig2.setProvisioningProperties(new Property[] { property2 });
    provisioningConnectorConfig2.setEnabled(true);
    provisioningConnectorConfig2.setBlocking(true);
    idp1.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { provisioningConnectorConfig1, provisioningConnectorConfig2 });
    IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
    identityProviderProperty.setDisplayName("idpDisplayName");
    identityProviderProperty.setName("idpPropertyName");
    identityProviderProperty.setValue("idpPropertyValue");
    idp1.setIdpProperties(new IdentityProviderProperty[] { identityProviderProperty });
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setLocalClaimDialect(false);
    claimConfig.setRoleClaimURI("Country");
    claimConfig.setUserClaimURI("Country");
    ClaimMapping claimMapping = ClaimMapping.build("http://wso2.org/claims/country", "Country", "", true);
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimId(0);
    remoteClaim.setClaimUri("Country");
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    claimConfig.setIdpClaims(new Claim[] { remoteClaim });
    idp1.setClaimConfig(claimConfig);
    // Initialize Test Identity Provider 2.
    IdentityProvider idp2 = new IdentityProvider();
    idp2.setIdentityProviderName("testIdP2");
    idp2.setHomeRealmId("2");
    ClaimConfig claimConfig2 = new ClaimConfig();
    claimConfig2.setLocalClaimDialect(true);
    claimConfig2.setRoleClaimURI("http://wso2.org/claims/role");
    claimConfig2.setUserClaimURI("http://wso2.org/claims/fullname");
    ClaimMapping claimMapping2 = new ClaimMapping();
    Claim localClaim2 = new Claim();
    localClaim2.setClaimId(0);
    localClaim2.setClaimUri("http://wso2.org/claims/fullname");
    claimMapping2.setLocalClaim(localClaim2);
    claimConfig2.setClaimMappings(new ClaimMapping[] { claimMapping2 });
    idp2.setClaimConfig(claimConfig2);
    // Initialize Test Identity Provider 3.
    IdentityProvider idp3 = new IdentityProvider();
    idp3.setIdentityProviderName("testIdP3");
    idp3.setHomeRealmId("3");
    // IDP with PermissionsAndRoleConfig, FederatedAuthenticatorConfigs, ProvisioningConnectorConfigs, ClaimConfigs.
    identityProviderManagementService.addIdP(idp1);
    // IDP with Local Cliam Dialect ClaimConfigs.
    identityProviderManagementService.addIdP(idp2);
    // IDP with Only name.
    identityProviderManagementService.addIdP(idp3);
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) Property(org.wso2.carbon.identity.application.common.model.Property) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)

Example 5 with LocalRole

use of org.wso2.carbon.identity.application.common.model.LocalRole in project carbon-identity-framework by wso2.

the class IdentityProviderManagementServiceTest method addIdPData.

@DataProvider
public Object[][] addIdPData() {
    // Initialize Test Identity Provider 1.
    IdentityProvider idp1 = new IdentityProvider();
    idp1.setIdentityProviderName("testIdP1");
    idp1.setEnable(true);
    idp1.setPrimary(true);
    idp1.setFederationHub(true);
    idp1.setCertificate("");
    RoleMapping roleMapping1 = new RoleMapping(new LocalRole("1", "LocalRole1"), "Role1");
    RoleMapping roleMapping2 = new RoleMapping(new LocalRole("2", "LocalRole2"), "Role2");
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    permissionsAndRoleConfig.setIdpRoles(new String[] { "Role1", "Role2" });
    permissionsAndRoleConfig.setRoleMappings(new RoleMapping[] { roleMapping1, roleMapping2 });
    idp1.setPermissionAndRoleConfig(permissionsAndRoleConfig);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setDisplayName("DisplayName1");
    federatedAuthenticatorConfig.setName("Name");
    federatedAuthenticatorConfig.setEnabled(true);
    Property property1 = new Property();
    property1.setName("Property1");
    property1.setValue("value1");
    property1.setConfidential(false);
    Property property2 = new Property();
    property2.setName("Property2");
    property2.setValue("value2");
    property2.setConfidential(true);
    federatedAuthenticatorConfig.setProperties(new Property[] { property1, property2 });
    idp1.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    ProvisioningConnectorConfig provisioningConnectorConfig1 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig1.setName("ProvisiningConfig1");
    provisioningConnectorConfig1.setProvisioningProperties(new Property[] { property1 });
    ProvisioningConnectorConfig provisioningConnectorConfig2 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig2.setName("ProvisiningConfig2");
    provisioningConnectorConfig2.setProvisioningProperties(new Property[] { property2 });
    provisioningConnectorConfig2.setEnabled(true);
    provisioningConnectorConfig2.setBlocking(true);
    idp1.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { provisioningConnectorConfig1, provisioningConnectorConfig2 });
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setLocalClaimDialect(false);
    claimConfig.setRoleClaimURI("Country");
    claimConfig.setUserClaimURI("Country");
    ClaimMapping claimMapping = ClaimMapping.build("http://wso2.org/claims/country", "Country", "", true);
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimId(0);
    remoteClaim.setClaimUri("Country");
    claimConfig.setIdpClaims(new Claim[] { remoteClaim });
    idp1.setClaimConfig(claimConfig);
    // Initialize Test Identity Provider 2.
    IdentityProvider idp2 = new IdentityProvider();
    idp2.setIdentityProviderName("testIdP2");
    ClaimConfig claimConfig2 = new ClaimConfig();
    claimConfig2.setLocalClaimDialect(true);
    claimConfig2.setRoleClaimURI("http://wso2.org/claims/role");
    claimConfig2.setUserClaimURI("http://wso2.org/claims/fullname");
    ClaimMapping claimMapping2 = new ClaimMapping();
    Claim localClaim2 = new Claim();
    localClaim2.setClaimId(0);
    localClaim2.setClaimUri("http://wso2.org/claims/fullname");
    claimMapping2.setLocalClaim(localClaim2);
    claimConfig2.setClaimMappings(new ClaimMapping[] { claimMapping2 });
    idp2.setClaimConfig(claimConfig2);
    // Initialize Test Identity Provider 3.
    IdentityProvider idp3 = new IdentityProvider();
    idp3.setIdentityProviderName("testIdP3");
    return new Object[][] { // IDP with PermissionsAndRoleConfig,FederatedAuthenticatorConfigs,ProvisioningConnectorConfigs,Claims.
    { idp1 }, // IDP with Local Cliam Dialect ClaimConfigs.
    { idp2 }, // IDP with only the name.
    { idp3 } };
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) Matchers.anyObject(org.mockito.Matchers.anyObject) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) Property(org.wso2.carbon.identity.application.common.model.Property) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim) DataProvider(org.testng.annotations.DataProvider)

Aggregations

RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)17 LocalRole (org.wso2.carbon.identity.application.common.model.LocalRole)15 PermissionsAndRoleConfig (org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)10 Claim (org.wso2.carbon.identity.application.common.model.Claim)8 ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)8 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)8 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)7 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)7 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)7 ArrayList (java.util.ArrayList)6 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)6 Property (org.wso2.carbon.identity.application.common.model.Property)6 DataProvider (org.testng.annotations.DataProvider)4 PreparedStatement (java.sql.PreparedStatement)3 ResultSet (java.sql.ResultSet)3 HashMap (java.util.HashMap)3 HashSet (java.util.HashSet)2 Matchers.anyObject (org.mockito.Matchers.anyObject)2 Test (org.testng.annotations.Test)2 LocalRole (org.wso2.carbon.identity.application.common.model.idp.xsd.LocalRole)2