Search in sources :

Example 1 with OutboundProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.

the class OutboundProvisioningManager method getOutboundProvisioningConnectors.

/**
 * TODO: Need to cache the output from this method.
 *
 * @return
 * @throws UserStoreException
 */
private Map<String, RuntimeProvisioningConfig> getOutboundProvisioningConnectors(ServiceProvider serviceProvider, String tenantDomain) throws IdentityProvisioningException {
    Map<String, RuntimeProvisioningConfig> connectors = new HashMap<>();
    ServiceProviderProvisioningConnectorCacheKey key;
    ServiceProviderProvisioningConnectorCacheEntry entry;
    // Reading from the cache.
    if (serviceProvider != null && tenantDomain != null) {
        key = new ServiceProviderProvisioningConnectorCacheKey(serviceProvider.getApplicationName());
        entry = ServiceProviderProvisioningConnectorCache.getInstance().getValueFromCache(key, tenantDomain);
        // cache hit
        if (entry != null) {
            if (log.isDebugEnabled()) {
                log.debug("Provisioning cache HIT for " + serviceProvider + " of " + tenantDomain);
            }
            return entry.getConnectors();
        }
    } else {
        throw new IdentityProvisioningException("Error reading service provider from cache.");
    }
    // NOW build the Map
    // a list of registered provisioning connector factories.
    Map<String, AbstractProvisioningConnectorFactory> registeredConnectorFactories = IdentityProvisionServiceComponent.getConnectorFactories();
    // get all registered list of out-bound provisioning connectors registered for the local
    // service provider.
    OutboundProvisioningConfig outboundProvisioningConfiguration = serviceProvider.getOutboundProvisioningConfig();
    if (outboundProvisioningConfiguration == null) {
        if (log.isDebugEnabled()) {
            log.debug("No outbound provisioning configuration defined for local service provider.");
        }
        // empty list.
        return new HashMap<String, RuntimeProvisioningConfig>();
    }
    // get the list of registered provisioning identity providers in out-bound provisioning
    // configuration.
    IdentityProvider[] provisionningIdPList = outboundProvisioningConfiguration.getProvisioningIdentityProviders();
    if (provisionningIdPList != null && provisionningIdPList.length > 0) {
        for (IdentityProvider fIdP : provisionningIdPList) {
            try {
                AbstractOutboundProvisioningConnector connector;
                ProvisioningConnectorConfig defaultConnector = fIdP.getDefaultProvisioningConnectorConfig();
                if (defaultConnector != null) {
                    // if no default provisioning connector defined for this identity provider,
                    // we can safely ignore it - need not to worry about provisioning.
                    String connectorType = fIdP.getDefaultProvisioningConnectorConfig().getName();
                    boolean enableJitProvisioning = false;
                    if (fIdP.getJustInTimeProvisioningConfig() != null && fIdP.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
                        enableJitProvisioning = true;
                    }
                    connector = getOutboundProvisioningConnector(fIdP, registeredConnectorFactories, tenantDomain, enableJitProvisioning);
                    // configuration of the local service provider.
                    if (connector != null) {
                        RuntimeProvisioningConfig proConfig = new RuntimeProvisioningConfig();
                        proConfig.setProvisioningConnectorEntry(new SimpleEntry<>(connectorType, connector));
                        proConfig.setBlocking(defaultConnector.isBlocking());
                        proConfig.setPolicyEnabled(defaultConnector.isRulesEnabled());
                        connectors.put(fIdP.getIdentityProviderName(), proConfig);
                    }
                }
            } catch (IdentityProviderManagementException e) {
                throw new IdentityProvisioningException("Error while retrieving idp configuration for " + fIdP.getIdentityProviderName(), e);
            }
        }
    }
    entry = new ServiceProviderProvisioningConnectorCacheEntry();
    entry.setConnectors(connectors);
    ServiceProviderProvisioningConnectorCache.getInstance().addToCache(key, entry, tenantDomain);
    if (log.isDebugEnabled()) {
        log.debug("Entry added successfully ");
    }
    return connectors;
}
Also used : HashMap(java.util.HashMap) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig) ServiceProviderProvisioningConnectorCacheEntry(org.wso2.carbon.identity.provisioning.cache.ServiceProviderProvisioningConnectorCacheEntry) ServiceProviderProvisioningConnectorCacheKey(org.wso2.carbon.identity.provisioning.cache.ServiceProviderProvisioningConnectorCacheKey) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)

Example 2 with OutboundProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.

the class ApplicationBean method updateLocalSp.

/**
 * @param request
 */
public void updateLocalSp(HttpServletRequest request) {
    // update basic info.
    serviceProvider.setApplicationName(request.getParameter("spName"));
    serviceProvider.setDescription(request.getParameter("sp-description"));
    String provisioningUserStore = request.getParameter("scim-inbound-userstore");
    InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
    inBoundProConfig.setProvisioningUserStore(provisioningUserStore);
    inBoundProConfig.setDumbMode(Boolean.parseBoolean(request.getParameter(DUMB)));
    serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
    String[] provisioningProviders = request.getParameterValues("provisioning_idp");
    List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
    if (serviceProvider.getOutboundProvisioningConfig() == null || provisioningProviders == null || provisioningProviders.length == 0) {
        serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
    }
    if (provisioningProviders != null && provisioningProviders.length > 0) {
        for (String proProvider : provisioningProviders) {
            String connector = request.getParameter("provisioning_con_idp_" + proProvider);
            String jitEnabled = request.getParameter("provisioning_jit_" + proProvider);
            String blocking = request.getParameter("blocking_prov_" + proProvider);
            String rulesEnabled = request.getParameter("rules_enabled_" + proProvider);
            JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
            if ("on".equals(jitEnabled)) {
                jitpro.setProvisioningEnabled(true);
            }
            if (connector != null) {
                IdentityProvider proIdp = new IdentityProvider();
                proIdp.setIdentityProviderName(proProvider);
                ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
                if ("on".equals(blocking)) {
                    proCon.setBlocking(true);
                }
                if ("on".equals(rulesEnabled)) {
                    proCon.setRulesEnabled(true);
                }
                proCon.setName(connector);
                proIdp.setJustInTimeProvisioningConfig(jitpro);
                proIdp.setDefaultProvisioningConnectorConfig(proCon);
                provisioningIdps.add(proIdp);
            }
        }
        if (CollectionUtils.isNotEmpty(provisioningIdps)) {
            OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
            outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
            serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
        }
    }
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig) ArrayList(java.util.ArrayList) IdentityProvider(org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig)

Example 3 with OutboundProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.

the class ApplicationManagementServiceImplTest method addApplicationConfigurations.

private void addApplicationConfigurations(ServiceProvider serviceProvider) {
    serviceProvider.setDescription("Created for testing");
    serviceProvider.setSaasApp(TRUE);
    // Inbound Authentication Configurations.
    InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
    InboundAuthenticationRequestConfig authRequestConfig = new InboundAuthenticationRequestConfig();
    authRequestConfig.setInboundAuthKey("auth key");
    authRequestConfig.setInboundAuthType("oauth2");
    InboundAuthenticationRequestConfig[] authRequests = new InboundAuthenticationRequestConfig[] { authRequestConfig };
    inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(authRequests);
    serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
    // Inbound Provisioning Configurations.
    InboundProvisioningConfig provisioningConfig = new InboundProvisioningConfig();
    provisioningConfig.setProvisioningUserStore("UserStore");
    serviceProvider.setInboundProvisioningConfig(provisioningConfig);
    // OutBound Provisioning Configurations.
    IdentityProvider provisioningIdP = new IdentityProvider();
    provisioningIdP.setIdentityProviderName("Provisioning IdP");
    OutboundProvisioningConfig outboundProvisioningConfig = new OutboundProvisioningConfig();
    outboundProvisioningConfig.setProvisioningIdentityProviders(new IdentityProvider[] { provisioningIdP });
    ProvisioningConnectorConfig provisioningConnectorConfig = new ProvisioningConnectorConfig();
    provisioningConnectorConfig.setName("Provisioning connector");
    provisioningIdP.setDefaultProvisioningConnectorConfig(provisioningConnectorConfig);
    serviceProvider.setOutboundProvisioningConfig(outboundProvisioningConfig);
    // Local And OutBound Authentication Configuration.
    LocalAndOutboundAuthenticationConfig authenticationConfig = new LocalAndOutboundAuthenticationConfig();
    AuthenticationStep authenticationStep = new AuthenticationStep();
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(IDP_NAME_1);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setName("Federated authenticator");
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    authenticationStep.setFederatedIdentityProviders(new IdentityProvider[] { identityProvider });
    LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
    localAuthenticatorConfig.setName("Local authenticator");
    authenticationStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticatorConfig });
    authenticationConfig.setAuthenticationSteps(new AuthenticationStep[] { authenticationStep });
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(authenticationConfig);
    // Request Path Authenticator Configuration.
    RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
    requestPathAuthenticatorConfig.setName("Request path authenticator");
    serviceProvider.setRequestPathAuthenticatorConfigs(new RequestPathAuthenticatorConfig[] { requestPathAuthenticatorConfig });
    // Claim Configurations.
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setRoleClaimURI("Role claim uri");
    claimConfig.setSpClaimDialects(new String[] { "SP claim dialect" });
    ClaimMapping claimMapping = new ClaimMapping();
    Claim localClaim = new Claim();
    localClaim.setClaimUri("Local claim uri");
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimUri("Remote claim uri");
    claimMapping.setLocalClaim(localClaim);
    claimMapping.setRemoteClaim(remoteClaim);
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    serviceProvider.setClaimConfig(claimConfig);
    // Permission Role Configurations.
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    RoleMapping roleMapping = new RoleMapping();
    LocalRole localRole = new LocalRole("Local role");
    roleMapping.setLocalRole(localRole);
    roleMapping.setRemoteRole("Remote role");
    RoleMapping[] roleMappings = new RoleMapping[] { roleMapping };
    permissionsAndRoleConfig.setRoleMappings(roleMappings);
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.InboundProvisioningConfig) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim)

Example 4 with OutboundProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project product-is by wso2.

the class ProvisioningTestCase method addSP.

private void addSP(int portOffset) throws Exception {
    ServiceProvider serviceProvider = applicationManagementServiceClients.get(portOffset).getApplication("wso2carbon-local-sp");
    if (serviceProvider == null) {
        serviceProvider = new ServiceProvider();
        serviceProvider.setApplicationName("wso2carbon-local-sp");
        try {
            applicationManagementServiceClients.get(portOffset).createApplication(serviceProvider);
            serviceProvider = applicationManagementServiceClients.get(portOffset).getApplication("wso2carbon-local-sp");
        } catch (Exception ex) {
            // log.error("Error occurred during obtaining applicationManagementServiceClients", ex);
            throw new Exception("Error occurred during obtaining applicationManagementServiceClients", ex);
        }
    }
    InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
    inBoundProConfig.setProvisioningUserStore("");
    serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
    String proProvider = SAMPLE_IDENTITY_PROVIDER_NAME + "_" + Integer.toString(portOffset);
    String connector = "scim";
    JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
    jitpro.setProvisioningEnabled(false);
    org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider proIdp = new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider();
    proIdp.setIdentityProviderName(proProvider);
    org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig proCon = new org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig();
    proCon.setBlocking(true);
    proCon.setName(connector);
    proIdp.setJustInTimeProvisioningConfig(jitpro);
    proIdp.setDefaultProvisioningConnectorConfig(proCon);
    List<org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider> provisioningIdps = new ArrayList<org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider>();
    provisioningIdps.add(proIdp);
    if (provisioningIdps.size() > 0) {
        OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
        outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider[provisioningIdps.size()]));
        serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
    }
    applicationManagementServiceClients.get(portOffset).updateApplicationData(serviceProvider);
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig) ArrayList(java.util.ArrayList) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) CharonException(org.wso2.charon.core.exceptions.CharonException) XPathExpressionException(javax.xml.xpath.XPathExpressionException) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig)

Example 5 with OutboundProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project product-is by wso2.

the class TestPassiveSTSFederation method testUpdateServiceProviderInPrimaryISWithPassiveSTSConfigs.

@Test(groups = "wso2.is", description = "Check update service provider in primary IS with " + "Passive STS configs", dependsOnMethods = "testCreateServiceProviderInPrimaryIS")
public void testUpdateServiceProviderInPrimaryISWithPassiveSTSConfigs() throws Exception {
    ServiceProvider serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    Assert.assertNotNull(serviceProvider, "Service provider in Primary IS not Exists");
    serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
    List<InboundAuthenticationRequestConfig> authRequestList = new ArrayList<>(Arrays.asList(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()));
    InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
    opicAuthenticationRequest.setInboundAuthKey(PASSIVESTS_REALM);
    opicAuthenticationRequest.setInboundAuthType("passivests");
    authRequestList.add(opicAuthenticationRequest);
    serviceProvider.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs(authRequestList.toArray(new InboundAuthenticationRequestConfig[0]));
    updateServiceProvider(PORT_OFFSET_0, serviceProvider);
    serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
    boolean success = false;
    if (configs != null) {
        for (InboundAuthenticationRequestConfig config : configs) {
            if (PASSIVESTS_REALM.equals(config.getInboundAuthKey()) && PASSIVESTS_INBOUND_AUTH_TYPE.equals(config.getInboundAuthType())) {
                success = true;
                break;
            }
        }
    }
    Assert.assertTrue(success, "Failed to update service provider with inbound PASSIVESTS " + "configs in primary IS");
}
Also used : ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) ArrayList(java.util.ArrayList) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig) Test(org.testng.annotations.Test)

Aggregations

ArrayList (java.util.ArrayList)16 OutboundProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig)14 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)10 ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)8 Property (org.wso2.carbon.identity.application.common.model.xsd.Property)7 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)6 Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)6 ClaimConfig (org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig)6 ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)6 OAuthConsumerAppDTO (org.wso2.carbon.identity.oauth.stub.dto.OAuthConsumerAppDTO)6 OutboundProvisioningConfig (org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig)5 Test (org.testng.annotations.Test)4 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)4 JustInTimeProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig)4 IdentityProvider (org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider)3 InboundProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig)3 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig)3 PreparedStatement (java.sql.PreparedStatement)2 NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)2 AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)2