use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.
the class OutboundProvisioningManager method getOutboundProvisioningConnectors.
/**
* TODO: Need to cache the output from this method.
*
* @return
* @throws UserStoreException
*/
private Map<String, RuntimeProvisioningConfig> getOutboundProvisioningConnectors(ServiceProvider serviceProvider, String tenantDomain) throws IdentityProvisioningException {
Map<String, RuntimeProvisioningConfig> connectors = new HashMap<>();
ServiceProviderProvisioningConnectorCacheKey key;
ServiceProviderProvisioningConnectorCacheEntry entry;
// Reading from the cache.
if (serviceProvider != null && tenantDomain != null) {
key = new ServiceProviderProvisioningConnectorCacheKey(serviceProvider.getApplicationName());
entry = ServiceProviderProvisioningConnectorCache.getInstance().getValueFromCache(key, tenantDomain);
// cache hit
if (entry != null) {
if (log.isDebugEnabled()) {
log.debug("Provisioning cache HIT for " + serviceProvider + " of " + tenantDomain);
}
return entry.getConnectors();
}
} else {
throw new IdentityProvisioningException("Error reading service provider from cache.");
}
// NOW build the Map
// a list of registered provisioning connector factories.
Map<String, AbstractProvisioningConnectorFactory> registeredConnectorFactories = IdentityProvisionServiceComponent.getConnectorFactories();
// get all registered list of out-bound provisioning connectors registered for the local
// service provider.
OutboundProvisioningConfig outboundProvisioningConfiguration = serviceProvider.getOutboundProvisioningConfig();
if (outboundProvisioningConfiguration == null) {
if (log.isDebugEnabled()) {
log.debug("No outbound provisioning configuration defined for local service provider.");
}
// empty list.
return new HashMap<String, RuntimeProvisioningConfig>();
}
// get the list of registered provisioning identity providers in out-bound provisioning
// configuration.
IdentityProvider[] provisionningIdPList = outboundProvisioningConfiguration.getProvisioningIdentityProviders();
if (provisionningIdPList != null && provisionningIdPList.length > 0) {
for (IdentityProvider fIdP : provisionningIdPList) {
try {
AbstractOutboundProvisioningConnector connector;
ProvisioningConnectorConfig defaultConnector = fIdP.getDefaultProvisioningConnectorConfig();
if (defaultConnector != null) {
// if no default provisioning connector defined for this identity provider,
// we can safely ignore it - need not to worry about provisioning.
String connectorType = fIdP.getDefaultProvisioningConnectorConfig().getName();
boolean enableJitProvisioning = false;
if (fIdP.getJustInTimeProvisioningConfig() != null && fIdP.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
enableJitProvisioning = true;
}
connector = getOutboundProvisioningConnector(fIdP, registeredConnectorFactories, tenantDomain, enableJitProvisioning);
// configuration of the local service provider.
if (connector != null) {
RuntimeProvisioningConfig proConfig = new RuntimeProvisioningConfig();
proConfig.setProvisioningConnectorEntry(new SimpleEntry<>(connectorType, connector));
proConfig.setBlocking(defaultConnector.isBlocking());
proConfig.setPolicyEnabled(defaultConnector.isRulesEnabled());
connectors.put(fIdP.getIdentityProviderName(), proConfig);
}
}
} catch (IdentityProviderManagementException e) {
throw new IdentityProvisioningException("Error while retrieving idp configuration for " + fIdP.getIdentityProviderName(), e);
}
}
}
entry = new ServiceProviderProvisioningConnectorCacheEntry();
entry.setConnectors(connectors);
ServiceProviderProvisioningConnectorCache.getInstance().addToCache(key, entry, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("Entry added successfully ");
}
return connectors;
}
use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.
the class ApplicationBean method updateLocalSp.
/**
* @param request
*/
public void updateLocalSp(HttpServletRequest request) {
// update basic info.
serviceProvider.setApplicationName(request.getParameter("spName"));
serviceProvider.setDescription(request.getParameter("sp-description"));
String provisioningUserStore = request.getParameter("scim-inbound-userstore");
InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
inBoundProConfig.setProvisioningUserStore(provisioningUserStore);
inBoundProConfig.setDumbMode(Boolean.parseBoolean(request.getParameter(DUMB)));
serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
String[] provisioningProviders = request.getParameterValues("provisioning_idp");
List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
if (serviceProvider.getOutboundProvisioningConfig() == null || provisioningProviders == null || provisioningProviders.length == 0) {
serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
}
if (provisioningProviders != null && provisioningProviders.length > 0) {
for (String proProvider : provisioningProviders) {
String connector = request.getParameter("provisioning_con_idp_" + proProvider);
String jitEnabled = request.getParameter("provisioning_jit_" + proProvider);
String blocking = request.getParameter("blocking_prov_" + proProvider);
String rulesEnabled = request.getParameter("rules_enabled_" + proProvider);
JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
if ("on".equals(jitEnabled)) {
jitpro.setProvisioningEnabled(true);
}
if (connector != null) {
IdentityProvider proIdp = new IdentityProvider();
proIdp.setIdentityProviderName(proProvider);
ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
if ("on".equals(blocking)) {
proCon.setBlocking(true);
}
if ("on".equals(rulesEnabled)) {
proCon.setRulesEnabled(true);
}
proCon.setName(connector);
proIdp.setJustInTimeProvisioningConfig(jitpro);
proIdp.setDefaultProvisioningConnectorConfig(proCon);
provisioningIdps.add(proIdp);
}
}
if (CollectionUtils.isNotEmpty(provisioningIdps)) {
OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
}
}
}
use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project carbon-identity-framework by wso2.
the class ApplicationManagementServiceImplTest method addApplicationConfigurations.
private void addApplicationConfigurations(ServiceProvider serviceProvider) {
serviceProvider.setDescription("Created for testing");
serviceProvider.setSaasApp(TRUE);
// Inbound Authentication Configurations.
InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
InboundAuthenticationRequestConfig authRequestConfig = new InboundAuthenticationRequestConfig();
authRequestConfig.setInboundAuthKey("auth key");
authRequestConfig.setInboundAuthType("oauth2");
InboundAuthenticationRequestConfig[] authRequests = new InboundAuthenticationRequestConfig[] { authRequestConfig };
inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(authRequests);
serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
// Inbound Provisioning Configurations.
InboundProvisioningConfig provisioningConfig = new InboundProvisioningConfig();
provisioningConfig.setProvisioningUserStore("UserStore");
serviceProvider.setInboundProvisioningConfig(provisioningConfig);
// OutBound Provisioning Configurations.
IdentityProvider provisioningIdP = new IdentityProvider();
provisioningIdP.setIdentityProviderName("Provisioning IdP");
OutboundProvisioningConfig outboundProvisioningConfig = new OutboundProvisioningConfig();
outboundProvisioningConfig.setProvisioningIdentityProviders(new IdentityProvider[] { provisioningIdP });
ProvisioningConnectorConfig provisioningConnectorConfig = new ProvisioningConnectorConfig();
provisioningConnectorConfig.setName("Provisioning connector");
provisioningIdP.setDefaultProvisioningConnectorConfig(provisioningConnectorConfig);
serviceProvider.setOutboundProvisioningConfig(outboundProvisioningConfig);
// Local And OutBound Authentication Configuration.
LocalAndOutboundAuthenticationConfig authenticationConfig = new LocalAndOutboundAuthenticationConfig();
AuthenticationStep authenticationStep = new AuthenticationStep();
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setIdentityProviderName(IDP_NAME_1);
FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
federatedAuthenticatorConfig.setName("Federated authenticator");
identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
authenticationStep.setFederatedIdentityProviders(new IdentityProvider[] { identityProvider });
LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
localAuthenticatorConfig.setName("Local authenticator");
authenticationStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticatorConfig });
authenticationConfig.setAuthenticationSteps(new AuthenticationStep[] { authenticationStep });
serviceProvider.setLocalAndOutBoundAuthenticationConfig(authenticationConfig);
// Request Path Authenticator Configuration.
RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
requestPathAuthenticatorConfig.setName("Request path authenticator");
serviceProvider.setRequestPathAuthenticatorConfigs(new RequestPathAuthenticatorConfig[] { requestPathAuthenticatorConfig });
// Claim Configurations.
ClaimConfig claimConfig = new ClaimConfig();
claimConfig.setRoleClaimURI("Role claim uri");
claimConfig.setSpClaimDialects(new String[] { "SP claim dialect" });
ClaimMapping claimMapping = new ClaimMapping();
Claim localClaim = new Claim();
localClaim.setClaimUri("Local claim uri");
Claim remoteClaim = new Claim();
remoteClaim.setClaimUri("Remote claim uri");
claimMapping.setLocalClaim(localClaim);
claimMapping.setRemoteClaim(remoteClaim);
claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
serviceProvider.setClaimConfig(claimConfig);
// Permission Role Configurations.
PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
RoleMapping roleMapping = new RoleMapping();
LocalRole localRole = new LocalRole("Local role");
roleMapping.setLocalRole(localRole);
roleMapping.setRemoteRole("Remote role");
RoleMapping[] roleMappings = new RoleMapping[] { roleMapping };
permissionsAndRoleConfig.setRoleMappings(roleMappings);
}
use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project product-is by wso2.
the class ProvisioningTestCase method addSP.
private void addSP(int portOffset) throws Exception {
ServiceProvider serviceProvider = applicationManagementServiceClients.get(portOffset).getApplication("wso2carbon-local-sp");
if (serviceProvider == null) {
serviceProvider = new ServiceProvider();
serviceProvider.setApplicationName("wso2carbon-local-sp");
try {
applicationManagementServiceClients.get(portOffset).createApplication(serviceProvider);
serviceProvider = applicationManagementServiceClients.get(portOffset).getApplication("wso2carbon-local-sp");
} catch (Exception ex) {
// log.error("Error occurred during obtaining applicationManagementServiceClients", ex);
throw new Exception("Error occurred during obtaining applicationManagementServiceClients", ex);
}
}
InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
inBoundProConfig.setProvisioningUserStore("");
serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
String proProvider = SAMPLE_IDENTITY_PROVIDER_NAME + "_" + Integer.toString(portOffset);
String connector = "scim";
JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
jitpro.setProvisioningEnabled(false);
org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider proIdp = new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider();
proIdp.setIdentityProviderName(proProvider);
org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig proCon = new org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig();
proCon.setBlocking(true);
proCon.setName(connector);
proIdp.setJustInTimeProvisioningConfig(jitpro);
proIdp.setDefaultProvisioningConnectorConfig(proCon);
List<org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider> provisioningIdps = new ArrayList<org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider>();
provisioningIdps.add(proIdp);
if (provisioningIdps.size() > 0) {
OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider[provisioningIdps.size()]));
serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
}
applicationManagementServiceClients.get(portOffset).updateApplicationData(serviceProvider);
}
use of org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig in project product-is by wso2.
the class TestPassiveSTSFederation method testUpdateServiceProviderInPrimaryISWithPassiveSTSConfigs.
@Test(groups = "wso2.is", description = "Check update service provider in primary IS with " + "Passive STS configs", dependsOnMethods = "testCreateServiceProviderInPrimaryIS")
public void testUpdateServiceProviderInPrimaryISWithPassiveSTSConfigs() throws Exception {
ServiceProvider serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
Assert.assertNotNull(serviceProvider, "Service provider in Primary IS not Exists");
serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
List<InboundAuthenticationRequestConfig> authRequestList = new ArrayList<>(Arrays.asList(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()));
InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
opicAuthenticationRequest.setInboundAuthKey(PASSIVESTS_REALM);
opicAuthenticationRequest.setInboundAuthType("passivests");
authRequestList.add(opicAuthenticationRequest);
serviceProvider.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs(authRequestList.toArray(new InboundAuthenticationRequestConfig[0]));
updateServiceProvider(PORT_OFFSET_0, serviceProvider);
serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
boolean success = false;
if (configs != null) {
for (InboundAuthenticationRequestConfig config : configs) {
if (PASSIVESTS_REALM.equals(config.getInboundAuthKey()) && PASSIVESTS_INBOUND_AUTH_TYPE.equals(config.getInboundAuthType())) {
success = true;
break;
}
}
}
Assert.assertTrue(success, "Failed to update service provider with inbound PASSIVESTS " + "configs in primary IS");
}
Aggregations