Example 81 with IdentityProvider
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getFederatedAuthenticatorConfigs.
/**
* @param dbConnection
* @param idPName
* @param tenantId
* @return
* @throws IdentityProviderManagementException
* @throws SQLException
*/
private FederatedAuthenticatorConfig[] getFederatedAuthenticatorConfigs(Connection dbConnection, String idPName, IdentityProvider federatedIdp, int tenantId) throws IdentityProviderManagementException, SQLException {
int idPId = getIdentityProviderIdentifier(dbConnection, idPName, tenantId);
PreparedStatement prepStmt1 = null;
PreparedStatement prepStmt2 = null;
ResultSet rs = null;
ResultSet proprs = null;
String defaultAuthName = null;
if (federatedIdp != null && federatedIdp.getDefaultAuthenticatorConfig() != null) {
defaultAuthName = federatedIdp.getDefaultAuthenticatorConfig().getName();
}
String sqlStmt = IdPManagementConstants.SQLQueries.GET_ALL_IDP_AUTH_SQL;
Set<FederatedAuthenticatorConfig> federatedAuthenticatorConfigs = new HashSet<FederatedAuthenticatorConfig>();
try {
prepStmt1 = dbConnection.prepareStatement(sqlStmt);
prepStmt1.setInt(1, idPId);
rs = prepStmt1.executeQuery();
while (rs.next()) {
FederatedAuthenticatorConfig authnConfig = new FederatedAuthenticatorConfig();
int authnId = rs.getInt("ID");
authnConfig.setName(rs.getString("NAME"));
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_ENABLED"))) {
authnConfig.setEnabled(true);
} else {
authnConfig.setEnabled(false);
}
authnConfig.setDisplayName(rs.getString("DISPLAY_NAME"));
if (defaultAuthName != null && authnConfig.getName().equals(defaultAuthName)) {
federatedIdp.getDefaultAuthenticatorConfig().setDisplayName(authnConfig.getDisplayName());
}
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_AUTH_PROPS_SQL;
prepStmt2 = dbConnection.prepareStatement(sqlStmt);
prepStmt2.setInt(1, authnId);
proprs = prepStmt2.executeQuery();
Set<Property> properties = new HashSet<Property>();
while (proprs.next()) {
Property property = new Property();
property.setName(proprs.getString("PROPERTY_KEY"));
property.setValue(proprs.getString("PROPERTY_VALUE"));
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(proprs.getString("IS_SECRET"))) {
property.setConfidential(true);
}
properties.add(property);
}
authnConfig.setProperties(properties.toArray(new Property[properties.size()]));
federatedAuthenticatorConfigs.add(authnConfig);
}
return federatedAuthenticatorConfigs.toArray(new FederatedAuthenticatorConfig[federatedAuthenticatorConfigs.size()]);
} finally {
IdentityDatabaseUtil.closeAllConnections(null, proprs, prepStmt2);
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt1);
}
}
Also used :
FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
Property(org.wso2.carbon.identity.application.common.model.Property)
HashSet(java.util.HashSet)
Example 82 with IdentityProvider
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider in project carbon-identity-framework by wso2.
the class IdPManagementDAO method addIdPWithResourceId.
/**
* Add IDP.
*
* @param identityProvider Identity provider information.
* @param tenantId Tenant ID.
* @return Resource ID of created IDP.
* @throws IdentityProviderManagementException
*/
public String addIdPWithResourceId(IdentityProvider identityProvider, int tenantId) throws IdentityProviderManagementException {
Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true);
PreparedStatement prepStmt = null;
try {
if (identityProvider.isPrimary()) {
// this is going to be the primary. Switch off any other primary set up in the
// system.
switchOffPrimary(dbConnection, tenantId);
}
// SP_TENANT_ID, SP_IDP_NAME, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID, SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,
// SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.ADD_IDP_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, tenantId);
prepStmt.setString(2, identityProvider.getIdentityProviderName());
if (identityProvider.isPrimary()) {
prepStmt.setString(3, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(3, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(4, identityProvider.getHomeRealmId());
if (ArrayUtils.isNotEmpty(identityProvider.getCertificateInfoArray())) {
try {
// Check whether certificate decoding and certificate generation fails or not.
IdentityApplicationManagementUtil.getCertDataArray(identityProvider.getCertificateInfoArray());
} catch (CertificateException ex) {
throw new IdentityProviderManagementClientException("Malformed Public Certificate file has been " + "provided.", ex);
}
}
JSONArray certificateInfoJsonArray = new JSONArray(identityProvider.getCertificateInfoArray());
setBlobValue(certificateInfoJsonArray.toString(), prepStmt, 5);
prepStmt.setString(6, identityProvider.getAlias());
if (identityProvider.getJustInTimeProvisioningConfig() != null) {
// provisioned locally.
if (identityProvider.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
prepStmt.setString(7, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
}
// user will be provisioned to the configured user store.
prepStmt.setString(8, identityProvider.getJustInTimeProvisioningConfig().getProvisioningUserStore());
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
prepStmt.setString(8, null);
}
if (identityProvider.getClaimConfig() != null) {
// this is how we find the subject name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(9, identityProvider.getClaimConfig().getUserClaimURI());
// this is how we find the role name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(10, identityProvider.getClaimConfig().getRoleClaimURI());
} else {
prepStmt.setString(9, null);
prepStmt.setString(10, null);
}
if (identityProvider.getDefaultAuthenticatorConfig() != null) {
prepStmt.setString(11, identityProvider.getDefaultAuthenticatorConfig().getName());
} else {
prepStmt.setString(11, null);
}
if (identityProvider.getDefaultProvisioningConnectorConfig() != null) {
prepStmt.setString(12, identityProvider.getDefaultProvisioningConnectorConfig().getName());
} else {
prepStmt.setString(12, null);
}
prepStmt.setString(13, identityProvider.getIdentityProviderDescription());
if (identityProvider.isFederationHub()) {
prepStmt.setString(14, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(14, IdPManagementConstants.IS_FALSE_VALUE);
}
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().isLocalClaimDialect()) {
prepStmt.setString(15, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(15, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(16, identityProvider.getProvisioningRole());
// enabled by default
prepStmt.setString(17, IdPManagementConstants.IS_TRUE_VALUE);
prepStmt.setString(18, identityProvider.getDisplayName());
prepStmt.setString(19, identityProvider.getImageUrl());
String resourceId = UUID.randomUUID().toString();
prepStmt.setString(20, resourceId);
prepStmt.executeUpdate();
prepStmt.clearParameters();
// get newly added Identity provider.
IdentityProvider createdIDP = getIDPbyResourceId(dbConnection, resourceId, tenantId, IdentityTenantUtil.getTenantDomain(tenantId));
// get the id of the just added identity provider.
int idPId = Integer.parseInt(createdIDP.getId());
if (idPId <= 0) {
String msg = "Error adding Identity Provider for tenant " + tenantId;
throw new IdentityProviderManagementException(msg);
}
// add provisioning connectors.
if (identityProvider.getProvisioningConnectorConfigs() != null && identityProvider.getProvisioningConnectorConfigs().length > 0) {
addProvisioningConnectorConfigs(identityProvider.getProvisioningConnectorConfigs(), dbConnection, idPId, tenantId);
}
// add federated authenticators.
addFederatedAuthenticatorConfigs(identityProvider.getFederatedAuthenticatorConfigs(), dbConnection, idPId, tenantId);
// add role configuration.
if (identityProvider.getPermissionAndRoleConfig() != null) {
if (identityProvider.getPermissionAndRoleConfig().getIdpRoles() != null && identityProvider.getPermissionAndRoleConfig().getIdpRoles().length > 0) {
// add roles.
addIdPRoles(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getIdpRoles());
if (identityProvider.getPermissionAndRoleConfig().getRoleMappings() != null && identityProvider.getPermissionAndRoleConfig().getRoleMappings().length > 0) {
// add role mappings.
addIdPRoleMappings(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getRoleMappings());
}
}
}
// add claim configuration.
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().getClaimMappings() != null && identityProvider.getClaimConfig().getClaimMappings().length > 0) {
if (identityProvider.getClaimConfig().isLocalClaimDialect()) {
// identity provider is using local claim dialect - we do not need to add
// claims.
addDefaultClaimValuesForLocalIdP(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
} else {
addIdPClaims(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getIdpClaims());
addIdPClaimMappings(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
}
}
IdentityProviderProperty[] idpProperties = identityProvider.getIdpProperties();
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(identityProvider.getIdentityProviderName())) {
idpProperties = filterConnectorProperties(idpProperties, IdentityTenantUtil.getTenantDomain(tenantId)).toArray(new IdentityProviderProperty[0]);
}
List<IdentityProviderProperty> identityProviderProperties = getCombinedProperties(identityProvider.getJustInTimeProvisioningConfig(), idpProperties);
identityProviderProperties.add(buildTemplateIdProperty(identityProvider));
addIdentityProviderProperties(dbConnection, idPId, identityProviderProperties, tenantId);
IdentityDatabaseUtil.commitTransaction(dbConnection);
return resourceId;
} catch (IOException e) {
throw new IdentityProviderManagementException("An error occurred while processing content stream.", e);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while adding Identity Provider for tenant " + tenantId, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("An error occurred while filtering IDP properties.", e);
} finally {
IdentityDatabaseUtil.closeAllConnections(dbConnection, null, prepStmt);
}
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
JSONArray(org.json.JSONArray)
PreparedStatement(java.sql.PreparedStatement)
CertificateException(java.security.cert.CertificateException)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IOException(java.io.IOException)
IdentityProviderManagementClientException(org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException)
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
ConnectorException(org.wso2.carbon.identity.core.ConnectorException)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 83 with IdentityProvider
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider in project carbon-identity-framework by wso2.
the class IdPManagementServiceComponent method cleanUpRemovedIdps.
private void cleanUpRemovedIdps() {
IdentityProviderManager idpManager = IdentityProviderManager.getInstance();
String superTenantDN = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
List<IdentityProvider> idPs;
try {
idPs = idpManager.getIdPs(superTenantDN);
} catch (IdentityProviderManagementException e) {
log.error("Error loading IDPs", e);
return;
}
for (IdentityProvider idp : idPs) {
if (isSharedIdP(idp) && !sharedIdps.contains(idp.getIdentityProviderName())) {
// IDP config file has been deleted from filesystem
try {
idpManager.deleteIdP(idp.getIdentityProviderName(), superTenantDN);
if (log.isDebugEnabled()) {
log.debug("Deleted shared IdP with the name : " + idp.getIdentityProviderName());
}
} catch (IdentityProviderManagementException e) {
log.error("Error when deleting IdP " + idp.getIdentityProviderName(), e);
}
}
}
}
Also used :
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IdentityProviderManager(org.wso2.carbon.idp.mgt.IdentityProviderManager)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 84 with IdentityProvider
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider in project carbon-identity-framework by wso2.
the class IdPManagementServiceComponent method addSuperTenantIdp.
private static void addSuperTenantIdp() throws Exception {
try {
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setIdentityProviderName(IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME);
identityProvider.setHomeRealmId(IdentityUtil.getHostName());
identityProvider.setPrimary(true);
IdentityProviderManager.getInstance().addResidentIdP(identityProvider, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
} catch (Throwable e) {
throw new Exception("Error when adding Resident Identity Provider entry for super tenant ", e);
}
}
Also used :
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IOException(java.io.IOException)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 85 with IdentityProvider
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider in project carbon-identity-framework by wso2.
the class IdPManagementDAO method deleteIdP.
/**
* @param idPName
* @param tenantId
* @param tenantDomain
* @throws IdentityProviderManagementException
*/
public void deleteIdP(String idPName, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
Connection dbConnection = IdentityDatabaseUtil.getDBConnection();
try {
IdentityProvider identityProvider = getIdPByName(dbConnection, idPName, tenantId, tenantDomain);
if (identityProvider == null) {
String msg = "Trying to delete non-existent Identity Provider: %s in tenantDomain: %s";
throw new IdentityProviderManagementException(String.format(msg, idPName, tenantDomain));
}
deleteIdP(dbConnection, tenantId, idPName, null);
IdentityDatabaseUtil.commitTransaction(dbConnection);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while deleting Identity Provider of tenant " + tenantDomain, e);
} finally {
IdentityDatabaseUtil.closeConnection(dbConnection);
}
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Aggregations
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)191
Test (org.testng.annotations.Test)103
IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)65
ArrayList (java.util.ArrayList)64
IdentityProvider (org.wso2.carbon.apimgt.core.api.IdentityProvider)54
IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)53
ApiDAO (org.wso2.carbon.apimgt.core.dao.ApiDAO)47
FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)47
API (org.wso2.carbon.apimgt.core.models.API)43
IdentityProvider (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)37
APIGateway (org.wso2.carbon.apimgt.core.api.APIGateway)35
GatewaySourceGenerator (org.wso2.carbon.apimgt.core.api.GatewaySourceGenerator)34
Property (org.wso2.carbon.identity.application.common.model.Property)29
FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig)29
ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)27
Connection (java.sql.Connection)25
IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty)22
Property (org.wso2.carbon.identity.application.common.model.idp.xsd.Property)22
HashMap (java.util.HashMap)20
APILifecycleManager (org.wso2.carbon.apimgt.core.api.APILifecycleManager)20
