Example 51 with IdentityProviderProperty
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty in project product-is by wso2.
the class PreferenceAPIIntegrationUITestCase method updateResidentIDPProperty.
private void updateResidentIDPProperty(IdentityProvider residentIdp, String propertyKey, String value) throws Exception {
IdentityProviderProperty[] idpProperties = residentIdp.getIdpProperties();
for (IdentityProviderProperty providerProperty : idpProperties) {
if (propertyKey.equalsIgnoreCase(providerProperty.getName())) {
providerProperty.setValue(value);
}
}
updateResidentIDP(residentIdp);
}
Also used :
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty)
Example 52 with IdentityProviderProperty
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty in project identity-api-server by wso2.
the class ServerIdpManagementService method processPatchRequest.
/**
* Evaluate the list of patch operations and update the root level attributes of the identity provider accordingly.
*
* @param patchRequest List of patch operations.
* @param idpToUpdate Identity Provider to be updated.
*/
private void processPatchRequest(List<Patch> patchRequest, IdentityProvider idpToUpdate) {
if (CollectionUtils.isEmpty(patchRequest)) {
return;
}
for (Patch patch : patchRequest) {
String path = patch.getPath();
Patch.OperationEnum operation = patch.getOperation();
String value = patch.getValue();
boolean isCertificateUpdateRequest = path.matches(Constants.CERTIFICATE_PATH_REGEX) && path.split(Constants.PATH_SEPERATOR).length == 4;
// 'ADD', 'REPLACE' and 'REMOVE' patch operations supported.
if (operation == Patch.OperationEnum.REPLACE) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray()) && (index >= 0) && (index < idpToUpdate.getCertificateInfoArray().length)) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
if (!value.startsWith(IdentityUtil.PEM_BEGIN_CERTFICATE)) {
try {
value = base64Decode(value);
} catch (IllegalArgumentException e) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_CERTIFICATE_FORMAT, null);
}
}
if (certificates.contains(value)) {
throw handleException(Response.Status.CONFLICT, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as this certificate already exists.");
}
certificates.set(index, value);
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
} else if (ArrayUtils.isEmpty(idpToUpdate.getCertificateInfoArray()) || index >= idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as it does not exist.");
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else {
switch(path) {
case Constants.NAME_PATH:
idpToUpdate.setIdentityProviderName(value);
break;
case Constants.DESCRIPTION_PATH:
idpToUpdate.setIdentityProviderDescription(value);
break;
case Constants.IMAGE_PATH:
idpToUpdate.setImageUrl(value);
break;
case Constants.IS_PRIMARY_PATH:
idpToUpdate.setPrimary(Boolean.parseBoolean(value));
break;
case Constants.IS_ENABLED_PATH:
idpToUpdate.setEnable(Boolean.parseBoolean(value));
break;
case Constants.IS_FEDERATION_HUB_PATH:
idpToUpdate.setFederationHub(Boolean.parseBoolean(value));
break;
case Constants.HOME_REALM_PATH:
idpToUpdate.setHomeRealmId(value);
break;
case Constants.ALIAS_PATH:
idpToUpdate.setAlias(value);
break;
case Constants.IDP_ISSUER_NAME_PATH:
patchIdpProperties(idpToUpdate, Constants.IDP_ISSUER_NAME, value);
break;
case Constants.CERTIFICATE_JWKSURI_PATH:
patchIdpProperties(idpToUpdate, Constants.JWKS_URI, value);
break;
default:
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
}
} else if (operation == Patch.OperationEnum.ADD) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (index != idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Invalid index in 'path' attribute");
}
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray())) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
}
if (!value.startsWith(IdentityUtil.PEM_BEGIN_CERTFICATE)) {
try {
value = base64Decode(value);
} catch (IllegalArgumentException e) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_CERTIFICATE_FORMAT, null);
}
}
if (certificates.contains(value)) {
throw handleException(Response.Status.CONFLICT, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot add certificate as it already exists.");
}
certificates.add(index, value);
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
// Need to remove the JWKS URI property, if it exists, when adding certificates as they are
// alternate options of the property Certificate Type.
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
List<IdentityProviderProperty> idpNewProperties = new ArrayList<>();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
// Add properties to new list omitting the JWKS URI property.
if (!Constants.JWKS_URI.equals(propertyDTO.getName())) {
idpNewProperties.add(propertyDTO);
}
}
idpToUpdate.setIdpProperties(idpNewProperties.toArray(new IdentityProviderProperty[0]));
} else if (Constants.CERTIFICATE_JWKSURI_PATH.equals(path)) {
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
if (Constants.JWKS_URI.equals(propertyDTO.getName())) {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot add JWKS URI as it already exists");
}
}
List<IdentityProviderProperty> idpProperties = new ArrayList<>(Arrays.asList(propertyDTOS));
IdentityProviderProperty jwksProperty = new IdentityProviderProperty();
jwksProperty.setName(Constants.JWKS_URI);
jwksProperty.setValue(value);
idpProperties.add(jwksProperty);
idpToUpdate.setIdpProperties(idpProperties.toArray(new IdentityProviderProperty[0]));
// property Certificate Type.
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray())) {
idpToUpdate.setCertificate(null);
}
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else if (operation == Patch.OperationEnum.REMOVE) {
if (isCertificateUpdateRequest) {
List<String> certificates = new ArrayList<>();
int index = Integer.parseInt(path.split(Constants.PATH_SEPERATOR)[3]);
if (ArrayUtils.isNotEmpty(idpToUpdate.getCertificateInfoArray()) && (index >= 0) && index < idpToUpdate.getCertificateInfoArray().length) {
for (CertificateInfo certInfo : idpToUpdate.getCertificateInfoArray()) {
certificates.add(base64Decode(certInfo.getCertValue()));
}
certificates.remove(index);
} else if (ArrayUtils.isEmpty(idpToUpdate.getCertificateInfoArray()) || index >= idpToUpdate.getCertificateInfoArray().length) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot replace certificate as it does not exist.");
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, "Invalid index in 'path' attribute");
}
idpToUpdate.setCertificate(base64Encode(StringUtils.join(certificates, "")));
} else if (Constants.CERTIFICATE_JWKSURI_PATH.equals(path)) {
IdentityProviderProperty[] propertyDTOS = idpToUpdate.getIdpProperties();
List<IdentityProviderProperty> idpNewProperties = new ArrayList<>();
for (IdentityProviderProperty propertyDTO : propertyDTOS) {
// Add properties to new list omitting the JWKS URI property.
if (!Constants.JWKS_URI.equals(propertyDTO.getName())) {
idpNewProperties.add(propertyDTO);
}
}
// been available.
if (propertyDTOS.length == idpNewProperties.size()) {
throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, "Cannot remove JWKS URI as it does not exist.");
}
idpToUpdate.setIdpProperties(idpNewProperties.toArray(new IdentityProviderProperty[0]));
} else {
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
} else {
// Throw an error if any other patch operations are sent in the request.
throw handleException(Response.Status.BAD_REQUEST, Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT, null);
}
}
}
Also used :
ArrayList(java.util.ArrayList)
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
CertificateInfo(org.wso2.carbon.identity.application.common.model.CertificateInfo)
ArrayList(java.util.ArrayList)
List(java.util.List)
Patch(org.wso2.carbon.identity.api.server.idp.v1.model.Patch)
Example 53 with IdentityProviderProperty
use of org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty in project identity-api-server by wso2.
the class ServerIdpManagementService method createIDPCertificate.
private Certificate createIDPCertificate(IdentityProvider identityProvider) {
Certificate certificate = null;
IdentityProviderProperty[] idpProperties = identityProvider.getIdpProperties();
for (IdentityProviderProperty property : idpProperties) {
if (Constants.JWKS_URI.equals(property.getName())) {
certificate = new Certificate().jwksUri(property.getValue());
break;
}
}
if (certificate == null && ArrayUtils.isNotEmpty(identityProvider.getCertificateInfoArray())) {
List<String> certificates = new ArrayList<>();
for (CertificateInfo certInfo : identityProvider.getCertificateInfoArray()) {
certificates.add(certInfo.getCertValue());
}
certificate = new Certificate().certificates(certificates);
}
return certificate;
}
Also used :
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
ArrayList(java.util.ArrayList)
CertificateInfo(org.wso2.carbon.identity.application.common.model.CertificateInfo)
Certificate(org.wso2.carbon.identity.api.server.idp.v1.model.Certificate)
Aggregations
IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)43
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)30
ArrayList (java.util.ArrayList)20
IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)14
PreparedStatement (java.sql.PreparedStatement)9
SQLException (java.sql.SQLException)9
FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)9
ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)8
IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty)8
ResultSet (java.sql.ResultSet)7
HashMap (java.util.HashMap)7
Property (org.wso2.carbon.identity.application.common.model.Property)7
ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)7
Test (org.testng.annotations.Test)6
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)5
AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)5
PostAuthnHandlerFlowStatus (org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus)5
IOException (java.io.IOException)4
List (java.util.List)4
ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)4
