use of org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildFederatedIdentityProvider.
/**
* Build a federated identity provider.
*
* @param request HttpServletRequest
* @param oldIdpName This value will be populated if there is an old IDP.
* @return IdentityProvider
* @throws Exception
*/
public static IdentityProvider buildFederatedIdentityProvider(HttpServletRequest request, StringBuilder oldIdpName) throws Exception {
IdentityProvider fedIdp = new IdentityProvider();
if (ServletFileUpload.isMultipartContent(request)) {
ServletRequestContext servletContext = new ServletRequestContext(request);
FileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);
List items = upload.parseRequest(servletContext);
Map<String, String> paramMap = new HashMap<>();
List<String> idpClaims = new ArrayList<>();
List<String> idpRoles = new ArrayList<>();
List<String> customAuthenticatorNames = new ArrayList<>();
List<String> proConnectorNames = new ArrayList<>();
Map<String, List<Property>> customAuthenticatorProperties = new HashMap<>();
Map<String, List<Property>> customProProperties = new HashMap<>();
String idpUUID = StringUtils.EMPTY;
StringBuilder deletedCertificateValue = new StringBuilder();
for (Object item : items) {
DiskFileItem diskFileItem = (DiskFileItem) item;
if (diskFileItem != null) {
byte[] value = diskFileItem.get();
String key = diskFileItem.getFieldName();
if (StringUtils.equals(key, "idpUUID")) {
idpUUID = diskFileItem.getString();
}
if (IdPManagementUIUtil.META_DATA_SAML.equals(key)) {
if (StringUtils.isNotEmpty(diskFileItem.getName()) && !diskFileItem.getName().trim().endsWith(".xml")) {
throw new CarbonException("File not supported!");
} else {
paramMap.put(key, Base64.encode(value));
}
}
if ("certFile".equals(key)) {
paramMap.put(key, Base64.encode(value));
} else if (key.startsWith(IdentityApplicationConstants.CERTIFICATE_VAL)) {
deletedCertificateValue.append(new String(value, StandardCharsets.UTF_8));
} else if ("google_prov_private_key".equals(key)) {
paramMap.put(key, Base64.encode(value));
} else if (key.startsWith("claimrowname_")) {
String strValue = new String(value, StandardCharsets.UTF_8);
idpClaims.add(strValue);
paramMap.put(key, strValue);
} else if (key.startsWith("rolerowname_")) {
String strValue = new String(value, StandardCharsets.UTF_8);
idpRoles.add(strValue);
paramMap.put(key, strValue);
} else if (key.startsWith("custom_auth_name")) {
customAuthenticatorNames.add(new String(value, StandardCharsets.UTF_8));
} else if (key.startsWith("custom_pro_name")) {
proConnectorNames.add(new String(value, StandardCharsets.UTF_8));
} else if (key.startsWith("cust_auth_prop_")) {
int length = "cust_auth_prop_".length();
String authPropString = new String(key).substring(length);
if (authPropString.indexOf("#") > 0) {
String authName = authPropString.substring(0, authPropString.indexOf("#"));
String propName = authPropString.substring(authPropString.indexOf("#") + 1);
String propVal = new String(value, StandardCharsets.UTF_8);
Property prop = new Property();
prop.setName(propName);
prop.setValue(propVal);
List<Property> propList = null;
if (customAuthenticatorProperties.get(authName) == null) {
customAuthenticatorProperties.put(authName, new ArrayList<Property>());
}
propList = customAuthenticatorProperties.get(authName);
propList.add(prop);
customAuthenticatorProperties.put(authName, propList);
}
} else if (key.startsWith("cust_pro_prop_")) {
int length = "cust_pro_prop_".length();
String provPropString = new String(key).substring(length);
if (provPropString.indexOf("#") > 0) {
String proConName = provPropString.substring(0, provPropString.indexOf("#"));
String propName = provPropString.substring(provPropString.indexOf("#") + 1);
String propVal = new String(value, StandardCharsets.UTF_8);
Property prop = new Property();
prop.setName(propName);
prop.setValue(propVal);
List<Property> propList = null;
if (customProProperties.get(proConName) == null) {
customProProperties.put(proConName, new ArrayList<Property>());
}
propList = customProProperties.get(proConName);
propList.add(prop);
customProProperties.put(proConName, propList);
}
} else {
paramMap.put(key, new String(value, StandardCharsets.UTF_8));
}
String updatedValue = paramMap.get(key);
if (updatedValue != null && updatedValue.trim().length() == 0) {
paramMap.put(key, null);
}
}
}
paramMap.put(IdentityApplicationConstants.CERTIFICATE_VAL, deletedCertificateValue.toString());
IdentityProvider oldIdentityProvider = (IdentityProvider) request.getSession().getAttribute(idpUUID);
if (oldIdentityProvider != null) {
if (oldIdpName == null) {
oldIdpName = new StringBuilder();
}
oldIdpName.append(oldIdentityProvider.getIdentityProviderName());
}
if (oldIdentityProvider != null && oldIdentityProvider.getCertificate() != null) {
if (oldIdentityProvider.getCertificateInfoArray() != null && oldIdentityProvider.getCertificateInfoArray().length > 1) {
if (log.isDebugEnabled()) {
log.debug("Number of old certificate for the identity provider " + oldIdentityProvider.getDisplayName() + " is " + oldIdentityProvider.getCertificateInfoArray().length);
}
StringBuilder multipleCertificate = new StringBuilder();
for (CertificateInfo certificateInfo : oldIdentityProvider.getCertificateInfoArray()) {
multipleCertificate.append(new String(Base64.decode(certificateInfo.getCertValue()), StandardCharsets.UTF_8));
}
paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, Base64.encode(multipleCertificate.toString().getBytes(StandardCharsets.UTF_8)));
} else {
if (log.isDebugEnabled()) {
log.debug("Only one certificate has been found as old certificate.");
}
paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, oldIdentityProvider.getCertificate());
}
}
if (oldIdentityProvider != null && oldIdentityProvider.getProvisioningConnectorConfigs() != null) {
ProvisioningConnectorConfig[] provisioningConnectorConfig = oldIdentityProvider.getProvisioningConnectorConfigs();
for (ProvisioningConnectorConfig provisioningConnector : provisioningConnectorConfig) {
if (("googleapps").equals(provisioningConnector.getName())) {
Property[] googleProperties = provisioningConnector.getProvisioningProperties();
for (Property property : googleProperties) {
if (property.getName().equals("google_prov_private_key")) {
paramMap.put("old_google_prov_private_key", property.getValue());
}
}
}
}
}
// build identity provider basic information.
buildBasicInformation(fedIdp, paramMap);
// build out-bound authentication configuration.
buildOutboundAuthenticationConfiguration(fedIdp, paramMap);
// build custom authenticator configuration.
buildCustomAuthenticationConfiguration(fedIdp, customAuthenticatorNames, customAuthenticatorProperties, paramMap);
// build claim configuration.
if (oldIdentityProvider != null && oldIdentityProvider.getClaimConfig().getClaimMappings() != null) {
buildClaimConfiguration(fedIdp, paramMap, idpClaims, oldIdentityProvider.getClaimConfig().getClaimMappings());
} else {
buildClaimConfiguration(fedIdp, paramMap, idpClaims, null);
}
// build role configuration.
if (oldIdentityProvider != null && oldIdentityProvider.getPermissionAndRoleConfig() != null && oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings() != null) {
buildRoleConfiguration(fedIdp, paramMap, idpRoles, oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings());
} else {
buildRoleConfiguration(fedIdp, paramMap, idpRoles, null);
}
// build in-bound provisioning configuration.
buildInboundProvisioningConfiguration(fedIdp, paramMap);
// build out-bound provisioning configuration.
buildOutboundProvisioningConfiguration(fedIdp, paramMap);
// build custom provisioning connectors.
buildCustomProvisioningConfiguration(fedIdp, proConnectorNames, customProProperties, paramMap);
} else {
throw new Exception("Invalid Content Type: Not multipart/form-data");
}
return fedIdp;
}
use of org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildGoogleProvisioningConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildGoogleProvisioningConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
ProvisioningConnectorConfig proConnector = new ProvisioningConnectorConfig();
proConnector.setName("googleapps");
Property domainName = null;
Property emailClaim = null;
Property givenNameClaim = null;
Property givenNameDefaultVal = null;
Property familyNameClaim = null;
Property familyNameDefault = null;
Property serviceAccEmail = null;
Property privateKey = null;
Property adminEmail = null;
Property appName = null;
Property googleProvPatten = null;
Property googleProvSeparator = null;
Property uniqueID = null;
String oldGooglePvtKey = null;
String newGooglePvtKey = null;
if (paramMap.get("googleProvEnabled") != null && "on".equals(paramMap.get("googleProvEnabled"))) {
proConnector.setEnabled(true);
} else {
proConnector.setEnabled(false);
}
if (paramMap.get("googleProvDefault") != null && "on".equals(paramMap.get("googleProvDefault"))) {
fedIdp.setDefaultProvisioningConnectorConfig(proConnector);
}
if (paramMap.get("google_prov_domain_name") != null) {
domainName = new Property();
domainName.setName("google_prov_domain_name");
domainName.setValue(paramMap.get("google_prov_domain_name"));
}
if (paramMap.get("google_prov_email_claim_dropdown") != null) {
emailClaim = new Property();
emailClaim.setName("google_prov_email_claim_dropdown");
emailClaim.setValue(paramMap.get("google_prov_email_claim_dropdown"));
}
if (paramMap.get("google_prov_givenname_claim_dropdown") != null) {
givenNameClaim = new Property();
givenNameClaim.setName("google_prov_givenname_claim_dropdown");
givenNameClaim.setValue(paramMap.get("google_prov_givenname_claim_dropdown"));
}
if (paramMap.get("google_prov_givenname") != null) {
givenNameDefaultVal = new Property();
givenNameDefaultVal.setName("google_prov_givenname");
givenNameDefaultVal.setValue(paramMap.get("google_prov_givenname"));
}
if (paramMap.get("google_prov_familyname_claim_dropdown") != null) {
familyNameClaim = new Property();
familyNameClaim.setName("google_prov_familyname_claim_dropdown");
familyNameClaim.setValue(paramMap.get("google_prov_familyname_claim_dropdown"));
}
if (paramMap.get("google_prov_familyname") != null) {
familyNameDefault = new Property();
familyNameDefault.setName("google_prov_familyname");
familyNameDefault.setValue(paramMap.get("google_prov_familyname"));
}
if (paramMap.get("google_prov_service_acc_email") != null) {
serviceAccEmail = new Property();
serviceAccEmail.setName("google_prov_service_acc_email");
serviceAccEmail.setValue(paramMap.get("google_prov_service_acc_email"));
}
if (paramMap.get("old_google_prov_private_key") != null) {
oldGooglePvtKey = paramMap.get("old_google_prov_private_key");
}
// get the value of the uploaded certificate.
if (paramMap.get("google_prov_private_key") != null) {
newGooglePvtKey = paramMap.get("google_prov_private_key");
}
if (newGooglePvtKey == null && oldGooglePvtKey != null) {
newGooglePvtKey = oldGooglePvtKey;
}
if (newGooglePvtKey != null) {
privateKey = new Property();
privateKey.setName("google_prov_private_key");
privateKey.setValue(newGooglePvtKey);
privateKey.setType(IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_BLOB);
}
if (paramMap.get("google_prov_admin_email") != null) {
adminEmail = new Property();
adminEmail.setName("google_prov_admin_email");
adminEmail.setValue(paramMap.get("google_prov_admin_email"));
}
if (paramMap.get("google_prov_application_name") != null) {
appName = new Property();
appName.setName("google_prov_application_name");
appName.setValue(paramMap.get("google_prov_application_name"));
}
if (paramMap.get("google_prov_pattern") != null) {
googleProvPatten = new Property();
googleProvPatten.setName("google_prov_pattern");
googleProvPatten.setValue(paramMap.get("google_prov_pattern"));
}
if (paramMap.get("google_prov_separator") != null) {
googleProvSeparator = new Property();
googleProvSeparator.setName("google_prov_separator");
googleProvSeparator.setValue(paramMap.get("google_prov_separator"));
}
if (paramMap.get("google-unique-id") != null) {
uniqueID = new Property();
uniqueID.setName("UniqueID");
uniqueID.setValue(paramMap.get("google-unique-id"));
}
Property[] proProperties = new Property[] { appName, adminEmail, privateKey, serviceAccEmail, familyNameDefault, familyNameClaim, givenNameDefaultVal, givenNameClaim, emailClaim, domainName, googleProvPatten, googleProvSeparator, uniqueID };
proConnector.setProvisioningProperties(proProperties);
ProvisioningConnectorConfig[] proConnectors = fedIdp.getProvisioningConnectorConfigs();
if (proConnector.getName() != null) {
if (proConnectors == null || proConnectors.length == 0) {
fedIdp.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { proConnector });
} else {
fedIdp.setProvisioningConnectorConfigs(concatArrays(new ProvisioningConnectorConfig[] { proConnector }, proConnectors));
}
}
}
use of org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method updateProvisioningConfig.
private void updateProvisioningConfig(ProvisioningConnectorConfig provisioningConnector, Connection dbConnection, int idpId, int tenantId) throws IdentityProviderManagementException {
String sqlStmt = IdPManagementConstants.SQLQueries.UPDATE_IDP_PROVISIONING_CONFIG_SQL;
try (PreparedStatement prepStmt = dbConnection.prepareStatement(sqlStmt)) {
if (provisioningConnector.isEnabled()) {
prepStmt.setString(1, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(1, IdPManagementConstants.IS_FALSE_VALUE);
}
if (provisioningConnector.isBlocking()) {
prepStmt.setString(2, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(2, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setInt(3, idpId);
prepStmt.setString(4, provisioningConnector.getName());
prepStmt.setInt(5, tenantId);
prepStmt.executeUpdate();
} catch (SQLException e) {
throw new IdentityProviderManagementException("Error occurred while updating the provisioning " + "connector config of Identity Provider : " + idpId, e);
}
}
use of org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getProvisioningConnectorConfigs.
/**
* @param dbConnection
* @param idPName
* @param tenantId
* @return
* @throws IdentityProviderManagementException
* @throws SQLException
*/
public ProvisioningConnectorConfig[] getProvisioningConnectorConfigs(Connection dbConnection, String idPName, int idPId, int tenantId) throws IdentityProviderManagementException, SQLException {
PreparedStatement prepStmt = null;
PreparedStatement prepBaseStmt = null;
ResultSet rs1 = null;
ResultSet rs2 = null;
try {
// SP_IDP_PROV_CONNECTOR_TYPE,SP_IDP_PROV_CONFIG_KEY,
// SP_IDP_PROV_CONFIG_VALUE,SP_IDP_PROV_CONFIG_IS_SECRET
String sqlBaseStmt = IdPManagementConstants.SQLQueries.GET_IDP_PROVISIONING_CONFIGS_SQL;
prepBaseStmt = dbConnection.prepareStatement(sqlBaseStmt);
prepBaseStmt.setInt(1, idPId);
rs1 = prepBaseStmt.executeQuery();
Map<String, ProvisioningConnectorConfig> provisioningConnectorMap = new HashMap<String, ProvisioningConnectorConfig>();
while (rs1.next()) {
ProvisioningConnectorConfig provisioningConnector;
String type = rs1.getString("PROVISIONING_CONNECTOR_TYPE");
if (!provisioningConnectorMap.containsKey(type)) {
provisioningConnector = new ProvisioningConnectorConfig();
provisioningConnector.setName(type);
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs1.getString("IS_ENABLED"))) {
provisioningConnector.setEnabled(true);
} else {
provisioningConnector.setEnabled(false);
}
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs1.getString("IS_BLOCKING"))) {
provisioningConnector.setBlocking(true);
} else {
provisioningConnector.setBlocking(false);
}
if (provisioningConnector.getProvisioningProperties() == null || provisioningConnector.getProvisioningProperties().length == 0) {
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_PROVISIONING_PROPERTY_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
int configId = rs1.getInt("ID");
prepStmt.setInt(1, tenantId);
prepStmt.setInt(2, configId);
rs2 = prepStmt.executeQuery();
List<Property> provisioningProperties = new ArrayList<Property>();
while (rs2.next()) {
Property property = new Property();
String name = rs2.getString("PROPERTY_KEY");
String value = rs2.getString("PROPERTY_VALUE");
String blobValue = getBlobValue(rs2.getBinaryStream("PROPERTY_BLOB_VALUE"));
String propertyType = rs2.getString("PROPERTY_TYPE");
String isSecret = rs2.getString("IS_SECRET");
property.setName(name);
if (propertyType != null && IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_BLOB.equals(propertyType.trim())) {
property.setValue(blobValue);
} else {
property.setValue(value);
}
property.setType(propertyType);
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(isSecret)) {
property.setConfidential(true);
} else {
property.setConfidential(false);
}
provisioningProperties.add(property);
}
provisioningConnector.setProvisioningProperties(provisioningProperties.toArray(new Property[provisioningProperties.size()]));
}
provisioningConnectorMap.put(type, provisioningConnector);
}
}
return provisioningConnectorMap.values().toArray(new ProvisioningConnectorConfig[provisioningConnectorMap.size()]);
} finally {
IdentityDatabaseUtil.closeAllConnections(null, rs2, prepBaseStmt);
IdentityDatabaseUtil.closeAllConnections(null, rs1, prepStmt);
}
}
use of org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method isProvisioningConfigAvailableToUpdate.
private boolean isProvisioningConfigAvailableToUpdate(ProvisioningConnectorConfig provisioningConnector, Connection dbConnection, int idpId, int tenantId) throws IdentityProviderManagementException {
ResultSet rs = null;
boolean isAvailable = false;
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_PROVISIONING_CONFIGS_FOR_CONNECTOR_TYPE_SQL;
try (PreparedStatement prepStmt = dbConnection.prepareStatement(sqlStmt)) {
prepStmt.setInt(1, idpId);
prepStmt.setString(2, provisioningConnector.getName());
prepStmt.setInt(3, tenantId);
rs = prepStmt.executeQuery();
if (rs.next()) {
isAvailable = rs.getInt(1) > 0;
}
} catch (SQLException e) {
throw new IdentityProviderManagementException("Error occurred while searching for provisioning connector " + "config of Identity Provider : " + idpId, e);
}
return isAvailable;
}
Aggregations