Example 36 with Claim
use of org.wso2.carbon.identity.application.common.model.xsd.Claim in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildClaimConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildClaimConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap, List<String> idpClaims, ClaimMapping[] currentClaimMapping) throws IdentityApplicationManagementException {
ClaimConfig claimConfiguration = new ClaimConfig();
if (idpClaims != null && idpClaims.size() > 0) {
List<Claim> idPClaimList = new ArrayList<Claim>();
for (Iterator<String> iterator = idpClaims.iterator(); iterator.hasNext(); ) {
String claimUri = iterator.next();
Claim idpClaim = new Claim();
idpClaim.setClaimUri(claimUri);
idPClaimList.add(idpClaim);
}
claimConfiguration.setIdpClaims(idPClaimList.toArray(new Claim[idPClaimList.size()]));
}
claimConfiguration.setUserClaimURI(paramMap.get("user_id_claim_dropdown"));
claimConfiguration.setRoleClaimURI(paramMap.get("role_claim_dropdown"));
ClaimConfig claimConfigurationUpdated = claimMappingFromUI(claimConfiguration, paramMap);
fedIdp.setClaimConfig(claimConfigurationUpdated);
}
Also used :
ClaimConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.ClaimConfig)
ArrayList(java.util.ArrayList)
Claim(org.wso2.carbon.identity.application.common.model.idp.xsd.Claim)
Example 37 with Claim
use of org.wso2.carbon.identity.application.common.model.xsd.Claim in project carbon-identity-framework by wso2.
the class UserStoreBasedIdentityDataStore method load.
/**
* This method loads identity and security questions from the user stores
*/
@Override
public UserIdentityClaimsDO load(String userName, UserStoreManager userStoreManager) {
UserIdentityClaimsDO userIdentityDTO = super.load(userName, userStoreManager);
if (userIdentityDTO != null) {
return userIdentityDTO;
}
// which happen calling getUserClaimValues()
if (TRUE_STRING.equals(userStoreInvoked.get())) {
if (log.isDebugEnabled()) {
log.debug("UserStoreBasedIdentityDataStore.load() already been called in the stack." + "Hence returning without processing load() again.");
}
return null;
} else {
if (log.isDebugEnabled()) {
log.debug("Set flag to indicate method UserStoreBasedIdentityDataStore.load() been called");
}
userStoreInvoked.set(TRUE_STRING);
}
Map<String, String> userDataMap = new HashMap<String, String>();
try {
// reading all claims of the user
Claim[] claims = ((AbstractUserStoreManager) userStoreManager).getUserClaimValues(userName, null);
// select the security questions and identity claims
if (claims != null) {
for (Claim claim : claims) {
String claimUri = claim.getClaimUri();
if (claimUri.contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI) || claimUri.contains(UserCoreConstants.ClaimTypeURIs.CHALLENGE_QUESTION_URI)) {
if (log.isDebugEnabled()) {
log.debug("Adding UserIdentityClaim : " + claimUri + " with the value : " + claim.getValue());
}
userDataMap.put(claimUri, claim.getValue());
}
}
} else {
// null is returned when the user doesn't exist
return null;
}
} catch (UserStoreException e) {
if (!e.getMessage().startsWith(IdentityCoreConstants.USER_NOT_FOUND)) {
log.error("Error while reading identity user data from user store", e);
} else if (log.isDebugEnabled()) {
String message = null;
if (userStoreManager instanceof AbstractUserStoreManager) {
String domain = ((AbstractUserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
if (domain != null) {
message = "User: " + userName + " does not exist in " + domain;
}
}
if (message == null) {
message = "User: " + userName + " does not exist";
}
log.debug(message);
}
return null;
} finally {
// reset to initial value
if (log.isDebugEnabled()) {
log.debug("Reset flag to indicate method UserStoreBasedIdentityDataStore.load() being completing");
}
userStoreInvoked.set(FALSE_STRING);
}
userIdentityDTO = new UserIdentityClaimsDO(userName, userDataMap);
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
userIdentityDTO.setTenantId(tenantId);
org.wso2.carbon.user.core.UserStoreManager store = (org.wso2.carbon.user.core.UserStoreManager) userStoreManager;
String domainName = store.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
try {
super.store(userIdentityDTO, userStoreManager);
} catch (IdentityException e) {
log.error("Error while reading user identity data", e);
}
return userIdentityDTO;
}
Also used :
HashMap(java.util.HashMap)
UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)
AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager)
ActiveDirectoryUserStoreManager(org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager)
ReadWriteLDAPUserStoreManager(org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager)
JDBCUserStoreManager(org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager)
UserIdentityClaimsDO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)
Claim(org.wso2.carbon.user.core.claim.Claim)
Example 38 with Claim
use of org.wso2.carbon.identity.application.common.model.xsd.Claim in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getLocalIdPDefaultClaimValues.
/**
* @param dbConnection
* @param idPName
* @param userClaimUri
* @param roleClaimUri
* @param idpId
* @param tenantId
* @return
* @throws SQLException
*/
private ClaimConfig getLocalIdPDefaultClaimValues(Connection dbConnection, String idPName, String userClaimUri, String roleClaimUri, int idpId, int tenantId) throws SQLException {
PreparedStatement prepStmt = null;
ResultSet rs = null;
String sqlStmt;
ClaimConfig claimConfig = new ClaimConfig();
try {
claimConfig.setLocalClaimDialect(true);
claimConfig.setRoleClaimURI(roleClaimUri);
claimConfig.setUserClaimURI(userClaimUri);
sqlStmt = IdPManagementConstants.SQLQueries.GET_LOCAL_IDP_DEFAULT_CLAIM_VALUES_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, idpId);
prepStmt.setInt(2, tenantId);
List<ClaimMapping> claimMappings = new ArrayList<ClaimMapping>();
rs = prepStmt.executeQuery();
while (rs.next()) {
ClaimMapping claimMapping = new ClaimMapping();
// empty claim.
Claim remoteClaim = new Claim();
Claim localClaim = new Claim();
localClaim.setClaimUri(rs.getString("CLAIM_URI"));
claimMapping.setLocalClaim(localClaim);
claimMapping.setRemoteClaim(remoteClaim);
claimMapping.setDefaultValue(rs.getString("DEFAULT_VALUE"));
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_REQUESTED"))) {
claimMapping.setRequested(true);
} else if (rs.getString("IS_REQUESTED").equals(IdPManagementConstants.IS_TRUE_VALUE)) {
claimMapping.setRequested(false);
}
claimMappings.add(claimMapping);
}
claimConfig.setClaimMappings(claimMappings.toArray(new ClaimMapping[claimMappings.size()]));
return claimConfig;
} finally {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
Also used :
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
ResultSet(java.sql.ResultSet)
ArrayList(java.util.ArrayList)
PreparedStatement(java.sql.PreparedStatement)
Claim(org.wso2.carbon.identity.application.common.model.Claim)
Example 39 with Claim
use of org.wso2.carbon.identity.application.common.model.xsd.Claim in project carbon-identity-framework by wso2.
the class IdPManagementDAO method addIdPWithResourceId.
/**
* Add IDP.
*
* @param identityProvider Identity provider information.
* @param tenantId Tenant ID.
* @return Resource ID of created IDP.
* @throws IdentityProviderManagementException
*/
public String addIdPWithResourceId(IdentityProvider identityProvider, int tenantId) throws IdentityProviderManagementException {
Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true);
PreparedStatement prepStmt = null;
try {
if (identityProvider.isPrimary()) {
// this is going to be the primary. Switch off any other primary set up in the
// system.
switchOffPrimary(dbConnection, tenantId);
}
// SP_TENANT_ID, SP_IDP_NAME, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID, SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,
// SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.ADD_IDP_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, tenantId);
prepStmt.setString(2, identityProvider.getIdentityProviderName());
if (identityProvider.isPrimary()) {
prepStmt.setString(3, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(3, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(4, identityProvider.getHomeRealmId());
if (ArrayUtils.isNotEmpty(identityProvider.getCertificateInfoArray())) {
try {
// Check whether certificate decoding and certificate generation fails or not.
IdentityApplicationManagementUtil.getCertDataArray(identityProvider.getCertificateInfoArray());
} catch (CertificateException ex) {
throw new IdentityProviderManagementClientException("Malformed Public Certificate file has been " + "provided.", ex);
}
}
JSONArray certificateInfoJsonArray = new JSONArray(identityProvider.getCertificateInfoArray());
setBlobValue(certificateInfoJsonArray.toString(), prepStmt, 5);
prepStmt.setString(6, identityProvider.getAlias());
if (identityProvider.getJustInTimeProvisioningConfig() != null) {
// provisioned locally.
if (identityProvider.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
prepStmt.setString(7, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
}
// user will be provisioned to the configured user store.
prepStmt.setString(8, identityProvider.getJustInTimeProvisioningConfig().getProvisioningUserStore());
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
prepStmt.setString(8, null);
}
if (identityProvider.getClaimConfig() != null) {
// this is how we find the subject name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(9, identityProvider.getClaimConfig().getUserClaimURI());
// this is how we find the role name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(10, identityProvider.getClaimConfig().getRoleClaimURI());
} else {
prepStmt.setString(9, null);
prepStmt.setString(10, null);
}
if (identityProvider.getDefaultAuthenticatorConfig() != null) {
prepStmt.setString(11, identityProvider.getDefaultAuthenticatorConfig().getName());
} else {
prepStmt.setString(11, null);
}
if (identityProvider.getDefaultProvisioningConnectorConfig() != null) {
prepStmt.setString(12, identityProvider.getDefaultProvisioningConnectorConfig().getName());
} else {
prepStmt.setString(12, null);
}
prepStmt.setString(13, identityProvider.getIdentityProviderDescription());
if (identityProvider.isFederationHub()) {
prepStmt.setString(14, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(14, IdPManagementConstants.IS_FALSE_VALUE);
}
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().isLocalClaimDialect()) {
prepStmt.setString(15, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(15, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(16, identityProvider.getProvisioningRole());
// enabled by default
prepStmt.setString(17, IdPManagementConstants.IS_TRUE_VALUE);
prepStmt.setString(18, identityProvider.getDisplayName());
prepStmt.setString(19, identityProvider.getImageUrl());
String resourceId = UUID.randomUUID().toString();
prepStmt.setString(20, resourceId);
prepStmt.executeUpdate();
prepStmt.clearParameters();
// get newly added Identity provider.
IdentityProvider createdIDP = getIDPbyResourceId(dbConnection, resourceId, tenantId, IdentityTenantUtil.getTenantDomain(tenantId));
// get the id of the just added identity provider.
int idPId = Integer.parseInt(createdIDP.getId());
if (idPId <= 0) {
String msg = "Error adding Identity Provider for tenant " + tenantId;
throw new IdentityProviderManagementException(msg);
}
// add provisioning connectors.
if (identityProvider.getProvisioningConnectorConfigs() != null && identityProvider.getProvisioningConnectorConfigs().length > 0) {
addProvisioningConnectorConfigs(identityProvider.getProvisioningConnectorConfigs(), dbConnection, idPId, tenantId);
}
// add federated authenticators.
addFederatedAuthenticatorConfigs(identityProvider.getFederatedAuthenticatorConfigs(), dbConnection, idPId, tenantId);
// add role configuration.
if (identityProvider.getPermissionAndRoleConfig() != null) {
if (identityProvider.getPermissionAndRoleConfig().getIdpRoles() != null && identityProvider.getPermissionAndRoleConfig().getIdpRoles().length > 0) {
// add roles.
addIdPRoles(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getIdpRoles());
if (identityProvider.getPermissionAndRoleConfig().getRoleMappings() != null && identityProvider.getPermissionAndRoleConfig().getRoleMappings().length > 0) {
// add role mappings.
addIdPRoleMappings(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getRoleMappings());
}
}
}
// add claim configuration.
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().getClaimMappings() != null && identityProvider.getClaimConfig().getClaimMappings().length > 0) {
if (identityProvider.getClaimConfig().isLocalClaimDialect()) {
// identity provider is using local claim dialect - we do not need to add
// claims.
addDefaultClaimValuesForLocalIdP(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
} else {
addIdPClaims(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getIdpClaims());
addIdPClaimMappings(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
}
}
IdentityProviderProperty[] idpProperties = identityProvider.getIdpProperties();
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(identityProvider.getIdentityProviderName())) {
idpProperties = filterConnectorProperties(idpProperties, IdentityTenantUtil.getTenantDomain(tenantId)).toArray(new IdentityProviderProperty[0]);
}
List<IdentityProviderProperty> identityProviderProperties = getCombinedProperties(identityProvider.getJustInTimeProvisioningConfig(), idpProperties);
identityProviderProperties.add(buildTemplateIdProperty(identityProvider));
addIdentityProviderProperties(dbConnection, idPId, identityProviderProperties, tenantId);
IdentityDatabaseUtil.commitTransaction(dbConnection);
return resourceId;
} catch (IOException e) {
throw new IdentityProviderManagementException("An error occurred while processing content stream.", e);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while adding Identity Provider for tenant " + tenantId, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("An error occurred while filtering IDP properties.", e);
} finally {
IdentityDatabaseUtil.closeAllConnections(dbConnection, null, prepStmt);
}
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
JSONArray(org.json.JSONArray)
PreparedStatement(java.sql.PreparedStatement)
CertificateException(java.security.cert.CertificateException)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
IOException(java.io.IOException)
IdentityProviderManagementClientException(org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException)
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
ConnectorException(org.wso2.carbon.identity.core.ConnectorException)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Example 40 with Claim
use of org.wso2.carbon.identity.application.common.model.xsd.Claim in project carbon-identity-framework by wso2.
the class IdPManagementServiceComponent method activate.
@Activate
protected void activate(ComponentContext ctxt) {
try {
BundleContext bundleCtx = ctxt.getBundleContext();
TenantManagementListener idPMgtTenantMgtListener = new TenantManagementListener();
ServiceRegistration tenantMgtListenerSR = bundleCtx.registerService(TenantMgtListener.class.getName(), idPMgtTenantMgtListener, null);
if (tenantMgtListenerSR != null) {
log.debug("Identity Provider Management - TenantMgtListener registered");
} else {
log.error("Identity Provider Management - TenantMgtListener could not be registered");
}
ServiceRegistration userOperationListenerSR = bundleCtx.registerService(UserOperationEventListener.class.getName(), new UserStoreListener(), null);
if (userOperationListenerSR != null) {
log.debug("Identity Provider Management - UserOperationEventListener registered");
} else {
log.error("Identity Provider Management - UserOperationEventListener could not be registered");
}
ServiceRegistration auditLoggerSR = bundleCtx.registerService(IdentityProviderMgtListener.class.getName(), new IDPMgtAuditLogger(), null);
if (auditLoggerSR != null) {
log.debug("Identity Provider Management - Audit Logger registered");
} else {
log.error("Identity Provider Management - Error while registering Audit Logger");
}
ServiceRegistration idPNameResolverListener = bundleCtx.registerService(IdentityProviderMgtListener.class.getName(), new IdentityProviderNameResolverListener(), null);
if (idPNameResolverListener != null) {
if (log.isDebugEnabled()) {
log.debug("Identity Provider Name Resolver Listener registered.");
}
} else {
log.error("Identity Provider Management - Error while registering Identity Provider Name Resolver " + "Listener.");
}
setIdentityProviderMgtListenerService(new IdPMgtValidationListener());
CacheBackedIdPMgtDAO dao = new CacheBackedIdPMgtDAO(new IdPManagementDAO());
if (dao.getIdPByName(null, IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME, IdentityTenantUtil.getTenantId(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME) == null) {
addSuperTenantIdp();
}
bundleCtx.registerService(IdpManager.class, IdentityProviderManager.getInstance(), null);
ServiceRegistration idpClaimMetadataMgtListener = bundleCtx.registerService(ClaimMetadataMgtListener.class.getName(), new IdentityProviderClaimMgtListener(), null);
if (idpClaimMetadataMgtListener != null) {
if (log.isDebugEnabled()) {
log.debug("Identity Provider Claim Metadata Management Listener registered.");
}
} else {
log.error("Identity Provider Management - Error while registering Identity Provider Claim Metadata " + "Management Listener.");
}
buildFileBasedIdPList();
cleanUpRemovedIdps();
log.debug("Identity Provider Management bundle is activated");
} catch (Throwable e) {
log.error("Error while activating Identity Provider Management bundle", e);
}
}
Also used :
IdentityProviderNameResolverListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderNameResolverListener)
UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener)
CacheBackedIdPMgtDAO(org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO)
IdPManagementDAO(org.wso2.carbon.idp.mgt.dao.IdPManagementDAO)
IdentityProviderMgtListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener)
ClaimMetadataMgtListener(org.wso2.carbon.identity.claim.metadata.mgt.listener.ClaimMetadataMgtListener)
TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener)
IdentityProviderClaimMgtListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderClaimMgtListener)
IDPMgtAuditLogger(org.wso2.carbon.idp.mgt.listener.IDPMgtAuditLogger)
IdPMgtValidationListener(org.wso2.carbon.idp.mgt.listener.IdPMgtValidationListener)
BundleContext(org.osgi.framework.BundleContext)
ServiceRegistration(org.osgi.framework.ServiceRegistration)
Activate(org.osgi.service.component.annotations.Activate)
Aggregations
HashMap (java.util.HashMap)112
ArrayList (java.util.ArrayList)89
ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)66
UserStoreException (org.wso2.carbon.user.api.UserStoreException)65
Test (org.testng.annotations.Test)63
ClaimMetadataException (org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException)55
Map (java.util.Map)49
PreparedStatement (java.sql.PreparedStatement)48
SQLException (java.sql.SQLException)43
LocalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)34
RealmService (org.wso2.carbon.user.core.service.RealmService)30
UserRealm (org.wso2.carbon.user.core.UserRealm)29
Claim (org.wso2.carbon.user.api.Claim)28
UserStoreException (org.wso2.carbon.user.core.UserStoreException)28
UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)28
ResultSet (java.sql.ResultSet)27
Connection (java.sql.Connection)25
ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)25
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)24
Claim (org.wso2.carbon.identity.application.common.model.Claim)24
