use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAOTest method addIdPData.
@DataProvider
public Object[][] addIdPData() {
// Initialize Test Identity Provider 1.
IdentityProvider idp1 = new IdentityProvider();
idp1.setIdentityProviderName("testIdP1");
idp1.setEnable(true);
idp1.setPrimary(true);
idp1.setFederationHub(true);
idp1.setCertificate("");
RoleMapping roleMapping1 = new RoleMapping(new LocalRole("1", "LocalRole1"), "Role1");
RoleMapping roleMapping2 = new RoleMapping(new LocalRole("2", "LocalRole2"), "Role2");
PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
permissionsAndRoleConfig.setIdpRoles(new String[] { "Role1", "Role2" });
permissionsAndRoleConfig.setRoleMappings(new RoleMapping[] { roleMapping1, roleMapping2 });
idp1.setPermissionAndRoleConfig(permissionsAndRoleConfig);
FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
federatedAuthenticatorConfig.setDisplayName("DisplayName1");
federatedAuthenticatorConfig.setName("Name");
federatedAuthenticatorConfig.setEnabled(true);
Property property1 = new Property();
property1.setName("Property1");
property1.setValue("value1");
property1.setConfidential(false);
Property property2 = new Property();
property2.setName("Property2");
property2.setValue("value2");
property2.setConfidential(true);
federatedAuthenticatorConfig.setProperties(new Property[] { property1, property2 });
idp1.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
ProvisioningConnectorConfig provisioningConnectorConfig1 = new ProvisioningConnectorConfig();
provisioningConnectorConfig1.setName("ProvisiningConfig1");
provisioningConnectorConfig1.setProvisioningProperties(new Property[] { property1 });
ProvisioningConnectorConfig provisioningConnectorConfig2 = new ProvisioningConnectorConfig();
provisioningConnectorConfig2.setName("ProvisiningConfig2");
provisioningConnectorConfig2.setProvisioningProperties(new Property[] { property2 });
provisioningConnectorConfig2.setEnabled(true);
provisioningConnectorConfig2.setBlocking(true);
idp1.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { provisioningConnectorConfig1, provisioningConnectorConfig2 });
ClaimConfig claimConfig = new ClaimConfig();
claimConfig.setLocalClaimDialect(false);
claimConfig.setRoleClaimURI("Country");
claimConfig.setUserClaimURI("Country");
ClaimMapping claimMapping = ClaimMapping.build("http://wso2.org/claims/country", "Country", "", true);
claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
Claim remoteClaim = new Claim();
remoteClaim.setClaimId(0);
remoteClaim.setClaimUri("Country");
claimConfig.setIdpClaims(new Claim[] { remoteClaim });
idp1.setClaimConfig(claimConfig);
// Initialize Test Identity Provider 2.
IdentityProvider idp2 = new IdentityProvider();
idp2.setIdentityProviderName("testIdP2");
ClaimConfig claimConfig2 = new ClaimConfig();
claimConfig2.setLocalClaimDialect(true);
claimConfig2.setRoleClaimURI("http://wso2.org/claims/role");
claimConfig2.setUserClaimURI("http://wso2.org/claims/fullname");
ClaimMapping claimMapping2 = new ClaimMapping();
Claim localClaim2 = new Claim();
localClaim2.setClaimId(0);
localClaim2.setClaimUri("http://wso2.org/claims/fullname");
claimMapping2.setLocalClaim(localClaim2);
claimConfig2.setClaimMappings(new ClaimMapping[] { claimMapping2 });
idp2.setClaimConfig(claimConfig2);
// Initialize Test Identity Provider 3.
IdentityProvider idp3 = new IdentityProvider();
idp3.setIdentityProviderName("testIdP3");
return new Object[][] { // IDP with PermissionsAndRoleConfig,FederatedAuthenticatorConfigs,ProvisioningConnectorConfigs,Claims.
{ idp1, SAMPLE_TENANT_ID }, // IDP with Local Cliam Dialect ClaimConfigs.
{ idp2, SAMPLE_TENANT_ID }, // IDP with Only name.
{ idp3, SAMPLE_TENANT_ID2 } };
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.
the class CacheBackedApplicationDAO method getAllRequestedClaimsByServiceProvider.
public List<String> getAllRequestedClaimsByServiceProvider(String serviceProviderName, String tenantDomain) throws IdentityApplicationManagementException {
ServiceProvider applicationFromCache = getApplicationFromCache(serviceProviderName, tenantDomain);
if (applicationFromCache != null) {
List<String> requestedLocalClaims = new ArrayList<>();
ClaimConfig claimConfig = applicationFromCache.getClaimConfig();
ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
for (ClaimMapping claimMapping : claimMappings) {
if (claimMapping.isRequested()) {
requestedLocalClaims.add(claimMapping.getLocalClaim().getClaimUri());
}
}
return requestedLocalClaims;
}
return appDAO.getAllRequestedClaimsByServiceProvider(serviceProviderName, tenantDomain);
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.
the class ClaimMetadataManagementServiceImpl method addExternalClaim.
@Override
public void addExternalClaim(ExternalClaim externalClaim, String tenantDomain) throws ClaimMetadataException {
if (externalClaim == null || StringUtils.isBlank(externalClaim.getClaimURI())) {
throw new ClaimMetadataClientException(ERROR_CODE_EMPTY_EXTERNAL_CLAIM_URI);
}
if (StringUtils.isBlank(externalClaim.getClaimDialectURI())) {
throw new ClaimMetadataClientException(ERROR_CODE_EMPTY_EXTERNAL_DIALECT_URI);
}
if (StringUtils.isBlank(externalClaim.getMappedLocalClaim())) {
throw new ClaimMetadataClientException(ERROR_CODE_MAPPED_TO_EMPTY_LOCAL_CLAIM_URI);
}
if (ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(externalClaim.getClaimDialectURI())) {
throw new ClaimMetadataClientException(ERROR_CODE_INVALID_EXTERNAL_CLAIM_DIALECT);
}
ClaimConfig claimConfig = IdentityClaimManagementServiceDataHolder.getInstance().getClaimConfig();
String claimURIRegex = null;
if (claimConfig != null) {
claimURIRegex = claimConfig.getClaimUriRegex(externalClaim.getClaimDialectURI());
}
if (claimURIRegex != null && !externalClaim.getClaimURI().matches(claimURIRegex)) {
throw new ClaimMetadataClientException(ERROR_CODE_INVALID_EXTERNAL_CLAIM_URI);
}
// TODO : validate tenant domain?
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
if (isExistingExternalClaimURI(externalClaim.getClaimDialectURI(), externalClaim.getClaimURI(), tenantId)) {
throw new ClaimMetadataClientException(ERROR_CODE_EXISTING_EXTERNAL_CLAIM_URI.getCode(), String.format(ERROR_CODE_EXISTING_EXTERNAL_CLAIM_URI.getMessage(), externalClaim.getClaimURI(), externalClaim.getClaimDialectURI()));
}
boolean isLocalClaimAlreadyMapped = this.externalClaimDAO.isLocalClaimMappedWithinDialect(externalClaim.getMappedLocalClaim(), externalClaim.getClaimDialectURI(), tenantId);
if (isLocalClaimAlreadyMapped) {
throw new ClaimMetadataClientException((ERROR_CODE_EXISTING_LOCAL_CLAIM_MAPPING.getCode()), String.format(ERROR_CODE_EXISTING_LOCAL_CLAIM_MAPPING.getMessage(), externalClaim.getMappedLocalClaim(), externalClaim.getClaimDialectURI()));
}
// Add listener
this.externalClaimDAO.addExternalClaim(externalClaim, tenantId);
ClaimMetadataEventPublisherProxy.getInstance().publishPostAddExternalClaim(tenantId, externalClaim);
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.
the class DefaultClaimHandler method setSubjectClaim.
/**
* Set authenticated user's SP Subject Claim URI as a property
*/
private void setSubjectClaim(AuthenticatedUser authenticatedUser, AbstractUserStoreManager userStore, Map<String, String> attributesMap, String spStandardDialect, AuthenticationContext context) {
String subjectURI = context.getSequenceConfig().getApplicationConfig().getSubjectClaimUri();
ApplicationConfig applicationConfig = context.getSequenceConfig().getApplicationConfig();
ServiceProvider serviceProvider = applicationConfig.getServiceProvider();
ClaimConfig claimConfig = serviceProvider.getClaimConfig();
boolean isLocalClaimDialect = claimConfig.isLocalClaimDialect();
Map<String, String> spToLocalClaimMappings = applicationConfig.getClaimMappings();
if (subjectURI != null) {
if (!isLocalClaimDialect && spStandardDialect != null) {
if (spToLocalClaimMappings != null) {
subjectURI = spToLocalClaimMappings.get(subjectURI);
}
}
if (attributesMap.get(subjectURI) != null) {
context.setProperty(SERVICE_PROVIDER_SUBJECT_CLAIM_VALUE, attributesMap.get(subjectURI));
if (log.isDebugEnabled()) {
log.debug("Setting \'ServiceProviderSubjectClaimValue\' property value from " + "attribute map " + attributesMap.get(subjectURI));
}
} else {
log.debug("Subject claim not found among attributes");
}
// if federated case return
if (authenticatedUser == null || userStore == null || authenticatedUser.isFederatedUser()) {
if (log.isDebugEnabled()) {
log.debug("User id or user store \'NULL\'. Possibly federated case");
}
return;
}
// standard dialect
if (spStandardDialect != null) {
setSubjectClaimForStandardDialect(authenticatedUser, userStore, context, subjectURI);
}
}
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.
the class DefaultClaimConfigInitDAO method initClaimConfig.
@Override
public void initClaimConfig(ClaimConfig claimConfig, int tenantId) {
// Adding local claim dialect.
try {
claimDialectDAO.addClaimDialect(new ClaimDialect(ClaimConstants.LOCAL_CLAIM_DIALECT_URI), tenantId);
} catch (ClaimMetadataException e) {
log.error("Error while adding claim dialect " + ClaimConstants.LOCAL_CLAIM_DIALECT_URI, e);
}
if (claimConfig.getClaimMap() != null) {
// Get the primary domain name.
String primaryDomainName = IdentityUtil.getPrimaryDomainName();
// Adding external dialects and claims.
Set<String> claimDialectList = new HashSet<>();
for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
ClaimKey claimKey = entry.getKey();
ClaimMapping claimMapping = entry.getValue();
String claimDialectURI = claimMapping.getClaim().getDialectURI();
String claimURI = claimKey.getClaimUri();
if (ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
List<AttributeMapping> mappedAttributes = new ArrayList<>();
if (StringUtils.isNotBlank(claimMapping.getMappedAttribute())) {
mappedAttributes.add(new AttributeMapping(primaryDomainName, claimMapping.getMappedAttribute()));
}
if (claimMapping.getMappedAttributes() != null) {
for (Map.Entry<String, String> claimMappingEntry : claimMapping.getMappedAttributes().entrySet()) {
mappedAttributes.add(new AttributeMapping(claimMappingEntry.getKey(), claimMappingEntry.getValue()));
}
}
LocalClaim localClaim = new LocalClaim(claimURI, mappedAttributes, fillClaimProperties(claimConfig, claimKey));
try {
// As this is at the initial server startup or tenant creation time, no need go through the
// caching layer. Going through the caching layer add overhead for bulk claim add.
LocalClaimDAO localClaimDAO = new LocalClaimDAO();
localClaimDAO.addLocalClaim(localClaim, tenantId);
} catch (ClaimMetadataException e) {
log.error("Error while adding local claim " + claimURI, e);
}
} else {
claimDialectList.add(claimDialectURI);
}
}
// Add external claim dialects.
for (String claimDialectURI : claimDialectList) {
ClaimDialect claimDialect = new ClaimDialect(claimDialectURI);
try {
claimDialectDAO.addClaimDialect(claimDialect, tenantId);
} catch (ClaimMetadataException e) {
log.error("Error while adding claim dialect " + claimDialectURI, e);
}
}
for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
ClaimKey claimKey = entry.getKey();
String claimURI = claimKey.getClaimUri();
String claimDialectURI = entry.getValue().getClaim().getDialectURI();
if (!ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
String mappedLocalClaimURI = claimConfig.getPropertyHolderMap().get(claimKey).get(ClaimConstants.MAPPED_LOCAL_CLAIM_PROPERTY);
ExternalClaim externalClaim = new ExternalClaim(claimDialectURI, claimURI, mappedLocalClaimURI, fillClaimProperties(claimConfig, claimKey));
try {
// As this is at the initial server startup or tenant creation time, no need go through the
// caching layer. Going through the caching layer add overhead for bulk claim add.
ExternalClaimDAO externalClaimDAO = new ExternalClaimDAO();
externalClaimDAO.addExternalClaim(externalClaim, tenantId);
} catch (ClaimMetadataException e) {
log.error("Error while adding external claim " + claimURI + " to dialect " + claimDialectURI, e);
}
}
}
}
}
Aggregations