Search in sources :

Example 11 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.

the class IdPManagementDAOTest method addIdPData.

@DataProvider
public Object[][] addIdPData() {
    // Initialize Test Identity Provider 1.
    IdentityProvider idp1 = new IdentityProvider();
    idp1.setIdentityProviderName("testIdP1");
    idp1.setEnable(true);
    idp1.setPrimary(true);
    idp1.setFederationHub(true);
    idp1.setCertificate("");
    RoleMapping roleMapping1 = new RoleMapping(new LocalRole("1", "LocalRole1"), "Role1");
    RoleMapping roleMapping2 = new RoleMapping(new LocalRole("2", "LocalRole2"), "Role2");
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    permissionsAndRoleConfig.setIdpRoles(new String[] { "Role1", "Role2" });
    permissionsAndRoleConfig.setRoleMappings(new RoleMapping[] { roleMapping1, roleMapping2 });
    idp1.setPermissionAndRoleConfig(permissionsAndRoleConfig);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setDisplayName("DisplayName1");
    federatedAuthenticatorConfig.setName("Name");
    federatedAuthenticatorConfig.setEnabled(true);
    Property property1 = new Property();
    property1.setName("Property1");
    property1.setValue("value1");
    property1.setConfidential(false);
    Property property2 = new Property();
    property2.setName("Property2");
    property2.setValue("value2");
    property2.setConfidential(true);
    federatedAuthenticatorConfig.setProperties(new Property[] { property1, property2 });
    idp1.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    ProvisioningConnectorConfig provisioningConnectorConfig1 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig1.setName("ProvisiningConfig1");
    provisioningConnectorConfig1.setProvisioningProperties(new Property[] { property1 });
    ProvisioningConnectorConfig provisioningConnectorConfig2 = new ProvisioningConnectorConfig();
    provisioningConnectorConfig2.setName("ProvisiningConfig2");
    provisioningConnectorConfig2.setProvisioningProperties(new Property[] { property2 });
    provisioningConnectorConfig2.setEnabled(true);
    provisioningConnectorConfig2.setBlocking(true);
    idp1.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { provisioningConnectorConfig1, provisioningConnectorConfig2 });
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setLocalClaimDialect(false);
    claimConfig.setRoleClaimURI("Country");
    claimConfig.setUserClaimURI("Country");
    ClaimMapping claimMapping = ClaimMapping.build("http://wso2.org/claims/country", "Country", "", true);
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimId(0);
    remoteClaim.setClaimUri("Country");
    claimConfig.setIdpClaims(new Claim[] { remoteClaim });
    idp1.setClaimConfig(claimConfig);
    // Initialize Test Identity Provider 2.
    IdentityProvider idp2 = new IdentityProvider();
    idp2.setIdentityProviderName("testIdP2");
    ClaimConfig claimConfig2 = new ClaimConfig();
    claimConfig2.setLocalClaimDialect(true);
    claimConfig2.setRoleClaimURI("http://wso2.org/claims/role");
    claimConfig2.setUserClaimURI("http://wso2.org/claims/fullname");
    ClaimMapping claimMapping2 = new ClaimMapping();
    Claim localClaim2 = new Claim();
    localClaim2.setClaimId(0);
    localClaim2.setClaimUri("http://wso2.org/claims/fullname");
    claimMapping2.setLocalClaim(localClaim2);
    claimConfig2.setClaimMappings(new ClaimMapping[] { claimMapping2 });
    idp2.setClaimConfig(claimConfig2);
    // Initialize Test Identity Provider 3.
    IdentityProvider idp3 = new IdentityProvider();
    idp3.setIdentityProviderName("testIdP3");
    return new Object[][] { // IDP with PermissionsAndRoleConfig,FederatedAuthenticatorConfigs,ProvisioningConnectorConfigs,Claims.
    { idp1, SAMPLE_TENANT_ID }, // IDP with Local Cliam Dialect ClaimConfigs.
    { idp2, SAMPLE_TENANT_ID }, // IDP with Only name.
    { idp3, SAMPLE_TENANT_ID2 } };
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) Property(org.wso2.carbon.identity.application.common.model.Property) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim) DataProvider(org.testng.annotations.DataProvider)

Example 12 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.

the class CacheBackedApplicationDAO method getAllRequestedClaimsByServiceProvider.

public List<String> getAllRequestedClaimsByServiceProvider(String serviceProviderName, String tenantDomain) throws IdentityApplicationManagementException {
    ServiceProvider applicationFromCache = getApplicationFromCache(serviceProviderName, tenantDomain);
    if (applicationFromCache != null) {
        List<String> requestedLocalClaims = new ArrayList<>();
        ClaimConfig claimConfig = applicationFromCache.getClaimConfig();
        ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
        for (ClaimMapping claimMapping : claimMappings) {
            if (claimMapping.isRequested()) {
                requestedLocalClaims.add(claimMapping.getLocalClaim().getClaimUri());
            }
        }
        return requestedLocalClaims;
    }
    return appDAO.getAllRequestedClaimsByServiceProvider(serviceProviderName, tenantDomain);
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) ArrayList(java.util.ArrayList)

Example 13 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.

the class ClaimMetadataManagementServiceImpl method addExternalClaim.

@Override
public void addExternalClaim(ExternalClaim externalClaim, String tenantDomain) throws ClaimMetadataException {
    if (externalClaim == null || StringUtils.isBlank(externalClaim.getClaimURI())) {
        throw new ClaimMetadataClientException(ERROR_CODE_EMPTY_EXTERNAL_CLAIM_URI);
    }
    if (StringUtils.isBlank(externalClaim.getClaimDialectURI())) {
        throw new ClaimMetadataClientException(ERROR_CODE_EMPTY_EXTERNAL_DIALECT_URI);
    }
    if (StringUtils.isBlank(externalClaim.getMappedLocalClaim())) {
        throw new ClaimMetadataClientException(ERROR_CODE_MAPPED_TO_EMPTY_LOCAL_CLAIM_URI);
    }
    if (ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(externalClaim.getClaimDialectURI())) {
        throw new ClaimMetadataClientException(ERROR_CODE_INVALID_EXTERNAL_CLAIM_DIALECT);
    }
    ClaimConfig claimConfig = IdentityClaimManagementServiceDataHolder.getInstance().getClaimConfig();
    String claimURIRegex = null;
    if (claimConfig != null) {
        claimURIRegex = claimConfig.getClaimUriRegex(externalClaim.getClaimDialectURI());
    }
    if (claimURIRegex != null && !externalClaim.getClaimURI().matches(claimURIRegex)) {
        throw new ClaimMetadataClientException(ERROR_CODE_INVALID_EXTERNAL_CLAIM_URI);
    }
    // TODO : validate tenant domain?
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    if (isExistingExternalClaimURI(externalClaim.getClaimDialectURI(), externalClaim.getClaimURI(), tenantId)) {
        throw new ClaimMetadataClientException(ERROR_CODE_EXISTING_EXTERNAL_CLAIM_URI.getCode(), String.format(ERROR_CODE_EXISTING_EXTERNAL_CLAIM_URI.getMessage(), externalClaim.getClaimURI(), externalClaim.getClaimDialectURI()));
    }
    boolean isLocalClaimAlreadyMapped = this.externalClaimDAO.isLocalClaimMappedWithinDialect(externalClaim.getMappedLocalClaim(), externalClaim.getClaimDialectURI(), tenantId);
    if (isLocalClaimAlreadyMapped) {
        throw new ClaimMetadataClientException((ERROR_CODE_EXISTING_LOCAL_CLAIM_MAPPING.getCode()), String.format(ERROR_CODE_EXISTING_LOCAL_CLAIM_MAPPING.getMessage(), externalClaim.getMappedLocalClaim(), externalClaim.getClaimDialectURI()));
    }
    // Add listener
    this.externalClaimDAO.addExternalClaim(externalClaim, tenantId);
    ClaimMetadataEventPublisherProxy.getInstance().publishPostAddExternalClaim(tenantId, externalClaim);
}
Also used : ClaimMetadataClientException(org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataClientException) ClaimConfig(org.wso2.carbon.user.core.claim.inmemory.ClaimConfig)

Example 14 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.

the class DefaultClaimHandler method setSubjectClaim.

/**
 * Set authenticated user's SP Subject Claim URI as a property
 */
private void setSubjectClaim(AuthenticatedUser authenticatedUser, AbstractUserStoreManager userStore, Map<String, String> attributesMap, String spStandardDialect, AuthenticationContext context) {
    String subjectURI = context.getSequenceConfig().getApplicationConfig().getSubjectClaimUri();
    ApplicationConfig applicationConfig = context.getSequenceConfig().getApplicationConfig();
    ServiceProvider serviceProvider = applicationConfig.getServiceProvider();
    ClaimConfig claimConfig = serviceProvider.getClaimConfig();
    boolean isLocalClaimDialect = claimConfig.isLocalClaimDialect();
    Map<String, String> spToLocalClaimMappings = applicationConfig.getClaimMappings();
    if (subjectURI != null) {
        if (!isLocalClaimDialect && spStandardDialect != null) {
            if (spToLocalClaimMappings != null) {
                subjectURI = spToLocalClaimMappings.get(subjectURI);
            }
        }
        if (attributesMap.get(subjectURI) != null) {
            context.setProperty(SERVICE_PROVIDER_SUBJECT_CLAIM_VALUE, attributesMap.get(subjectURI));
            if (log.isDebugEnabled()) {
                log.debug("Setting \'ServiceProviderSubjectClaimValue\' property value from " + "attribute map " + attributesMap.get(subjectURI));
            }
        } else {
            log.debug("Subject claim not found among attributes");
        }
        // if federated case return
        if (authenticatedUser == null || userStore == null || authenticatedUser.isFederatedUser()) {
            if (log.isDebugEnabled()) {
                log.debug("User id or user store \'NULL\'. Possibly federated case");
            }
            return;
        }
        // standard dialect
        if (spStandardDialect != null) {
            setSubjectClaimForStandardDialect(authenticatedUser, userStore, context, subjectURI);
        }
    }
}
Also used : ApplicationConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)

Example 15 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project carbon-identity-framework by wso2.

the class DefaultClaimConfigInitDAO method initClaimConfig.

@Override
public void initClaimConfig(ClaimConfig claimConfig, int tenantId) {
    // Adding local claim dialect.
    try {
        claimDialectDAO.addClaimDialect(new ClaimDialect(ClaimConstants.LOCAL_CLAIM_DIALECT_URI), tenantId);
    } catch (ClaimMetadataException e) {
        log.error("Error while adding claim dialect " + ClaimConstants.LOCAL_CLAIM_DIALECT_URI, e);
    }
    if (claimConfig.getClaimMap() != null) {
        // Get the primary domain name.
        String primaryDomainName = IdentityUtil.getPrimaryDomainName();
        // Adding external dialects and claims.
        Set<String> claimDialectList = new HashSet<>();
        for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
            ClaimKey claimKey = entry.getKey();
            ClaimMapping claimMapping = entry.getValue();
            String claimDialectURI = claimMapping.getClaim().getDialectURI();
            String claimURI = claimKey.getClaimUri();
            if (ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
                List<AttributeMapping> mappedAttributes = new ArrayList<>();
                if (StringUtils.isNotBlank(claimMapping.getMappedAttribute())) {
                    mappedAttributes.add(new AttributeMapping(primaryDomainName, claimMapping.getMappedAttribute()));
                }
                if (claimMapping.getMappedAttributes() != null) {
                    for (Map.Entry<String, String> claimMappingEntry : claimMapping.getMappedAttributes().entrySet()) {
                        mappedAttributes.add(new AttributeMapping(claimMappingEntry.getKey(), claimMappingEntry.getValue()));
                    }
                }
                LocalClaim localClaim = new LocalClaim(claimURI, mappedAttributes, fillClaimProperties(claimConfig, claimKey));
                try {
                    // As this is at the initial server startup or tenant creation time, no need go through the
                    // caching layer. Going through the caching layer add overhead for bulk claim add.
                    LocalClaimDAO localClaimDAO = new LocalClaimDAO();
                    localClaimDAO.addLocalClaim(localClaim, tenantId);
                } catch (ClaimMetadataException e) {
                    log.error("Error while adding local claim " + claimURI, e);
                }
            } else {
                claimDialectList.add(claimDialectURI);
            }
        }
        // Add external claim dialects.
        for (String claimDialectURI : claimDialectList) {
            ClaimDialect claimDialect = new ClaimDialect(claimDialectURI);
            try {
                claimDialectDAO.addClaimDialect(claimDialect, tenantId);
            } catch (ClaimMetadataException e) {
                log.error("Error while adding claim dialect " + claimDialectURI, e);
            }
        }
        for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
            ClaimKey claimKey = entry.getKey();
            String claimURI = claimKey.getClaimUri();
            String claimDialectURI = entry.getValue().getClaim().getDialectURI();
            if (!ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
                String mappedLocalClaimURI = claimConfig.getPropertyHolderMap().get(claimKey).get(ClaimConstants.MAPPED_LOCAL_CLAIM_PROPERTY);
                ExternalClaim externalClaim = new ExternalClaim(claimDialectURI, claimURI, mappedLocalClaimURI, fillClaimProperties(claimConfig, claimKey));
                try {
                    // As this is at the initial server startup or tenant creation time, no need go through the
                    // caching layer. Going through the caching layer add overhead for bulk claim add.
                    ExternalClaimDAO externalClaimDAO = new ExternalClaimDAO();
                    externalClaimDAO.addExternalClaim(externalClaim, tenantId);
                } catch (ClaimMetadataException e) {
                    log.error("Error while adding external claim " + claimURI + " to dialect " + claimDialectURI, e);
                }
            }
        }
    }
}
Also used : LocalClaimDAO(org.wso2.carbon.identity.claim.metadata.mgt.dao.LocalClaimDAO) ClaimMetadataException(org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException) ExternalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim) ArrayList(java.util.ArrayList) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim) ClaimMapping(org.wso2.carbon.user.core.claim.ClaimMapping) ClaimKey(org.wso2.carbon.user.core.claim.ClaimKey) ClaimDialect(org.wso2.carbon.identity.claim.metadata.mgt.model.ClaimDialect) AttributeMapping(org.wso2.carbon.identity.claim.metadata.mgt.model.AttributeMapping) Map(java.util.Map) HashSet(java.util.HashSet) ExternalClaimDAO(org.wso2.carbon.identity.claim.metadata.mgt.dao.ExternalClaimDAO)

Aggregations

ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)38 ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)28 ArrayList (java.util.ArrayList)22 ClaimConfig (org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig)17 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)14 ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)13 Claim (org.wso2.carbon.identity.application.common.model.Claim)12 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)12 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)11 PreparedStatement (java.sql.PreparedStatement)10 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)10 Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)10 ResultSet (java.sql.ResultSet)9 Test (org.testng.annotations.Test)9 PermissionsAndRoleConfig (org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)9 ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)9 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)8 RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)8 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)7 Property (org.wso2.carbon.identity.application.common.model.Property)7