Examples with ClaimConfig org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig used on opensource projects

Example 21 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class ClaimsUtil method addMissingClaims.

/**
 * To add the missing claims that are missed in IDP and SP mapping.
 *
 * @param tokenReqMsgCtx             Token request message context.
 * @param userAttributes                 Attributes received from IDP.
 * @param claimsAfterIDPandSPMapping Claims.
 * @param idPClaimMappings           IDP Claim mappings.
 * @return Final claim map with all the claims received from the IDP.
 * @throws IdentityApplicationManagementException Identity Application Management Exception.
 */
private static Map<String, String> addMissingClaims(OAuthTokenReqMessageContext tokenReqMsgCtx, Map<String, String> userAttributes, Map<String, String> claimsAfterIDPandSPMapping, ClaimMapping[] idPClaimMappings) throws IdentityApplicationManagementException {
    boolean isUserClaimsLoggable = isUserClaimsInTokenLoggable();
    ServiceProvider serviceProvider = getServiceProvider(tokenReqMsgCtx);
    ClaimConfig serviceProviderClaimConfig = serviceProvider.getClaimConfig();
    AuthenticatedUser authenticatedUser = tokenReqMsgCtx.getAuthorizedUser();
    userAttributes.forEach((key, value) -> {
        boolean foundMatching = false;
        String localClaimUri = null;
        // If IDP Claim mapping is not empty.
        if (ArrayUtils.isNotEmpty(idPClaimMappings)) {
            // Go through the claim mappings to identify the missed attributes in IDP level claim mapping.
            for (ClaimMapping claimMapping : idPClaimMappings) {
                if (claimMapping.getRemoteClaim().getClaimUri().equals(key)) {
                    localClaimUri = claimMapping.getLocalClaim().getClaimUri();
                    foundMatching = true;
                    break;
                }
            }
            // If the relevant attribute is not mapped in IDP, add that.
            if (!foundMatching) {
                if (isUserClaimsLoggable) {
                    if (log.isDebugEnabled()) {
                        log.debug("IDP Claim mapping does not exist for " + key + ", hence adding value " + value + " for the user : " + authenticatedUser);
                    }
                }
                claimsAfterIDPandSPMapping.put(key, value);
            } else {
                // If the relevant attribute has mapping in IDP level, check for SP level mapping.
                foundMatching = false;
                ClaimMapping[] spClaimMapping = serviceProviderClaimConfig.getClaimMappings();
                for (ClaimMapping claimMapping : spClaimMapping) {
                    if (claimMapping.getLocalClaim().getClaimUri().equals(localClaimUri) && claimMapping.isRequested()) {
                        foundMatching = true;
                        break;
                    }
                }
                // If the relevant attribute has IDP level mapping but not SP level mapping, add it.
                if (!foundMatching) {
                    if (isUserClaimsLoggable) {
                        if (log.isDebugEnabled()) {
                            log.debug("IDP Claim mapping exist, but SP Claim mapping does not exist for " + key + ", hence adding value " + value + " for the user : " + authenticatedUser);
                        }
                    }
                    claimsAfterIDPandSPMapping.put(key, value);
                }
            }
        } else {
            // If the IDP level mapping is not there, all the claims coming from IDP are assumed to be local claim.
            ClaimMapping[] spClaimMapping = serviceProviderClaimConfig.getClaimMappings();
            for (ClaimMapping claimMapping : spClaimMapping) {
                if (claimMapping.getLocalClaim().getClaimUri().equals(key) && claimMapping.isRequested()) {
                    foundMatching = true;
                    break;
                }
            }
            // If the attribute does not have the specific mapping in SP level, add the mapping.
            if (!foundMatching) {
                if (isUserClaimsLoggable) {
                    if (log.isDebugEnabled()) {
                        log.debug("SP Claim mapping does not exist for " + key + ", hence adding value " + value + " for the user : " + authenticatedUser);
                    }
                }
                claimsAfterIDPandSPMapping.put(key, value);
            }
        }
    });
    if (isUserClaimsLoggable) {
        if (log.isDebugEnabled()) {
            log.debug("Final set of claims for the user : " + authenticatedUser + ": " + claimsAfterIDPandSPMapping.toString());
        }
    }
    return claimsAfterIDPandSPMapping;
}

Example 22 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project product-is by wso2.

the class OAuth2ServiceJWTGrantTestCase method testJWTGrantTypeWithConvertOIDCDialectWithIDPMappingWithoutSPMapping.

@Test(description = "This test case tests the behaviour when ConvertOIDCDialect is set to true in identity.xml " + "and when there are mappings in IDP and when thare are no mapping in SP side", dependsOnMethods = "testJWTGrantTypeWithConvertOIDCDialectWithIDPMappingWithSPMapping")
public void testJWTGrantTypeWithConvertOIDCDialectWithIDPMappingWithoutSPMapping() throws Exception {
    ServiceProvider serviceProvider = appMgtclient.getApplication(SERVICE_PROVIDER_NAME);
    org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig claimConfig = new org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig();
    claimConfig.setLocalClaimDialect(true);
    serviceProvider.setClaimConfig(claimConfig);
    appMgtclient.updateApplicationData(serviceProvider);
    OIDCTokens oidcTokens = makeJWTBearerGrantRequest();
    Assert.assertNull(oidcTokens.getIDToken().getJWTClaimsSet().getClaim(COUNTRY_OIDC_CLAIM), "User claims is returned back without mappings in SP side when ConvertToOIDCDialect is " + "set to true in identity.xml");
    Assert.assertNull(oidcTokens.getIDToken().getJWTClaimsSet().getClaim(EMAIL_OIDC_CLAIM), "User claims is returned back without mappings in SP side when ConvertToOIDCDialect is " + "set to true in identity.xml");
    Assert.assertNull(oidcTokens.getIDToken().getJWTClaimsSet().getClaim(COUNTRY_LOCAL_CLAIM_URI), "User claims is returned back without mappings in SP side when ConvertToOIDCDialect is " + "set to true in identity.xml");
}

Example 23 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project product-is by wso2.

the class OAuth2ServiceJWTGrantTestCase method updateIdentityProviderWithClaimMappings.

/**
 * To update identity provider with claim mappings.
 *
 * @throws Exception Exception.
 */
private void updateIdentityProviderWithClaimMappings() throws Exception {
    IdentityProvider identityProvider = identityProviderMgtServiceClient.getIdPByName(issuer);
    ClaimConfig claimConfig = new ClaimConfig();
    Claim emailClaim = new Claim();
    emailClaim.setClaimUri(COUNTRY_LOCAL_CLAIM_URI);
    Claim emailRemoteClaim = new Claim();
    emailRemoteClaim.setClaimUri(COUNTRY_NEW_OIDC_CLAIM);
    ClaimMapping emailClaimMapping = new ClaimMapping();
    emailClaimMapping.setLocalClaim(emailClaim);
    emailClaimMapping.setRemoteClaim(emailRemoteClaim);
    claimConfig.addIdpClaims(emailRemoteClaim);
    claimConfig.setClaimMappings(new ClaimMapping[] { emailClaimMapping });
    identityProvider.setClaimConfig(claimConfig);
    identityProviderMgtServiceClient.updateIdP(issuer, identityProvider);
}

Example 24 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project product-is by wso2.

the class OAuth2ServiceAbstractIntegrationTest method getClaimConfig.

private ClaimConfig getClaimConfig() {
    ClaimConfig claimConfig = new ClaimConfig();
    ClaimMapping emailClaimMapping = getClaimMapping(EMAIL_CLAIM_URI);
    ClaimMapping givenNameClaimMapping = getClaimMapping(GIVEN_NAME_CLAIM_URI);
    ClaimMapping countryClaimMapping = getClaimMapping(COUNTRY_CLAIM_URI);
    ClaimMapping customClaimMapping1 = getClaimMapping(customClaimURI1);
    ClaimMapping customClaimMapping2 = getClaimMapping(customClaimURI2);
    claimConfig.setClaimMappings(new org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping[] { emailClaimMapping, givenNameClaimMapping, countryClaimMapping, customClaimMapping1, customClaimMapping2 });
    return claimConfig;
}

Example 25 with ClaimConfig

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig in project product-is by wso2.

the class TestPassiveSTSFederation method getLocalClaimUris.

private List<String> getLocalClaimUris(ClaimConfig updatedClaimConfig) {
    ClaimMapping[] claimMappings = updatedClaimConfig.getClaimMappings();
    List<String> localClaimUris = new ArrayList<>();
    for (ClaimMapping claimMapping : claimMappings) {
        localClaimUris.add(claimMapping.getLocalClaim().getClaimUri());
    }
    return localClaimUris;
}