Search in sources :

Example 51 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.

the class DefaultClaimFilter method getSpClaimMappings.

private List<ClaimMapping> getSpClaimMappings(ApplicationConfig appConfig) {
    Map<String, String> spClaimMapping = appConfig.getClaimMappings();
    Map<String, String> mandatoryClaims = appConfig.getMandatoryClaimMappings();
    Map<String, String> requestedClaims = appConfig.getRequestedClaimMappings();
    List<ClaimMapping> spClaimMappingsList = new ArrayList<>();
    spClaimMapping.forEach((key, value) -> {
        ClaimMapping claimMapping = ClaimMapping.build(value, key, null, false);
        mandatoryClaims.entrySet().stream().filter(entry1 -> key.equals(entry1.getKey())).map(entry1 -> true).forEach(claimMapping::setMandatory);
        requestedClaims.entrySet().stream().filter(entry2 -> key.equals(entry2.getKey())).map(entry2 -> true).forEach(claimMapping::setRequested);
        spClaimMappingsList.add(claimMapping);
    });
    return spClaimMappingsList;
}
Also used : ApplicationConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig) List(java.util.List) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) FrameworkConstants(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants) Map(java.util.Map) ClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter) CollectionUtils.isEmpty(org.apache.commons.collections.CollectionUtils.isEmpty) Log(org.apache.commons.logging.Log) LogFactory(org.apache.commons.logging.LogFactory) ArrayList(java.util.ArrayList) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) ArrayList(java.util.ArrayList)

Example 52 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.

the class DefaultClaimConfigInitDAO method initClaimConfig.

@Override
public void initClaimConfig(ClaimConfig claimConfig, int tenantId) {
    // Adding local claim dialect.
    try {
        claimDialectDAO.addClaimDialect(new ClaimDialect(ClaimConstants.LOCAL_CLAIM_DIALECT_URI), tenantId);
    } catch (ClaimMetadataException e) {
        log.error("Error while adding claim dialect " + ClaimConstants.LOCAL_CLAIM_DIALECT_URI, e);
    }
    if (claimConfig.getClaimMap() != null) {
        // Get the primary domain name.
        String primaryDomainName = IdentityUtil.getPrimaryDomainName();
        // Adding external dialects and claims.
        Set<String> claimDialectList = new HashSet<>();
        for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
            ClaimKey claimKey = entry.getKey();
            ClaimMapping claimMapping = entry.getValue();
            String claimDialectURI = claimMapping.getClaim().getDialectURI();
            String claimURI = claimKey.getClaimUri();
            if (ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
                List<AttributeMapping> mappedAttributes = new ArrayList<>();
                if (StringUtils.isNotBlank(claimMapping.getMappedAttribute())) {
                    mappedAttributes.add(new AttributeMapping(primaryDomainName, claimMapping.getMappedAttribute()));
                }
                if (claimMapping.getMappedAttributes() != null) {
                    for (Map.Entry<String, String> claimMappingEntry : claimMapping.getMappedAttributes().entrySet()) {
                        mappedAttributes.add(new AttributeMapping(claimMappingEntry.getKey(), claimMappingEntry.getValue()));
                    }
                }
                LocalClaim localClaim = new LocalClaim(claimURI, mappedAttributes, fillClaimProperties(claimConfig, claimKey));
                try {
                    // As this is at the initial server startup or tenant creation time, no need go through the
                    // caching layer. Going through the caching layer add overhead for bulk claim add.
                    LocalClaimDAO localClaimDAO = new LocalClaimDAO();
                    localClaimDAO.addLocalClaim(localClaim, tenantId);
                } catch (ClaimMetadataException e) {
                    log.error("Error while adding local claim " + claimURI, e);
                }
            } else {
                claimDialectList.add(claimDialectURI);
            }
        }
        // Add external claim dialects.
        for (String claimDialectURI : claimDialectList) {
            ClaimDialect claimDialect = new ClaimDialect(claimDialectURI);
            try {
                claimDialectDAO.addClaimDialect(claimDialect, tenantId);
            } catch (ClaimMetadataException e) {
                log.error("Error while adding claim dialect " + claimDialectURI, e);
            }
        }
        for (Map.Entry<ClaimKey, ClaimMapping> entry : claimConfig.getClaimMap().entrySet()) {
            ClaimKey claimKey = entry.getKey();
            String claimURI = claimKey.getClaimUri();
            String claimDialectURI = entry.getValue().getClaim().getDialectURI();
            if (!ClaimConstants.LOCAL_CLAIM_DIALECT_URI.equalsIgnoreCase(claimDialectURI)) {
                String mappedLocalClaimURI = claimConfig.getPropertyHolderMap().get(claimKey).get(ClaimConstants.MAPPED_LOCAL_CLAIM_PROPERTY);
                ExternalClaim externalClaim = new ExternalClaim(claimDialectURI, claimURI, mappedLocalClaimURI, fillClaimProperties(claimConfig, claimKey));
                try {
                    // As this is at the initial server startup or tenant creation time, no need go through the
                    // caching layer. Going through the caching layer add overhead for bulk claim add.
                    ExternalClaimDAO externalClaimDAO = new ExternalClaimDAO();
                    externalClaimDAO.addExternalClaim(externalClaim, tenantId);
                } catch (ClaimMetadataException e) {
                    log.error("Error while adding external claim " + claimURI + " to dialect " + claimDialectURI, e);
                }
            }
        }
    }
}
Also used : LocalClaimDAO(org.wso2.carbon.identity.claim.metadata.mgt.dao.LocalClaimDAO) ClaimMetadataException(org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException) ExternalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim) ArrayList(java.util.ArrayList) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim) ClaimMapping(org.wso2.carbon.user.core.claim.ClaimMapping) ClaimKey(org.wso2.carbon.user.core.claim.ClaimKey) ClaimDialect(org.wso2.carbon.identity.claim.metadata.mgt.model.ClaimDialect) AttributeMapping(org.wso2.carbon.identity.claim.metadata.mgt.model.AttributeMapping) Map(java.util.Map) HashSet(java.util.HashSet) ExternalClaimDAO(org.wso2.carbon.identity.claim.metadata.mgt.dao.ExternalClaimDAO)

Example 53 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.

the class ClaimMetadataUtilsTest method testConvertLocalClaimToClaimMapping.

@Test(dataProvider = "Authentication")
public void testConvertLocalClaimToClaimMapping(LocalClaim localClaim) throws Exception {
    ClaimMapping claimMapping = ClaimMetadataUtils.convertLocalClaimToClaimMapping(localClaim, -1234);
    Assert.assertEquals(claimMapping.getClaim().getDialectURI(), localClaim.getClaimDialectURI());
    Assert.assertEquals(claimMapping.getClaim().getClaimUri(), localClaim.getClaimURI());
    Map<String, String> claimProperties = localClaim.getClaimProperties();
    if (claimProperties.containsKey(ClaimConstants.DISPLAY_NAME_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().getDisplayTag(), claimProperties.get(ClaimConstants.DISPLAY_NAME_PROPERTY));
    }
    if (claimProperties.containsKey(ClaimConstants.DESCRIPTION_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().getDescription(), claimProperties.get(ClaimConstants.DESCRIPTION_PROPERTY));
    }
    if (claimProperties.containsKey(ClaimConstants.REGULAR_EXPRESSION_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().getRegEx(), claimProperties.get(ClaimConstants.REGULAR_EXPRESSION_PROPERTY));
    }
    if (claimProperties.containsKey(ClaimConstants.DISPLAY_ORDER_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().getDisplayOrder(), Integer.parseInt(claimProperties.get(ClaimConstants.DISPLAY_ORDER_PROPERTY)));
    }
    if (claimProperties.containsKey(ClaimConstants.SUPPORTED_BY_DEFAULT_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().isSupportedByDefault(), Boolean.parseBoolean(claimProperties.get(ClaimConstants.SUPPORTED_BY_DEFAULT_PROPERTY)));
    }
    if (claimProperties.containsKey(ClaimConstants.REQUIRED_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().isRequired(), Boolean.parseBoolean(claimProperties.get(ClaimConstants.REQUIRED_PROPERTY)));
    }
    if (claimProperties.containsKey(ClaimConstants.READ_ONLY_PROPERTY)) {
        Assert.assertEquals(claimMapping.getClaim().isReadOnly(), Boolean.parseBoolean(claimProperties.get(ClaimConstants.READ_ONLY_PROPERTY)));
    }
    for (AttributeMapping attributeMapping : localClaim.getMappedAttributes()) {
        Assert.assertEquals(claimMapping.getMappedAttribute(attributeMapping.getUserStoreDomain()), attributeMapping.getAttributeName());
    }
}
Also used : ClaimMapping(org.wso2.carbon.user.core.claim.ClaimMapping) AttributeMapping(org.wso2.carbon.identity.claim.metadata.mgt.model.AttributeMapping) Test(org.testng.annotations.Test)

Example 54 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.

the class DefaultApplicationValidator method validateClaimsConfigs.

/**
 * Validate claim related configurations and append to the validation msg list.
 *
 * @param validationMsg   validation error messages
 * @param claimConfig     claim config
 * @param subjectClaimUri Subject claim Uri
 * @param tenantDomain    tenant domain
 * @throws IdentityApplicationManagementException Identity Application Management Exception
 */
private void validateClaimsConfigs(List<String> validationMsg, ClaimConfig claimConfig, String subjectClaimUri, String tenantDomain, String serviceProviderName) throws IdentityApplicationManagementException {
    if (claimConfig == null) {
        return;
    }
    ApplicationManagementService applicationMgtService = ApplicationManagementService.getInstance();
    String[] allLocalClaimUris = applicationMgtService.getAllLocalClaimUris(tenantDomain);
    ArrayList<String> remoteClaimUris = new ArrayList<>();
    ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
    if (claimMappings != null) {
        for (ClaimMapping claimMapping : claimMappings) {
            String claimUri = claimMapping.getLocalClaim().getClaimUri();
            remoteClaimUris.add(claimMapping.getRemoteClaim().getClaimUri());
            if (!Arrays.asList(allLocalClaimUris).contains(claimUri)) {
                validationMsg.add(String.format(CLAIM_NOT_AVAILABLE, claimUri, tenantDomain));
            }
        }
    }
    String roleClaimUri = claimConfig.getRoleClaimURI();
    String userClaimUri = claimConfig.getUserClaimURI();
    if (claimConfig.isLocalClaimDialect()) {
        if (StringUtils.isNotBlank(roleClaimUri) && !Arrays.asList(allLocalClaimUris).contains(roleClaimUri)) {
            validationMsg.add(String.format(CLAIM_NOT_AVAILABLE, roleClaimUri, tenantDomain));
        }
        if (StringUtils.isNotBlank(userClaimUri) && !Arrays.asList(allLocalClaimUris).contains(userClaimUri)) {
            validationMsg.add(String.format(CLAIM_NOT_AVAILABLE, userClaimUri, tenantDomain));
        }
        if (StringUtils.isNotBlank(subjectClaimUri) && !Arrays.asList(allLocalClaimUris).contains(subjectClaimUri)) {
            validationMsg.add(String.format(CLAIM_NOT_AVAILABLE, subjectClaimUri, tenantDomain));
        }
    } else {
        if (StringUtils.isNotBlank(roleClaimUri) && !(remoteClaimUris).contains(roleClaimUri)) {
            validationMsg.add(String.format(SP_CLAIM_NOT_AVAILABLE, roleClaimUri, serviceProviderName));
        }
        if (StringUtils.isNotBlank(userClaimUri) && !(remoteClaimUris).contains(userClaimUri)) {
            validationMsg.add(String.format(SP_CLAIM_NOT_AVAILABLE, userClaimUri, serviceProviderName));
        }
        if (StringUtils.isNotBlank(subjectClaimUri) && !(remoteClaimUris).contains(subjectClaimUri)) {
            validationMsg.add(String.format(SP_CLAIM_NOT_AVAILABLE, subjectClaimUri, serviceProviderName));
        }
    }
    String[] spClaimDialects = claimConfig.getSpClaimDialects();
    if (spClaimDialects != null) {
        try {
            ClaimMetadataManagementServiceImpl claimAdminService = new ClaimMetadataManagementServiceImpl();
            List<ClaimDialect> serverClaimMapping = claimAdminService.getClaimDialects(tenantDomain);
            if (serverClaimMapping != null) {
                List<String> serverDialectURIS = serverClaimMapping.stream().map(ClaimDialect::getClaimDialectURI).collect(Collectors.toList());
                for (String spClaimDialect : spClaimDialects) {
                    if (!serverDialectURIS.contains(spClaimDialect)) {
                        validationMsg.add(String.format(CLAIM_DIALECT_NOT_AVAILABLE, spClaimDialect, tenantDomain));
                    }
                }
            }
        } catch (ClaimMetadataException e) {
            validationMsg.add(String.format("Error in getting claim dialect for %s. ", tenantDomain));
        }
    }
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) ClaimMetadataException(org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException) ClaimDialect(org.wso2.carbon.identity.claim.metadata.mgt.model.ClaimDialect) ArrayList(java.util.ArrayList) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) ClaimMetadataManagementServiceImpl(org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementServiceImpl)

Example 55 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.

the class ApplicationManagementServiceImplTest method addApplicationConfigurations.

private void addApplicationConfigurations(ServiceProvider serviceProvider) {
    serviceProvider.setDescription("Created for testing");
    serviceProvider.setSaasApp(TRUE);
    // Inbound Authentication Configurations.
    InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
    InboundAuthenticationRequestConfig authRequestConfig = new InboundAuthenticationRequestConfig();
    authRequestConfig.setInboundAuthKey("auth key");
    authRequestConfig.setInboundAuthType("oauth2");
    InboundAuthenticationRequestConfig[] authRequests = new InboundAuthenticationRequestConfig[] { authRequestConfig };
    inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(authRequests);
    serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
    // Inbound Provisioning Configurations.
    InboundProvisioningConfig provisioningConfig = new InboundProvisioningConfig();
    provisioningConfig.setProvisioningUserStore("UserStore");
    serviceProvider.setInboundProvisioningConfig(provisioningConfig);
    // OutBound Provisioning Configurations.
    IdentityProvider provisioningIdP = new IdentityProvider();
    provisioningIdP.setIdentityProviderName("Provisioning IdP");
    OutboundProvisioningConfig outboundProvisioningConfig = new OutboundProvisioningConfig();
    outboundProvisioningConfig.setProvisioningIdentityProviders(new IdentityProvider[] { provisioningIdP });
    ProvisioningConnectorConfig provisioningConnectorConfig = new ProvisioningConnectorConfig();
    provisioningConnectorConfig.setName("Provisioning connector");
    provisioningIdP.setDefaultProvisioningConnectorConfig(provisioningConnectorConfig);
    serviceProvider.setOutboundProvisioningConfig(outboundProvisioningConfig);
    // Local And OutBound Authentication Configuration.
    LocalAndOutboundAuthenticationConfig authenticationConfig = new LocalAndOutboundAuthenticationConfig();
    AuthenticationStep authenticationStep = new AuthenticationStep();
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(IDP_NAME_1);
    FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
    federatedAuthenticatorConfig.setName("Federated authenticator");
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { federatedAuthenticatorConfig });
    authenticationStep.setFederatedIdentityProviders(new IdentityProvider[] { identityProvider });
    LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
    localAuthenticatorConfig.setName("Local authenticator");
    authenticationStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticatorConfig });
    authenticationConfig.setAuthenticationSteps(new AuthenticationStep[] { authenticationStep });
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(authenticationConfig);
    // Request Path Authenticator Configuration.
    RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
    requestPathAuthenticatorConfig.setName("Request path authenticator");
    serviceProvider.setRequestPathAuthenticatorConfigs(new RequestPathAuthenticatorConfig[] { requestPathAuthenticatorConfig });
    // Claim Configurations.
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setRoleClaimURI("Role claim uri");
    claimConfig.setSpClaimDialects(new String[] { "SP claim dialect" });
    ClaimMapping claimMapping = new ClaimMapping();
    Claim localClaim = new Claim();
    localClaim.setClaimUri("Local claim uri");
    Claim remoteClaim = new Claim();
    remoteClaim.setClaimUri("Remote claim uri");
    claimMapping.setLocalClaim(localClaim);
    claimMapping.setRemoteClaim(remoteClaim);
    claimConfig.setClaimMappings(new ClaimMapping[] { claimMapping });
    serviceProvider.setClaimConfig(claimConfig);
    // Permission Role Configurations.
    PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
    RoleMapping roleMapping = new RoleMapping();
    LocalRole localRole = new LocalRole("Local role");
    roleMapping.setLocalRole(localRole);
    roleMapping.setRemoteRole("Remote role");
    RoleMapping[] roleMappings = new RoleMapping[] { roleMapping };
    permissionsAndRoleConfig.setRoleMappings(roleMappings);
}
Also used : InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.InboundProvisioningConfig) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig) Claim(org.wso2.carbon.identity.application.common.model.Claim)

Aggregations

ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)108 HashMap (java.util.HashMap)60 ArrayList (java.util.ArrayList)52 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)27 Map (java.util.Map)26 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)24 ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)24 ClaimMapping (org.wso2.carbon.user.api.ClaimMapping)24 Claim (org.wso2.carbon.identity.application.common.model.Claim)23 Test (org.testng.annotations.Test)22 Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)21 LocalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)21 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)20 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)20 List (java.util.List)17 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17 UserStoreException (org.wso2.carbon.user.api.UserStoreException)17 Matchers.anyString (org.mockito.Matchers.anyString)16 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13 ClaimMetadataException (org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException)13