Examples with ClaimMapping org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping used on opensource projects

Example 66 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultClaimsRetrieverTest method getSampleClaimMapping.

private ClaimMapping[] getSampleClaimMapping() {
    String coreClaimUri1;
    String testMappedAttributesCore1;
    String coreClaimUri2;
    String testMappedAttributesCore2;
    String userClaimUri1;
    String testMappedAttributesUser1;
    String userClaimUri2;
    String testMappedAttributesUser2;
    Claim claim1 = new Claim();
    Claim claim2 = new Claim();
    Claim claim3 = new Claim();
    Claim claim4 = new Claim();
    coreClaimUri1 = "testCoreClaimURI1";
    claim1.setClaimUri(coreClaimUri1);
    testMappedAttributesCore1 = "MappedAttributesCore1";
    coreClaimUri2 = "testCoreClaimURI2";
    claim2.setClaimUri(coreClaimUri2);
    testMappedAttributesCore2 = "MappedAttributesCore2";
    userClaimUri1 = "testUserClaimURI1";
    claim3.setClaimUri(userClaimUri1);
    testMappedAttributesUser1 = "MappedAttributesUser1";
    userClaimUri2 = "testUserClaimURI2";
    claim4.setClaimUri(userClaimUri2);
    testMappedAttributesUser2 = "MappedAttributesUser2";
    ClaimMapping cMap1 = new ClaimMapping(claim1, testMappedAttributesCore1);
    ClaimMapping cMap2 = new ClaimMapping(claim2, testMappedAttributesCore2);
    ClaimMapping cMap3 = new ClaimMapping(claim3, testMappedAttributesUser1);
    ClaimMapping cMap4 = new ClaimMapping(claim4, testMappedAttributesUser2);
    return new ClaimMapping[] { cMap1, cMap2, cMap3, cMap4 };
}

Example 67 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method testHandleClaimsForOAuthAuthzReqMessageContextNullAccessToken.

@Test
public void testHandleClaimsForOAuthAuthzReqMessageContextNullAccessToken() throws Exception {
    JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
    AuthenticatedUser authenticatedUser = getDefaultAuthenticatedUserFederatedUser();
    OAuth2AuthorizeReqDTO authorizeReqDTO = new OAuth2AuthorizeReqDTO();
    authorizeReqDTO.setUser(authenticatedUser);
    authorizeReqDTO.setTenantDomain(TENANT_DOMAIN);
    OAuthAuthzReqMessageContext authzReqMessageContext = new OAuthAuthzReqMessageContext(authorizeReqDTO);
    authzReqMessageContext.setApprovedScope(APPROVED_SCOPES);
    ServiceProvider serviceProvider = new ServiceProvider();
    serviceProvider.setApplicationName(SERVICE_PROVIDER_NAME);
    ClaimMapping claimMap1 = ClaimMapping.build("http://www.wso2.org/claims/email", "email", "sample@abc.com", true);
    ClaimMapping claimMap2 = ClaimMapping.build("http://www.wso2.org/claims/username", "username", "user123", true);
    ClaimMapping[] requestedLocalClaimMap = { claimMap1, claimMap2 };
    ClaimConfig claimConfig = new ClaimConfig();
    claimConfig.setClaimMappings(requestedLocalClaimMap);
    serviceProvider.setClaimConfig(claimConfig);
    serviceProvider.setSpProperties(new ServiceProviderProperty[] {});
    OAuthServerConfiguration mockOAuthServerConfiguration = PowerMockito.mock(OAuthServerConfiguration.class);
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(mockOAuthServerConfiguration);
    when(mockOAuthServerConfiguration.getOpenIDConnectSkipeUserConsentConfig()).thenReturn(true);
    mockApplicationManagementService(serviceProvider);
    JWTClaimsSet jwtClaimsSet = defaultOIDCClaimsCallbackHandler.handleCustomClaims(jwtClaimsSetBuilder, authzReqMessageContext);
    assertEquals(jwtClaimsSet.getClaims().size(), 0, "Claims are not successfully set.");
}

Example 68 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method testHandleClaimsForOAuthTokenReqMessageContextWithAuthorizationCode.

@Test
public void testHandleClaimsForOAuthTokenReqMessageContextWithAuthorizationCode() throws Exception {
    JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
    Map<ClaimMapping, String> userAttributes = new HashMap<>();
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(COUNTRY), TestConstants.CLAIM_VALUE1);
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(EMAIL), TestConstants.CLAIM_VALUE2);
    OAuthTokenReqMessageContext requestMsgCtx = getTokenReqMessageContextForFederatedUser(userAttributes);
    requestMsgCtx.addProperty("AuthorizationCode", "dummyAuthorizationCode");
    AuthorizationGrantCacheEntry authorizationGrantCacheEntry = mock(AuthorizationGrantCacheEntry.class);
    mockAuthorizationGrantCache(authorizationGrantCacheEntry);
    UserRealm userRealm = getUserRealmWithUserClaims(USER_CLAIMS_MAP);
    mockUserRealm(requestMsgCtx.getAuthorizedUser().toString(), userRealm);
    JWTClaimsSet jwtClaimsSet = getJwtClaimSet(jwtClaimsSetBuilder, requestMsgCtx);
    assertNotNull(jwtClaimsSet, "JWT Custom claim handling failed.");
    assertFalse(jwtClaimsSet.getClaims().isEmpty(), "JWT custom claim handling failed");
    Assert.assertEquals(jwtClaimsSet.getClaims().size(), 3, "Expected custom claims are not set.");
    Assert.assertEquals(jwtClaimsSet.getClaim(EMAIL), TestConstants.CLAIM_VALUE2, "OIDC claim " + EMAIL + " is not added with the JWT token");
}

Example 69 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method testHandleCustomClaimsWithoutClaimsInRefreshFlow.

@Test(description = "This method tests the handle custom claims when there is no user attributes in cache as well" + " as in authenticates user object")
public void testHandleCustomClaimsWithoutClaimsInRefreshFlow() throws Exception {
    JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
    OAuthTokenReqMessageContext requestMsgCtx = getTokenReqMessageContextForFederatedUser(null);
    // Add the relevant oidc claims to scop resource.
    Properties oidcProperties = new Properties();
    String[] oidcScopeClaims = new String[] { USERNAME, EMAIL };
    oidcProperties.setProperty(OIDC_SCOPE, StringUtils.join(oidcScopeClaims, ","));
    Map<ClaimMapping, String> userAttributes = new HashMap<>();
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(USERNAME), TestConstants.CLAIM_VALUE1);
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(EMAIL), TestConstants.CLAIM_VALUE2);
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(PHONE_NUMBER_VERIFIED), TestConstants.CLAIM_VALUE2);
    AuthorizationGrantCacheEntry authorizationGrantCacheEntry = new AuthorizationGrantCacheEntry(userAttributes);
    authorizationGrantCacheEntry.setSubjectClaim(requestMsgCtx.getAuthorizedUser().getUserName());
    mockAuthorizationGrantCache(authorizationGrantCacheEntry);
    RefreshTokenValidationDataDO refreshTokenValidationDataDO = Mockito.mock(RefreshTokenValidationDataDO.class);
    Mockito.doReturn(SAMPLE_ACCESS_TOKEN).when(refreshTokenValidationDataDO).getAccessToken();
    requestMsgCtx.addProperty(PREV_ACCESS_TOKEN, refreshTokenValidationDataDO);
    UserRealm userRealm = getUserRealmWithUserClaims(USER_CLAIMS_MAP);
    mockUserRealm(requestMsgCtx.getAuthorizedUser().toString(), userRealm);
    JWTClaimsSet jwtClaimsSet = getJwtClaimSet(jwtClaimsSetBuilder, requestMsgCtx);
    Assert.assertFalse(jwtClaimsSet.getClaims().isEmpty(), "JWT custom claim list is empty. Custom claim handling failed in refresh flow");
    Assert.assertEquals(jwtClaimsSet.getClaim(USERNAME), TestConstants.CLAIM_VALUE1, "Incomplete list of custom claims returned.");
    jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
    jwtClaimsSet = defaultOIDCClaimsCallbackHandler.handleCustomClaims(jwtClaimsSetBuilder, requestMsgCtx);
    Assert.assertFalse(jwtClaimsSet.getClaims().isEmpty(), "JWT custom claim list is empty. Custom claim handling failed in refresh flow");
}

Example 70 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method getTokenReqMessageContextForFederatedUser.

/**
 * To get token request message context for federates user.
 *
 * @param userAttributes Relevant user attributes need to be added to authenticates user.
 * @return relevant token request context for federated authenticated user.
 */
private OAuthTokenReqMessageContext getTokenReqMessageContextForFederatedUser(Map<ClaimMapping, String> userAttributes) {
    OAuth2AccessTokenReqDTO accessTokenReqDTO = new OAuth2AccessTokenReqDTO();
    accessTokenReqDTO.setTenantDomain(TENANT_DOMAIN);
    accessTokenReqDTO.setClientId(DUMMY_CLIENT_ID);
    OAuthTokenReqMessageContext requestMsgCtx = new OAuthTokenReqMessageContext(accessTokenReqDTO);
    requestMsgCtx.setScope(APPROVED_SCOPES);
    AuthenticatedUser authenticatedUser = getDefaultAuthenticatedUserFederatedUser();
    if (userAttributes != null) {
        authenticatedUser.setUserAttributes(userAttributes);
    }
    requestMsgCtx.setAuthorizedUser(authenticatedUser);
    return requestMsgCtx;
}