use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultOIDCClaimsCallbackHandler method getCachedUserAttributes.
private Map<ClaimMapping, String> getCachedUserAttributes(OAuthTokenReqMessageContext requestMsgCtx) {
Map<ClaimMapping, String> userAttributes = getUserAttributesCachedAgainstToken(getAccessToken(requestMsgCtx));
if (log.isDebugEnabled()) {
log.debug("Retrieving claims cached against access_token for user: " + requestMsgCtx.getAuthorizedUser());
}
if (isEmpty(userAttributes)) {
if (log.isDebugEnabled()) {
log.debug("No claims cached against the access_token for user: " + requestMsgCtx.getAuthorizedUser() + ". Retrieving claims cached against the authorization code.");
}
userAttributes = getUserAttributesCachedAgainstAuthorizationCode(getAuthorizationCode(requestMsgCtx));
if (log.isDebugEnabled()) {
log.debug("Retrieving claims cached against authorization_code for user: " + requestMsgCtx.getAuthorizedUser());
}
}
/* When building the jwt token, we cannot add it to authorization cache, as we save entries against, access
token. Hence if it is added against authenticated user object.*/
if (isEmpty(userAttributes)) {
if (log.isDebugEnabled()) {
log.debug("No claims found in authorization cache. Retrieving claims from attributes of user : " + requestMsgCtx.getAuthorizedUser());
}
AuthenticatedUser user = requestMsgCtx.getAuthorizedUser();
userAttributes = user != null ? user.getUserAttributes() : null;
}
// In the refresh flow, we need to follow the same way to get the claims.
if (isEmpty(userAttributes)) {
if (log.isDebugEnabled()) {
log.debug("No claims found in user in user attributes for user : " + requestMsgCtx.getAuthorizedUser());
}
Object previousAccessTokenObject = requestMsgCtx.getProperty(RefreshGrantHandler.PREV_ACCESS_TOKEN);
if (previousAccessTokenObject != null) {
if (log.isDebugEnabled()) {
log.debug("Retrieving claims from previous access token of user : " + requestMsgCtx.getAuthorizedUser());
}
RefreshTokenValidationDataDO refreshTokenValidationDataDO = (RefreshTokenValidationDataDO) previousAccessTokenObject;
userAttributes = getUserAttributesCachedAgainstToken(refreshTokenValidationDataDO.getAccessToken());
requestMsgCtx.addProperty(OIDCConstants.HAS_NON_OIDC_CLAIMS, isTokenHasCustomUserClaims(refreshTokenValidationDataDO));
}
}
return userAttributes;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultOIDCClaimsCallbackHandler method getUserAttributesFromCacheUsingCode.
/**
* Get user attributes cached against the authorization code.
*
* @param authorizationCode Authorization Code
* @return User attributes cached against the authorization code
*/
private Map<ClaimMapping, String> getUserAttributesFromCacheUsingCode(String authorizationCode) {
if (log.isDebugEnabled()) {
if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.AUTHORIZATION_CODE)) {
log.debug("Retrieving user attributes cached against authorization code: " + authorizationCode);
} else {
log.debug("Retrieving user attributes cached against authorization code.");
}
}
AuthorizationGrantCacheKey cacheKey = new AuthorizationGrantCacheKey(authorizationCode);
AuthorizationGrantCacheEntry cacheEntry = AuthorizationGrantCache.getInstance().getValueFromCacheByCode(cacheKey);
return cacheEntry == null ? new HashMap<>() : cacheEntry.getUserAttributes();
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.
the class OAuth2ServiceJWTGrantTestCase method updateIdentityProviderWithClaimMappings.
/**
* To update identity provider with claim mappings.
*
* @throws Exception Exception.
*/
private void updateIdentityProviderWithClaimMappings() throws Exception {
IdentityProvider identityProvider = identityProviderMgtServiceClient.getIdPByName(issuer);
ClaimConfig claimConfig = new ClaimConfig();
Claim emailClaim = new Claim();
emailClaim.setClaimUri(COUNTRY_LOCAL_CLAIM_URI);
Claim emailRemoteClaim = new Claim();
emailRemoteClaim.setClaimUri(COUNTRY_NEW_OIDC_CLAIM);
ClaimMapping emailClaimMapping = new ClaimMapping();
emailClaimMapping.setLocalClaim(emailClaim);
emailClaimMapping.setRemoteClaim(emailRemoteClaim);
claimConfig.addIdpClaims(emailRemoteClaim);
claimConfig.setClaimMappings(new ClaimMapping[] { emailClaimMapping });
identityProvider.setClaimConfig(claimConfig);
identityProviderMgtServiceClient.updateIdP(issuer, identityProvider);
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.
the class OAuth2ServiceAbstractIntegrationTest method getClaimConfig.
private ClaimConfig getClaimConfig() {
ClaimConfig claimConfig = new ClaimConfig();
ClaimMapping emailClaimMapping = getClaimMapping(EMAIL_CLAIM_URI);
ClaimMapping givenNameClaimMapping = getClaimMapping(GIVEN_NAME_CLAIM_URI);
ClaimMapping countryClaimMapping = getClaimMapping(COUNTRY_CLAIM_URI);
ClaimMapping customClaimMapping1 = getClaimMapping(customClaimURI1);
ClaimMapping customClaimMapping2 = getClaimMapping(customClaimURI2);
claimConfig.setClaimMappings(new org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping[] { emailClaimMapping, givenNameClaimMapping, countryClaimMapping, customClaimMapping1, customClaimMapping2 });
return claimConfig;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.
the class ChallengeQuestionPostAuthnHandlerTestCase method getClaimMappings.
private ClaimMapping[] getClaimMappings() {
List<ClaimMapping> claimMappingList = new ArrayList<>();
Claim firstNameClaim = new Claim();
firstNameClaim.setClaimUri(FIRST_NAME_CLAIM_URI);
ClaimMapping firstNameClaimMapping = new ClaimMapping();
firstNameClaimMapping.setRequested(true);
firstNameClaimMapping.setLocalClaim(firstNameClaim);
firstNameClaimMapping.setRemoteClaim(firstNameClaim);
claimMappingList.add(firstNameClaimMapping);
Claim lastNameClaim = new Claim();
lastNameClaim.setClaimUri(LAST_NAME_CLAIM_URI);
ClaimMapping lastNameClaimMapping = new ClaimMapping();
lastNameClaimMapping.setRequested(true);
lastNameClaimMapping.setLocalClaim(lastNameClaim);
lastNameClaimMapping.setRemoteClaim(lastNameClaim);
claimMappingList.add(lastNameClaimMapping);
Claim emailClaim = new Claim();
emailClaim.setClaimUri(EMAIL_CLAIM_URI);
ClaimMapping emailClaimMapping = new ClaimMapping();
emailClaimMapping.setRequested(true);
emailClaimMapping.setLocalClaim(emailClaim);
emailClaimMapping.setRemoteClaim(emailClaim);
claimMappingList.add(emailClaimMapping);
return claimMappingList.toArray(new ClaimMapping[claimMappingList.size()]);
}
Aggregations