Search in sources :

Example 76 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandler method getCachedUserAttributes.

private Map<ClaimMapping, String> getCachedUserAttributes(OAuthTokenReqMessageContext requestMsgCtx) {
    Map<ClaimMapping, String> userAttributes = getUserAttributesCachedAgainstToken(getAccessToken(requestMsgCtx));
    if (log.isDebugEnabled()) {
        log.debug("Retrieving claims cached against access_token for user: " + requestMsgCtx.getAuthorizedUser());
    }
    if (isEmpty(userAttributes)) {
        if (log.isDebugEnabled()) {
            log.debug("No claims cached against the access_token for user: " + requestMsgCtx.getAuthorizedUser() + ". Retrieving claims cached against the authorization code.");
        }
        userAttributes = getUserAttributesCachedAgainstAuthorizationCode(getAuthorizationCode(requestMsgCtx));
        if (log.isDebugEnabled()) {
            log.debug("Retrieving claims cached against authorization_code for user: " + requestMsgCtx.getAuthorizedUser());
        }
    }
    /* When building the jwt token, we cannot add it to authorization cache, as we save entries against, access
         token. Hence if it is added against authenticated user object.*/
    if (isEmpty(userAttributes)) {
        if (log.isDebugEnabled()) {
            log.debug("No claims found in authorization cache. Retrieving claims from attributes of user : " + requestMsgCtx.getAuthorizedUser());
        }
        AuthenticatedUser user = requestMsgCtx.getAuthorizedUser();
        userAttributes = user != null ? user.getUserAttributes() : null;
    }
    // In the refresh flow, we need to follow the same way to get the claims.
    if (isEmpty(userAttributes)) {
        if (log.isDebugEnabled()) {
            log.debug("No claims found in user in user attributes for user : " + requestMsgCtx.getAuthorizedUser());
        }
        Object previousAccessTokenObject = requestMsgCtx.getProperty(RefreshGrantHandler.PREV_ACCESS_TOKEN);
        if (previousAccessTokenObject != null) {
            if (log.isDebugEnabled()) {
                log.debug("Retrieving claims from previous access token of user : " + requestMsgCtx.getAuthorizedUser());
            }
            RefreshTokenValidationDataDO refreshTokenValidationDataDO = (RefreshTokenValidationDataDO) previousAccessTokenObject;
            userAttributes = getUserAttributesCachedAgainstToken(refreshTokenValidationDataDO.getAccessToken());
            requestMsgCtx.addProperty(OIDCConstants.HAS_NON_OIDC_CLAIMS, isTokenHasCustomUserClaims(refreshTokenValidationDataDO));
        }
    }
    return userAttributes;
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) RefreshTokenValidationDataDO(org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Example 77 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandler method getUserAttributesFromCacheUsingCode.

/**
 * Get user attributes cached against the authorization code.
 *
 * @param authorizationCode Authorization Code
 * @return User attributes cached against the authorization code
 */
private Map<ClaimMapping, String> getUserAttributesFromCacheUsingCode(String authorizationCode) {
    if (log.isDebugEnabled()) {
        if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.AUTHORIZATION_CODE)) {
            log.debug("Retrieving user attributes cached against authorization code: " + authorizationCode);
        } else {
            log.debug("Retrieving user attributes cached against authorization code.");
        }
    }
    AuthorizationGrantCacheKey cacheKey = new AuthorizationGrantCacheKey(authorizationCode);
    AuthorizationGrantCacheEntry cacheEntry = AuthorizationGrantCache.getInstance().getValueFromCacheByCode(cacheKey);
    return cacheEntry == null ? new HashMap<>() : cacheEntry.getUserAttributes();
}
Also used : AuthorizationGrantCacheEntry(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry) AuthorizationGrantCacheKey(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey)

Example 78 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.

the class OAuth2ServiceJWTGrantTestCase method updateIdentityProviderWithClaimMappings.

/**
 * To update identity provider with claim mappings.
 *
 * @throws Exception Exception.
 */
private void updateIdentityProviderWithClaimMappings() throws Exception {
    IdentityProvider identityProvider = identityProviderMgtServiceClient.getIdPByName(issuer);
    ClaimConfig claimConfig = new ClaimConfig();
    Claim emailClaim = new Claim();
    emailClaim.setClaimUri(COUNTRY_LOCAL_CLAIM_URI);
    Claim emailRemoteClaim = new Claim();
    emailRemoteClaim.setClaimUri(COUNTRY_NEW_OIDC_CLAIM);
    ClaimMapping emailClaimMapping = new ClaimMapping();
    emailClaimMapping.setLocalClaim(emailClaim);
    emailClaimMapping.setRemoteClaim(emailRemoteClaim);
    claimConfig.addIdpClaims(emailRemoteClaim);
    claimConfig.setClaimMappings(new ClaimMapping[] { emailClaimMapping });
    identityProvider.setClaimConfig(claimConfig);
    identityProviderMgtServiceClient.updateIdP(issuer, identityProvider);
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.idp.xsd.ClaimMapping) ClaimConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.ClaimConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) Claim(org.wso2.carbon.identity.application.common.model.idp.xsd.Claim)

Example 79 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.

the class OAuth2ServiceAbstractIntegrationTest method getClaimConfig.

private ClaimConfig getClaimConfig() {
    ClaimConfig claimConfig = new ClaimConfig();
    ClaimMapping emailClaimMapping = getClaimMapping(EMAIL_CLAIM_URI);
    ClaimMapping givenNameClaimMapping = getClaimMapping(GIVEN_NAME_CLAIM_URI);
    ClaimMapping countryClaimMapping = getClaimMapping(COUNTRY_CLAIM_URI);
    ClaimMapping customClaimMapping1 = getClaimMapping(customClaimURI1);
    ClaimMapping customClaimMapping2 = getClaimMapping(customClaimURI2);
    claimConfig.setClaimMappings(new org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping[] { emailClaimMapping, givenNameClaimMapping, countryClaimMapping, customClaimMapping1, customClaimMapping2 });
    return claimConfig;
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping) ClaimConfig(org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig)

Example 80 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project product-is by wso2.

the class ChallengeQuestionPostAuthnHandlerTestCase method getClaimMappings.

private ClaimMapping[] getClaimMappings() {
    List<ClaimMapping> claimMappingList = new ArrayList<>();
    Claim firstNameClaim = new Claim();
    firstNameClaim.setClaimUri(FIRST_NAME_CLAIM_URI);
    ClaimMapping firstNameClaimMapping = new ClaimMapping();
    firstNameClaimMapping.setRequested(true);
    firstNameClaimMapping.setLocalClaim(firstNameClaim);
    firstNameClaimMapping.setRemoteClaim(firstNameClaim);
    claimMappingList.add(firstNameClaimMapping);
    Claim lastNameClaim = new Claim();
    lastNameClaim.setClaimUri(LAST_NAME_CLAIM_URI);
    ClaimMapping lastNameClaimMapping = new ClaimMapping();
    lastNameClaimMapping.setRequested(true);
    lastNameClaimMapping.setLocalClaim(lastNameClaim);
    lastNameClaimMapping.setRemoteClaim(lastNameClaim);
    claimMappingList.add(lastNameClaimMapping);
    Claim emailClaim = new Claim();
    emailClaim.setClaimUri(EMAIL_CLAIM_URI);
    ClaimMapping emailClaimMapping = new ClaimMapping();
    emailClaimMapping.setRequested(true);
    emailClaimMapping.setLocalClaim(emailClaim);
    emailClaimMapping.setRemoteClaim(emailClaim);
    claimMappingList.add(emailClaimMapping);
    return claimMappingList.toArray(new ClaimMapping[claimMappingList.size()]);
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping) ArrayList(java.util.ArrayList) Claim(org.wso2.carbon.identity.application.common.model.xsd.Claim)

Aggregations

ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)108 HashMap (java.util.HashMap)60 ArrayList (java.util.ArrayList)52 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)27 Map (java.util.Map)26 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)24 ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)24 ClaimMapping (org.wso2.carbon.user.api.ClaimMapping)24 Claim (org.wso2.carbon.identity.application.common.model.Claim)23 Test (org.testng.annotations.Test)22 Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)21 LocalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)21 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)20 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)20 List (java.util.List)17 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17 UserStoreException (org.wso2.carbon.user.api.UserStoreException)17 Matchers.anyString (org.mockito.Matchers.anyString)16 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13 ClaimMetadataException (org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException)13