use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.
the class ServerIdpManagementService method updateClaims.
private void updateClaims(IdentityProvider idp, Claims claims) {
if (claims != null) {
ClaimConfig claimConfig = new ClaimConfig();
List<ClaimMapping> claimMappings = new ArrayList<>();
List<org.wso2.carbon.identity.application.common.model.Claim> idpClaims = new ArrayList<>();
if (CollectionUtils.isNotEmpty(claims.getMappings())) {
claimConfig.setLocalClaimDialect(false);
for (org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping mapping : claims.getMappings()) {
String idpClaimUri = mapping.getIdpClaim();
String localClaimUri = mapping.getLocalClaim().getUri();
ClaimMapping internalMapping = new ClaimMapping();
org.wso2.carbon.identity.application.common.model.Claim remoteClaim = new org.wso2.carbon.identity.application.common.model.Claim();
remoteClaim.setClaimUri(idpClaimUri);
org.wso2.carbon.identity.application.common.model.Claim localClaim = new org.wso2.carbon.identity.application.common.model.Claim();
localClaim.setClaimUri(localClaimUri);
internalMapping.setRemoteClaim(remoteClaim);
internalMapping.setLocalClaim(localClaim);
claimMappings.add(internalMapping);
idpClaims.add(remoteClaim);
}
} else {
claimConfig.setLocalClaimDialect(true);
}
if ((claims.getUserIdClaim() != null)) {
claimConfig.setUserClaimURI(claims.getUserIdClaim().getUri());
}
if (claims.getRoleClaim() != null) {
claimConfig.setRoleClaimURI(claims.getRoleClaim().getUri());
}
List<ProvisioningClaim> provClaims = claims.getProvisioningClaims();
for (ProvisioningClaim provClaim : provClaims) {
String provClaimUri = provClaim.getClaim().getUri();
if (CollectionUtils.isNotEmpty(claims.getMappings())) {
for (ClaimMapping internalMapping : claimMappings) {
if (StringUtils.equals(provClaimUri, internalMapping.getRemoteClaim().getClaimUri())) {
internalMapping.setDefaultValue(provClaim.getDefaultValue());
internalMapping.setRequested(true);
}
}
} else {
ClaimMapping internalMapping = new ClaimMapping();
org.wso2.carbon.identity.application.common.model.Claim localClaim = new org.wso2.carbon.identity.application.common.model.Claim();
localClaim.setClaimUri(provClaimUri);
internalMapping.setLocalClaim(localClaim);
internalMapping.setDefaultValue(provClaim.getDefaultValue());
internalMapping.setRequested(true);
claimMappings.add(internalMapping);
}
}
claimConfig.setClaimMappings(claimMappings.toArray(new ClaimMapping[0]));
claimConfig.setIdpClaims(idpClaims.toArray(new org.wso2.carbon.identity.application.common.model.Claim[0]));
idp.setClaimConfig(claimConfig);
}
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.
the class ServerIdpManagementService method createClaimResponse.
private Claims createClaimResponse(ClaimConfig claimConfig) {
Claims apiClaims = new Claims();
List<org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping> apiMappings = new ArrayList<>();
List<ProvisioningClaim> provClaims = new ArrayList<>();
if (claimConfig != null) {
if (claimConfig.getClaimMappings() != null) {
for (ClaimMapping mapping : claimConfig.getClaimMappings()) {
org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping apiMapping = new org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping();
Claim localClaim = new Claim();
localClaim.setId(base64URLEncode(mapping.getLocalClaim().getClaimUri()));
localClaim.setUri(mapping.getLocalClaim().getClaimUri());
localClaim.setDisplayName(getDisplayNameOfLocalClaim(mapping.getLocalClaim().getClaimUri()));
apiMapping.setLocalClaim(localClaim);
// need to validate this here.
if (StringUtils.isNotBlank(mapping.getRemoteClaim().getClaimUri())) {
apiMapping.setIdpClaim(mapping.getRemoteClaim().getClaimUri());
apiMappings.add(apiMapping);
}
if (StringUtils.isNotBlank(mapping.getDefaultValue()) && mapping.isRequested()) {
ProvisioningClaim provClaimResponse = new ProvisioningClaim();
Claim provClaim = new Claim();
if (StringUtils.isNotBlank(mapping.getRemoteClaim().getClaimUri())) {
provClaim.setUri(mapping.getRemoteClaim().getClaimUri());
} else {
provClaim.setId(base64URLEncode(mapping.getLocalClaim().getClaimUri()));
provClaim.setUri(mapping.getLocalClaim().getClaimUri());
provClaim.setDisplayName(getDisplayNameOfLocalClaim(mapping.getLocalClaim().getClaimUri()));
}
provClaimResponse.setClaim(provClaim);
provClaimResponse.setDefaultValue(mapping.getDefaultValue());
provClaims.add(provClaimResponse);
}
}
}
Claim roleClaim = new Claim();
if (getLocalClaim(claimConfig.getRoleClaimURI()) != null) {
roleClaim.setId(base64URLEncode(claimConfig.getRoleClaimURI()));
roleClaim.setDisplayName(getDisplayNameOfLocalClaim(claimConfig.getRoleClaimURI()));
}
roleClaim.setUri(claimConfig.getRoleClaimURI());
apiClaims.setRoleClaim(roleClaim);
Claim userIdClaim = new Claim();
if (getLocalClaim(claimConfig.getUserClaimURI()) != null) {
userIdClaim.setId(base64URLEncode(claimConfig.getUserClaimURI()));
userIdClaim.setDisplayName(getDisplayNameOfLocalClaim(claimConfig.getUserClaimURI()));
}
userIdClaim.setUri(claimConfig.getUserClaimURI());
apiClaims.setUserIdClaim(userIdClaim);
}
apiClaims.setMappings(apiMappings);
apiClaims.setProvisioningClaims(provClaims);
return apiClaims;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.
the class UpdateClaimConfiguration method buildRequestClaimMapping.
private ClaimMapping buildRequestClaimMapping(RequestedClaimConfiguration requestedClaimConfiguration) {
String claimUri = getClaimUri(requestedClaimConfiguration);
ClaimMapping claimMapping = ClaimMapping.build(claimUri, claimUri, null, true);
// Set whether claim is mandatory.
setIfNotNull(requestedClaimConfiguration.getMandatory(), claimMapping::setMandatory);
return claimMapping;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.
the class TokenGenTest method testJWTGeneration.
// TODO: Have to convert to work with new JWT generation and signing
@Test
@Ignore
public void testJWTGeneration() throws Exception {
JWTGenerator jwtGen = new JWTGenerator() {
@Override
public Map<String, String> convertClaimMap(Map<ClaimMapping, String> userAttributes, String username) {
return new HashMap<>();
}
};
APIKeyValidationInfoDTO dto = new APIKeyValidationInfoDTO();
dto.setSubscriber("sastry");
dto.setApplicationName("hubapp");
dto.setApplicationId("1");
dto.setApplicationTier("UNLIMITED");
dto.setEndUserName("denis");
dto.setSubscriberTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
dto.setUserType(APIConstants.ACCESS_TOKEN_USER_TYPE_APPLICATION);
TokenValidationContext validationContext = new TokenValidationContext();
validationContext.setValidationInfoDTO(dto);
validationContext.setContext("cricScore");
validationContext.setVersion("1.9.0");
String token = jwtGen.generateToken(validationContext);
System.out.println("Generated Token: " + token);
String header = token.split("\\.")[0];
String decodedHeader = new String(Base64Utils.decode(header));
System.out.println("Header: " + decodedHeader);
String body = token.split("\\.")[1];
String decodedBody = new String(Base64Utils.decode(body));
System.out.println("Body: " + decodedBody);
// With end user name not included
token = jwtGen.generateToken(validationContext);
System.out.println("Generated Token: " + token);
header = token.split("\\.")[0];
decodedHeader = new String(Base64Utils.decode(header));
System.out.println("Header: " + decodedHeader);
body = token.split("\\.")[1];
decodedBody = new String(Base64Utils.decode(body));
System.out.println("Body: " + decodedBody);
dto.setUserType(APIConstants.SUBSCRIPTION_USER_TYPE);
token = jwtGen.generateToken(validationContext);
System.out.println("Generated Token: " + token);
header = token.split("\\.")[0];
decodedHeader = new String(Base64Utils.decode(header));
System.out.println("Header: " + decodedHeader);
body = token.split("\\.")[1];
decodedBody = new String(Base64Utils.decode(body));
System.out.println("Body: " + decodedBody);
token = jwtGen.generateToken(validationContext);
System.out.println("Generated Token: " + token);
header = token.split("\\.")[0];
decodedHeader = new String(Base64Utils.decode(header));
System.out.println("Header: " + decodedHeader);
body = token.split("\\.")[1];
decodedBody = new String(Base64Utils.decode(body));
System.out.println("Body: " + decodedBody);
// we can not do assert eaquals because body includes expiration time.
/*String expectedHeader = "{\"typ\":\"JWT\"}";
String expectedBody = "{\"iss\":\"wso2.org/products/am\", \"exp\":1349270811075, " +
"\"http://wso2.org/claims/subscriber\":\"sastry\", " +
"\"http://wso2.org/claims/applicationname\":\"hubapp\", " +
"\"http://wso2.org/claims/apicontext\":\"cricScore\", " +
"\"http://wso2.org/claims/version\":\"1.9.0\", " +
"\"http://wso2.org/claims/tier\":\"Bronze\", " +
"\"http://wso2.org/claims/enduser\":\"denis\"}";
Assert.assertEquals(expectedHeader, decodedHeader);
Assert.assertEquals(expectedBody, decodedBody);*/
// String decodedToken = new String(Base64Utils.decode(token));
// log.info(decodedToken);
// assertNotNull(decodedToken);
}
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.
the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.
private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
if (identityProviderProperties.length > 0) {
for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
}
if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
}
}
} else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
}
keyManagerDTO.setEnabled(identityProvider.isEnable());
keyManagerDTO.setAlias(identityProvider.getAlias());
ClaimConfig claimConfig = identityProvider.getClaimConfig();
JsonArray claimArray = new JsonArray();
for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
JsonObject claimMappingEntryDTO = new JsonObject();
claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
claimArray.add(claimMappingEntryDTO);
}
keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Aggregations