Search in sources :

Example 91 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.

the class ServerIdpManagementService method updateClaims.

private void updateClaims(IdentityProvider idp, Claims claims) {
    if (claims != null) {
        ClaimConfig claimConfig = new ClaimConfig();
        List<ClaimMapping> claimMappings = new ArrayList<>();
        List<org.wso2.carbon.identity.application.common.model.Claim> idpClaims = new ArrayList<>();
        if (CollectionUtils.isNotEmpty(claims.getMappings())) {
            claimConfig.setLocalClaimDialect(false);
            for (org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping mapping : claims.getMappings()) {
                String idpClaimUri = mapping.getIdpClaim();
                String localClaimUri = mapping.getLocalClaim().getUri();
                ClaimMapping internalMapping = new ClaimMapping();
                org.wso2.carbon.identity.application.common.model.Claim remoteClaim = new org.wso2.carbon.identity.application.common.model.Claim();
                remoteClaim.setClaimUri(idpClaimUri);
                org.wso2.carbon.identity.application.common.model.Claim localClaim = new org.wso2.carbon.identity.application.common.model.Claim();
                localClaim.setClaimUri(localClaimUri);
                internalMapping.setRemoteClaim(remoteClaim);
                internalMapping.setLocalClaim(localClaim);
                claimMappings.add(internalMapping);
                idpClaims.add(remoteClaim);
            }
        } else {
            claimConfig.setLocalClaimDialect(true);
        }
        if ((claims.getUserIdClaim() != null)) {
            claimConfig.setUserClaimURI(claims.getUserIdClaim().getUri());
        }
        if (claims.getRoleClaim() != null) {
            claimConfig.setRoleClaimURI(claims.getRoleClaim().getUri());
        }
        List<ProvisioningClaim> provClaims = claims.getProvisioningClaims();
        for (ProvisioningClaim provClaim : provClaims) {
            String provClaimUri = provClaim.getClaim().getUri();
            if (CollectionUtils.isNotEmpty(claims.getMappings())) {
                for (ClaimMapping internalMapping : claimMappings) {
                    if (StringUtils.equals(provClaimUri, internalMapping.getRemoteClaim().getClaimUri())) {
                        internalMapping.setDefaultValue(provClaim.getDefaultValue());
                        internalMapping.setRequested(true);
                    }
                }
            } else {
                ClaimMapping internalMapping = new ClaimMapping();
                org.wso2.carbon.identity.application.common.model.Claim localClaim = new org.wso2.carbon.identity.application.common.model.Claim();
                localClaim.setClaimUri(provClaimUri);
                internalMapping.setLocalClaim(localClaim);
                internalMapping.setDefaultValue(provClaim.getDefaultValue());
                internalMapping.setRequested(true);
                claimMappings.add(internalMapping);
            }
        }
        claimConfig.setClaimMappings(claimMappings.toArray(new ClaimMapping[0]));
        claimConfig.setIdpClaims(idpClaims.toArray(new org.wso2.carbon.identity.application.common.model.Claim[0]));
        idp.setClaimConfig(claimConfig);
    }
}
Also used : ProvisioningClaim(org.wso2.carbon.identity.api.server.idp.v1.model.ProvisioningClaim) ArrayList(java.util.ArrayList) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) Claim(org.wso2.carbon.identity.api.server.idp.v1.model.Claim) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim) ProvisioningClaim(org.wso2.carbon.identity.api.server.idp.v1.model.ProvisioningClaim)

Example 92 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.

the class ServerIdpManagementService method createClaimResponse.

private Claims createClaimResponse(ClaimConfig claimConfig) {
    Claims apiClaims = new Claims();
    List<org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping> apiMappings = new ArrayList<>();
    List<ProvisioningClaim> provClaims = new ArrayList<>();
    if (claimConfig != null) {
        if (claimConfig.getClaimMappings() != null) {
            for (ClaimMapping mapping : claimConfig.getClaimMappings()) {
                org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping apiMapping = new org.wso2.carbon.identity.api.server.idp.v1.model.ClaimMapping();
                Claim localClaim = new Claim();
                localClaim.setId(base64URLEncode(mapping.getLocalClaim().getClaimUri()));
                localClaim.setUri(mapping.getLocalClaim().getClaimUri());
                localClaim.setDisplayName(getDisplayNameOfLocalClaim(mapping.getLocalClaim().getClaimUri()));
                apiMapping.setLocalClaim(localClaim);
                // need to validate this here.
                if (StringUtils.isNotBlank(mapping.getRemoteClaim().getClaimUri())) {
                    apiMapping.setIdpClaim(mapping.getRemoteClaim().getClaimUri());
                    apiMappings.add(apiMapping);
                }
                if (StringUtils.isNotBlank(mapping.getDefaultValue()) && mapping.isRequested()) {
                    ProvisioningClaim provClaimResponse = new ProvisioningClaim();
                    Claim provClaim = new Claim();
                    if (StringUtils.isNotBlank(mapping.getRemoteClaim().getClaimUri())) {
                        provClaim.setUri(mapping.getRemoteClaim().getClaimUri());
                    } else {
                        provClaim.setId(base64URLEncode(mapping.getLocalClaim().getClaimUri()));
                        provClaim.setUri(mapping.getLocalClaim().getClaimUri());
                        provClaim.setDisplayName(getDisplayNameOfLocalClaim(mapping.getLocalClaim().getClaimUri()));
                    }
                    provClaimResponse.setClaim(provClaim);
                    provClaimResponse.setDefaultValue(mapping.getDefaultValue());
                    provClaims.add(provClaimResponse);
                }
            }
        }
        Claim roleClaim = new Claim();
        if (getLocalClaim(claimConfig.getRoleClaimURI()) != null) {
            roleClaim.setId(base64URLEncode(claimConfig.getRoleClaimURI()));
            roleClaim.setDisplayName(getDisplayNameOfLocalClaim(claimConfig.getRoleClaimURI()));
        }
        roleClaim.setUri(claimConfig.getRoleClaimURI());
        apiClaims.setRoleClaim(roleClaim);
        Claim userIdClaim = new Claim();
        if (getLocalClaim(claimConfig.getUserClaimURI()) != null) {
            userIdClaim.setId(base64URLEncode(claimConfig.getUserClaimURI()));
            userIdClaim.setDisplayName(getDisplayNameOfLocalClaim(claimConfig.getUserClaimURI()));
        }
        userIdClaim.setUri(claimConfig.getUserClaimURI());
        apiClaims.setUserIdClaim(userIdClaim);
    }
    apiClaims.setMappings(apiMappings);
    apiClaims.setProvisioningClaims(provClaims);
    return apiClaims;
}
Also used : ProvisioningClaim(org.wso2.carbon.identity.api.server.idp.v1.model.ProvisioningClaim) Claims(org.wso2.carbon.identity.api.server.idp.v1.model.Claims) ArrayList(java.util.ArrayList) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) Claim(org.wso2.carbon.identity.api.server.idp.v1.model.Claim) LocalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim) ProvisioningClaim(org.wso2.carbon.identity.api.server.idp.v1.model.ProvisioningClaim)

Example 93 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project identity-api-server by wso2.

the class UpdateClaimConfiguration method buildRequestClaimMapping.

private ClaimMapping buildRequestClaimMapping(RequestedClaimConfiguration requestedClaimConfiguration) {
    String claimUri = getClaimUri(requestedClaimConfiguration);
    ClaimMapping claimMapping = ClaimMapping.build(claimUri, claimUri, null, true);
    // Set whether claim is mandatory.
    setIfNotNull(requestedClaimConfiguration.getMandatory(), claimMapping::setMandatory);
    return claimMapping;
}
Also used : ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)

Example 94 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.

the class TokenGenTest method testJWTGeneration.

// TODO: Have to convert to work with new JWT generation and signing
@Test
@Ignore
public void testJWTGeneration() throws Exception {
    JWTGenerator jwtGen = new JWTGenerator() {

        @Override
        public Map<String, String> convertClaimMap(Map<ClaimMapping, String> userAttributes, String username) {
            return new HashMap<>();
        }
    };
    APIKeyValidationInfoDTO dto = new APIKeyValidationInfoDTO();
    dto.setSubscriber("sastry");
    dto.setApplicationName("hubapp");
    dto.setApplicationId("1");
    dto.setApplicationTier("UNLIMITED");
    dto.setEndUserName("denis");
    dto.setSubscriberTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    dto.setUserType(APIConstants.ACCESS_TOKEN_USER_TYPE_APPLICATION);
    TokenValidationContext validationContext = new TokenValidationContext();
    validationContext.setValidationInfoDTO(dto);
    validationContext.setContext("cricScore");
    validationContext.setVersion("1.9.0");
    String token = jwtGen.generateToken(validationContext);
    System.out.println("Generated Token: " + token);
    String header = token.split("\\.")[0];
    String decodedHeader = new String(Base64Utils.decode(header));
    System.out.println("Header: " + decodedHeader);
    String body = token.split("\\.")[1];
    String decodedBody = new String(Base64Utils.decode(body));
    System.out.println("Body: " + decodedBody);
    // With end user name not included
    token = jwtGen.generateToken(validationContext);
    System.out.println("Generated Token: " + token);
    header = token.split("\\.")[0];
    decodedHeader = new String(Base64Utils.decode(header));
    System.out.println("Header: " + decodedHeader);
    body = token.split("\\.")[1];
    decodedBody = new String(Base64Utils.decode(body));
    System.out.println("Body: " + decodedBody);
    dto.setUserType(APIConstants.SUBSCRIPTION_USER_TYPE);
    token = jwtGen.generateToken(validationContext);
    System.out.println("Generated Token: " + token);
    header = token.split("\\.")[0];
    decodedHeader = new String(Base64Utils.decode(header));
    System.out.println("Header: " + decodedHeader);
    body = token.split("\\.")[1];
    decodedBody = new String(Base64Utils.decode(body));
    System.out.println("Body: " + decodedBody);
    token = jwtGen.generateToken(validationContext);
    System.out.println("Generated Token: " + token);
    header = token.split("\\.")[0];
    decodedHeader = new String(Base64Utils.decode(header));
    System.out.println("Header: " + decodedHeader);
    body = token.split("\\.")[1];
    decodedBody = new String(Base64Utils.decode(body));
    System.out.println("Body: " + decodedBody);
// we can not do assert eaquals because body includes expiration time.
/*String expectedHeader = "{\"typ\":\"JWT\"}";
        String expectedBody = "{\"iss\":\"wso2.org/products/am\", \"exp\":1349270811075, " +
                              "\"http://wso2.org/claims/subscriber\":\"sastry\", " +
                              "\"http://wso2.org/claims/applicationname\":\"hubapp\", " +
                              "\"http://wso2.org/claims/apicontext\":\"cricScore\", " +
                              "\"http://wso2.org/claims/version\":\"1.9.0\", " +
                              "\"http://wso2.org/claims/tier\":\"Bronze\", " +
                              "\"http://wso2.org/claims/enduser\":\"denis\"}";

        Assert.assertEquals(expectedHeader, decodedHeader);
        Assert.assertEquals(expectedBody, decodedBody);*/
// String decodedToken = new String(Base64Utils.decode(token));
// log.info(decodedToken);
// assertNotNull(decodedToken);
}
Also used : TokenValidationContext(org.wso2.carbon.apimgt.keymgt.service.TokenValidationContext) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) APIKeyValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO) Ignore(org.junit.Ignore) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 95 with ClaimMapping

use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.

the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.

private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
    keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
    keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
    IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
    if (identityProviderProperties.length > 0) {
        for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
            if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
                keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
            }
            if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
                keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
            }
        }
    } else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
        keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
    }
    keyManagerDTO.setEnabled(identityProvider.isEnable());
    keyManagerDTO.setAlias(identityProvider.getAlias());
    ClaimConfig claimConfig = identityProvider.getClaimConfig();
    JsonArray claimArray = new JsonArray();
    for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
        JsonObject claimMappingEntryDTO = new JsonObject();
        claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
        claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
        claimArray.add(claimMappingEntryDTO);
    }
    keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Also used : JsonArray(com.google.gson.JsonArray) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) JsonObject(com.google.gson.JsonObject)

Aggregations

ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)108 HashMap (java.util.HashMap)60 ArrayList (java.util.ArrayList)52 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)27 Map (java.util.Map)26 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)24 ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)24 ClaimMapping (org.wso2.carbon.user.api.ClaimMapping)24 Claim (org.wso2.carbon.identity.application.common.model.Claim)23 Test (org.testng.annotations.Test)22 Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)21 LocalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)21 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)20 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)20 List (java.util.List)17 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17 UserStoreException (org.wso2.carbon.user.api.UserStoreException)17 Matchers.anyString (org.mockito.Matchers.anyString)16 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13 ClaimMetadataException (org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException)13