Example 96 with ClaimMapping
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.
the class APIUtil method getClaims.
/**
* Returns the user claims for the given user.
*
* @param endUserName name of the user whose claims needs to be returned
* @param tenantId tenant id of the user
* @param dialectURI claim dialect URI
* @return claims map
* @throws APIManagementException
*/
public static SortedMap<String, String> getClaims(String endUserName, int tenantId, String dialectURI) throws APIManagementException {
SortedMap<String, String> claimValues;
try {
ClaimManager claimManager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getClaimManager();
ClaimMapping[] claims = claimManager.getAllClaimMappings(dialectURI);
String[] claimURIs = claimMappingtoClaimURIString(claims);
UserStoreManager userStoreManager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(endUserName);
claimValues = new TreeMap(userStoreManager.getUserClaimValues(tenantAwareUserName, claimURIs, null));
return claimValues;
} catch (UserStoreException e) {
throw new APIManagementException("Error while retrieving user claim values from user store", e);
}
}
Also used :
ClaimManager(org.wso2.carbon.user.api.ClaimManager)
ClaimMapping(org.wso2.carbon.user.api.ClaimMapping)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)
AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager)
TreeMap(java.util.TreeMap)
Example 97 with ClaimMapping
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-apimgt by wso2.
the class KeyManagerMappingUtil method toKeyManagerConfigurationDTO.
public static KeyManagerConfigurationDTO toKeyManagerConfigurationDTO(String tenantDomain, KeyManagerDTO keyManagerDTO) {
KeyManagerConfigurationDTO keyManagerConfigurationDTO = new KeyManagerConfigurationDTO();
Map<String, String> endpoints = new HashMap<>();
keyManagerConfigurationDTO.setName(keyManagerDTO.getName());
keyManagerConfigurationDTO.setDisplayName(keyManagerDTO.getDisplayName());
keyManagerConfigurationDTO.setDescription(keyManagerDTO.getDescription());
keyManagerConfigurationDTO.setEnabled(keyManagerDTO.isEnabled());
keyManagerConfigurationDTO.setType(keyManagerDTO.getType());
keyManagerConfigurationDTO.setOrganization(tenantDomain);
keyManagerConfigurationDTO.setTokenType(keyManagerDTO.getTokenType().toString());
keyManagerConfigurationDTO.setAlias(keyManagerDTO.getAlias());
Map<String, Object> additionalProperties = new HashMap();
if (keyManagerDTO.getAdditionalProperties() != null && keyManagerDTO.getAdditionalProperties() instanceof Map) {
additionalProperties.putAll((Map) keyManagerDTO.getAdditionalProperties());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getClientRegistrationEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
endpoints.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getIntrospectionEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
endpoints.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getTokenEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
endpoints.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayTokenEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
endpoints.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getRevokeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
endpoints.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayRevokeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
endpoints.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getScopeManagementEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
endpoints.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
}
if (keyManagerDTO.getAvailableGrantTypes() != null) {
additionalProperties.put(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE, keyManagerDTO.getAvailableGrantTypes());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getIssuer())) {
additionalProperties.put(APIConstants.KeyManager.ISSUER, keyManagerDTO.getIssuer());
}
if (keyManagerDTO.getCertificates() != null) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_VALUE, keyManagerDTO.getCertificates().getValue());
if (KeyManagerCertificatesDTO.TypeEnum.JWKS.equals(keyManagerDTO.getCertificates().getType())) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
} else if (KeyManagerCertificatesDTO.TypeEnum.PEM.equals(keyManagerDTO.getCertificates().getType())) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
}
}
if (StringUtils.isNotEmpty(keyManagerDTO.getUserInfoEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
endpoints.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getAuthorizeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
endpoints.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getWellKnownEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.WELL_KNOWN_ENDPOINT, keyManagerDTO.getWellKnownEndpoint());
}
if (keyManagerDTO.getEndpoints() != null) {
for (KeyManagerEndpointDTO endpoint : keyManagerDTO.getEndpoints()) {
endpoints.put(endpoint.getName(), endpoint.getValue());
}
}
keyManagerConfigurationDTO.setEndpoints(endpoints);
additionalProperties.put(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION, keyManagerDTO.isEnableOAuthAppCreation());
additionalProperties.put(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS, keyManagerDTO.isEnableMapOAuthConsumerApps());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION, keyManagerDTO.isEnableTokenGeneration());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_HASH, keyManagerDTO.isEnableTokenHashing());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_ENCRYPTION, keyManagerDTO.isEnableTokenEncryption());
additionalProperties.put(APIConstants.KeyManager.SELF_VALIDATE_JWT, keyManagerDTO.isEnableSelfValidationJWT());
List<TokenValidationDTO> tokenValidationDTOList = keyManagerDTO.getTokenValidation();
if (tokenValidationDTOList != null && !tokenValidationDTOList.isEmpty()) {
additionalProperties.put(APIConstants.KeyManager.TOKEN_FORMAT_STRING, new Gson().toJson(tokenValidationDTOList));
}
List<ClaimMappingEntryDTO> claimMapping = keyManagerDTO.getClaimMapping();
if (claimMapping != null) {
additionalProperties.put(APIConstants.KeyManager.CLAIM_MAPPING, new Gson().toJsonTree(claimMapping));
}
if (StringUtils.isNotEmpty(keyManagerDTO.getConsumerKeyClaim())) {
additionalProperties.put(APIConstants.KeyManager.CONSUMER_KEY_CLAIM, keyManagerDTO.getConsumerKeyClaim());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getScopesClaim())) {
additionalProperties.put(APIConstants.KeyManager.SCOPES_CLAIM, keyManagerDTO.getScopesClaim());
}
keyManagerConfigurationDTO.setAdditionalProperties(additionalProperties);
return keyManagerConfigurationDTO;
}
Also used :
KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)
KeyManagerEndpointDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerEndpointDTO)
HashMap(java.util.HashMap)
TokenValidationDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.TokenValidationDTO)
Gson(com.google.gson.Gson)
ClaimMappingEntryDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ClaimMappingEntryDTO)
JsonObject(com.google.gson.JsonObject)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 98 with ClaimMapping
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.
the class ApplicationDAOImpl method getClaimConfiguration.
/**
* @param applicationId
* @param connection
* @return
* @throws IdentityApplicationManagementException
*/
private ClaimConfig getClaimConfiguration(int applicationId, Connection connection, int tenantID) throws IdentityApplicationManagementException {
ClaimConfig claimConfig = new ClaimConfig();
ArrayList<ClaimMapping> claimMappingList = new ArrayList<ClaimMapping>();
List<String> spDialectList = new ArrayList<String>();
if (log.isDebugEnabled()) {
log.debug("Reading Claim Mappings of Application " + applicationId);
}
PreparedStatement get = null;
ResultSet resultSet = null;
try {
get = connection.prepareStatement(LOAD_CLAIM_MAPPING_BY_APP_ID);
// IDP_CLAIM, SP_CLAIM, IS_REQUESTED
get.setInt(1, applicationId);
get.setInt(2, tenantID);
resultSet = get.executeQuery();
while (resultSet.next()) {
ClaimMapping claimMapping = new ClaimMapping();
Claim localClaim = new Claim();
Claim remoteClaim = new Claim();
localClaim.setClaimUri(resultSet.getString(1));
remoteClaim.setClaimUri(resultSet.getString(2));
String requested = resultSet.getString(3);
if ("1".equalsIgnoreCase(requested)) {
claimMapping.setRequested(true);
} else {
claimMapping.setRequested(false);
}
String mandatory = resultSet.getString(4);
if ("1".equalsIgnoreCase(mandatory)) {
claimMapping.setMandatory(true);
} else {
claimMapping.setMandatory(false);
}
if (remoteClaim.getClaimUri() == null || remoteClaim.getClaimUri().trim().length() == 0) {
remoteClaim.setClaimUri(localClaim.getClaimUri());
}
if (localClaim.getClaimUri() == null || localClaim.getClaimUri().trim().length() == 0) {
localClaim.setClaimUri(remoteClaim.getClaimUri());
}
claimMapping.setDefaultValue(resultSet.getString(5));
claimMapping.setLocalClaim(localClaim);
claimMapping.setRemoteClaim(remoteClaim);
claimMappingList.add(claimMapping);
if (log.isDebugEnabled()) {
log.debug("Local Claim: " + claimMapping.getLocalClaim().getClaimUri() + " SPClaim: " + claimMapping.getRemoteClaim().getClaimUri());
}
}
claimConfig.setClaimMappings(claimMappingList.toArray(new ClaimMapping[claimMappingList.size()]));
} catch (SQLException e) {
throw new IdentityApplicationManagementException("Error while retrieving all application");
} finally {
IdentityApplicationManagementUtil.closeStatement(get);
IdentityApplicationManagementUtil.closeResultSet(resultSet);
}
PreparedStatement loadClaimConfigsPrepStmt = null;
ResultSet loadClaimConfigsResultSet = null;
try {
loadClaimConfigsPrepStmt = connection.prepareStatement(LOAD_CLAIM_CONIFG_BY_APP_ID);
loadClaimConfigsPrepStmt.setInt(1, tenantID);
loadClaimConfigsPrepStmt.setInt(2, applicationId);
loadClaimConfigsResultSet = loadClaimConfigsPrepStmt.executeQuery();
while (loadClaimConfigsResultSet.next()) {
claimConfig.setRoleClaimURI(loadClaimConfigsResultSet.getString(1));
claimConfig.setLocalClaimDialect("1".equals(loadClaimConfigsResultSet.getString(2)));
claimConfig.setAlwaysSendMappedLocalSubjectId("1".equals(loadClaimConfigsResultSet.getString(3)));
}
} catch (SQLException e) {
throw new IdentityApplicationManagementException("Error while retrieving all application");
} finally {
IdentityApplicationManagementUtil.closeStatement(loadClaimConfigsPrepStmt);
IdentityApplicationManagementUtil.closeResultSet(loadClaimConfigsResultSet);
}
PreparedStatement loadSPDialectsPrepStmt = null;
ResultSet loadSPDialectsResultSet = null;
try {
loadSPDialectsPrepStmt = connection.prepareStatement(LOAD_SP_DIALECTS_BY_APP_ID);
loadSPDialectsPrepStmt.setInt(1, tenantID);
loadSPDialectsPrepStmt.setInt(2, applicationId);
loadSPDialectsResultSet = loadSPDialectsPrepStmt.executeQuery();
while (loadSPDialectsResultSet.next()) {
String spDialect = loadSPDialectsResultSet.getString(1);
if (spDialect != null && !spDialect.isEmpty()) {
spDialectList.add(spDialect);
}
}
claimConfig.setSpClaimDialects(spDialectList.toArray(new String[spDialectList.size()]));
} catch (SQLException e) {
throw new IdentityApplicationManagementException("Error while retrieving all application");
} finally {
IdentityApplicationManagementUtil.closeStatement(loadClaimConfigsPrepStmt);
IdentityApplicationManagementUtil.closeResultSet(loadClaimConfigsResultSet);
}
return claimConfig;
}
Also used :
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
SQLException(java.sql.SQLException)
IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)
ArrayList(java.util.ArrayList)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
Claim(org.wso2.carbon.identity.application.common.model.Claim)
Example 99 with ClaimMapping
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.
the class ApplicationBean method update.
/**
* @param request
*/
public void update(HttpServletRequest request) {
// update basic info.
serviceProvider.setApplicationName(request.getParameter("spName"));
serviceProvider.setDescription(request.getParameter("sp-description"));
serviceProvider.setCertificateContent(request.getParameter("sp-certificate"));
String jwks = request.getParameter("jwksUri");
serviceProvider.setJwksUri(jwks);
if (Boolean.parseBoolean(request.getParameter("deletePublicCert"))) {
serviceProvider.setCertificateContent("");
}
String isSasApp = request.getParameter("isSaasApp");
serviceProvider.setSaasApp((isSasApp != null && "on".equals(isSasApp)) ? true : false);
String isDiscoverableApp = request.getParameter("isDiscoverableApp");
serviceProvider.setDiscoverable("on".equals(isDiscoverableApp));
String accessUrl = request.getParameter("accessURL");
serviceProvider.setAccessUrl(accessUrl);
String imageUrl = request.getParameter("imageURL");
serviceProvider.setImageUrl(imageUrl);
String logoutReturnUrl = request.getParameter(LOGOUT_RETURN_URL);
if (StringUtils.isNotBlank(logoutReturnUrl)) {
boolean logoutReturnUrlDefined = false;
if (serviceProvider.getSpProperties() != null) {
for (ServiceProviderProperty property : serviceProvider.getSpProperties()) {
if (property.getName() != null && LOGOUT_RETURN_URL.equals(property.getName())) {
property.setValue(logoutReturnUrl);
logoutReturnUrlDefined = true;
break;
}
}
}
if (!logoutReturnUrlDefined) {
ServiceProviderProperty property = new ServiceProviderProperty();
property.setName(LOGOUT_RETURN_URL);
property.setDisplayName("Logout Return URL");
property.setValue(logoutReturnUrl);
serviceProvider.addSpProperties(property);
}
}
if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() == null) {
// create fresh one.
serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
}
// authentication type : default, local, federated or advanced.
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationType(request.getParameter("auth_type"));
// update inbound provisioning data.
String provisioningUserStore = request.getParameter("scim-inbound-userstore");
InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
inBoundProConfig.setProvisioningUserStore(provisioningUserStore);
inBoundProConfig.setDumbMode(Boolean.parseBoolean(request.getParameter(DUMB)));
serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
// update outbound provisioning data.
String[] provisioningProviders = request.getParameterValues("provisioning_idp");
if (provisioningProviders != null && provisioningProviders.length > 0) {
List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
for (String proProvider : provisioningProviders) {
String connector = request.getParameter("provisioning_con_idp_" + proProvider);
String jitEnabled = request.getParameter("provisioning_jit_" + proProvider);
String blocking = request.getParameter("blocking_prov_" + proProvider);
String ruleEnabled = request.getParameter("rules_enabled_" + proProvider);
if (connector != null) {
IdentityProvider proIdp = new IdentityProvider();
proIdp.setIdentityProviderName(proProvider);
JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
if ("on".equals(jitEnabled)) {
jitpro.setProvisioningEnabled(true);
}
proIdp.setJustInTimeProvisioningConfig(jitpro);
ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
if ("on".equals(ruleEnabled)) {
proCon.setRulesEnabled(true);
} else {
proCon.setRulesEnabled(false);
}
if ("on".equals(blocking)) {
proCon.setBlocking(true);
} else {
proCon.setBlocking(false);
}
proCon.setName(connector);
proIdp.setDefaultProvisioningConnectorConfig(proCon);
provisioningIdps.add(proIdp);
}
}
if (CollectionUtils.isNotEmpty(provisioningIdps)) {
OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
}
} else {
serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
}
// get all request-path authenticators.
String[] requestPathAuthenticators = request.getParameterValues("req_path_auth");
if (requestPathAuthenticators != null && requestPathAuthenticators.length > 0) {
List<RequestPathAuthenticatorConfig> reqAuthList = new ArrayList<RequestPathAuthenticatorConfig>();
for (String name : requestPathAuthenticators) {
if (name != null) {
RequestPathAuthenticatorConfig reqAuth = new RequestPathAuthenticatorConfig();
reqAuth.setName(name);
reqAuth.setDisplayName(request.getParameter("req_path_auth_" + name));
reqAuthList.add(reqAuth);
}
}
if (CollectionUtils.isNotEmpty(reqAuthList)) {
serviceProvider.setRequestPathAuthenticatorConfigs(reqAuthList.toArray(new RequestPathAuthenticatorConfig[reqAuthList.size()]));
} else {
serviceProvider.setRequestPathAuthenticatorConfigs(null);
}
} else {
serviceProvider.setRequestPathAuthenticatorConfigs(null);
}
List<InboundAuthenticationRequestConfig> authRequestList = new ArrayList<InboundAuthenticationRequestConfig>();
if (samlIssuer != null) {
InboundAuthenticationRequestConfig samlAuthenticationRequest = new InboundAuthenticationRequestConfig();
samlAuthenticationRequest.setInboundAuthKey(samlIssuer);
samlAuthenticationRequest.setInboundAuthType("samlsso");
if (attrConsumServiceIndex != null && !attrConsumServiceIndex.isEmpty()) {
Property property = new Property();
property.setName("attrConsumServiceIndex");
property.setValue(attrConsumServiceIndex);
Property[] properties = { property };
samlAuthenticationRequest.setProperties(properties);
}
authRequestList.add(samlAuthenticationRequest);
}
if (kerberosServiceName != null) {
InboundAuthenticationRequestConfig kerberosAuthenticationRequest = new InboundAuthenticationRequestConfig();
kerberosAuthenticationRequest.setInboundAuthKey(kerberosServiceName);
kerberosAuthenticationRequest.setInboundAuthType("kerberos");
authRequestList.add(kerberosAuthenticationRequest);
}
if (oauthAppName != null) {
InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
opicAuthenticationRequest.setInboundAuthKey(oauthAppName);
opicAuthenticationRequest.setInboundAuthType("oauth2");
if (oauthConsumerSecret != null && !oauthConsumerSecret.isEmpty()) {
Property property = new Property();
property.setName("oauthConsumerSecret");
property.setValue(oauthConsumerSecret);
Property[] properties = { property };
opicAuthenticationRequest.setProperties(properties);
}
authRequestList.add(opicAuthenticationRequest);
}
if (CollectionUtils.isNotEmpty(wstrustEp)) {
wstrustEp.forEach(entry -> {
InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
opicAuthenticationRequest.setInboundAuthKey(entry);
opicAuthenticationRequest.setInboundAuthType("wstrust");
authRequestList.add(opicAuthenticationRequest);
});
}
String passiveSTSRealm = request.getParameter("passiveSTSRealm");
String passiveSTSWReply = request.getParameter("passiveSTSWReply");
if (StringUtils.isNotBlank(passiveSTSRealm)) {
InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
opicAuthenticationRequest.setInboundAuthKey(passiveSTSRealm);
opicAuthenticationRequest.setInboundAuthType("passivests");
if (passiveSTSWReply != null && !passiveSTSWReply.isEmpty()) {
Property property = new Property();
property.setName("passiveSTSWReply");
property.setValue(passiveSTSWReply);
Property[] properties = { property };
opicAuthenticationRequest.setProperties(properties);
}
authRequestList.add(opicAuthenticationRequest);
}
String openidRealm = request.getParameter("openidRealm");
if (StringUtils.isNotBlank(openidRealm)) {
InboundAuthenticationRequestConfig opicAuthenticationRequest = new InboundAuthenticationRequestConfig();
opicAuthenticationRequest.setInboundAuthKey(openidRealm);
opicAuthenticationRequest.setInboundAuthType("openid");
authRequestList.add(opicAuthenticationRequest);
}
if (!CollectionUtils.isEmpty(inboundAuthenticationRequestConfigs)) {
for (InboundAuthenticationRequestConfig customAuthConfig : inboundAuthenticationRequestConfigs) {
String type = customAuthConfig.getInboundAuthType();
Property[] properties = customAuthConfig.getProperties();
if (!ArrayUtils.isEmpty(properties)) {
for (Property prop : properties) {
String propVal = request.getParameter("custom_auth_prop_name_" + type + "_" + prop.getName());
prop.setValue(propVal);
}
}
authRequestList.add(customAuthConfig);
}
}
if (serviceProvider.getInboundAuthenticationConfig() == null) {
serviceProvider.setInboundAuthenticationConfig(new InboundAuthenticationConfig());
}
if (CollectionUtils.isNotEmpty(authRequestList)) {
serviceProvider.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs(authRequestList.toArray(new InboundAuthenticationRequestConfig[authRequestList.size()]));
}
// update local and out-bound authentication.
if (AUTH_TYPE_DEFAULT.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(null);
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
} else if (AUTH_TYPE_LOCAL.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
AuthenticationStep authStep = new AuthenticationStep();
LocalAuthenticatorConfig localAuthenticator = new LocalAuthenticatorConfig();
localAuthenticator.setName(request.getParameter("local_authenticator"));
if (localAuthenticator.getName() != null && localAuthenticatorConfigs != null) {
for (LocalAuthenticatorConfig config : localAuthenticatorConfigs) {
if (config.getName().equals(localAuthenticator.getName())) {
localAuthenticator.setDisplayName(config.getDisplayName());
break;
}
}
}
authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuthenticator });
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
} else if (AUTH_TYPE_FEDERATED.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
AuthenticationStep authStep = new AuthenticationStep();
IdentityProvider idp = new IdentityProvider();
idp.setIdentityProviderName(request.getParameter("fed_idp"));
authStep.setFederatedIdentityProviders(new IdentityProvider[] { idp });
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationScriptConfig(null);
} else if (AUTH_TYPE_FLOW.equalsIgnoreCase(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType())) {
// already updated.
}
String alwaysSendAuthListOfIdPs = request.getParameter("always_send_auth_list_of_idps");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAlwaysSendBackAuthenticatedListOfIdPs(alwaysSendAuthListOfIdPs != null && "on".equals(alwaysSendAuthListOfIdPs) ? true : false);
String useTenantDomainInLocalSubjectIdentifier = request.getParameter("use_tenant_domain_in_local_subject_identifier");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseTenantDomainInLocalSubjectIdentifier(useTenantDomainInLocalSubjectIdentifier != null && "on".equals(useTenantDomainInLocalSubjectIdentifier) ? true : false);
String useUserstoreDomainInLocalSubjectIdentifier = request.getParameter("use_userstore_domain_in_local_subject_identifier");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInLocalSubjectIdentifier(useUserstoreDomainInLocalSubjectIdentifier != null && "on".equals(useUserstoreDomainInLocalSubjectIdentifier) ? true : false);
String useUserstoreDomainInRoles = request.getParameter("use_userstore_domain_in_roles");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInRoles(useUserstoreDomainInRoles != null && "on".equals(useUserstoreDomainInRoles) ? true : false);
boolean skipConsent = Boolean.parseBoolean(request.getParameter(IdentityConstants.SKIP_CONSENT));
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSkipConsent(skipConsent);
boolean skipLogoutConsent = Boolean.parseBoolean(request.getParameter(IdentityConstants.SKIP_LOGOUT_CONSENT));
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSkipLogoutConsent(skipLogoutConsent);
String enableAuthorization = request.getParameter("enable_authorization");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setEnableAuthorization(enableAuthorization != null && "on".equals(enableAuthorization));
String subjectClaimUri = request.getParameter("subject_claim_uri");
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSubjectClaimUri((subjectClaimUri != null && !subjectClaimUri.isEmpty()) ? subjectClaimUri : null);
// update application permissions.
PermissionsAndRoleConfig permAndRoleConfig = new PermissionsAndRoleConfig();
String[] permissions = request.getParameterValues("app_permission");
List<ApplicationPermission> appPermList = new ArrayList<ApplicationPermission>();
if (permissions != null && permissions.length > 0) {
for (String permission : permissions) {
if (permission != null && !permission.trim().isEmpty()) {
ApplicationPermission appPermission = new ApplicationPermission();
appPermission.setValue(permission);
appPermList.add(appPermission);
}
}
}
if (CollectionUtils.isNotEmpty(appPermList)) {
permAndRoleConfig.setPermissions(appPermList.toArray(new ApplicationPermission[appPermList.size()]));
}
// update role mapping.
int roleMappingCount = Integer.parseInt(request.getParameter("number_of_rolemappings"));
List<RoleMapping> roleMappingList = new ArrayList<RoleMapping>();
for (int i = 0; i < roleMappingCount; i++) {
RoleMapping mapping = new RoleMapping();
LocalRole localRole = new LocalRole();
localRole.setLocalRoleName(request.getParameter("idpRole_" + i));
mapping.setLocalRole(localRole);
mapping.setRemoteRole(request.getParameter("spRole_" + i));
if (mapping.getLocalRole() != null && mapping.getRemoteRole() != null) {
roleMappingList.add(mapping);
}
}
permAndRoleConfig.setRoleMappings(roleMappingList.toArray(new RoleMapping[roleMappingList.size()]));
serviceProvider.setPermissionAndRoleConfig(permAndRoleConfig);
if (serviceProvider.getClaimConfig() == null) {
serviceProvider.setClaimConfig(new ClaimConfig());
}
if (request.getParameter("claim_dialect") != null && "custom".equals(request.getParameter("claim_dialect"))) {
serviceProvider.getClaimConfig().setLocalClaimDialect(false);
} else {
serviceProvider.getClaimConfig().setLocalClaimDialect(true);
}
// update claim configuration.
int claimCount = Integer.parseInt(request.getParameter("number_of_claim_mappings"));
List<ClaimMapping> claimMappingList = new ArrayList<ClaimMapping>();
for (int i = 0; i < claimCount; i++) {
ClaimMapping mapping = new ClaimMapping();
Claim localClaim = new Claim();
localClaim.setClaimUri(request.getParameter("idpClaim_" + i));
Claim spClaim = new Claim();
spClaim.setClaimUri(request.getParameter("spClaim_" + i));
String requested = request.getParameter("spClaim_req_" + i);
if (requested != null && "on".equals(requested)) {
mapping.setRequested(true);
} else {
mapping.setRequested(false);
}
String mandatory = request.getParameter("spClaim_mand_" + i);
if (mandatory != null && "on".equals(mandatory)) {
mapping.setMandatory(true);
} else {
mapping.setMandatory(false);
}
mapping.setLocalClaim(localClaim);
mapping.setRemoteClaim(spClaim);
if (isLocalClaimsSelected() || mapping.getRemoteClaim().getClaimUri() == null || mapping.getRemoteClaim().getClaimUri().isEmpty()) {
mapping.getRemoteClaim().setClaimUri(mapping.getLocalClaim().getClaimUri());
}
if (mapping.getLocalClaim().getClaimUri() != null && mapping.getRemoteClaim().getClaimUri() != null) {
claimMappingList.add(mapping);
}
}
String spClaimDialectParam = request.getParameter(ApplicationMgtUIConstants.Params.SP_CLAIM_DIALECT);
String[] spClaimDialects = null;
if (StringUtils.isNotBlank(spClaimDialectParam)) {
spClaimDialects = spClaimDialectParam.split(",");
}
serviceProvider.getClaimConfig().setSpClaimDialects(spClaimDialects);
serviceProvider.getClaimConfig().setClaimMappings(claimMappingList.toArray(new ClaimMapping[claimMappingList.size()]));
serviceProvider.getClaimConfig().setRoleClaimURI(request.getParameter("roleClaim"));
String alwaysSendMappedLocalSubjectId = request.getParameter("always_send_local_subject_id");
serviceProvider.getClaimConfig().setAlwaysSendMappedLocalSubjectId(alwaysSendMappedLocalSubjectId != null && "on".equals(alwaysSendMappedLocalSubjectId) ? true : false);
}
Also used :
InboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig)
InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig)
ArrayList(java.util.ArrayList)
LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig)
InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)
OutboundProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig)
LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig)
PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.xsd.PermissionsAndRoleConfig)
RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.RequestPathAuthenticatorConfig)
ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty)
ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty)
Property(org.wso2.carbon.identity.application.common.model.xsd.Property)
ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig)
AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)
IdentityProvider(org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider)
RoleMapping(org.wso2.carbon.identity.application.common.model.xsd.RoleMapping)
ApplicationPermission(org.wso2.carbon.identity.application.common.model.xsd.ApplicationPermission)
ClaimMapping(org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)
ClaimConfig(org.wso2.carbon.identity.application.common.model.xsd.ClaimConfig)
JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig)
LocalRole(org.wso2.carbon.identity.application.common.model.xsd.LocalRole)
Claim(org.wso2.carbon.identity.application.common.model.xsd.Claim)
Example 100 with ClaimMapping
use of org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping in project carbon-identity-framework by wso2.
the class FrameworkUtils method getFederatedSubjectFromClaims.
/*
* Find the Subject identifier among federated claims
*/
public static String getFederatedSubjectFromClaims(IdentityProvider identityProvider, Map<ClaimMapping, String> claimMappings) {
String userIdClaimURI = identityProvider.getClaimConfig().getUserClaimURI();
ClaimMapping claimMapping = new ClaimMapping();
Claim claim = new Claim();
claim.setClaimUri(userIdClaimURI);
claimMapping.setRemoteClaim(claim);
claimMapping.setLocalClaim(claim);
return claimMappings.get(claimMapping);
}
Also used :
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
Claim(org.wso2.carbon.identity.application.common.model.Claim)
Aggregations
ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)108
HashMap (java.util.HashMap)60
ArrayList (java.util.ArrayList)52
ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)27
Map (java.util.Map)26
ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)24
ClaimMapping (org.wso2.carbon.identity.application.common.model.xsd.ClaimMapping)24
ClaimMapping (org.wso2.carbon.user.api.ClaimMapping)24
Claim (org.wso2.carbon.identity.application.common.model.Claim)23
Test (org.testng.annotations.Test)22
Claim (org.wso2.carbon.identity.application.common.model.xsd.Claim)21
LocalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.LocalClaim)21
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)20
IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)20
List (java.util.List)17
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17
UserStoreException (org.wso2.carbon.user.api.UserStoreException)17
Matchers.anyString (org.mockito.Matchers.anyString)16
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13
ClaimMetadataException (org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException)13
