use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method populateRequiredAttributesForIdentityProviderList.
/**
* @param resultSet ResultSet.
* @param dbConnection Database Connection.
* @param requiredAttributes Required attributes which needs to be return.
* @param tenantId Tenant Id of the identity provider.
* @param identityProvider Identity Provider Object.
* @throws SQLException
* @throws IdentityProviderManagementServerException
*/
private void populateRequiredAttributesForIdentityProviderList(ResultSet resultSet, Connection dbConnection, List<String> requiredAttributes, int tenantId, IdentityProvider identityProvider) throws SQLException, IdentityProviderManagementServerException {
int idpId = Integer.parseInt(identityProvider.getId());
String idPName = identityProvider.getIdentityProviderName();
try {
if (CollectionUtils.isNotEmpty(requiredAttributes)) {
for (String attribute : requiredAttributes) {
switch(attribute) {
case IdPManagementConstants.IDP_IS_PRIMARY:
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("IS_PRIMARY"))) {
identityProvider.setPrimary(true);
} else {
identityProvider.setPrimary(false);
}
break;
case IdPManagementConstants.IDP_HOME_REALM_ID:
identityProvider.setHomeRealmId(resultSet.getString("HOME_REALM_ID"));
break;
case IdPManagementConstants.IDP_IS_FEDERATION_HUB:
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("IS_FEDERATION_HUB"))) {
identityProvider.setFederationHub(false);
}
break;
case IdPManagementConstants.IDP_CERTIFICATE:
identityProvider.setCertificate(getBlobValue(resultSet.getBinaryStream("CERTIFICATE")));
break;
case IdPManagementConstants.IDP_ALIAS:
identityProvider.setAlias(resultSet.getString("ALIAS"));
break;
case IdPManagementConstants.IDP_CLAIMS:
if (identityProvider.getClaimConfig() == null) {
identityProvider.setClaimConfig(new ClaimConfig());
}
if (IdPManagementConstants.IS_TRUE_VALUE.equals(resultSet.getString("IS_LOCAL_CLAIM_DIALECT"))) {
identityProvider.getClaimConfig().setLocalClaimDialect(true);
} else {
identityProvider.getClaimConfig().setLocalClaimDialect(false);
}
String userClaimUri = resultSet.getString("USER_CLAIM_URI");
String roleClaimUri = resultSet.getString("ROLE_CLAIM_URI");
if (identityProvider.getClaimConfig().isLocalClaimDialect()) {
identityProvider.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
} else {
// Get claim configuration.
identityProvider.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
}
break;
case IdPManagementConstants.IDP_ROLES:
identityProvider.setProvisioningRole(resultSet.getString("PROVISIONING_ROLE"));
// Get permission and role configuration.
identityProvider.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
break;
case IdPManagementConstants.IDP_FEDERATED_AUTHENTICATORS:
String defaultAuthenticatorName = resultSet.getString("DEFAULT_AUTHENTICATOR_NAME");
// Get federated authenticators.
identityProvider.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, identityProvider, tenantId));
if (defaultAuthenticatorName != null && identityProvider.getFederatedAuthenticatorConfigs() != null) {
identityProvider.setDefaultAuthenticatorConfig(IdentityApplicationManagementUtil.getFederatedAuthenticator(identityProvider.getFederatedAuthenticatorConfigs(), defaultAuthenticatorName));
}
break;
case IdPManagementConstants.IDP_PROVISIONING:
JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("INBOUND_PROV_ENABLED"))) {
jitProConfig.setProvisioningEnabled(true);
} else {
jitProConfig.setProvisioningEnabled(false);
}
jitProConfig.setProvisioningUserStore(resultSet.getString("INBOUND_PROV_USER_STORE_ID"));
identityProvider.setJustInTimeProvisioningConfig(jitProConfig);
String defaultProvisioningConnectorConfigName = resultSet.getString("DEFAULT_PRO_CONNECTOR_NAME");
if (defaultProvisioningConnectorConfigName != null) {
ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
defaultProConnector.setName(defaultProvisioningConnectorConfigName);
identityProvider.setDefaultProvisioningConnectorConfig(defaultProConnector);
}
// Get provisioning connectors.
identityProvider.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
break;
}
}
}
} catch (IdentityProviderManagementException e) {
throw new IdentityProviderManagementServerException("Error occurred while performing required " + "attribute filter", e);
}
}
use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getCombinedProperties.
/**
* To get the combined list of identity properties with IDP meta data properties as well as Just in time configs.
*
* @param justInTimeProvisioningConfig JustInTimeProvisioningConfig.
* @param idpProperties IDP Properties.
* @return combined list of identity properties.
*/
private List<IdentityProviderProperty> getCombinedProperties(JustInTimeProvisioningConfig justInTimeProvisioningConfig, IdentityProviderProperty[] idpProperties) {
List<IdentityProviderProperty> identityProviderProperties = new ArrayList<>();
if (ArrayUtils.isNotEmpty(idpProperties)) {
identityProviderProperties = new ArrayList<>(Arrays.asList(idpProperties));
}
IdentityProviderProperty passwordProvisioningProperty = new IdentityProviderProperty();
passwordProvisioningProperty.setName(IdPManagementConstants.PASSWORD_PROVISIONING_ENABLED);
passwordProvisioningProperty.setValue("false");
IdentityProviderProperty modifyUserNameProperty = new IdentityProviderProperty();
modifyUserNameProperty.setName(IdPManagementConstants.MODIFY_USERNAME_ENABLED);
modifyUserNameProperty.setValue("false");
IdentityProviderProperty promptConsentProperty = new IdentityProviderProperty();
promptConsentProperty.setName(IdPManagementConstants.PROMPT_CONSENT_ENABLED);
promptConsentProperty.setValue("false");
if (justInTimeProvisioningConfig != null && justInTimeProvisioningConfig.isProvisioningEnabled()) {
passwordProvisioningProperty.setValue(String.valueOf(justInTimeProvisioningConfig.isPasswordProvisioningEnabled()));
modifyUserNameProperty.setValue(String.valueOf(justInTimeProvisioningConfig.isModifyUserNameAllowed()));
promptConsentProperty.setValue(String.valueOf(justInTimeProvisioningConfig.isPromptConsent()));
}
identityProviderProperties.add(passwordProvisioningProperty);
identityProviderProperties.add(modifyUserNameProperty);
identityProviderProperties.add(promptConsentProperty);
return identityProviderProperties;
}
use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildInboundProvisioningConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildInboundProvisioningConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
String modifyUserNamePassword = "prompt_username_password_consent";
String modifyPassword = "prompt_password_consent";
String doNotPrompt = "do_not_prompt";
String jitTypeGroup = "choose_jit_type_group";
String provisioning = paramMap.get("provisioning");
JustInTimeProvisioningConfig jitProvisioningConfiguration = new JustInTimeProvisioningConfig();
if ("provision_disabled".equals(provisioning)) {
jitProvisioningConfiguration.setProvisioningEnabled(false);
jitProvisioningConfiguration.setPasswordProvisioningEnabled(false);
jitProvisioningConfiguration.setModifyUserNameAllowed(false);
jitProvisioningConfiguration.setPromptConsent(false);
} else if ("provision_static".equals(provisioning) || "provision_dynamic".equals(provisioning)) {
jitProvisioningConfiguration.setProvisioningEnabled(true);
if (modifyUserNamePassword.equals(paramMap.get(jitTypeGroup))) {
jitProvisioningConfiguration.setPasswordProvisioningEnabled(true);
jitProvisioningConfiguration.setModifyUserNameAllowed(true);
jitProvisioningConfiguration.setPromptConsent(true);
} else if (modifyPassword.equals(paramMap.get(jitTypeGroup))) {
jitProvisioningConfiguration.setPasswordProvisioningEnabled(true);
jitProvisioningConfiguration.setModifyUserNameAllowed(false);
jitProvisioningConfiguration.setPromptConsent(true);
} else {
jitProvisioningConfiguration.setPasswordProvisioningEnabled(false);
jitProvisioningConfiguration.setModifyUserNameAllowed(false);
if (doNotPrompt.equals(paramMap.get(jitTypeGroup))) {
jitProvisioningConfiguration.setPromptConsent(false);
} else {
jitProvisioningConfiguration.setPromptConsent(true);
}
}
}
jitProvisioningConfiguration.setProvisioningUserStore(paramMap.get("provision_static_dropdown"));
if (paramMap.get("provision_dynamic_dropdown") != null) {
if (!"--- Select Claim URI ---".equals(paramMap.get("provision_dynamic_dropdown"))) {
jitProvisioningConfiguration.setProvisioningUserStore(paramMap.get("provision_dynamic_dropdown"));
}
}
fedIdp.setJustInTimeProvisioningConfig(jitProvisioningConfiguration);
}
use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.
the class ApplicationBean method updateLocalSp.
/**
* @param request
*/
public void updateLocalSp(HttpServletRequest request) {
// update basic info.
serviceProvider.setApplicationName(request.getParameter("spName"));
serviceProvider.setDescription(request.getParameter("sp-description"));
String provisioningUserStore = request.getParameter("scim-inbound-userstore");
InboundProvisioningConfig inBoundProConfig = new InboundProvisioningConfig();
inBoundProConfig.setProvisioningUserStore(provisioningUserStore);
inBoundProConfig.setDumbMode(Boolean.parseBoolean(request.getParameter(DUMB)));
serviceProvider.setInboundProvisioningConfig(inBoundProConfig);
String[] provisioningProviders = request.getParameterValues("provisioning_idp");
List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
if (serviceProvider.getOutboundProvisioningConfig() == null || provisioningProviders == null || provisioningProviders.length == 0) {
serviceProvider.setOutboundProvisioningConfig(new OutboundProvisioningConfig());
}
if (provisioningProviders != null && provisioningProviders.length > 0) {
for (String proProvider : provisioningProviders) {
String connector = request.getParameter("provisioning_con_idp_" + proProvider);
String jitEnabled = request.getParameter("provisioning_jit_" + proProvider);
String blocking = request.getParameter("blocking_prov_" + proProvider);
String rulesEnabled = request.getParameter("rules_enabled_" + proProvider);
JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
if ("on".equals(jitEnabled)) {
jitpro.setProvisioningEnabled(true);
}
if (connector != null) {
IdentityProvider proIdp = new IdentityProvider();
proIdp.setIdentityProviderName(proProvider);
ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
if ("on".equals(blocking)) {
proCon.setBlocking(true);
}
if ("on".equals(rulesEnabled)) {
proCon.setRulesEnabled(true);
}
proCon.setName(connector);
proIdp.setJustInTimeProvisioningConfig(jitpro);
proIdp.setDefaultProvisioningConnectorConfig(proCon);
provisioningIdps.add(proIdp);
}
}
if (CollectionUtils.isNotEmpty(provisioningIdps)) {
OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
}
}
}
use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project product-is by wso2.
the class IdentityProviderMgtServiceTestCase method testAddIdp.
@Test(priority = 2, groups = "wso2.is", description = "Test addIdp operation")
public void testAddIdp() throws Exception {
String testIdpDescription = "This is test identity provider";
String testIdpRealmId = "localhost";
String testFedAuthDispName = "openid";
String testFedAuthPropName = "OpenIdUrl";
String testFedAuthPropValue = "https://testDomain:9853/openid";
String testFedAuthPropName2 = "IsUserIdInClaims";
String testFedAuthPropValue2 = "false";
String testFedAuthPropName3 = "RealmId";
String testFedAuthPropValue3 = "localhost";
String testProvisionConfName = "scim";
String testProvisionPropName = "scim-user-ep";
String testProvisionPropDisplayName = "userEndPoint";
String testProvisionPropValue = "https://localhost:9853/testProvisionLink";
String testProvisionPropName2 = "scim-username";
String testProvisionPropDisplayName2 = "userName";
String testProvisionPropValue2 = "admin";
String testProvisionPropName3 = "scim-password";
String testProvisionPropDisplayName3 = "userPassword";
String testProvisionPropValue3 = "admin";
IdentityProvider idProvider = new IdentityProvider();
FederatedAuthenticatorConfig[] fedAuthConfigs = new FederatedAuthenticatorConfig[1];
// set idp information
idProvider.setHomeRealmId(testIdpRealmId);
idProvider.setEnable(true);
idProvider.setIdentityProviderDescription(testIdpDescription);
idProvider.setIdentityProviderName(testIdpName);
idProvider.setCertificate(sampleCertificate);
idProvider.setFederationHub(false);
idProvider.setPrimary(false);
// Add federated authentication configuration
FederatedAuthenticatorConfig authConfig = new FederatedAuthenticatorConfig();
authConfig.setDisplayName(testFedAuthDispName);
authConfig.setEnabled(true);
authConfig.setName(testFedAuthName);
// set properties
// property 1
Property fedProp = new Property();
fedProp.setName(testFedAuthPropName);
fedProp.setValue(testFedAuthPropValue);
// property 2
Property fedProp2 = new Property();
fedProp2.setName(testFedAuthPropName2);
fedProp2.setValue(testFedAuthPropValue2);
// property 3
Property fedProp3 = new Property();
fedProp3.setName(testFedAuthPropName3);
fedProp3.setValue(testFedAuthPropValue3);
Property[] props = new Property[3];
props[0] = fedProp;
props[1] = fedProp2;
props[2] = fedProp3;
authConfig.setProperties(props);
fedAuthConfigs[0] = authConfig;
idProvider.setFederatedAuthenticatorConfigs(fedAuthConfigs);
// Set JIT config
JustInTimeProvisioningConfig jitConfig = new JustInTimeProvisioningConfig();
jitConfig.setProvisioningEnabled(true);
idProvider.setJustInTimeProvisioningConfig(jitConfig);
ProvisioningConnectorConfig provisioningConfig = new ProvisioningConnectorConfig();
provisioningConfig.setName(testProvisionConfName);
provisioningConfig.setValid(false);
provisioningConfig.setBlocking(false);
provisioningConfig.setEnabled(true);
// set provisioning properties
Property provisionProp = new Property();
provisionProp.setName(testProvisionPropName);
provisionProp.setDisplayName(testProvisionPropDisplayName);
provisionProp.setValue(testProvisionPropValue);
Property provisionProp2 = new Property();
provisionProp2.setName(testProvisionPropName2);
provisionProp2.setDisplayName(testProvisionPropDisplayName2);
provisionProp2.setValue(testProvisionPropValue2);
Property provisionProp3 = new Property();
provisionProp3.setName(testProvisionPropName3);
provisionProp3.setDisplayName(testProvisionPropDisplayName3);
provisionProp3.setValue(testProvisionPropValue3);
Property[] provisionProps = new Property[3];
provisionProps[0] = provisionProp;
provisionProps[1] = provisionProp2;
provisionProps[2] = provisionProp3;
provisioningConfig.setProvisioningProperties(provisionProps);
ProvisioningConnectorConfig[] provisionConfigs = new ProvisioningConnectorConfig[1];
provisionConfigs[0] = provisioningConfig;
idProvider.setProvisioningConnectorConfigs(provisionConfigs);
// add new identity provider
idpMgtServiceClient.addIdP(idProvider);
// check adding idp success
IdentityProvider addedIdp = idpMgtServiceClient.getIdPByName(testIdpName);
Assert.assertNotNull(addedIdp, "addIdP or getIdPByName failed");
Assert.assertEquals(addedIdp.getHomeRealmId(), testIdpRealmId, "addIdP : setting home realm failed");
Assert.assertEquals(addedIdp.getCertificate(), sampleCertificate, "addIdP : setting certificate failed");
// idp auto enabled
Assert.assertEquals(addedIdp.getEnable(), true, "addIdP : idp enable failed");
Assert.assertEquals(addedIdp.getIdentityProviderDescription(), testIdpDescription, "addIdP : setting description failed");
Assert.assertEquals(addedIdp.getFederationHub(), false, "addIdP : setting federation hub status failed");
Assert.assertEquals(addedIdp.getPrimary(), false, "addIdP : setting primary status failed");
// Check added federated authenticator configs
FederatedAuthenticatorConfig[] addedFedAuth = addedIdp.getFederatedAuthenticatorConfigs();
Assert.assertNotNull(addedFedAuth, "federated authenticator not found");
Assert.assertEquals(addedFedAuth.length, 1, "addIdP : deviation from expected number of federated authenticators");
Assert.assertEquals(addedFedAuth[0].getName(), testFedAuthName, "addIdP : federated authenticator name setting failed");
Property[] fedAuthProps = addedFedAuth[0].getProperties();
Assert.assertNotNull(fedAuthProps, "addIdP : federated authenticator properties not found");
Assert.assertEquals(fedAuthProps.length, 3, "addIdP : Deviation of expected number of authenticator properties");
Map<String, Property> propertyMap = new HashMap<String, Property>();
for (Property fedAuthProp : fedAuthProps) {
propertyMap.put(fedAuthProp.getName(), fedAuthProp);
}
Assert.assertEquals(propertyMap.containsKey(testFedAuthPropName), true, "addIdP : federated authenticator property not found");
Assert.assertEquals(propertyMap.get(testFedAuthPropName).getValue(), testFedAuthPropValue, "Deviation of federated authenticator property value");
Assert.assertEquals(propertyMap.containsKey(testFedAuthPropName2), true, "addIdP : federated authenticator property not found");
Assert.assertEquals(propertyMap.get(testFedAuthPropName2).getValue(), testFedAuthPropValue2, "Deviation of federated authenticator property value");
Assert.assertEquals(propertyMap.containsKey(testFedAuthPropName3), true, "addIdP : federated authenticator property not found");
Assert.assertEquals(propertyMap.get(testFedAuthPropName3).getValue(), testFedAuthPropValue3, "Deviation of federated authenticator property value");
propertyMap.clear();
// check provisioning connector configs
ProvisioningConnectorConfig[] provisioningConfigs = addedIdp.getProvisioningConnectorConfigs();
Assert.assertNotNull(provisioningConfigs, "addIdP : provisioning connector not found");
Assert.assertEquals(provisioningConfigs.length, 1, "addIdP : Provisioning configuration property adding failed");
Assert.assertEquals(provisioningConfigs[0].getName(), testProvisionConfName, "addIdP : Provisioning configuration name setting failed");
Property[] provisioningProps = provisioningConfigs[0].getProvisioningProperties();
Assert.assertNotNull(provisioningProps, "addIdP : provisioning property not found");
Assert.assertEquals(provisioningProps.length, 4, "addIdP :Provisioning configuration property setting failed");
for (Property provisioningProp : provisioningProps) {
propertyMap.put(provisioningProp.getName(), provisioningProp);
}
Assert.assertEquals(propertyMap.containsKey(testProvisionPropName), true, "addIdP : Provisioning configuration property not found : " + testProvisionPropName);
Assert.assertEquals(propertyMap.get(testProvisionPropName).getValue(), testProvisionPropValue, "addIdP : Provisioning configuration property value failed : " + testProvisionPropName);
Assert.assertEquals(propertyMap.containsKey(testProvisionPropName2), true, "addIdP : Provisioning configuration property not found : " + testProvisionPropName2);
Assert.assertEquals(propertyMap.get(testProvisionPropName2).getValue(), testProvisionPropValue2, "addIdP : Provisioning configuration property value failed : " + testProvisionPropName2);
Assert.assertEquals(propertyMap.containsKey(testProvisionPropName3), true, "addIdP : Provisioning configuration property not found : " + testProvisionPropName3);
Assert.assertTrue(propertyMap.get(testProvisionPropName3).getValue().contains(RANDOM_PASSWORD_GENERATED), "addIdP : Provisioning configuration property value failed : " + testProvisionPropName3);
// check jit
Assert.assertEquals(addedIdp.getJustInTimeProvisioningConfig().getProvisioningEnabled(), true, "addIdP : JIT enabling failed");
}
Aggregations