Search in sources :

Example 16 with JustInTimeProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.

the class IdPManagementDAO method getIDP.

/**
 * @param dbConnection
 * @param idPName
 * @param idpId
 * @param tenantId
 * @param tenantDomain
 * @return
 * @throws IdentityProviderManagementException
 */
private IdentityProvider getIDP(Connection dbConnection, String idPName, int idpId, String resourceId, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
    PreparedStatement prepStmt = null;
    ResultSet rs = null;
    IdentityProvider federatedIdp = null;
    boolean dbConnectionInitialized = true;
    if (dbConnection == null) {
        dbConnection = IdentityDatabaseUtil.getDBConnection(false);
    } else {
        dbConnectionInitialized = false;
    }
    try {
        // SP_IDP_ID, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID,SP_IDP_CERTIFICATE,
        // SP_IDP_TOKEN_EP_ALIAS,
        // SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
        // SP_IDP_USER_CLAIM_URI,
        // SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
        String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_RESOURCE_ID_SQL;
        if (StringUtils.isBlank(resourceId)) {
            sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_NAME_SQL;
            if (StringUtils.isEmpty(idPName)) {
                sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_ID_SQL;
            }
        }
        prepStmt = dbConnection.prepareStatement(sqlStmt);
        prepStmt.setInt(1, tenantId);
        prepStmt.setInt(2, MultitenantConstants.SUPER_TENANT_ID);
        if (StringUtils.isNotEmpty(resourceId)) {
            prepStmt.setString(3, resourceId);
        } else if (StringUtils.isNotEmpty(idPName)) {
            prepStmt.setString(3, idPName);
        } else {
            prepStmt.setInt(3, idpId);
        }
        rs = prepStmt.executeQuery();
        if (rs.next()) {
            federatedIdp = new IdentityProvider();
            idpId = rs.getInt("ID");
            federatedIdp.setId(Integer.toString(idpId));
            idPName = rs.getString("NAME");
            federatedIdp.setIdentityProviderName(idPName);
            resourceId = rs.getString("UUID");
            federatedIdp.setResourceId(resourceId);
            federatedIdp.setImageUrl(rs.getString("IMAGE_URL"));
            if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_PRIMARY"))) {
                federatedIdp.setPrimary(true);
            } else {
                federatedIdp.setPrimary(false);
            }
            federatedIdp.setHomeRealmId(rs.getString("HOME_REALM_ID"));
            federatedIdp.setCertificate(getBlobValue(rs.getBinaryStream("CERTIFICATE")));
            federatedIdp.setAlias(rs.getString("ALIAS"));
            JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
            if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("INBOUND_PROV_ENABLED"))) {
                jitProConfig.setProvisioningEnabled(true);
            } else {
                jitProConfig.setProvisioningEnabled(false);
            }
            jitProConfig.setProvisioningUserStore(rs.getString("INBOUND_PROV_USER_STORE_ID"));
            federatedIdp.setJustInTimeProvisioningConfig(jitProConfig);
            String userClaimUri = rs.getString("USER_CLAIM_URI");
            String roleClaimUri = rs.getString("ROLE_CLAIM_URI");
            String defaultAuthenticatorName = rs.getString("DEFAULT_AUTHENTICATOR_NAME");
            String defaultProvisioningConnectorConfigName = rs.getString("DEFAULT_PRO_CONNECTOR_NAME");
            federatedIdp.setIdentityProviderDescription(rs.getString("DESCRIPTION"));
            // IS_FEDERATION_HUB_IDP
            if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_FEDERATION_HUB"))) {
                federatedIdp.setFederationHub(true);
            } else {
                federatedIdp.setFederationHub(false);
            }
            if (federatedIdp.getClaimConfig() == null) {
                federatedIdp.setClaimConfig(new ClaimConfig());
            }
            // IS_LOCAL_CLAIM_DIALECT
            if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_LOCAL_CLAIM_DIALECT"))) {
                federatedIdp.getClaimConfig().setLocalClaimDialect(true);
            } else {
                federatedIdp.getClaimConfig().setLocalClaimDialect(false);
            }
            federatedIdp.setProvisioningRole(rs.getString("PROVISIONING_ROLE"));
            if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_ENABLED"))) {
                federatedIdp.setEnable(true);
            } else {
                federatedIdp.setEnable(false);
            }
            federatedIdp.setDisplayName(rs.getString("DISPLAY_NAME"));
            if (defaultProvisioningConnectorConfigName != null) {
                ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
                defaultProConnector.setName(defaultProvisioningConnectorConfigName);
                federatedIdp.setDefaultProvisioningConnectorConfig(defaultProConnector);
            }
            // get federated authenticators.
            federatedIdp.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, federatedIdp, tenantId));
            if (defaultAuthenticatorName != null && federatedIdp.getFederatedAuthenticatorConfigs() != null) {
                federatedIdp.setDefaultAuthenticatorConfig(IdentityApplicationManagementUtil.getFederatedAuthenticator(federatedIdp.getFederatedAuthenticatorConfigs(), defaultAuthenticatorName));
            }
            if (federatedIdp.getClaimConfig().isLocalClaimDialect()) {
                federatedIdp.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
            } else {
                // get claim configuration.
                federatedIdp.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
            }
            // get provisioning connectors.
            federatedIdp.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
            // get permission and role configuration.
            federatedIdp.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
            List<IdentityProviderProperty> propertyList = filterIdenityProperties(federatedIdp, getIdentityPropertiesByIdpId(dbConnection, idpId));
            if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
                propertyList = resolveConnectorProperties(propertyList, tenantDomain);
            }
            federatedIdp.setIdpProperties(propertyList.toArray(new IdentityProviderProperty[0]));
        }
        return federatedIdp;
    } catch (SQLException e) {
        throw new IdentityProviderManagementException("Error occurred while retrieving Identity Provider " + "information for tenant : " + tenantDomain + " and Identity Provider name : " + idPName, e);
    } catch (ConnectorException e) {
        throw new IdentityProviderManagementException("Error occurred while retrieving the identity connector " + "configurations.", e);
    } finally {
        if (dbConnectionInitialized) {
            IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
        } else {
            IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
        }
    }
}
Also used : SQLException(java.sql.SQLException) PreparedStatement(java.sql.PreparedStatement) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig) ConnectorException(org.wso2.carbon.identity.core.ConnectorException) ResultSet(java.sql.ResultSet) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)

Example 17 with JustInTimeProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project carbon-identity-framework by wso2.

the class IdPManagementDAO method filterIdenityProperties.

/**
 * To filter out the properties related with just in time provisioning and to send back only the remaning IDP
 * properties.
 *
 * @param federatedIdp               Relevant IDP.
 * @param identityProviderProperties Identity Provider Properties.
 * @return identity provider properties after removing the relevant JIT specific properties.
 */
private List<IdentityProviderProperty> filterIdenityProperties(IdentityProvider federatedIdp, List<IdentityProviderProperty> identityProviderProperties) {
    JustInTimeProvisioningConfig justInTimeProvisioningConfig = federatedIdp.getJustInTimeProvisioningConfig();
    if (justInTimeProvisioningConfig != null) {
        identityProviderProperties.forEach(identityProviderProperty -> {
            if (identityProviderProperty.getName().equals(IdPManagementConstants.PASSWORD_PROVISIONING_ENABLED)) {
                justInTimeProvisioningConfig.setPasswordProvisioningEnabled(Boolean.parseBoolean(identityProviderProperty.getValue()));
            } else if (identityProviderProperty.getName().equals(IdPManagementConstants.MODIFY_USERNAME_ENABLED)) {
                justInTimeProvisioningConfig.setModifyUserNameAllowed(Boolean.parseBoolean(identityProviderProperty.getValue()));
            } else if (identityProviderProperty.getName().equals(IdPManagementConstants.PROMPT_CONSENT_ENABLED)) {
                justInTimeProvisioningConfig.setPromptConsent(Boolean.parseBoolean(identityProviderProperty.getValue()));
            }
        });
    }
    String templateId = getTemplateId(identityProviderProperties);
    if (StringUtils.isNotEmpty(templateId)) {
        federatedIdp.setTemplateId(templateId);
    }
    identityProviderProperties.removeIf(identityProviderProperty -> (identityProviderProperty.getName().equals(IdPManagementConstants.MODIFY_USERNAME_ENABLED) || identityProviderProperty.getName().equals(IdPManagementConstants.PASSWORD_PROVISIONING_ENABLED) || identityProviderProperty.getName().equals(IdPManagementConstants.PROMPT_CONSENT_ENABLED)));
    return identityProviderProperties;
}
Also used : JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig)

Example 18 with JustInTimeProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project product-is by wso2.

the class SAMLIdentityFederationTestCase method testCreateIdentityProviderInPrimaryIS.

@Test(priority = 1, groups = "wso2.is", description = "Check create identity provider in primary IS")
public void testCreateIdentityProviderInPrimaryIS() throws Exception {
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(IDENTITY_PROVIDER_NAME);
    FederatedAuthenticatorConfig saml2SSOAuthnConfig = new FederatedAuthenticatorConfig();
    saml2SSOAuthnConfig.setName(SAMLSSOAUTHENTICATOR);
    saml2SSOAuthnConfig.setDisplayName("samlsso");
    saml2SSOAuthnConfig.setEnabled(true);
    saml2SSOAuthnConfig.setProperties(getSAML2SSOAuthnConfigProperties());
    identityProvider.setDefaultAuthenticatorConfig(saml2SSOAuthnConfig);
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { saml2SSOAuthnConfig });
    JustInTimeProvisioningConfig jitConfig = new JustInTimeProvisioningConfig();
    jitConfig.setProvisioningEnabled(true);
    jitConfig.setProvisioningUserStore("PRIMARY");
    identityProvider.setJustInTimeProvisioningConfig(jitConfig);
    super.addIdentityProvider(PORT_OFFSET_0, identityProvider);
    Assert.assertNotNull(getIdentityProvider(PORT_OFFSET_0, IDENTITY_PROVIDER_NAME), "Failed to create Identity Provider 'trustedIdP' in primary IS");
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.JustInTimeProvisioningConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) Test(org.testng.annotations.Test)

Example 19 with JustInTimeProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project product-is by wso2.

the class ApplicationManagementTestCase method testUpdateOutboundProvisioningData.

@Test(alwaysRun = true, description = "Testing update Outbound Provisioning Data")
public void testUpdateOutboundProvisioningData() {
    String applicationName = "TestServiceProvider";
    try {
        ServiceProvider serviceProvider = applicationManagementServiceClient.getApplication(applicationName);
        List<IdentityProvider> provisioningIdps = new ArrayList<IdentityProvider>();
        String connector = "provisioning_con_idp_test";
        IdentityProvider proIdp = new IdentityProvider();
        proIdp.setIdentityProviderName("idp_test");
        JustInTimeProvisioningConfig jitpro = new JustInTimeProvisioningConfig();
        jitpro.setProvisioningEnabled(true);
        proIdp.setJustInTimeProvisioningConfig(jitpro);
        ProvisioningConnectorConfig proCon = new ProvisioningConnectorConfig();
        proCon.setBlocking(true);
        proCon.setName(connector);
        proIdp.setDefaultProvisioningConnectorConfig(proCon);
        provisioningIdps.add(proIdp);
        OutboundProvisioningConfig outboundProConfig = new OutboundProvisioningConfig();
        outboundProConfig.setProvisioningIdentityProviders(provisioningIdps.toArray(new IdentityProvider[provisioningIdps.size()]));
        serviceProvider.setOutboundProvisioningConfig(outboundProConfig);
        applicationManagementServiceClient.updateApplicationData(serviceProvider);
        ServiceProvider updatedServiceProvider = applicationManagementServiceClient.getApplication(applicationName);
        IdentityProvider identityProvider = updatedServiceProvider.getOutboundProvisioningConfig().getProvisioningIdentityProviders()[0];
        Assert.assertEquals(identityProvider.getIdentityProviderName(), "idp_test", "Update IDP failed");
        Assert.assertEquals(identityProvider.getJustInTimeProvisioningConfig().getProvisioningEnabled(), true, "Update JIT provisioning config failed");
        Assert.assertEquals(identityProvider.getDefaultProvisioningConnectorConfig().getBlocking(), true, "Set provisioning connector blocking failed");
        Assert.assertEquals(identityProvider.getDefaultProvisioningConnectorConfig().getName(), connector, "Set default provisioning connector failed");
    } catch (Exception e) {
        Assert.fail("Error while trying to update outbound provisioning data", e);
    }
}
Also used : ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) ArrayList(java.util.ArrayList) ISIntegrationTest(org.wso2.identity.integration.common.utils.ISIntegrationTest)

Example 20 with JustInTimeProvisioningConfig

use of org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig in project product-is by wso2.

the class OIDCIdentityFederationTestCase method createIdentityProviderInPrimaryIS.

private void createIdentityProviderInPrimaryIS() throws Exception {
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(PRIMARY_IS_IDP_NAME);
    FederatedAuthenticatorConfig oidcAuthnConfig = new FederatedAuthenticatorConfig();
    oidcAuthnConfig.setName(PRIMARY_IS_IDP_AUTHENTICATOR_NAME_OIDC);
    oidcAuthnConfig.setDisplayName("openidconnect");
    oidcAuthnConfig.setEnabled(true);
    oidcAuthnConfig.setProperties(getOIDCAuthnConfigProperties());
    identityProvider.setDefaultAuthenticatorConfig(oidcAuthnConfig);
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { oidcAuthnConfig });
    JustInTimeProvisioningConfig jitConfig = new JustInTimeProvisioningConfig();
    jitConfig.setProvisioningEnabled(true);
    jitConfig.setProvisioningUserStore("PRIMARY");
    identityProvider.setJustInTimeProvisioningConfig(jitConfig);
    super.addIdentityProvider(PORT_OFFSET_0, identityProvider);
    Assert.assertNotNull(getIdentityProvider(PORT_OFFSET_0, PRIMARY_IS_IDP_NAME), "Failed to create " + "Identity Provider 'trustedIdP' in primary IS");
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.JustInTimeProvisioningConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)

Aggregations

JustInTimeProvisioningConfig (org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig)8 ArrayList (java.util.ArrayList)7 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)6 JustInTimeProvisioningConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.JustInTimeProvisioningConfig)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)5 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig)4 JustInTimeProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.JustInTimeProvisioningConfig)4 OutboundProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.OutboundProvisioningConfig)4 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)4 PreparedStatement (java.sql.PreparedStatement)3 ResultSet (java.sql.ResultSet)3 Test (org.testng.annotations.Test)3 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)3 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)3 IdentityProvider (org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider)3 InboundProvisioningConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundProvisioningConfig)3 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.xsd.ProvisioningConnectorConfig)3 ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)3 SQLException (java.sql.SQLException)2