Example 16 with RoleMapping
use of org.wso2.carbon.identity.application.common.model.xsd.RoleMapping in project identity-inbound-auth-oauth by wso2-extensions.
the class OIDCClaimUtil method getServiceProviderMappedUserRoles.
/**
* Map the local roles of a user to service provider mapped role values.
*
* @param serviceProvider
* @param locallyMappedUserRoles List of local roles
* @param claimSeparator Separator used to combine individual roles in the returned string.
* @return Service Provider mapped roles combined with claimSeparator
*/
public static String getServiceProviderMappedUserRoles(ServiceProvider serviceProvider, List<String> locallyMappedUserRoles, String claimSeparator) throws FrameworkException {
if (isNotEmpty(locallyMappedUserRoles)) {
locallyMappedUserRoles = new ArrayList<>(locallyMappedUserRoles);
// Get Local Role to Service Provider Role mappings.
RoleMapping[] localToSpRoleMapping = serviceProvider.getPermissionAndRoleConfig().getRoleMappings();
// List which will hold list of local roles that user store domain name to be removed.
List<String> listOfRolesToRemoveDomainName = new ArrayList<>();
// List which will hold list of service provider roles which are mapped to local roles internally
List<String> spMappedRoles = new ArrayList<>();
// Configuration in identity.xml which forces to return only sp mapped roles.
boolean returnOnlyMappedLocalRoles = Boolean.parseBoolean(IdentityUtil.getProperty(SEND_ONLY_SP_MAPPED_ROLES));
// Boolean value defining whether user store domain name in the role name should be removed or not.
boolean isRemoveUserDomainInRole = isRemoveUserDomainInRole(serviceProvider);
if (isNotEmpty(localToSpRoleMapping)) {
for (RoleMapping roleMapping : localToSpRoleMapping) {
// Check whether a local role is mapped to service provider role.
if (locallyMappedUserRoles.contains(getLocalRoleName(roleMapping))) {
// Remove the local roles from the list of user roles.
locallyMappedUserRoles.removeAll(Collections.singletonList(getLocalRoleName(roleMapping)));
// Add the service provider mapped role.
spMappedRoles.add(roleMapping.getRemoteRole());
}
}
if (!returnOnlyMappedLocalRoles) {
if (isRemoveUserDomainInRole) {
listOfRolesToRemoveDomainName = locallyMappedUserRoles;
} else {
spMappedRoles.addAll(locallyMappedUserRoles);
}
}
} else {
if (isRemoveUserDomainInRole) {
listOfRolesToRemoveDomainName = locallyMappedUserRoles;
} else {
spMappedRoles = locallyMappedUserRoles;
}
}
if (isRemoveUserDomainInRole) {
List<String> domainRemovedRoles = removeDomainFromNamesExcludeHybrid(listOfRolesToRemoveDomainName);
if (!domainRemovedRoles.isEmpty()) {
spMappedRoles.addAll(domainRemovedRoles);
}
}
return StringUtils.join(spMappedRoles, claimSeparator);
}
return null;
}
Also used :
ArrayList(java.util.ArrayList)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
Example 17 with RoleMapping
use of org.wso2.carbon.identity.application.common.model.xsd.RoleMapping in project product-is by wso2.
the class IdentityProviderManagementTestCase method createIdpWithRoleMappings.
private void createIdpWithRoleMappings(String idpName) {
try {
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setIdentityProviderName(idpName);
PermissionsAndRoleConfig permissionsAndRoleConfig = new PermissionsAndRoleConfig();
RoleMapping roleMapping = new RoleMapping();
LocalRole localRole = new LocalRole();
localRole.setLocalRoleName("umRole1");
localRole.setUserStoreId("primary");
roleMapping.setLocalRole(localRole);
roleMapping.setRemoteRole("role1");
permissionsAndRoleConfig.addRoleMappings(roleMapping);
identityProvider.setPermissionAndRoleConfig(permissionsAndRoleConfig);
identityProviderMgtServiceClient.addIdP(identityProvider);
} catch (Exception e) {
Assert.fail("Error while trying to create identity provider", e);
}
}
Also used :
PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.PermissionsAndRoleConfig)
IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)
LocalRole(org.wso2.carbon.identity.application.common.model.idp.xsd.LocalRole)
RoleMapping(org.wso2.carbon.identity.application.common.model.idp.xsd.RoleMapping)
Example 18 with RoleMapping
use of org.wso2.carbon.identity.application.common.model.xsd.RoleMapping in project product-is by wso2.
the class ApplicationManagementTestCase method testUpdateRoles.
@Test(alwaysRun = true, description = "Testing update Roles")
public void testUpdateRoles() {
String applicationName = "TestServiceProvider";
try {
ServiceProvider serviceProvider = applicationManagementServiceClient.getApplication(applicationName);
PermissionsAndRoleConfig permAndRoleConfig = new PermissionsAndRoleConfig();
List<RoleMapping> roleMappingList = new ArrayList<RoleMapping>();
RoleMapping mapping = new RoleMapping();
LocalRole localRole = new LocalRole();
localRole.setLocalRoleName("idpRole_1");
mapping.setLocalRole(localRole);
mapping.setRemoteRole("spRole_1");
roleMappingList.add(mapping);
permAndRoleConfig.setRoleMappings(roleMappingList.toArray(new RoleMapping[roleMappingList.size()]));
serviceProvider.setPermissionAndRoleConfig(permAndRoleConfig);
applicationManagementServiceClient.updateApplicationData(serviceProvider);
ServiceProvider updatedServiceProvider = applicationManagementServiceClient.getApplication(applicationName);
PermissionsAndRoleConfig updatedPermissionsAndRoleConfig = updatedServiceProvider.getPermissionAndRoleConfig();
Assert.assertEquals(updatedPermissionsAndRoleConfig.getRoleMappings()[0].getLocalRole().getLocalRoleName(), "idpRole_1", "Failed update local role");
Assert.assertEquals(updatedPermissionsAndRoleConfig.getRoleMappings()[0].getRemoteRole(), "spRole_1", "Failed update remote role");
} catch (Exception e) {
Assert.fail("Error while trying to update Roles", e);
}
}
Also used :
ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)
ArrayList(java.util.ArrayList)
ISIntegrationTest(org.wso2.identity.integration.common.utils.ISIntegrationTest)
Example 19 with RoleMapping
use of org.wso2.carbon.identity.application.common.model.xsd.RoleMapping in project identity-api-server by wso2.
the class ServerIdpManagementService method createRoleResponse.
private Roles createRoleResponse(IdentityProvider identityProvider) {
PermissionsAndRoleConfig permissionsAndRoleConfig = identityProvider.getPermissionAndRoleConfig();
Roles roleConfig = new Roles();
List<org.wso2.carbon.identity.api.server.idp.v1.model.RoleMapping> apiRoleMappings = new ArrayList<>();
if (permissionsAndRoleConfig != null) {
if (permissionsAndRoleConfig.getRoleMappings() != null) {
for (RoleMapping roleMapping : permissionsAndRoleConfig.getRoleMappings()) {
org.wso2.carbon.identity.api.server.idp.v1.model.RoleMapping apiRoleMapping = new org.wso2.carbon.identity.api.server.idp.v1.model.RoleMapping();
apiRoleMapping.setIdpRole(roleMapping.getRemoteRole());
apiRoleMapping.setLocalRole(IdentityUtil.addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId()));
apiRoleMappings.add(apiRoleMapping);
}
}
}
roleConfig.setMappings(apiRoleMappings);
String provRoles = identityProvider.getProvisioningRole();
if (StringUtils.isNotBlank(provRoles)) {
roleConfig.setOutboundProvisioningRoles(Arrays.asList(provRoles.split(",")));
}
return roleConfig;
}
Also used :
ArrayList(java.util.ArrayList)
Roles(org.wso2.carbon.identity.api.server.idp.v1.model.Roles)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)
Example 20 with RoleMapping
use of org.wso2.carbon.identity.application.common.model.xsd.RoleMapping in project carbon-apimgt by wso2.
the class SystemScopesApiServiceImpl method systemScopesRoleAliasesGet.
@Override
public Response systemScopesRoleAliasesGet(MessageContext messageContext) throws APIManagementException {
String tenantDomain = MultitenantUtils.getTenantDomain(RestApiCommonUtil.getLoggedInUsername());
JSONObject tenantConfig = APIUtil.getTenantConfig(tenantDomain);
JSONObject roleMapping = (JSONObject) tenantConfig.get(APIConstants.REST_API_ROLE_MAPPINGS_CONFIG);
RoleAliasListDTO roleAliasListDTO = new RoleAliasListDTO();
if (roleMapping != null) {
roleAliasListDTO = SystemScopesMappingUtil.fromRoleAliasListToRoleAliasListDTO(SystemScopesMappingUtil.createMapOfRoleMapping(roleMapping));
}
return Response.ok().entity(roleAliasListDTO).build();
}
Also used :
JSONObject(org.json.simple.JSONObject)
RoleAliasListDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.RoleAliasListDTO)
Aggregations
RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)29
ArrayList (java.util.ArrayList)15
LocalRole (org.wso2.carbon.identity.application.common.model.LocalRole)15
PermissionsAndRoleConfig (org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)14
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)12
ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)9
Claim (org.wso2.carbon.identity.application.common.model.Claim)8
ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)8
Property (org.wso2.carbon.identity.application.common.model.Property)7
HashMap (java.util.HashMap)6
FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)6
ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)6
IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)5
PreparedStatement (java.sql.PreparedStatement)4
RoleAliasListDTO (org.wso2.carbon.apimgt.rest.api.admin.v1.dto.RoleAliasListDTO)4
ResultSet (java.sql.ResultSet)3
HashSet (java.util.HashSet)3
JSONObject (org.json.simple.JSONObject)3
DataProvider (org.testng.annotations.DataProvider)3
Test (org.testng.annotations.Test)3
