use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class AbstractRequestCoordinator method getServiceProvider.
/**
* Returns the service provider form persistence layer.
*/
protected ServiceProvider getServiceProvider(String reqType, String clientId, String tenantDomain) throws FrameworkException {
ApplicationManagementService appInfo = ApplicationManagementService.getInstance();
// special case for OpenID Connect, these clients are stored as OAuth2 clients
if ("oidc".equals(reqType)) {
reqType = "oauth2";
}
ServiceProvider serviceProvider;
try {
serviceProvider = appInfo.getServiceProviderByClientId(clientId, reqType, tenantDomain);
} catch (IdentityApplicationManagementException e) {
throw new FrameworkException("Error occurred while retrieving service provider for client ID: " + clientId + " and tenant: " + tenantDomain, e);
}
return serviceProvider;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class DefaultLogoutRequestHandler method getRegisteredLogoutReturnUrl.
private String getRegisteredLogoutReturnUrl(String relyingParty, String requestType, String tenantDomain) throws IdentityApplicationManagementException {
if (FrameworkConstants.OIDC.equals(requestType)) {
requestType = FrameworkConstants.OAUTH2;
}
String configuredReturnUrl = ".*";
ApplicationManagementService appMgtService = ApplicationManagementService.getInstance();
ServiceProvider serviceProvider = appMgtService.getServiceProviderByClientId(relyingParty, requestType, tenantDomain);
if (serviceProvider != null && serviceProvider.getSpProperties() != null) {
for (ServiceProviderProperty spProperty : serviceProvider.getSpProperties()) {
if (LOGOUT_RETURN_URL_SP_PROPERTY.equals(spProperty.getName())) {
configuredReturnUrl = spProperty.getValue();
if (log.isDebugEnabled()) {
log.debug("Logout caller path validation is configured for service provider of " + relyingParty);
}
break;
}
}
}
return configuredReturnUrl;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class ConsentMgtPostAuthnHandler method handlePreConsent.
protected PostAuthnHandlerFlowStatus handlePreConsent(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws PostAuthenticationFailedException {
String spName = context.getSequenceConfig().getApplicationConfig().getApplicationName();
Map<String, String> claimMappings = context.getSequenceConfig().getApplicationConfig().getClaimMappings();
// Should be removed once the issue is fixed
if (SP_NAME_DEFAULT.equalsIgnoreCase(spName)) {
return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
}
AuthenticatedUser authenticatedUser = getAuthenticatedUser(context);
ServiceProvider serviceProvider = getServiceProvider(context);
try {
ConsentClaimsData consentClaimsData = getSSOConsentService().getConsentRequiredClaimsWithExistingConsents(serviceProvider, authenticatedUser);
if (isDebugEnabled()) {
String message = String.format("Retrieving required consent data of user: %s for service " + "provider: %s in tenant domain: %s.", authenticatedUser.getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
logDebug(message);
}
removeClaimsWithoutConsent(context, consentClaimsData);
// Remove the claims which dont have values given by the user.
consentClaimsData.setRequestedClaims(removeConsentRequestedNullUserAttributes(consentClaimsData.getRequestedClaims(), authenticatedUser.getUserAttributes(), claimMappings));
if (hasConsentForRequiredClaims(consentClaimsData)) {
if (isDebugEnabled()) {
String message = String.format("Required consent data is empty for user: %s for service " + "provider: %s in tenant domain: %s. Post authentication completed.", authenticatedUser.getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
logDebug(message);
}
return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
} else {
String mandatoryLocalClaims = buildConsentClaimString(consentClaimsData.getMandatoryClaims());
String requestedLocalClaims = buildConsentClaimString(consentClaimsData.getRequestedClaims());
if (isDebugEnabled()) {
String message = "Require consent for mandatory claims: %s, requested claims: %s, from user: %s " + "for service provider: %s in tenant domain: %s.";
message = String.format(message, consentClaimsData.getMandatoryClaims(), consentClaimsData.getRequestedClaims(), authenticatedUser.getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
logDebug(message);
}
redirectToConsentPage(response, context, requestedLocalClaims, mandatoryLocalClaims);
setConsentPoppedUpState(context);
context.addParameter(CONSENT_CLAIM_META_DATA, consentClaimsData);
return PostAuthnHandlerFlowStatus.INCOMPLETE;
}
} catch (SSOConsentDisabledException e) {
return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
} catch (SSOConsentServiceException e) {
String error = String.format("Error occurred while retrieving consent data of user: %s for service " + "provider: %s in tenant domain: %s.", authenticatedUser.getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
throw new PostAuthenticationFailedException("Authentication failed. Error occurred while processing user " + "consent.", error, e);
}
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class ConsentMgtPostAuthnHandler method getSPRequestedLocalClaims.
private List<String> getSPRequestedLocalClaims(AuthenticationContext context) throws PostAuthenticationFailedException {
List<String> spRequestedLocalClaims = new ArrayList<>();
ApplicationConfig applicationConfig = context.getSequenceConfig().getApplicationConfig();
if (applicationConfig == null) {
ServiceProvider serviceProvider = getServiceProvider(context);
String error = "Application configs are null in AuthenticationContext for SP: " + serviceProvider.getApplicationName() + " in tenant domain: " + getSPTenantDomain(serviceProvider);
throw new PostAuthenticationFailedException("Authentication failed. Error while processing application " + "claim configurations.", error);
}
Map<String, String> claimMappings = applicationConfig.getRequestedClaimMappings();
if (isNotEmpty(claimMappings) && isNotEmpty(claimMappings.values())) {
spRequestedLocalClaims = new ArrayList<>(claimMappings.values());
}
String subjectClaimUri = getSubjectClaimUri(applicationConfig);
spRequestedLocalClaims.remove(subjectClaimUri);
if (isDebugEnabled()) {
String message = String.format("Requested claims for SP: %s - " + spRequestedLocalClaims, applicationConfig.getApplicationName());
logDebug(message);
}
return spRequestedLocalClaims;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class ConsentMgtPostAuthnHandler method removeDisapprovedClaims.
private void removeDisapprovedClaims(AuthenticationContext context, AuthenticatedUser authenticatedUser) throws SSOConsentServiceException, PostAuthenticationFailedException {
String spStandardDialect = getStandardDialect(context);
List<String> claimWithConsent = getClaimsFromMetaData(getSSOConsentService().getClaimsWithConsents(getServiceProvider(context), authenticatedUser));
List<String> disapprovedClaims = getClaimsWithoutConsent(claimWithConsent, context);
if (isDebugEnabled()) {
String message = "Removing disapproved claims: %s in the dialect: %s by user: %s for service provider: %s" + " in tenant domain: %s.";
ServiceProvider serviceProvider = getServiceProvider(context);
message = String.format(message, disapprovedClaims, defaultString(spStandardDialect), getAuthenticatedUser(context).getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
logDebug(message);
}
removeUserClaimsFromContext(context, disapprovedClaims, spStandardDialect);
}
Aggregations