Example 61 with ServiceProvider
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class ConsentMgtPostAuthnHandler method removeUserClaimsFromContext.
private void removeUserClaimsFromContext(AuthenticationContext context, List<String> disapprovedClaims, String spStandardDialect) {
Map<ClaimMapping, String> userAttributes = getUserAttributes(context);
Map<ClaimMapping, String> modifiedUserAttributes = new HashMap<>();
if (isDebugEnabled()) {
String message = "Removing disapproved claims: %s from context of user: %s for service provider: %s in " + "tenant domain: %s";
ServiceProvider serviceProvider = getServiceProvider(context);
message = String.format(message, disapprovedClaims, getAuthenticatedUser(context).getAuthenticatedSubjectIdentifier(), serviceProvider.getApplicationName(), getSPTenantDomain(serviceProvider));
logDebug(message);
}
if (isStandardDialect(spStandardDialect)) {
Map<String, String> standardToCarbonClaimMappings = getSPToCarbonClaimMappings(context);
filterClaims(userAttributes, disapprovedClaims, standardToCarbonClaimMappings, modifiedUserAttributes);
} else {
// WSO2 dialect or Non standards custom claim mappings.
Map<String, String> customToLocalClaimMappings = context.getSequenceConfig().getApplicationConfig().getRequestedClaimMappings();
filterClaims(userAttributes, disapprovedClaims, customToLocalClaimMappings, modifiedUserAttributes);
}
context.getSequenceConfig().getAuthenticatedUser().setUserAttributes(modifiedUserAttributes);
}
Also used :
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
HashMap(java.util.HashMap)
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
StringUtils.defaultString(org.apache.commons.lang.StringUtils.defaultString)
Example 62 with ServiceProvider
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class ConsentMgtPostAuthnHandler method getSPTenantDomain.
private String getSPTenantDomain(ServiceProvider serviceProvider) {
String spTenantDomain;
User owner = serviceProvider.getOwner();
if (owner != null) {
spTenantDomain = owner.getTenantDomain();
} else {
spTenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
return spTenantDomain;
}
Also used :
User(org.wso2.carbon.identity.application.common.model.User)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
StringUtils.defaultString(org.apache.commons.lang.StringUtils.defaultString)
Example 63 with ServiceProvider
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method addReceipt.
private void addReceipt(String subject, String subjectTenantDomain, ServiceProvider serviceProvider, String spTenantDomain, List<ClaimMetaData> claimsWithConsent, List<ClaimMetaData> claimsDeniedConsent) throws SSOConsentServiceException {
ReceiptInput receiptInput = buildReceiptInput(subject, serviceProvider, spTenantDomain, claimsWithConsent, claimsDeniedConsent);
AddReceiptResponse receiptResponse;
try {
startTenantFlowWithUser(subject, subjectTenantDomain);
receiptResponse = getConsentManager().addConsent(receiptInput);
} catch (ConsentManagementException e) {
throw new SSOConsentServiceException("Consent receipt error", "Error while adding the consent " + "receipt", e);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
if (isDebugEnabled()) {
logDebug("Successfully added consent receipt: " + receiptResponse.getConsentReceiptId());
}
}
Also used :
AddReceiptResponse(org.wso2.carbon.consent.mgt.core.model.AddReceiptResponse)
ReceiptInput(org.wso2.carbon.consent.mgt.core.model.ReceiptInput)
ConsentManagementException(org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException)
SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)
Example 64 with ServiceProvider
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class SSOConsentServiceImpl method getClaimsWithConsents.
/**
* Retrieves claims which a user has provided consent for a given service provider.
*
* @param serviceProvider Service provider to retrieve the consent against.
* @param authenticatedUser Authenticated user to related to consent claim retrieval.
* @return List of claim which the user has provided consent for the given service provider.
* @throws SSOConsentServiceException If error occurs while retrieve user consents.
*/
@Override
public List<ClaimMetaData> getClaimsWithConsents(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser) throws SSOConsentServiceException {
if (!isSSOConsentManagementEnabled(serviceProvider)) {
String message = "Consent management for SSO is disabled.";
throw new SSOConsentDisabledException(message, message);
}
if (serviceProvider == null) {
throw new SSOConsentServiceException("Service provider cannot be null.");
}
String spName = serviceProvider.getApplicationName();
List<ClaimMetaData> receiptConsentMetaData = new ArrayList<>();
String spTenantDomain = getSPTenantDomain(serviceProvider);
String subject = buildSubjectWithUserStoreDomain(authenticatedUser);
Receipt receipt = getConsentReceiptOfUser(serviceProvider, authenticatedUser, spName, spTenantDomain, subject);
if (receipt == null) {
return receiptConsentMetaData;
} else {
receiptConsentMetaData = getRequestedClaimsFromReceipt(receipt, true);
}
return receiptConsentMetaData;
}
Also used :
SSOConsentDisabledException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentDisabledException)
Receipt(org.wso2.carbon.consent.mgt.core.model.Receipt)
ArrayList(java.util.ArrayList)
SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException)
Example 65 with ServiceProvider
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider in project carbon-identity-framework by wso2.
the class DefaultClaimHandler method setSubjectClaim.
/**
* Set authenticated user's SP Subject Claim URI as a property
*/
private void setSubjectClaim(AuthenticatedUser authenticatedUser, AbstractUserStoreManager userStore, Map<String, String> attributesMap, String spStandardDialect, AuthenticationContext context) {
String subjectURI = context.getSequenceConfig().getApplicationConfig().getSubjectClaimUri();
ApplicationConfig applicationConfig = context.getSequenceConfig().getApplicationConfig();
ServiceProvider serviceProvider = applicationConfig.getServiceProvider();
ClaimConfig claimConfig = serviceProvider.getClaimConfig();
boolean isLocalClaimDialect = claimConfig.isLocalClaimDialect();
Map<String, String> spToLocalClaimMappings = applicationConfig.getClaimMappings();
if (subjectURI != null) {
if (!isLocalClaimDialect && spStandardDialect != null) {
if (spToLocalClaimMappings != null) {
subjectURI = spToLocalClaimMappings.get(subjectURI);
}
}
if (attributesMap.get(subjectURI) != null) {
context.setProperty(SERVICE_PROVIDER_SUBJECT_CLAIM_VALUE, attributesMap.get(subjectURI));
if (log.isDebugEnabled()) {
log.debug("Setting \'ServiceProviderSubjectClaimValue\' property value from " + "attribute map " + attributesMap.get(subjectURI));
}
} else {
log.debug("Subject claim not found among attributes");
}
// if federated case return
if (authenticatedUser == null || userStore == null || authenticatedUser.isFederatedUser()) {
if (log.isDebugEnabled()) {
log.debug("User id or user store \'NULL\'. Possibly federated case");
}
return;
}
// standard dialect
if (spStandardDialect != null) {
setSubjectClaimForStandardDialect(authenticatedUser, userStore, context, subjectURI);
}
}
}
Also used :
ApplicationConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)
Aggregations
ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)232
Test (org.testng.annotations.Test)129
ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)96
IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)85
ArrayList (java.util.ArrayList)66
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)58
HashMap (java.util.HashMap)50
InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)49
AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)40
ApplicationManagementService (org.wso2.carbon.identity.application.mgt.ApplicationManagementService)40
SequenceConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig)35
ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)35
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)33
HttpServletResponse (javax.servlet.http.HttpServletResponse)26
InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig)26
HttpServletRequest (javax.servlet.http.HttpServletRequest)24
LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)23
IdentityException (org.wso2.carbon.identity.base.IdentityException)23
Property (org.wso2.carbon.identity.application.common.model.xsd.Property)21
InboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig)20
