Search in sources :

Example 11 with ServiceProviderProperty

use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuer method getDefaultSubject.

private String getDefaultSubject(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser) throws UserIdNotFoundException {
    String subject;
    boolean useUserIdForDefaultSubject = false;
    ServiceProviderProperty[] spProperties = serviceProvider.getSpProperties();
    if (spProperties != null) {
        for (ServiceProviderProperty prop : spProperties) {
            if (IdentityApplicationConstants.USE_USER_ID_FOR_DEFAULT_SUBJECT.equals(prop.getName())) {
                useUserIdForDefaultSubject = Boolean.parseBoolean(prop.getValue());
                break;
            }
        }
    }
    if (useUserIdForDefaultSubject) {
        subject = authenticatedUser.getUserId();
    } else {
        subject = authenticatedUser.getUserName();
    }
    return subject;
}
Also used : ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)

Example 12 with ServiceProviderProperty

use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project product-is by wso2.

the class OIDCSubAttributeTestCase method registerServiceProviderWithOAuthInboundConfigs.

public ServiceProvider registerServiceProviderWithOAuthInboundConfigs(OAuthConsumerAppDTO appDTO) throws Exception {
    ServiceProvider serviceProvider = generateServiceProvider(appDTO);
    if (legacyMode) {
        ArrayList<ServiceProviderProperty> serviceProviderProperties = new ArrayList<>(Arrays.asList(serviceProvider.getSpProperties()));
        boolean containsUseUserIdForSubjectProp = false;
        for (ServiceProviderProperty prop : serviceProviderProperties) {
            if ("useUserIdForDefaultSubject".equals(prop.getName())) {
                containsUseUserIdForSubjectProp = true;
                prop.setValue("false");
                break;
            }
        }
        if (!containsUseUserIdForSubjectProp) {
            ServiceProviderProperty useUserIdForSubject = new ServiceProviderProperty();
            useUserIdForSubject.setName("useUserIdForDefaultSubject");
            useUserIdForSubject.setValue("false");
            serviceProviderProperties.add(useUserIdForSubject);
        }
        serviceProvider.setSpProperties(serviceProviderProperties.toArray(new ServiceProviderProperty[0]));
    }
    return getServiceProvider(serviceProvider);
}
Also used : ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) ArrayList(java.util.ArrayList) ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty)

Example 13 with ServiceProviderProperty

use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method getApplication.

@Override
public ServiceProvider getApplication(int applicationId) throws IdentityApplicationManagementException {
    Connection connection = IdentityDatabaseUtil.getDBConnection(false);
    try {
        // Load basic application data
        ServiceProvider serviceProvider = getBasicApplicationData(applicationId, connection);
        if (serviceProvider == null) {
            return null;
        }
        int tenantID = IdentityTenantUtil.getTenantId(serviceProvider.getOwner().getTenantDomain());
        List<ServiceProviderProperty> propertyList = getServicePropertiesBySpId(connection, applicationId);
        serviceProvider.setJwksUri(getJwksUri(propertyList));
        serviceProvider.setTemplateId(getTemplateId(propertyList));
        serviceProvider.setInboundAuthenticationConfig(getInboundAuthenticationConfig(applicationId, connection, tenantID));
        serviceProvider.setLocalAndOutBoundAuthenticationConfig(getLocalAndOutboundAuthenticationConfig(applicationId, connection, tenantID, propertyList));
        serviceProvider.setInboundProvisioningConfig(getInboundProvisioningConfiguration(applicationId, connection, tenantID));
        serviceProvider.setOutboundProvisioningConfig(getOutboundProvisioningConfiguration(applicationId, connection, tenantID));
        // Load Claim Mapping
        serviceProvider.setClaimConfig(getClaimConfiguration(applicationId, connection, tenantID));
        // Load Role Mappings
        List<RoleMapping> roleMappings = getRoleMappingOfApplication(applicationId, connection, tenantID);
        PermissionsAndRoleConfig permissionAndRoleConfig = new PermissionsAndRoleConfig();
        permissionAndRoleConfig.setRoleMappings(roleMappings.toArray(new RoleMapping[0]));
        serviceProvider.setPermissionAndRoleConfig(permissionAndRoleConfig);
        RequestPathAuthenticatorConfig[] requestPathAuthenticators = getRequestPathAuthenticators(applicationId, connection, tenantID);
        serviceProvider.setRequestPathAuthenticatorConfigs(requestPathAuthenticators);
        serviceProvider.setSpProperties(propertyList.toArray(new ServiceProviderProperty[0]));
        serviceProvider.setCertificateContent(getCertificateContent(propertyList, connection));
        // Will be supported with 'Advance Consent Management Feature'.
        /*
            ConsentConfig consentConfig = serviceProvider.getConsentConfig();
            if (isNull(consentConfig)) {
                consentConfig = new ConsentConfig();
            }
            consentConfig.setConsentPurposeConfigs(getConsentPurposeConfigs(connection, applicationId, tenantID));
            serviceProvider.setConsentConfig(consentConfig);
            */
        String serviceProviderName = serviceProvider.getApplicationName();
        loadApplicationPermissions(serviceProviderName, serviceProvider);
        return serviceProvider;
    } catch (SQLException | CertificateRetrievingException e) {
        throw new IdentityApplicationManagementException("Failed to get service provider with id: " + applicationId, e);
    } finally {
        IdentityApplicationManagementUtil.closeConnection(connection);
    }
}
Also used : SQLException(java.sql.SQLException) IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException) Connection(java.sql.Connection) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) CertificateRetrievingException(org.wso2.carbon.identity.core.CertificateRetrievingException) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) RequestPathAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig) ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)

Example 14 with ServiceProviderProperty

use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method getLocalAndOutboundAuthenticationConfig.

/**
 * @param applicationId
 * @param connection
 * @param propertyList
 * @return
 * @throws SQLException
 */
private LocalAndOutboundAuthenticationConfig getLocalAndOutboundAuthenticationConfig(int applicationId, Connection connection, int tenantId, List<ServiceProviderProperty> propertyList) throws SQLException, IdentityApplicationManagementException {
    PreparedStatement getStepInfoPrepStmt = null;
    ResultSet stepInfoResultSet = null;
    if (log.isDebugEnabled()) {
        log.debug("Reading Steps of Application " + applicationId);
    }
    try {
        getStepInfoPrepStmt = connection.prepareStatement(LOAD_STEPS_INFO_BY_APP_ID);
        // STEP_ORDER, AUTHENTICATOR_ID, IS_SUBJECT_STEP, IS_ATTRIBUTE_STEP
        getStepInfoPrepStmt.setInt(1, applicationId);
        stepInfoResultSet = getStepInfoPrepStmt.executeQuery();
        Map<String, AuthenticationStep> authSteps = new HashMap<>();
        Map<String, Map<String, List<FederatedAuthenticatorConfig>>> stepFedIdPAuthenticators = new HashMap<>();
        Map<String, List<LocalAuthenticatorConfig>> stepLocalAuth = new HashMap<>();
        while (stepInfoResultSet.next()) {
            String step = String.valueOf(stepInfoResultSet.getInt(1));
            AuthenticationStep authStep;
            if (authSteps.containsKey(step)) {
                authStep = authSteps.get(step);
            } else {
                authStep = new AuthenticationStep();
                authStep.setStepOrder(stepInfoResultSet.getInt(1));
                stepLocalAuth.put(step, new ArrayList<LocalAuthenticatorConfig>());
                stepFedIdPAuthenticators.put(step, new HashMap<String, List<FederatedAuthenticatorConfig>>());
            }
            int authenticatorId = stepInfoResultSet.getInt(2);
            Map<String, String> authenticatorInfo = getAuthenticatorInfo(connection, tenantId, authenticatorId);
            if (authenticatorInfo != null && authenticatorInfo.get(ApplicationConstants.IDP_NAME) != null && ApplicationConstants.LOCAL_IDP_NAME.equals(authenticatorInfo.get("idpName"))) {
                LocalAuthenticatorConfig localAuthenticator = new LocalAuthenticatorConfig();
                localAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                localAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                stepLocalAuth.get(step).add(localAuthenticator);
            } else {
                Map<String, List<FederatedAuthenticatorConfig>> stepFedIdps = stepFedIdPAuthenticators.get(step);
                if (!stepFedIdps.containsKey(authenticatorInfo.get(ApplicationConstants.IDP_NAME))) {
                    stepFedIdps.put(authenticatorInfo.get(ApplicationConstants.IDP_NAME), new ArrayList<FederatedAuthenticatorConfig>());
                }
                List<FederatedAuthenticatorConfig> idpAuths = stepFedIdps.get(authenticatorInfo.get(ApplicationConstants.IDP_NAME));
                FederatedAuthenticatorConfig fedAuthenticator = new FederatedAuthenticatorConfig();
                fedAuthenticator.setName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_NAME));
                fedAuthenticator.setDisplayName(authenticatorInfo.get(ApplicationConstants.IDP_AUTHENTICATOR_DISPLAY_NAME));
                idpAuths.add(fedAuthenticator);
            }
            authStep.setSubjectStep("1".equals(stepInfoResultSet.getString(3)));
            authStep.setAttributeStep("1".equals(stepInfoResultSet.getString(4)));
            authSteps.put(step, authStep);
        }
        LocalAndOutboundAuthenticationConfig localAndOutboundConfiguration = new LocalAndOutboundAuthenticationConfig();
        AuthenticationStep[] authenticationSteps = new AuthenticationStep[authSteps.size()];
        int authStepCount = 0;
        for (Entry<String, AuthenticationStep> entry : authSteps.entrySet()) {
            AuthenticationStep authStep = entry.getValue();
            String stepId = entry.getKey();
            List<LocalAuthenticatorConfig> localAuthenticatorList = stepLocalAuth.get(stepId);
            if (localAuthenticatorList != null && localAuthenticatorList.size() > 0) {
                authStep.setLocalAuthenticatorConfigs(localAuthenticatorList.toArray(new LocalAuthenticatorConfig[localAuthenticatorList.size()]));
            }
            Map<String, List<FederatedAuthenticatorConfig>> idpList = stepFedIdPAuthenticators.get(stepId);
            if (idpList != null && idpList.size() > 0) {
                IdentityProvider[] fedIdpList = new IdentityProvider[idpList.size()];
                int idpCount = 0;
                for (Entry<String, List<FederatedAuthenticatorConfig>> idpEntry : idpList.entrySet()) {
                    String idpName = idpEntry.getKey();
                    List<FederatedAuthenticatorConfig> fedAuthenticators = idpEntry.getValue();
                    IdentityProvider idp = new IdentityProvider();
                    idp.setIdentityProviderName(idpName);
                    idp.setFederationHub(isFederationHubIdP(idpName, connection, tenantId));
                    idp.setFederatedAuthenticatorConfigs(fedAuthenticators.toArray(new FederatedAuthenticatorConfig[fedAuthenticators.size()]));
                    idp.setDefaultAuthenticatorConfig(idp.getFederatedAuthenticatorConfigs()[0]);
                    fedIdpList[idpCount++] = idp;
                }
                authStep.setFederatedIdentityProviders(fedIdpList);
            }
            authenticationSteps[authStepCount++] = authStep;
        }
        Arrays.sort(authenticationSteps, Comparator.comparingInt(AuthenticationStep::getStepOrder));
        int numSteps = authenticationSteps.length;
        // We check if the steps have consecutive step numbers.
        if (numSteps > 0 && authenticationSteps[numSteps - 1].getStepOrder() != numSteps) {
            if (log.isDebugEnabled()) {
                log.debug("Authentication steps of Application with id: " + applicationId + "  do not have " + "consecutive numbers. This was possibility due to a IDP force deletion. Fixing the step " + "order.");
            }
            // Iterate through the steps and fix step order.
            int count = 1;
            for (AuthenticationStep step : authenticationSteps) {
                step.setStepOrder(count++);
            }
        }
        localAndOutboundConfiguration.setAuthenticationSteps(authenticationSteps);
        String authType = getAuthenticationType(applicationId, connection);
        if (StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FEDERATED) || StringUtils.equalsIgnoreCase(authType, ApplicationConstants.AUTH_TYPE_FLOW)) {
            if (ArrayUtils.isEmpty(authenticationSteps)) {
                // the authType to 'default'.
                if (log.isDebugEnabled()) {
                    log.debug("Authentication type is '" + authType + "' eventhough the application with id: " + applicationId + " has zero authentication step. This was possibility due to a IDP force deletion. " + " Defaulting authentication type to " + ApplicationConstants.AUTH_TYPE_DEFAULT);
                }
                authType = ApplicationConstants.AUTH_TYPE_DEFAULT;
            }
        }
        localAndOutboundConfiguration.setAuthenticationType(authType);
        AuthenticationScriptConfig authenticationScriptConfig = getScriptConfiguration(applicationId, connection);
        if (authenticationScriptConfig != null) {
            localAndOutboundConfiguration.setAuthenticationScriptConfig(authenticationScriptConfig);
        }
        PreparedStatement localAndOutboundConfigPrepStmt = null;
        ResultSet localAndOutboundConfigResultSet = null;
        try {
            localAndOutboundConfigPrepStmt = connection.prepareStatement(LOAD_LOCAL_AND_OUTBOUND_CONFIG_BY_APP_ID);
            localAndOutboundConfigPrepStmt.setInt(1, tenantId);
            localAndOutboundConfigPrepStmt.setInt(2, applicationId);
            localAndOutboundConfigResultSet = localAndOutboundConfigPrepStmt.executeQuery();
            if (localAndOutboundConfigResultSet.next()) {
                localAndOutboundConfiguration.setUseTenantDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(1)));
                localAndOutboundConfiguration.setUseUserstoreDomainInLocalSubjectIdentifier("1".equals(localAndOutboundConfigResultSet.getString(2)));
                localAndOutboundConfiguration.setEnableAuthorization("1".equals(localAndOutboundConfigResultSet.getString(3)));
                localAndOutboundConfiguration.setAlwaysSendBackAuthenticatedListOfIdPs("1".equals(localAndOutboundConfigResultSet.getString(4)));
                localAndOutboundConfiguration.setSubjectClaimUri(localAndOutboundConfigResultSet.getString(5));
                readAndSetConfigurationsFromProperties(propertyList, localAndOutboundConfiguration);
            }
        } finally {
            IdentityApplicationManagementUtil.closeStatement(localAndOutboundConfigPrepStmt);
            IdentityApplicationManagementUtil.closeResultSet(localAndOutboundConfigResultSet);
        }
        return localAndOutboundConfiguration;
    } finally {
        IdentityApplicationManagementUtil.closeStatement(getStepInfoPrepStmt);
        IdentityApplicationManagementUtil.closeResultSet(stepInfoResultSet);
    }
}
Also used : HashMap(java.util.HashMap) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) AuthenticationScriptConfig(org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig) ResultSet(java.sql.ResultSet) ArrayList(java.util.ArrayList) List(java.util.List) AuthenticationStep(org.wso2.carbon.identity.application.common.model.AuthenticationStep) PreparedStatement(java.sql.PreparedStatement) NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) Map(java.util.Map) HashMap(java.util.HashMap)

Example 15 with ServiceProviderProperty

use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project carbon-identity-framework by wso2.

the class ApplicationDAOImpl method updateConfigurationsAsServiceProperties.

private void updateConfigurationsAsServiceProperties(ServiceProvider sp) {
    if (sp.getSpProperties() == null) {
        sp.setSpProperties(new ServiceProviderProperty[0]);
    }
    Map<String, ServiceProviderProperty> spPropertyMap = Arrays.stream(sp.getSpProperties()).collect(Collectors.toMap(ServiceProviderProperty::getName, Function.identity()));
    // Add use user store domain in roles property.
    if (sp.getLocalAndOutBoundAuthenticationConfig() != null) {
        ServiceProviderProperty userUserStoreDomainInRoles = buildUserStoreDomainInRolesProperty(sp);
        spPropertyMap.put(userUserStoreDomainInRoles.getName(), userUserStoreDomainInRoles);
        ServiceProviderProperty skipConsentProperty = buildSkipConsentProperty(sp);
        spPropertyMap.put(skipConsentProperty.getName(), skipConsentProperty);
        ServiceProviderProperty skipLogoutConsentProperty = buildSkipLogoutConsentProperty(sp);
        spPropertyMap.put(skipLogoutConsentProperty.getName(), skipLogoutConsentProperty);
    }
    ServiceProviderProperty jwksUri = buildJwksProperty(sp);
    spPropertyMap.put(jwksUri.getName(), jwksUri);
    ServiceProviderProperty templateIdProperty = buildTemplateIdProperty(sp);
    spPropertyMap.put(templateIdProperty.getName(), templateIdProperty);
    sp.setSpProperties(spPropertyMap.values().toArray(new ServiceProviderProperty[0]));
}
Also used : ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)

Aggregations

ServiceProviderProperty (org.wso2.carbon.identity.application.common.model.ServiceProviderProperty)24 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)8 PreparedStatement (java.sql.PreparedStatement)7 NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)7 ArrayList (java.util.ArrayList)6 ResultSet (java.sql.ResultSet)4 SQLException (java.sql.SQLException)4 HashMap (java.util.HashMap)3 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)3 ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)3 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)3 IOException (java.io.IOException)2 List (java.util.List)2 DataAccessException (org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException)2 AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)2 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)2 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig)2 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)2 Property (org.wso2.carbon.identity.application.common.model.Property)2 RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)2