use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project carbon-identity-framework by wso2.
the class ApplicationMgtAuditLogger method buildData.
private String buildData(ServiceProvider serviceProvider) {
if (serviceProvider == null) {
return StringUtils.EMPTY;
}
StringBuilder data = new StringBuilder();
data.append("Name:").append(serviceProvider.getApplicationName()).append(", ");
data.append("Description:").append(serviceProvider.getDescription()).append(", ");
data.append("Resource ID:").append(serviceProvider.getApplicationResourceId()).append(", ");
data.append("Access URL:").append(serviceProvider.getAccessUrl()).append(", ");
data.append("Is Discoverable:").append(serviceProvider.isDiscoverable()).append(", ");
data.append("Is SaaS:").append(serviceProvider.isSaasApp()).append(", ");
if (serviceProvider.getInboundAuthenticationConfig() != null && ArrayUtils.isNotEmpty(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs())) {
InboundAuthenticationRequestConfig[] requestConfigs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
data.append("Inbound Authentication Configs:").append("[");
for (InboundAuthenticationRequestConfig requestConfig : requestConfigs) {
data.append("{");
data.append("Auth Key:").append(requestConfig.getInboundAuthKey()).append(", ");
data.append("Auth Type:").append(requestConfig.getInboundAuthType()).append(", ");
data.append("Config Type:").append(requestConfig.getInboundConfigType()).append(", ");
data.append("Inbound configuration:").append(requestConfig.getInboundConfiguration());
Property[] properties = requestConfig.getProperties();
if (ArrayUtils.isNotEmpty(properties)) {
data.append("Properties:").append("[");
String joiner = "";
for (Property property : properties) {
data.append(joiner);
joiner = ", ";
data.append("{");
data.append(property.getName()).append(":");
data.append(property.getValue());
data.append("}");
}
data.append("]");
}
data.append("}");
}
data.append("]");
}
if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() != null) {
data.append(", Local and Outbound Configuration:{");
data.append("Auth Type:").append(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType());
AuthenticationStep[] authSteps = serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationSteps();
if (ArrayUtils.isNotEmpty(authSteps)) {
data.append(", Authentication Steps:[");
for (AuthenticationStep authStep : authSteps) {
data.append("{");
data.append("Step Order:").append(authStep.getStepOrder()).append(", ");
LocalAuthenticatorConfig[] localConfigs = authStep.getLocalAuthenticatorConfigs();
if (ArrayUtils.isNotEmpty(localConfigs)) {
data.append(", Local Authenticators:[");
String joiner = "";
for (LocalAuthenticatorConfig localConfig : localConfigs) {
data.append(joiner);
joiner = ", ";
data.append(localConfig.getName());
}
data.append("]");
}
IdentityProvider[] fedIDPs = authStep.getFederatedIdentityProviders();
if (ArrayUtils.isNotEmpty(fedIDPs)) {
data.append("Federated Authenticators:[");
String joiner = "";
for (IdentityProvider provider : fedIDPs) {
data.append(joiner);
joiner = ", ";
data.append("{IDP:").append(provider.getIdentityProviderName()).append(",");
if (provider.getDefaultAuthenticatorConfig() != null) {
data.append("Authenticator:").append(provider.getDefaultAuthenticatorConfig().getName()).append("}");
}
}
data.append("]");
}
data.append("}");
}
data.append("]");
}
data.append("}");
}
if (serviceProvider.getClaimConfig() != null) {
data.append(", Claim Configuration:{");
ClaimConfig claimConfig = serviceProvider.getClaimConfig();
data.append("User Claim URI:").append(claimConfig.getUserClaimURI()).append(", ");
data.append("Role Claim URI:").append(claimConfig.getRoleClaimURI());
ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
if (ArrayUtils.isNotEmpty(claimMappings)) {
data.append(", Claim Mappings: [");
String joiner = "";
for (ClaimMapping mapping : claimMappings) {
data.append("{");
data.append(joiner);
joiner = ", ";
if (mapping.getLocalClaim() != null && StringUtils.isNotBlank(mapping.getLocalClaim().getClaimUri())) {
data.append("Local Claim:").append(mapping.getLocalClaim().getClaimUri());
}
if (mapping.getRemoteClaim() != null && StringUtils.isNotBlank(mapping.getLocalClaim().getClaimUri())) {
data.append(", ").append("Remote Claim:").append(mapping.getRemoteClaim().getClaimUri());
}
data.append("}");
}
data.append("]");
}
data.append("}");
}
if (serviceProvider.getPermissionAndRoleConfig() != null) {
RoleMapping[] roleMappings = serviceProvider.getPermissionAndRoleConfig().getRoleMappings();
if (ArrayUtils.isNotEmpty(roleMappings)) {
data.append(", Role Mappings:[");
for (RoleMapping mapping : roleMappings) {
data.append("{");
if (mapping.getLocalRole() != null && StringUtils.isNotBlank(mapping.getLocalRole().getLocalRoleName())) {
data.append("Local Role:").append(mapping.getLocalRole().getLocalRoleName());
}
if (StringUtils.isNotBlank(mapping.getRemoteRole())) {
data.append(", Remote Role:").append(mapping.getRemoteRole());
}
data.append("}");
}
data.append("]");
}
}
if (serviceProvider.getInboundProvisioningConfig() != null) {
data.append(", Inbound Provisioning Configuration:{");
data.append("Provisioning Userstore:").append(serviceProvider.getInboundProvisioningConfig().getProvisioningUserStore()).append(", ");
data.append("Is Dumb Mode:").append(serviceProvider.getInboundProvisioningConfig().isDumbMode());
data.append("}");
}
if (serviceProvider.getOutboundProvisioningConfig() != null) {
data.append(", Outbound Provisioning Configuration:{");
String[] provisionRoles = serviceProvider.getOutboundProvisioningConfig().getProvisionByRoleList();
if (ArrayUtils.isNotEmpty(provisionRoles)) {
data.append("Provisioning Roles:[");
String joiner = "";
for (String role : provisionRoles) {
data.append(joiner);
joiner = ", ";
data.append(role);
}
data.append("]");
}
IdentityProvider[] provisionIdPs = serviceProvider.getOutboundProvisioningConfig().getProvisioningIdentityProviders();
if (ArrayUtils.isNotEmpty(provisionIdPs)) {
data.append("Provisioning IDPs:[");
String joiner = "";
for (IdentityProvider provider : provisionIdPs) {
data.append(joiner);
joiner = ", ";
data.append(provider.getIdentityProviderName());
}
data.append("]");
}
data.append("}");
}
if (ArrayUtils.isNotEmpty(serviceProvider.getSpProperties())) {
data.append(", Service Provider Properties:[");
ServiceProviderProperty[] spProperties = serviceProvider.getSpProperties();
String joiner = "";
for (ServiceProviderProperty spProperty : spProperties) {
data.append(joiner);
joiner = ", ";
data.append("{").append(spProperty.getName()).append(":").append(spProperty.getValue()).append("}");
}
data.append("]");
}
return data.toString();
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultIDTokenBuilderTest method setUp.
@BeforeClass
public void setUp() throws Exception {
user = getDefaultAuthenticatedLocalUser();
messageContext = getTokenReqMessageContextForUser(user, CLIENT_ID);
messageContext.addProperty(AUTHORIZATION_CODE, AUTHORIZATION_CODE_VALUE);
tokenRespDTO = new OAuth2AccessTokenRespDTO();
tokenRespDTO.setAccessToken(ACCESS_TOKEN);
IdentityProvider idp = new IdentityProvider();
idp.setIdentityProviderName("LOCAL");
idp.setEnable(true);
Map<String, Object> configuration = new HashMap<>();
configuration.put("SSOService.EntityId", "LOCAL");
configuration.put("SSOService.SAMLECPEndpoint", "https://localhost:9443/samlecp");
configuration.put("SSOService.ArtifactResolutionEndpoint", "https://localhost:9443/samlartresolve");
configuration.put("OAuth.OpenIDConnect.IDTokenIssuerID", "https://localhost:9443/oauth2/token");
WhiteboxImpl.setInternalState(IdentityUtil.class, "configuration", configuration);
IdentityProviderManager.getInstance().addResidentIdP(idp, SUPER_TENANT_DOMAIN_NAME);
defaultIDTokenBuilder = new DefaultIDTokenBuilder();
Map<ClaimMapping, String> userAttributes = new HashMap<>();
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("username"), "username");
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("email"), "email");
userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(PHONE_NUMBER_VERIFIED), "phone");
LinkedHashSet acrValuesHashSet = new LinkedHashSet<>();
acrValuesHashSet.add(new Object());
AuthorizationGrantCacheEntry authorizationGrantCacheEntry = new AuthorizationGrantCacheEntry(userAttributes);
authorizationGrantCacheEntry.setSubjectClaim(messageContext.getAuthorizedUser().getUserName());
authorizationGrantCacheEntry.setNonceValue("nonce");
authorizationGrantCacheEntry.addAmr("amr");
authorizationGrantCacheEntry.setSessionContextIdentifier("idp");
authorizationGrantCacheEntry.setAuthTime(1000);
authorizationGrantCacheEntry.setSelectedAcrValue("acr");
authorizationGrantCacheEntry.setSubjectClaim("user@carbon.super");
authorizationGrantCacheEntry.setEssentialClaims(getEssentialClaims());
AuthorizationGrantCacheKey authorizationGrantCacheKey = new AuthorizationGrantCacheKey(AUTHORIZATION_CODE_VALUE);
AuthorizationGrantCacheKey authorizationGrantCacheKeyForAccessToken = new AuthorizationGrantCacheKey("2sa9a678f890877856y66e75f605d456");
AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKey, authorizationGrantCacheEntry);
AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKeyForAccessToken, authorizationGrantCacheEntry);
ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty();
ServiceProviderProperty[] serviceProviders = new ServiceProviderProperty[] { serviceProviderProperty };
ServiceProvider serviceProvider = new ServiceProvider();
serviceProvider.setSpProperties(serviceProviders);
serviceProvider.setCertificateContent("MIIDWTCCAkGgAwIBAgIEcZgeVDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJG\n" + "UjEMMAoGA1UECBMDTVBMMQwwCgYDVQQHEwNNUEwxDTALBgNVBAoTBHRlc3QxDTAL\n" + "BgNVBAsTBHRlc3QxEzARBgNVBAMMCioudGVzdC5jb20wIBcNMjEwNTEwMTcwODU4\n" + "WhgPMjA1MTA1MDMxNzA4NThaMFwxCzAJBgNVBAYTAkZSMQwwCgYDVQQIEwNNUEwx\n" + "DDAKBgNVBAcTA01QTDENMAsGA1UEChMEdGVzdDENMAsGA1UECxMEdGVzdDETMBEG\n" + "A1UEAwwKKi50ZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + "AIkuoEuR/or5oL4h6TZ7r90Qyb1xAK6qrAHGCGWz5k1dnmCdvM39zBZF5EDGVKKe\n" + "p+BQWNgG+FST19Z2l71YJllKxVsI0syw3r9PXcAfVLahs3fn8HEa5uJqIdHRsVzz\n" + "uO+rEWYn7kx4jmwwqtb8HBnhlVgn32OWQ6X4mLll/1n87cWGMsNouVP5TCySFNyD\n" + "BFPzC3+gYiVVy7Aj1NBw6Ft4i4r0UIOZ8BPGfHrd7zB4Zmnc9KwyRNj+S3bvJECm\n" + "D1/9hMiHcIj46qnvLJw69f/HmL3LTmp1oQJUnFlA0hykrUcwjVjUEptcBMu627j4\n" + "kfY2xsI613k5NLi6eHlwx7cCAwEAAaMhMB8wHQYDVR0OBBYEFIg+fWViskGrce5K\n" + "48Oy9x1Mh0GTMA0GCSqGSIb3DQEBCwUAA4IBAQB76yS+Wkt2RBh4XEihiMsrgn9L\n" + "2RkxAvDldfVEZTtQHm0uOkjT53AG8RSK5tedWdETJnEa0cq9SGLBjuTB5ojjP18g\n" + "R3fT2HXiP2QDfqnEhj7SYOEPp+QjcgW7rPBpMVOe9qKU6BWw0/ufEFq/SgSb9/xV\n" + "dZa4puEYDVEJ4pu6uJuh/oXgvwcIcL6xURDav1gqTDuMrLnJrKui+FsabnWeC+XB\n" + "1mRWtpZPay9xB5kVWAEVdMtGePP0/wz2zxQU9uCmjwvIsIfx307CpBI54sjomXPU\n" + "DldsCG6l8QRJ3NvijWa/0olA/7BpaOtbNS6S5dBSfPScpUvVQiBYFFvMXbmd\n");
ApplicationManagementService applicationMgtService = mock(ApplicationManagementService.class);
OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService);
Map<String, ServiceProvider> fileBasedSPs = CommonTestUtils.getFileBasedSPs();
setFinalStatic(ApplicationManagementServiceComponent.class.getDeclaredField("fileBasedSPs"), fileBasedSPs);
when(applicationMgtService.getApplicationExcludingFileBasedSPs(TEST_APPLICATION_NAME, SUPER_TENANT_DOMAIN_NAME)).thenReturn(fileBasedSPs.get(TEST_APPLICATION_NAME));
when(applicationMgtService.getServiceProviderNameByClientId(anyString(), anyString(), anyString())).thenReturn(TEST_APPLICATION_NAME);
when(applicationMgtService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
AuthenticationMethodNameTranslator authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
OAuth2ServiceComponentHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
RealmService realmService = IdentityTenantUtil.getRealmService();
HashMap<String, String> claims = new HashMap<>();
claims.put("http://wso2.org/claims/username", TestConstants.USER_NAME);
realmService.getTenantUserRealm(SUPER_TENANT_ID).getUserStoreManager().addUser(TestConstants.USER_NAME, TestConstants.PASSWORD, new String[0], claims, TestConstants.DEFAULT_PROFILE);
Map<Integer, Certificate> publicCerts = new ConcurrentHashMap<>();
publicCerts.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getCertificate("wso2carbon"));
setFinalStatic(OAuth2Util.class.getDeclaredField("publicCerts"), publicCerts);
Map<Integer, Key> privateKeys = new ConcurrentHashMap<>();
privateKeys.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getKey("wso2carbon", "wso2carbon".toCharArray()));
setFinalStatic(OAuth2Util.class.getDeclaredField("privateKeys"), privateKeys);
OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
List<RequestedClaim> requestedClaims = Collections.EMPTY_LIST;
when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
OAuth2ServiceComponentHolder.setKeyIDProvider(new DefaultKeyIDProviderImpl());
ClaimProvider claimProvider = new OpenIDConnectSystemClaimImpl();
List claimProviders = new ArrayList();
claimProviders.add(claimProvider);
WhiteboxImpl.setInternalState(OpenIDConnectServiceComponentHolder.getInstance(), "claimProviders", claimProviders);
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project identity-inbound-auth-oauth by wso2-extensions.
the class RequestObjectValidatorUtil method getJWKSEndpoint.
/**
* Fetch JWKS endpoint using OAuth2 Parameters.
*
* @param oAuth2Parameters oAuth2Parameters
*/
private static String getJWKSEndpoint(OAuth2Parameters oAuth2Parameters) throws RequestObjectException {
String jwksUri = StringUtils.EMPTY;
ServiceProviderProperty[] spProperties;
try {
spProperties = OAuth2Util.getServiceProvider(oAuth2Parameters.getClientId()).getSpProperties();
} catch (IdentityOAuth2Exception e) {
throw new RequestObjectException("Error while getting the service provider for client ID " + oAuth2Parameters.getClientId(), OAuth2ErrorCodes.SERVER_ERROR, e);
}
if (spProperties != null) {
for (ServiceProviderProperty spProperty : spProperties) {
if (Constants.JWKS_URI.equals(spProperty.getName())) {
jwksUri = spProperty.getValue();
if (log.isDebugEnabled()) {
log.debug("Found jwks endpoint " + jwksUri + " for service provider with client id " + oAuth2Parameters.getClientId());
}
break;
}
}
} else {
return StringUtils.EMPTY;
}
return jwksUri;
}
use of org.wso2.carbon.identity.application.common.model.xsd.ServiceProviderProperty in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2Util method getSPJwksUrl.
/**
* Get Jwks uri of SP when clientId and spTenantDomain is provided.
*
* @param clientId - ClientId
* @param spTenantDomain - Tenant domain
* @return Jwks Url
* @throws IdentityOAuth2Exception
*/
private static String getSPJwksUrl(String clientId, String spTenantDomain) throws IdentityOAuth2Exception {
String jwksUri = null;
ServiceProvider serviceProvider = OAuth2Util.getServiceProvider(clientId, spTenantDomain);
ServiceProviderProperty[] spPropertyArray = serviceProvider.getSpProperties();
// get jwks uri from sp-properties
for (ServiceProviderProperty spProperty : spPropertyArray) {
if (Constants.JWKS_URI.equals(spProperty.getName())) {
jwksUri = spProperty.getValue();
break;
}
}
if (log.isDebugEnabled()) {
log.debug(String.format("Retrieved jwks uri: %s for the service provider associated with client_id: %s", jwksUri, clientId));
}
return jwksUri;
}
Aggregations