use of org.wso2.carbon.identity.core.ConnectorException in project carbon-identity-framework by wso2.
the class IdPManagementDAO method addIdPWithResourceId.
/**
* Add IDP.
*
* @param identityProvider Identity provider information.
* @param tenantId Tenant ID.
* @return Resource ID of created IDP.
* @throws IdentityProviderManagementException
*/
public String addIdPWithResourceId(IdentityProvider identityProvider, int tenantId) throws IdentityProviderManagementException {
Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true);
PreparedStatement prepStmt = null;
try {
if (identityProvider.isPrimary()) {
// this is going to be the primary. Switch off any other primary set up in the
// system.
switchOffPrimary(dbConnection, tenantId);
}
// SP_TENANT_ID, SP_IDP_NAME, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID, SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,
// SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.ADD_IDP_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setInt(1, tenantId);
prepStmt.setString(2, identityProvider.getIdentityProviderName());
if (identityProvider.isPrimary()) {
prepStmt.setString(3, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(3, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(4, identityProvider.getHomeRealmId());
if (ArrayUtils.isNotEmpty(identityProvider.getCertificateInfoArray())) {
try {
// Check whether certificate decoding and certificate generation fails or not.
IdentityApplicationManagementUtil.getCertDataArray(identityProvider.getCertificateInfoArray());
} catch (CertificateException ex) {
throw new IdentityProviderManagementClientException("Malformed Public Certificate file has been " + "provided.", ex);
}
}
JSONArray certificateInfoJsonArray = new JSONArray(identityProvider.getCertificateInfoArray());
setBlobValue(certificateInfoJsonArray.toString(), prepStmt, 5);
prepStmt.setString(6, identityProvider.getAlias());
if (identityProvider.getJustInTimeProvisioningConfig() != null) {
// provisioned locally.
if (identityProvider.getJustInTimeProvisioningConfig().isProvisioningEnabled()) {
prepStmt.setString(7, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
}
// user will be provisioned to the configured user store.
prepStmt.setString(8, identityProvider.getJustInTimeProvisioningConfig().getProvisioningUserStore());
} else {
prepStmt.setString(7, IdPManagementConstants.IS_FALSE_VALUE);
prepStmt.setString(8, null);
}
if (identityProvider.getClaimConfig() != null) {
// this is how we find the subject name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(9, identityProvider.getClaimConfig().getUserClaimURI());
// this is how we find the role name from the authentication response.
// this claim URI is in identity provider's own dialect.
prepStmt.setString(10, identityProvider.getClaimConfig().getRoleClaimURI());
} else {
prepStmt.setString(9, null);
prepStmt.setString(10, null);
}
if (identityProvider.getDefaultAuthenticatorConfig() != null) {
prepStmt.setString(11, identityProvider.getDefaultAuthenticatorConfig().getName());
} else {
prepStmt.setString(11, null);
}
if (identityProvider.getDefaultProvisioningConnectorConfig() != null) {
prepStmt.setString(12, identityProvider.getDefaultProvisioningConnectorConfig().getName());
} else {
prepStmt.setString(12, null);
}
prepStmt.setString(13, identityProvider.getIdentityProviderDescription());
if (identityProvider.isFederationHub()) {
prepStmt.setString(14, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(14, IdPManagementConstants.IS_FALSE_VALUE);
}
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().isLocalClaimDialect()) {
prepStmt.setString(15, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(15, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setString(16, identityProvider.getProvisioningRole());
// enabled by default
prepStmt.setString(17, IdPManagementConstants.IS_TRUE_VALUE);
prepStmt.setString(18, identityProvider.getDisplayName());
prepStmt.setString(19, identityProvider.getImageUrl());
String resourceId = UUID.randomUUID().toString();
prepStmt.setString(20, resourceId);
prepStmt.executeUpdate();
prepStmt.clearParameters();
// get newly added Identity provider.
IdentityProvider createdIDP = getIDPbyResourceId(dbConnection, resourceId, tenantId, IdentityTenantUtil.getTenantDomain(tenantId));
// get the id of the just added identity provider.
int idPId = Integer.parseInt(createdIDP.getId());
if (idPId <= 0) {
String msg = "Error adding Identity Provider for tenant " + tenantId;
throw new IdentityProviderManagementException(msg);
}
// add provisioning connectors.
if (identityProvider.getProvisioningConnectorConfigs() != null && identityProvider.getProvisioningConnectorConfigs().length > 0) {
addProvisioningConnectorConfigs(identityProvider.getProvisioningConnectorConfigs(), dbConnection, idPId, tenantId);
}
// add federated authenticators.
addFederatedAuthenticatorConfigs(identityProvider.getFederatedAuthenticatorConfigs(), dbConnection, idPId, tenantId);
// add role configuration.
if (identityProvider.getPermissionAndRoleConfig() != null) {
if (identityProvider.getPermissionAndRoleConfig().getIdpRoles() != null && identityProvider.getPermissionAndRoleConfig().getIdpRoles().length > 0) {
// add roles.
addIdPRoles(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getIdpRoles());
if (identityProvider.getPermissionAndRoleConfig().getRoleMappings() != null && identityProvider.getPermissionAndRoleConfig().getRoleMappings().length > 0) {
// add role mappings.
addIdPRoleMappings(dbConnection, idPId, tenantId, identityProvider.getPermissionAndRoleConfig().getRoleMappings());
}
}
}
// add claim configuration.
if (identityProvider.getClaimConfig() != null && identityProvider.getClaimConfig().getClaimMappings() != null && identityProvider.getClaimConfig().getClaimMappings().length > 0) {
if (identityProvider.getClaimConfig().isLocalClaimDialect()) {
// identity provider is using local claim dialect - we do not need to add
// claims.
addDefaultClaimValuesForLocalIdP(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
} else {
addIdPClaims(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getIdpClaims());
addIdPClaimMappings(dbConnection, idPId, tenantId, identityProvider.getClaimConfig().getClaimMappings());
}
}
IdentityProviderProperty[] idpProperties = identityProvider.getIdpProperties();
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(identityProvider.getIdentityProviderName())) {
idpProperties = filterConnectorProperties(idpProperties, IdentityTenantUtil.getTenantDomain(tenantId)).toArray(new IdentityProviderProperty[0]);
}
List<IdentityProviderProperty> identityProviderProperties = getCombinedProperties(identityProvider.getJustInTimeProvisioningConfig(), idpProperties);
identityProviderProperties.add(buildTemplateIdProperty(identityProvider));
addIdentityProviderProperties(dbConnection, idPId, identityProviderProperties, tenantId);
IdentityDatabaseUtil.commitTransaction(dbConnection);
return resourceId;
} catch (IOException e) {
throw new IdentityProviderManagementException("An error occurred while processing content stream.", e);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while adding Identity Provider for tenant " + tenantId, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("An error occurred while filtering IDP properties.", e);
} finally {
IdentityDatabaseUtil.closeAllConnections(dbConnection, null, prepStmt);
}
}
use of org.wso2.carbon.identity.core.ConnectorException in project identity-governance by wso2-extensions.
the class IdentityGovernanceUtil method saveConnectorDefaultProperties.
@Deprecated
public static void saveConnectorDefaultProperties(IdentityConnectorConfig identityConnectorConfig, String tenantDomain) throws ConnectorException {
IdpManager identityProviderManager = IdentityMgtServiceDataHolder.getInstance().getIdpManager();
try {
IdentityProvider residentIdp = identityProviderManager.getResidentIdP(tenantDomain);
IdentityProviderProperty[] idpProperties = residentIdp.getIdpProperties();
String[] connectorPropertiesNames = identityConnectorConfig.getPropertyNames();
List<IdentityProviderProperty> propertiesToAdd = new ArrayList<>();
for (String connectorPropertyName : connectorPropertiesNames) {
boolean propertyExists = false;
for (IdentityProviderProperty property : idpProperties) {
if (connectorPropertyName.equals(property.getName())) {
propertyExists = true;
break;
}
}
if (!propertyExists) {
IdentityProviderProperty newProperty = new IdentityProviderProperty();
newProperty.setName(connectorPropertyName);
newProperty.setDisplayName(identityConnectorConfig.getPropertyNameMapping().get(connectorPropertyName));
Properties defaultPropertyValues = identityConnectorConfig.getDefaultPropertyValues(tenantDomain);
newProperty.setValue(String.valueOf(defaultPropertyValues.get(connectorPropertyName)));
propertiesToAdd.add(newProperty);
}
}
// If the property list size is greater than 0, add the new properties to the database.
if (propertiesToAdd.size() > 0) {
String alreadyWrittenPropertyName = identityConnectorConfig.getName() + "." + IdentityEventConstants.PropertyConfig.ALREADY_WRITTEN_PROPERTY_KEY;
boolean alreadyWrittenPropertyExists = false;
for (IdentityProviderProperty property : idpProperties) {
if (alreadyWrittenPropertyName.equals(property.getName())) {
alreadyWrittenPropertyExists = true;
break;
}
}
if (!alreadyWrittenPropertyExists) {
IdentityProviderProperty property = new IdentityProviderProperty();
property.setName(alreadyWrittenPropertyName);
property.setValue(IdentityEventConstants.PropertyConfig.ALREADY_WRITTEN_PROPERTY_VALUE);
propertiesToAdd.add(property);
}
propertiesToAdd.addAll(Arrays.asList(idpProperties));
residentIdp.setIdpProperties(propertiesToAdd.toArray(new IdentityProviderProperty[0]));
FederatedAuthenticatorConfig[] authenticatorConfigs = residentIdp.getFederatedAuthenticatorConfigs();
List<FederatedAuthenticatorConfig> configsToSave = new ArrayList<>();
for (FederatedAuthenticatorConfig authenticatorConfig : authenticatorConfigs) {
if (IdentityApplicationConstants.Authenticator.PassiveSTS.NAME.equals(authenticatorConfig.getName()) || IdentityApplicationConstants.Authenticator.SAML2SSO.NAME.equals(authenticatorConfig.getName())) {
configsToSave.add(authenticatorConfig);
}
}
residentIdp.setFederatedAuthenticatorConfigs(configsToSave.toArray(new FederatedAuthenticatorConfig[0]));
identityProviderManager.updateResidentIdP(residentIdp, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("New resident IDP properties for tenant : " + tenantDomain + " written to database");
}
}
} catch (IdentityProviderManagementException e) {
log.error("Error while adding identity management properties to resident Idp.", e);
}
}
use of org.wso2.carbon.identity.core.ConnectorException in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getConnectorProperties.
private Map<String, IdentityProviderProperty> getConnectorProperties(String tenantDomain) throws ConnectorException {
List<ConnectorConfig> connectorConfigList = IdpMgtServiceComponentHolder.getInstance().getIdentityConnectorConfigList();
Map<String, IdentityProviderProperty> propertiesFromConnectors = new HashMap<>();
for (ConnectorConfig connectorConfig : connectorConfigList) {
String[] propertyNames = connectorConfig.getPropertyNames();
Properties defaultPropertyValues = connectorConfig.getDefaultPropertyValues(tenantDomain);
Map<String, String> displayNames = connectorConfig.getPropertyNameMapping();
for (String property : propertyNames) {
IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
identityProviderProperty.setName(property);
identityProviderProperty.setValue(defaultPropertyValues.getProperty(property));
identityProviderProperty.setDisplayName(displayNames.get(property));
propertiesFromConnectors.put(property, identityProviderProperty);
}
}
return propertiesFromConnectors;
}
use of org.wso2.carbon.identity.core.ConnectorException in project carbon-identity-framework by wso2.
the class IdPManagementDAO method filterConnectorProperties.
private List<IdentityProviderProperty> filterConnectorProperties(IdentityProviderProperty[] propertiesFromRequest, String tenantDomain) throws ConnectorException {
Map<String, IdentityProviderProperty> propertiesFromConnectors = getConnectorProperties(tenantDomain);
Map<String, IdentityProviderProperty> propertyMapFromRequest = Arrays.stream(propertiesFromRequest).collect(Collectors.toMap(IdentityProviderProperty::getName, property -> property));
for (Map.Entry<String, IdentityProviderProperty> entry : propertiesFromConnectors.entrySet()) {
IdentityProviderProperty propertyFromRequest = propertyMapFromRequest.get(entry.getKey());
if (propertyFromRequest != null && entry.getValue().getValue().equals(propertyFromRequest.getValue())) {
// If the value received from the update request is equal to the default value, remove the entry.
propertyMapFromRequest.remove(entry.getKey());
}
}
return new ArrayList<>(propertyMapFromRequest.values());
}
use of org.wso2.carbon.identity.core.ConnectorException in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getIdPByAuthenticatorPropertyValue.
/**
* @param dbConnection
* @param property Property which has a unique value like EntityID to specifically identify a IdentityProvider
* Unless it will return first matched IdentityProvider
* @param value
* @param tenantId
* @param tenantDomain
* @return
* @throws IdentityProviderManagementException
*/
public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
PreparedStatement prepStmt = null;
ResultSet rs = null;
IdentityProvider federatedIdp = null;
boolean dbConnectionInitialized = true;
if (dbConnection == null) {
dbConnection = IdentityDatabaseUtil.getDBConnection(false);
} else {
dbConnectionInitialized = false;
}
try {
// SP_IDP_ID, SP_IDP_NAME, SP_IDP_PRIMARY, SP_IDP_HOME_REALM_ID,SP_IDP_CERTIFICATE,
// SP_IDP_TOKEN_EP_ALIAS,
// SP_IDP_INBOUND_PROVISIONING_ENABLED,SP_IDP_INBOUND_PROVISIONING_USER_STORE_ID,
// SP_IDP_USER_CLAIM_URI,
// SP_IDP_ROLE_CLAIM_URI,SP_IDP_DEFAULT_AUTHENTICATOR_NAME,SP_IDP_DEFAULT_PRO_CONNECTOR_NAME
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_BY_AUTHENTICATOR_PROPERTY;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, property);
prepStmt.setString(2, value);
prepStmt.setInt(3, tenantId);
rs = prepStmt.executeQuery();
int idpId = -1;
String idPName = "";
if (rs.next()) {
federatedIdp = new IdentityProvider();
idpId = rs.getInt("ID");
idPName = rs.getString("NAME");
federatedIdp.setIdentityProviderName(idPName);
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(rs.getString("IS_PRIMARY"))) {
federatedIdp.setPrimary(true);
} else {
federatedIdp.setPrimary(false);
}
federatedIdp.setHomeRealmId(rs.getString("HOME_REALM_ID"));
federatedIdp.setCertificate(getBlobValue(rs.getBinaryStream("CERTIFICATE")));
federatedIdp.setAlias(rs.getString("ALIAS"));
JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("INBOUND_PROV_ENABLED"))) {
jitProConfig.setProvisioningEnabled(true);
} else {
jitProConfig.setProvisioningEnabled(false);
}
jitProConfig.setProvisioningUserStore(rs.getString("INBOUND_PROV_USER_STORE_ID"));
federatedIdp.setJustInTimeProvisioningConfig(jitProConfig);
String userClaimUri = rs.getString("USER_CLAIM_URI");
String roleClaimUri = rs.getString("ROLE_CLAIM_URI");
String defaultAuthenticatorName = rs.getString("DEFAULT_AUTHENTICATOR_NAME");
String defaultProvisioningConnectorConfigName = rs.getString("DEFAULT_PRO_CONNECTOR_NAME");
federatedIdp.setIdentityProviderDescription(rs.getString("DESCRIPTION"));
// IS_FEDERATION_HUB_IDP
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_FEDERATION_HUB"))) {
federatedIdp.setFederationHub(true);
} else {
federatedIdp.setFederationHub(false);
}
if (federatedIdp.getClaimConfig() == null) {
federatedIdp.setClaimConfig(new ClaimConfig());
}
// IS_LOCAL_CLAIM_DIALECT
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_LOCAL_CLAIM_DIALECT"))) {
federatedIdp.getClaimConfig().setLocalClaimDialect(true);
} else {
federatedIdp.getClaimConfig().setLocalClaimDialect(false);
}
federatedIdp.setProvisioningRole(rs.getString("PROVISIONING_ROLE"));
if (IdPManagementConstants.IS_TRUE_VALUE.equals(rs.getString("IS_ENABLED"))) {
federatedIdp.setEnable(true);
} else {
federatedIdp.setEnable(false);
}
federatedIdp.setDisplayName(rs.getString("DISPLAY_NAME"));
if (defaultAuthenticatorName != null) {
FederatedAuthenticatorConfig defaultAuthenticator = new FederatedAuthenticatorConfig();
defaultAuthenticator.setName(defaultAuthenticatorName);
federatedIdp.setDefaultAuthenticatorConfig(defaultAuthenticator);
}
if (defaultProvisioningConnectorConfigName != null) {
ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
defaultProConnector.setName(defaultProvisioningConnectorConfigName);
federatedIdp.setDefaultProvisioningConnectorConfig(defaultProConnector);
}
// get federated authenticators.
federatedIdp.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, federatedIdp, tenantId));
if (federatedIdp.getClaimConfig().isLocalClaimDialect()) {
federatedIdp.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
} else {
// get claim configuration.
federatedIdp.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
}
// get provisioning connectors.
federatedIdp.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
// get permission and role configuration.
federatedIdp.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
List<IdentityProviderProperty> propertyList = filterIdenityProperties(federatedIdp, getIdentityPropertiesByIdpId(dbConnection, Integer.parseInt(rs.getString("ID"))));
if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
propertyList = resolveConnectorProperties(propertyList, tenantDomain);
}
federatedIdp.setIdpProperties(propertyList.toArray(new IdentityProviderProperty[0]));
}
return federatedIdp;
} catch (SQLException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving Identity Provider " + "information for Authenticator Property : " + property + " and value : " + value, e);
} catch (ConnectorException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving the identity connector " + "configurations.", e);
} finally {
if (dbConnectionInitialized) {
IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
} else {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
}
Aggregations