use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.
the class UserSelfRegistrationManager method registerUser.
public NotificationResponseBean registerUser(User user, String password, Claim[] claims, Property[] properties) throws IdentityRecoveryException {
publishEvent(user, claims, properties, IdentityEventConstants.Event.PRE_SELF_SIGNUP_REGISTER);
String consent = getPropertyValue(properties, IdentityRecoveryConstants.Consent.CONSENT);
String tenantDomain = user.getTenantDomain();
if (StringUtils.isEmpty(tenantDomain)) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
// Callback URL validation
String callbackURL = null;
try {
callbackURL = Utils.getCallbackURLFromRegistration(properties);
if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain, IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
}
} catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
}
if (StringUtils.isBlank(user.getTenantDomain())) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
log.info("registerUser :Tenant domain is not in the request. set to default for user : " + user.getUserName());
}
if (StringUtils.isBlank(user.getUserStoreDomain())) {
user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
log.info("registerUser :User store domain is not in the request. set to default for user : " + user.getUserName());
}
boolean enable = Boolean.parseBoolean(Utils.getSignUpConfigs(IdentityRecoveryConstants.ConnectorConfig.ENABLE_SELF_SIGNUP, user.getTenantDomain()));
if (!enable) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLE_SELF_SIGN_UP, user.getUserName());
}
NotificationResponseBean notificationResponseBean;
try {
RealmService realmService = IdentityRecoveryServiceDataHolder.getInstance().getRealmService();
UserStoreManager userStoreManager;
try {
userStoreManager = realmService.getTenantUserRealm(IdentityTenantUtil.getTenantId(user.getTenantDomain())).getUserStoreManager();
} catch (UserStoreException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, user.getUserName(), e);
}
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(IdentityTenantUtil.getTenantId(user.getTenantDomain()));
carbonContext.setTenantDomain(user.getTenantDomain());
Map<String, String> claimsMap = new HashMap<>();
for (Claim claim : claims) {
claimsMap.put(claim.getClaimUri(), claim.getValue());
}
// Set arbitrary properties to use in UserSelfRegistrationHandler
Utils.setArbitraryProperties(properties);
validateAndFilterFromReceipt(consent, claimsMap);
// User preferred notification channel.
String preferredChannel;
try {
// TODO It is required to add this role before tenant creation. And also, this role should not not be able remove.
if (!userStoreManager.isExistingRole(IdentityRecoveryConstants.SELF_SIGNUP_ROLE)) {
Permission permission = new Permission("/permission/admin/login", IdentityRecoveryConstants.EXECUTE_ACTION);
userStoreManager.addRole(IdentityRecoveryConstants.SELF_SIGNUP_ROLE, null, new Permission[] { permission });
}
String[] userRoles = new String[] { IdentityRecoveryConstants.SELF_SIGNUP_ROLE };
try {
NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
preferredChannel = notificationChannelManager.resolveCommunicationChannel(user.getUserName(), user.getTenantDomain(), user.getUserStoreDomain(), claimsMap);
} catch (NotificationChannelManagerException e) {
throw mapNotificationChannelManagerException(e, user);
}
// resolved channel is not empty.
if (StringUtils.isEmpty(claimsMap.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM)) && StringUtils.isNotEmpty(preferredChannel)) {
claimsMap.put(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM, preferredChannel);
}
userStoreManager.addUser(IdentityUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()), password, userRoles, claimsMap, null);
} catch (UserStoreException e) {
Throwable cause = e;
while (cause != null) {
if (cause instanceof PolicyViolationException) {
throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), cause.getMessage(), e);
}
cause = cause.getCause();
}
Utils.checkPasswordPatternViolation(e, user);
return handleClientException(user, e);
}
addUserConsent(consent, tenantDomain);
// Build the notification response.
notificationResponseBean = buildNotificationResponseBean(user, preferredChannel, claimsMap);
} finally {
Utils.clearArbitraryProperties();
PrivilegedCarbonContext.endTenantFlow();
}
publishEvent(user, claims, properties, IdentityEventConstants.Event.POST_SELF_SIGNUP_REGISTER);
return notificationResponseBean;
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.
the class UserSelfRegistrationManager method registerLiteUser.
public NotificationResponseBean registerLiteUser(User user, Claim[] claims, Property[] properties) throws IdentityRecoveryException {
String consent = getPropertyValue(properties, IdentityRecoveryConstants.Consent.CONSENT);
String tenantDomain = user.getTenantDomain();
if (StringUtils.isEmpty(tenantDomain)) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
// Callback URL validation
String callbackURL = null;
try {
callbackURL = Utils.getCallbackURLFromRegistration(properties);
if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain, IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
}
} catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
}
if (StringUtils.isBlank(user.getTenantDomain())) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
log.info("registerUser :Tenant domain is not in the request. set to default for user : " + user.getUserName());
}
if (StringUtils.isBlank(user.getUserStoreDomain())) {
user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
log.info("registerUser :User store domain is not in the request. set to default for user : " + user.getUserName());
}
boolean enable = Boolean.parseBoolean(Utils.getSignUpConfigs(IdentityRecoveryConstants.ConnectorConfig.ENABLE_LITE_SIGN_UP, user.getTenantDomain()));
if (!enable) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLE_LITE_SIGN_UP, user.getUserName());
}
NotificationResponseBean notificationResponseBean;
try {
RealmService realmService = IdentityRecoveryServiceDataHolder.getInstance().getRealmService();
UserStoreManager userStoreManager;
try {
userStoreManager = realmService.getTenantUserRealm(IdentityTenantUtil.getTenantId(user.getTenantDomain())).getUserStoreManager();
} catch (UserStoreException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, user.getUserName(), e);
}
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(IdentityTenantUtil.getTenantId(user.getTenantDomain()));
carbonContext.setTenantDomain(user.getTenantDomain());
Map<String, String> claimsMap = new HashMap<>();
for (Claim claim : claims) {
claimsMap.put(claim.getClaimUri(), claim.getValue());
}
// Set lite user sign up claim to indicate the profile
claimsMap.put(IdentityRecoveryConstants.LITE_USER_CLAIM, Boolean.TRUE.toString());
// Set arbitrary properties to use in UserSelfRegistrationHandler
Utils.setArbitraryProperties(properties);
validateAndFilterFromReceipt(consent, claimsMap);
// User preferred notification channel.
String preferredChannel;
try {
String[] userRoles = new String[] {};
try {
NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
preferredChannel = notificationChannelManager.resolveCommunicationChannel(user.getUserName(), user.getTenantDomain(), user.getUserStoreDomain(), claimsMap);
} catch (NotificationChannelManagerException e) {
throw mapNotificationChannelManagerException(e, user);
}
// resolved channel is not empty.
if (StringUtils.isEmpty(claimsMap.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM)) && StringUtils.isNotEmpty(preferredChannel)) {
claimsMap.put(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM, preferredChannel);
}
userStoreManager.addUser(IdentityUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()), Utils.generateRandomPassword(12), userRoles, claimsMap, null);
} catch (UserStoreException e) {
Throwable cause = e;
while (cause != null) {
if (cause instanceof PolicyViolationException) {
throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), cause.getMessage(), e);
}
cause = cause.getCause();
}
return handleClientException(user, e);
}
addUserConsent(consent, tenantDomain);
// Build the notification response for lite user.
notificationResponseBean = buildLiteNotificationResponseBean(user, preferredChannel, claimsMap);
} finally {
Utils.clearArbitraryProperties();
PrivilegedCarbonContext.endTenantFlow();
}
return notificationResponseBean;
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.
the class LiteUserRegistrationHandler method resolveNotificationChannel.
/**
* Resolve the preferred notification channel for the user.
*
* @param eventProperties Event properties
* @param userName Username
* @param tenantDomain Tenant domain of the user
* @param domainName Userstore domain name of the user
* @return Resolved preferred notification channel
* @throws IdentityEventException Error while resolving the notification channel
*/
private String resolveNotificationChannel(Map<String, Object> eventProperties, String userName, String tenantDomain, String domainName) throws IdentityEventException {
// resolve using user preferred channel.
if (!Boolean.parseBoolean(IdentityUtil.getProperty(IdentityMgtConstants.PropertyConfig.RESOLVE_NOTIFICATION_CHANNELS))) {
return IdentityGovernanceUtil.getDefaultNotificationChannel();
}
// Get the user preferred notification channel.
String preferredChannel = (String) eventProperties.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
// Resolve preferred notification channel.
if (StringUtils.isEmpty(preferredChannel)) {
NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
try {
preferredChannel = notificationChannelManager.resolveCommunicationChannel(userName, tenantDomain, domainName);
} catch (NotificationChannelManagerException e) {
handledNotificationChannelManagerException(e, userName, domainName, tenantDomain);
}
}
if (log.isDebugEnabled()) {
String message = String.format("Notification channel : %1$s for the user : %2$s in domain : %3$s.", preferredChannel, domainName + CarbonConstants.DOMAIN_SEPARATOR + userName, tenantDomain);
log.debug(message);
}
return preferredChannel;
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.
the class UserSelfRegistrationHandler method resolveNotificationChannel.
/**
* Resolve the preferred notification channel for the user.
*
* @param eventProperties Event properties
* @param userName Username
* @param tenantDomain Tenant domain of the user
* @param domainName Userstore domain name of the user
* @return Resolved preferred notification channel
* @throws IdentityEventException Error while resolving the notification channel
*/
private String resolveNotificationChannel(Map<String, Object> eventProperties, String userName, String tenantDomain, String domainName) throws IdentityEventException {
// resolve using user preferred channel.
if (!Boolean.parseBoolean(IdentityUtil.getProperty(IdentityMgtConstants.PropertyConfig.RESOLVE_NOTIFICATION_CHANNELS))) {
return IdentityGovernanceUtil.getDefaultNotificationChannel();
}
// Get the user preferred notification channel.
String preferredChannel = (String) eventProperties.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
// Resolve preferred notification channel.
if (StringUtils.isEmpty(preferredChannel)) {
NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
try {
preferredChannel = notificationChannelManager.resolveCommunicationChannel(userName, tenantDomain, domainName);
} catch (NotificationChannelManagerException e) {
handledNotificationChannelManagerException(e, userName, domainName, tenantDomain);
}
}
if (log.isDebugEnabled()) {
String message = String.format("Notification channel : %1$s for the user : %2$s in domain : %3$s.", preferredChannel, domainName + CarbonConstants.DOMAIN_SEPARATOR + userName, tenantDomain);
log.debug(message);
}
return preferredChannel;
}
Aggregations