Search in sources :

Example 1 with NotificationChannelManager

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.

the class UserSelfRegistrationManager method registerUser.

public NotificationResponseBean registerUser(User user, String password, Claim[] claims, Property[] properties) throws IdentityRecoveryException {
    publishEvent(user, claims, properties, IdentityEventConstants.Event.PRE_SELF_SIGNUP_REGISTER);
    String consent = getPropertyValue(properties, IdentityRecoveryConstants.Consent.CONSENT);
    String tenantDomain = user.getTenantDomain();
    if (StringUtils.isEmpty(tenantDomain)) {
        tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
    }
    // Callback URL validation
    String callbackURL = null;
    try {
        callbackURL = Utils.getCallbackURLFromRegistration(properties);
        if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain, IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
        }
    } catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException e) {
        throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
    }
    if (StringUtils.isBlank(user.getTenantDomain())) {
        user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        log.info("registerUser :Tenant domain is not in the request. set to default for user : " + user.getUserName());
    }
    if (StringUtils.isBlank(user.getUserStoreDomain())) {
        user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
        log.info("registerUser :User store domain is not in the request. set to default for user : " + user.getUserName());
    }
    boolean enable = Boolean.parseBoolean(Utils.getSignUpConfigs(IdentityRecoveryConstants.ConnectorConfig.ENABLE_SELF_SIGNUP, user.getTenantDomain()));
    if (!enable) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLE_SELF_SIGN_UP, user.getUserName());
    }
    NotificationResponseBean notificationResponseBean;
    try {
        RealmService realmService = IdentityRecoveryServiceDataHolder.getInstance().getRealmService();
        UserStoreManager userStoreManager;
        try {
            userStoreManager = realmService.getTenantUserRealm(IdentityTenantUtil.getTenantId(user.getTenantDomain())).getUserStoreManager();
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, user.getUserName(), e);
        }
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        carbonContext.setTenantId(IdentityTenantUtil.getTenantId(user.getTenantDomain()));
        carbonContext.setTenantDomain(user.getTenantDomain());
        Map<String, String> claimsMap = new HashMap<>();
        for (Claim claim : claims) {
            claimsMap.put(claim.getClaimUri(), claim.getValue());
        }
        // Set arbitrary properties to use in UserSelfRegistrationHandler
        Utils.setArbitraryProperties(properties);
        validateAndFilterFromReceipt(consent, claimsMap);
        // User preferred notification channel.
        String preferredChannel;
        try {
            // TODO It is required to add this role before tenant creation. And also, this role should not not be able remove.
            if (!userStoreManager.isExistingRole(IdentityRecoveryConstants.SELF_SIGNUP_ROLE)) {
                Permission permission = new Permission("/permission/admin/login", IdentityRecoveryConstants.EXECUTE_ACTION);
                userStoreManager.addRole(IdentityRecoveryConstants.SELF_SIGNUP_ROLE, null, new Permission[] { permission });
            }
            String[] userRoles = new String[] { IdentityRecoveryConstants.SELF_SIGNUP_ROLE };
            try {
                NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
                preferredChannel = notificationChannelManager.resolveCommunicationChannel(user.getUserName(), user.getTenantDomain(), user.getUserStoreDomain(), claimsMap);
            } catch (NotificationChannelManagerException e) {
                throw mapNotificationChannelManagerException(e, user);
            }
            // resolved channel is not empty.
            if (StringUtils.isEmpty(claimsMap.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM)) && StringUtils.isNotEmpty(preferredChannel)) {
                claimsMap.put(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM, preferredChannel);
            }
            userStoreManager.addUser(IdentityUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()), password, userRoles, claimsMap, null);
        } catch (UserStoreException e) {
            Throwable cause = e;
            while (cause != null) {
                if (cause instanceof PolicyViolationException) {
                    throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), cause.getMessage(), e);
                }
                cause = cause.getCause();
            }
            Utils.checkPasswordPatternViolation(e, user);
            return handleClientException(user, e);
        }
        addUserConsent(consent, tenantDomain);
        // Build the notification response.
        notificationResponseBean = buildNotificationResponseBean(user, preferredChannel, claimsMap);
    } finally {
        Utils.clearArbitraryProperties();
        PrivilegedCarbonContext.endTenantFlow();
    }
    publishEvent(user, claims, properties, IdentityEventConstants.Event.POST_SELF_SIGNUP_REGISTER);
    return notificationResponseBean;
}
Also used : MalformedURLException(java.net.MalformedURLException) NotificationChannelManager(org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager) NotificationChannelManagerException(org.wso2.carbon.identity.governance.exceptions.notiification.NotificationChannelManagerException) IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException) HashMap(java.util.HashMap) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) NotificationResponseBean(org.wso2.carbon.identity.recovery.bean.NotificationResponseBean) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) Permission(org.wso2.carbon.user.core.Permission) PolicyViolationException(org.wso2.carbon.identity.mgt.policy.PolicyViolationException) Claim(org.wso2.carbon.user.api.Claim) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)

Example 2 with NotificationChannelManager

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.

the class UserSelfRegistrationManager method registerLiteUser.

public NotificationResponseBean registerLiteUser(User user, Claim[] claims, Property[] properties) throws IdentityRecoveryException {
    String consent = getPropertyValue(properties, IdentityRecoveryConstants.Consent.CONSENT);
    String tenantDomain = user.getTenantDomain();
    if (StringUtils.isEmpty(tenantDomain)) {
        tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
    }
    // Callback URL validation
    String callbackURL = null;
    try {
        callbackURL = Utils.getCallbackURLFromRegistration(properties);
        if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain, IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
        }
    } catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException e) {
        throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
    }
    if (StringUtils.isBlank(user.getTenantDomain())) {
        user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        log.info("registerUser :Tenant domain is not in the request. set to default for user : " + user.getUserName());
    }
    if (StringUtils.isBlank(user.getUserStoreDomain())) {
        user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
        log.info("registerUser :User store domain is not in the request. set to default for user : " + user.getUserName());
    }
    boolean enable = Boolean.parseBoolean(Utils.getSignUpConfigs(IdentityRecoveryConstants.ConnectorConfig.ENABLE_LITE_SIGN_UP, user.getTenantDomain()));
    if (!enable) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLE_LITE_SIGN_UP, user.getUserName());
    }
    NotificationResponseBean notificationResponseBean;
    try {
        RealmService realmService = IdentityRecoveryServiceDataHolder.getInstance().getRealmService();
        UserStoreManager userStoreManager;
        try {
            userStoreManager = realmService.getTenantUserRealm(IdentityTenantUtil.getTenantId(user.getTenantDomain())).getUserStoreManager();
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, user.getUserName(), e);
        }
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        carbonContext.setTenantId(IdentityTenantUtil.getTenantId(user.getTenantDomain()));
        carbonContext.setTenantDomain(user.getTenantDomain());
        Map<String, String> claimsMap = new HashMap<>();
        for (Claim claim : claims) {
            claimsMap.put(claim.getClaimUri(), claim.getValue());
        }
        // Set lite user sign up claim to indicate the profile
        claimsMap.put(IdentityRecoveryConstants.LITE_USER_CLAIM, Boolean.TRUE.toString());
        // Set arbitrary properties to use in UserSelfRegistrationHandler
        Utils.setArbitraryProperties(properties);
        validateAndFilterFromReceipt(consent, claimsMap);
        // User preferred notification channel.
        String preferredChannel;
        try {
            String[] userRoles = new String[] {};
            try {
                NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
                preferredChannel = notificationChannelManager.resolveCommunicationChannel(user.getUserName(), user.getTenantDomain(), user.getUserStoreDomain(), claimsMap);
            } catch (NotificationChannelManagerException e) {
                throw mapNotificationChannelManagerException(e, user);
            }
            // resolved channel is not empty.
            if (StringUtils.isEmpty(claimsMap.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM)) && StringUtils.isNotEmpty(preferredChannel)) {
                claimsMap.put(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM, preferredChannel);
            }
            userStoreManager.addUser(IdentityUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()), Utils.generateRandomPassword(12), userRoles, claimsMap, null);
        } catch (UserStoreException e) {
            Throwable cause = e;
            while (cause != null) {
                if (cause instanceof PolicyViolationException) {
                    throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), cause.getMessage(), e);
                }
                cause = cause.getCause();
            }
            return handleClientException(user, e);
        }
        addUserConsent(consent, tenantDomain);
        // Build the notification response for lite user.
        notificationResponseBean = buildLiteNotificationResponseBean(user, preferredChannel, claimsMap);
    } finally {
        Utils.clearArbitraryProperties();
        PrivilegedCarbonContext.endTenantFlow();
    }
    return notificationResponseBean;
}
Also used : MalformedURLException(java.net.MalformedURLException) NotificationChannelManager(org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager) NotificationChannelManagerException(org.wso2.carbon.identity.governance.exceptions.notiification.NotificationChannelManagerException) IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException) HashMap(java.util.HashMap) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) NotificationResponseBean(org.wso2.carbon.identity.recovery.bean.NotificationResponseBean) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) PolicyViolationException(org.wso2.carbon.identity.mgt.policy.PolicyViolationException) Claim(org.wso2.carbon.user.api.Claim) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)

Example 3 with NotificationChannelManager

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.

the class LiteUserRegistrationHandler method resolveNotificationChannel.

/**
 * Resolve the preferred notification channel for the user.
 *
 * @param eventProperties Event properties
 * @param userName        Username
 * @param tenantDomain    Tenant domain of the user
 * @param domainName      Userstore domain name of the user
 * @return Resolved preferred notification channel
 * @throws IdentityEventException Error while resolving the notification channel
 */
private String resolveNotificationChannel(Map<String, Object> eventProperties, String userName, String tenantDomain, String domainName) throws IdentityEventException {
    // resolve using user preferred channel.
    if (!Boolean.parseBoolean(IdentityUtil.getProperty(IdentityMgtConstants.PropertyConfig.RESOLVE_NOTIFICATION_CHANNELS))) {
        return IdentityGovernanceUtil.getDefaultNotificationChannel();
    }
    // Get the user preferred notification channel.
    String preferredChannel = (String) eventProperties.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
    // Resolve preferred notification channel.
    if (StringUtils.isEmpty(preferredChannel)) {
        NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
        try {
            preferredChannel = notificationChannelManager.resolveCommunicationChannel(userName, tenantDomain, domainName);
        } catch (NotificationChannelManagerException e) {
            handledNotificationChannelManagerException(e, userName, domainName, tenantDomain);
        }
    }
    if (log.isDebugEnabled()) {
        String message = String.format("Notification channel : %1$s for the user : %2$s in domain : %3$s.", preferredChannel, domainName + CarbonConstants.DOMAIN_SEPARATOR + userName, tenantDomain);
        log.debug(message);
    }
    return preferredChannel;
}
Also used : NotificationChannelManager(org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager) NotificationChannelManagerException(org.wso2.carbon.identity.governance.exceptions.notiification.NotificationChannelManagerException)

Example 4 with NotificationChannelManager

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager in project identity-governance by wso2-extensions.

the class UserSelfRegistrationHandler method resolveNotificationChannel.

/**
 * Resolve the preferred notification channel for the user.
 *
 * @param eventProperties Event properties
 * @param userName        Username
 * @param tenantDomain    Tenant domain of the user
 * @param domainName      Userstore domain name of the user
 * @return Resolved preferred notification channel
 * @throws IdentityEventException Error while resolving the notification channel
 */
private String resolveNotificationChannel(Map<String, Object> eventProperties, String userName, String tenantDomain, String domainName) throws IdentityEventException {
    // resolve using user preferred channel.
    if (!Boolean.parseBoolean(IdentityUtil.getProperty(IdentityMgtConstants.PropertyConfig.RESOLVE_NOTIFICATION_CHANNELS))) {
        return IdentityGovernanceUtil.getDefaultNotificationChannel();
    }
    // Get the user preferred notification channel.
    String preferredChannel = (String) eventProperties.get(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
    // Resolve preferred notification channel.
    if (StringUtils.isEmpty(preferredChannel)) {
        NotificationChannelManager notificationChannelManager = Utils.getNotificationChannelManager();
        try {
            preferredChannel = notificationChannelManager.resolveCommunicationChannel(userName, tenantDomain, domainName);
        } catch (NotificationChannelManagerException e) {
            handledNotificationChannelManagerException(e, userName, domainName, tenantDomain);
        }
    }
    if (log.isDebugEnabled()) {
        String message = String.format("Notification channel : %1$s for the user : %2$s in domain : %3$s.", preferredChannel, domainName + CarbonConstants.DOMAIN_SEPARATOR + userName, tenantDomain);
        log.debug(message);
    }
    return preferredChannel;
}
Also used : NotificationChannelManager(org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager) NotificationChannelManagerException(org.wso2.carbon.identity.governance.exceptions.notiification.NotificationChannelManagerException)

Aggregations

NotificationChannelManagerException (org.wso2.carbon.identity.governance.exceptions.notiification.NotificationChannelManagerException)4 NotificationChannelManager (org.wso2.carbon.identity.governance.service.notification.NotificationChannelManager)4 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 MalformedURLException (java.net.MalformedURLException)2 HashMap (java.util.HashMap)2 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)2 IdentityEventException (org.wso2.carbon.identity.event.IdentityEventException)2 PolicyViolationException (org.wso2.carbon.identity.mgt.policy.PolicyViolationException)2 IdentityRecoveryClientException (org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)2 NotificationResponseBean (org.wso2.carbon.identity.recovery.bean.NotificationResponseBean)2 Claim (org.wso2.carbon.user.api.Claim)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)2 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)2 RealmService (org.wso2.carbon.user.core.service.RealmService)2 Permission (org.wso2.carbon.user.core.Permission)1