Search in sources :

Example 1 with UserStoreBasedIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore in project carbon-identity-framework by wso2.

the class UserStoreBasedIdentityDataStore method store.

/**
 * This method stores data in the read write user stores.
 */
@Override
public void store(UserIdentityClaimsDO userIdentityDTO, UserStoreManager userStoreManager) throws IdentityException {
    UserIdentityClaimsDO newIdentityClaimDO = new UserIdentityClaimsDO(userIdentityDTO.getUserName(), userIdentityDTO.getUserDataMap());
    int tenantId;
    try {
        tenantId = userStoreManager.getTenantId();
    } catch (UserStoreException e) {
        throw IdentityException.error("Error while getting tenant Id.", e);
    }
    newIdentityClaimDO.setTenantId(tenantId);
    super.store(newIdentityClaimDO, userStoreManager);
    if (userIdentityDTO.getUserName() == null) {
        log.error("Error while persisting user data.  Null user name is provided.");
        return;
    }
    String username = UserCoreUtil.removeDomainFromName(userIdentityDTO.getUserName());
    try {
        // store then log a warn.
        if (!userStoreManager.isReadOnly()) {
            // Need to clone the map. If not iterative calls will refer the same map
            setUserClaimsValuesInUserStore(userStoreManager, username, new HashMap<>(userIdentityDTO.getUserDataMap()), null);
        } else {
            // If the user store is read only and still uses UserStoreBasedIdentityDataStore, then log a warn
            log.warn("User store is read only. Changes to identities are only stored in memory, " + "and not updated in user store.");
            return;
        }
    } catch (UserStoreException e) {
        if (!e.getMessage().startsWith(IdentityCoreConstants.USER_NOT_FOUND)) {
            throw IdentityException.error("Error while persisting identity user data in to user store", e);
        } else if (log.isDebugEnabled()) {
            String message = null;
            if (userStoreManager instanceof AbstractUserStoreManager) {
                String domain = ((AbstractUserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
                if (domain != null) {
                    message = "User: " + username + " does not exist in " + domain;
                }
            }
            if (message == null) {
                message = "User: " + username + " does not exist";
            }
            log.debug(message);
            return;
        }
    }
}
Also used : UserStoreException(org.wso2.carbon.user.api.UserStoreException) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) UserIdentityClaimsDO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)

Example 2 with UserStoreBasedIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore in project identity-governance by wso2-extensions.

the class UserStoreBasedIdentityDataStore method store.

/**
 * This method stores data in the read write user stores.
 */
@Override
public void store(UserIdentityClaim userIdentityDTO, UserStoreManager userStoreManager) throws IdentityException {
    UserIdentityClaim newIdentityClaimDO = new UserIdentityClaim(userIdentityDTO.getUserName(), userIdentityDTO.getUserIdentityDataMap());
    super.store(newIdentityClaimDO, userStoreManager);
    if (userIdentityDTO.getUserName() == null) {
        log.error("Error while persisting user data.  Null user name is provided.");
        return;
    }
    String username = UserCoreUtil.removeDomainFromName(userIdentityDTO.getUserName());
    try {
        // store then log a warn.
        if (!userStoreManager.isReadOnly()) {
            // Need to clone the map. If not iterative calls will refer the same map
            userStoreManager.setUserClaimValues(username, new HashMap<String, String>(userIdentityDTO.getUserIdentityDataMap()), null);
        } else {
            // If the user store is read only and still uses UserStoreBasedIdentityDataStore, then log a warn
            log.warn("User store is read only. Changes to identities are only stored in memory, " + "and not updated in user store.");
            return;
        }
    } catch (UserStoreException e) {
        if (!e.getMessage().startsWith(IdentityCoreConstants.USER_NOT_FOUND)) {
            throw IdentityException.error("Error while persisting identity user data in to user store", e);
        } else if (log.isDebugEnabled()) {
            String message = null;
            if (userStoreManager instanceof AbstractUserStoreManager) {
                String domain = ((AbstractUserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
                if (domain != null) {
                    message = "User: " + username + " does not exist in " + domain;
                }
            }
            if (message == null) {
                message = "User: " + username + " does not exist";
            }
            log.debug(message);
            return;
        }
    }
}
Also used : UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserIdentityClaim(org.wso2.carbon.identity.governance.model.UserIdentityClaim) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager)

Example 3 with UserStoreBasedIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListener method doPreAddUser.

/**
 * In this method we temporarily hold the Identity Claim data related to the user being added by storing it in a
 * thread local. Upon successful addition of the user these claims will be persisted to the IdentityDataStore.
 *
 * @param userName
 * @param credential
 * @param roleList
 * @param claims
 * @param profile
 * @param userStoreManager
 * @return
 * @throws UserStoreException
 */
@Override
public boolean doPreAddUser(String userName, Object credential, String[] roleList, Map<String, String> claims, String profile, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    if (log.isDebugEnabled()) {
        log.debug("doPreAddUser executed in the IdentityStoreEventListener for user: " + userName);
    }
    // clear the existing thread local
    IdentityUtil.threadLocalProperties.get().remove(USER_IDENTITY_CLAIMS);
    Map<String, String> userDataMap = new HashMap<>();
    Iterator<Map.Entry<String, String>> it = claims.entrySet().iterator();
    while (it.hasNext()) {
        Map.Entry<String, String> claim = it.next();
        if (claim.getKey().contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI) && !(identityDataStore instanceof UserStoreBasedIdentityDataStore)) {
            // add the identity claim to temp map
            userDataMap.put(claim.getKey(), claim.getValue());
            // before the user is successfully added
            if (log.isDebugEnabled()) {
                log.debug(claim.getKey() + " claim added to thread local for user: " + userName + " in preUserAdd");
            }
            it.remove();
        }
    }
    UserIdentityClaim userIdentityClaim = new UserIdentityClaim(userName, userDataMap);
    userIdentityClaim.setTenantId(userStoreManager.getTenantId());
    // Add the identity claims to to thread local, these claims will be stored to the identityDataStore to the
    // in the PostAddUser method
    IdentityUtil.threadLocalProperties.get().put(USER_IDENTITY_CLAIMS, userIdentityClaim);
    return true;
}
Also used : UserClaimSearchEntry(org.wso2.carbon.user.core.model.UserClaimSearchEntry) HashMap(java.util.HashMap) UserIdentityClaim(org.wso2.carbon.identity.governance.model.UserIdentityClaim) UserStoreBasedIdentityDataStore(org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore) HashMap(java.util.HashMap) Map(java.util.Map)

Example 4 with UserStoreBasedIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListener method doPreGetUserList.

/**
 * Filter users that match the identity claims specified in the filter condition.
 *
 * @param condition            Condition to be considered for filtering.
 * @param filteredUserNameList Username list to be updated and returned.
 * @param userStoreManager     UserStoreManager.
 * @param domain               User store domain.
 * @return
 * @throws UserStoreException
 */
@Override
public boolean doPreGetUserList(Condition condition, List<String> filteredUserNameList, UserStoreManager userStoreManager, String domain) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    // No need to separately handle if identity data store is user store based.
    if (identityDataStore instanceof UserStoreBasedIdentityDataStore) {
        return true;
    }
    MutableBoolean isFirstClaimFilter = new MutableBoolean(true);
    filterUsers(condition, userStoreManager, domain, filteredUserNameList, isFirstClaimFilter);
    return true;
}
Also used : MutableBoolean(org.apache.commons.lang.mutable.MutableBoolean) UserStoreBasedIdentityDataStore(org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore)

Example 5 with UserStoreBasedIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListener method storeInIdentityDataStore.

/**
 * Store identity claims in the IdentityDataStore
 *
 * @param userName
 * @param userStoreManager
 * @param operationType
 * @param claims
 * @return
 * @throws UserStoreException
 */
private boolean storeInIdentityDataStore(String userName, UserStoreManager userStoreManager, String operationType, Map<String, String> claims) throws UserStoreException {
    // No need to separately handle if data identityDataStore is user store based
    if (identityDataStore instanceof UserStoreBasedIdentityDataStore) {
        return true;
    }
    // Top level try and finally blocks are used to unset thread local variables
    try {
        if (!IdentityUtil.threadLocalProperties.get().containsKey(operationType)) {
            IdentityUtil.threadLocalProperties.get().put(operationType, true);
            UserIdentityClaim userIdentityClaim = null;
            if (!StringUtils.equalsIgnoreCase(operationType, PRE_USER_ADD_CLAIM_VALUES)) {
                // we avoid loading claims for pre user add operations
                userIdentityClaim = identityDataStore.load(userName, userStoreManager);
            }
            if (userIdentityClaim == null) {
                userIdentityClaim = new UserIdentityClaim(userName);
            }
            Iterator<Map.Entry<String, String>> it = claims.entrySet().iterator();
            while (it.hasNext()) {
                Map.Entry<String, String> claim = it.next();
                String key = claim.getKey();
                String value = claim.getValue();
                if (key.contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI)) {
                    userIdentityClaim.setUserIdentityDataClaim(key, value);
                    it.remove();
                }
            }
            // storing the identity claims and challenge questions
            try {
                identityDataStore.store(userIdentityClaim, userStoreManager);
            } catch (IdentityException e) {
                throw new UserStoreException("Error while saving user identityDataStore data for user : " + userName, e);
            }
        }
        return true;
    } finally {
        // Remove thread local variable
        IdentityUtil.threadLocalProperties.get().remove(operationType);
    }
}
Also used : UserClaimSearchEntry(org.wso2.carbon.user.core.model.UserClaimSearchEntry) UserStoreException(org.wso2.carbon.user.core.UserStoreException) UserIdentityClaim(org.wso2.carbon.identity.governance.model.UserIdentityClaim) UserStoreBasedIdentityDataStore(org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore) IdentityException(org.wso2.carbon.identity.base.IdentityException) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

UserIdentityClaim (org.wso2.carbon.identity.governance.model.UserIdentityClaim)5 UserStoreBasedIdentityDataStore (org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore)5 UserClaimSearchEntry (org.wso2.carbon.user.core.model.UserClaimSearchEntry)3 HashMap (java.util.HashMap)2 Map (java.util.Map)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)2 MutableBoolean (org.apache.commons.lang.mutable.MutableBoolean)1 IdentityException (org.wso2.carbon.identity.base.IdentityException)1 UserIdentityClaimsDO (org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)1 UserStoreException (org.wso2.carbon.user.core.UserStoreException)1 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)1