use of org.wso2.carbon.identity.oauth.scope.endpoint.dto.ScopeDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class OpenIDConnectClaimFilterImplTest method testGetClaimsFilteredByUserConsent.
@Test
public void testGetClaimsFilteredByUserConsent() throws Exception {
claims = getClaims();
AuthenticatedUser user = getDefaultAuthenticatedLocalUser();
when(ssoConsentService.isSSOConsentManagementEnabled(any())).thenReturn(true);
Map<String, Object> claimFilter = openIDConnectClaimFilter.getClaimsFilteredByUserConsent(claims, user, CLIENT_ID, SP_TENANT_DOMAIN);
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI")).getName(), "email");
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI")).getDescription(), "emailDescription");
Assert.assertNull(claimFilter.get("testUserClaimURI2"));
}
use of org.wso2.carbon.identity.oauth.scope.endpoint.dto.ScopeDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class OpenIDConnectClaimFilterImplTest method testGetClaimsFilteredByUserConsentWithManagementServiceDisabled.
@Test
public void testGetClaimsFilteredByUserConsentWithManagementServiceDisabled() throws Exception {
claims = getClaims();
AuthenticatedUser user = getDefaultAuthenticatedLocalUser();
when(ssoConsentService.isSSOConsentManagementEnabled(any())).thenReturn(false);
Map<String, Object> claimFilter = openIDConnectClaimFilter.getClaimsFilteredByUserConsent(claims, user, CLIENT_ID, SP_TENANT_DOMAIN);
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI")).getName(), "email");
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI")).getDescription(), "emailDescription");
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI2")).getName(), "address");
Assert.assertEquals(((ScopeDTO) claimFilter.get("testUserClaimURI2")).getDescription(), "addressDescription");
}
use of org.wso2.carbon.identity.oauth.scope.endpoint.dto.ScopeDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class ScopeClaimMappingDAOImpl method getScopes.
@Override
public List<ScopeDTO> getScopes(int tenantId) throws IdentityOAuth2Exception {
String sql = SQLQueries.GET_IDN_OIDC_SCOPES_CLAIMS;
JdbcTemplate jdbcTemplate = JdbcUtils.getNewTemplate();
List<ScopeDTO> oidcScopeClaimList;
try {
Map<String, ScopeDTO> scopeClaimMap = new HashMap<>();
jdbcTemplate.executeQuery(sql, (RowMapper<ScopeDTO>) (resultSet, i) -> {
String scope = resultSet.getString(1);
if (!scopeClaimMap.containsKey(scope)) {
ScopeDTO tempScopeDTO = new ScopeDTO(scope, resultSet.getString(2), resultSet.getString(3), new String[] {});
if (resultSet.getString(4) != null) {
tempScopeDTO.setClaim(new String[] { resultSet.getString(4) });
}
scopeClaimMap.put(scope, tempScopeDTO);
} else {
if (resultSet.getString(4) != null) {
ScopeDTO tempScope = scopeClaimMap.get(scope);
tempScope.addNewClaimToExistingClaims(resultSet.getString(4));
scopeClaimMap.replace(scope, tempScope);
}
}
return null;
}, preparedStatement -> {
preparedStatement.setInt(1, tenantId);
preparedStatement.setString(2, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
preparedStatement.setInt(3, tenantId);
preparedStatement.setInt(4, tenantId);
preparedStatement.setString(5, OIDC_DIALECT_URI);
});
oidcScopeClaimList = new ArrayList<ScopeDTO>(scopeClaimMap.values());
} catch (DataAccessException e) {
String errorMessage = "Error occured while loading scopes claims mapping.";
throw new IdentityOAuth2Exception(errorMessage, e);
}
return oidcScopeClaimList;
}
use of org.wso2.carbon.identity.oauth.scope.endpoint.dto.ScopeDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class ScopeClaimMappingDAOImpl method addScopes.
@Override
public void addScopes(int tenantId, List<ScopeDTO> scopeClaimsList) throws IdentityOAuth2Exception {
JdbcTemplate jdbcTemplate = JdbcUtils.getNewTemplate();
scopeClaimsList.forEach(rethrowConsumer(scopeDTO -> {
String scope = scopeDTO.getName();
String[] claims = scopeDTO.getClaim();
// name is exist will throw conflict error.
if (!isScopeExist(scope, tenantId, true)) {
try {
int scopeClaimMappingId = jdbcTemplate.executeInsert(SQLQueries.STORE_IDN_OAUTH2_SCOPE, (preparedStatement -> {
preparedStatement.setString(1, scope);
preparedStatement.setString(2, scopeDTO.getDisplayName());
preparedStatement.setString(3, scopeDTO.getDescription());
preparedStatement.setInt(4, tenantId);
preparedStatement.setString(5, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
}), null, true, Oauth2ScopeConstants.SCOPE_ID);
if (scopeClaimMappingId > 0 && ArrayUtils.isNotEmpty(claims)) {
Set<String> claimsSet = new HashSet<>(Arrays.asList(claims));
insertClaims(tenantId, scopeClaimMappingId, claimsSet);
}
if (log.isDebugEnabled() && ArrayUtils.isNotEmpty(claims)) {
log.debug("The scope: " + scope + " and the claims: " + Arrays.asList(claims) + "are " + "successfully inserted for the tenant: " + tenantId);
}
} catch (DataAccessException e) {
if (e.getCause() instanceof SQLIntegrityConstraintViolationException) {
int scopeClaimMappingId = getScopeId(scope, tenantId);
if (scopeClaimMappingId > 0) {
log.warn("Scope " + scope + " already exist in tenant " + tenantId + " , hence ignoring");
return;
}
} else {
String errorMessage = "Error while persisting new claims for the scope for the tenant: " + tenantId;
throw new IdentityOAuth2Exception(errorMessage, e);
}
}
} else {
log.warn(String.format("Scope %s already exist in tenant %s.", scope, tenantId));
throw new IdentityOAuth2ClientException(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getCode(), String.format(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getMessage(), scope));
}
}));
}
use of org.wso2.carbon.identity.oauth.scope.endpoint.dto.ScopeDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class ScopeClaimMappingDAOImpl method addScope.
/**
* To add OIDC scope for a specific tenant.
*
* @param scope Scope.
* @param tenantId Tenant Id.
* @throws IdentityOAuth2Exception If an error occurs when adding a scope.
*/
@Override
public void addScope(ScopeDTO scope, int tenantId) throws IdentityOAuth2Exception {
// name is exist will throw conflict error.
if (!isScopeExist(scope.getName(), tenantId, true)) {
JdbcTemplate jdbcTemplate = JdbcUtils.getNewTemplate();
try {
int scopeClaimMappingId = jdbcTemplate.executeInsert(SQLQueries.STORE_IDN_OAUTH2_SCOPE, (preparedStatement -> {
preparedStatement.setString(1, scope.getName());
preparedStatement.setString(2, scope.getDisplayName());
preparedStatement.setString(3, scope.getDescription());
preparedStatement.setInt(4, tenantId);
preparedStatement.setString(5, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
}), null, true, Oauth2ScopeConstants.SCOPE_ID);
if (scopeClaimMappingId > 0 && ArrayUtils.isNotEmpty(scope.getClaim())) {
Set<String> claimsSet = new HashSet<>(Arrays.asList(scope.getClaim()));
insertClaims(tenantId, scopeClaimMappingId, claimsSet);
}
if (log.isDebugEnabled() && ArrayUtils.isNotEmpty(scope.getClaim())) {
log.debug(String.format("The scope %s and the claims %s are successfully inserted for the tenant:" + " %s", scope.getName(), Arrays.asList(scope.getClaim()), tenantId));
}
} catch (DataAccessException e) {
String errorMessage = "Error while persisting scopes for the tenant: " + tenantId;
throw new IdentityOAuth2Exception(errorMessage, e);
}
} else {
log.warn(String.format("Scope %s already exist in tenant %s.", scope.getName(), tenantId));
throw new IdentityOAuth2ClientException(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getCode(), String.format(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getMessage(), scope.getName()));
}
}
Aggregations