Search in sources :

Example 11 with RequestedClaim

use of org.wso2.carbon.identity.openidconnect.model.RequestedClaim in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectService method getRequestedClaimsbySessionDataKey.

/**
 * To invoke the RequestObjectPersistenceFactory to retrieve request object.
 *
 * @param sessionDataKey sessionDataKey
 * @param isUserInfo isUserInfo
 * @return list of claims which have marked as essential in the request object.
 * @throws RequestObjectException
 */
private List<RequestedClaim> getRequestedClaimsbySessionDataKey(String sessionDataKey, boolean isUserInfo) throws RequestObjectException {
    boolean isRequestObjectEnabled = OAuthServerConfiguration.getInstance().isRequestObjectEnabled();
    if (!isRequestObjectEnabled) {
        log.debug("Request Object Flow is disabled, hence dropping the event");
        return Collections.emptyList();
    }
    List<RequestedClaim> essentialClaims;
    if (log.isDebugEnabled()) {
        log.debug("Invoking the RequestObjectPersistenceFactory to retrieve essential claims list " + "by using session data key:" + sessionDataKey + ", isUserInfo: " + isUserInfo);
    }
    try {
        essentialClaims = OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().getRequestedClaimsbySessionDataKey(sessionDataKey, isUserInfo);
    } catch (IdentityOAuth2Exception e) {
        throw new RequestObjectException(e.getMessage());
    }
    return essentialClaims;
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim)

Example 12 with RequestedClaim

use of org.wso2.carbon.identity.openidconnect.model.RequestedClaim in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectDAOImpl method insertRequestObjectClaims.

private void insertRequestObjectClaims(int requestObjectId, List<List<RequestedClaim>> claims, Connection connection) throws IdentityOAuth2Exception {
    PreparedStatement prepStmt = null;
    Map<Integer, List<String>> claimValues = new HashMap<>();
    try {
        String sqlStmt = isH2DB() ? SQLQueries.STORE_IDN_OIDC_REQ_OBJECT_CLAIMS_H2 : SQLQueries.STORE_IDN_OIDC_REQ_OBJECT_CLAIMS;
        connection.setAutoCommit(false);
        String dbProductName = connection.getMetaData().getDatabaseProductName();
        prepStmt = connection.prepareStatement(sqlStmt, new String[] { DBUtils.getConvertedAutoGeneratedColumnName(dbProductName, ID) });
        for (List<RequestedClaim> list : claims) {
            if (CollectionUtils.isNotEmpty(list)) {
                for (RequestedClaim claim : list) {
                    prepStmt.setInt(1, requestObjectId);
                    prepStmt.setString(2, claim.getName());
                    prepStmt.setString(3, claim.isEssential() ? "1" : "0");
                    prepStmt.setString(4, claim.getValue());
                    if (OIDCConstants.USERINFO.equals(claim.getType())) {
                        prepStmt.setString(5, "1");
                    } else if (OIDCConstants.ID_TOKEN.equals(claim.getType())) {
                        prepStmt.setString(5, "0");
                    }
                    prepStmt.addBatch();
                    if (log.isDebugEnabled()) {
                        log.debug("Claim :" + claim.getName() + "is added to the batch against :" + claim.getType());
                    }
                }
            }
            prepStmt.executeBatch();
        }
        Map<Integer, String> insertedRequestObjectClaims = getInsertedRequestObjectClaims(connection, requestObjectId);
        if (MapUtils.isNotEmpty(insertedRequestObjectClaims)) {
            for (Map.Entry<Integer, String> entry : insertedRequestObjectClaims.entrySet()) {
                for (List<RequestedClaim> list : claims) {
                    if (CollectionUtils.isNotEmpty(list)) {
                        for (RequestedClaim claim : list) {
                            if (claim.getName().equals(entry.getValue())) {
                                claimValues.put(entry.getKey(), claim.getValues());
                            }
                        }
                    }
                }
            }
            if (MapUtils.isNotEmpty(claimValues)) {
                insertRequestObjectClaimValues(claimValues, connection);
            }
        }
        IdentityDatabaseUtil.commitTransaction(connection);
    } catch (DataAccessException | SQLException e) {
        try {
            connection.rollback();
        } catch (SQLException e1) {
            String errorMessage = "Rollback error when storing the request object claims.";
            throw new IdentityOAuth2Exception(errorMessage, e);
        }
        String errorMessage = "Error when storing the request object claims.";
        log.error(errorMessage, e);
        throw new IdentityOAuth2Exception(errorMessage, e);
    } finally {
        IdentityApplicationManagementUtil.closeStatement(prepStmt);
    }
}
Also used : HashMap(java.util.HashMap) SQLException(java.sql.SQLException) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) PreparedStatement(java.sql.PreparedStatement) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) DataAccessException(org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException)

Example 13 with RequestedClaim

use of org.wso2.carbon.identity.openidconnect.model.RequestedClaim in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectDAOImpl method getRequestedClaims.

/**
 * Retrieve Requested claims for the id token and user info endpoint.
 *
 * @param token      token
 * @param isUserInfo return true if the claims are requested from user info end point.
 * @return
 * @throws IdentityOAuth2Exception
 */
@Override
public List<RequestedClaim> getRequestedClaims(String token, boolean isUserInfo) throws IdentityOAuth2Exception {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    ResultSet resultSet = null;
    List<RequestedClaim> essentialClaims = new ArrayList<>();
    String tokenId = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getTokenIdByAccessToken(token);
    try {
        connection = IdentityDatabaseUtil.getDBConnection(false);
        String sql = isH2DB() ? SQLQueries.RETRIEVE_REQUESTED_CLAIMS_BY_TOKEN_H2 : SQLQueries.RETRIEVE_REQUESTED_CLAIMS_BY_TOKEN;
        prepStmt = connection.prepareStatement(sql);
        prepStmt.setString(1, tokenId);
        prepStmt.setString(2, isUserInfo ? "1" : "0");
        resultSet = prepStmt.executeQuery();
        while (resultSet.next()) {
            RequestedClaim requestedClaim = new RequestedClaim();
            requestedClaim.setName(resultSet.getString(1));
            requestedClaim.setEssential(!"0".equals(resultSet.getString(2)));
            requestedClaim.setValue(resultSet.getString(3));
            essentialClaims.add(requestedClaim);
        }
    } catch (DataAccessException | SQLException e) {
        String errorMsg = "Error occurred while retrieving request object.";
        throw new IdentityOAuth2Exception(errorMsg, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt);
    }
    return essentialClaims;
}
Also used : IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) SQLException(java.sql.SQLException) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) ArrayList(java.util.ArrayList) PreparedStatement(java.sql.PreparedStatement) DataAccessException(org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException)

Example 14 with RequestedClaim

use of org.wso2.carbon.identity.openidconnect.model.RequestedClaim in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectDAOImpl method insertRequestObjectData.

/**
 * Store request object related data into related db tables.
 *
 * @param consumerKey    consumer key
 * @param sessionDataKey session data key
 * @param claims         request object claims
 * @throws IdentityOAuth2Exception
 */
@Override
public void insertRequestObjectData(String consumerKey, String sessionDataKey, List<List<RequestedClaim>> claims) throws IdentityOAuth2Exception {
    PreparedStatement prepStmt = null;
    ResultSet rs = null;
    String sqlStmt = SQLQueries.STORE_IDN_OIDC_REQ_OBJECT_REFERENCE;
    Connection connection = null;
    try {
        connection = IdentityDatabaseUtil.getDBConnection();
        String dbProductName = connection.getMetaData().getDatabaseProductName();
        prepStmt = connection.prepareStatement(sqlStmt, new String[] { DBUtils.getConvertedAutoGeneratedColumnName(dbProductName, ID) });
        prepStmt.setString(1, consumerKey);
        prepStmt.setString(2, sessionDataKey);
        prepStmt.executeUpdate();
        int requestObjectId = -1;
        rs = prepStmt.getGeneratedKeys();
        if (rs.next()) {
            requestObjectId = rs.getInt(1);
        } else {
            log.warn("Unable to persist Request Object reference for : " + sessionDataKey);
        }
        IdentityDatabaseUtil.commitTransaction(connection);
        if (requestObjectId != -1) {
            if (log.isDebugEnabled()) {
                log.debug("Successfully stored the Request Object reference: " + requestObjectId + " for " + "sessionDataKey: " + sessionDataKey);
            }
            if (CollectionUtils.isNotEmpty(claims)) {
                insertRequestObjectClaims(requestObjectId, claims, connection);
            }
        }
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollbackTransaction(connection);
        String errorMessage = "Error when storing the request object reference";
        log.error(errorMessage, e);
        throw new IdentityOAuth2Exception(errorMessage, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, rs, prepStmt);
    }
}
Also used : IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) SQLException(java.sql.SQLException) ResultSet(java.sql.ResultSet) Connection(java.sql.Connection) PreparedStatement(java.sql.PreparedStatement)

Example 15 with RequestedClaim

use of org.wso2.carbon.identity.openidconnect.model.RequestedClaim in project identity-api-server by wso2.

the class UpdateClaimConfiguration method getClaimMappings.

private ClaimMapping[] getClaimMappings(ClaimConfiguration claimConfigApiModel) {
    if (claimConfigApiModel.getClaimMappings() == null) {
        // No application level claim mappings. So simply mark requested claims if any.
        return Optional.ofNullable(claimConfigApiModel.getRequestedClaims()).map(requestedClaims -> requestedClaims.stream().map(this::buildRequestClaimMapping).toArray(ClaimMapping[]::new)).orElse(new ClaimMapping[0]);
    } else {
        // Application claim mappings defined. First build a map of application claim URI -> claim mapping.
        Map<String, ClaimMapping> claimMappings = claimConfigApiModel.getClaimMappings().stream().collect(Collectors.toMap(ClaimMappings::getApplicationClaim, this::buildClaimMapping));
        // Set the request/mandatory claims from the defined claim mappings.
        Optional.ofNullable(claimConfigApiModel.getRequestedClaims()).ifPresent(requestedClaims -> {
            requestedClaims.forEach(requestedClaim -> {
                // Check if claim mapping defined for requested claim.
                ClaimMapping claimMapping = claimMappings.get(getClaimUri(requestedClaim));
                if (claimMapping != null) {
                    claimMapping.setRequested(true);
                    // Mark claim as mandatory if the flag is set.
                    setIfNotNull(requestedClaim.getMandatory(), claimMapping::setMandatory);
                }
            });
        });
        return claimMappings.values().toArray(new ClaimMapping[0]);
    }
}
Also used : Utils.setIfNotNull(org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull) RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping) LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole) SubjectConfig(org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfig) ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) Collectors(java.util.stream.Collectors) RoleConfig(org.wso2.carbon.identity.api.server.application.management.v1.RoleConfig) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ClaimConfiguration(org.wso2.carbon.identity.api.server.application.management.v1.ClaimConfiguration) ClaimMappings(org.wso2.carbon.identity.api.server.application.management.v1.ClaimMappings) UpdateFunction(org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction) RequestedClaimConfiguration(org.wso2.carbon.identity.api.server.application.management.v1.RequestedClaimConfiguration) Map(java.util.Map) IdentityUtil(org.wso2.carbon.identity.core.util.IdentityUtil) PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig) Optional(java.util.Optional) CarbonConstants(org.wso2.carbon.CarbonConstants) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)

Aggregations

RequestedClaim (org.wso2.carbon.identity.openidconnect.model.RequestedClaim)20 ArrayList (java.util.ArrayList)14 List (java.util.List)9 Test (org.testng.annotations.Test)6 Matchers.anyString (org.mockito.Matchers.anyString)5 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)5 PreparedStatement (java.sql.PreparedStatement)4 SQLException (java.sql.SQLException)4 HashMap (java.util.HashMap)4 BeforeClass (org.testng.annotations.BeforeClass)4 Connection (java.sql.Connection)3 ResultSet (java.sql.ResultSet)3 Map (java.util.Map)3 DataAccessException (org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException)3 RequestObjectException (org.wso2.carbon.identity.oauth2.RequestObjectException)3 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 ClaimMapping (org.wso2.carbon.identity.application.common.model.ClaimMapping)2 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)2 OpenIDConnectClaimFilterImpl (org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl)2 RequestObjectDAOImpl (org.wso2.carbon.identity.openidconnect.dao.RequestObjectDAOImpl)2