Search in sources :

Example 81 with Property

use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.

the class FileBasedIdPMgtDAO method getIdPByAuthenticatorPropertyValue.

public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, String value, String tenantDomain, String authenticatorName) {
    Map<String, IdentityProvider> identityProviders = IdPManagementServiceComponent.getFileBasedIdPs();
    for (Entry<String, IdentityProvider> entry : identityProviders.entrySet()) {
        FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = entry.getValue().getFederatedAuthenticatorConfigs();
        // Get SAML2 Web SSO authenticator
        FederatedAuthenticatorConfig samlAuthenticatorConfig = IdentityApplicationManagementUtil.getFederatedAuthenticator(federatedAuthenticatorConfigs, authenticatorName);
        if (samlAuthenticatorConfig != null) {
            Property samlProperty = IdentityApplicationManagementUtil.getProperty(samlAuthenticatorConfig.getProperties(), property);
            if (samlProperty != null) {
                if (value.equalsIgnoreCase(samlProperty.getValue())) {
                    return entry.getValue();
                }
            }
        }
    }
    return null;
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) Property(org.wso2.carbon.identity.application.common.model.Property) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)

Example 82 with Property

use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.

the class IdPManagementDAO method buildTemplateIdProperty.

/**
 * Build templateId property for the IDP.
 *
 * @param identityProvider Identity provider.
 * @return templateId IdentityProviderProperty.
 */
private IdentityProviderProperty buildTemplateIdProperty(IdentityProvider identityProvider) {
    IdentityProviderProperty templateIdProperty = new IdentityProviderProperty();
    templateIdProperty.setName(TEMPLATE_ID_IDP_PROPERTY_NAME);
    templateIdProperty.setDisplayName(TEMPLATE_ID_IDP_PROPERTY_DISPLAY_NAME);
    templateIdProperty.setValue(StringUtils.isNotBlank(identityProvider.getTemplateId()) ? identityProvider.getTemplateId() : StringUtils.EMPTY);
    return templateIdProperty;
}
Also used : IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)

Example 83 with Property

use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.

the class IdPManagementDAO method updateProvisioningConfigProperty.

private void updateProvisioningConfigProperty(ProvisioningConnectorConfig[] provisioningConnectors, Connection dbConnection, int idpId, int tenantId) throws IdentityProviderManagementException, SQLException {
    String sqlStmt = IdPManagementConstants.SQLQueries.UPDATE_IDP_PROVISIONING_CONFIG_PROPERTY_SQL;
    try (PreparedStatement prepStmt = dbConnection.prepareStatement(sqlStmt)) {
        for (ProvisioningConnectorConfig connector : provisioningConnectors) {
            if (isProvisioningConfigAvailableToUpdate(connector, dbConnection, idpId, tenantId)) {
                updateProvisioningConfig(connector, dbConnection, idpId, tenantId);
                Property[] connectorProperties = connector.getProvisioningProperties();
                if (connectorProperties != null && connectorProperties.length > 0) {
                    for (Property config : connectorProperties) {
                        if (config == null) {
                            continue;
                        }
                        prepStmt.setString(1, config.getName());
                        if (IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_BLOB.equals(config.getType())) {
                            prepStmt.setString(2, null);
                            setBlobValue(config.getValue(), prepStmt, 3);
                            prepStmt.setString(4, config.getType());
                        } else {
                            prepStmt.setString(2, config.getValue());
                            setBlobValue(null, prepStmt, 3);
                            prepStmt.setString(4, IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_STRING);
                        }
                        if (config.isConfidential()) {
                            prepStmt.setString(5, IdPManagementConstants.IS_TRUE_VALUE);
                        } else {
                            prepStmt.setString(5, IdPManagementConstants.IS_FALSE_VALUE);
                        }
                        prepStmt.setInt(6, idpId);
                        prepStmt.setInt(7, tenantId);
                        prepStmt.setString(8, connector.getName());
                        prepStmt.setInt(9, tenantId);
                        prepStmt.setString(10, config.getName());
                        prepStmt.executeUpdate();
                    }
                }
            } else {
                addProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { connector }, dbConnection, idpId, tenantId);
            }
        }
    } catch (IOException e) {
        throw new IdentityProviderManagementException("An error occurred when processing content stream while " + "updating provisioning config properties of Identity Provider : " + idpId, e);
    }
}
Also used : PreparedStatement(java.sql.PreparedStatement) IOException(java.io.IOException) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty) Property(org.wso2.carbon.identity.application.common.model.Property) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)

Example 84 with Property

use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.

the class IdPManagementUIUtil method buildOpenIDConnectAuthenticationConfiguration.

/**
 * @param fedIdp
 * @param paramMap
 * @throws IdentityApplicationManagementException
 */
private static void buildOpenIDConnectAuthenticationConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
    FederatedAuthenticatorConfig oidcAuthnConfig = new FederatedAuthenticatorConfig();
    oidcAuthnConfig.setName("OpenIDConnectAuthenticator");
    oidcAuthnConfig.setDisplayName("openidconnect");
    if ("on".equals(paramMap.get("oidcEnabled"))) {
        oidcAuthnConfig.setEnabled(true);
    }
    if ("on".equals(paramMap.get("oidcDefault"))) {
        fedIdp.setDefaultAuthenticatorConfig(oidcAuthnConfig);
    }
    Property[] properties = new Property[10];
    Property property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.Facebook.CLIENT_ID);
    property.setValue(paramMap.get("clientId"));
    properties[0] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.OAUTH2_AUTHZ_URL);
    property.setValue(paramMap.get("authzUrl"));
    properties[1] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.OAUTH2_TOKEN_URL);
    property.setValue(paramMap.get("tokenUrl"));
    properties[2] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.CLIENT_SECRET);
    property.setValue(paramMap.get("clientSecret"));
    property.setConfidential(true);
    properties[3] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.IS_USER_ID_IN_CLAIMS);
    properties[4] = property;
    if ("1".equals(paramMap.get("oidc_user_id_location"))) {
        property.setValue("true");
        ;
    } else {
        property.setValue("false");
    }
    property = new Property();
    property.setName("commonAuthQueryParams");
    if (paramMap.get("oidcQueryParam") != null && paramMap.get("oidcQueryParam").trim().length() > 0) {
        property.setValue(paramMap.get("oidcQueryParam"));
    }
    properties[5] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.CALLBACK_URL);
    property.setValue(paramMap.get("callbackUrl"));
    properties[6] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.USER_INFO_URL);
    property.setValue(paramMap.get("userInfoEndpoint"));
    properties[7] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.OIDC_LOGOUT_URL);
    property.setValue(paramMap.get("logoutUrlOIDC"));
    properties[8] = property;
    property = new Property();
    property.setName(IdentityApplicationConstants.Authenticator.OIDC.IS_BASIC_AUTH_ENABLED);
    if (paramMap.get("oidcBasicAuthEnabled") != null && "on".equals(paramMap.get("oidcBasicAuthEnabled"))) {
        property.setValue("true");
    } else {
        property.setValue("false");
    }
    properties[9] = property;
    oidcAuthnConfig.setProperties(properties);
    FederatedAuthenticatorConfig[] authenticators = fedIdp.getFederatedAuthenticatorConfigs();
    if (paramMap.get("authzUrl") != null && !"".equals(paramMap.get("authzUrl")) && paramMap.get("tokenUrl") != null && !"".equals(paramMap.get("tokenUrl")) && paramMap.get("clientId") != null && !"".equals(paramMap.get("clientId")) && paramMap.get("clientSecret") != null && !"".equals(paramMap.get("clientSecret"))) {
        if (authenticators == null || authenticators.length == 0) {
            fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { oidcAuthnConfig });
        } else {
            fedIdp.setFederatedAuthenticatorConfigs(concatArrays(new FederatedAuthenticatorConfig[] { oidcAuthnConfig }, authenticators));
        }
    }
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) Property(org.wso2.carbon.identity.application.common.model.idp.xsd.Property) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty)

Example 85 with Property

use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.

the class IdPManagementUIUtil method buildFederatedIdentityProvider.

/**
 * Build a federated identity provider.
 *
 * @param request    HttpServletRequest
 * @param oldIdpName This value will be populated if there is an old IDP.
 * @return IdentityProvider
 * @throws Exception
 */
public static IdentityProvider buildFederatedIdentityProvider(HttpServletRequest request, StringBuilder oldIdpName) throws Exception {
    IdentityProvider fedIdp = new IdentityProvider();
    if (ServletFileUpload.isMultipartContent(request)) {
        ServletRequestContext servletContext = new ServletRequestContext(request);
        FileItemFactory factory = new DiskFileItemFactory();
        ServletFileUpload upload = new ServletFileUpload(factory);
        List items = upload.parseRequest(servletContext);
        Map<String, String> paramMap = new HashMap<>();
        List<String> idpClaims = new ArrayList<>();
        List<String> idpRoles = new ArrayList<>();
        List<String> customAuthenticatorNames = new ArrayList<>();
        List<String> proConnectorNames = new ArrayList<>();
        Map<String, List<Property>> customAuthenticatorProperties = new HashMap<>();
        Map<String, List<Property>> customProProperties = new HashMap<>();
        String idpUUID = StringUtils.EMPTY;
        StringBuilder deletedCertificateValue = new StringBuilder();
        for (Object item : items) {
            DiskFileItem diskFileItem = (DiskFileItem) item;
            if (diskFileItem != null) {
                byte[] value = diskFileItem.get();
                String key = diskFileItem.getFieldName();
                if (StringUtils.equals(key, "idpUUID")) {
                    idpUUID = diskFileItem.getString();
                }
                if (IdPManagementUIUtil.META_DATA_SAML.equals(key)) {
                    if (StringUtils.isNotEmpty(diskFileItem.getName()) && !diskFileItem.getName().trim().endsWith(".xml")) {
                        throw new CarbonException("File not supported!");
                    } else {
                        paramMap.put(key, Base64.encode(value));
                    }
                }
                if ("certFile".equals(key)) {
                    paramMap.put(key, Base64.encode(value));
                } else if (key.startsWith(IdentityApplicationConstants.CERTIFICATE_VAL)) {
                    deletedCertificateValue.append(new String(value, StandardCharsets.UTF_8));
                } else if ("google_prov_private_key".equals(key)) {
                    paramMap.put(key, Base64.encode(value));
                } else if (key.startsWith("claimrowname_")) {
                    String strValue = new String(value, StandardCharsets.UTF_8);
                    idpClaims.add(strValue);
                    paramMap.put(key, strValue);
                } else if (key.startsWith("rolerowname_")) {
                    String strValue = new String(value, StandardCharsets.UTF_8);
                    idpRoles.add(strValue);
                    paramMap.put(key, strValue);
                } else if (key.startsWith("custom_auth_name")) {
                    customAuthenticatorNames.add(new String(value, StandardCharsets.UTF_8));
                } else if (key.startsWith("custom_pro_name")) {
                    proConnectorNames.add(new String(value, StandardCharsets.UTF_8));
                } else if (key.startsWith("cust_auth_prop_")) {
                    int length = "cust_auth_prop_".length();
                    String authPropString = new String(key).substring(length);
                    if (authPropString.indexOf("#") > 0) {
                        String authName = authPropString.substring(0, authPropString.indexOf("#"));
                        String propName = authPropString.substring(authPropString.indexOf("#") + 1);
                        String propVal = new String(value, StandardCharsets.UTF_8);
                        Property prop = new Property();
                        prop.setName(propName);
                        prop.setValue(propVal);
                        List<Property> propList = null;
                        if (customAuthenticatorProperties.get(authName) == null) {
                            customAuthenticatorProperties.put(authName, new ArrayList<Property>());
                        }
                        propList = customAuthenticatorProperties.get(authName);
                        propList.add(prop);
                        customAuthenticatorProperties.put(authName, propList);
                    }
                } else if (key.startsWith("cust_pro_prop_")) {
                    int length = "cust_pro_prop_".length();
                    String provPropString = new String(key).substring(length);
                    if (provPropString.indexOf("#") > 0) {
                        String proConName = provPropString.substring(0, provPropString.indexOf("#"));
                        String propName = provPropString.substring(provPropString.indexOf("#") + 1);
                        String propVal = new String(value, StandardCharsets.UTF_8);
                        Property prop = new Property();
                        prop.setName(propName);
                        prop.setValue(propVal);
                        List<Property> propList = null;
                        if (customProProperties.get(proConName) == null) {
                            customProProperties.put(proConName, new ArrayList<Property>());
                        }
                        propList = customProProperties.get(proConName);
                        propList.add(prop);
                        customProProperties.put(proConName, propList);
                    }
                } else {
                    paramMap.put(key, new String(value, StandardCharsets.UTF_8));
                }
                String updatedValue = paramMap.get(key);
                if (updatedValue != null && updatedValue.trim().length() == 0) {
                    paramMap.put(key, null);
                }
            }
        }
        paramMap.put(IdentityApplicationConstants.CERTIFICATE_VAL, deletedCertificateValue.toString());
        IdentityProvider oldIdentityProvider = (IdentityProvider) request.getSession().getAttribute(idpUUID);
        if (oldIdentityProvider != null) {
            if (oldIdpName == null) {
                oldIdpName = new StringBuilder();
            }
            oldIdpName.append(oldIdentityProvider.getIdentityProviderName());
        }
        if (oldIdentityProvider != null && oldIdentityProvider.getCertificate() != null) {
            if (oldIdentityProvider.getCertificateInfoArray() != null && oldIdentityProvider.getCertificateInfoArray().length > 1) {
                if (log.isDebugEnabled()) {
                    log.debug("Number of old certificate for the identity provider " + oldIdentityProvider.getDisplayName() + " is " + oldIdentityProvider.getCertificateInfoArray().length);
                }
                StringBuilder multipleCertificate = new StringBuilder();
                for (CertificateInfo certificateInfo : oldIdentityProvider.getCertificateInfoArray()) {
                    multipleCertificate.append(new String(Base64.decode(certificateInfo.getCertValue()), StandardCharsets.UTF_8));
                }
                paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, Base64.encode(multipleCertificate.toString().getBytes(StandardCharsets.UTF_8)));
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("Only one certificate has been found as old certificate.");
                }
                paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, oldIdentityProvider.getCertificate());
            }
        }
        if (oldIdentityProvider != null && oldIdentityProvider.getProvisioningConnectorConfigs() != null) {
            ProvisioningConnectorConfig[] provisioningConnectorConfig = oldIdentityProvider.getProvisioningConnectorConfigs();
            for (ProvisioningConnectorConfig provisioningConnector : provisioningConnectorConfig) {
                if (("googleapps").equals(provisioningConnector.getName())) {
                    Property[] googleProperties = provisioningConnector.getProvisioningProperties();
                    for (Property property : googleProperties) {
                        if (property.getName().equals("google_prov_private_key")) {
                            paramMap.put("old_google_prov_private_key", property.getValue());
                        }
                    }
                }
            }
        }
        // build identity provider basic information.
        buildBasicInformation(fedIdp, paramMap);
        // build out-bound authentication configuration.
        buildOutboundAuthenticationConfiguration(fedIdp, paramMap);
        // build custom authenticator configuration.
        buildCustomAuthenticationConfiguration(fedIdp, customAuthenticatorNames, customAuthenticatorProperties, paramMap);
        // build claim configuration.
        if (oldIdentityProvider != null && oldIdentityProvider.getClaimConfig().getClaimMappings() != null) {
            buildClaimConfiguration(fedIdp, paramMap, idpClaims, oldIdentityProvider.getClaimConfig().getClaimMappings());
        } else {
            buildClaimConfiguration(fedIdp, paramMap, idpClaims, null);
        }
        // build role configuration.
        if (oldIdentityProvider != null && oldIdentityProvider.getPermissionAndRoleConfig() != null && oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings() != null) {
            buildRoleConfiguration(fedIdp, paramMap, idpRoles, oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings());
        } else {
            buildRoleConfiguration(fedIdp, paramMap, idpRoles, null);
        }
        // build in-bound provisioning configuration.
        buildInboundProvisioningConfiguration(fedIdp, paramMap);
        // build out-bound provisioning configuration.
        buildOutboundProvisioningConfiguration(fedIdp, paramMap);
        // build custom provisioning connectors.
        buildCustomProvisioningConfiguration(fedIdp, proConnectorNames, customProProperties, paramMap);
    } else {
        throw new Exception("Invalid Content Type: Not multipart/form-data");
    }
    return fedIdp;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) CarbonException(org.wso2.carbon.CarbonException) ServletFileUpload(org.apache.commons.fileupload.servlet.ServletFileUpload) CertificateInfo(org.wso2.carbon.identity.application.common.model.idp.xsd.CertificateInfo) ArrayList(java.util.ArrayList) List(java.util.List) Property(org.wso2.carbon.identity.application.common.model.idp.xsd.Property) IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProviderProperty) ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.ProvisioningConnectorConfig) DiskFileItem(org.apache.commons.fileupload.disk.DiskFileItem) ServletRequestContext(org.apache.commons.fileupload.servlet.ServletRequestContext) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory) FileItemFactory(org.apache.commons.fileupload.FileItemFactory) DiskFileItemFactory(org.apache.commons.fileupload.disk.DiskFileItemFactory) IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException) MalformedURLException(java.net.MalformedURLException) CarbonException(org.wso2.carbon.CarbonException)

Aggregations

ArrayList (java.util.ArrayList)114 HashMap (java.util.HashMap)114 Property (org.wso2.carbon.identity.application.common.model.Property)103 Map (java.util.Map)62 IdentityProviderProperty (org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)50 Test (org.testng.annotations.Test)41 UserStoreException (org.wso2.carbon.user.api.UserStoreException)38 IOException (java.io.IOException)37 Property (org.wso2.carbon.identity.application.common.model.idp.xsd.Property)36 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)33 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)32 RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)31 List (java.util.List)30 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)29 Resource (org.wso2.carbon.registry.core.Resource)29 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)27 OMElement (org.apache.axiom.om.OMElement)24 PreparedStatement (java.sql.PreparedStatement)23 ProvisioningConnectorConfig (org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)23 Property (org.wso2.carbon.identity.application.common.model.xsd.Property)23