use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class FileBasedIdPMgtDAO method getIdPByAuthenticatorPropertyValue.
public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, String value, String tenantDomain, String authenticatorName) {
Map<String, IdentityProvider> identityProviders = IdPManagementServiceComponent.getFileBasedIdPs();
for (Entry<String, IdentityProvider> entry : identityProviders.entrySet()) {
FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = entry.getValue().getFederatedAuthenticatorConfigs();
// Get SAML2 Web SSO authenticator
FederatedAuthenticatorConfig samlAuthenticatorConfig = IdentityApplicationManagementUtil.getFederatedAuthenticator(federatedAuthenticatorConfigs, authenticatorName);
if (samlAuthenticatorConfig != null) {
Property samlProperty = IdentityApplicationManagementUtil.getProperty(samlAuthenticatorConfig.getProperties(), property);
if (samlProperty != null) {
if (value.equalsIgnoreCase(samlProperty.getValue())) {
return entry.getValue();
}
}
}
}
return null;
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementDAO method buildTemplateIdProperty.
/**
* Build templateId property for the IDP.
*
* @param identityProvider Identity provider.
* @return templateId IdentityProviderProperty.
*/
private IdentityProviderProperty buildTemplateIdProperty(IdentityProvider identityProvider) {
IdentityProviderProperty templateIdProperty = new IdentityProviderProperty();
templateIdProperty.setName(TEMPLATE_ID_IDP_PROPERTY_NAME);
templateIdProperty.setDisplayName(TEMPLATE_ID_IDP_PROPERTY_DISPLAY_NAME);
templateIdProperty.setValue(StringUtils.isNotBlank(identityProvider.getTemplateId()) ? identityProvider.getTemplateId() : StringUtils.EMPTY);
return templateIdProperty;
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementDAO method updateProvisioningConfigProperty.
private void updateProvisioningConfigProperty(ProvisioningConnectorConfig[] provisioningConnectors, Connection dbConnection, int idpId, int tenantId) throws IdentityProviderManagementException, SQLException {
String sqlStmt = IdPManagementConstants.SQLQueries.UPDATE_IDP_PROVISIONING_CONFIG_PROPERTY_SQL;
try (PreparedStatement prepStmt = dbConnection.prepareStatement(sqlStmt)) {
for (ProvisioningConnectorConfig connector : provisioningConnectors) {
if (isProvisioningConfigAvailableToUpdate(connector, dbConnection, idpId, tenantId)) {
updateProvisioningConfig(connector, dbConnection, idpId, tenantId);
Property[] connectorProperties = connector.getProvisioningProperties();
if (connectorProperties != null && connectorProperties.length > 0) {
for (Property config : connectorProperties) {
if (config == null) {
continue;
}
prepStmt.setString(1, config.getName());
if (IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_BLOB.equals(config.getType())) {
prepStmt.setString(2, null);
setBlobValue(config.getValue(), prepStmt, 3);
prepStmt.setString(4, config.getType());
} else {
prepStmt.setString(2, config.getValue());
setBlobValue(null, prepStmt, 3);
prepStmt.setString(4, IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_STRING);
}
if (config.isConfidential()) {
prepStmt.setString(5, IdPManagementConstants.IS_TRUE_VALUE);
} else {
prepStmt.setString(5, IdPManagementConstants.IS_FALSE_VALUE);
}
prepStmt.setInt(6, idpId);
prepStmt.setInt(7, tenantId);
prepStmt.setString(8, connector.getName());
prepStmt.setInt(9, tenantId);
prepStmt.setString(10, config.getName());
prepStmt.executeUpdate();
}
}
} else {
addProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { connector }, dbConnection, idpId, tenantId);
}
}
} catch (IOException e) {
throw new IdentityProviderManagementException("An error occurred when processing content stream while " + "updating provisioning config properties of Identity Provider : " + idpId, e);
}
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildOpenIDConnectAuthenticationConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildOpenIDConnectAuthenticationConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
FederatedAuthenticatorConfig oidcAuthnConfig = new FederatedAuthenticatorConfig();
oidcAuthnConfig.setName("OpenIDConnectAuthenticator");
oidcAuthnConfig.setDisplayName("openidconnect");
if ("on".equals(paramMap.get("oidcEnabled"))) {
oidcAuthnConfig.setEnabled(true);
}
if ("on".equals(paramMap.get("oidcDefault"))) {
fedIdp.setDefaultAuthenticatorConfig(oidcAuthnConfig);
}
Property[] properties = new Property[10];
Property property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.Facebook.CLIENT_ID);
property.setValue(paramMap.get("clientId"));
properties[0] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.OAUTH2_AUTHZ_URL);
property.setValue(paramMap.get("authzUrl"));
properties[1] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.OAUTH2_TOKEN_URL);
property.setValue(paramMap.get("tokenUrl"));
properties[2] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.CLIENT_SECRET);
property.setValue(paramMap.get("clientSecret"));
property.setConfidential(true);
properties[3] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.IS_USER_ID_IN_CLAIMS);
properties[4] = property;
if ("1".equals(paramMap.get("oidc_user_id_location"))) {
property.setValue("true");
;
} else {
property.setValue("false");
}
property = new Property();
property.setName("commonAuthQueryParams");
if (paramMap.get("oidcQueryParam") != null && paramMap.get("oidcQueryParam").trim().length() > 0) {
property.setValue(paramMap.get("oidcQueryParam"));
}
properties[5] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.CALLBACK_URL);
property.setValue(paramMap.get("callbackUrl"));
properties[6] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.USER_INFO_URL);
property.setValue(paramMap.get("userInfoEndpoint"));
properties[7] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.OIDC_LOGOUT_URL);
property.setValue(paramMap.get("logoutUrlOIDC"));
properties[8] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.OIDC.IS_BASIC_AUTH_ENABLED);
if (paramMap.get("oidcBasicAuthEnabled") != null && "on".equals(paramMap.get("oidcBasicAuthEnabled"))) {
property.setValue("true");
} else {
property.setValue("false");
}
properties[9] = property;
oidcAuthnConfig.setProperties(properties);
FederatedAuthenticatorConfig[] authenticators = fedIdp.getFederatedAuthenticatorConfigs();
if (paramMap.get("authzUrl") != null && !"".equals(paramMap.get("authzUrl")) && paramMap.get("tokenUrl") != null && !"".equals(paramMap.get("tokenUrl")) && paramMap.get("clientId") != null && !"".equals(paramMap.get("clientId")) && paramMap.get("clientSecret") != null && !"".equals(paramMap.get("clientSecret"))) {
if (authenticators == null || authenticators.length == 0) {
fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { oidcAuthnConfig });
} else {
fedIdp.setFederatedAuthenticatorConfigs(concatArrays(new FederatedAuthenticatorConfig[] { oidcAuthnConfig }, authenticators));
}
}
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildFederatedIdentityProvider.
/**
* Build a federated identity provider.
*
* @param request HttpServletRequest
* @param oldIdpName This value will be populated if there is an old IDP.
* @return IdentityProvider
* @throws Exception
*/
public static IdentityProvider buildFederatedIdentityProvider(HttpServletRequest request, StringBuilder oldIdpName) throws Exception {
IdentityProvider fedIdp = new IdentityProvider();
if (ServletFileUpload.isMultipartContent(request)) {
ServletRequestContext servletContext = new ServletRequestContext(request);
FileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);
List items = upload.parseRequest(servletContext);
Map<String, String> paramMap = new HashMap<>();
List<String> idpClaims = new ArrayList<>();
List<String> idpRoles = new ArrayList<>();
List<String> customAuthenticatorNames = new ArrayList<>();
List<String> proConnectorNames = new ArrayList<>();
Map<String, List<Property>> customAuthenticatorProperties = new HashMap<>();
Map<String, List<Property>> customProProperties = new HashMap<>();
String idpUUID = StringUtils.EMPTY;
StringBuilder deletedCertificateValue = new StringBuilder();
for (Object item : items) {
DiskFileItem diskFileItem = (DiskFileItem) item;
if (diskFileItem != null) {
byte[] value = diskFileItem.get();
String key = diskFileItem.getFieldName();
if (StringUtils.equals(key, "idpUUID")) {
idpUUID = diskFileItem.getString();
}
if (IdPManagementUIUtil.META_DATA_SAML.equals(key)) {
if (StringUtils.isNotEmpty(diskFileItem.getName()) && !diskFileItem.getName().trim().endsWith(".xml")) {
throw new CarbonException("File not supported!");
} else {
paramMap.put(key, Base64.encode(value));
}
}
if ("certFile".equals(key)) {
paramMap.put(key, Base64.encode(value));
} else if (key.startsWith(IdentityApplicationConstants.CERTIFICATE_VAL)) {
deletedCertificateValue.append(new String(value, StandardCharsets.UTF_8));
} else if ("google_prov_private_key".equals(key)) {
paramMap.put(key, Base64.encode(value));
} else if (key.startsWith("claimrowname_")) {
String strValue = new String(value, StandardCharsets.UTF_8);
idpClaims.add(strValue);
paramMap.put(key, strValue);
} else if (key.startsWith("rolerowname_")) {
String strValue = new String(value, StandardCharsets.UTF_8);
idpRoles.add(strValue);
paramMap.put(key, strValue);
} else if (key.startsWith("custom_auth_name")) {
customAuthenticatorNames.add(new String(value, StandardCharsets.UTF_8));
} else if (key.startsWith("custom_pro_name")) {
proConnectorNames.add(new String(value, StandardCharsets.UTF_8));
} else if (key.startsWith("cust_auth_prop_")) {
int length = "cust_auth_prop_".length();
String authPropString = new String(key).substring(length);
if (authPropString.indexOf("#") > 0) {
String authName = authPropString.substring(0, authPropString.indexOf("#"));
String propName = authPropString.substring(authPropString.indexOf("#") + 1);
String propVal = new String(value, StandardCharsets.UTF_8);
Property prop = new Property();
prop.setName(propName);
prop.setValue(propVal);
List<Property> propList = null;
if (customAuthenticatorProperties.get(authName) == null) {
customAuthenticatorProperties.put(authName, new ArrayList<Property>());
}
propList = customAuthenticatorProperties.get(authName);
propList.add(prop);
customAuthenticatorProperties.put(authName, propList);
}
} else if (key.startsWith("cust_pro_prop_")) {
int length = "cust_pro_prop_".length();
String provPropString = new String(key).substring(length);
if (provPropString.indexOf("#") > 0) {
String proConName = provPropString.substring(0, provPropString.indexOf("#"));
String propName = provPropString.substring(provPropString.indexOf("#") + 1);
String propVal = new String(value, StandardCharsets.UTF_8);
Property prop = new Property();
prop.setName(propName);
prop.setValue(propVal);
List<Property> propList = null;
if (customProProperties.get(proConName) == null) {
customProProperties.put(proConName, new ArrayList<Property>());
}
propList = customProProperties.get(proConName);
propList.add(prop);
customProProperties.put(proConName, propList);
}
} else {
paramMap.put(key, new String(value, StandardCharsets.UTF_8));
}
String updatedValue = paramMap.get(key);
if (updatedValue != null && updatedValue.trim().length() == 0) {
paramMap.put(key, null);
}
}
}
paramMap.put(IdentityApplicationConstants.CERTIFICATE_VAL, deletedCertificateValue.toString());
IdentityProvider oldIdentityProvider = (IdentityProvider) request.getSession().getAttribute(idpUUID);
if (oldIdentityProvider != null) {
if (oldIdpName == null) {
oldIdpName = new StringBuilder();
}
oldIdpName.append(oldIdentityProvider.getIdentityProviderName());
}
if (oldIdentityProvider != null && oldIdentityProvider.getCertificate() != null) {
if (oldIdentityProvider.getCertificateInfoArray() != null && oldIdentityProvider.getCertificateInfoArray().length > 1) {
if (log.isDebugEnabled()) {
log.debug("Number of old certificate for the identity provider " + oldIdentityProvider.getDisplayName() + " is " + oldIdentityProvider.getCertificateInfoArray().length);
}
StringBuilder multipleCertificate = new StringBuilder();
for (CertificateInfo certificateInfo : oldIdentityProvider.getCertificateInfoArray()) {
multipleCertificate.append(new String(Base64.decode(certificateInfo.getCertValue()), StandardCharsets.UTF_8));
}
paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, Base64.encode(multipleCertificate.toString().getBytes(StandardCharsets.UTF_8)));
} else {
if (log.isDebugEnabled()) {
log.debug("Only one certificate has been found as old certificate.");
}
paramMap.put(IdentityApplicationConstants.OLD_CERT_FILE, oldIdentityProvider.getCertificate());
}
}
if (oldIdentityProvider != null && oldIdentityProvider.getProvisioningConnectorConfigs() != null) {
ProvisioningConnectorConfig[] provisioningConnectorConfig = oldIdentityProvider.getProvisioningConnectorConfigs();
for (ProvisioningConnectorConfig provisioningConnector : provisioningConnectorConfig) {
if (("googleapps").equals(provisioningConnector.getName())) {
Property[] googleProperties = provisioningConnector.getProvisioningProperties();
for (Property property : googleProperties) {
if (property.getName().equals("google_prov_private_key")) {
paramMap.put("old_google_prov_private_key", property.getValue());
}
}
}
}
}
// build identity provider basic information.
buildBasicInformation(fedIdp, paramMap);
// build out-bound authentication configuration.
buildOutboundAuthenticationConfiguration(fedIdp, paramMap);
// build custom authenticator configuration.
buildCustomAuthenticationConfiguration(fedIdp, customAuthenticatorNames, customAuthenticatorProperties, paramMap);
// build claim configuration.
if (oldIdentityProvider != null && oldIdentityProvider.getClaimConfig().getClaimMappings() != null) {
buildClaimConfiguration(fedIdp, paramMap, idpClaims, oldIdentityProvider.getClaimConfig().getClaimMappings());
} else {
buildClaimConfiguration(fedIdp, paramMap, idpClaims, null);
}
// build role configuration.
if (oldIdentityProvider != null && oldIdentityProvider.getPermissionAndRoleConfig() != null && oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings() != null) {
buildRoleConfiguration(fedIdp, paramMap, idpRoles, oldIdentityProvider.getPermissionAndRoleConfig().getRoleMappings());
} else {
buildRoleConfiguration(fedIdp, paramMap, idpRoles, null);
}
// build in-bound provisioning configuration.
buildInboundProvisioningConfiguration(fedIdp, paramMap);
// build out-bound provisioning configuration.
buildOutboundProvisioningConfiguration(fedIdp, paramMap);
// build custom provisioning connectors.
buildCustomProvisioningConfiguration(fedIdp, proConnectorNames, customProProperties, paramMap);
} else {
throw new Exception("Invalid Content Type: Not multipart/form-data");
}
return fedIdp;
}
Aggregations