use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildGoogleProvisioningConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildGoogleProvisioningConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
ProvisioningConnectorConfig proConnector = new ProvisioningConnectorConfig();
proConnector.setName("googleapps");
Property domainName = null;
Property emailClaim = null;
Property givenNameClaim = null;
Property givenNameDefaultVal = null;
Property familyNameClaim = null;
Property familyNameDefault = null;
Property serviceAccEmail = null;
Property privateKey = null;
Property adminEmail = null;
Property appName = null;
Property googleProvPatten = null;
Property googleProvSeparator = null;
Property uniqueID = null;
String oldGooglePvtKey = null;
String newGooglePvtKey = null;
if (paramMap.get("googleProvEnabled") != null && "on".equals(paramMap.get("googleProvEnabled"))) {
proConnector.setEnabled(true);
} else {
proConnector.setEnabled(false);
}
if (paramMap.get("googleProvDefault") != null && "on".equals(paramMap.get("googleProvDefault"))) {
fedIdp.setDefaultProvisioningConnectorConfig(proConnector);
}
if (paramMap.get("google_prov_domain_name") != null) {
domainName = new Property();
domainName.setName("google_prov_domain_name");
domainName.setValue(paramMap.get("google_prov_domain_name"));
}
if (paramMap.get("google_prov_email_claim_dropdown") != null) {
emailClaim = new Property();
emailClaim.setName("google_prov_email_claim_dropdown");
emailClaim.setValue(paramMap.get("google_prov_email_claim_dropdown"));
}
if (paramMap.get("google_prov_givenname_claim_dropdown") != null) {
givenNameClaim = new Property();
givenNameClaim.setName("google_prov_givenname_claim_dropdown");
givenNameClaim.setValue(paramMap.get("google_prov_givenname_claim_dropdown"));
}
if (paramMap.get("google_prov_givenname") != null) {
givenNameDefaultVal = new Property();
givenNameDefaultVal.setName("google_prov_givenname");
givenNameDefaultVal.setValue(paramMap.get("google_prov_givenname"));
}
if (paramMap.get("google_prov_familyname_claim_dropdown") != null) {
familyNameClaim = new Property();
familyNameClaim.setName("google_prov_familyname_claim_dropdown");
familyNameClaim.setValue(paramMap.get("google_prov_familyname_claim_dropdown"));
}
if (paramMap.get("google_prov_familyname") != null) {
familyNameDefault = new Property();
familyNameDefault.setName("google_prov_familyname");
familyNameDefault.setValue(paramMap.get("google_prov_familyname"));
}
if (paramMap.get("google_prov_service_acc_email") != null) {
serviceAccEmail = new Property();
serviceAccEmail.setName("google_prov_service_acc_email");
serviceAccEmail.setValue(paramMap.get("google_prov_service_acc_email"));
}
if (paramMap.get("old_google_prov_private_key") != null) {
oldGooglePvtKey = paramMap.get("old_google_prov_private_key");
}
// get the value of the uploaded certificate.
if (paramMap.get("google_prov_private_key") != null) {
newGooglePvtKey = paramMap.get("google_prov_private_key");
}
if (newGooglePvtKey == null && oldGooglePvtKey != null) {
newGooglePvtKey = oldGooglePvtKey;
}
if (newGooglePvtKey != null) {
privateKey = new Property();
privateKey.setName("google_prov_private_key");
privateKey.setValue(newGooglePvtKey);
privateKey.setType(IdentityApplicationConstants.ConfigElements.PROPERTY_TYPE_BLOB);
}
if (paramMap.get("google_prov_admin_email") != null) {
adminEmail = new Property();
adminEmail.setName("google_prov_admin_email");
adminEmail.setValue(paramMap.get("google_prov_admin_email"));
}
if (paramMap.get("google_prov_application_name") != null) {
appName = new Property();
appName.setName("google_prov_application_name");
appName.setValue(paramMap.get("google_prov_application_name"));
}
if (paramMap.get("google_prov_pattern") != null) {
googleProvPatten = new Property();
googleProvPatten.setName("google_prov_pattern");
googleProvPatten.setValue(paramMap.get("google_prov_pattern"));
}
if (paramMap.get("google_prov_separator") != null) {
googleProvSeparator = new Property();
googleProvSeparator.setName("google_prov_separator");
googleProvSeparator.setValue(paramMap.get("google_prov_separator"));
}
if (paramMap.get("google-unique-id") != null) {
uniqueID = new Property();
uniqueID.setName("UniqueID");
uniqueID.setValue(paramMap.get("google-unique-id"));
}
Property[] proProperties = new Property[] { appName, adminEmail, privateKey, serviceAccEmail, familyNameDefault, familyNameClaim, givenNameDefaultVal, givenNameClaim, emailClaim, domainName, googleProvPatten, googleProvSeparator, uniqueID };
proConnector.setProvisioningProperties(proProperties);
ProvisioningConnectorConfig[] proConnectors = fedIdp.getProvisioningConnectorConfigs();
if (proConnector.getName() != null) {
if (proConnectors == null || proConnectors.length == 0) {
fedIdp.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[] { proConnector });
} else {
fedIdp.setProvisioningConnectorConfigs(concatArrays(new ProvisioningConnectorConfig[] { proConnector }, proConnectors));
}
}
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementUIUtil method buildPassiveSTSAuthenticationConfiguration.
/**
* @param fedIdp
* @param paramMap
* @throws IdentityApplicationManagementException
*/
private static void buildPassiveSTSAuthenticationConfiguration(IdentityProvider fedIdp, Map<String, String> paramMap) throws IdentityApplicationManagementException {
FederatedAuthenticatorConfig passiveSTSAuthnConfig = new FederatedAuthenticatorConfig();
passiveSTSAuthnConfig.setName("PassiveSTSAuthenticator");
passiveSTSAuthnConfig.setDisplayName("passivests");
if ("on".equals(paramMap.get("passiveSTSEnabled"))) {
passiveSTSAuthnConfig.setEnabled(true);
}
if ("on".equals(paramMap.get("passiveSTSDefault"))) {
fedIdp.setDefaultAuthenticatorConfig(passiveSTSAuthnConfig);
}
Property[] properties = new Property[6];
Property property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.REALM_ID);
property.setValue(paramMap.get("passiveSTSRealm"));
properties[0] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.IDENTITY_PROVIDER_URL);
property.setValue(paramMap.get("passiveSTSUrl"));
properties[1] = property;
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.IS_USER_ID_IN_CLAIMS);
properties[2] = property;
if ("1".equals(paramMap.get("passive_sts_user_id_location"))) {
property.setValue("true");
;
} else {
property.setValue("false");
}
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.IS_ENABLE_ASSERTION_SIGNATURE_VALIDATION);
properties[3] = property;
if ("on".equals(paramMap.get("isEnablePassiveSTSAssertionSignatureValidation"))) {
property.setValue("true");
} else {
property.setValue("false");
}
property = new Property();
property.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.IS_ENABLE_ASSERTION_AUDIENCE_VALIDATION);
properties[4] = property;
if ("on".equals(paramMap.get("isEnablePassiveSTSAssertionAudienceValidation"))) {
property.setValue("true");
} else {
property.setValue("false");
}
property = new Property();
property.setName("commonAuthQueryParams");
if (paramMap.get("passiveSTSQueryParam") != null && paramMap.get("passiveSTSQueryParam").trim().length() > 0) {
property.setValue(paramMap.get("passiveSTSQueryParam"));
}
properties[5] = property;
passiveSTSAuthnConfig.setProperties(properties);
FederatedAuthenticatorConfig[] authenticators = fedIdp.getFederatedAuthenticatorConfigs();
if (paramMap.get("passiveSTSUrl") != null && !"".equals(paramMap.get("passiveSTSUrl"))) {
if (authenticators == null || authenticators.length == 0) {
fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { passiveSTSAuthnConfig });
} else {
fedIdp.setFederatedAuthenticatorConfigs(concatArrays(new FederatedAuthenticatorConfig[] { passiveSTSAuthnConfig }, authenticators));
}
}
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class CacheBackedIdPMgtDAO method getIdPNameByMetadataProperty.
/**
* Retrieves the first matching IDP for the given metadata property.
* Intended to ony be used to retrieve IDP name based on a unique metadata property.
*
* @param dbConnection Optional. DB connection.
* @param property IDP metadata property name.
* @param value Value associated with given Property.
* @param tenantId Tenant id whose information is requested.
* @param tenantDomain Tenant domain whose information is requested.
* @return Identity Provider name.
* @throws IdentityProviderManagementException IdentityProviderManagementException.
*/
public String getIdPNameByMetadataProperty(Connection dbConnection, String property, String value, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
IdPMetadataPropertyCacheKey cacheKey = new IdPMetadataPropertyCacheKey(property, value);
String idPName = idPCacheByMetadataProperty.getValueFromCache(cacheKey, tenantDomain);
if (idPName != null) {
if (log.isDebugEnabled()) {
log.debug("Cache entry IDP name: " + idPName + " found for IDP metadata property name: " + property + " value: " + value);
}
return idPName;
} else {
if (log.isDebugEnabled()) {
log.debug("Cache entry not found for IDP metadata property name: " + property + " value: " + value + ". Fetching entry from DB");
}
}
idPName = idPMgtDAO.getIdPNameByMetadataProperty(dbConnection, property, value, tenantId);
if (idPName != null) {
if (log.isDebugEnabled()) {
log.debug("DB entry IDP name: " + idPName + " found for IDP metadata property name: " + property + " value: " + value);
}
idPCacheByMetadataProperty.addToCache(cacheKey, idPName, tenantDomain);
} else {
if (log.isDebugEnabled()) {
log.debug("DB entry not found for IDP metadata property name: " + property + " value: " + value);
}
}
return idPName;
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class RegistryRecoveryDataStore method deleteOldConfirmationCodesByRegistrySearch.
private void deleteOldConfirmationCodesByRegistrySearch(Registry registry, String username, String confirmationCodePath) {
Map<String, String> fields = new HashMap<>();
fields.put(REGISTRY_SEARCH_FIELD_PROPERTY_NAME, UserRecoveryDataStore.USER_ID);
/*
Convert the username to lowercase as 'userId' property always includes the lowercase username.
@see #store
*/
fields.put(REGISTRT_SEARCH_FIELD_RIGHT_PROPERTY_VALUE, username.toLowerCase());
fields.put(REGISTRY_SEARCH_FIELD_RIGHT_OP, REGISTRY_SEARCH_FIELD_RIGHT_OP_EQ);
ResourceData[] searchResults = null;
try {
searchResults = IdentityMgtServiceComponent.getAttributeSearchService().search(fields);
} catch (RegistryException e) {
log.error("Error while deleting the old confirmation code. Unable to search resources in registry " + "for: [" + REGISTRY_SEARCH_FIELD_PROPERTY_NAME + " - " + UserRecoveryDataStore.USER_ID + ", " + REGISTRT_SEARCH_FIELD_RIGHT_PROPERTY_VALUE + " - " + username + ", " + REGISTRY_SEARCH_FIELD_RIGHT_OP + " - " + REGISTRY_SEARCH_FIELD_RIGHT_OP_EQ + "]", e);
}
if (searchResults != null && !ArrayUtils.isEmpty(searchResults)) {
if (log.isDebugEnabled()) {
log.debug("Found: " + searchResults.length + " no of resources for search: [" + REGISTRY_SEARCH_FIELD_PROPERTY_NAME + " - " + UserRecoveryDataStore.USER_ID + ", " + REGISTRT_SEARCH_FIELD_RIGHT_PROPERTY_VALUE + " - " + username + ", " + REGISTRY_SEARCH_FIELD_RIGHT_OP + " - " + REGISTRY_SEARCH_FIELD_RIGHT_OP_EQ + "]");
}
for (ResourceData resource : searchResults) {
String resourcePath = resource.getResourcePath();
if (resourcePath != null && resourcePath.contains(confirmationCodePath)) {
if (log.isDebugEnabled()) {
log.debug("Matching resource found for user: " + username + " at resource path : " + resource.getResourcePath());
}
String resourcePathRelativeToConfigRegistry = resource.getResourcePath().substring(RegistryConstants.CONFIG_REGISTRY_BASE_PATH.length());
deleteRegistryResource(registry, resourcePathRelativeToConfigRegistry);
}
}
} else {
if (log.isDebugEnabled()) {
if (log.isDebugEnabled()) {
log.debug("No registry resource found for search: [" + REGISTRY_SEARCH_FIELD_PROPERTY_NAME + " - " + "" + "" + "" + UserRecoveryDataStore.USER_ID + ", " + REGISTRT_SEARCH_FIELD_RIGHT_PROPERTY_VALUE + " - " + username + ", " + REGISTRY_SEARCH_FIELD_RIGHT_OP + " - " + REGISTRY_SEARCH_FIELD_RIGHT_OP_EQ + "]");
}
}
}
}
use of org.wso2.carbon.identity.recovery.model.Property in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getIdPNameByMetadataProperty.
/**
* Retrieves the first matching IDP for the given metadata property.
* Intended to ony be used to retrieve IDP name based on a unique metadata property.
*
* @param dbConnection Optional. DB connection.
* @param property IDP metadata property name.
* @param value Value associated with given Property.
* @param tenantId Tenant id whose information is requested.
* @return Identity Provider name.
* @throws IdentityProviderManagementException IdentityProviderManagementException.
*/
public String getIdPNameByMetadataProperty(Connection dbConnection, String property, String value, int tenantId) throws IdentityProviderManagementException {
PreparedStatement prepStmt = null;
ResultSet rs = null;
boolean dbConnectionInitialized = true;
if (dbConnection == null) {
dbConnection = IdentityDatabaseUtil.getDBConnection(false);
} else {
dbConnectionInitialized = false;
}
try {
String sqlStmt = isH2DB() ? IdPManagementConstants.SQLQueries.GET_IDP_NAME_BY_METADATA_H2 : IdPManagementConstants.SQLQueries.GET_IDP_NAME_BY_METADATA;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, property);
prepStmt.setString(2, value);
prepStmt.setInt(3, tenantId);
rs = prepStmt.executeQuery();
String idPName = null;
if (rs.next()) {
idPName = rs.getString(1);
}
return idPName;
} catch (DataAccessException | SQLException e) {
throw new IdentityProviderManagementException("Error occurred while retrieving Identity Provider " + "information for IDP metadata property name: " + property + " value: " + value, e);
} finally {
if (dbConnectionInitialized) {
IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
} else {
IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
}
}
}
Aggregations