Example 76 with Role
use of org.wso2.carbon.identity.role.mgt.core.Role in project carbon-identity-framework by wso2.
the class IdentityProviderManager method getMappedIdPRoles.
/**
* Retrieves Identity provider information about a given tenant
*
* @param idPName Unique name of the IdP to which the given local roles need to be mapped
* @param tenantDomain The tenant domain of whose local roles need to be mapped
* @param localRoles Local roles which need to be mapped to IdP roles
* @throws IdentityProviderManagementException Error when getting role mappings
*/
@Override
public Set<RoleMapping> getMappedIdPRoles(String idPName, String tenantDomain, LocalRole[] localRoles) throws IdentityProviderManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
if (StringUtils.isEmpty(idPName)) {
String msg = "Invalid argument: Identity Provider Name value is empty";
throw new IdentityProviderManagementException(msg);
}
IdentityProvider identityProvider = dao.getIdPByName(null, idPName, tenantId, tenantDomain);
if (identityProvider == null) {
identityProvider = new FileBasedIdPMgtDAO().getIdPByName(idPName, tenantDomain);
}
if (identityProvider == null) {
identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get(IdentityApplicationConstants.DEFAULT_IDP_CONFIG);
}
PermissionsAndRoleConfig roleConfiguration = identityProvider.getPermissionAndRoleConfig();
if (roleConfiguration != null) {
RoleMapping[] roleMappings = roleConfiguration.getRoleMappings();
if (roleMappings != null && roleMappings.length > 0 && localRoles != null) {
Set<RoleMapping> returnSet = new HashSet<RoleMapping>();
for (LocalRole localRole : localRoles) {
for (RoleMapping roleMapping : roleMappings) {
if (roleMapping.getLocalRole().equals(localRole)) {
returnSet.add(roleMapping);
break;
}
}
}
return returnSet;
}
}
return new HashSet<RoleMapping>();
}
Also used :
FileBasedIdPMgtDAO(org.wso2.carbon.idp.mgt.dao.FileBasedIdPMgtDAO)
PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)
IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider)
LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
HashSet(java.util.HashSet)
Example 77 with Role
use of org.wso2.carbon.identity.role.mgt.core.Role in project carbon-identity-framework by wso2.
the class IdentityProviderManager method getMappedIdPRolesMap.
/**
* Retrieves Identity provider information about a given tenant
*
* @param idPName Unique name of the IdP to which the given local roles need to be mapped
* @param tenantDomain The tenant domain of whose local roles need to be mapped
* @param localRoles Local roles which need to be mapped to IdP roles
* @throws IdentityProviderManagementException Error when getting role mappings
*/
@Override
public Map<LocalRole, String> getMappedIdPRolesMap(String idPName, String tenantDomain, LocalRole[] localRoles) throws IdentityProviderManagementException {
Set<RoleMapping> roleMappings = getMappedIdPRoles(idPName, tenantDomain, localRoles);
Map<LocalRole, String> returnMap = new HashMap<LocalRole, String>();
for (RoleMapping roleMapping : roleMappings) {
returnMap.put(roleMapping.getLocalRole(), roleMapping.getRemoteRole());
}
return returnMap;
}
Also used :
HashMap(java.util.HashMap)
LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
Example 78 with Role
use of org.wso2.carbon.identity.role.mgt.core.Role in project carbon-identity-framework by wso2.
the class IdPManagementDAO method populateRequiredAttributesForIdentityProviderList.
/**
* @param resultSet ResultSet.
* @param dbConnection Database Connection.
* @param requiredAttributes Required attributes which needs to be return.
* @param tenantId Tenant Id of the identity provider.
* @param identityProvider Identity Provider Object.
* @throws SQLException
* @throws IdentityProviderManagementServerException
*/
private void populateRequiredAttributesForIdentityProviderList(ResultSet resultSet, Connection dbConnection, List<String> requiredAttributes, int tenantId, IdentityProvider identityProvider) throws SQLException, IdentityProviderManagementServerException {
int idpId = Integer.parseInt(identityProvider.getId());
String idPName = identityProvider.getIdentityProviderName();
try {
if (CollectionUtils.isNotEmpty(requiredAttributes)) {
for (String attribute : requiredAttributes) {
switch(attribute) {
case IdPManagementConstants.IDP_IS_PRIMARY:
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("IS_PRIMARY"))) {
identityProvider.setPrimary(true);
} else {
identityProvider.setPrimary(false);
}
break;
case IdPManagementConstants.IDP_HOME_REALM_ID:
identityProvider.setHomeRealmId(resultSet.getString("HOME_REALM_ID"));
break;
case IdPManagementConstants.IDP_IS_FEDERATION_HUB:
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("IS_FEDERATION_HUB"))) {
identityProvider.setFederationHub(false);
}
break;
case IdPManagementConstants.IDP_CERTIFICATE:
identityProvider.setCertificate(getBlobValue(resultSet.getBinaryStream("CERTIFICATE")));
break;
case IdPManagementConstants.IDP_ALIAS:
identityProvider.setAlias(resultSet.getString("ALIAS"));
break;
case IdPManagementConstants.IDP_CLAIMS:
if (identityProvider.getClaimConfig() == null) {
identityProvider.setClaimConfig(new ClaimConfig());
}
if (IdPManagementConstants.IS_TRUE_VALUE.equals(resultSet.getString("IS_LOCAL_CLAIM_DIALECT"))) {
identityProvider.getClaimConfig().setLocalClaimDialect(true);
} else {
identityProvider.getClaimConfig().setLocalClaimDialect(false);
}
String userClaimUri = resultSet.getString("USER_CLAIM_URI");
String roleClaimUri = resultSet.getString("ROLE_CLAIM_URI");
if (identityProvider.getClaimConfig().isLocalClaimDialect()) {
identityProvider.setClaimConfig(getLocalIdPDefaultClaimValues(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
} else {
// Get claim configuration.
identityProvider.setClaimConfig(getIdPClaimConfiguration(dbConnection, idPName, userClaimUri, roleClaimUri, idpId, tenantId));
}
break;
case IdPManagementConstants.IDP_ROLES:
identityProvider.setProvisioningRole(resultSet.getString("PROVISIONING_ROLE"));
// Get permission and role configuration.
identityProvider.setPermissionAndRoleConfig(getPermissionsAndRoleConfiguration(dbConnection, idPName, idpId, tenantId));
break;
case IdPManagementConstants.IDP_FEDERATED_AUTHENTICATORS:
String defaultAuthenticatorName = resultSet.getString("DEFAULT_AUTHENTICATOR_NAME");
// Get federated authenticators.
identityProvider.setFederatedAuthenticatorConfigs(getFederatedAuthenticatorConfigs(dbConnection, idPName, identityProvider, tenantId));
if (defaultAuthenticatorName != null && identityProvider.getFederatedAuthenticatorConfigs() != null) {
identityProvider.setDefaultAuthenticatorConfig(IdentityApplicationManagementUtil.getFederatedAuthenticator(identityProvider.getFederatedAuthenticatorConfigs(), defaultAuthenticatorName));
}
break;
case IdPManagementConstants.IDP_PROVISIONING:
JustInTimeProvisioningConfig jitProConfig = new JustInTimeProvisioningConfig();
if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("INBOUND_PROV_ENABLED"))) {
jitProConfig.setProvisioningEnabled(true);
} else {
jitProConfig.setProvisioningEnabled(false);
}
jitProConfig.setProvisioningUserStore(resultSet.getString("INBOUND_PROV_USER_STORE_ID"));
identityProvider.setJustInTimeProvisioningConfig(jitProConfig);
String defaultProvisioningConnectorConfigName = resultSet.getString("DEFAULT_PRO_CONNECTOR_NAME");
if (defaultProvisioningConnectorConfigName != null) {
ProvisioningConnectorConfig defaultProConnector = new ProvisioningConnectorConfig();
defaultProConnector.setName(defaultProvisioningConnectorConfigName);
identityProvider.setDefaultProvisioningConnectorConfig(defaultProConnector);
}
// Get provisioning connectors.
identityProvider.setProvisioningConnectorConfigs(getProvisioningConnectorConfigs(dbConnection, idPName, idpId, tenantId));
break;
}
}
}
} catch (IdentityProviderManagementException e) {
throw new IdentityProviderManagementServerException("Error occurred while performing required " + "attribute filter", e);
}
}
Also used :
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
JustInTimeProvisioningConfig(org.wso2.carbon.identity.application.common.model.JustInTimeProvisioningConfig)
IdentityProviderManagementServerException(org.wso2.carbon.idp.mgt.IdentityProviderManagementServerException)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
ProvisioningConnectorConfig(org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig)
Example 79 with Role
use of org.wso2.carbon.identity.role.mgt.core.Role in project carbon-identity-framework by wso2.
the class IdPManagementDAO method getPermissionsAndRoleConfiguration.
/**
* @param dbConnection
* @param idPName
* @param tenantId
* @return
* @throws IdentityProviderManagementException
* @throws SQLException
*/
public PermissionsAndRoleConfig getPermissionsAndRoleConfiguration(Connection dbConnection, String idPName, int idPId, int tenantId) throws SQLException {
PreparedStatement prepStmt1 = null;
PreparedStatement prepStmt2 = null;
ResultSet rs1 = null;
ResultSet rs2 = null;
PermissionsAndRoleConfig permissionRoleConfiguration = new PermissionsAndRoleConfig();
try {
List<String> idpRoleList = new ArrayList<String>();
// SP_IDP_ROLE
String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_ROLES_SQL;
prepStmt1 = dbConnection.prepareStatement(sqlStmt);
prepStmt1.setInt(1, idPId);
rs1 = prepStmt1.executeQuery();
while (rs1.next()) {
idpRoleList.add(rs1.getString("ROLE"));
}
permissionRoleConfiguration.setIdpRoles(idpRoleList.toArray(new String[idpRoleList.size()]));
List<RoleMapping> roleMappings = new ArrayList<RoleMapping>();
// SP_IDP_ROLE_MAPPINGS.SP_USER_STORE_ID, SP_IDP_ROLE_MAPPINGS.SP_LOCAL_ROLE,
// SP_IDP_ROLES.SP_IDP_ROLE
sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_ROLE_MAPPINGS_SQL;
prepStmt2 = dbConnection.prepareStatement(sqlStmt);
prepStmt2.setInt(1, idPId);
rs2 = prepStmt2.executeQuery();
while (rs2.next()) {
LocalRole localRole = new LocalRole(rs2.getString("USER_STORE_ID"), rs2.getString("LOCAL_ROLE"));
RoleMapping roleMapping = new RoleMapping(localRole, rs2.getString("ROLE"));
roleMappings.add(roleMapping);
}
permissionRoleConfiguration.setRoleMappings(roleMappings.toArray(new RoleMapping[roleMappings.size()]));
return permissionRoleConfiguration;
} finally {
IdentityDatabaseUtil.closeAllConnections(null, rs2, prepStmt2);
IdentityDatabaseUtil.closeAllConnections(null, rs1, prepStmt1);
}
}
Also used :
PermissionsAndRoleConfig(org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig)
ResultSet(java.sql.ResultSet)
ArrayList(java.util.ArrayList)
PreparedStatement(java.sql.PreparedStatement)
LocalRole(org.wso2.carbon.identity.application.common.model.LocalRole)
RoleMapping(org.wso2.carbon.identity.application.common.model.RoleMapping)
Example 80 with Role
use of org.wso2.carbon.identity.role.mgt.core.Role in project carbon-identity-framework by wso2.
the class IdPManagementDAO method renameClaimURI.
/**
* @param newClaimURI
* @param oldClaimURI
* @param tenantId
* @param tenantDomain
* @throws IdentityProviderManagementException
*/
public void renameClaimURI(String newClaimURI, String oldClaimURI, int tenantId, String tenantDomain) throws IdentityProviderManagementException {
Connection dbConnection = IdentityDatabaseUtil.getDBConnection();
;
PreparedStatement prepStmt = null;
try {
String sqlStmt = IdPManagementConstants.SQLQueries.RENAME_CLAIM_SQL;
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, newClaimURI);
prepStmt.setInt(2, tenantId);
prepStmt.setString(3, oldClaimURI);
prepStmt.executeUpdate();
IdentityDatabaseUtil.commitTransaction(dbConnection);
} catch (SQLException e) {
IdentityDatabaseUtil.rollbackTransaction(dbConnection);
throw new IdentityProviderManagementException("Error occurred while renaming tenant role " + oldClaimURI + " to " + newClaimURI + " of tenant " + tenantDomain, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(dbConnection, null, prepStmt);
}
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)
Aggregations
Test (org.testng.annotations.Test)85
ArrayList (java.util.ArrayList)74
UserStoreException (org.wso2.carbon.user.api.UserStoreException)56
HashMap (java.util.HashMap)52
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)42
Connection (java.sql.Connection)36
SQLException (java.sql.SQLException)34
Role (org.wso2.charon3.core.objects.Role)33
AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)31
CharonException (org.wso2.charon3.core.exceptions.CharonException)29
RoleBasicInfo (org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)26
PreparedStatement (java.sql.PreparedStatement)25
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)24
RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)24
ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)23
HashSet (java.util.HashSet)20
UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)20
IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)19
IdentityRoleManagementClientException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)19
Matchers.anyString (org.mockito.Matchers.anyString)18
