use of org.wso2.carbon.identity.scim2.common.listener.SCIMGroupResolver in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMCommonComponent method activate.
@Activate
protected void activate(ComponentContext ctx) {
try {
String filePath = IdentityUtil.getIdentityConfigDirPath() + File.separator + SCIMCommonConstants.CHARON_CONFIG_NAME;
SCIMConfigProcessor scimConfigProcessor = SCIMConfigProcessor.getInstance();
scimConfigProcessor.buildConfigFromFile(filePath);
// reading user schema extension
if (Boolean.parseBoolean(scimConfigProcessor.getProperty("user-schema-extension-enabled"))) {
String schemaFilePath = CarbonUtils.getCarbonConfigDirPath() + File.separator + SCIMConfigConstants.SCIM_SCHEMA_EXTENSION_CONFIG;
SCIMUserSchemaExtensionBuilder.getInstance().buildUserSchemaExtension(schemaFilePath);
}
// If custom schema is enabled, read it root attribute URI from the file config if it is configured.
if (SCIMCommonUtils.isCustomSchemaEnabled()) {
SCIMCustomSchemaExtensionBuilder.getInstance().setURI(SCIMCommonUtils.getCustomSchemaURI());
}
// register UserOperationEventListener implementation
SCIMUserOperationListener scimUserOperationListener = new SCIMUserOperationListener();
userOperationEventListenerServiceReg = ctx.getBundleContext().registerService(UserOperationEventListener.class, scimUserOperationListener, null);
// register scimTenantMgtListener implementation
SCIMTenantMgtListener scimTenantMgtListener = new SCIMTenantMgtListener();
tenantMgtListenerServiceReg = ctx.getBundleContext().registerService(TenantMgtListener.class, scimTenantMgtListener, null);
// Register claim operation event handler implementation.
ctx.getBundleContext().registerService(AbstractEventHandler.class.getName(), new SCIMClaimOperationEventHandler(), null);
if (logger.isDebugEnabled()) {
logger.debug("SCIMClaimOperationEventHandler is successfully registered.");
}
// Register default implementation of SCIMUserStoreErrorResolver
ctx.getBundleContext().registerService(SCIMUserStoreErrorResolver.class.getName(), new DefaultSCIMUserStoreErrorResolver(), null);
// Register default implementation of SCIMGroupResolver.
ctx.getBundleContext().registerService(GroupResolver.class.getName(), new SCIMGroupResolver(), null);
// Update super tenant user/group attributes.
AdminAttributeUtil.updateAdminUser(MultitenantConstants.SUPER_TENANT_ID, true);
AdminAttributeUtil.updateAdminGroup(MultitenantConstants.SUPER_TENANT_ID);
if (logger.isDebugEnabled()) {
logger.debug("SCIM Common component activated successfully.");
}
} catch (CharonException e) {
logger.error("Error in reading information from identity tables at SCIMCommonComponentStartup.", e);
} catch (InternalErrorException e) {
logger.error("Error in reading information from identity tables at SCIMCommonComponentStartup.", e);
}
}
use of org.wso2.carbon.identity.scim2.common.listener.SCIMGroupResolver in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMGroupResolver method getGroupNameById.
@Override
public boolean getGroupNameById(String groupID, Group group, UserStoreManager userStoreManager) throws UserStoreException {
int tenantId = userStoreManager.getTenantId();
AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
/*
* isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
* that case we need to support getting group details from IDN_SCIM_GROUP table.
*/
if (isGroupIdEnabled) {
if (log.isDebugEnabled()) {
log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
}
return true;
}
String groupName;
GroupDAO groupDAO = new GroupDAO();
try {
groupName = groupDAO.getGroupNameById(tenantId, groupID);
if (StringUtils.isBlank(groupName)) {
log.error(String.format("No group found with id: %s in tenant: %s", groupID, tenantId));
return true;
}
} catch (IdentitySCIMException e) {
throw new UserStoreException(String.format("Error occurred while getting the group name of " + "group: %s in tenant: %s", groupID, tenantId), e);
}
if (group == null) {
group = new Group(groupID);
}
String domainName = UserCoreUtil.extractDomainFromName(groupName);
group.setGroupName(resolveGroupName(groupName, domainName));
group.setUserStoreDomain(UserCoreUtil.extractDomainFromName(groupName));
group.setDisplayName(UserCoreUtil.removeDomainFromName(groupName));
return true;
}
use of org.wso2.carbon.identity.scim2.common.listener.SCIMGroupResolver in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMGroupResolver method getGroupsListOfUserByUserId.
@Override
public boolean getGroupsListOfUserByUserId(String userId, List<Group> groupList, UserStoreManager userStoreManager) throws UserStoreException {
if (CollectionUtils.isEmpty(groupList)) {
// To do filtering in IDN_SCIM_GROUP, we need group names. If the list is empty, we cannot do that.
return true;
}
int tenantId = userStoreManager.getTenantId();
AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
/*
* isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
* that case we need to support getting group details from IDN_SCIM_GROUP table.
*/
if (isGroupIdEnabled) {
if (log.isDebugEnabled()) {
log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
}
return true;
}
GroupDAO groupDAO = new GroupDAO();
for (Group group : groupList) {
// We need to only provide the group name and group id.
try {
group.setGroupID(groupDAO.getGroupIdByName(tenantId, group.getGroupName()));
} catch (IdentitySCIMException e) {
throw new UserStoreException(String.format("Error occurred while getting the group id of " + "group: %s in tenant: %s", group.getGroupName(), tenantId), e);
}
}
return true;
}
use of org.wso2.carbon.identity.scim2.common.listener.SCIMGroupResolver in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMGroupResolver method getGroupIdByName.
@Override
public boolean getGroupIdByName(String groupName, Group group, UserStoreManager userStoreManager) throws UserStoreException {
int tenantId = userStoreManager.getTenantId();
AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
/*
* isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
* that case we need to support getting group details from IDN_SCIM_GROUP table.
*/
if (isGroupIdEnabled) {
if (log.isDebugEnabled()) {
log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
}
return true;
}
if (log.isDebugEnabled()) {
log.debug(String.format("Retrieving group with name: %s from tenant: %s", groupName, tenantId));
}
String groupId;
GroupDAO groupDAO = new GroupDAO();
try {
groupId = groupDAO.getGroupIdByName(tenantId, groupName);
} catch (IdentitySCIMException e) {
throw new UserStoreException(String.format("Error occurred while getting the group id of " + "group: %s in tenant: %s", groupName, tenantId), e);
}
if (StringUtils.isBlank(groupId)) {
if (log.isDebugEnabled()) {
log.debug(String.format("No group found with the group name: %s in tenant: %s", groupName, tenantId));
}
return true;
}
String domainName = UserCoreUtil.extractDomainFromName(groupName);
if (group == null) {
group = new Group(groupId);
group.setGroupName(resolveGroupName(groupName, domainName));
group.setUserStoreDomain(domainName);
group.setDisplayName(UserCoreUtil.removeDomainFromName(groupName));
} else {
group.setGroupID(groupId);
}
return true;
}
use of org.wso2.carbon.identity.scim2.common.listener.SCIMGroupResolver in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMGroupResolver method listGroups.
@Override
public boolean listGroups(Condition condition, int limit, int offset, String domain, String sortBy, String sortOrder, List<Group> groupsList, UserStoreManager userStoreManager) throws UserStoreException {
int tenantId = userStoreManager.getTenantId();
AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
/*
* isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
* that case we need to support getting group details from IDN_SCIM_GROUP table.
*/
if (isGroupIdEnabled) {
if (log.isDebugEnabled()) {
log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
}
return true;
}
/*
* Following fill be executed for backward compatible userstores. Those userstores did not have multi
* attribute filtering. Therefore, we do not need to provide support for that.
*/
if (condition instanceof OperationalCondition) {
throw new UserStoreException("OperationalCondition filtering is not supported by userstore: " + userStoreManager.getClass());
}
ExpressionCondition expressionCondition = (ExpressionCondition) condition;
String attributeName = resolveGroupAttributeWithSCIMSchema(expressionCondition.getAttributeName(), tenantId);
String attributeValue = buildSearchAttributeValue(attributeName, expressionCondition.getOperation(), expressionCondition.getAttributeValue(), SQL_FILTERING_DELIMITER);
GroupDAO groupDAO = new GroupDAO();
try {
String[] groupNames = groupDAO.getGroupNameList(attributeName, attributeValue, tenantId, domain);
if (ArrayUtils.isEmpty(groupNames)) {
if (log.isDebugEnabled()) {
log.debug(String.format("No groups found for the filter in userstore: %s in tenant: %s", domain, tenantId));
}
return true;
}
// Get details of the groups.
for (String groupName : groupNames) {
Map<String, String> attributes = groupDAO.getSCIMGroupAttributes(tenantId, groupName);
String groupId = attributes.get(SCIMConstants.CommonSchemaConstants.ID_URI);
String domainName = UserCoreUtil.extractDomainFromName(groupName);
Group group = new Group(groupId, resolveGroupName(groupName, domainName));
for (Map.Entry<String, String> entry : attributes.entrySet()) {
if (SCIMConstants.CommonSchemaConstants.CREATED_URI.equals(entry.getKey())) {
group.setCreatedDate(entry.getValue());
} else if (SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI.equals(entry.getKey())) {
group.setLastModifiedDate(entry.getValue());
} else if (SCIMConstants.CommonSchemaConstants.LOCATION_URI.equals(entry.getKey())) {
group.setLocation(SCIMCommonUtils.getSCIMGroupURL(groupId));
}
}
group.setDisplayName(UserCoreUtil.removeDomainFromName(groupName));
group.setUserStoreDomain(domainName);
groupsList.add(group);
}
} catch (IdentitySCIMException e) {
throw new UserStoreException(String.format("Error occurred while getting the group list in userstore: %s " + "in tenant: %s", domain, tenantId), e);
}
return true;
}
Aggregations