use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.
the class UserProfileAdmin method getProfileFieldsForInternalStore.
public UserProfileDTO getProfileFieldsForInternalStore() throws UserProfileException {
UserFieldDTO[] datas;
UserProfileDTO profile = new UserProfileDTO();
String[] availableProfileConfigurations = new String[0];
try {
UserRealm realm = getUserRealm();
Claim[] claims = getClaimsToEnterData(realm);
ProfileConfigurationManager profileAdmin = realm.getProfileConfigurationManager();
if (profileAdmin != null) {
availableProfileConfigurations = getAvailableProfileConfiguration(profileAdmin);
}
String[] claimUris = new String[claims.length];
for (int i = 0; i < claims.length; i++) {
claimUris[i] = claims[i].getClaimUri();
}
datas = new UserFieldDTO[claims.length];
for (int j = 0; j < claims.length; j++) {
UserFieldDTO data = new UserFieldDTO();
Claim claim = claims[j];
String claimUri = claim.getClaimUri();
data.setClaimUri(claimUri);
data.setDisplayName(claim.getDisplayTag());
data.setRegEx(claim.getRegEx());
data.setRequired(claim.isRequired());
data.setDisplayOrder(claim.getDisplayOrder());
data.setRegEx(claim.getRegEx());
data.setCheckedAttribute(claim.isCheckedAttribute());
data.setReadOnly(claim.isReadOnly());
datas[j] = data;
}
} catch (Exception e) {
// Not logging. Already logged.
throw new UserProfileException(e.getMessage(), e);
}
profile.setFieldValues(datas);
profile.setProfileConfigurations(availableProfileConfigurations);
return profile;
}
use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.
the class UserProfileAdmin method removeAssociateIDForUser.
/**
* Remove the association with the given federated identifier for the given user.
*
* @param username username of the user to be associated with
* @param idpID Identity Provider ID
* @param associatedID Federated Identity ID
* @throws UserProfileException
*/
public void removeAssociateIDForUser(String username, String idpID, String associatedID) throws UserProfileException {
String auditData = getAuditData(username, idpID, associatedID);
validateFederatedAssociationParameters(username, idpID, associatedID, auditData);
User user = getUser(username);
try {
getFederatedAssociationManager().deleteFederatedAssociation(user, idpID, associatedID);
audit(auditActionForDeleteAssociation, username, auditData, AUDIT_SUCCESS);
} catch (FederatedAssociationManagerException e) {
// order to preserve backward compatibility, this error is silently ignored.
if (!isFederatedAssociationDoesNotExistsError(e)) {
audit(auditActionForDeleteAssociation, username, auditData, AUDIT_FAIL);
String msg = "Error while removing association with federated IdP: " + idpID + " for user: " + username + " in tenant: " + getTenantDomain();
throw new UserProfileException(msg, e);
}
}
}
use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.
the class UserProfileAdmin method getUserClaim.
/**
* Retrieve a claim of the authorized user.
*
* @param claimUri Claim URI in wso2 dialect.
* @param profileName User profile name.
* @return Claim value.
* @throws UserProfileException
*/
public String getUserClaim(String claimUri, String profileName) throws UserProfileException {
if (StringUtils.isBlank(claimUri)) {
throw new UserProfileException("Invalid input parameter. Claim URI cannot be null.");
}
if (StringUtils.isBlank(profileName)) {
throw new UserProfileException("Invalid input parameter. Profile name cannot be null.");
}
String loggedInUsername = CarbonContext.getThreadLocalCarbonContext().getUsername();
if (StringUtils.isBlank(loggedInUsername)) {
throw new UserProfileException("Could not find a logged in user in the current carbon context.");
}
String claimValue = null;
try {
UserStoreManager userStoreManager = getUserRealm().getUserStoreManager();
int index = loggedInUsername.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
if (index < 0) {
if (log.isDebugEnabled()) {
log.debug("Logged in username : '" + loggedInUsername + "' does not contain domain name.");
}
/* if domain is not provided, this can be the scenario where user from a secondary user store
logs in without domain name and tries to view his own profile. */
MessageContext messageContext = MessageContext.getCurrentMessageContext();
HttpServletRequest request = (HttpServletRequest) messageContext.getProperty(TRANSPORT_HTTP_SERVLET_REQUEST);
String domainName = (String) request.getSession().getAttribute(LOGGED_IN_DOMAIN);
if (StringUtils.isNotBlank(domainName)) {
loggedInUsername = domainName + UserCoreConstants.DOMAIN_SEPARATOR + loggedInUsername;
}
}
index = loggedInUsername.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
UserStoreManager secUserStoreManager = null;
// Check whether we have a secondary UserStoreManager setup.
if (index > 0) {
// Using the short-circuit. User name comes with the domain name.
String domain = loggedInUsername.substring(0, index);
if (log.isDebugEnabled()) {
log.debug("Domain name found in the logged in username. Domain name: " + domain);
}
if (userStoreManager instanceof AbstractUserStoreManager) {
secUserStoreManager = ((AbstractUserStoreManager) userStoreManager).getSecondaryUserStoreManager(domain);
}
}
Map<String, String> claimValues;
if (secUserStoreManager != null) {
claimValues = secUserStoreManager.getUserClaimValues(loggedInUsername, new String[] { claimUri }, profileName);
} else {
claimValues = userStoreManager.getUserClaimValues(loggedInUsername, new String[] { claimUri }, profileName);
}
if (claimValues != null) {
claimValue = claimValues.get(claimUri);
}
} catch (UserStoreException e) {
String message = String.format("An error occurred while getting the user claim '%s' in '%s' profile of " + "the user '%s'", claimUri, profileName, loggedInUsername);
log.error(message, e);
throw new UserProfileException(message, e);
}
return claimValue;
}
use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.
the class UserProfileAdmin method associateIDForUser.
/**
* Associate the given user with the given federated identifier.
*
* @param username username of the user to be associated with
* @param idpID Identity Provider ID
* @param associatedID Federated Identity ID
* @throws UserProfileException
*/
public void associateIDForUser(String username, String idpID, String associatedID) throws UserProfileException {
User user = getUser(username);
String auditData = getAuditData(username, idpID, associatedID);
try {
getFederatedAssociationManager().createFederatedAssociation(user, idpID, associatedID);
audit(auditActionForCreateAssociation, username, auditData, AUDIT_SUCCESS);
} catch (FederatedAssociationManagerException e) {
audit(auditActionForCreateAssociation, username, auditData, AUDIT_FAIL);
String msg = "Error while creating association for user: " + username + " with federated IdP: " + idpID + " in tenant: " + getTenantDomain();
throw new UserProfileException(msg, e);
}
}
use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.
the class UserProfileAdmin method getUserProfile.
public UserProfileDTO getUserProfile(String username, String profileName) throws UserProfileException {
UserProfileDTO profile = new UserProfileDTO();
String[] availableProfileConfigurations = new String[0];
String profileConfig = null;
try {
if (username == null || profileName == null) {
throw new UserProfileException("Invalid input parameters");
}
if (!this.isAuthorized(username, USER_PROFILE_VIEW_PERMISSION)) {
throw new UserProfileException(authorizationFailureMessage);
}
// Any other attempt is unauthorized. So attempts will be logged and denied.
if (isAdminProfileSpoof(username)) {
log.warn("Unauthorized attempt. User " + CarbonContext.getThreadLocalCarbonContext().getUsername() + " is trying to view the profile of the admin user.");
throw new UserProfileException(authorizationFailureMessage);
}
UserRealm realm = getUserRealm();
UserStoreManager userStoreManager = realm.getUserStoreManager();
boolean isReadOnly = userStoreManager.isReadOnly();
int indexOne;
indexOne = username.indexOf("/");
if (indexOne < 0) {
/*if domain is not provided, this can be the scenario where user from a secondary user store
logs in without domain name and tries to view his own profile*/
MessageContext messageContext = MessageContext.getCurrentMessageContext();
HttpServletRequest request = (HttpServletRequest) messageContext.getProperty("transport.http.servletRequest");
String domainName = (String) request.getSession().getAttribute("logged_in_domain");
if (domainName != null) {
username = domainName + "/" + username;
}
}
int index;
index = username.indexOf("/");
UserStoreManager secUserStoreManager = null;
// Check whether we have a secondary UserStoreManager setup.
if (index > 0) {
// Using the short-circuit. User name comes with the domain name.
String domain = username.substring(0, index);
if (userStoreManager instanceof AbstractUserStoreManager) {
secUserStoreManager = ((AbstractUserStoreManager) userStoreManager).getSecondaryUserStoreManager(domain);
if (secUserStoreManager != null) {
isReadOnly = secUserStoreManager.isReadOnly();
}
}
}
ProfileConfigurationManager profileAdmin = realm.getProfileConfigurationManager();
String[] profileNames = null;
if (secUserStoreManager != null) {
profileNames = secUserStoreManager.getProfileNames(username);
} else {
profileNames = userStoreManager.getProfileNames(username);
}
boolean found = false;
if (profileNames != null && profileNames.length > 0) {
for (int i = 0; i < profileNames.length; i++) {
if (profileName.equals(profileNames[i])) {
found = true;
break;
}
}
}
if (!found) {
return null;
}
if (profileAdmin != null) {
availableProfileConfigurations = getAvailableProfileConfiguration(profileAdmin);
}
Claim[] claims = getClaimsToEnterData(realm);
String[] claimUris = new String[claims.length + 1];
for (int i = 0; i < claims.length; i++) {
claimUris[i] = claims[i].getClaimUri();
}
claimUris[claims.length] = UserCoreConstants.PROFILE_CONFIGURATION;
Map<String, String> valueMap = userStoreManager.getUserClaimValues(username, claimUris, profileName);
List<UserFieldDTO> userFields = new ArrayList<UserFieldDTO>();
for (int j = 0; j < claims.length; j++) {
UserFieldDTO data = new UserFieldDTO();
Claim claim = claims[j];
String claimUri = claim.getClaimUri();
if (!UserCoreConstants.PROFILE_CONFIGURATION.equals(claimUri)) {
data.setClaimUri(claimUri);
data.setFieldValue(valueMap.get(claimUri));
data.setDisplayName(claim.getDisplayTag());
data.setRegEx(claim.getRegEx());
data.setRequired(claim.isRequired());
data.setDisplayOrder(claim.getDisplayOrder());
data.setReadOnly(claim.isReadOnly());
data.setCheckedAttribute(claim.isCheckedAttribute());
userFields.add(data);
}
}
profile.setProfileName(profileName);
profile.setProfileConfigurations(availableProfileConfigurations);
profileConfig = valueMap.get(UserCoreConstants.PROFILE_CONFIGURATION);
if (profileConfig == null) {
profileConfig = UserCoreConstants.DEFAULT_PROFILE_CONFIGURATION;
}
if (isReadOnly) {
profileConfig = "readonly";
}
profile.setProfileConifuration(profileConfig);
profile.setFieldValues(userFields.toArray(new UserFieldDTO[userFields.size()]));
} catch (Exception e) {
log.error(String.format("An error occurred while getting the user profile '%s' of the user '%s'", profileName, username), e);
throw new UserProfileException(e.getMessage(), e);
}
return profile;
}
Aggregations