Search in sources :

Example 1 with UserProfileException

use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.

the class UserProfileAdmin method getProfileFieldsForInternalStore.

public UserProfileDTO getProfileFieldsForInternalStore() throws UserProfileException {
    UserFieldDTO[] datas;
    UserProfileDTO profile = new UserProfileDTO();
    String[] availableProfileConfigurations = new String[0];
    try {
        UserRealm realm = getUserRealm();
        Claim[] claims = getClaimsToEnterData(realm);
        ProfileConfigurationManager profileAdmin = realm.getProfileConfigurationManager();
        if (profileAdmin != null) {
            availableProfileConfigurations = getAvailableProfileConfiguration(profileAdmin);
        }
        String[] claimUris = new String[claims.length];
        for (int i = 0; i < claims.length; i++) {
            claimUris[i] = claims[i].getClaimUri();
        }
        datas = new UserFieldDTO[claims.length];
        for (int j = 0; j < claims.length; j++) {
            UserFieldDTO data = new UserFieldDTO();
            Claim claim = claims[j];
            String claimUri = claim.getClaimUri();
            data.setClaimUri(claimUri);
            data.setDisplayName(claim.getDisplayTag());
            data.setRegEx(claim.getRegEx());
            data.setRequired(claim.isRequired());
            data.setDisplayOrder(claim.getDisplayOrder());
            data.setRegEx(claim.getRegEx());
            data.setCheckedAttribute(claim.isCheckedAttribute());
            data.setReadOnly(claim.isReadOnly());
            datas[j] = data;
        }
    } catch (Exception e) {
        // Not logging. Already logged.
        throw new UserProfileException(e.getMessage(), e);
    }
    profile.setFieldValues(datas);
    profile.setProfileConfigurations(availableProfileConfigurations);
    return profile;
}
Also used : ProfileConfigurationManager(org.wso2.carbon.user.core.profile.ProfileConfigurationManager) UserRealm(org.wso2.carbon.user.core.UserRealm) Claim(org.wso2.carbon.user.api.Claim) UserStoreException(org.wso2.carbon.user.api.UserStoreException) CarbonException(org.wso2.carbon.CarbonException) FederatedAssociationManagerException(org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException)

Example 2 with UserProfileException

use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.

the class UserProfileAdmin method removeAssociateIDForUser.

/**
 * Remove the association with the given federated identifier for the given user.
 *
 * @param username     username of the user to be associated with
 * @param idpID        Identity Provider ID
 * @param associatedID Federated Identity ID
 * @throws UserProfileException
 */
public void removeAssociateIDForUser(String username, String idpID, String associatedID) throws UserProfileException {
    String auditData = getAuditData(username, idpID, associatedID);
    validateFederatedAssociationParameters(username, idpID, associatedID, auditData);
    User user = getUser(username);
    try {
        getFederatedAssociationManager().deleteFederatedAssociation(user, idpID, associatedID);
        audit(auditActionForDeleteAssociation, username, auditData, AUDIT_SUCCESS);
    } catch (FederatedAssociationManagerException e) {
        // order to preserve backward compatibility, this error is silently ignored.
        if (!isFederatedAssociationDoesNotExistsError(e)) {
            audit(auditActionForDeleteAssociation, username, auditData, AUDIT_FAIL);
            String msg = "Error while removing association with federated IdP: " + idpID + " for user: " + username + " in tenant: " + getTenantDomain();
            throw new UserProfileException(msg, e);
        }
    }
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) FederatedAssociationManagerException(org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException)

Example 3 with UserProfileException

use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.

the class UserProfileAdmin method getUserClaim.

/**
 * Retrieve a claim of the authorized user.
 *
 * @param claimUri    Claim URI in wso2 dialect.
 * @param profileName User profile name.
 * @return Claim value.
 * @throws UserProfileException
 */
public String getUserClaim(String claimUri, String profileName) throws UserProfileException {
    if (StringUtils.isBlank(claimUri)) {
        throw new UserProfileException("Invalid input parameter. Claim URI cannot be null.");
    }
    if (StringUtils.isBlank(profileName)) {
        throw new UserProfileException("Invalid input parameter. Profile name cannot be null.");
    }
    String loggedInUsername = CarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUsername)) {
        throw new UserProfileException("Could not find a logged in user in the current carbon context.");
    }
    String claimValue = null;
    try {
        UserStoreManager userStoreManager = getUserRealm().getUserStoreManager();
        int index = loggedInUsername.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
        if (index < 0) {
            if (log.isDebugEnabled()) {
                log.debug("Logged in username : '" + loggedInUsername + "' does not contain domain name.");
            }
            /* if domain is not provided, this can be the scenario where user from a secondary user store
                logs in without domain name and tries to view his own profile. */
            MessageContext messageContext = MessageContext.getCurrentMessageContext();
            HttpServletRequest request = (HttpServletRequest) messageContext.getProperty(TRANSPORT_HTTP_SERVLET_REQUEST);
            String domainName = (String) request.getSession().getAttribute(LOGGED_IN_DOMAIN);
            if (StringUtils.isNotBlank(domainName)) {
                loggedInUsername = domainName + UserCoreConstants.DOMAIN_SEPARATOR + loggedInUsername;
            }
        }
        index = loggedInUsername.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
        UserStoreManager secUserStoreManager = null;
        // Check whether we have a secondary UserStoreManager setup.
        if (index > 0) {
            // Using the short-circuit. User name comes with the domain name.
            String domain = loggedInUsername.substring(0, index);
            if (log.isDebugEnabled()) {
                log.debug("Domain name found in the logged in username. Domain name: " + domain);
            }
            if (userStoreManager instanceof AbstractUserStoreManager) {
                secUserStoreManager = ((AbstractUserStoreManager) userStoreManager).getSecondaryUserStoreManager(domain);
            }
        }
        Map<String, String> claimValues;
        if (secUserStoreManager != null) {
            claimValues = secUserStoreManager.getUserClaimValues(loggedInUsername, new String[] { claimUri }, profileName);
        } else {
            claimValues = userStoreManager.getUserClaimValues(loggedInUsername, new String[] { claimUri }, profileName);
        }
        if (claimValues != null) {
            claimValue = claimValues.get(claimUri);
        }
    } catch (UserStoreException e) {
        String message = String.format("An error occurred while getting the user claim '%s' in '%s' profile of " + "the user '%s'", claimUri, profileName, loggedInUsername);
        log.error(message, e);
        throw new UserProfileException(message, e);
    }
    return claimValue;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserStoreException(org.wso2.carbon.user.api.UserStoreException) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) MessageContext(org.apache.axis2.context.MessageContext)

Example 4 with UserProfileException

use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.

the class UserProfileAdmin method associateIDForUser.

/**
 * Associate the given user with the given federated identifier.
 *
 * @param username     username of the user to be associated with
 * @param idpID        Identity Provider ID
 * @param associatedID Federated Identity ID
 * @throws UserProfileException
 */
public void associateIDForUser(String username, String idpID, String associatedID) throws UserProfileException {
    User user = getUser(username);
    String auditData = getAuditData(username, idpID, associatedID);
    try {
        getFederatedAssociationManager().createFederatedAssociation(user, idpID, associatedID);
        audit(auditActionForCreateAssociation, username, auditData, AUDIT_SUCCESS);
    } catch (FederatedAssociationManagerException e) {
        audit(auditActionForCreateAssociation, username, auditData, AUDIT_FAIL);
        String msg = "Error while creating association for user: " + username + " with federated IdP: " + idpID + " in tenant: " + getTenantDomain();
        throw new UserProfileException(msg, e);
    }
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) FederatedAssociationManagerException(org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException)

Example 5 with UserProfileException

use of org.wso2.carbon.identity.user.profile.mgt.UserProfileException in project carbon-identity-framework by wso2.

the class UserProfileAdmin method getUserProfile.

public UserProfileDTO getUserProfile(String username, String profileName) throws UserProfileException {
    UserProfileDTO profile = new UserProfileDTO();
    String[] availableProfileConfigurations = new String[0];
    String profileConfig = null;
    try {
        if (username == null || profileName == null) {
            throw new UserProfileException("Invalid input parameters");
        }
        if (!this.isAuthorized(username, USER_PROFILE_VIEW_PERMISSION)) {
            throw new UserProfileException(authorizationFailureMessage);
        }
        // Any other attempt is unauthorized. So attempts will be logged and denied.
        if (isAdminProfileSpoof(username)) {
            log.warn("Unauthorized attempt. User " + CarbonContext.getThreadLocalCarbonContext().getUsername() + " is trying to view the profile of the admin user.");
            throw new UserProfileException(authorizationFailureMessage);
        }
        UserRealm realm = getUserRealm();
        UserStoreManager userStoreManager = realm.getUserStoreManager();
        boolean isReadOnly = userStoreManager.isReadOnly();
        int indexOne;
        indexOne = username.indexOf("/");
        if (indexOne < 0) {
            /*if domain is not provided, this can be the scenario where user from a secondary user store
                logs in without domain name and tries to view his own profile*/
            MessageContext messageContext = MessageContext.getCurrentMessageContext();
            HttpServletRequest request = (HttpServletRequest) messageContext.getProperty("transport.http.servletRequest");
            String domainName = (String) request.getSession().getAttribute("logged_in_domain");
            if (domainName != null) {
                username = domainName + "/" + username;
            }
        }
        int index;
        index = username.indexOf("/");
        UserStoreManager secUserStoreManager = null;
        // Check whether we have a secondary UserStoreManager setup.
        if (index > 0) {
            // Using the short-circuit. User name comes with the domain name.
            String domain = username.substring(0, index);
            if (userStoreManager instanceof AbstractUserStoreManager) {
                secUserStoreManager = ((AbstractUserStoreManager) userStoreManager).getSecondaryUserStoreManager(domain);
                if (secUserStoreManager != null) {
                    isReadOnly = secUserStoreManager.isReadOnly();
                }
            }
        }
        ProfileConfigurationManager profileAdmin = realm.getProfileConfigurationManager();
        String[] profileNames = null;
        if (secUserStoreManager != null) {
            profileNames = secUserStoreManager.getProfileNames(username);
        } else {
            profileNames = userStoreManager.getProfileNames(username);
        }
        boolean found = false;
        if (profileNames != null && profileNames.length > 0) {
            for (int i = 0; i < profileNames.length; i++) {
                if (profileName.equals(profileNames[i])) {
                    found = true;
                    break;
                }
            }
        }
        if (!found) {
            return null;
        }
        if (profileAdmin != null) {
            availableProfileConfigurations = getAvailableProfileConfiguration(profileAdmin);
        }
        Claim[] claims = getClaimsToEnterData(realm);
        String[] claimUris = new String[claims.length + 1];
        for (int i = 0; i < claims.length; i++) {
            claimUris[i] = claims[i].getClaimUri();
        }
        claimUris[claims.length] = UserCoreConstants.PROFILE_CONFIGURATION;
        Map<String, String> valueMap = userStoreManager.getUserClaimValues(username, claimUris, profileName);
        List<UserFieldDTO> userFields = new ArrayList<UserFieldDTO>();
        for (int j = 0; j < claims.length; j++) {
            UserFieldDTO data = new UserFieldDTO();
            Claim claim = claims[j];
            String claimUri = claim.getClaimUri();
            if (!UserCoreConstants.PROFILE_CONFIGURATION.equals(claimUri)) {
                data.setClaimUri(claimUri);
                data.setFieldValue(valueMap.get(claimUri));
                data.setDisplayName(claim.getDisplayTag());
                data.setRegEx(claim.getRegEx());
                data.setRequired(claim.isRequired());
                data.setDisplayOrder(claim.getDisplayOrder());
                data.setReadOnly(claim.isReadOnly());
                data.setCheckedAttribute(claim.isCheckedAttribute());
                userFields.add(data);
            }
        }
        profile.setProfileName(profileName);
        profile.setProfileConfigurations(availableProfileConfigurations);
        profileConfig = valueMap.get(UserCoreConstants.PROFILE_CONFIGURATION);
        if (profileConfig == null) {
            profileConfig = UserCoreConstants.DEFAULT_PROFILE_CONFIGURATION;
        }
        if (isReadOnly) {
            profileConfig = "readonly";
        }
        profile.setProfileConifuration(profileConfig);
        profile.setFieldValues(userFields.toArray(new UserFieldDTO[userFields.size()]));
    } catch (Exception e) {
        log.error(String.format("An error occurred while getting the user profile '%s' of the user '%s'", profileName, username), e);
        throw new UserProfileException(e.getMessage(), e);
    }
    return profile;
}
Also used : ArrayList(java.util.ArrayList) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) UserStoreException(org.wso2.carbon.user.api.UserStoreException) CarbonException(org.wso2.carbon.CarbonException) FederatedAssociationManagerException(org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException) IdentityProviderManagementException(org.wso2.carbon.idp.mgt.IdentityProviderManagementException) HttpServletRequest(javax.servlet.http.HttpServletRequest) ProfileConfigurationManager(org.wso2.carbon.user.core.profile.ProfileConfigurationManager) UserRealm(org.wso2.carbon.user.core.UserRealm) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) MessageContext(org.apache.axis2.context.MessageContext) Claim(org.wso2.carbon.user.api.Claim)

Aggregations

UserProfileException (org.wso2.carbon.identity.user.profile.mgt.UserProfileException)12 FederatedAssociationManagerException (org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException)10 Connection (java.sql.Connection)8 PreparedStatement (java.sql.PreparedStatement)8 SQLException (java.sql.SQLException)8 UserStoreException (org.wso2.carbon.user.api.UserStoreException)8 UserRealm (org.wso2.carbon.user.core.UserRealm)7 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)6 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)6 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)6 ArrayList (java.util.ArrayList)5 CarbonException (org.wso2.carbon.CarbonException)5 User (org.wso2.carbon.identity.application.common.model.User)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 MessageContext (org.apache.axis2.context.MessageContext)4 Claim (org.wso2.carbon.user.api.Claim)3 ProfileConfigurationManager (org.wso2.carbon.user.core.profile.ProfileConfigurationManager)3 ResultSet (java.sql.ResultSet)2 AssociatedAccountDTO (org.wso2.carbon.identity.user.profile.mgt.AssociatedAccountDTO)2 FederatedAssociation (org.wso2.carbon.identity.user.profile.mgt.association.federation.model.FederatedAssociation)2