use of org.wso2.carbon.user.api.Claim in project carbon-apimgt by wso2.
the class DefaultGroupIDExtractorImpl method getGroupingIdentifierList.
@Override
public String[] getGroupingIdentifierList(String loginResponse) {
JSONObject obj;
String username = null;
Boolean isSuperTenant;
int tenantId = MultitenantConstants.SUPER_TENANT_ID;
String tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
APIManagerConfiguration config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
String claim = config.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI);
if (StringUtils.isBlank(claim)) {
claim = "http://wso2.org/claims/organization";
}
String organization = null;
String[] groupIdArray = null;
try {
obj = new JSONObject(loginResponse);
username = (String) obj.get("user");
isSuperTenant = (Boolean) obj.get("isSuperTenant");
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
// if the user is not in the super tenant domain then find the domain name and tenant id.
if (!isSuperTenant) {
tenantDomain = MultitenantUtils.getTenantDomain(username);
tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
}
UserRealm realm = (UserRealm) realmService.getTenantUserRealm(tenantId);
UserStoreManager manager = realm.getUserStoreManager();
organization = manager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername(username), claim, null);
if (organization != null) {
if (organization.contains(",")) {
groupIdArray = organization.split(",");
for (int i = 0; i < groupIdArray.length; i++) {
groupIdArray[i] = groupIdArray[i].toString().trim();
}
} else {
organization = organization.trim();
groupIdArray = new String[] { organization };
}
} else {
// If claim is null then returning a empty string
groupIdArray = new String[] {};
}
} catch (JSONException e) {
log.error("Exception occured while trying to get group Identifier from login response", e);
} catch (org.wso2.carbon.user.api.UserStoreException e) {
log.error("Error while checking user existence for " + username, e);
}
return groupIdArray;
}
use of org.wso2.carbon.user.api.Claim in project carbon-apimgt by wso2.
the class JWTValidatorImplTest method setup.
@Before
public void setup() {
jwsHeader = new JWSHeader(this.jwsAlgorithm);
jwsHeader = new JWSHeader.Builder(jwsHeader).keyID(KeyId).build();
signedJWTInfo = new SignedJWTInfo();
signedJWT = Mockito.mock(SignedJWT.class);
signedJWTInfo.setSignedJWT(signedJWT);
Calendar now = Calendar.getInstance();
now.add(Calendar.HOUR, 1);
JSONObject transportCertHash = new JSONObject();
transportCertHash.put("x5t#S256", CERT_HASH);
JWTClaimsSet jwtClaimsSet = new JWTClaimsSet.Builder().expirationTime(now.getTime()).claim(APIConstants.CNF, transportCertHash).build();
signedJWTInfo.setJwtClaimsSet(jwtClaimsSet);
System.setProperty("javax.net.ssl.trustStore", CertificateManagerImplTest.class.getClassLoader().getResource("security/client-truststore.jks").getPath());
System.setProperty("javax.net.ssl.trustStorePassword", PASSWORD);
}
use of org.wso2.carbon.user.api.Claim in project carbon-apimgt by wso2.
the class ApiMgtDAO method setJWTClaimConditions.
/**
* Add JWT claim conditions of pipeline with pipeline Id: <code>pipelineId</code> to a
* provided {@link Condition} array
*
* @param pipelineId Id of the pipeline
* @param conditions condition array to populate
* @throws APIManagementException
*/
private void setJWTClaimConditions(int pipelineId, ArrayList<Condition> conditions) throws APIManagementException {
Connection connection = null;
PreparedStatement conditionsStatement = null;
ResultSet resultSet = null;
try {
connection = APIMgtDBUtil.getConnection();
conditionsStatement = connection.prepareStatement(SQLConstants.ThrottleSQLConstants.GET_JWT_CLAIM_CONDITIONS_SQL);
conditionsStatement.setInt(1, pipelineId);
resultSet = conditionsStatement.executeQuery();
while (resultSet.next()) {
JWTClaimsCondition jwtClaimsCondition = new JWTClaimsCondition();
jwtClaimsCondition.setClaimUrl(resultSet.getString(ThrottlePolicyConstants.COLUMN_CLAIM_URI));
jwtClaimsCondition.setAttribute(resultSet.getString(ThrottlePolicyConstants.COLUMN_CLAIM_ATTRIBUTE));
jwtClaimsCondition.setInvertCondition(resultSet.getBoolean(ThrottlePolicyConstants.COLUMN_IS_CLAIM_MAPPING));
conditions.add(jwtClaimsCondition);
}
} catch (SQLException e) {
handleException("Failed to get jwt claim conditions for pipelineId: " + pipelineId, e);
} finally {
APIMgtDBUtil.closeAllConnections(conditionsStatement, connection, resultSet);
}
}
use of org.wso2.carbon.user.api.Claim in project carbon-apimgt by wso2.
the class SystemScopeUtils method getRoleClaim.
/**
* Role claim attribute value from configuration file or from constants
*
* @return
*/
private static String getRoleClaim() {
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
if (authenticatorConfig != null) {
Map<String, String> configParameters = authenticatorConfig.getParameters();
if (configParameters.containsKey(APIConstants.SystemScopeConstants.ROLE_CLAIM_ATTRIBUTE)) {
return configParameters.get(APIConstants.SystemScopeConstants.ROLE_CLAIM_ATTRIBUTE);
}
}
return APIConstants.SystemScopeConstants.ROLE_ATTRIBUTE_NAME;
}
use of org.wso2.carbon.user.api.Claim in project carbon-apimgt by wso2.
the class RemoteUserManagerClient method getUserList.
/**
* Return userlist based on a claim
*
* @param claim - The claim
* @param claimValue - The Claim Value
* @return - A user list
* @throws APIManagementException
*/
public String[] getUserList(String claim, String claimValue) throws APIManagementException {
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
UserRealm tenantUserRealm = (UserRealm) ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
UserStoreManager userStoreManager = tenantUserRealm.getUserStoreManager();
return userStoreManager.getUserList(claim, claimValue, null);
} catch (Exception e) {
throw new APIManagementException("Error when retrieving user list", e);
}
}
Aggregations