use of org.wso2.carbon.user.api.UserStoreManager in project carbon-apimgt by wso2.
the class APIKeyMgtRemoteUserStoreMgtService method getUserAuthenticationInfo.
public BasicAuthValidationInfoDTO getUserAuthenticationInfo(String username, String password) throws APIManagementException {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
UserStoreManager userStoreManager;
BasicAuthValidationInfoDTO basicAuthValidationInfoDTO = new BasicAuthValidationInfoDTO();
boolean isAuthenticated;
String[] userRoles;
String domainQualifiedUsername;
try {
userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
isAuthenticated = userStoreManager.authenticate(MultitenantUtils.getTenantAwareUsername(username), password);
if (isAuthenticated) {
basicAuthValidationInfoDTO.setAuthenticated(true);
domainQualifiedUsername = UserCoreUtil.addDomainToName(username, UserCoreUtil.getDomainFromThreadLocal());
basicAuthValidationInfoDTO.setDomainQualifiedUsername(domainQualifiedUsername);
} else {
// return default validation DTO with authentication false
return basicAuthValidationInfoDTO;
}
// Get role list of user.
// Should give the domain qualified username when getting the role list of user.
userRoles = userStoreManager.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(domainQualifiedUsername));
basicAuthValidationInfoDTO.setUserRoleList(userRoles);
} catch (UserStoreException e) {
APIUtil.handleException("Error occurred while retrieving user authentication info of user " + username, e);
} finally {
PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
}
return basicAuthValidationInfoDTO;
}
use of org.wso2.carbon.user.api.UserStoreManager in project carbon-apimgt by wso2.
the class APIConsumerImplTest method testIsTierDenied.
@Test
public void testIsTierDenied() throws APIManagementException, org.wso2.carbon.user.core.UserStoreException {
UserRegistry userRegistry = Mockito.mock(UserRegistry.class);
APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
Mockito.when(apiManagerConfiguration.getFirstProperty(Mockito.anyString())).thenReturn("true", "false");
APIConsumerImpl apiConsumer = new UserAwareAPIConsumerWrapper(userRegistry, apiMgtDAO);
Mockito.when(userRegistry.getUserRealm()).thenReturn(userRealm);
Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenThrow(UserStoreException.class).thenReturn(new String[] { "role1", "role2" });
Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
TierPermissionDTO tierPermissionDTO = new TierPermissionDTO();
tierPermissionDTO.setRoles(new String[] { "role1" });
Mockito.when(apiMgtDAO.getThrottleTierPermission(Mockito.anyString(), Mockito.anyInt())).thenReturn(tierPermissionDTO);
Assert.assertTrue(apiConsumer.isTierDeneid("tier1"));
tierPermissionDTO.setRoles(new String[] { "role3" });
Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
tierPermissionDTO.setPermissionType(APIConstants.TIER_PERMISSION_ALLOW);
Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[0]);
Assert.assertTrue(apiConsumer.isTierDeneid("tier1"));
}
use of org.wso2.carbon.user.api.UserStoreManager in project carbon-apimgt by wso2.
the class DefaultGroupIDExtractorImplTest method getGroupingIdentifiersTestCase.
@Test
public void getGroupingIdentifiersTestCase() throws UserStoreException {
ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class);
PowerMockito.mockStatic(ServiceReferenceHolder.class);
RealmService realmService = Mockito.mock(RealmService.class);
UserRealm userRealm = Mockito.mock(UserRealm.class);
APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
TenantManager tenantManager = Mockito.mock(TenantManager.class);
UserStoreManager userStoreManager = Mockito.mock(UserStoreManager.class);
Mockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI)).thenReturn("http://wso2.org/claims/organization");
Mockito.when(serviceReferenceHolder.getRealmService()).thenReturn(realmService);
Mockito.when(realmService.getTenantManager()).thenReturn(tenantManager);
Mockito.when(tenantManager.getTenantId("carbon.super")).thenReturn(-1234);
Mockito.when(realmService.getTenantUserRealm(-1234)).thenReturn(userRealm);
Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
Mockito.when(userStoreManager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername("user"), "http://wso2.org/claims/organization", null)).thenReturn("organization");
DefaultGroupIDExtractorImpl defaultGroupIDExtractor = new DefaultGroupIDExtractorImpl();
Assert.assertEquals("carbon.super/organization", defaultGroupIDExtractor.getGroupingIdentifiers("{\"user\":\"user\", \"isSuperTenant\":true}"));
Assert.assertEquals("carbon.super/organization", defaultGroupIDExtractor.getGroupingIdentifiers("{\"user\":\"user\", \"isSuperTenant\":false}"));
}
use of org.wso2.carbon.user.api.UserStoreManager in project carbon-apimgt by wso2.
the class SAMLGroupIDExtractorImplTest method getGroupingIdentifiersTestCase.
@Test
public void getGroupingIdentifiersTestCase() throws ParserConfigurationException, IOException, SAXException, UnmarshallingException, UserStoreException {
SAMLGroupIDExtractorImpl samlGroupIDExtractor = new SAMLGroupIDExtractorImplWrapper();
Mockito.when(DocumentBuilderFactory.newInstance()).thenReturn(documentBuilderFactory);
Mockito.when(documentBuilderFactory.newDocumentBuilder()).thenReturn(documentBuilder);
Mockito.when(documentBuilder.parse(samlGroupIDExtractor.getByteArrayInputStream("test"))).thenReturn(document);
Mockito.when(document.getDocumentElement()).thenReturn(element);
PowerMockito.mockStatic(XMLObjectProviderRegistrySupport.class);
Response response = Mockito.mock(Response.class);
List<Assertion> assertion = new ArrayList();
Subject subject = Mockito.mock(Subject.class);
NameID nameID = Mockito.mock(NameID.class);
Assertion assertion1 = Mockito.mock(Assertion.class);
assertion.add(assertion1);
Mockito.when(XMLObjectProviderRegistrySupport.getUnmarshallerFactory()).thenReturn(unmarshallerFactory);
Mockito.when(unmarshallerFactory.getUnmarshaller(element)).thenReturn(unmarshaller);
Mockito.when(unmarshaller.unmarshall(element)).thenReturn(response);
Mockito.when(response.getAssertions()).thenReturn(assertion);
Mockito.when(assertion.get(0).getSubject()).thenReturn(subject);
Mockito.when(subject.getNameID()).thenReturn(nameID);
Mockito.when(nameID.getValue()).thenReturn("user");
ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class);
PowerMockito.mockStatic(ServiceReferenceHolder.class);
RealmService realmService = Mockito.mock(RealmService.class);
UserRealm userRealm = Mockito.mock(UserRealm.class);
TenantManager tenantManager = Mockito.mock(TenantManager.class);
UserStoreManager userStoreManager = Mockito.mock(UserStoreManager.class);
APIManagerConfigurationService apiManagerConfigService = Mockito.mock(APIManagerConfigurationService.class);
APIManagerConfiguration apiManagerConfig = Mockito.mock(APIManagerConfiguration.class);
Mockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
Mockito.when(serviceReferenceHolder.getRealmService()).thenReturn(realmService);
Mockito.when(realmService.getTenantManager()).thenReturn(tenantManager);
Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigService);
Mockito.when(apiManagerConfigService.getAPIManagerConfiguration()).thenReturn(apiManagerConfig);
Mockito.when(apiManagerConfig.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI)).thenReturn("http://wso2.org/claims/organization");
Mockito.when(tenantManager.getTenantId("carbon.super")).thenReturn(1234);
Mockito.when(realmService.getTenantUserRealm(1234)).thenReturn(userRealm);
Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
Mockito.when(userStoreManager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername("user"), "http://wso2.org/claims/organization", null)).thenReturn("organization");
Assert.assertEquals("carbon.super/organization", samlGroupIDExtractor.getGroupingIdentifiers("test"));
}
use of org.wso2.carbon.user.api.UserStoreManager in project carbon-apimgt by wso2.
the class KeyManagerUserOperationListener method doPreDeleteUser.
/**
* Deleting user from the identity database prerequisites. Remove pending approval requests for the user and remove
* the gateway key cache.
*/
@Override
public boolean doPreDeleteUser(String username, UserStoreManager userStoreManager) {
boolean isTenantFlowStarted = false;
ApiMgtDAO apiMgtDAO = getDAOInstance();
try {
String tenantDomain = getTenantDomain();
int tenantId = getTenantId();
Tenant tenant = getTenant(tenantId);
if (tenant == null && MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
tenant = new org.wso2.carbon.user.core.tenant.Tenant();
tenant.setDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
tenant.setId(MultitenantConstants.SUPER_TENANT_ID);
} else {
// Add tenant domain to the username if user is not from super tenant domain.
// When adding a user, tenant domain is appended to workflow reference only if that user
// is from a different tenant domain(not carbon.super).
username = UserCoreUtil.addTenantDomainToEntry(username, tenantDomain);
}
Map<String, String> userStoreProperties = userStoreManager.getProperties(tenant);
String userDomain = userStoreProperties.get(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
// therefore domain name should be manually added to the username if domain is PRIMARY
if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(userDomain)) {
username = userDomain.toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + username;
} else {
username = IdentityUtil.addDomainToName(username, userDomain);
}
WorkflowExecutor userSignupWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_USER_SIGNUP);
String workflowExtRef = apiMgtDAO.getExternalWorkflowReferenceForUserSignup(username);
userSignupWFExecutor.cleanUpPendingTask(workflowExtRef);
} catch (WorkflowException | APIManagementException | UserStoreException e) {
// exception is not thrown to the caller since this is a event Identity(IS) listener
log.error("Error while cleaning up workflow task for the user: " + username, e);
}
APIUtil.clearRoleCache(getUserName(username, userStoreManager));
return true;
}
Aggregations