Search in sources :

Example 26 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project carbon-business-process by wso2.

the class TaskOperationsImpl method getUserListForRole.

private TUser[] getUserListForRole(String roleName, int tenantId, String actualOwnerUserName) throws RegistryException, UserStoreException {
    TUser[] userList = new TUser[0];
    RegistryService registryService = HumanTaskServiceComponent.getRegistryService();
    if (registryService != null && registryService.getUserRealm(tenantId) != null) {
        UserRealm userRealm = registryService.getUserRealm(tenantId);
        String[] assignableUserNameList = userRealm.getUserStoreManager().getUserListOfRole(roleName);
        if (assignableUserNameList != null) {
            userList = new TUser[assignableUserNameList.length];
            for (int i = 0; i < assignableUserNameList.length; i++) {
                TUser user = new TUser();
                user.setTUser(assignableUserNameList[i]);
                if (StringUtils.isEmpty(actualOwnerUserName)) {
                    userList[i] = user;
                } else if (StringUtils.isNotEmpty(actualOwnerUserName) && !actualOwnerUserName.equals(assignableUserNameList[i])) {
                    userList[i] = user;
                }
            }
        }
    } else {
        log.warn("Cannot load User Realm for Tenant Id: " + tenantId);
    }
    return userList;
}
Also used : UserRealm(org.wso2.carbon.user.core.UserRealm) RegistryService(org.wso2.carbon.registry.core.service.RegistryService)

Example 27 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project carbon-business-process by wso2.

the class UserSubstitutionService method getRequestedAssignee.

/**
 * Validate and get the assignee for a substitute request
 * @param user
 * @return actual assignee of the substitute request
 * @throws UserStoreException
 */
private String getRequestedAssignee(final String user) throws UserStoreException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    UserRealm userRealm = BPMNOSGIService.getUserRealm();
    String assignee = getTenantAwareUser(user);
    // validate the assignee
    if (assignee != null && !assignee.trim().isEmpty() && !assignee.equals(loggedInUser)) {
        // setting another users
        boolean isAuthorized = isUserAuthorizedForSubstitute(loggedInUser);
        if (!isAuthorized) {
            throw new BPMNForbiddenException("Action requires BPMN substitution permission");
        }
        if (!userRealm.getUserStoreManager().isExistingUser(assignee)) {
            throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + assignee);
        }
    } else {
        // assignee is the logged in user
        assignee = loggedInUser;
    }
    return assignee;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) ActivitiIllegalArgumentException(org.activiti.engine.ActivitiIllegalArgumentException) BPMNForbiddenException(org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException)

Example 28 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method proceedWithOTP.

/**
 * Proceed with One Time Password.
 *
 * @param response     the HttpServletResponse
 * @param context      the AuthenticationContext
 * @param errorPage    the errorPage
 * @param mobileNumber the mobile number
 * @param queryParams  the queryParams
 * @param username     the Username
 * @throws AuthenticationFailedException
 */
private void proceedWithOTP(HttpServletResponse response, AuthenticationContext context, String errorPage, String mobileNumber, String queryParams, String username) throws AuthenticationFailedException {
    String screenValue;
    Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
    boolean isEnableResendCode = SMSOTPUtils.isEnableResendCode(context, getName());
    String loginPage = getLoginPage(context);
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        // One time password is generated and stored in the context.
        OneTimePassword token = new OneTimePassword();
        String secret = OneTimePassword.getRandomNumber(SMSOTPConstants.SECRET_KEY_LENGTH);
        String otpToken = token.generateToken(secret, String.valueOf(SMSOTPConstants.NUMBER_BASE), SMSOTPConstants.NUMBER_DIGIT);
        context.setProperty(SMSOTPConstants.OTP_TOKEN, otpToken);
        if (log.isDebugEnabled()) {
            log.debug("Generated OTP successfully and set to the context.");
        }
        // Get the values of the sms provider related api parameters.
        String smsUrl = authenticatorProperties.get(SMSOTPConstants.SMS_URL);
        String httpMethod = authenticatorProperties.get(SMSOTPConstants.HTTP_METHOD);
        String headerString = authenticatorProperties.get(SMSOTPConstants.HEADERS);
        String payload = authenticatorProperties.get(SMSOTPConstants.PAYLOAD);
        String httpResponse = authenticatorProperties.get(SMSOTPConstants.HTTP_RESPONSE);
        if (!sendRESTCall(context, smsUrl, httpMethod, headerString, payload, httpResponse, mobileNumber, otpToken)) {
            String retryParam;
            context.setProperty(SMSOTPConstants.STATUS_CODE, SMSOTPConstants.UNABLE_SEND_CODE);
            if (context.getProperty(SMSOTPConstants.ERROR_CODE) != null) {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + context.getProperty(SMSOTPConstants.ERROR_CODE).toString();
            } else {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + SMSOTPConstants.UNABLE_SEND_CODE_VALUE;
            }
            String redirectUrl = getURL(errorPage, queryParams);
            response.sendRedirect(redirectUrl + SMSOTPConstants.RESEND_CODE + isEnableResendCode + retryParam);
        } else {
            String url = getURL(loginPage, queryParams);
            boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
            if (isUserExists) {
                screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
                if (screenValue != null) {
                    url = url + SMSOTPConstants.SCREEN_VALUE + screenValue;
                }
            }
            response.sendRedirect(url);
        }
    } catch (IOException e) {
        throw new AuthenticationFailedException("Error while sending the HTTP request. ", e);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the user from user store. ", e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IOException(java.io.IOException)

Example 29 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method getScreenValue.

/**
 * Get the screen value for configured screen attribute.
 *
 * @param context the AuthenticationContext
 * @return screenValue
 * @throws AuthenticationFailedException
 */
private String getScreenValue(AuthenticationContext context) throws AuthenticationFailedException {
    String screenValue;
    String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the screen attribute for the user " + tenantAwareUsername + " from user store. ", e);
    }
    return screenValue;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Example 30 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method getUserRealm.

/**
 * Get the user realm of the logged in user.
 *
 * @param username the Username
 * @return the userRealm
 * @throws AuthenticationFailedException
 */
private UserRealm getUserRealm(String username) throws AuthenticationFailedException {
    UserRealm userRealm = null;
    try {
        if (StringUtils.isNotEmpty(username)) {
            String tenantDomain = MultitenantUtils.getTenantDomain(username);
            int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
            RealmService realmService = IdentityTenantUtil.getRealmService();
            userRealm = realmService.getTenantUserRealm(tenantId);
        }
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Cannot find the user realm. ", e);
    }
    return userRealm;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Aggregations

RealmService (org.wso2.carbon.user.core.service.RealmService)34 UserRealm (org.wso2.carbon.user.core.UserRealm)32 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)23 Test (org.junit.Test)21 UserRealm (org.wso2.carbon.user.api.UserRealm)20 UserStoreException (org.wso2.carbon.user.api.UserStoreException)18 TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)15 ServiceReferenceHolder (org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder)14 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)13 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)11 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)10 RegistryService (org.wso2.carbon.registry.core.service.RegistryService)9 UserRegistry (org.wso2.carbon.registry.core.session.UserRegistry)9 UserStoreException (org.wso2.carbon.user.core.UserStoreException)7 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)6 AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)6 APIManagerConfiguration (org.wso2.carbon.apimgt.impl.APIManagerConfiguration)5 RealmConfiguration (org.wso2.carbon.user.api.RealmConfiguration)5 Matchers.anyString (org.mockito.Matchers.anyString)4 Organization (org.wso2.carbon.apimgt.persistence.dto.Organization)4