Search in sources :

Example 46 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class AbstractJWTGenerator method getMultiAttributeSeparator.

protected String getMultiAttributeSeparator(int tenantId) {
    try {
        RealmConfiguration realmConfiguration = null;
        RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
        if (realmService != null && tenantId != MultitenantConstants.INVALID_TENANT_ID) {
            UserStoreManager userStoreManager = (UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
            realmConfiguration = userStoreManager.getRealmConfiguration();
        }
        if (realmConfiguration != null) {
            String claimSeparator = realmConfiguration.getUserStoreProperty(APIConstants.MULTI_ATTRIBUTE_SEPARATOR);
            if (claimSeparator != null && !claimSeparator.trim().isEmpty()) {
                return claimSeparator;
            }
        }
    } catch (UserStoreException e) {
        log.error("Error occurred while getting the realm configuration, User store properties might not be " + "returned", e);
    }
    return null;
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.core.UserStoreManager)

Example 47 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIConsumerImpl method updateApplicationOwner.

public boolean updateApplicationOwner(String userId, String organization, Application application) throws APIManagementException {
    boolean isAppUpdated;
    String consumerKey;
    String oldUserName = application.getSubscriber().getName();
    String oldTenantDomain = MultitenantUtils.getTenantDomain(oldUserName);
    String newTenantDomain = MultitenantUtils.getTenantDomain(userId);
    if (oldTenantDomain.equals(newTenantDomain)) {
        if (!isSubscriberValid(userId)) {
            RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
            try {
                int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(newTenantDomain);
                UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
                if (userStoreManager.isExistingUser(userId)) {
                    if (apiMgtDAO.getSubscriber(userId) == null) {
                        addSubscriber(userId, "");
                    }
                } else {
                    throw new APIManagementException("User " + userId + " doesn't exist in user store");
                }
            } catch (UserStoreException e) {
                throw new APIManagementException("Error while adding user " + userId + " as a subscriber");
            }
        }
        String applicationName = application.getName();
        if (!APIUtil.isApplicationOwnedBySubscriber(userId, applicationName, organization)) {
            for (APIKey apiKey : application.getKeys()) {
                KeyManager keyManager = KeyManagerHolder.getKeyManagerInstance(tenantDomain, apiKey.getKeyManager());
                /* retrieving OAuth application information for specific consumer key */
                consumerKey = apiKey.getConsumerKey();
                OAuthApplicationInfo oAuthApplicationInfo = keyManager.retrieveApplication(consumerKey);
                if (oAuthApplicationInfo.getParameter(ApplicationConstants.OAUTH_CLIENT_NAME) != null) {
                    OAuthAppRequest oauthAppRequest = ApplicationUtils.createOauthAppRequest(oAuthApplicationInfo.getParameter(ApplicationConstants.OAUTH_CLIENT_NAME).toString(), null, oAuthApplicationInfo.getCallBackURL(), null, null, application.getTokenType(), this.tenantDomain, apiKey.getKeyManager());
                    oauthAppRequest.getOAuthApplicationInfo().setAppOwner(userId);
                    oauthAppRequest.getOAuthApplicationInfo().setClientId(consumerKey);
                    /* updating the owner of the OAuth application with userId */
                    OAuthApplicationInfo updatedAppInfo = keyManager.updateApplicationOwner(oauthAppRequest, userId);
                    isAppUpdated = true;
                    audit.info("Successfully updated the owner of application " + application.getName() + " from " + oldUserName + " to " + userId + ".");
                } else {
                    throw new APIManagementException("Unable to retrieve OAuth application information.");
                }
            }
        } else {
            throw new APIManagementException("Unable to update application owner to " + userId + " as this user has an application with the same name. Update owner to another user.");
        }
    } else {
        throw new APIManagementException("Unable to update application owner to " + userId + " as this user does not belong to " + oldTenantDomain + " domain.");
    }
    isAppUpdated = apiMgtDAO.updateApplicationOwner(userId, application);
    return isAppUpdated;
}
Also used : APIKey(org.wso2.carbon.apimgt.api.model.APIKey) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) OAuthAppRequest(org.wso2.carbon.apimgt.api.model.OAuthAppRequest) RealmService(org.wso2.carbon.user.core.service.RealmService) OAuthApplicationInfo(org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)

Example 48 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIUtil method isRoleNameExist.

/**
 * check whether given role is exist
 *
 * @param userName logged user
 * @param roleName role name need to check
 * @return true if exist and false if not
 * @throws APIManagementException If an error occurs
 */
public static boolean isRoleNameExist(String userName, String roleName) throws APIManagementException {
    if (roleName == null || StringUtils.isEmpty(roleName.trim())) {
        return true;
    }
    // disable role validation if "disableRoleValidationAtScopeCreation" system property is set
    String disableRoleValidation = System.getProperty(DISABLE_ROLE_VALIDATION_AT_SCOPE_CREATION);
    if (Boolean.parseBoolean(disableRoleValidation)) {
        return true;
    }
    org.wso2.carbon.user.api.UserStoreManager userStoreManager;
    try {
        RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
        int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(MultitenantUtils.getTenantDomain(userName));
        userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
        String[] roles = roleName.split(",");
        for (String role : roles) {
            if (!userStoreManager.isExistingRole(role.trim())) {
                return false;
            }
        }
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        log.error("Error when getting the list of roles", e);
        return false;
    }
    return true;
}
Also used : UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) Endpoint(org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)

Example 49 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIUtil method setupSelfRegistration.

public void setupSelfRegistration(APIManagerConfiguration config, int tenantId) throws APIManagementException {
    boolean enabled = Boolean.parseBoolean(config.getFirstProperty(APIConstants.SELF_SIGN_UP_ENABLED));
    if (!enabled) {
        return;
    }
    // Create the subscriber role as an internal role
    String role = UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + config.getFirstProperty(APIConstants.SELF_SIGN_UP_ROLE);
    if ((UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR).equals(role)) {
        // Required parameter missing - Throw an exception and interrupt startup
        throw new APIManagementException("Required subscriber role parameter missing " + "in the self sign up configuration");
    }
    try {
        RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
        UserRealm realm;
        org.wso2.carbon.user.api.UserRealm tenantRealm;
        UserStoreManager manager;
        if (tenantId < 0) {
            realm = realmService.getBootstrapRealm();
            manager = realm.getUserStoreManager();
        } else {
            tenantRealm = realmService.getTenantUserRealm(tenantId);
            manager = tenantRealm.getUserStoreManager();
        }
        if (!manager.isExistingRole(role)) {
            if (log.isDebugEnabled()) {
                log.debug("Creating subscriber role: " + role);
            }
            Permission[] subscriberPermissions = new Permission[] { new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION), new Permission(APIConstants.Permissions.API_SUBSCRIBE, UserMgtConstants.EXECUTE_ACTION) };
            String tenantAdminName = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminUserName();
            String[] userList = new String[] { tenantAdminName };
            manager.addRole(role, userList, subscriberPermissions);
        }
    } catch (UserStoreException e) {
        throw new APIManagementException("Error while creating subscriber role: " + role + " - " + "Self registration might not function properly.", e);
    }
}
Also used : UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) UserRealm(org.wso2.carbon.user.core.UserRealm) RealmService(org.wso2.carbon.user.core.service.RealmService) Permission(org.wso2.carbon.user.api.Permission) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Example 50 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIUtil method getRoleNames.

/**
 * Retrieves the role list of system
 *
 * @throws APIManagementException If an error occurs
 */
public static String[] getRoleNames(String username) throws APIManagementException {
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    try {
        if (!org.wso2.carbon.utils.multitenancy.MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
            int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
            UserStoreManager manager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
            return manager.getRoleNames();
        } else {
            return AuthorizationManager.getInstance().getRoleNames();
        }
    } catch (UserStoreException e) {
        log.error("Error while getting all the roles", e);
        return new String[0];
    }
}
Also used : UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) Endpoint(org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)

Aggregations

RealmService (org.wso2.carbon.user.core.service.RealmService)27 UserStoreException (org.wso2.carbon.user.api.UserStoreException)25 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)24 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)19 Test (org.junit.Test)17 UserRealm (org.wso2.carbon.user.core.UserRealm)16 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)16 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)12 ServiceReferenceHolder (org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder)11 TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)10 UserRealm (org.wso2.carbon.user.api.UserRealm)8 HashMap (java.util.HashMap)6 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)6 UserRegistrationConfigDTO (org.wso2.carbon.apimgt.impl.dto.UserRegistrationConfigDTO)4 Assertion (org.opensaml.saml.saml2.core.Assertion)3 Response (org.opensaml.saml.saml2.core.Response)3 Subject (org.opensaml.saml.saml2.core.Subject)3 APIManagerConfiguration (org.wso2.carbon.apimgt.impl.APIManagerConfiguration)3 Endpoint (org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2