Search in sources :

Example 31 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIKeyMgtRemoteUserStoreMgtService method getUserAuthenticationInfo.

public BasicAuthValidationInfoDTO getUserAuthenticationInfo(String username, String password) throws APIManagementException {
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    PrivilegedCarbonContext.startTenantFlow();
    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
    UserStoreManager userStoreManager;
    BasicAuthValidationInfoDTO basicAuthValidationInfoDTO = new BasicAuthValidationInfoDTO();
    boolean isAuthenticated;
    String[] userRoles;
    String domainQualifiedUsername;
    try {
        userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
        isAuthenticated = userStoreManager.authenticate(MultitenantUtils.getTenantAwareUsername(username), password);
        if (isAuthenticated) {
            basicAuthValidationInfoDTO.setAuthenticated(true);
            domainQualifiedUsername = UserCoreUtil.addDomainToName(username, UserCoreUtil.getDomainFromThreadLocal());
            basicAuthValidationInfoDTO.setDomainQualifiedUsername(domainQualifiedUsername);
        } else {
            // return default validation DTO with authentication false
            return basicAuthValidationInfoDTO;
        }
        // Get role list of user.
        // Should give the domain qualified username when getting the role list of user.
        userRoles = userStoreManager.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(domainQualifiedUsername));
        basicAuthValidationInfoDTO.setUserRoleList(userRoles);
    } catch (UserStoreException e) {
        APIUtil.handleException("Error occurred while retrieving user authentication info of user " + username, e);
    } finally {
        PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
    }
    return basicAuthValidationInfoDTO;
}
Also used : BasicAuthValidationInfoDTO(org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)

Example 32 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class APIConsumerImplTest method testIsTierDenied.

@Test
public void testIsTierDenied() throws APIManagementException, org.wso2.carbon.user.core.UserStoreException {
    UserRegistry userRegistry = Mockito.mock(UserRegistry.class);
    APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
    APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
    Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
    Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
    Mockito.when(apiManagerConfiguration.getFirstProperty(Mockito.anyString())).thenReturn("true", "false");
    APIConsumerImpl apiConsumer = new UserAwareAPIConsumerWrapper(userRegistry, apiMgtDAO);
    Mockito.when(userRegistry.getUserRealm()).thenReturn(userRealm);
    Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenThrow(UserStoreException.class).thenReturn(new String[] { "role1", "role2" });
    Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
    TierPermissionDTO tierPermissionDTO = new TierPermissionDTO();
    tierPermissionDTO.setRoles(new String[] { "role1" });
    Mockito.when(apiMgtDAO.getThrottleTierPermission(Mockito.anyString(), Mockito.anyInt())).thenReturn(tierPermissionDTO);
    Assert.assertTrue(apiConsumer.isTierDeneid("tier1"));
    tierPermissionDTO.setRoles(new String[] { "role3" });
    Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
    Assert.assertFalse(apiConsumer.isTierDeneid("tier1"));
    tierPermissionDTO.setPermissionType(APIConstants.TIER_PERMISSION_ALLOW);
    Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[0]);
    Assert.assertTrue(apiConsumer.isTierDeneid("tier1"));
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserRegistry(org.wso2.carbon.registry.core.session.UserRegistry) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 33 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class DefaultGroupIDExtractorImplTest method getGroupingIdentifiersTestCase.

@Test
public void getGroupingIdentifiersTestCase() throws UserStoreException {
    ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class);
    PowerMockito.mockStatic(ServiceReferenceHolder.class);
    RealmService realmService = Mockito.mock(RealmService.class);
    UserRealm userRealm = Mockito.mock(UserRealm.class);
    APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
    APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
    TenantManager tenantManager = Mockito.mock(TenantManager.class);
    UserStoreManager userStoreManager = Mockito.mock(UserStoreManager.class);
    Mockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
    Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
    Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
    Mockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI)).thenReturn("http://wso2.org/claims/organization");
    Mockito.when(serviceReferenceHolder.getRealmService()).thenReturn(realmService);
    Mockito.when(realmService.getTenantManager()).thenReturn(tenantManager);
    Mockito.when(tenantManager.getTenantId("carbon.super")).thenReturn(-1234);
    Mockito.when(realmService.getTenantUserRealm(-1234)).thenReturn(userRealm);
    Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    Mockito.when(userStoreManager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername("user"), "http://wso2.org/claims/organization", null)).thenReturn("organization");
    DefaultGroupIDExtractorImpl defaultGroupIDExtractor = new DefaultGroupIDExtractorImpl();
    Assert.assertEquals("carbon.super/organization", defaultGroupIDExtractor.getGroupingIdentifiers("{\"user\":\"user\", \"isSuperTenant\":true}"));
    Assert.assertEquals("carbon.super/organization", defaultGroupIDExtractor.getGroupingIdentifiers("{\"user\":\"user\", \"isSuperTenant\":false}"));
}
Also used : ServiceReferenceHolder(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder) UserRealm(org.wso2.carbon.user.core.UserRealm) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreManager(org.wso2.carbon.user.core.UserStoreManager) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 34 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class SAMLGroupIDExtractorImplTest method getGroupingIdentifiersTestCase.

@Test
public void getGroupingIdentifiersTestCase() throws ParserConfigurationException, IOException, SAXException, UnmarshallingException, UserStoreException {
    SAMLGroupIDExtractorImpl samlGroupIDExtractor = new SAMLGroupIDExtractorImplWrapper();
    Mockito.when(DocumentBuilderFactory.newInstance()).thenReturn(documentBuilderFactory);
    Mockito.when(documentBuilderFactory.newDocumentBuilder()).thenReturn(documentBuilder);
    Mockito.when(documentBuilder.parse(samlGroupIDExtractor.getByteArrayInputStream("test"))).thenReturn(document);
    Mockito.when(document.getDocumentElement()).thenReturn(element);
    PowerMockito.mockStatic(XMLObjectProviderRegistrySupport.class);
    Response response = Mockito.mock(Response.class);
    List<Assertion> assertion = new ArrayList();
    Subject subject = Mockito.mock(Subject.class);
    NameID nameID = Mockito.mock(NameID.class);
    Assertion assertion1 = Mockito.mock(Assertion.class);
    assertion.add(assertion1);
    Mockito.when(XMLObjectProviderRegistrySupport.getUnmarshallerFactory()).thenReturn(unmarshallerFactory);
    Mockito.when(unmarshallerFactory.getUnmarshaller(element)).thenReturn(unmarshaller);
    Mockito.when(unmarshaller.unmarshall(element)).thenReturn(response);
    Mockito.when(response.getAssertions()).thenReturn(assertion);
    Mockito.when(assertion.get(0).getSubject()).thenReturn(subject);
    Mockito.when(subject.getNameID()).thenReturn(nameID);
    Mockito.when(nameID.getValue()).thenReturn("user");
    ServiceReferenceHolder serviceReferenceHolder = Mockito.mock(ServiceReferenceHolder.class);
    PowerMockito.mockStatic(ServiceReferenceHolder.class);
    RealmService realmService = Mockito.mock(RealmService.class);
    UserRealm userRealm = Mockito.mock(UserRealm.class);
    TenantManager tenantManager = Mockito.mock(TenantManager.class);
    UserStoreManager userStoreManager = Mockito.mock(UserStoreManager.class);
    APIManagerConfigurationService apiManagerConfigService = Mockito.mock(APIManagerConfigurationService.class);
    APIManagerConfiguration apiManagerConfig = Mockito.mock(APIManagerConfiguration.class);
    Mockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceReferenceHolder);
    Mockito.when(serviceReferenceHolder.getRealmService()).thenReturn(realmService);
    Mockito.when(realmService.getTenantManager()).thenReturn(tenantManager);
    Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigService);
    Mockito.when(apiManagerConfigService.getAPIManagerConfiguration()).thenReturn(apiManagerConfig);
    Mockito.when(apiManagerConfig.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI)).thenReturn("http://wso2.org/claims/organization");
    Mockito.when(tenantManager.getTenantId("carbon.super")).thenReturn(1234);
    Mockito.when(realmService.getTenantUserRealm(1234)).thenReturn(userRealm);
    Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    Mockito.when(userStoreManager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername("user"), "http://wso2.org/claims/organization", null)).thenReturn("organization");
    Assert.assertEquals("carbon.super/organization", samlGroupIDExtractor.getGroupingIdentifiers("test"));
}
Also used : ServiceReferenceHolder(org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder) NameID(org.opensaml.saml.saml2.core.NameID) Assertion(org.opensaml.saml.saml2.core.Assertion) ArrayList(java.util.ArrayList) UserStoreManager(org.wso2.carbon.user.core.UserStoreManager) Subject(org.opensaml.saml.saml2.core.Subject) Response(org.opensaml.saml.saml2.core.Response) UserRealm(org.wso2.carbon.user.core.UserRealm) RealmService(org.wso2.carbon.user.core.service.RealmService) TenantManager(org.wso2.carbon.user.core.tenant.TenantManager) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 35 with UserStoreManager

use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.

the class KeyManagerUserOperationListener method doPreDeleteUser.

/**
 * Deleting user from the identity database prerequisites. Remove pending approval requests for the user and remove
 * the gateway key cache.
 */
@Override
public boolean doPreDeleteUser(String username, UserStoreManager userStoreManager) {
    boolean isTenantFlowStarted = false;
    ApiMgtDAO apiMgtDAO = getDAOInstance();
    try {
        String tenantDomain = getTenantDomain();
        int tenantId = getTenantId();
        Tenant tenant = getTenant(tenantId);
        if (tenant == null && MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
            tenant = new org.wso2.carbon.user.core.tenant.Tenant();
            tenant.setDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
            tenant.setId(MultitenantConstants.SUPER_TENANT_ID);
        } else {
            // Add tenant domain to the username if user is not from super tenant domain.
            // When adding a user, tenant domain is appended to workflow reference only if that user
            // is from a different tenant domain(not carbon.super).
            username = UserCoreUtil.addTenantDomainToEntry(username, tenantDomain);
        }
        Map<String, String> userStoreProperties = userStoreManager.getProperties(tenant);
        String userDomain = userStoreProperties.get(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
        // therefore domain name should be manually added to the username if domain is PRIMARY
        if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(userDomain)) {
            username = userDomain.toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + username;
        } else {
            username = IdentityUtil.addDomainToName(username, userDomain);
        }
        WorkflowExecutor userSignupWFExecutor = getWorkflowExecutor(WorkflowConstants.WF_TYPE_AM_USER_SIGNUP);
        String workflowExtRef = apiMgtDAO.getExternalWorkflowReferenceForUserSignup(username);
        userSignupWFExecutor.cleanUpPendingTask(workflowExtRef);
    } catch (WorkflowException | APIManagementException | UserStoreException e) {
        // exception is not thrown to the caller since this is a event Identity(IS) listener
        log.error("Error while cleaning up workflow task for the user: " + username, e);
    }
    APIUtil.clearRoleCache(getUserName(username, userStoreManager));
    return true;
}
Also used : WorkflowException(org.wso2.carbon.apimgt.impl.workflow.WorkflowException) ApiMgtDAO(org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO) Tenant(org.wso2.carbon.user.api.Tenant) APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) WorkflowExecutor(org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor)

Aggregations

RealmService (org.wso2.carbon.user.core.service.RealmService)27 UserStoreException (org.wso2.carbon.user.api.UserStoreException)25 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)24 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)19 Test (org.junit.Test)17 UserRealm (org.wso2.carbon.user.core.UserRealm)16 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)16 APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)12 ServiceReferenceHolder (org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder)11 TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)10 UserRealm (org.wso2.carbon.user.api.UserRealm)8 HashMap (java.util.HashMap)6 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)6 UserRegistrationConfigDTO (org.wso2.carbon.apimgt.impl.dto.UserRegistrationConfigDTO)4 Assertion (org.opensaml.saml.saml2.core.Assertion)3 Response (org.opensaml.saml.saml2.core.Response)3 Subject (org.opensaml.saml.saml2.core.Subject)3 APIManagerConfiguration (org.wso2.carbon.apimgt.impl.APIManagerConfiguration)3 Endpoint (org.wso2.carbon.governance.api.endpoints.dataobjects.Endpoint)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2