Examples with Claim org.wso2.carbon.user.core.claim.Claim used on opensource projects

Example 21 with Claim

use of org.wso2.carbon.user.core.claim.Claim in project carbon-apimgt by wso2.

the class DefaultGroupIDExtractorImpl method getGroupingIdentifierList.

@Override
public String[] getGroupingIdentifierList(String loginResponse) {
    JSONObject obj;
    String username = null;
    Boolean isSuperTenant;
    int tenantId = MultitenantConstants.SUPER_TENANT_ID;
    String tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
    APIManagerConfiguration config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
    String claim = config.getFirstProperty(APIConstants.API_STORE_GROUP_EXTRACTOR_CLAIM_URI);
    if (StringUtils.isBlank(claim)) {
        claim = "http://wso2.org/claims/organization";
    }
    String organization = null;
    String[] groupIdArray = null;
    try {
        obj = new JSONObject(loginResponse);
        username = (String) obj.get("user");
        isSuperTenant = (Boolean) obj.get("isSuperTenant");
        RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
        // if the user is not in the super tenant domain then find the domain name and tenant id.
        if (!isSuperTenant) {
            tenantDomain = MultitenantUtils.getTenantDomain(username);
            tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
        }
        UserRealm realm = (UserRealm) realmService.getTenantUserRealm(tenantId);
        UserStoreManager manager = realm.getUserStoreManager();
        organization = manager.getUserClaimValue(MultitenantUtils.getTenantAwareUsername(username), claim, null);
        if (organization != null) {
            if (organization.contains(",")) {
                groupIdArray = organization.split(",");
                for (int i = 0; i < groupIdArray.length; i++) {
                    groupIdArray[i] = groupIdArray[i].toString().trim();
                }
            } else {
                organization = organization.trim();
                groupIdArray = new String[] { organization };
            }
        } else {
            // If claim is null then returning a empty string
            groupIdArray = new String[] {};
        }
    } catch (JSONException e) {
        log.error("Exception occured while trying to get group Identifier from login response", e);
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        log.error("Error while checking user existence for " + username, e);
    }
    return groupIdArray;
}

Example 22 with Claim

use of org.wso2.carbon.user.core.claim.Claim in project carbon-apimgt by wso2.

the class JWTValidatorImplTest method setup.

@Before
public void setup() {
    jwsHeader = new JWSHeader(this.jwsAlgorithm);
    jwsHeader = new JWSHeader.Builder(jwsHeader).keyID(KeyId).build();
    signedJWTInfo = new SignedJWTInfo();
    signedJWT = Mockito.mock(SignedJWT.class);
    signedJWTInfo.setSignedJWT(signedJWT);
    Calendar now = Calendar.getInstance();
    now.add(Calendar.HOUR, 1);
    JSONObject transportCertHash = new JSONObject();
    transportCertHash.put("x5t#S256", CERT_HASH);
    JWTClaimsSet jwtClaimsSet = new JWTClaimsSet.Builder().expirationTime(now.getTime()).claim(APIConstants.CNF, transportCertHash).build();
    signedJWTInfo.setJwtClaimsSet(jwtClaimsSet);
    System.setProperty("javax.net.ssl.trustStore", CertificateManagerImplTest.class.getClassLoader().getResource("security/client-truststore.jks").getPath());
    System.setProperty("javax.net.ssl.trustStorePassword", PASSWORD);
}

Example 23 with Claim

use of org.wso2.carbon.user.core.claim.Claim in project carbon-apimgt by wso2.

the class ApiMgtDAO method setJWTClaimConditions.

/**
 * Add JWT claim conditions of pipeline with pipeline Id: <code>pipelineId</code> to a
 * provided {@link Condition} array
 *
 * @param pipelineId Id of the pipeline
 * @param conditions condition array to populate
 * @throws APIManagementException
 */
private void setJWTClaimConditions(int pipelineId, ArrayList<Condition> conditions) throws APIManagementException {
    Connection connection = null;
    PreparedStatement conditionsStatement = null;
    ResultSet resultSet = null;
    try {
        connection = APIMgtDBUtil.getConnection();
        conditionsStatement = connection.prepareStatement(SQLConstants.ThrottleSQLConstants.GET_JWT_CLAIM_CONDITIONS_SQL);
        conditionsStatement.setInt(1, pipelineId);
        resultSet = conditionsStatement.executeQuery();
        while (resultSet.next()) {
            JWTClaimsCondition jwtClaimsCondition = new JWTClaimsCondition();
            jwtClaimsCondition.setClaimUrl(resultSet.getString(ThrottlePolicyConstants.COLUMN_CLAIM_URI));
            jwtClaimsCondition.setAttribute(resultSet.getString(ThrottlePolicyConstants.COLUMN_CLAIM_ATTRIBUTE));
            jwtClaimsCondition.setInvertCondition(resultSet.getBoolean(ThrottlePolicyConstants.COLUMN_IS_CLAIM_MAPPING));
            conditions.add(jwtClaimsCondition);
        }
    } catch (SQLException e) {
        handleException("Failed to get jwt claim conditions for pipelineId: " + pipelineId, e);
    } finally {
        APIMgtDBUtil.closeAllConnections(conditionsStatement, connection, resultSet);
    }
}

Example 24 with Claim

use of org.wso2.carbon.user.core.claim.Claim in project carbon-apimgt by wso2.

the class SystemScopeUtils method getRoleClaim.

/**
 * Role claim attribute value from configuration file or from constants
 *
 * @return
 */
private static String getRoleClaim() {
    AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
    AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
    if (authenticatorConfig != null) {
        Map<String, String> configParameters = authenticatorConfig.getParameters();
        if (configParameters.containsKey(APIConstants.SystemScopeConstants.ROLE_CLAIM_ATTRIBUTE)) {
            return configParameters.get(APIConstants.SystemScopeConstants.ROLE_CLAIM_ATTRIBUTE);
        }
    }
    return APIConstants.SystemScopeConstants.ROLE_ATTRIBUTE_NAME;
}

Example 25 with Claim

use of org.wso2.carbon.user.core.claim.Claim in project carbon-apimgt by wso2.

the class RemoteUserManagerClient method getUserList.

/**
 * Return userlist based on a claim
 *
 * @param claim      - The claim
 * @param claimValue - The Claim Value
 * @return - A user list
 * @throws APIManagementException
 */
public String[] getUserList(String claim, String claimValue) throws APIManagementException {
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    try {
        UserRealm tenantUserRealm = (UserRealm) ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
        UserStoreManager userStoreManager = tenantUserRealm.getUserStoreManager();
        return userStoreManager.getUserList(claim, claimValue, null);
    } catch (Exception e) {
        throw new APIManagementException("Error when retrieving user list", e);
    }
}