Example 1 with RealmService
use of org.wso2.carbon.user.core.service.RealmService in project core-util by WSO2Telco.
the class UserRoleProsser method getRolesByUserName.
public List<String> getRolesByUserName(String userName) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
List<String> currentUserRoleList = null;
try {
RealmConfiguration realmConfiguration = new RealmConfiguration();
String[] currentUserRoles = realmService.getUserRealm(realmConfiguration).getUserStoreManager().getRoleListOfUser(userName);
currentUserRoleList = Arrays.asList(currentUserRoles);
} catch (org.wso2.carbon.user.api.UserStoreException e) {
log.error("unable to retrieve user roles for user " + userName + " : ", e);
}
if (currentUserRoleList != null && !currentUserRoleList.isEmpty()) {
return currentUserRoleList;
} else {
return Collections.emptyList();
}
}
Also used :
RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration)
RealmService(org.wso2.carbon.user.core.service.RealmService)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
Example 2 with RealmService
use of org.wso2.carbon.user.core.service.RealmService in project core-util by WSO2Telco.
the class BasicAuthenticator method isAuthenticatedUser.
public boolean isAuthenticatedUser(String userName, String password) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
RegistryService registryService = (RegistryService) carbonContext.getOSGiService(RegistryService.class, null);
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
try {
UserRealm userRealm = null;
userRealm = AnonymousSessionUtil.getRealmByTenantDomain(registryService, realmService, tenantDomain);
if (userRealm == null) {
log.error("invalid domain or unactivated tenant login");
return false;
}
String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(userName);
if (userRealm.getUserStoreManager().authenticate(tenantAwareUsername, password)) {
return true;
} else {
log.error("authentication failed. please check your username/password");
return false;
}
} catch (CarbonException | UserStoreException e) {
log.error("authentication failed for user : " + userName, e);
return false;
}
}
Also used :
UserRealm(org.wso2.carbon.user.core.UserRealm)
RealmService(org.wso2.carbon.user.core.service.RealmService)
CarbonException(org.wso2.carbon.CarbonException)
UserStoreException(org.wso2.carbon.user.core.UserStoreException)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
RegistryService(org.wso2.carbon.registry.core.service.RegistryService)
Example 3 with RealmService
use of org.wso2.carbon.user.core.service.RealmService in project carbon-business-process by wso2.
the class BPSUserIdentityManager method checkPassword.
@Override
public Boolean checkPassword(String userId, String password) {
String tenantDomain = MultitenantUtils.getTenantDomain(userId);
String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(userId);
String userNameWithTenantDomain = tenantAwareUserName + "@" + tenantDomain;
RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
TenantManager mgr = realmService.getTenantManager();
int tenantId = 0;
try {
tenantId = mgr.getTenantId(tenantDomain);
} catch (UserStoreException e) {
throw new BPMNAuthenticationException("Identity exception thrown while getting tenant ID for user : " + userNameWithTenantDomain, e);
}
// tenantId == -1, means an invalid tenant.
if (tenantId == -1) {
if (log.isDebugEnabled()) {
log.debug("Basic authentication request with an invalid tenant : " + userNameWithTenantDomain);
}
return false;
}
org.wso2.carbon.user.api.UserStoreManager userStoreManager = null;
boolean authStatus = false;
try {
userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
authStatus = userStoreManager.authenticate(tenantAwareUserName, password);
} catch (UserStoreException e) {
throw new BPMNAuthenticationException("User store exception thrown while authenticating user : " + userNameWithTenantDomain, e);
}
/* IdentityService identityService = BPMNOSGIService.getIdentityService();
authStatus = identityService.checkPassword(userName, password);*/
if (log.isDebugEnabled()) {
log.debug("Basic authentication request completed. " + "Username : " + userNameWithTenantDomain + ", Authentication State : " + authStatus);
}
return authStatus;
}
Also used :
RealmService(org.wso2.carbon.user.core.service.RealmService)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
BPMNAuthenticationException(org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)
TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)
Example 4 with RealmService
use of org.wso2.carbon.user.core.service.RealmService in project carbon-business-process by wso2.
the class RESTTask method execute.
@Override
public void execute(DelegateExecution execution) {
if (method == null) {
String error = "HTTP method for the REST task not found. Please specify the \"method\" form property.";
throw new RESTClientException(error);
}
if (log.isDebugEnabled()) {
if (serviceURL != null) {
log.debug("Executing RESTInvokeTask " + method.getValue(execution).toString() + " - " + serviceURL.getValue(execution).toString());
} else if (serviceRef != null) {
log.debug("Executing RESTInvokeTask " + method.getValue(execution).toString() + " - " + serviceRef.getValue(execution).toString());
}
}
RESTInvoker restInvoker = BPMNRestExtensionHolder.getInstance().getRestInvoker();
RESTResponse response;
String url = null;
String bUsername = null;
String bPassword = null;
JsonNodeObject jsonHeaders = null;
boolean contentAvailable = false;
try {
if (serviceURL != null) {
url = serviceURL.getValue(execution).toString();
if (basicAuthUsername != null && basicAuthPassword != null) {
bUsername = basicAuthUsername.getValue(execution).toString();
bPassword = basicAuthPassword.getValue(execution).toString();
}
} else if (serviceRef != null) {
String resourcePath = serviceRef.getValue(execution).toString();
String registryPath;
int tenantIdInt = Integer.parseInt(execution.getTenantId());
RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
String domain = realmService.getTenantManager().getDomain(tenantIdInt);
Registry registry;
Resource urlResource;
try {
PrivilegedCarbonContext.startTenantFlow();
if (domain != null) {
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(domain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantIdInt);
} else {
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantIdInt);
}
if (resourcePath.startsWith(GOVERNANCE_REGISTRY_PREFIX)) {
registryPath = resourcePath.substring(GOVERNANCE_REGISTRY_PREFIX.length());
registry = BPMNExtensionsComponent.getRegistryService().getGovernanceSystemRegistry(tenantIdInt);
} else if (resourcePath.startsWith(CONFIGURATION_REGISTRY_PREFIX)) {
registryPath = resourcePath.substring(CONFIGURATION_REGISTRY_PREFIX.length());
registry = BPMNExtensionsComponent.getRegistryService().getConfigSystemRegistry(tenantIdInt);
} else {
String msg = "Registry type is not specified for service reference in " + getTaskDetails(execution) + ". serviceRef should begin with gov:/ or conf:/ to indicate the registry type.";
throw new RESTClientException(msg);
}
if (log.isDebugEnabled()) {
log.debug("Reading endpoint from registry location: " + registryPath + " for task " + getTaskDetails(execution));
}
urlResource = registry.get(registryPath);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
if (urlResource != null) {
String uepContent = new String((byte[]) urlResource.getContent(), Charset.defaultCharset());
UnifiedEndpointFactory uepFactory = new UnifiedEndpointFactory();
OMElement uepElement = AXIOMUtil.stringToOM(uepContent);
UnifiedEndpoint uep = uepFactory.createEndpoint(uepElement);
url = uep.getAddress();
bUsername = uep.getAuthorizationUserName();
bPassword = uep.getAuthorizationPassword();
} else {
String errorMsg = "Endpoint resource " + registryPath + " is not found. Failed to execute REST invocation in task " + getTaskDetails(execution);
throw new RESTClientException(errorMsg);
}
} else {
String urlNotFoundErrorMsg = "Service URL is not provided for " + getTaskDetails(execution) + ". serviceURL or serviceRef must be provided.";
throw new RESTClientException(urlNotFoundErrorMsg);
}
if (headers != null) {
String headerContent = headers.getValue(execution).toString();
jsonHeaders = JSONUtils.parse(headerContent);
}
if (POST_METHOD.equals(method.getValue(execution).toString().trim().toUpperCase())) {
String inputContent = input.getValue(execution).toString();
response = restInvoker.invokePOST(new URI(url), jsonHeaders, bUsername, bPassword, inputContent);
} else if (GET_METHOD.equals(method.getValue(execution).toString().trim().toUpperCase())) {
response = restInvoker.invokeGET(new URI(url), jsonHeaders, bUsername, bPassword);
} else if (PUT_METHOD.equals(method.getValue(execution).toString().trim().toUpperCase())) {
String inputContent = input.getValue(execution).toString();
response = restInvoker.invokePUT(new URI(url), jsonHeaders, bUsername, bPassword, inputContent);
} else if (DELETE_METHOD.equals(method.getValue(execution).toString().trim().toUpperCase())) {
response = restInvoker.invokeDELETE(new URI(url), jsonHeaders, bUsername, bPassword);
} else {
String errorMsg = "Unsupported http method. The REST task only supports GET, POST, PUT and DELETE operations";
throw new RESTClientException(errorMsg);
}
Object output = response.getContent();
if (output != null) {
contentAvailable = !response.getContent().equals("");
}
boolean contentTypeAvailable = false;
if (response.getContentType() != null) {
contentTypeAvailable = true;
}
if (contentAvailable && contentTypeAvailable && response.getContentType().contains(APPLICATION_JSON)) {
output = JSONUtils.parse(String.valueOf(output));
} else if (contentAvailable && contentTypeAvailable && response.getContentType().contains(APPLICATION_XML)) {
output = Utils.parse(String.valueOf(output));
} else {
output = StringEscapeUtils.escapeXml(String.valueOf(output));
}
if (outputVariable != null) {
String outVarName = outputVariable.getValue(execution).toString();
execution.setVariable(outVarName, output);
} else if (outputMappings != null) {
String outMappings = outputMappings.getValue(execution).toString();
outMappings = outMappings.trim();
String[] mappings = outMappings.split(",");
for (String mapping : mappings) {
String[] mappingParts = mapping.split(":");
String varName = mappingParts[0];
String expression = mappingParts[1];
Object value;
if (output instanceof JsonNodeObject) {
value = ((JsonNodeObject) output).jsonPath(expression);
} else {
value = ((XMLDocument) output).xPath(expression);
}
execution.setVariable(varName, value);
}
} else {
String outputNotFoundErrorMsg = "An outputVariable or outputMappings is not provided. " + "Either an output variable or output mappings must be provided to save " + "the response.";
throw new RESTClientException(outputNotFoundErrorMsg);
}
if (responseHeaderVariable != null) {
StringBuilder headerJsonStr = new StringBuilder();
headerJsonStr.append("{");
String prefix = "";
for (Header header : response.getHeaders()) {
headerJsonStr.append(prefix);
String name = header.getName().replaceAll("\"", "");
String value = header.getValue().replaceAll("\"", "");
headerJsonStr.append("\"").append(name).append("\":\"").append(value).append("\"");
prefix = ",";
}
headerJsonStr.append("}");
JsonNodeObject headerJson = JSONUtils.parse(headerJsonStr.toString());
execution.setVariable(responseHeaderVariable.getValue(execution).toString(), headerJson);
}
if (httpStatusVariable != null) {
execution.setVariable(httpStatusVariable.getValue(execution).toString(), response.getHttpStatus());
}
} catch (RegistryException | XMLStreamException | URISyntaxException | IOException | SAXException | ParserConfigurationException e) {
String errorMessage = "Failed to execute " + method.getValue(execution).toString() + " " + url + " within task " + getTaskDetails(execution);
log.error(errorMessage, e);
throw new RESTClientException(REST_INVOKE_ERROR, errorMessage);
} catch (BPMNJsonException | BPMNXmlException e) {
String errorMessage = "Failed to extract values for output mappings, the response content" + " doesn't support the expression" + method.getValue(execution).toString() + " " + url + " within task " + getTaskDetails(execution);
log.error(errorMessage, e);
throw new RESTClientException(REST_INVOKE_ERROR, errorMessage);
} catch (UserStoreException e) {
String errorMessage = "Failed to obtain tenant domain information";
log.error(errorMessage, e);
throw new RESTClientException(REST_INVOKE_ERROR, errorMessage);
}
}
Also used :
BPMNJsonException(org.wso2.carbon.bpmn.core.types.datatypes.json.BPMNJsonException)
JsonNodeObject(org.wso2.carbon.bpmn.core.types.datatypes.json.api.JsonNodeObject)
OMElement(org.apache.axiom.om.OMElement)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
UnifiedEndpointFactory(org.wso2.carbon.unifiedendpoint.core.UnifiedEndpointFactory)
XMLDocument(org.wso2.carbon.bpmn.core.types.datatypes.xml.api.XMLDocument)
SAXException(org.xml.sax.SAXException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Resource(org.wso2.carbon.registry.api.Resource)
Registry(org.wso2.carbon.registry.api.Registry)
IOException(java.io.IOException)
RegistryException(org.wso2.carbon.registry.api.RegistryException)
Header(org.apache.http.Header)
XMLStreamException(javax.xml.stream.XMLStreamException)
RealmService(org.wso2.carbon.user.core.service.RealmService)
UnifiedEndpoint(org.wso2.carbon.unifiedendpoint.core.UnifiedEndpoint)
JsonNodeObject(org.wso2.carbon.bpmn.core.types.datatypes.json.api.JsonNodeObject)
BPMNXmlException(org.wso2.carbon.bpmn.core.types.datatypes.xml.BPMNXmlException)
Example 5 with RealmService
use of org.wso2.carbon.user.core.service.RealmService in project carbon-business-process by wso2.
the class AuthenticationHandler method authenticate.
/**
* Checks whether a given userName:password combination authenticates correctly against carbon userStore
* Upon successful authentication returns true, false otherwise
*
* @param userName
* @param password
* @return
* @throws RestApiBasicAuthenticationException wraps and throws exceptions occur when trying to authenticate
* the user
*/
private boolean authenticate(String userName, String password) throws RestApiBasicAuthenticationException {
boolean authStatus;
try {
IdentityService identityService = BPMNOSGIService.getIdentityService();
authStatus = identityService.checkPassword(userName, password);
if (!authStatus) {
return false;
}
} catch (BPMNAuthenticationException e) {
throw new RestApiBasicAuthenticationException(e.getMessage(), e);
}
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(userName);
String userNameWithTenantDomain = tenantAwareUserName + "@" + tenantDomain;
RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
TenantManager mgr = realmService.getTenantManager();
int tenantId = 0;
try {
tenantId = mgr.getTenantId(tenantDomain);
// tenantId == -1, means an invalid tenant.
if (tenantId == -1) {
if (log.isDebugEnabled()) {
log.debug("Basic authentication request with an invalid tenant : " + userNameWithTenantDomain);
}
return false;
}
} catch (UserStoreException e) {
throw new RestApiBasicAuthenticationException("Identity exception thrown while getting tenant ID for user : " + userNameWithTenantDomain, e);
}
/* Upon successful authentication existing thread local carbon context
* is updated to mimic the authenticated user */
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setUsername(tenantAwareUserName);
carbonContext.setTenantId(tenantId);
carbonContext.setTenantDomain(tenantDomain);
return true;
}
Also used :
IdentityService(org.activiti.engine.IdentityService)
RestApiBasicAuthenticationException(org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException)
RealmService(org.wso2.carbon.user.core.service.RealmService)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
BPMNAuthenticationException(org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)
TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)
Aggregations
RealmService (org.wso2.carbon.user.core.service.RealmService)9
UserStoreException (org.wso2.carbon.user.api.UserStoreException)6
PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)4
UserRealm (org.wso2.carbon.user.api.UserRealm)3
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2
Test (org.testng.annotations.Test)2
BPMNAuthenticationException (org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)2
AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)2
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)2
SMSOTPException (org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)2
RealmConfiguration (org.wso2.carbon.user.api.RealmConfiguration)2
TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)2
IOException (java.io.IOException)1
URI (java.net.URI)1
URISyntaxException (java.net.URISyntaxException)1
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1
XMLStreamException (javax.xml.stream.XMLStreamException)1
IdentityService (org.activiti.engine.IdentityService)1
OMElement (org.apache.axiom.om.OMElement)1
Header (org.apache.http.Header)1
