use of org.wso2.carbon.user.core.service.RealmService in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method getUserRealm.
/**
* Get the user realm of the logged in user.
*
* @param username the Username
* @return the userRealm
* @throws AuthenticationFailedException
*/
private UserRealm getUserRealm(String username) throws AuthenticationFailedException {
UserRealm userRealm = null;
try {
if (StringUtils.isNotEmpty(username)) {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
RealmService realmService = IdentityTenantUtil.getRealmService();
userRealm = realmService.getTenantUserRealm(tenantId);
}
} catch (UserStoreException e) {
throw new AuthenticationFailedException("Cannot find the user realm. ", e);
}
return userRealm;
}
use of org.wso2.carbon.user.core.service.RealmService in project core-util by WSO2Telco.
the class UserAuthorizationValidator method isAuthorizedRole.
public boolean isAuthorizedRole(String userName, Set<String> allowedRolesSet) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
try {
RealmConfiguration realmConfiguration = new RealmConfiguration();
String[] currentUserRoles = realmService.getUserRealm(realmConfiguration).getUserStoreManager().getRoleListOfUser(userName);
List<String> currentUserRolesList = Arrays.asList(currentUserRoles);
Iterator<String> iterator = allowedRolesSet.iterator();
while (iterator.hasNext()) {
String allowedRole = iterator.next();
if (currentUserRolesList.contains(allowedRole)) {
return true;
}
}
} catch (org.wso2.carbon.user.api.UserStoreException e) {
log.error("authorization failed for user : " + userName, e);
return false;
}
log.error("authorization failed for user : " + userName);
return false;
}
use of org.wso2.carbon.user.core.service.RealmService in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPUtils method getUserRealm.
/**
* Get the user realm of the logged in user.
*
* @param tenantDomain the tenantDomain
* @return th user realm
* @throws AuthenticationFailedException
*/
public static UserRealm getUserRealm(String tenantDomain) throws AuthenticationFailedException {
UserRealm userRealm;
try {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
RealmService realmService = IdentityTenantUtil.getRealmService();
userRealm = realmService.getTenantUserRealm(tenantId);
} catch (Exception e) {
throw new AuthenticationFailedException("Cannot find the user realm for the tenant domain " + tenantDomain, e);
}
return userRealm;
}
use of org.wso2.carbon.user.core.service.RealmService in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPUtils method isSMSOTPDisableForLocalUser.
/**
* Check whether SMSOTP is disable by user.
*
* @param username the Username
* @param context the AuthenticationContext
* @return true or false
* @throws SMSOTPException
*/
public static boolean isSMSOTPDisableForLocalUser(String username, AuthenticationContext context, String authenticatorName) throws SMSOTPException, AuthenticationFailedException {
UserRealm userRealm;
try {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
RealmService realmService = IdentityTenantUtil.getRealmService();
userRealm = realmService.getTenantUserRealm(tenantId);
username = MultitenantUtils.getTenantAwareUsername(String.valueOf(username));
boolean isEnablingControlledByUser = isSMSOTPEnableOrDisableByUser(context, authenticatorName);
if (userRealm != null) {
if (isEnablingControlledByUser) {
Map<String, String> claimValues = userRealm.getUserStoreManager().getUserClaimValues(username, new String[] { SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI }, null);
return Boolean.parseBoolean(claimValues.get(SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI));
}
} else {
throw new SMSOTPException("Cannot find the user realm for the given tenant domain : " + CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
}
} catch (UserStoreException e) {
throw new SMSOTPException("Failed while trying to access userRealm of the user : " + username, e);
}
return false;
}
use of org.wso2.carbon.user.core.service.RealmService in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticatorTest method testCheckWithBackUpCodes.
@Test
public void testCheckWithBackUpCodes() throws Exception {
mockStatic(IdentityTenantUtil.class);
context.setProperty(SMSOTPConstants.USER_NAME, "admin");
when(IdentityTenantUtil.getTenantId("carbon.super")).thenReturn(-1234);
when(IdentityTenantUtil.getRealmService()).thenReturn(realmService);
when(realmService.getTenantUserRealm(-1234)).thenReturn(userRealm);
when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
when((AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER)).thenReturn(AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier("admin"));
when(userRealm.getUserStoreManager().getUserClaimValue(MultitenantUtils.getTenantAwareUsername("admin"), SMSOTPConstants.SAVED_OTP_LIST, null)).thenReturn("12345,4568,1234,7896");
AuthenticatedUser user = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
Whitebox.invokeMethod(smsotpAuthenticator, "checkWithBackUpCodes", context, "1234", user);
}
Aggregations