Search in sources :

Example 16 with ClaimValue

use of org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue in project carbon-identity-framework by wso2.

the class IdentityUserNameResolverListener method doPreGetUserListWithID.

@Override
public boolean doPreGetUserListWithID(String claimUri, String claimValue, List<User> returnUsersList, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    List<String> returnUserNamesList = returnUsersList.stream().map(User::getUsername).collect(Collectors.toList());
    Set<String> returnInitialUserNamesList = new HashSet<>(returnUserNamesList);
    Set<String> tempUserNamesList = new HashSet<>();
    for (UserOperationEventListener listener : getUserStoreManagerListeners()) {
        if (isNotAResolverListener(listener)) {
            if (!listener.doPreGetUserList(claimUri, claimValue, returnUserNamesList, userStoreManager)) {
                return false;
            }
        }
    }
    // Reflect newly removed users by listeners in returnUsersList
    if (CollectionUtils.isNotEmpty(returnUserNamesList)) {
        tempUserNamesList.addAll(returnInitialUserNamesList);
        tempUserNamesList.removeAll(returnUserNamesList);
        for (User user : returnUsersList) {
            if (tempUserNamesList.contains(user.getUsername())) {
                returnUsersList.remove(user);
            }
        }
        tempUserNamesList.clear();
    }
    // Reflect newly add users by listeners in returnUsersList
    if (CollectionUtils.isNotEmpty(returnUserNamesList)) {
        tempUserNamesList.addAll(returnUserNamesList);
        tempUserNamesList.removeAll(returnInitialUserNamesList);
        for (String username : tempUserNamesList) {
            User newUser = new User();
            newUser.setUsername(username);
            try {
                newUser.setUserID(FrameworkUtils.resolveUserIdFromUsername(userStoreManager, username));
            } catch (UserSessionException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error occurred while resolving Id for the user: " + username, e);
                }
            }
            returnUsersList.add(newUser);
        }
    }
    return true;
}
Also used : UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener) AbstractIdentityUserOperationEventListener(org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener) User(org.wso2.carbon.user.core.common.User) UserSessionException(org.wso2.carbon.identity.application.authentication.framework.exception.UserSessionException) HashSet(java.util.HashSet)

Example 17 with ClaimValue

use of org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method setChallengesOfUser.

/**
 * @param userName
 * @param tenantId
 * @param challengesDTOs
 * @throws IdentityException
 */
public void setChallengesOfUser(String userName, int tenantId, UserChallengesDTO[] challengesDTOs) throws IdentityException {
    try {
        if (log.isDebugEnabled()) {
            log.debug("Challenge Question from the user profile.");
        }
        List<String> challengesUris = new ArrayList<String>();
        String challengesUrisValue = "";
        String separator = IdentityMgtConfig.getInstance().getChallengeQuestionSeparator();
        Map<String, String> oldClaims = new HashMap<String, String>();
        Map<String, String> newClaims = new HashMap<String, String>();
        String[] requestclaims = new String[challengesDTOs.length];
        int x = 0;
        for (UserChallengesDTO claimDto : challengesDTOs) {
            requestclaims[x++] = claimDto.getId();
        }
        // Getting user store manager here to reduce the calls for claim retrieval.
        // TODO need to put into a new method in a new release version. Used to avoid API changes in patch.
        org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
        RealmService realmService = IdentityMgtServiceComponent.getRealmService();
        try {
            if (realmService.getTenantUserRealm(tenantId) != null) {
                userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
            }
        } catch (Exception e) {
            String msg = "Error retrieving the user store manager for the tenant";
            log.error(msg, e);
            throw IdentityException.error(msg, e);
        }
        if (userStoreManager != null) {
            oldClaims = userStoreManager.getUserClaimValues(userName, requestclaims, null);
        }
        if (!ArrayUtils.isEmpty(challengesDTOs)) {
            for (UserChallengesDTO dto : challengesDTOs) {
                if (dto.getId() != null && dto.getQuestion() != null && dto.getAnswer() != null) {
                    String oldClaimValue = oldClaims.get(dto.getId());
                    if ((oldClaimValue != null) && oldClaimValue.contains(separator)) {
                        String oldAnswer = oldClaimValue.split(separator)[1];
                        if (!oldAnswer.trim().equals(dto.getAnswer().trim())) {
                            String claimValue = dto.getQuestion().trim() + separator + Utils.doHash(dto.getAnswer().trim().toLowerCase());
                            if (!oldClaimValue.equals(claimValue)) {
                                newClaims.put(dto.getId().trim(), claimValue);
                            }
                        }
                    } else {
                        String claimValue = dto.getQuestion().trim() + separator + Utils.doHash(dto.getAnswer().trim().toLowerCase());
                        newClaims.put(dto.getId().trim(), claimValue);
                    }
                    challengesUris.add(dto.getId().trim());
                }
            }
            for (String challengesUri : challengesUris) {
                if ("".equals(challengesUrisValue)) {
                    challengesUrisValue = challengesUri;
                } else {
                    challengesUrisValue = challengesUrisValue + IdentityMgtConfig.getInstance().getChallengeQuestionSeparator() + challengesUri;
                }
            }
            newClaims.put("http://wso2.org/claims/challengeQuestionUris", challengesUrisValue);
            // Single call to save all challenge questions.
            userStoreManager.setUserClaimValues(userName, newClaims, UserCoreConstants.DEFAULT_PROFILE);
        }
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        String msg = "No associated challenge question found for the user";
        throw IdentityException.error(msg, e);
    }
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException) RealmService(org.wso2.carbon.user.core.service.RealmService)

Example 18 with ClaimValue

use of org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method verifyPrimaryChallengeQuestion.

/**
 * @param userName
 * @param tenantId
 * @param userChallengesDTOs
 * @return
 * @throws UserStoreException
 */
public boolean verifyPrimaryChallengeQuestion(String userName, int tenantId, UserChallengesDTO[] userChallengesDTOs) {
    boolean verification = false;
    try {
        if (log.isDebugEnabled()) {
            log.debug("Challenge Question from the user profile for user " + userName);
        }
        String claimValue = Utils.getClaimFromUserStoreManager(userName, tenantId, "http://wso2.org/claims/primaryChallengeQuestion");
        if (claimValue == null) {
            log.debug("No associated challenge question found for the user " + userName);
            return false;
        }
        String[] challenges = claimValue.split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
        Map<String, String> challengeMap = new HashMap<String, String>();
        for (int i = 0; i < challenges.length; i = i + 2) {
            challengeMap.put(challenges[i], challenges[i + 1]);
        }
        for (UserChallengesDTO userChallengesDTO : userChallengesDTOs) {
            for (Map.Entry<String, String> entry : challengeMap.entrySet()) {
                String challengeQuestion = entry.getKey();
                if (challengeQuestion.equals(userChallengesDTO.getQuestion().trim())) {
                    String challengeAnswer = entry.getValue();
                    if (challengeAnswer.equals(Utils.doHash(userChallengesDTO.getAnswer().trim().toLowerCase()))) {
                        verification = true;
                    } else {
                        return false;
                    }
                }
            }
        }
    } catch (Exception e) {
        log.debug("No associated challenge question found for the user " + userName, e);
    }
    return verification;
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 19 with ClaimValue

use of org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2AuthzEndpointTest method provideRequestObject.

@DataProvider(name = "provideRequestObject")
public Object[][] provideRequestObject() {
    List<String> claimValues = Arrays.asList("test", "test1", "test2");
    String claimValue = "test";
    RequestObject requestObjectWithValue = new RequestObject();
    Map<String, List<RequestedClaim>> claimsforRequestParameter = new HashMap<>();
    RequestedClaim requestedClaim = new RequestedClaim();
    requestedClaim.setName(OAuthConstants.ACR);
    requestedClaim.setValue(claimValue);
    requestedClaim.setEssential(true);
    claimsforRequestParameter.put(OIDCConstants.ID_TOKEN, Collections.singletonList(requestedClaim));
    requestObjectWithValue.setRequestedClaims(claimsforRequestParameter);
    RequestObject requestObjectWithValues = new RequestObject();
    requestedClaim = new RequestedClaim();
    requestedClaim.setName(OAuthConstants.ACR);
    requestedClaim.setEssential(true);
    claimsforRequestParameter = new HashMap<>();
    requestedClaim.setValues(claimValues);
    claimsforRequestParameter.put(OIDCConstants.ID_TOKEN, Collections.singletonList(requestedClaim));
    requestObjectWithValues.setRequestedClaims(claimsforRequestParameter);
    return new Object[][] { { null, null }, { new RequestObject(), null }, { requestObjectWithValue, Collections.singletonList(claimValue) }, { requestObjectWithValues, claimValues } };
}
Also used : ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) ArrayList(java.util.ArrayList) List(java.util.List) Matchers.anyList(org.mockito.Matchers.anyList) RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject) Matchers.anyString(org.mockito.Matchers.anyString) RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject) DataProvider(org.testng.annotations.DataProvider)

Example 20 with ClaimValue

use of org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoJWTResponseTest method testBooleanClaimInUserInfoResponse.

private void testBooleanClaimInUserInfoResponse(String claimUri, String claimValue) throws Exception {
    initSingleClaimTest(claimUri, claimValue);
    mockDataSource();
    mockObjectsRelatedToTokenValidation();
    mockStatic(FrameworkUtils.class);
    when(FrameworkUtils.resolveUserIdFromUsername(anyInt(), anyString(), anyString())).thenReturn(AUTHORIZED_USER_ID);
    AuthenticatedUser authenticatedUser = new AuthenticatedUser();
    authenticatedUser.setUserName(AUTHORIZED_USER_NAME);
    authenticatedUser.setTenantDomain(TENANT_DOT_COM);
    authenticatedUser.setUserStoreDomain(JDBC_DOMAIN);
    authenticatedUser.setUserId(AUTHORIZED_USER_ID);
    authenticatedUser.setAuthenticatedSubjectIdentifier(AUTHORIZED_USER_ID);
    mockAccessTokenDOInOAuth2Util(authenticatedUser);
    String responseString = userInfoJWTResponse.getResponseString(getTokenResponseDTO(AUTHORIZED_USER_FULL_QUALIFIED));
    JWT jwt = JWTParser.parse(responseString);
    assertNotNull(jwt);
    assertNotNull(jwt.getJWTClaimsSet());
    Map<String, Object> claimsInResponse = jwt.getJWTClaimsSet().getClaims();
    assertSubjectClaimPresent(claimsInResponse);
    assertNotNull(claimsInResponse.get(claimUri));
    assertEquals(claimsInResponse.get(claimUri), Boolean.parseBoolean(claimValue));
}
Also used : JWT(com.nimbusds.jwt.JWT) Matchers.anyString(org.mockito.Matchers.anyString) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Aggregations

ClaimValue (org.wso2.carbon.um.ws.api.stub.ClaimValue)23 HashMap (java.util.HashMap)21 Test (org.testng.annotations.Test)19 UserStoreException (org.wso2.carbon.user.core.UserStoreException)14 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)14 Map (java.util.Map)13 ArrayList (java.util.ArrayList)11 RemoteException (java.rmi.RemoteException)9 RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)9 UserStoreException (org.wso2.carbon.user.api.UserStoreException)9 ClaimValue (org.wso2.carbon.user.mgt.stub.types.carbon.ClaimValue)9 IdentityException (org.wso2.carbon.identity.base.IdentityException)8 WorkflowAdminServiceWorkflowException (org.wso2.carbon.identity.workflow.mgt.stub.WorkflowAdminServiceWorkflowException)8 Association (org.wso2.carbon.identity.workflow.mgt.stub.metadata.Association)8 Matchers.anyString (org.mockito.Matchers.anyString)7 FlaggedName (org.wso2.carbon.user.mgt.stub.types.carbon.FlaggedName)7 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)6 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)5 ClaimValue (org.wso2.carbon.user.mgt.common.ClaimValue)5 HashSet (java.util.HashSet)4