Example 46 with Store
use of org.wso2.siddhi.query.api.execution.query.input.store.Store in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method initiateAuthenticationRequest.
/**
* Initiate the authentication request.
*/
@Override
protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
try {
String username;
AuthenticatedUser authenticatedUser;
String mobileNumber;
String tenantDomain = context.getTenantDomain();
context.setProperty(SMSOTPConstants.AUTHENTICATION, SMSOTPConstants.AUTHENTICATOR_NAME);
if (!tenantDomain.equals(SMSOTPConstants.SUPER_TENANT)) {
IdentityHelperUtil.loadApplicationAuthenticationXMLFromRegistry(context, getName(), tenantDomain);
}
FederatedAuthenticatorUtil.setUsernameFromFirstStep(context);
username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
// find the authenticated user.
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug("Authentication failed: Could not find the authenticated user. ");
}
throw new AuthenticationFailedException("Authentication failed: Cannot proceed further without identifying the user. ");
}
boolean isSMSOTPMandatory = SMSOTPUtils.isSMSOTPMandatory(context, getName());
boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
String queryParams = FrameworkUtils.getQueryStringWithFrameworkContextId(context.getQueryParams(), context.getCallerSessionKey(), context.getContextIdentifier());
String errorPage = getErrorPage(context);
// SMS OTP authentication is mandatory and user doesn't disable SMS OTP claim in user's profile.
if (isSMSOTPMandatory) {
if (log.isDebugEnabled()) {
log.debug("SMS OTP is mandatory. Hence processing in mandatory path");
}
processSMSOTPMandatoryCase(context, request, response, queryParams, username, isUserExists);
} else if (isUserExists && !SMSOTPUtils.isSMSOTPDisableForLocalUser(username, context, getName())) {
if (context.isRetrying() && !Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
checkStatusCode(response, context, queryParams, errorPage);
} else {
mobileNumber = getMobileNumber(request, response, context, username, tenantDomain, queryParams);
if (StringUtils.isNotEmpty(mobileNumber)) {
proceedWithOTP(response, context, errorPage, mobileNumber, queryParams, username);
}
}
} else {
processFirstStepOnly(authenticatedUser, context);
}
} catch (SMSOTPException e) {
throw new AuthenticationFailedException("Failed to get the parameters from authentication xml fie. ", e);
} catch (UserStoreException e) {
throw new AuthenticationFailedException("Failed to get the user from User Store. ", e);
}
}
Also used :
AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)
AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)
Example 47 with Store
use of org.wso2.siddhi.query.api.execution.query.input.store.Store in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPUtils method verifyUserExists.
/**
* Verify whether user Exist in the user store or not.
*
* @param username the Username
* @throws SMSOTPException
*/
public static void verifyUserExists(String username, String tenantDomain) throws SMSOTPException, AuthenticationFailedException {
UserRealm userRealm;
boolean isUserExist = false;
try {
userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
if (userRealm == null) {
throw new SMSOTPException("Super tenant realm not loaded.");
}
UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (userStoreManager.isExistingUser(username)) {
isUserExist = true;
}
} catch (UserStoreException e) {
throw new SMSOTPException("Error while validating the user.", e);
}
if (!isUserExist) {
if (log.isDebugEnabled()) {
log.debug("User does not exist in the User Store");
}
throw new SMSOTPException("User does not exist in the User Store.");
}
}
Also used :
UserRealm(org.wso2.carbon.user.api.UserRealm)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)
UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)
Example 48 with Store
use of org.wso2.siddhi.query.api.execution.query.input.store.Store in project carbon-apimgt by wso2.
the class MssqlSQLStatements method prepareAttributeSearchStatementForStore.
/**
* @see ApiDAOVendorSpecificStatements#prepareAttributeSearchStatementForStore(Connection connection, List, List,
* Map, int, int)
*/
@Override
@SuppressFBWarnings({ "SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING", "OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE" })
public PreparedStatement prepareAttributeSearchStatementForStore(Connection connection, List<String> roles, List<String> labels, Map<String, String> attributeMap, int offset, int limit) throws APIMgtDAOException {
StringBuilder roleListBuilder = new StringBuilder();
roleListBuilder.append("?");
for (int i = 0; i < roles.size() - 1; i++) {
roleListBuilder.append(",?");
}
StringBuilder searchQuery = new StringBuilder();
Iterator<Map.Entry<String, String>> entries = attributeMap.entrySet().iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
searchQuery.append("LOWER(");
if (APIMgtConstants.TAG_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.TAG_NAME_COLUMN);
} else if (APIMgtConstants.SUBCONTEXT_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.URL_PATTERN_COLUMN);
} else {
searchQuery.append(entry.getKey());
}
searchQuery.append(") LIKE ?");
if (entries.hasNext()) {
searchQuery.append(" AND ");
}
}
// retrieve the attribute applicable for the search
String searchAttribute = attributeMap.entrySet().iterator().next().getKey();
// get the corresponding implementation based on the attribute to be searched
String query = searchMap.get(searchAttribute).getStoreAttributeSearchQuery(roleListBuilder, searchQuery, offset, limit);
query = "Select * from ( " + query + " ) A" + getStoreAPIsByLabelJoinQuery(labels);
try {
int queryIndex = 1;
PreparedStatement statement = connection.prepareStatement(query);
// include the attribute in the query (for APIs with public visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
// include user roles in the query
for (String role : roles) {
statement.setString(queryIndex, role);
queryIndex++;
}
// include the attribute in the query (for APIs with restricted visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
for (String label : labels) {
statement.setString(queryIndex, label);
queryIndex++;
}
statement.setInt(queryIndex, limit);
// setting 0 as the default offset based on store-api.yaml and MSSQL specifications
statement.setInt(++queryIndex, (offset < 0) ? 0 : offset);
return statement;
} catch (SQLException e) {
String errorMsg = "Error occurred while searching APIs for attributes in the database.";
log.error(errorMsg, e);
throw new APIMgtDAOException(errorMsg, e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
PreparedStatement(java.sql.PreparedStatement)
HashMap(java.util.HashMap)
Map(java.util.Map)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Example 49 with Store
use of org.wso2.siddhi.query.api.execution.query.input.store.Store in project carbon-apimgt by wso2.
the class MysqlSQLStatements method prepareAttributeSearchStatementForStore.
/**
* @see ApiDAOVendorSpecificStatements#prepareAttributeSearchStatementForStore(Connection connection, List, List,
* Map, int, int)
*/
@Override
@SuppressFBWarnings({ "SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING", "OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE" })
public PreparedStatement prepareAttributeSearchStatementForStore(Connection connection, List<String> roles, List<String> labels, Map<String, String> attributeMap, int offset, int limit) throws APIMgtDAOException {
StringBuilder roleListBuilder = new StringBuilder();
roleListBuilder.append("?");
for (int i = 0; i < roles.size() - 1; i++) {
roleListBuilder.append(",?");
}
StringBuilder searchQuery = new StringBuilder();
Iterator<Map.Entry<String, String>> entries = attributeMap.entrySet().iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
searchQuery.append("LOWER(");
if (APIMgtConstants.TAG_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.TAG_NAME_COLUMN);
} else if (APIMgtConstants.SUBCONTEXT_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.URL_PATTERN_COLUMN);
} else {
searchQuery.append(entry.getKey());
}
searchQuery.append(") LIKE ?");
if (entries.hasNext()) {
searchQuery.append(" AND ");
}
}
// retrieve the attribute applicable for the search
String searchAttribute = attributeMap.entrySet().iterator().next().getKey();
// get the corresponding implementation based on the attribute to be searched
String query = searchMap.get(searchAttribute).getStoreAttributeSearchQuery(roleListBuilder, searchQuery, offset, limit);
query = "Select * from ( " + query + " ) A" + getStoreAPIsByLabelJoinQuery(labels);
try {
int queryIndex = 1;
PreparedStatement statement = connection.prepareStatement(query);
// include the attribute in the query (for APIs with public visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
// include user roles in the query
for (String role : roles) {
statement.setString(queryIndex, role);
queryIndex++;
}
// include the attribute in the query (for APIs with restricted visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
for (String label : labels) {
statement.setString(queryIndex, label);
queryIndex++;
}
// setting 0 as the default offset based on store-api.yaml and MySQL specifications
statement.setInt(queryIndex, (offset < 0) ? 0 : offset);
statement.setInt(++queryIndex, limit);
return statement;
} catch (SQLException e) {
String errorMsg = "Error occurred while searching APIs for attributes in the database.";
log.error(errorMsg, e);
throw new APIMgtDAOException(errorMsg, e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
PreparedStatement(java.sql.PreparedStatement)
HashMap(java.util.HashMap)
Map(java.util.Map)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Example 50 with Store
use of org.wso2.siddhi.query.api.execution.query.input.store.Store in project carbon-apimgt by wso2.
the class OracleSQLStatements method prepareAttributeSearchStatementForStore.
/**
* @see ApiDAOVendorSpecificStatements#prepareAttributeSearchStatementForStore(Connection connection, List, List,
* Map, int, int)
*/
@Override
@SuppressFBWarnings({ "SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING", "OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE" })
public PreparedStatement prepareAttributeSearchStatementForStore(Connection connection, List<String> roles, List<String> labels, Map<String, String> attributeMap, int offset, int limit) throws APIMgtDAOException {
StringBuilder roleListBuilder = new StringBuilder();
roleListBuilder.append("?");
for (int i = 0; i < roles.size() - 1; i++) {
roleListBuilder.append(",?");
}
StringBuilder searchQuery = new StringBuilder();
Iterator<Map.Entry<String, String>> entries = attributeMap.entrySet().iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
searchQuery.append("LOWER(");
if (APIMgtConstants.TAG_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.TAG_NAME_COLUMN);
} else if (APIMgtConstants.SUBCONTEXT_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
searchQuery.append(APIMgtConstants.URL_PATTERN_COLUMN);
} else {
searchQuery.append(entry.getKey());
}
searchQuery.append(") LIKE ?");
if (entries.hasNext()) {
searchQuery.append(" AND ");
}
}
// retrieve the attribute applicable for the search
String searchAttribute = attributeMap.entrySet().iterator().next().getKey();
// get the corresponding implementation based on the attribute to be searched
String query = searchMap.get(searchAttribute).getStoreAttributeSearchQuery(roleListBuilder, searchQuery, offset, limit);
query = "SELECT * FROM (SELECT A.*, rownum rnum FROM (Select * from ( " + query + " ) " + getStoreAPIsByLabelJoinQuery(labels) + " ORDER BY NAME) A WHERE rownum <= ?) " + "WHERE rnum >= ?";
try {
int queryIndex = 1;
PreparedStatement statement = connection.prepareStatement(query);
// include the attribute in the query (for APIs with public visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
// include user roles in the query
for (String role : roles) {
statement.setString(queryIndex, role);
queryIndex++;
}
// include the attribute in the query (for APIs with restricted visibility)
for (Map.Entry<String, String> entry : attributeMap.entrySet()) {
statement.setString(queryIndex, '%' + entry.getValue().toLowerCase(Locale.ENGLISH) + '%');
queryIndex++;
}
for (String label : labels) {
statement.setString(queryIndex, label);
queryIndex++;
}
// setting 0 as the default offset based on store-api.yaml and Oracle specifications
statement.setInt(queryIndex, (offset < 0) ? 0 : offset);
queryIndex++;
statement.setInt(queryIndex, limit);
return statement;
} catch (SQLException e) {
String errorMsg = "Error occurred while searching APIs for attributes in the database.";
log.error(errorMsg, e);
throw new APIMgtDAOException(errorMsg, e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
PreparedStatement(java.sql.PreparedStatement)
HashMap(java.util.HashMap)
Map(java.util.Map)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Aggregations
HashMap (java.util.HashMap)25
Test (org.testng.annotations.Test)21
ArrayList (java.util.ArrayList)18
CharonException (org.wso2.charon3.core.exceptions.CharonException)18
SCIMResponse (org.wso2.charon3.core.protocol.SCIMResponse)18
UserManager (org.wso2.charon3.core.extensions.UserManager)15
Produces (javax.ws.rs.Produces)14
ApiOperation (io.swagger.annotations.ApiOperation)12
ApiResponses (io.swagger.annotations.ApiResponses)12
Path (javax.ws.rs.Path)10
APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)10
Map (java.util.Map)9
APIStore (org.wso2.carbon.apimgt.core.api.APIStore)8
APIMgtDAOException (org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)8
UserStoreException (org.wso2.carbon.user.api.UserStoreException)8
Consumes (javax.ws.rs.Consumes)7
SiddhiAppRuntime (org.wso2.siddhi.core.SiddhiAppRuntime)7
SiddhiManager (org.wso2.siddhi.core.SiddhiManager)7
Response (feign.Response)6
IOException (java.io.IOException)6
