org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig Java Examples

@Override
public void doExportServiceProvider(ServiceProvider serviceProvider, Boolean exportSecrets)
        throws IdentityApplicationManagementException {

    InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig();
    if (inboundAuthenticationConfig != null &&
            inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs() != null) {
        for (InboundAuthenticationRequestConfig authConfig
                : inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs()) {
            if (KERBEROS.equals(authConfig.getInboundAuthType())) {
                inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs(
                        (InboundAuthenticationRequestConfig[]) ArrayUtils.removeElement
                                (inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs(), authConfig));
                return;
            }
        }
    }
}
 

public static InboundAuthenticationRequestConfig putSAMLInbound(ServiceProvider application,
                                                                SAML2Configuration saml2Configuration) {

    // First we identify whether this is a insert or update.
    String currentIssuer = InboundFunctions.getInboundAuthKey(application, StandardInboundProtocols.SAML2);
    SAMLSSOServiceProviderDTO oldSAMLSp = null;
    try {
        if (currentIssuer != null) {
            // Delete the current app.
            oldSAMLSp = getSamlSsoConfigService().getServiceProvider(currentIssuer);
            getSamlSsoConfigService().removeServiceProvider(currentIssuer);
        }
    } catch (IdentityException e) {
        throw handleException(e);
    }

    try {
        return createSAMLInbound(saml2Configuration);
    } catch (APIError error) {
        // Try to rollback by recreating the previous SAML SP.
        rollbackSAMLSpRemoval(oldSAMLSp);
        throw error;
    }
}
 

public static InboundAuthenticationRequestConfig createSAMLInbound(SAML2Configuration saml2Configuration) {

        SAML2ServiceProvider samlManualConfiguration = saml2Configuration.getManualConfiguration();

        String issuer;
        if (saml2Configuration.getMetadataFile() != null) {
            issuer = createSAMLSpWithMetadataFile(saml2Configuration.getMetadataFile());
        } else if (saml2Configuration.getMetadataURL() != null) {
            issuer = createSAMLSpWithMetadataUrl(saml2Configuration.getMetadataURL());
        } else if (samlManualConfiguration != null) {
            issuer = createSAMLSpWithManualConfiguration(samlManualConfiguration);
        } else {
            throw Utils.buildBadRequestError("Invalid SAML2 Configuration. One of metadataFile, metaDataUrl or " +
                    "serviceProvider manual configuration needs to be present.");
        }

        InboundAuthenticationRequestConfig samlInbound = new InboundAuthenticationRequestConfig();
        samlInbound.setInboundAuthType(FrameworkConstants.StandardInboundProtocols.SAML2);
        samlInbound.setInboundAuthKey(issuer);
        return samlInbound;
    }
 

public static void updateOrInsertInbound(ServiceProvider application,
                                         InboundAuthenticationRequestConfig newInbound) {

    InboundAuthenticationConfig inboundAuthConfig = application.getInboundAuthenticationConfig();
    if (inboundAuthConfig != null) {

        InboundAuthenticationRequestConfig[] inbounds = inboundAuthConfig.getInboundAuthenticationRequestConfigs();
        if (inbounds != null) {
            Map<String, InboundAuthenticationRequestConfig> inboundAuthConfigs =
                    Arrays.stream(inbounds).collect(
                            Collectors.toMap(InboundAuthenticationRequestConfig::getInboundAuthType,
                                    Function.identity()));

            inboundAuthConfigs.put(newInbound.getInboundAuthType(), newInbound);
            inboundAuthConfig.setInboundAuthenticationRequestConfigs(
                    inboundAuthConfigs.values().toArray(new InboundAuthenticationRequestConfig[0]));
        } else {
            addNewInboundToSp(application, newInbound);
        }
    } else {
        // Create new inbound auth config.
        addNewInboundToSp(application, newInbound);
    }
}
 

public static void rollbackInbound(InboundAuthenticationRequestConfig inbound) {

        switch (inbound.getInboundAuthType()) {
            case FrameworkConstants.StandardInboundProtocols.SAML2:
                SAMLInboundFunctions.deleteSAMLServiceProvider(inbound);
                break;
            case FrameworkConstants.StandardInboundProtocols.OAUTH2:
                OAuthInboundFunctions.deleteOAuthInbound(inbound);
                break;
            case FrameworkConstants.StandardInboundProtocols.WS_TRUST:
                WSTrustInboundFunctions.deleteWSTrustConfiguration(inbound);
                break;
            default:
                // No rollbacks required for other inbounds.
                break;
        }
    }
 

private void generateCustomInboundAuthenticatorConfigs() {

        List<InboundAuthenticationRequestConfig> customAuthenticatorConfigs = new ArrayList<>();
        Map<String, AbstractInboundAuthenticatorConfig> customInboundAuthenticators =
                ApplicationManagementServiceComponentHolder.getAllInboundAuthenticatorConfig();
        if (customInboundAuthenticators != null && customInboundAuthenticators.size() > 0) {
            for (Map.Entry<String, AbstractInboundAuthenticatorConfig> entry :
                    customInboundAuthenticators.entrySet()) {
                AbstractInboundAuthenticatorConfig inboundAuthenticatorConfig = entry.getValue();
                InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig =
                        new InboundAuthenticationRequestConfig();
                inboundAuthenticationRequestConfig.setInboundAuthType(inboundAuthenticatorConfig.getName());
                inboundAuthenticationRequestConfig.setInboundConfigType(inboundAuthenticatorConfig.getConfigName());
                inboundAuthenticationRequestConfig.setFriendlyName(inboundAuthenticatorConfig.getFriendlyName());
                inboundAuthenticationRequestConfig.setProperties(inboundAuthenticatorConfig
                        .getConfigurationProperties());

                customAuthenticatorConfigs.add(inboundAuthenticationRequestConfig);
            }
        }
        this.customInboundAuthenticatorConfigs = customAuthenticatorConfigs;
    }
 

public static String getInboundAuthKey(ServiceProvider application,
                                       String inboundType) {

    InboundAuthenticationConfig inboundAuthConfig = application.getInboundAuthenticationConfig();
    if (inboundAuthConfig != null) {
        InboundAuthenticationRequestConfig[] inbounds = inboundAuthConfig.getInboundAuthenticationRequestConfigs();
        if (inbounds != null) {
            return Arrays.stream(inbounds)
                    .filter(inbound -> inboundType.equals(inbound.getInboundAuthType()))
                    .findAny()
                    .map(InboundAuthenticationRequestConfig::getInboundAuthKey)
                    .orElse(null);
        }
    }

    return null;
}
 

/**
 * Extract the inbound configuration of a particular type from an application and converts it to the API model.
 *
 * @param application
 * @param inboundType Inbound Type
 * @return
 */
public static InboundAuthenticationRequestConfig getInboundAuthenticationRequestConfig(ServiceProvider application,
                                                                                       String inboundType) {

    InboundAuthenticationConfig inboundAuthConfig = application.getInboundAuthenticationConfig();
    if (inboundAuthConfig != null) {
        InboundAuthenticationRequestConfig[] inbounds = inboundAuthConfig.getInboundAuthenticationRequestConfigs();
        if (inbounds != null) {
            return Arrays.stream(inbounds)
                    .filter(inbound -> inboundType.equals(inbound.getInboundAuthType()))
                    .findAny()
                    .orElse(null);
        }
    }

    return null;
}
 

public static void deleteWSTrustConfiguration(InboundAuthenticationRequestConfig inbound) {

        try {
            String trustedServiceAudience = inbound.getInboundAuthKey();

            // Check if WS-Trust is deployed.
            if (ApplicationManagementServiceHolder.getInstance().getStsAdminService() != null) {
                ApplicationManagementServiceHolder.getInstance().getStsAdminService()
                        .removeTrustedService(trustedServiceAudience);
            } else {
                // Throw 404 error since the WS-Trust connector is not available.
                throw buildNotFoundError(ERROR_CODE, ERROR_MESSAGE, ERROR_DESCRIPTION);
            }

        } catch (SecurityConfigException e) {
            throw buildServerError("Error while trying to rollback WSTrust configuration. " + e.getMessage(), e);
        }
    }
 

public static InboundAuthenticationRequestConfig createWsTrustInbound(WSTrustConfiguration wsTrustConfiguration) {

        try {
            // Check if WS-Trust is deployed.
            if (ApplicationManagementServiceHolder.getInstance().getStsAdminService() != null) {
                ApplicationManagementServiceHolder.getInstance().getStsAdminService()
                        .addTrustedService(wsTrustConfiguration.getAudience(),
                                wsTrustConfiguration.getCertificateAlias());

                InboundAuthenticationRequestConfig wsTrustInbound = new InboundAuthenticationRequestConfig();
                wsTrustInbound.setInboundAuthType(WS_TRUST);
                wsTrustInbound.setInboundAuthKey(wsTrustConfiguration.getAudience());
                return wsTrustInbound;
            } else {
                // Throw 401 error since the WS-Trust connector is not available.
                throw buildBadRequestError(ERROR_DESCRIPTION);
            }

        } catch (SecurityConfigException e) {
            // Error while adding WS Trust, we can't continue.
            throw buildServerError("Error while adding WSTrust configuration. " + e.getMessage(), e);
        }
    }
 

public static InboundAuthenticationRequestConfig putWSTrustConfiguration(ServiceProvider application,
                                                                         WSTrustConfiguration wsTrustModel) {

    String inboundAuthKey = InboundFunctions.getInboundAuthKey(application, WS_TRUST);
    try {
        if (inboundAuthKey != null) {
            if (wsTrustAudienceChanged(wsTrustModel, inboundAuthKey)) {
                // We do not allow the inbound unique key to be changed during an update.
                throw buildBadRequestError("Invalid audience value provided for update.");
            }
            // Check if WS-Trust is deployed.
            if (ApplicationManagementServiceHolder.getInstance().getStsAdminService() != null) {
                ApplicationManagementServiceHolder.getInstance().getStsAdminService()
                        .removeTrustedService(inboundAuthKey);
            } else {
                // Throw 404 error since the WS-Trust connector is not available.
                throw buildNotFoundError(ERROR_CODE, ERROR_MESSAGE, ERROR_DESCRIPTION);
            }
        }

        return createWsTrustInbound(wsTrustModel);
    } catch (SecurityConfigException e) {
        String applicationId = application.getApplicationResourceId();
        throw buildServerError("Error while creating/updating WSTrust inbound of application: " + applicationId, e);
    }
}
 

@Override
public boolean doPreDeleteApplication(String applicationName, String tenantDomain, String userName)
        throws IdentityApplicationManagementException {

    ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
    ServiceProvider serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
    if (serviceProvider != null &&
            serviceProvider.getInboundAuthenticationConfig() != null &&
            serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
        InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig()
                .getInboundAuthenticationRequestConfigs();
        for (InboundAuthenticationRequestConfig config : configs) {
            if (KERBEROS.equalsIgnoreCase(config.getInboundAuthType()) && config.getInboundAuthKey() != null) {
                DirectoryServerManager directoryServerManager = new DirectoryServerManager();
                try {
                    directoryServerManager.removeServer(config.getInboundAuthKey());
                } catch (DirectoryServerManagerException e) {
                    String error = "Error while removing a kerberos: " + config.getInboundAuthKey();
                    throw new IdentityApplicationManagementException(error, e);
                }
                break;
            }
        }
    }
    return true;
}
 

private void doRollback(String applicationId, InboundAuthenticationRequestConfig updatedInbound) {

        ServiceProvider serviceProvider = getServiceProvider(applicationId);
        // Current inbound key. This will give us an idea whether updatedInbound was newly added or not.
        String previousInboundKey = getInboundAuthKey(serviceProvider, updatedInbound.getInboundAuthType());
        String attemptedInboundKeyForUpdate = updatedInbound.getInboundAuthKey();
        if (!StringUtils.equals(previousInboundKey, attemptedInboundKeyForUpdate)) {
            // This means the application was updated with a newly created inbound. So the updated inbound details
            // could have been created before the update. Attempt to rollback by deleting any inbound configs created.
            if (log.isDebugEnabled()) {
                String inboundType = updatedInbound.getInboundAuthType();
                log.debug("Removing inbound data related to inbound type: " + inboundType + " of application: "
                        + applicationId + " as part of rollback.");
            }
            rollbackInbound(updatedInbound);
        }
    }
 

/**
 * Create or replace the provided inbound configuration.
 *
 * @param <I>               Inbound API model
 * @param applicationId     Unique id of the app
 * @param inboundApiModel   Inbound API model to be created or replaced
 * @param getUpdatedInbound A function that takes the inbound API model and application as input and provides
 *                          updated inbound details.
 */
private <I> void putInbound(String applicationId,
                            I inboundApiModel,
                            BiFunction<ServiceProvider, I, InboundAuthenticationRequestConfig> getUpdatedInbound) {

    // We need a cloned copy of the Service Provider so that we changes we do not make cache dirty.
    ServiceProvider appToUpdate = cloneApplication(applicationId);
    // Update the service provider with the inbound configuration.
    InboundAuthenticationRequestConfig updatedInbound = getUpdatedInbound.apply(appToUpdate, inboundApiModel);
    // Add the updated inbound details
    updateOrInsertInbound(appToUpdate, updatedInbound);

    try {
        // Do the service provider update.
        updateServiceProvider(applicationId, appToUpdate);
    } catch (APIError error) {
        if (log.isDebugEnabled()) {
            log.debug("Error while updating application: " + applicationId + ". Attempting to rollback possible " +
                    "inbound configurations created before the update.");
        }
        doRollback(applicationId, updatedInbound);
        throw error;
    }
}
 

private void deleteInbound(String applicationId, String inboundType) {

        ServiceProvider appToUpdate;
        try {
            appToUpdate = cloneApplication(applicationId);
        } catch (APIError e) {
            if (ErrorMessage.APPLICATION_NOT_FOUND.getCode().equals(e.getCode())) {
                // Ignoring the delete operation and return 204 response code, since the resource does not exist.
                return;
            }
            throw e;
        }
        InboundAuthenticationConfig inboundAuthConfig = appToUpdate.getInboundAuthenticationConfig();

        if (ArrayUtils.isNotEmpty(inboundAuthConfig.getInboundAuthenticationRequestConfigs())) {
            // Remove the deleted inbound type by filtering it out of the available inbounds and doing an update.
            InboundAuthenticationRequestConfig[] filteredInbounds =
                    Arrays.stream(inboundAuthConfig.getInboundAuthenticationRequestConfigs())
                            .filter(inbound -> !StringUtils.equals(inboundType, inbound.getInboundAuthType()))
                            .toArray(InboundAuthenticationRequestConfig[]::new);

            appToUpdate.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs(filteredInbounds);
            updateServiceProvider(applicationId, appToUpdate);
        }
    }
 

public static InboundAuthenticationRequestConfig createOAuthInbound(String appName, OpenIDConnectConfiguration
                                                                    oidcModel) {

    // Build a consumer apps object.
    OAuthConsumerAppDTO consumerApp = new ApiModelToOAuthConsumerApp().apply(appName, oidcModel);
    try {
        OAuthConsumerAppDTO createdOAuthApp = ApplicationManagementServiceHolder.getInstance()
                .getOAuthAdminService()
                .registerAndRetrieveOAuthApplicationData(consumerApp);

        return createInboundAuthRequestConfig(createdOAuthApp.getOauthConsumerKey());
    } catch (IdentityOAuthAdminException e) {
        throw handleOAuthException(e);
    }
}
 

public static void deleteOAuthInbound(InboundAuthenticationRequestConfig inbound) {

        try {
            String consumerKey = inbound.getInboundAuthKey();
            ApplicationManagementServiceHolder.getInstance().getOAuthAdminService().removeOAuthApplicationData
                    (consumerKey);
        } catch (IdentityOAuthAdminException e) {
            throw buildServerError("Error while trying to rollback OAuth2/OpenIDConnect " +
                    "configuration." + e.getMessage(), e);
        }
    }
 

public static OpenIDConnectConfiguration getOAuthConfiguration(InboundAuthenticationRequestConfig inboundAuth) {

        String clientId = inboundAuth.getInboundAuthKey();
        try {
            OAuthConsumerAppDTO oauthApp =
                    ApplicationManagementServiceHolder.getInstance().getOAuthAdminService().getOAuthApplicationData
                            (clientId);
            return new OAuthConsumerAppToApiModel().apply(oauthApp);

        } catch (IdentityOAuthAdminException e) {
            throw buildServerError("Error while retrieving oauth application for clientId: " + clientId, e);
        }
    }
 

/**
 * Get Property values
 *
 * @param tenantDomain  Tenant domain
 * @param spIssuer      SP Issuer
 * @param propertyNames Property names
 * @return Properties map
 * @throws IdentityApplicationManagementException
 */
protected Map<String, String> getPropertyValues(String tenantDomain, String spIssuer, List<String> propertyNames)
        throws IdentityApplicationManagementException {

    ServiceProvider serviceProvider = ApplicationMgtSystemConfig.getInstance().getApplicationDAO()
            .getApplication(spIssuer, tenantDomain);

    if (serviceProvider == null) {
        throw new IdentityApplicationManagementException(
                "No service provider exists in the provided tenant, with the given issuer id " + spIssuer);
    }

    Map<String, String> propKeyValueMap = new HashMap<String, String>();

    InboundAuthenticationRequestConfig[] inboundAuthReqConfigs = serviceProvider.getInboundAuthenticationConfig()
            .getInboundAuthenticationRequestConfigs();

    if (inboundAuthReqConfigs != null && inboundAuthReqConfigs.length > 0) {
        for (InboundAuthenticationRequestConfig authConfig : inboundAuthReqConfigs) {
            Property[] properties = authConfig.getProperties();
            for (Property prop : properties) {
                if (propertyNames.contains(prop.getName())) {
                    propKeyValueMap.put(prop.getName(), prop.getValue());
                }
            }
        }
    }

    return propKeyValueMap;
}
 

/**
 * @param inboundAuthenticationConfig Inbound authentication configuration.
 * @param tenantDomain                Tenant domain of application.
 * @param appId                       Application ID.
 * @throws IdentityApplicationManagementException IdentityApplicationManagementException.
 */
private void validateInboundAuthenticationConfig(InboundAuthenticationConfig inboundAuthenticationConfig, String
        tenantDomain, int appId) throws IdentityApplicationManagementException {

    if (inboundAuthenticationConfig == null) {
        return;
    }
    InboundAuthenticationRequestConfig[] inboundAuthRequestConfigs = inboundAuthenticationConfig
            .getInboundAuthenticationRequestConfigs();
    if (ArrayUtils.isNotEmpty(inboundAuthRequestConfigs)) {
        for (InboundAuthenticationRequestConfig inboundAuthRequestConfig : inboundAuthRequestConfigs) {
            validateInboundAuthKey(inboundAuthRequestConfig, appId, tenantDomain);
        }
    }
}
 

private static InboundAuthenticationRequestConfig createInboundAuthRequestConfig(String clientId) {

        InboundAuthenticationRequestConfig oidcInbound = new InboundAuthenticationRequestConfig();
        oidcInbound.setInboundAuthType(StandardInboundProtocols.OAUTH2);
        oidcInbound.setInboundAuthKey(clientId);
        return oidcInbound;
    }
 

@Override
public InboundAuthenticationRequestConfig apply(CustomInboundProtocolConfiguration customInbound) {

    InboundAuthenticationRequestConfig inboundRequestConfig = new InboundAuthenticationRequestConfig();
    inboundRequestConfig.setInboundAuthType(customInbound.getName());
    inboundRequestConfig.setInboundConfigType(customInbound.getConfigName());
    inboundRequestConfig.setProperties(getProperties(customInbound));
    return inboundRequestConfig;
}
 

/**
 * Validate whether the configured inbound authentication key is already being used by another application.
 *
 * @param inboundConfig Inbound authentication request configuration.
 * @param appId         Application ID.
 * @param tenantDomain  Application tenant domain.
 * @throws IdentityApplicationManagementException IdentityApplicationManagementException.
 */
private void validateInboundAuthKey(InboundAuthenticationRequestConfig inboundConfig, int appId, String
        tenantDomain) throws IdentityApplicationManagementException {

    if (inboundConfig == null) {
        return;
    }

    /*
     * We need to directly retrieve the application from DB since {@link ServiceProviderByInboundAuthCache} cache
     * can have inconsistent applications stored against the <inbound-auth-key, inbound-auth-type, tenant-domain>
     * cache key which is not unique.
     */
    ApplicationDAO applicationDAO = new ApplicationDAOImpl();
    String existingAppName = applicationDAO.getServiceProviderNameByClientId
            (inboundConfig.getInboundAuthKey(), inboundConfig.getInboundAuthType(), CarbonContext
                    .getThreadLocalCarbonContext().getTenantDomain());

    if (StringUtils.isBlank(existingAppName)) {
        if (log.isDebugEnabled()) {
            log.debug("Cannot find application name for the inbound auth key: " + inboundConfig
                    .getInboundAuthKey() + " of inbound auth type: " + inboundConfig.getInboundAuthType());
        }
        return;
    }
    ServiceProvider existingApp = applicationDAO.getApplication(existingAppName, tenantDomain);
    if (existingApp != null && existingApp.getApplicationID() != appId) {
        String msg = "Inbound key: '" + inboundConfig.getInboundAuthKey() + "' of inbound auth type: '" +
                inboundConfig.getInboundAuthType() + "' is already configured for the application :'" +
                existingApp.getApplicationName() + "'";
        /*
         * Since this is a conflict scenario, we need to use a different error code. Hence throwing an
         * 'IdentityApplicationManagementClientException' here with the correct error code.
         */
        throw buildClientException(IdentityApplicationConstants.Error.INBOUND_KEY_ALREADY_EXISTS, msg);
    }
}
 

@Override
public String getServiceProviderNameByClientId(String clientId, String clientType,
                                               String tenantDomain) throws IdentityApplicationManagementException {

    if (StringUtils.isEmpty(clientId)) {
        return null;
    }

    Map<String, ServiceProvider> spMap = ApplicationManagementServiceComponent
            .getFileBasedSPs();

    for (Iterator<Entry<String, ServiceProvider>> iterator = spMap.entrySet().iterator(); iterator
            .hasNext(); ) {
        Entry<String, ServiceProvider> entry = iterator.next();
        if (entry.getValue().getInboundAuthenticationConfig() != null) {
            InboundAuthenticationRequestConfig[] authRequestConfigs = entry.getValue()
                    .getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();

            if (authRequestConfigs != null && authRequestConfigs.length > 0) {
                for (InboundAuthenticationRequestConfig config : authRequestConfigs) {
                    if (clientType.equals(config.getInboundAuthType())
                            && clientId.equals(config.getInboundAuthKey())) {
                        return entry.getKey();
                    }
                }
            }
        }

    }

    return null;
}
 

private void clearAppCacheByInboundKey(ServiceProvider serviceProvider, String tenantDomain) {

        if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider
                .getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
            InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig()
                    .getInboundAuthenticationRequestConfigs();
            for (InboundAuthenticationRequestConfig config : configs) {
                if (config.getInboundAuthKey() != null) {
                    ServiceProviderCacheInboundAuthKey clientKey = new ServiceProviderCacheInboundAuthKey(
                            config.getInboundAuthKey(), config.getInboundAuthType(), tenantDomain);
                    appCacheByInboundAuth.clearCacheEntry(clientKey);
                }
            }
        }
    }
 

/**
 * Return a list of custom inbound authenticators.
 *
 * @return Map<String, InboundAuthenticationRequestConfig>
 */
public List<InboundAuthenticationRequestConfig> getCustomInboundAuthenticatorConfigs() {

    if (customInboundAuthenticatorConfigs != null) {
        return customInboundAuthenticatorConfigs;
    }
    generateCustomInboundAuthenticatorConfigs();
    return customInboundAuthenticatorConfigs;
}
 

/**
 * Get Property values
 *
 * @param tenantDomain Tenant domain
 * @param spIssuer SP Issuer
 * @param propertyNames Property names
 * @return Properties map
 * @throws IdentityApplicationManagementException
 */
protected Map<String, String> getPropertyValues(String tenantDomain, String spIssuer, List<String> propertyNames)
        throws IdentityApplicationManagementException {

    ServiceProvider serviceProvider = ApplicationMgtSystemConfig.getInstance().getApplicationDAO()
            .getApplication(spIssuer, tenantDomain);

    if (serviceProvider == null) {
        throw new IdentityApplicationManagementException(
                "No service provider exists in the provided tenant, with the given issuer id " + spIssuer);
    }

    Map<String, String> propKeyValueMap = new HashMap<String, String>();

    InboundAuthenticationRequestConfig[] inboundAuthReqConfigs = serviceProvider.getInboundAuthenticationConfig()
            .getInboundAuthenticationRequestConfigs();

    if (inboundAuthReqConfigs != null && inboundAuthReqConfigs.length > 0) {
        for (InboundAuthenticationRequestConfig authConfig : inboundAuthReqConfigs) {
            Property[] properties = authConfig.getProperties();
            for (Property prop : properties) {
                if (propertyNames.contains(prop.getName())) {
                    propKeyValueMap.put(prop.getName(), prop.getValue());
                }
            }
        }
    }

    return propKeyValueMap;
}
 

/**
 * Deletes the application from IDN_APPMGT_APP table. Cascade deletes with foreign key
 * constraints should delete the corresponding entries from the tables
 *
 * @param appName
 * @throws IdentityApplicationManagementException
 */
public void deleteApplication(String appName) throws IdentityApplicationManagementException {

    int tenantID = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    Connection connection = IdentityDatabaseUtil.getDBConnection();

    if (log.isDebugEnabled()) {
        log.debug("Deleting Application " + appName);
    }

    // Now, delete the application
    PreparedStatement deleteClientPrepStmt = null;
    try {
        // First, delete all the clients of the application
        int applicationID = getApplicationIDByName(appName, tenantID, connection);
        InboundAuthenticationConfig clients = getInboundAuthenticationConfig(applicationID,
                connection, tenantID);
        for (InboundAuthenticationRequestConfig client : clients
                .getInboundAuthenticationRequestConfigs()) {
            deleteClient(client.getInboundAuthKey(), client.getInboundAuthType());
        }

        deleteClientPrepStmt = connection
                .prepareStatement(ApplicationMgtDBQueries.REMOVE_APP_FROM_APPMGT_APP);
        deleteClientPrepStmt.setString(1, appName);
        deleteClientPrepStmt.setInt(2, tenantID);
        deleteClientPrepStmt.execute();

        if (!connection.getAutoCommit()) {
            connection.commit();
        }

    } catch (SQLException e) {
        throw new IdentityApplicationManagementException("Error deleting application", e);
    } finally {
        IdentityApplicationManagementUtil.closeStatement(deleteClientPrepStmt);
        IdentityApplicationManagementUtil.closeConnection(connection);
    }
}
 

@Override
public String getServiceProviderNameByClientId(String clientId, String clientType,
                                               String tenantDomain) throws IdentityApplicationManagementException {

    Map<String, ServiceProvider> spMap = ApplicationManagementServiceComponent
            .getFileBasedSPs();

    for (Iterator<Entry<String, ServiceProvider>> iterator = spMap.entrySet().iterator(); iterator
            .hasNext(); ) {
        Entry<String, ServiceProvider> entry = iterator.next();
        if (entry.getValue().getInboundAuthenticationConfig() != null) {
            InboundAuthenticationRequestConfig[] authRequestConfigs = entry.getValue()
                    .getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();

            if (authRequestConfigs != null && authRequestConfigs.length > 0) {
                for (InboundAuthenticationRequestConfig config : authRequestConfigs) {
                    if (clientType.equals(config.getInboundAuthType())
                            && clientId.equals(config.getInboundAuthKey())) {
                        return entry.getKey();
                    }
                }
            }
        }

    }

    return null;
}
 

private void removeClientSecret(ServiceProvider serviceProvider) {
    InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig();
    if (inboundAuthenticationConfig != null) {
        InboundAuthenticationRequestConfig[] inboundRequestConfigs = inboundAuthenticationConfig.
                getInboundAuthenticationRequestConfigs();
        if (inboundRequestConfigs != null) {
            for (InboundAuthenticationRequestConfig inboundRequestConfig : inboundRequestConfigs) {
                if (inboundRequestConfig.getInboundAuthType().equals(OAUTH2)) {
                    Property[] props = inboundRequestConfig.getProperties();
                    for (Property prop : props) {
                        if (prop.getName().equalsIgnoreCase(OAUTH2_CONSUMER_SECRET)) {
                            props = (Property[]) ArrayUtils.removeElement(props, prop);
                            inboundRequestConfig.setProperties(props);
                            continue;   //we are interested only on this property
                        } else {
                            //ignore
                        }
                    }
                    continue;// we are interested only on oauth2 config. Only one will be present.
                } else {
                    //ignore
                }
            }
        } else {
            //ignore
        }
    } else {
        //nothing to do
    }
}