org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants Java Examples

@Override
public boolean doPreDeleteIdP(String idPName, String tenantDomain) throws IdentityProviderManagementException {

    if (StringUtils.isEmpty(idPName)) {
        throw new IllegalArgumentException("Invalid argument: Identity Provider Name value is empty");
    }

    String loggedInTenant = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();

    if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
        if (StringUtils.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, tenantDomain)) {
            throw new IdentityProviderManagementException("Cannot delete Resident Identity Provider of Super " +
                    "Tenant");
        } else if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME != loggedInTenant) {
            throw new IdentityProviderManagementException("Tenant user of " + loggedInTenant + " cannot delete " +
                    "Resident Identity Provider of tenant " + tenantDomain);
        } else {
            log.warn("Deleting Resident Identity Provider for tenant " + tenantDomain);
        }
    }

    return true;
}
 

@Override
public boolean isValid() {

    if (IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.IDP_ENTITY_ID) != null
            && !"".equals(IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.IDP_ENTITY_ID))
            && IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.SP_ENTITY_ID) != null
            && !"".equals(IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.SP_ENTITY_ID))
            && IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.SSO_URL) != null
            && !"".equals(IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.SAML2SSO.SSO_URL))) {
        return true;
    }
    return false;
}
 

/**
 * Remove original passwords with random passwords when sending password properties to UI front-end
 *
 * @param properties
 */
public Property[] removeOriginalPasswords(Property[] properties) {

    if (ArrayUtils.isEmpty(properties)) {
        return new Property[0];
    }

    properties = addUniqueIdProperty(properties);
    String uuid = IdentityApplicationManagementUtil
            .getPropertyValue(properties, IdentityApplicationConstants.UNIQUE_ID_CONSTANT);
    String randomPhrase = IdentityApplicationConstants.RANDOM_PHRASE_PREFIX + uuid;
    RandomPassword[] randomPasswords = replaceOriginalPasswordsWithRandomPasswords(
            randomPhrase, properties);
    if (!ArrayUtils.isEmpty(randomPasswords)) {
        addPasswordContainerToCache(randomPasswords, uuid);
    }

    return properties;
}
 

/**
 * Remove random passwords with original passwords when sending password properties to Service Back-end
 * @param properties
 */
public Property[] removeRandomPasswords(Property[] properties, boolean withCacheClear) {

    if (ArrayUtils.isEmpty(properties)) {
        return new Property[0];
    }

    String uuid = IdentityApplicationManagementUtil.getPropertyValue(properties,
                                                                     IdentityApplicationConstants.UNIQUE_ID_CONSTANT);
    if (StringUtils.isBlank(uuid)) {
        if (log.isDebugEnabled()) {
            log.debug("Cache Key not found for Random Password Container");
        }
    } else {
        properties = removeUniqueIdProperty(properties);
        RandomPassword[] randomPasswords = getRandomPasswordContainerFromCache(uuid, withCacheClear);
        if (!ArrayUtils.isEmpty(randomPasswords)) {
            replaceRandomPasswordsWithOriginalPasswords(properties,
                                                        randomPasswords);
        }
    }
    return properties;
}
 

/**
 * Remove original passwords with random passwords when sending password properties to UI front-end
 * @param properties
 */
public Property[] removeOriginalPasswords(Property[] properties){

    if (ArrayUtils.isEmpty(properties)){
        return new Property[0];
    }

    properties = addUniqueIdProperty(properties);
    String uuid = IdentityApplicationManagementUtil
            .getPropertyValue(properties, IdentityApplicationConstants.UNIQUE_ID_CONSTANT);
    String randomPhrase = IdentityApplicationConstants.RANDOM_PHRASE_PREFIX + uuid;
    RandomPassword[] randomPasswords = replaceOriginalPasswordsWithRandomPasswords(
            randomPhrase, properties);
    if (!ArrayUtils.isEmpty(randomPasswords)) {
        addPasswordContainerToCache(randomPasswords, uuid);
    }

    return properties;
}
 

public static int getRememberMeTimeout(String tenantDomain) {

        IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
        int rememberMeTimeout = Integer.parseInt(IdentityApplicationConstants.REMEMBER_ME_TIME_OUT_DEFAULT);

        try {
            IdentityProvider identityProvider = identityProviderManager.getResidentIdP(tenantDomain);
            IdentityProviderProperty idpProperty = IdentityApplicationManagementUtil.getProperty(
                    identityProvider.getIdpProperties(), IdentityApplicationConstants.REMEMBER_ME_TIME_OUT);
            if (idpProperty != null) {
                rememberMeTimeout = Integer.parseInt(idpProperty.getValue());
            }
        } catch (IdentityProviderManagementException e) {
            log.error("Error when accessing the IdentityProviderManager for tenant : " + tenantDomain, e);
        }
        return rememberMeTimeout * 60;
    }
 

private IdentityProvider getLocalIdpForIssuer(String jwtIssuer,
                                              String tenantDomain) throws IdentityOAuth2Exception {

    String residentIdpIssuer = null;
    IdentityProvider residentIdentityProvider;
    try {
        residentIdentityProvider = IdentityProviderManager.getInstance().getResidentIdP(tenantDomain);
    } catch (IdentityProviderManagementException e) {
        throw new IdentityOAuth2Exception("Error retrieving resident IDP information for issuer: " + jwtIssuer +
                " of tenantDomain: " + tenantDomain, e);
    }

    FederatedAuthenticatorConfig[] fedAuthnConfigs = residentIdentityProvider.getFederatedAuthenticatorConfigs();
    FederatedAuthenticatorConfig oauthAuthenticatorConfig =
            IdentityApplicationManagementUtil.getFederatedAuthenticator(fedAuthnConfigs,
                    IdentityApplicationConstants.Authenticator.OIDC.NAME);
    if (oauthAuthenticatorConfig != null) {
        residentIdpIssuer = IdentityApplicationManagementUtil.getProperty(oauthAuthenticatorConfig.getProperties(),
                Utils.OPENID_IDP_ENTITY_ID).getValue();
    }
    return StringUtils.equalsIgnoreCase(residentIdpIssuer, jwtIssuer) ? residentIdentityProvider : null;
}
 

/**
 * @param idPName
 * @param tenantDomain
 * @param ignoreFileBasedIdps
 * @return
 * @throws IdentityProviderManagementException
 */
public IdentityProvider getIdPByName(String idPName, String tenantDomain,
                                     boolean ignoreFileBasedIdps) throws IdentityProviderManagementException {

    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    if (StringUtils.isEmpty(idPName)) {
        String msg = "Invalid argument: Identity Provider Name value is empty";
        throw new IdentityProviderManagementException(msg);
    }

    IdentityProvider identityProvider = dao.getIdPByName(null, idPName, tenantId, tenantDomain);

    if (!ignoreFileBasedIdps) {

        if (identityProvider == null) {
            identityProvider = new FileBasedIdPMgtDAO().getIdPByName(idPName, tenantDomain);
        }

        if (identityProvider == null) {
            identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get(
                    IdentityApplicationConstants.DEFAULT_IDP_CONFIG);
        }
    }

    return identityProvider;
}
 

public static int getRememberMeTimeout(String tenantDomain) {

        IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
        int rememberMeTimeout = Integer.parseInt(IdentityApplicationConstants.REMEMBER_ME_TIME_OUT_DEFAULT);

        try {
            IdentityProvider identityProvider = identityProviderManager.getResidentIdP(tenantDomain);
            IdentityProviderProperty idpProperty = IdentityApplicationManagementUtil.getProperty(
                    identityProvider.getIdpProperties(), IdentityApplicationConstants.REMEMBER_ME_TIME_OUT);
            if (idpProperty != null) {
                rememberMeTimeout = Integer.parseInt(idpProperty.getValue());
            }
        } catch (IdentityProviderManagementException e) {
            log.error("Error when accessing the IdentityProviderManager for tenant : " + tenantDomain, e);
        }
        return rememberMeTimeout * 60;
    }
 

public static int getIdleSessionTimeOut(String tenantDomain) {

        IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
        int timeout = Integer.parseInt(IdentityApplicationConstants.SESSION_IDLE_TIME_OUT_DEFAULT);

        try {
            IdentityProvider identityProvider = identityProviderManager.getResidentIdP(tenantDomain);
            IdentityProviderProperty idpProperty = IdentityApplicationManagementUtil.getProperty(
                    identityProvider.getIdpProperties(), IdentityApplicationConstants.SESSION_IDLE_TIME_OUT);
            if (idpProperty != null) {
                timeout = Integer.parseInt(idpProperty.getValue());
            }
        } catch (IdentityProviderManagementException e) {
            log.error("Error when accessing the IdentityProviderManager for tenant : " + tenantDomain, e);
        }
        return timeout * 60;
    }
 

private Property[] addUniqueIdProperty(Property[] properties) {

        if (ArrayUtils.isEmpty(properties)) {
            return new Property[0];
        }

        String uuid = UUID.randomUUID().toString();
        Property uniqueIdProperty = new Property();
        uniqueIdProperty.setName(IdentityApplicationConstants.UNIQUE_ID_CONSTANT);
        uniqueIdProperty.setValue(uuid);
        if (log.isDebugEnabled()) {
            log.debug("Adding uniqueId property: " + uuid);
        }
        properties = (Property[]) ArrayUtils.add(properties, uniqueIdProperty);

        return properties;
    }
 

public void validateSPConfigurations(ServiceProvider serviceProvider, String tenantDomain,
                                     String userName) throws IdentityApplicationManagementException {

    List<String> validationErrors = new ArrayList<>();
    validateDiscoverabilityConfigs(validationErrors, serviceProvider);
    validateInboundAuthenticationConfig(serviceProvider.getInboundAuthenticationConfig(), tenantDomain,
            serviceProvider.getApplicationID());
    validateLocalAndOutBoundAuthenticationConfig(validationErrors,
            serviceProvider.getLocalAndOutBoundAuthenticationConfig(),
            tenantDomain);
    validateRequestPathAuthenticationConfig(validationErrors, serviceProvider.getRequestPathAuthenticatorConfigs(),
            tenantDomain);
    validateOutBoundProvisioning(validationErrors, serviceProvider.getOutboundProvisioningConfig(), tenantDomain);
    validateClaimsConfigs(validationErrors, serviceProvider.getClaimConfig(),
            serviceProvider.getLocalAndOutBoundAuthenticationConfig() != null ? serviceProvider
                    .getLocalAndOutBoundAuthenticationConfig().getSubjectClaimUri() : null,
            tenantDomain, serviceProvider.getApplicationName());
    validateRoleConfigs(validationErrors, serviceProvider.getPermissionAndRoleConfig(), tenantDomain);

    if (!validationErrors.isEmpty()) {
        String code = IdentityApplicationConstants.Error.INVALID_REQUEST.getCode();
        throw new IdentityApplicationManagementValidationException(code, validationErrors.toArray(new String[0]));
    }
}
 

public static boolean isAuthnRequestSigned(Map<String, String> properties) {
    if (properties != null) {
        String prop = properties.get(IdentityApplicationConstants.Authenticator.SAML2SSO.IS_AUTHN_REQ_SIGNED);
        if (prop != null) {
            return Boolean.parseBoolean(prop);
        }
    }
    return false;
}
 

/**
 * Initialize the Yahoo user info url.
 */
private void initUserInfoURL() {

    userInfoURL = getAuthenticatorConfig()
            .getParameterMap()
            .get(GoogleOAuth2AuthenticationConstant.GOOGLE_USERINFO_ENDPOINT);

    if (userInfoURL == null) {
        userInfoURL = IdentityApplicationConstants.GOOGLE_USERINFO_URL;
    }
}
 

@Override
protected void processAuthenticationResponse(HttpServletRequest request,
                                             HttpServletResponse response, AuthenticationContext context)
        throws AuthenticationFailedException {

    OpenIDManager manager = getNewOpenIDManagerInstance();

    try {
        manager.processOpenIDLoginResponse(request, response, context);

        AuthenticatedUser authenticatedSubject = context.getSubject();
        String subject = null;
        String isSubjectInClaimsProp = context.getAuthenticatorProperties().get(
                IdentityApplicationConstants.Authenticator.SAML2SSO.IS_USER_ID_IN_CLAIMS);
        if ("true".equalsIgnoreCase(isSubjectInClaimsProp)) {
            subject = getSubjectFromUserIDClaimURI(context);
        }

        if (subject == null) {
            subject = authenticatedSubject.getAuthenticatedSubjectIdentifier();
        }

        if (subject == null) {
            throw new OpenIDException("Cannot find federated User Identifier");
        }

        authenticatedSubject.setAuthenticatedSubjectIdentifier(subject);

    } catch (OpenIDException e) {
        log.error("Error when processing response from OpenID Provider", e);
        throw new AuthenticationFailedException(e.getMessage(), e);
    }
}
 

/**
 * Retrieves Identity provider information about a given tenant
 *
 * @param idPName      Unique name of the IdP to which the given local roles need to be mapped
 * @param tenantDomain The tenant domain of whose local roles need to be mapped
 * @param localRoles   Local roles which need to be mapped to IdP roles
 * @throws IdentityProviderManagementException Error when getting role mappings
 */
public Set<RoleMapping> getMappedIdPRoles(String idPName, String tenantDomain,
                                          LocalRole[] localRoles) throws IdentityProviderManagementException {

    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    if (StringUtils.isEmpty(idPName)) {
        String msg = "Invalid argument: Identity Provider Name value is empty";
        throw new IdentityProviderManagementException(msg);
    }
    IdentityProvider identityProvider = dao.getIdPByName(null, idPName, tenantId, tenantDomain);

    if (identityProvider == null) {
        identityProvider = new FileBasedIdPMgtDAO().getIdPByName(idPName, tenantDomain);
    }

    if (identityProvider == null) {
        identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get(
                IdentityApplicationConstants.DEFAULT_IDP_CONFIG);
    }

    PermissionsAndRoleConfig roleConfiguration = identityProvider.getPermissionAndRoleConfig();

    if (roleConfiguration != null) {
        RoleMapping[] roleMappings = roleConfiguration.getRoleMappings();

        if (roleMappings != null && roleMappings.length > 0 && localRoles != null) {
            Set<RoleMapping> returnSet = new HashSet<RoleMapping>();
            for (LocalRole localRole : localRoles) {
                for (RoleMapping roleMapping : roleMappings) {
                    if (roleMapping.getLocalRole().equals(localRole)) {
                        returnSet.add(roleMapping);
                        break;
                    }
                }
            }
            return returnSet;
        }
    }
    return new HashSet<RoleMapping>();
}
 

/**
 * @param property
 * @param value
 * @param tenantDomain
 * @return
 */
public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, String value, String tenantDomain) {

    Map<String, IdentityProvider> identityProviders = IdPManagementServiceComponent.getFileBasedIdPs();
    for (Iterator<Entry<String, IdentityProvider>> iterator = identityProviders.entrySet().iterator(); iterator
            .hasNext(); ) {
        Entry<String, IdentityProvider> entry = iterator.next();
        FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = entry.getValue().
                getFederatedAuthenticatorConfigs();
        // Get SAML2 Web SSO authenticator
        FederatedAuthenticatorConfig samlAuthenticatorConfig = IdentityApplicationManagementUtil.
                getFederatedAuthenticator(
                        federatedAuthenticatorConfigs, IdentityApplicationConstants.Authenticator.SAML2SSO.NAME);

        if (samlAuthenticatorConfig != null) {
            Property samlProperty = IdentityApplicationManagementUtil.getProperty(samlAuthenticatorConfig.
                            getProperties(),
                    property);
            if (samlProperty != null) {
                if (value.equalsIgnoreCase(samlProperty.getValue())) {
                    return entry.getValue();
                }
            }
        }
    }
    return null;
}
 

private static void addSuperTenantIdp() throws Exception {

        try {
            IdentityProvider identityProvider = new IdentityProvider();
            identityProvider.setIdentityProviderName(IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME);
            identityProvider.setHomeRealmId(IdentityUtil.getHostName());
            identityProvider.setPrimary(true);
            IdentityProviderManager.getInstance()
                    .addResidentIdP(identityProvider, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        } catch (Throwable e) {
            throw new Exception("Error when adding Resident Identity Provider entry for super tenant ", e);
        }
    }
 

/**
 * Get Configuration Properties
 *
 * @return
 */
@Override
public List<Property> getConfigurationProperties() {

    List<Property> configProperties = new ArrayList<Property>();

    Property clientId = new Property();
    clientId.setName(OIDCAuthenticatorConstants.CLIENT_ID);
    clientId.setDisplayName("Client Id");
    clientId.setRequired(true);
    clientId.setDescription("Enter Google IDP client identifier value");
    clientId.setDisplayOrder(1);
    configProperties.add(clientId);

    Property clientSecret = new Property();
    clientSecret.setName(OIDCAuthenticatorConstants.CLIENT_SECRET);
    clientSecret.setDisplayName("Client Secret");
    clientSecret.setRequired(true);
    clientSecret.setConfidential(true);
    clientSecret.setDescription("Enter Google IDP client secret value");
    clientSecret.setDisplayOrder(2);
    configProperties.add(clientSecret);

    Property callbackUrl = new Property();
    callbackUrl.setDisplayName("Callback Url");
    callbackUrl.setName(IdentityApplicationConstants.OAuth2.CALLBACK_URL);
    callbackUrl.setDescription("Enter value corresponding to callback url.");
    callbackUrl.setDisplayOrder(3);
    configProperties.add(callbackUrl);

    Property scope = new Property();
    scope.setDisplayName("Additional Query Parameters");
    scope.setName("AdditionalQueryParameters");
    scope.setValue("scope=openid email profile");
    scope.setDescription("Additional query parameters. e.g: paramName1=value1");
    scope.setDisplayOrder(4);
    configProperties.add(scope);

    return configProperties;
}
 

/**
 * Populate the result set.
 *
 * @param resultSet          ResultSet.
 * @param dbConnection       Database Connection.
 * @param requiredAttributes Required attributes which needs to be return.
 * @param tenantId           Tenant Id of the identity provider.
 * @return List of Identity Provider.
 * @throws SQLException Database Exception.
 */
private List<IdentityProvider> populateIdentityProviderList(ResultSet resultSet, Connection dbConnection,
                                                            List<String> requiredAttributes, int tenantId)
        throws SQLException, IdentityProviderManagementServerException {

    List<IdentityProvider> identityProviderList = new ArrayList<>();
    while (resultSet.next()) {
        IdentityProvider identityProvider = new IdentityProvider();
        // First set the basic attributes such as id, name, description, isEnabled, image url, uuid.
        identityProvider.setId(resultSet.getString("ID"));
        identityProvider.setIdentityProviderName(resultSet.getString("NAME"));
        identityProvider.setIdentityProviderDescription(resultSet.getString("DESCRIPTION"));
        // IS_ENABLE
        if ((IdPManagementConstants.IS_TRUE_VALUE).equals(resultSet.getString("IS_ENABLED"))) {
            identityProvider.setEnable(true);
        } else {
            identityProvider.setEnable(false);
        }
        identityProvider.setImageUrl(resultSet.getString("IMAGE_URL"));
        identityProvider.setResourceId(resultSet.getString("UUID"));

        populateRequiredAttributesForIdentityProviderList(resultSet, dbConnection, requiredAttributes, tenantId,
                identityProvider);

        if (!IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME
                .equals(identityProvider.getIdentityProviderName())) {
            identityProviderList.add(identityProvider);
        }
        List<IdentityProviderProperty> propertyList = getIdentityPropertiesByIdpId(dbConnection,
                Integer.parseInt(resultSet.getString("ID")));
        identityProvider.setIdpProperties(propertyList.toArray(new IdentityProviderProperty[0]));
    }
    return identityProviderList;
}
 

public static JustInTimeProvisioningConfig build(OMElement justInTimeProvisioningConfigOM) {
    JustInTimeProvisioningConfig justInTimeProvisioningConfig = new JustInTimeProvisioningConfig();

    if (justInTimeProvisioningConfigOM == null) {
        return justInTimeProvisioningConfig;
    }

    Iterator<?> iter = justInTimeProvisioningConfigOM.getChildElements();

    while (iter.hasNext()) {
        OMElement element = (OMElement) (iter.next());
        String elementName = element.getLocalName();

        if ("UserStoreClaimUri".equals(elementName)) {
            justInTimeProvisioningConfig.setUserStoreClaimUri(element.getText());
        } else if ("ProvisioningUserStore".equals(elementName)) {
            justInTimeProvisioningConfig.setProvisioningUserStore(element.getText());
        } else if ("IsProvisioningEnabled".equals(elementName)) {
            if (element.getText() != null && element.getText().trim().length() > 0) {
                justInTimeProvisioningConfig.setProvisioningEnabled(Boolean
                        .parseBoolean(element.getText()));
            }
        } else if (IdentityApplicationConstants.IS_PASSWORD_PROVISIONING_ENABLED_ELEMENT.equals(elementName)) {
            if (StringUtils.isNotEmpty(element.getText())) {
                justInTimeProvisioningConfig
                        .setPasswordProvisioningEnabled(Boolean.parseBoolean(element.getText()));
            }
        } else if (IdentityApplicationConstants.ALLOW_MODIFY_USERNAME_ELEMENT.equals(elementName)) {
            if (StringUtils.isNotEmpty(element.getText())) {
                justInTimeProvisioningConfig.setModifyUserNameAllowed(Boolean.parseBoolean(element.getText()));
            }
        } else if (IdentityApplicationConstants.PROMPT_CONSENT_ELEMENT.equals(elementName)) {
            if (StringUtils.isNotEmpty(element.getText())) {
                justInTimeProvisioningConfig.setPromptConsent(Boolean.parseBoolean(element.getText()));
            }
        }
    }

    return justInTimeProvisioningConfig;
}
 

@Override
public boolean isValid() {

    if (IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.PassiveSTS.IDENTITY_PROVIDER_URL) != null
            && !"".equals(IdentityApplicationManagementUtil.getProperty(properties,
            IdentityApplicationConstants.Authenticator.PassiveSTS.IDENTITY_PROVIDER_URL))) {
        return true;
    }
    return false;
}
 

public SAML2SSOFederatedAuthenticatorConfig(FederatedAuthenticatorConfig federatedAuthenticatorConfig) {
    for (Property property : federatedAuthenticatorConfig.getProperties()) {
        if (IdentityApplicationConstants.Authenticator.SAML2SSO.IDP_ENTITY_ID.equals(property.getName())) {
            idpEntityId = property.getValue();
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.SP_ENTITY_ID.equals(property.getName())) {
            spEntityId = property.getValue();
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.SSO_URL.equals(property.getName())) {
            saml2SSOUrl = property.getValue();
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.IS_AUTHN_REQ_SIGNED.equals(
                property.getName())) {
            isAuthnRequestSigned = Boolean.parseBoolean(property.getValue());
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.IS_LOGOUT_ENABLED.equals(
                property.getName())) {
            isLogoutEnabled = Boolean.parseBoolean(property.getValue());
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.IS_LOGOUT_REQ_SIGNED.equals(
                property.getName())) {
            isLogoutRequestSigned = Boolean.parseBoolean(property.getValue());
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.LOGOUT_REQ_URL.equals(property.getName())) {
            logoutRequestUrl = property.getValue();
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.IS_AUTHN_RESP_SIGNED.equals(
                property.getName())) {
            isAuthnResponseSigned = Boolean.parseBoolean(property.getValue());
        } else if (IdentityApplicationConstants.Authenticator.SAML2SSO.IS_ENABLE_ASSERTION_ENCRYPTION.equals(
                property.getName())) {
            isAuthnResponseEncrypted = Boolean.parseBoolean(property.getValue());
        }
    }
}
 

/**
 * @param realmId
 * @param tenantId
 * @param tenantDomain
 * @return
 * @throws IdentityProviderManagementException
 */
public IdentityProvider getIdPByRealmId(String realmId, int tenantId,
                                        String tenantDomain) throws IdentityProviderManagementException {

    IdPHomeRealmIdCacheKey cacheKey = new IdPHomeRealmIdCacheKey(realmId, tenantDomain);
    IdPCacheEntry entry = idPCacheByHRI.getValueFromCache(cacheKey);
    if (entry != null) {
        log.debug("Cache entry found for Identity Provider with Home Realm ID " + realmId);
        return entry.getIdentityProvider();
    } else {
        log.debug("Cache entry not found for Identity Provider with Home Realm ID " + realmId
                + ". Fetching entry from DB");
    }

    IdentityProvider identityProvider = idPMgtDAO.getIdPByRealmId(realmId, tenantId, tenantDomain);

    if (identityProvider != null) {
        log.debug("Entry fetched from DB for Identity Provider with Home Realm ID " + realmId
                + ". Updating cache");
        idPCacheByHRI.addToCache(cacheKey, new IdPCacheEntry(identityProvider));
        IdPNameCacheKey idPNameCacheKey = new IdPNameCacheKey(
                identityProvider.getIdentityProviderName(), tenantDomain);
        idPCacheByName.addToCache(idPNameCacheKey, new IdPCacheEntry(identityProvider));
        if (identityProvider.isPrimary()) {
            primaryIdPs.put(tenantDomain, identityProvider);
        }
        if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(
                identityProvider.getIdentityProviderName())) {
            residentIdPs.put(tenantDomain, identityProvider);
        }
    } else {
        log.debug("Entry for Identity Provider with Home Realm ID " + realmId
                + " not found in cache or DB");
    }

    return identityProvider;
}
 

private boolean validateIdPEntityId(FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs,
                                    int tenantId, String tenantDomain) throws IdentityProviderManagementException {

    if (federatedAuthenticatorConfigs != null) {
        for (FederatedAuthenticatorConfig authConfig : federatedAuthenticatorConfigs) {
            if (IdentityApplicationConstants.Authenticator.SAML2SSO.FED_AUTH_NAME.equals(authConfig.getName()) ||
                    IdentityApplicationConstants.Authenticator.SAML2SSO.NAME.equals(authConfig.getName())) {
                Property[] properties = authConfig.getProperties();
                if (properties != null) {
                    for (Property property : properties) {
                        if (IdentityApplicationConstants.Authenticator.SAML2SSO.IDP_ENTITY_ID.equals(
                                property.getName())) {
                            if (dao.isIdPAvailableForAuthenticatorProperty(authConfig.getName(),
                                    IdentityApplicationConstants.Authenticator.SAML2SSO.IDP_ENTITY_ID,
                                    property.getValue(), tenantId)) {
                                String msg =
                                        "An Identity Provider Entity ID has already been registered with the " +
                                                "name '" + property.getValue() + "' for tenant '" + tenantDomain +
                                                "'";
                                throw new IdentityProviderManagementException(msg);
                            }
                            return true;
                        }
                    }
                }
            }
        }
    }
    return true;
}
 

/**
 * Initiate tokenEndpoint
 */
private void initTokenEndpoint() {
    this.tokenEndpoint = getAuthenticatorConfig().getParameterMap().get(GoogleOAuth2AuthenticationConstant
            .GOOGLE_TOKEN_ENDPOINT);
    if (StringUtils.isBlank(this.tokenEndpoint)) {
        this.tokenEndpoint = IdentityApplicationConstants.GOOGLE_TOKEN_URL;
    }
}
 

/**
 * Initiate authorization server endpoint
 */
private void initOAuthEndpoint() {
    this.oAuthEndpoint = getAuthenticatorConfig().getParameterMap().get(GoogleOAuth2AuthenticationConstant
            .GOOGLE_AUTHZ_ENDPOINT);
    if (StringUtils.isBlank(this.oAuthEndpoint)) {
        this.oAuthEndpoint = IdentityApplicationConstants.GOOGLE_OAUTH_URL;
    }
}
 

private static void addSuperTenantIdp() throws Exception {

        try {
            IdentityProvider identityProvider = new IdentityProvider();
            identityProvider.setIdentityProviderName(IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME);
            identityProvider.setHomeRealmId(IdentityUtil.getHostName());
            identityProvider.setPrimary(true);
            IdentityProviderManager.getInstance()
                    .addResidentIdP(identityProvider, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        } catch (Throwable e) {
            throw new Exception("Error when adding Resident Identity Provider entry for super tenant ", e);
        }
    }
 

/**
 * Initiate authorization server endpoint
 */
private void initOAuthEndpoint() {
    this.oAuthEndpoint = getAuthenticatorConfig().getParameterMap().get(FacebookAuthenticatorConstants
            .FB_AUTHZ_URL);
    if (StringUtils.isBlank(this.oAuthEndpoint)) {
        this.oAuthEndpoint = IdentityApplicationConstants.FB_AUTHZ_URL;
    }
}
 

@Override
public IdentityProvider getIdPById(String id, String tenantDomain,
                                   boolean ignoreFileBasedIdps) throws IdentityProviderManagementException {

    if (StringUtils.isEmpty(id)) {
        String msg = "Invalid argument: Identity Provider ID value is empty";
        throw new IdentityProviderManagementException(msg);
    }
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    Integer intId;
    IdentityProvider identityProvider = null;

    try {
        intId = Integer.parseInt(id);
        identityProvider = dao.getIdPById(null, intId, tenantId, tenantDomain);
    } catch (NumberFormatException e) {
        // Ignore this.
    }
    if (!ignoreFileBasedIdps) {

        if (identityProvider == null) {
            identityProvider = new FileBasedIdPMgtDAO().getIdPByName(id, tenantDomain);
        }

        if (identityProvider == null) {
            identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get(
                    IdentityApplicationConstants.DEFAULT_IDP_CONFIG);
        }
    }

    return identityProvider;
}