org.wso2.carbon.identity.application.mgt.ApplicationManagementService Java Examples
The following examples show how to use
org.wso2.carbon.identity.application.mgt.ApplicationManagementService.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SCIMUserManager.java From carbon-identity with Apache License 2.0 | 6 votes |
private ServiceProvider getServiceProvider(boolean isBulkUserAdd) throws CharonException { ThreadLocalProvisioningServiceProvider threadLocalSP = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); //isBulkUserAdd is true indicates bulk user add if (isBulkUserAdd) { threadLocalSP.setBulkUserAdd(true); } try { if (threadLocalSP.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { return ApplicationManagementService.getInstance().getServiceProviderByClientId( threadLocalSP.getServiceProviderName(), "oauth2", threadLocalSP.getTenantDomain()); } else { return ApplicationManagementService.getInstance().getServiceProvider( threadLocalSP.getServiceProviderName(), threadLocalSP.getTenantDomain()); } } catch (IdentityApplicationManagementException e) { throw new CharonException("Error retrieving Service Provider. ", e); } }
Example #2
Source File: ApplicationManagementServiceComponent.java From carbon-identity with Apache License 2.0 | 6 votes |
protected void activate(ComponentContext context) { try { bundleContext = context.getBundleContext(); // Registering Application management service as a OSGIService bundleContext.registerService(ApplicationManagementService.class.getName(), ApplicationManagementServiceImpl.getInstance(), null); bundleContext.registerService(IdentityProviderMgtListener.class.getName(), new ApplicationIdentityProviderMgtListener(), null); bundleContext.registerService(ApplicationMgtListener.class.getName(), new ApplicationMgtValidationListener(), null); ApplicationMgtSystemConfig.getInstance(); bundleContext.registerService(ApplicationMgtListener.class.getName(), new ApplicationMgtAuditLogger(), null); buildFileBasedSPList(); if (log.isDebugEnabled()) { log.debug("Identity ApplicationManagementComponent bundle is activated"); } } catch (Exception e) { log.error("Error while activating ApplicationManagementComponent bundle", e); } }
Example #3
Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 6 votes |
private String getSubjectClaimUri(OAuthTokenReqMessageContext request) { ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder .getApplicationMgtService(); ServiceProvider serviceProvider = null; try { String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); String spName = applicationMgtService.getServiceProviderNameByClientId(request.getOauth2AccessTokenReqDTO() .getClientId(), INBOUND_AUTH2_TYPE, tenantDomain); serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName, tenantDomain); if (serviceProvider != null) { return serviceProvider.getLocalAndOutBoundAuthenticationConfig().getSubjectClaimUri(); } } catch (IdentityApplicationManagementException ex) { log.error("Error while getting service provider information.", ex); } return null; }
Example #4
Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 6 votes |
private String getSubjectClaimUri(OAuthAuthzReqMessageContext request) { ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder .getApplicationMgtService(); ServiceProvider serviceProvider = null; try { String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); String spName = applicationMgtService.getServiceProviderNameByClientId(request.getAuthorizationReqDTO() .getConsumerKey(), INBOUND_AUTH2_TYPE, tenantDomain); serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName, tenantDomain); if (serviceProvider != null) { return serviceProvider.getLocalAndOutBoundAuthenticationConfig().getSubjectClaimUri(); } } catch (IdentityApplicationManagementException ex) { log.error("Error while getting service provider information.", ex); } return null; }
Example #5
Source File: UIBasedConfigurationBuilder.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
public SequenceConfig getSequence(String reqType, String clientId, String tenantDomain) throws FrameworkException { ApplicationManagementService appInfo = ApplicationManagementService.getInstance(); // special case for OpenID Connect, these clients are stored as OAuth2 clients if ("oidc".equals(reqType)) { reqType = "oauth2"; } ServiceProvider serviceProvider; try { serviceProvider = appInfo.getServiceProviderByClientId(clientId, reqType, tenantDomain); } catch (IdentityApplicationManagementException e) { throw new FrameworkException(e.getMessage(), e); } return uiBasedConfigurationLoader.getSequence(serviceProvider, tenantDomain); }
Example #6
Source File: AbstractRequestCoordinator.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
/** * Returns the service provider form persistence layer. */ protected ServiceProvider getServiceProvider(String reqType, String clientId, String tenantDomain) throws FrameworkException { ApplicationManagementService appInfo = ApplicationManagementService.getInstance(); // special case for OpenID Connect, these clients are stored as OAuth2 clients if ("oidc".equals(reqType)) { reqType = "oauth2"; } ServiceProvider serviceProvider; try { serviceProvider = appInfo.getServiceProviderByClientId(clientId, reqType, tenantDomain); } catch (IdentityApplicationManagementException e) { throw new FrameworkException("Error occurred while retrieving service provider for client ID: " + clientId + " and tenant: " + tenantDomain, e); } return serviceProvider; }
Example #7
Source File: SCIMUserManager.java From carbon-identity with Apache License 2.0 | 6 votes |
private String getUserStoreDomainFromSP() throws IdentityApplicationManagementException { ThreadLocalProvisioningServiceProvider threadLocalSP = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); ServiceProvider serviceProvider = null; if (threadLocalSP.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderByClientId( threadLocalSP.getServiceProviderName(), "oauth2", threadLocalSP.getTenantDomain()); } else { serviceProvider = ApplicationManagementService.getInstance().getServiceProvider( threadLocalSP.getServiceProviderName(), threadLocalSP.getTenantDomain()); } if (serviceProvider != null && serviceProvider.getInboundProvisioningConfig() != null && !StringUtils.isBlank(serviceProvider.getInboundProvisioningConfig().getProvisioningUserStore())) { return serviceProvider.getInboundProvisioningConfig().getProvisioningUserStore(); } return null; }
Example #8
Source File: OAuth2ServiceComponent.java From carbon-identity with Apache License 2.0 | 5 votes |
/** * Set Application management service implementation * * @param applicationMgtService Application management service */ protected void setApplicationMgtService(ApplicationManagementService applicationMgtService) { if (log.isDebugEnabled()) { log.debug("ApplicationManagementService set in Identity OAuth2ServiceComponent bundle"); } OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService); }
Example #9
Source File: ConfigurationFacade.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
/** * Returns the sequence config with given parameters. * @param reqType * @param relyingParty * @param tenantDomain * @return * @throws FrameworkException * TODO: Test this. * @deprecated Please use #getSequenceConfig(AuthenticationContext, Map) instead. */ @Deprecated public SequenceConfig getSequenceConfig(String reqType, String relyingParty, String tenantDomain) throws FrameworkException { ApplicationManagementService appInfo = ApplicationManagementService.getInstance(); // special case for OpenID Connect, these clients are stored as OAuth2 clients if ("oidc".equals(reqType)) { reqType = "oauth2"; } ServiceProvider serviceProvider; try { serviceProvider = appInfo.getServiceProviderByClientId(relyingParty, reqType, tenantDomain); } catch (IdentityApplicationManagementException e) { throw new FrameworkException(e.getMessage(), e); } if (serviceProvider == null) { throw new FrameworkException("ServiceProvider cannot be null"); } AuthenticationStep[] authenticationSteps = serviceProvider.getLocalAndOutBoundAuthenticationConfig() .getAuthenticationSteps(); return uiBasedConfigurationLoader.getSequence(serviceProvider, tenantDomain, authenticationSteps); }
Example #10
Source File: OAuth2ServiceComponent.java From carbon-identity with Apache License 2.0 | 5 votes |
/** * Unset Application management service implementation * * @param applicationMgtService Application management service */ protected void unsetApplicationMgtService(ApplicationManagementService applicationMgtService) { if (log.isDebugEnabled()) { log.debug("ApplicationManagementService unset in Identity OAuth2ServiceComponent bundle"); } OAuth2ServiceComponentHolder.setApplicationMgtService(null); }
Example #11
Source File: ApplicationMgtOSGIServiceFactory.java From identity-api-server with Apache License 2.0 | 5 votes |
@Override protected ApplicationManagementService createInstance() throws Exception { if (this.applicationManagementService == null) { ApplicationManagementService taskOperationService = (ApplicationManagementService) PrivilegedCarbonContext. getThreadLocalCarbonContext().getOSGiService(ApplicationManagementService.class, null); if (taskOperationService != null) { this.applicationManagementService = taskOperationService; } else { throw new Exception("Unable to retrieve applicationManagementService service."); } } return this.applicationManagementService; }
Example #12
Source File: ApplicationManagementServiceComponent.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
@Activate protected void activate(ComponentContext context) { try { bundleContext = context.getBundleContext(); // Registering Application management service as a OSGIService bundleContext.registerService(ApplicationManagementService.class.getName(), ApplicationManagementServiceImpl.getInstance(), null); bundleContext.registerService(IdentityProviderMgtListener.class.getName(), new ApplicationIdentityProviderMgtListener(), null); ApplicationMgtSystemConfig.getInstance(); bundleContext.registerService(ApplicationMgtListener.class.getName(), new ApplicationMgtAuditLogger(), null); bundleContext.registerService(DefaultAuthSeqMgtService.class.getName(), DefaultAuthSeqMgtServiceImpl.getInstance(), null); // Register the DefaultApplicationResourceMgtListener. context.getBundleContext().registerService(ApplicationResourceManagementListener.class, new DefaultApplicationResourceMgtListener(), null); bundleContext.registerService(DiscoverableApplicationManager.class.getName(), new DiscoverableApplicationManagerImpl(), null); buildFileBasedSPList(); loadAuthenticationTemplates(); if (log.isDebugEnabled()) { log.debug("Identity ApplicationManagementComponent bundle is activated"); } } catch (Exception e) { log.error("Error while activating ApplicationManagementComponent bundle", e); } }
Example #13
Source File: DefaultAuthSeqMgtServiceImpl.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
private Map<String, Property[]> getAllLocalAuthenticators(String tenantDomain) throws IdentityApplicationManagementException { ApplicationManagementService applicationMgtService = ApplicationManagementService.getInstance(); return Arrays.stream(applicationMgtService .getAllLocalAuthenticators(tenantDomain)) .collect(Collectors.toMap(LocalAuthenticatorConfig::getName, LocalAuthenticatorConfig::getProperties)); }
Example #14
Source File: PassiveSTSService.java From carbon-identity with Apache License 2.0 | 4 votes |
private void setReplyToURL(RequestToken request) { String wreply = request.getReplyTo(); // if(wreply != null) { // log.debug("Request contains ReplyTo URL : " + wreply + // ". Skip setting ReplyTo URL from Realm (Service Provider config)"); // return; // } String realm = request.getRealm(); if (realm == null) { log.debug("Request does not contains Realm. Skip setting ReplyTo URL from Realm (Service Provider config)"); return; } ServiceProvider sp = null; try { String tenantDomain = request.getTenantDomain(); if (tenantDomain ==null || tenantDomain.trim().length() == 0) { tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); request.setTenantDomain(tenantDomain); } if(log.isDebugEnabled()) { log.debug("Retrieving wreply url for : " + realm + " in tenant : " + tenantDomain); } sp = ApplicationManagementService.getInstance(). getServiceProviderByClientId(realm, "passivests", tenantDomain); } catch (IdentityApplicationManagementException e) { log.error("Error while retrieving Service Provider corresponding to Realm : " + realm + ". Skip setting ReplyTo URL from Realm (Service Provider config)", e); return; } if(sp == null) { log.error("Cannot find Service Provider corresponding to Realm : " + realm + ". Skip setting ReplyTo URL from Realm (Service Provider config)"); } InboundAuthenticationRequestConfig[] inboundAuthenticationConfigs = sp.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs(); if(inboundAuthenticationConfigs != null) { for (int i = 0; i < inboundAuthenticationConfigs.length; i++) { if ("passivests".equalsIgnoreCase(inboundAuthenticationConfigs[i].getInboundAuthType())) { // get wreply url from properties Property[] properties = inboundAuthenticationConfigs[i].getProperties(); if (properties != null) { for (int j = 0; j < properties.length; j++) { if("passiveSTSWReply".equalsIgnoreCase(properties[j].getName())) { wreply = properties[j].getValue(); if (wreply != null && !wreply.isEmpty()) { if (log.isDebugEnabled()) { log.debug("Setting ReplyTo URL : " + wreply + " for Realm : " + realm); } request.setReplyTo(wreply); } return; } } } if(log.isDebugEnabled()) { log.debug("WReply URL does not specified for Realm : " + realm + " in Service Provider configs"); } return; } } } }
Example #15
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUserClaimValue(String userName, String attributeToDelete, String profileName, UserStoreManager userStoreManager) throws UserStoreException { Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH, outboundAttributes); Map<String, String> inboundAttributes = new HashMap<>(); inboundAttributes.put(attributeToDelete, ""); // set the in-bound attribute list. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #16
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUserClaimValues(String userName, String[] attributesToDelete, String profileName, UserStoreManager userStoreManager) throws UserStoreException { Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH, outboundAttributes); Map<String, String> inboundAttributes = new HashMap<>(); for (int i = 0; i < attributesToDelete.length; i++) { inboundAttributes.put(attributesToDelete[i], ""); } ; // set the in-bound attribute list. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #17
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays .asList(new String[]{userName})); String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.DELETE, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #18
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPostUpdateUserListOfRole(String roleName, String[] deletedUsers, String[] newUsers, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } String[] userList = userStoreManager.getUserListOfRole(roleName); Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(new String[]{roleName})); outboundAttributes.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(userList)); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.NEW_USER_CLAIM_URI, null, null, false), Arrays .asList(newUsers)); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.DELETED_USER_CLAIM_URI, null, null, false), Arrays.asList(deletedUsers)); String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to role : " + roleName); } String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.PUT, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the group. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #19
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreAddRole(String roleName, String[] userList, Permission[] permissions, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (roleName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(new String[]{roleName})); } if (userList != null && userList.length > 0) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays .asList(userList)); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + roleName); } String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.POST, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the group. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #20
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteRole(String roleName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (roleName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(new String[]{roleName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + roleName); } String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.DELETE, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the group. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #21
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPostUpdateCredential(String userName, Object credential, UserStoreManager userStoreManager) throws UserStoreException { Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<ClaimMapping, List<String>>(); if (credential != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.PASSWORD_CLAIM_URI, null, null, false), Arrays.asList(credential.toString())); } if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(userName)); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), "oauth2", tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #22
Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 4 votes |
/** * Get claims from user store * * @param requestMsgCtx Token request message context * @return Users claim map * @throws Exception */ private static Map<String, Object> getClaimsFromUserStore(OAuthTokenReqMessageContext requestMsgCtx) throws UserStoreException, IdentityApplicationManagementException, IdentityException { String username = requestMsgCtx.getAuthorizedUser().toString(); String tenantDomain = requestMsgCtx.getAuthorizedUser().getTenantDomain(); UserRealm realm; List<String> claimURIList = new ArrayList<String>(); Map<String, Object> mappedAppClaims = new HashMap<String, Object>(); ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService(); String spName = applicationMgtService .getServiceProviderNameByClientId(requestMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), INBOUND_AUTH2_TYPE, tenantDomain); ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName, tenantDomain); if (serviceProvider == null) { return mappedAppClaims; } realm = IdentityTenantUtil.getRealm(tenantDomain, username); if (realm == null) { log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain + " and user " + username); return new HashMap<>(); } Map<String, String> spToLocalClaimMappings; UserStoreManager userStoreManager = realm.getUserStoreManager(); ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings(); if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) { for (ClaimMapping mapping : requestedLocalClaimMap) { if (mapping.isRequested()) { claimURIList.add(mapping.getLocalClaim().getClaimUri()); } } if (log.isDebugEnabled()) { log.debug("Requested number of local claims: " + claimURIList.size()); } spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon( SP_DIALECT, null, tenantDomain, false); Map<String, String> userClaims = null; try { userClaims = userStoreManager.getUserClaimValues( MultitenantUtils.getTenantAwareUsername(username), claimURIList.toArray(new String[claimURIList.size()]), null); } catch (UserStoreException e) { if (e.getMessage().contains("UserNotFound")) { if (log.isDebugEnabled()) { log.debug("User " + username + " not found in user store"); } } else { throw e; } } if (log.isDebugEnabled()) { log.debug("Number of user claims retrieved from user store: " + userClaims.size()); } if (MapUtils.isEmpty(userClaims)) { return new HashMap<>(); } for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator .hasNext(); ) { Map.Entry<String, String> entry = iterator.next(); String value = userClaims.get(entry.getValue()); if (value != null) { mappedAppClaims.put(entry.getKey(), value); if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) { log.debug("Mapped claim: key - " + entry.getKey() + " value -" + value); } } } String domain = IdentityUtil.extractDomainFromName(username); RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(domain) .getRealmConfiguration(); String claimSeparator = realmConfiguration.getUserStoreProperty( IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR); if (StringUtils.isNotBlank(claimSeparator)) { mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator); } } return mappedAppClaims; }
Example #23
Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 4 votes |
private static Map<String, Object> getClaimsFromUserStore(OAuthAuthzReqMessageContext requestMsgCtx) throws IdentityApplicationManagementException, IdentityException, UserStoreException, ClaimManagementException { AuthenticatedUser user = requestMsgCtx.getAuthorizationReqDTO().getUser(); String tenantDomain = requestMsgCtx.getAuthorizationReqDTO().getUser().getTenantDomain(); UserRealm realm; List<String> claimURIList = new ArrayList<String>(); Map<String, Object> mappedAppClaims = new HashMap<String, Object>(); ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService(); String spName = applicationMgtService .getServiceProviderNameByClientId(requestMsgCtx.getAuthorizationReqDTO().getConsumerKey(), INBOUND_AUTH2_TYPE, tenantDomain); ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName, tenantDomain); if (serviceProvider == null) { return mappedAppClaims; } realm = IdentityTenantUtil.getRealm(tenantDomain, user.toString()); if (realm == null) { log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain + " and user " + user); return new HashMap<>(); } Map<String, String> spToLocalClaimMappings; UserStoreManager userStoreManager = realm.getUserStoreManager(); ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings(); if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) { for (ClaimMapping mapping : requestedLocalClaimMap) { if (mapping.isRequested()) { claimURIList.add(mapping.getLocalClaim().getClaimUri()); } } if (log.isDebugEnabled()) { log.debug("Requested number of local claims: " + claimURIList.size()); } spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon( SP_DIALECT, null, tenantDomain, false); Map<String, String> userClaims = null; try { userClaims = userStoreManager.getUserClaimValues(UserCoreUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()), claimURIList.toArray(new String[claimURIList.size()]),null); } catch (UserStoreException e) { if (e.getMessage().contains("UserNotFound")) { if (log.isDebugEnabled()) { log.debug("User " + user + " not found in user store"); } } else { throw e; } } if (log.isDebugEnabled()) { log.debug("Number of user claims retrieved from user store: " + userClaims.size()); } if (MapUtils.isEmpty(userClaims)) { return new HashMap<>(); } for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator .hasNext(); ) { Map.Entry<String, String> entry = iterator.next(); String value = userClaims.get(entry.getValue()); if (value != null) { mappedAppClaims.put(entry.getKey(), value); if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) { log.debug("Mapped claim: key - " + entry.getKey() + " value -" + value); } } } RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(user.getUserStoreDomain()) .getRealmConfiguration(); String claimSeparator = realmConfiguration.getUserStoreProperty( IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR); if (StringUtils.isNotBlank(claimSeparator)) { mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator); } } return mappedAppClaims; }
Example #24
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity with Apache License 2.0 | 4 votes |
@Override public boolean doPreAddUser(String userName, Object credential, String[] roleList, Map<String, String> inboundAttributes, String profile, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (credential != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.PASSWORD_CLAIM_URI, null, null, false), Arrays.asList(new String[]{((StringBuffer) credential).toString()})); } if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } if (roleList != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(roleList)); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.POST, outboundAttributes); // set the in-bound attribute list.in this particular case this is in the wso2.org claim // dialect. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #25
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPreAddUser(String userName, Object credential, String[] roleList, Map<String, String> inboundAttributes, String profile, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (credential != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.PASSWORD_CLAIM_URI, null, null, false), Arrays.asList(new String[]{((StringBuffer) credential).toString()})); } if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } if (roleList != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(roleList)); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.POST, outboundAttributes); // set the in-bound attribute list.in this particular case this is in the wso2.org claim // dialect. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #26
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPreSetUserClaimValues(String userName, Map<String, String> inboundAttributes, String profileName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PUT, outboundAttributes); // set the in-bound attribute list. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #27
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUserClaimValues(String userName, String[] attributesToDelete, String profileName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable() || ArrayUtils.isEmpty(attributesToDelete)) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH, outboundAttributes); Map<String, String> inboundAttributes = new HashMap<>(); for (int i = 0; i < attributesToDelete.length; i++) { inboundAttributes.put(attributesToDelete[i], ""); } ; // set the in-bound attribute list. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #28
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUserClaimValue(String userName, String attributeToDelete, String profileName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); if (userName != null) { outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(new String[]{userName})); } String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH, outboundAttributes); Map<String, String> inboundAttributes = new HashMap<>(); inboundAttributes.put(attributeToDelete, ""); // set the in-bound attribute list. provisioningEntity.setInboundAttributes(inboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the user. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #29
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays .asList(new String[]{userName})); String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to user : " + userName); } String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.DELETE, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }
Example #30
Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Override public boolean doPostUpdateUserListOfRole(String roleName, String[] deletedUsers, String[] newUsers, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } String[] userList = userStoreManager.getUserListOfRole(roleName); Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>(); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays .asList(new String[]{roleName})); outboundAttributes.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays.asList(userList)); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.NEW_USER_CLAIM_URI, null, null, false), Arrays .asList(newUsers)); outboundAttributes.put(ClaimMapping.build( IdentityProvisioningConstants.DELETED_USER_CLAIM_URI, null, null, false), Arrays.asList(deletedUsers)); String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (log.isDebugEnabled()) { log.debug("Adding domain name : " + domainName + " to role : " + roleName); } String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName); ProvisioningEntity provisioningEntity = new ProvisioningEntity( ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.PUT, outboundAttributes); String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); ThreadLocalProvisioningServiceProvider threadLocalServiceProvider; threadLocalServiceProvider = IdentityApplicationManagementUtil .getThreadLocalProvisioningServiceProvider(); if (threadLocalServiceProvider != null) { String serviceProvider = threadLocalServiceProvider.getServiceProviderName(); tenantDomainName = threadLocalServiceProvider.getTenantDomain(); if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) { try { serviceProvider = ApplicationManagementService.getInstance() .getServiceProviderNameByClientId( threadLocalServiceProvider.getServiceProviderName(), IdentityApplicationConstants.OAuth2.NAME, tenantDomainName); } catch (IdentityApplicationManagementException e) { log.error("Error while provisioning", e); return true; } } // call framework method to provision the user. OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProvider, threadLocalServiceProvider.getClaimDialect(), tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning()); } else { // call framework method to provision the group. OutboundProvisioningManager.getInstance() .provision(provisioningEntity, ApplicationConstants.LOCAL_SP, IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false); } return true; }