org.wso2.carbon.idp.mgt.IdentityProviderManagementException Java Examples

/**
 * Get the configurations of a tenant from cache or database
 *
 * @param tenantDomain Domain name of the tenant
 * @return Configurations belong to the tenant
 */
private static Property[] getResidentIdpConfiguration(String tenantDomain) throws FrameworkException {

    IdpManager identityProviderManager = IdentityProviderManager.getInstance();
    IdentityProvider residentIdp = null;
    try {
        residentIdp = identityProviderManager.getResidentIdP(tenantDomain);
    } catch (IdentityProviderManagementException e) {
        String errorMsg = String.format("Error while retrieving resident Idp for %s tenant.", tenantDomain);
        throw new FrameworkException(errorMsg, e);
    }
    IdentityProviderProperty[] identityMgtProperties = residentIdp.getIdpProperties();
    Property[] configMap = new Property[identityMgtProperties.length];
    int index = 0;
    for (IdentityProviderProperty identityMgtProperty : identityMgtProperties) {
        if (ALREADY_WRITTEN_PROPERTY.equals(identityMgtProperty.getName())) {
            continue;
        }
        Property property = new Property();
        property.setName(identityMgtProperty.getName());
        property.setValue(identityMgtProperty.getValue());
        configMap[index] = property;
        index++;
    }
    return configMap;
}
 

@Override
public boolean doPreDeleteIdP(String idPName, String tenantDomain) throws IdentityProviderManagementException {

    if (StringUtils.isEmpty(idPName)) {
        throw new IllegalArgumentException("Invalid argument: Identity Provider Name value is empty");
    }

    String loggedInTenant = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();

    if (IdentityApplicationConstants.RESIDENT_IDP_RESERVED_NAME.equals(idPName)) {
        if (StringUtils.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, tenantDomain)) {
            throw new IdentityProviderManagementException("Cannot delete Resident Identity Provider of Super " +
                    "Tenant");
        } else if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME != loggedInTenant) {
            throw new IdentityProviderManagementException("Tenant user of " + loggedInTenant + " cannot delete " +
                    "Resident Identity Provider of tenant " + tenantDomain);
        } else {
            log.warn("Deleting Resident Identity Provider for tenant " + tenantDomain);
        }
    }

    return true;
}
 

/**
 * @param dbConnection
 * @param idpId
 * @param tenantId
 * @throws IdentityProviderManagementException
 * @throws SQLException
 */
private void deleteLocalIdPClaimValues(Connection dbConnection, int idpId, int tenantId)
        throws IdentityProviderManagementException, SQLException {

    PreparedStatement prepStmt = null;
    try {
        String sqlStmt = IdPManagementConstants.SQLQueries.DELETE_LOCAL_IDP_DEFAULT_CLAIM_VALUES_SQL;
        prepStmt = dbConnection.prepareStatement(sqlStmt);
        prepStmt.setInt(1, idpId);
        prepStmt.setInt(2, tenantId);

        prepStmt.executeUpdate();
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);

    }
}
 

/**
 * @param tenantId
 * @param role
 * @param tenantDomain
 * @throws IdentityProviderManagementException
 */
public void deleteTenantRole(int tenantId, String role, String tenantDomain)
        throws IdentityProviderManagementException {

    log.debug("Removing all cached Identity Provider entries for tenant Domain " + tenantDomain);
    List<IdentityProvider> identityProviders = this.getIdPs(null, tenantId,
            tenantDomain);
    for (IdentityProvider identityProvider : identityProviders) {
        identityProvider = this.getIdPByName(null, identityProvider.getIdentityProviderName(),
                tenantId, tenantDomain);
        IdPNameCacheKey idPNameCacheKey = new IdPNameCacheKey(
                identityProvider.getIdentityProviderName(), tenantDomain);
        idPCacheByName.clearCacheEntry(idPNameCacheKey);
        if (identityProvider.getHomeRealmId() != null) {
            IdPHomeRealmIdCacheKey idPHomeRealmIdCacheKey = new IdPHomeRealmIdCacheKey(
                    identityProvider.getHomeRealmId(), tenantDomain);
            idPCacheByHRI.clearCacheEntry(idPHomeRealmIdCacheKey);
        }
    }

    idPMgtDAO.deleteTenantRole(tenantId, role, tenantDomain);
}
 

/**
 * Get meta information about a specific outbound provisioning connector supported by the IDPs.
 *
 * @param id Outbound Provisioning Connector ID.
 * @return MetaOutboundConnector.
 */
public MetaOutboundConnector getMetaOutboundConnector(String id) {

    String connectorName = base64URLDecode(id);
    MetaOutboundConnector connector = null;
    try {
        ProvisioningConnectorConfig[] connectorConfigs = IdentityProviderServiceHolder.getIdentityProviderManager()
                .getAllProvisioningConnectors();
        if (ArrayUtils.isNotEmpty(connectorConfigs)) {
            for (ProvisioningConnectorConfig connectorConfig : connectorConfigs) {
                if (StringUtils.equals(connectorConfig.getName(), connectorName)) {
                    connector = createMetaOutboundConnector(connectorConfig);
                    break;
                }
            }
        }
        return connector;
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_META_CONNECTOR, id);
    }
}
 

/**
 * Get meta information about Identity Provider's federated authenticators.
 *
 * @return list of meta federated authenticators.
 */
public List<MetaFederatedAuthenticatorListItem> getMetaFederatedAuthenticators() {

    List<MetaFederatedAuthenticatorListItem> metaAuthenticators = new ArrayList<>();
    try {
        FederatedAuthenticatorConfig[] authenticatorConfigs =
                IdentityProviderServiceHolder.getIdentityProviderManager()
                        .getAllFederatedAuthenticators();
        if (ArrayUtils.isNotEmpty(authenticatorConfigs)) {
            for (FederatedAuthenticatorConfig authenticatorConfig : authenticatorConfigs) {
                MetaFederatedAuthenticatorListItem metaFederatedAuthenticator =
                        createMetaFederatedAuthenticatorListItem(authenticatorConfig);
                metaAuthenticators.add(metaFederatedAuthenticator);
            }
        }
        return metaAuthenticators;
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_META_AUTHENTICATORS, null);
    }
}
 

public boolean doPreUpdateIdP(String oldIdPName, IdentityProvider identityProvider, String tenantDomain)
        throws IdentityProviderManagementException {

    if (identityProvider == null) {
        throw new IllegalArgumentException("Invalid argument: 'newIdentityProvider' is NULL\'");
    }
    if (StringUtils.isEmpty(oldIdPName)) {
        throw new IllegalArgumentException("The IdP name which need to be updated is empty");
    }

    if (StringUtils.isEmpty(identityProvider.getIdentityProviderName())) {
        String msg = "Invalid argument: The new value of the identity provider name is empty.";
        throw new IdentityProviderManagementException(msg);
    }

    //Updating a non-shared IdP's name to have shared prefix is not allowed
    if (!oldIdPName.startsWith(IdPManagementConstants.SHARED_IDP_PREFIX) &&
            identityProvider.getIdentityProviderName() != null && identityProvider
            .getIdentityProviderName().startsWith(IdPManagementConstants.SHARED_IDP_PREFIX)) {
        throw new IdentityProviderManagementException("Cannot update Idp name to have '" +
                IdPManagementConstants.SHARED_IDP_PREFIX + "' as a prefix (previous name:" + oldIdPName + ", " +
                "New name: " + identityProvider.getIdentityProviderName() + ")");
    }
    return true;
}
 

/**
 * Update federated authenticator of and IDP.
 *
 * @param idpId                Identity Provider resource ID.
 * @param authenticatorRequest Federated Authenticators Request.
 * @return FederatedAuthenticatorListResponse.
 */
public FederatedAuthenticatorListResponse updateFederatedAuthenticators(String idpId, FederatedAuthenticatorRequest
        authenticatorRequest) {

    try {
        IdentityProvider idp =
                IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(idpId, ContextLoader
                        .getTenantDomainFromContext(), true);
        if (idp == null) {
            throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
                    idpId);
        }
        // Need to create a clone, since modifying the fields of the original object, will modify the cached
        // IDP object.
        IdentityProvider idpToUpdate = createIdPClone(idp);
        updateFederatedAuthenticatorConfig(idpToUpdate, authenticatorRequest);

        IdentityProvider updatedIdp = IdentityProviderServiceHolder.getIdentityProviderManager()
                .updateIdPByResourceId(
                        idpId, idpToUpdate, ContextLoader.getTenantDomainFromContext());
        return createFederatedAuthenticatorResponse(updatedIdp);
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP, null);
    }
}
 

/**
 * Updates only root level attributes of IDP.
 *
 * @param identityProviderId Identity Provider resource ID.
 * @param patchRequest       Patch request in Json Patch notation See
 *                           <a href="https://tools.ietf.org/html/rfc6902">https://tools.ietf
 *                           .org/html/rfc6902</a>.
 *                           We support only Patch 'replace' operation on root level attributes of an Identity
 *                           Provider.
 */
public IdentityProviderResponse patchIDP(String identityProviderId, List<Patch> patchRequest) {

    try {
        IdentityProvider identityProvider =
                IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(identityProviderId,
                        ContextLoader.getTenantDomainFromContext(), true);
        if (identityProvider == null) {
            throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
                    identityProviderId);
        }
        IdentityProvider idpToUpdate = createIdPClone(identityProvider);
        processPatchRequest(patchRequest, idpToUpdate);
        IdentityProvider updatedIdP = IdentityProviderServiceHolder.getIdentityProviderManager()
                .updateIdPByResourceId(identityProviderId, idpToUpdate,
                        ContextLoader.getTenantDomainFromContext());
        return createIDPResponse(updatedIdP);

    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_IDP, identityProviderId);
    }
}
 

/**
 * Get an identity provider identified by resource ID.
 *
 * @param idpId IdP resource ID.
 * @return IdentityProviderGetResponse.
 */
public IdentityProviderResponse getIDP(String idpId) {

    try {
        IdentityProvider identityProvider =
                IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(idpId,
                        ContextLoader.getTenantDomainFromContext(), true);
        if (identityProvider == null) {
            throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
                    idpId);
        }
        return createIDPResponse(identityProvider);
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_IDP, idpId);
    }
}
 

/**
 * @param dbConnection
 * @param idpId
 * @param tenantId
 * @throws IdentityProviderManagementException
 * @throws SQLException
 */
private void deleteLocalIdPClaimValues(Connection dbConnection, int idpId, int tenantId)
        throws IdentityProviderManagementException, SQLException {

    PreparedStatement prepStmt = null;
    try {
        String sqlStmt = IdPManagementConstants.SQLQueries.DELETE_LOCAL_IDP_DEFAULT_CLAIM_VALUES_SQL;
        prepStmt = dbConnection.prepareStatement(sqlStmt);
        prepStmt.setInt(1, idpId);
        prepStmt.setInt(2, tenantId);

        prepStmt.executeUpdate();
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);

    }
}
 

@Override
public boolean doPostAddIdP(IdentityProvider identityProvider, String tenantDomain) throws
        IdentityProviderManagementException {
    String displayName = "Undefined";
    String idpName = "Undefined";
    if (identityProvider != null) {
        if(StringUtils.isNotEmpty(identityProvider.getDisplayName())){
            displayName = identityProvider.getDisplayName();
        }
        idpName = identityProvider.getIdentityProviderName();
    }
    audit.info(String.format(AUDIT_MESSAGE, getUser(), "add", UserCoreUtil.addTenantDomainToEntry(displayName,
            tenantDomain), idpName, SUCCESS));

    return true;
}
 

private void doAppointPrimary(Connection conn, int tenantId, String tenantDomain)
        throws SQLException, IdentityProviderManagementException {

    List<IdentityProvider> tenantIdPs = getIdPs(conn, tenantId, tenantDomain);
    if (!tenantIdPs.isEmpty()) {
        PreparedStatement prepStmt = null;
        try {
            String sqlStmt = IdPManagementConstants.SQLQueries.SWITCH_IDP_PRIMARY_ON_DELETE_SQL;
            prepStmt = conn.prepareStatement(sqlStmt);
            prepStmt.setString(1, IdPManagementConstants.IS_TRUE_VALUE);
            prepStmt.setInt(2, tenantId);
            prepStmt.setString(3, tenantIdPs.get(0).getIdentityProviderName());
            prepStmt.setString(4, IdPManagementConstants.IS_FALSE_VALUE);
            prepStmt.executeUpdate();
        } finally {
            IdentityDatabaseUtil.closeStatement(prepStmt);
        }
    } else {
        String msg = "No Identity Providers registered for tenant " + tenantDomain;
        log.warn(msg);
    }
}
 

/**
 * @param tenantId
 * @param claimURI
 * @param tenantDomain
 * @throws IdentityProviderManagementException
 */
public void deleteTenantClaimURI(int tenantId, String claimURI, String tenantDomain)
        throws IdentityProviderManagementException {

    log.debug("Removing all cached Identity Provider entries for tenant Domain " + tenantDomain);
    List<IdentityProvider> identityProviders = this.getIdPs(null, tenantId,
            tenantDomain);
    for (IdentityProvider identityProvider : identityProviders) {
        identityProvider = this.getIdPByName(null, identityProvider.getIdentityProviderName(),
                tenantId, tenantDomain);
        IdPNameCacheKey idPNameCacheKey = new IdPNameCacheKey(
                identityProvider.getIdentityProviderName(), tenantDomain);
        idPCacheByName.clearCacheEntry(idPNameCacheKey);
        if (identityProvider.getHomeRealmId() != null) {
            IdPHomeRealmIdCacheKey idPHomeRealmIdCacheKey = new IdPHomeRealmIdCacheKey(
                    identityProvider.getHomeRealmId(), tenantDomain);
            idPCacheByHRI.clearCacheEntry(idPHomeRealmIdCacheKey);
        }
        if (identityProvider.isPrimary()) {
            primaryIdPs.remove(tenantDomain);
        }
    }

    idPMgtDAO.deleteTenantRole(tenantId, claimURI, tenantDomain);
}
 

public static int getIdleSessionTimeOut(String tenantDomain) {

        IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
        int timeout = Integer.parseInt(IdentityApplicationConstants.SESSION_IDLE_TIME_OUT_DEFAULT);

        try {
            IdentityProvider identityProvider = identityProviderManager.getResidentIdP(tenantDomain);
            IdentityProviderProperty idpProperty = IdentityApplicationManagementUtil.getProperty(
                    identityProvider.getIdpProperties(), IdentityApplicationConstants.SESSION_IDLE_TIME_OUT);
            if (idpProperty != null) {
                timeout = Integer.parseInt(idpProperty.getValue());
            }
        } catch (IdentityProviderManagementException e) {
            log.error("Error when accessing the IdentityProviderManager for tenant : " + tenantDomain, e);
        }
        return timeout * 60;
    }
 

public boolean doPreDeleteIdPByResourceId(String resourceId, String tenantDomain) throws
        IdentityProviderManagementException {

    // Get IDP by resourceId.
    IdentityProvider idp = dao.getIdPByResourceId(resourceId, IdentityTenantUtil.getTenantId
            (tenantDomain), tenantDomain);
    if (idp != null) {
        String idpName = idp.getIdentityProviderName();
        // Invoking the pre-delete listeners.
        Collection<IdentityProviderMgtListener> listeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener listener : listeners) {
            if (listener.isEnable() && !listener.doPreDeleteIdP(idpName, tenantDomain)) {
                return false;
            }
        }
    }
    return true;
}
 

private String getIdentityProviderName(String tenantDomain, String idpId)
        throws FederatedAssociationManagerException {

    try {
        IdpManager idpManager = IdentityUserProfileServiceDataHolder.getInstance().getIdpManager();
        if (idpManager != null) {
            IdentityProvider identityProvider = idpManager.getIdPByResourceId(idpId, tenantDomain, false);
            return identityProvider.getIdentityProviderName();
        } else {
            if (log.isDebugEnabled()) {
                log.debug("The IdpManager service is not available in the runtime");
            }
            throw handleFederatedAssociationManagerServerException(ERROR_WHILE_RESOLVING_IDENTITY_PROVIDERS,
                    null, true);
        }
    } catch (IdentityProviderManagementException e) {
        if (log.isDebugEnabled()) {
            log.debug("Could not resolve the identity provider for the id: " + idpId
                    + ", in the tenant domain: " + tenantDomain);
        }
        throw handleFederatedAssociationManagerServerException(ERROR_WHILE_RESOLVING_IDENTITY_PROVIDERS,
                null, true);
    }
}
 

/**
 * Get Provisioning configuration. Includes JIT config and outbound provisioning connectors.
 *
 * @param idpId Identity Provider resource ID.
 * @return ProvisioningResponse.
 */
public ProvisioningResponse getProvisioningConfig(String idpId) {

    try {
        IdentityProvider identityProvider =
                IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(idpId, ContextLoader
                        .getTenantDomainFromContext(), true);
        if (identityProvider == null) {
            throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
                    idpId);
        }
        return createProvisioningResponse(identityProvider);
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_IDP_PROVISIONING, idpId);
    }
}
 

public void forceDeleteIdP(String idPName, int tenantId, String tenantDomain)
        throws IdentityProviderManagementException {

    if (log.isDebugEnabled()) {
        log.debug(String.format("Force deleting IDP:%s of tenantDomain:%s started.", idPName, tenantDomain));
    }

    // Remove cache entries related to the force deleted idps.
    IdentityProvider identityProvider = this.getIdPByName(null, idPName, tenantId, tenantDomain);
    if (identityProvider != null) {
        idPMgtDAO.forceDeleteIdP(idPName, tenantId, tenantDomain);
        clearIdpCache(idPName, tenantId, tenantDomain);
    } else {
        if (log.isDebugEnabled()) {
            log.debug(String.format("IDP:%s of tenantDomain:%s is not found is cache or DB", idPName, tenantDomain));
        }
    }

    if (log.isDebugEnabled()) {
        log.debug(String.format("Force deleting IDP:%s of tenantDomain:%s completed.", idPName,
                tenantDomain));
    }
}
 

public static int getRememberMeTimeout(String tenantDomain) {

        IdentityProviderManager identityProviderManager = IdentityProviderManager.getInstance();
        int rememberMeTimeout = Integer.parseInt(IdentityApplicationConstants.REMEMBER_ME_TIME_OUT_DEFAULT);

        try {
            IdentityProvider identityProvider = identityProviderManager.getResidentIdP(tenantDomain);
            IdentityProviderProperty idpProperty = IdentityApplicationManagementUtil.getProperty(
                    identityProvider.getIdpProperties(), IdentityApplicationConstants.REMEMBER_ME_TIME_OUT);
            if (idpProperty != null) {
                rememberMeTimeout = Integer.parseInt(idpProperty.getValue());
            }
        } catch (IdentityProviderManagementException e) {
            log.error("Error when accessing the IdentityProviderManager for tenant : " + tenantDomain, e);
        }
        return rememberMeTimeout * 60;
    }
 

/**
 * Returns the 'DisplayName' property of the federated authenticator identified by authenticator name.
 *
 * @param authenticatorName Federated authenticator name.
 * @return Display name of authenticator.
 */
private String getDisplayNameOfAuthenticator(String authenticatorName) {

    try {
        FederatedAuthenticatorConfig[] authenticatorConfigs =
                IdentityProviderServiceHolder.getIdentityProviderManager()
                        .getAllFederatedAuthenticators();
        for (FederatedAuthenticatorConfig config : authenticatorConfigs) {

            if (StringUtils.equals(config.getName(), authenticatorName)) {
                return config.getDisplayName();
            }
        }
    } catch (IdentityProviderManagementException e) {
        throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_ADDING_IDP, null);
    }
    return null;
}
 

/**
 * Verify whether the sent authenticatorId is a supported authenticator type by the server.
 *
 * @param federatedAuthenticatorId Federated Authenticator ID.
 * @return whether Authenticator is a supported one by the server.
 * @throws IdentityProviderManagementException IdentityProviderManagementException.
 */
private boolean isValidAuthenticator(String federatedAuthenticatorId) throws
        IdentityProviderManagementException {

    FederatedAuthenticatorConfig[] supportedAuthConfigs = IdentityProviderServiceHolder.getIdentityProviderManager()
            .getAllFederatedAuthenticators();
    if (supportedAuthConfigs != null) {
        String authenticatorName = base64URLDecode(federatedAuthenticatorId);
        for (FederatedAuthenticatorConfig supportedConfig : supportedAuthConfigs) {
            if (StringUtils.equals(supportedConfig.getName(), authenticatorName)) {
                return true;
            }
        }
    }
    return false;
}
 

/**
 * @param conn
 * @param idPId
 * @param tenantId
 * @param newRoleConfiguration
 * @param newRoleConfiguration
 * @throws SQLException
 * @throws IdentityProviderManagementException
 */
private void updateRoleConfiguration(Connection conn, int idPId, int tenantId,
                                     PermissionsAndRoleConfig newRoleConfiguration) throws SQLException,
        IdentityProviderManagementException {

    // delete all identity provider roles - this will also clean up idp role mappings.
    deleteAllIdPRoles(conn, idPId);

    if (newRoleConfiguration == null) {
        // bad data - we do not need to deal with.
        return;
    }

    // add identity provider roles.
    addIdPRoles(conn, idPId, tenantId, newRoleConfiguration.getIdpRoles());

    if (newRoleConfiguration.getRoleMappings() == null
            || newRoleConfiguration.getRoleMappings().length == 0) {
        // we do not have any role mappings in the system.
        return;
    }

    // add identity provider role mappings.
    addIdPRoleMappings(conn, idPId, tenantId, newRoleConfiguration.getRoleMappings());

}
 

@Override
public boolean doPostDeleteIdP(String idPName, String tenantDomain) throws IdentityProviderManagementException {

    if (log.isDebugEnabled()) {
        log.debug("doPostDeleteIdp executed for idp: " + idPName + " of tenantDomain: " + tenantDomain);
    }

    // Clear the SP cache since deleted IDP might have contained association with SPs.
    IdentityServiceProviderCache.getInstance().clear();
    if (log.isDebugEnabled()) {
        log.debug("IdentityServiceProvider Cache is cleared on post delete event of idp: " + idPName + " of " +
                "tenantDomain: " + tenantDomain);
    }

    return super.doPostDeleteIdP(idPName, tenantDomain);
}
 

private void updateApplicationWithFederatedAuthenticators(IdentityProvider identityProvider, String tenantDomain,
                                                          ServiceProvider serviceProvider,
                                                          LocalAndOutboundAuthenticationConfig
                                                                  localAndOutboundAuthConfig,
                                                          AuthenticationStep[] authSteps)
        throws IdentityApplicationManagementException, IdentityProviderManagementException {

    if (authSteps != null && authSteps.length != 0) {
        if (ApplicationConstants.AUTH_TYPE_FEDERATED
                .equalsIgnoreCase(localAndOutboundAuthConfig.getAuthenticationType())) {
            updateApplicationWithFederatedAuthenticator(identityProvider, tenantDomain,
                    serviceProvider, authSteps[0]);
        } else {
            updateApplicationWithMultiStepFederatedAuthenticator(identityProvider, authSteps);
        }
    }
}
 

@BeforeClass
protected void setupSuite() throws XMLStreamException, IdentityProviderManagementException {

    configurationLoader = new UIBasedConfigurationLoader();
    mockStatic(FrameworkUtils.class);
    mockStatic(ConfigurationFacade.class);
    ConfigurationFacade configurationFacade = mock(ConfigurationFacade.class);

    PowerMockito.when(ConfigurationFacade.getInstance()).thenReturn(configurationFacade);
    IdentityProvider identityProvider = getTestIdentityProvider("default-tp-1.xml");
    ExternalIdPConfig externalIdPConfig = new ExternalIdPConfig(identityProvider);
    Mockito.doReturn(externalIdPConfig).when(configurationFacade).getIdPConfigByName(Mockito.anyString(), Mockito
            .anyString());
    when(FrameworkUtils.isStepBasedSequenceHandlerExecuted(Mockito.any(AuthenticationContext.class)))
            .thenCallRealMethod();
    request = mock(HttpServletRequest.class);
    response = mock(HttpServletResponse.class);
    postJITProvisioningHandler = JITProvisioningPostAuthenticationHandler.getInstance();
    sp = getTestServiceProvider("default-sp-1.xml");
}
 

/**
 * @param tenantId
 * @param role
 * @param tenantDomain
 * @throws IdentityProviderManagementException
 */
public void deleteTenantRole(int tenantId, String role, String tenantDomain)
        throws IdentityProviderManagementException {

    log.debug("Removing all cached Identity Provider entries for tenant Domain " + tenantDomain);
    List<IdentityProvider> identityProviders = this.getIdPs(null, tenantId,
            tenantDomain);
    for (IdentityProvider identityProvider : identityProviders) {
        identityProvider = this.getIdPByName(null, identityProvider.getIdentityProviderName(),
                tenantId, tenantDomain);
        IdPNameCacheKey idPNameCacheKey = new IdPNameCacheKey(
                identityProvider.getIdentityProviderName(), tenantDomain);
        idPCacheByName.clearCacheEntry(idPNameCacheKey);
        if (identityProvider.getHomeRealmId() != null) {
            IdPHomeRealmIdCacheKey idPHomeRealmIdCacheKey = new IdPHomeRealmIdCacheKey(
                    identityProvider.getHomeRealmId(), tenantDomain);
            idPCacheByHRI.clearCacheEntry(idPHomeRealmIdCacheKey);
        }
        if (identityProvider.isPrimary()) {
            primaryIdPs.remove(tenantDomain);
        }
    }

    idPMgtDAO.deleteTenantRole(tenantId, role, tenantDomain);
}
 

/**
 * @param newIdentityProvider
 * @param currentIdentityProvider
 * @param tenantId
 * @throws IdentityProviderManagementException
 */
public void updateIdP(IdentityProvider newIdentityProvider,
                      IdentityProvider currentIdentityProvider, int tenantId)
        throws IdentityProviderManagementException {

    updateIdPWithResourceId(null, newIdentityProvider, currentIdentityProvider, tenantId);
}
 

/**
 * Update the service providers, with the default authenticator of the identity provider.
 *
 * @param identityProvider
 * @param tenantDomain
 * @param serviceProvider
 * @param authStep
 * @throws IdentityApplicationManagementException
 * @throws IdentityProviderManagementException
 */
private void updateApplicationWithFederatedAuthenticator(IdentityProvider identityProvider, String tenantDomain,
                                                         ServiceProvider serviceProvider,
                                                         AuthenticationStep authStep)
        throws IdentityApplicationManagementException, IdentityProviderManagementException {

    IdentityProvider fedIdp = authStep.getFederatedIdentityProviders()[0];
    if (StringUtils.equals(fedIdp.getIdentityProviderName(), identityProvider.getIdentityProviderName())) {

        String defaultAuthName = fedIdp.getDefaultAuthenticatorConfig().getName();
        if (identityProvider.getDefaultAuthenticatorConfig() != null) {
            String currentDefaultAuthName = identityProvider.getDefaultAuthenticatorConfig().getName();
            boolean isCurrentDefaultAuthEnabled = identityProvider.getDefaultAuthenticatorConfig().isEnabled();

            if (!StringUtils.equals(currentDefaultAuthName, defaultAuthName)) {
                FederatedAuthenticatorConfig currentDefaultAuthenticatorConfig = identityProvider
                        .getDefaultAuthenticatorConfig();
                fedIdp.setDefaultAuthenticatorConfig(currentDefaultAuthenticatorConfig);
                fedIdp.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[]
                        {currentDefaultAuthenticatorConfig});
                ApplicationMgtSystemConfig.getInstance().getApplicationDAO()
                        .updateApplication(serviceProvider, tenantDomain);
            } else if (!isCurrentDefaultAuthEnabled && StringUtils.equals(currentDefaultAuthName,
                    defaultAuthName)) {
                throw new IdentityProviderManagementException("Error in disabling default federated authenticator" +
                        " as it is referred by service providers.");
            }
        }
    }
}
 

/**
 * @param dbConnection
 * @param idpName
 * @param tenantId
 * @return
 * @throws SQLException
 * @throws IdentityProviderManagementException
 */
private int getIdentityProviderIdByName(Connection dbConnection, String idpName, int tenantId)
        throws SQLException, IdentityProviderManagementException {

    boolean dbConnInitialized = true;
    PreparedStatement prepStmt = null;
    ResultSet rs = null;
    if (dbConnection == null) {
        dbConnection = IdentityDatabaseUtil.getDBConnection(false);
    } else {
        dbConnInitialized = false;
    }
    try {

        String sqlStmt = IdPManagementConstants.SQLQueries.GET_IDP_ROW_ID_SQL;
        prepStmt = dbConnection.prepareStatement(sqlStmt);
        prepStmt.setInt(1, tenantId);
        prepStmt.setInt(2, MultitenantConstants.SUPER_TENANT_ID);
        prepStmt.setString(3, idpName);
        rs = prepStmt.executeQuery();
        if (rs.next()) {
            return rs.getInt(1);
        }
    } finally {
        if (dbConnInitialized) {
            IdentityDatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
        } else {
            IdentityDatabaseUtil.closeAllConnections(null, rs, prepStmt);
        }
    }
    return 0;
}