Java Code Examples for org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig#getInboundAuthKey()
The following examples show how to use
org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig#getInboundAuthKey() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ServerApplicationManagementService.java From identity-api-server with Apache License 2.0 | 6 votes |
|
private void doRollback(String applicationId, InboundAuthenticationRequestConfig updatedInbound) {
ServiceProvider serviceProvider = getServiceProvider(applicationId);
// Current inbound key. This will give us an idea whether updatedInbound was newly added or not.
String previousInboundKey = getInboundAuthKey(serviceProvider, updatedInbound.getInboundAuthType());
String attemptedInboundKeyForUpdate = updatedInbound.getInboundAuthKey();
if (!StringUtils.equals(previousInboundKey, attemptedInboundKeyForUpdate)) {
// This means the application was updated with a newly created inbound. So the updated inbound details
// could have been created before the update. Attempt to rollback by deleting any inbound configs created.
if (log.isDebugEnabled()) {
String inboundType = updatedInbound.getInboundAuthType();
log.debug("Removing inbound data related to inbound type: " + inboundType + " of application: "
+ applicationId + " as part of rollback.");
}
rollbackInbound(updatedInbound);
}
}
Example 2
| Source File: WSTrustInboundFunctions.java From identity-api-server with Apache License 2.0 | 6 votes |
|
public static void deleteWSTrustConfiguration(InboundAuthenticationRequestConfig inbound) {
try {
String trustedServiceAudience = inbound.getInboundAuthKey();
// Check if WS-Trust is deployed.
if (ApplicationManagementServiceHolder.getInstance().getStsAdminService() != null) {
ApplicationManagementServiceHolder.getInstance().getStsAdminService()
.removeTrustedService(trustedServiceAudience);
} else {
// Throw 404 error since the WS-Trust connector is not available.
throw buildNotFoundError(ERROR_CODE, ERROR_MESSAGE, ERROR_DESCRIPTION);
}
} catch (SecurityConfigException e) {
throw buildServerError("Error while trying to rollback WSTrust configuration. " + e.getMessage(), e);
}
}
Example 3
| Source File: DirectoryServerApplicationMgtListener.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPreDeleteApplication(String applicationName, String tenantDomain, String userName)
throws IdentityApplicationManagementException {
ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
ServiceProvider serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
if (serviceProvider != null &&
serviceProvider.getInboundAuthenticationConfig() != null &&
serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig()
.getInboundAuthenticationRequestConfigs();
for (InboundAuthenticationRequestConfig config : configs) {
if (KERBEROS.equalsIgnoreCase(config.getInboundAuthType()) && config.getInboundAuthKey() != null) {
DirectoryServerManager directoryServerManager = new DirectoryServerManager();
try {
directoryServerManager.removeServer(config.getInboundAuthKey());
} catch (DirectoryServerManagerException e) {
String error = "Error while removing a kerberos: " + config.getInboundAuthKey();
throw new IdentityApplicationManagementException(error, e);
}
break;
}
}
}
return true;
}
Example 4
| Source File: WSTrustInboundFunctions.java From identity-api-server with Apache License 2.0 | 5 votes |
|
public static WSTrustConfiguration getWSTrustConfiguration(InboundAuthenticationRequestConfig inboundAuth) {
String audience = inboundAuth.getInboundAuthKey();
try {
TrustedServiceData[] trustedServices;
// Check if WS-Trust is deployed.
if (ApplicationManagementServiceHolder.getInstance().getStsAdminService() != null) {
trustedServices =
ApplicationManagementServiceHolder.getInstance().getStsAdminService().getTrustedServices();
} else {
// Throw 404 error since the WS-Trust connector is not available.
throw buildNotFoundError(ERROR_CODE, ERROR_MESSAGE, ERROR_DESCRIPTION);
}
return Arrays.stream(trustedServices)
.filter(trustedServiceData -> StringUtils.equals(trustedServiceData.getServiceAddress(), audience))
.findAny()
.map(trustedServiceData -> new WSTrustConfiguration()
.audience(trustedServiceData.getServiceAddress())
.certificateAlias(trustedServiceData.getCertAlias()))
.orElse(null);
} catch (SecurityConfigException e) {
throw buildServerError("Error while retrieving WSTrust configuration for audience: " + audience, e);
}
}
Example 5
| Source File: SAMLInboundFunctions.java From identity-api-server with Apache License 2.0 | 5 votes |
|
public static SAML2ServiceProvider getSAML2ServiceProvider(InboundAuthenticationRequestConfig inboundAuth) {
String issuer = inboundAuth.getInboundAuthKey();
try {
SAMLSSOServiceProviderDTO serviceProvider = getSamlSsoConfigService().getServiceProvider(issuer);
if (serviceProvider != null) {
return new SAMLSSOServiceProviderToAPIModel().apply(serviceProvider);
} else {
return null;
}
} catch (IdentityException e) {
throw buildServerError("Error while retrieving service provider data for issuer: " + issuer, e);
}
}
Example 6
| Source File: SAMLInboundFunctions.java From identity-api-server with Apache License 2.0 | 5 votes |
|
public static void deleteSAMLServiceProvider(InboundAuthenticationRequestConfig inbound) {
try {
String issuer = inbound.getInboundAuthKey();
ApplicationManagementServiceHolder.getInstance().getSamlssoConfigService().removeServiceProvider(issuer);
} catch (IdentityException e) {
throw buildServerError("Error while trying to rollback SAML2 configuration. " + e.getMessage(), e);
}
}
Example 7
| Source File: OAuthInboundFunctions.java From identity-api-server with Apache License 2.0 | 5 votes |
|
public static OpenIDConnectConfiguration getOAuthConfiguration(InboundAuthenticationRequestConfig inboundAuth) {
String clientId = inboundAuth.getInboundAuthKey();
try {
OAuthConsumerAppDTO oauthApp =
ApplicationManagementServiceHolder.getInstance().getOAuthAdminService().getOAuthApplicationData
(clientId);
return new OAuthConsumerAppToApiModel().apply(oauthApp);
} catch (IdentityOAuthAdminException e) {
throw buildServerError("Error while retrieving oauth application for clientId: " + clientId, e);
}
}
Example 8
| Source File: OAuthInboundFunctions.java From identity-api-server with Apache License 2.0 | 5 votes |
|
public static void deleteOAuthInbound(InboundAuthenticationRequestConfig inbound) {
try {
String consumerKey = inbound.getInboundAuthKey();
ApplicationManagementServiceHolder.getInstance().getOAuthAdminService().removeOAuthApplicationData
(consumerKey);
} catch (IdentityOAuthAdminException e) {
throw buildServerError("Error while trying to rollback OAuth2/OpenIDConnect " +
"configuration." + e.getMessage(), e);
}
}
Example 9
| Source File: ApplicationMgtValidator.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Validate whether the configured inbound authentication key is already being used by another application.
*
* @param inboundConfig Inbound authentication request configuration.
* @param appId Application ID.
* @param tenantDomain Application tenant domain.
* @throws IdentityApplicationManagementException IdentityApplicationManagementException.
*/
private void validateInboundAuthKey(InboundAuthenticationRequestConfig inboundConfig, int appId, String
tenantDomain) throws IdentityApplicationManagementException {
if (inboundConfig == null) {
return;
}
/*
* We need to directly retrieve the application from DB since {@link ServiceProviderByInboundAuthCache} cache
* can have inconsistent applications stored against the <inbound-auth-key, inbound-auth-type, tenant-domain>
* cache key which is not unique.
*/
ApplicationDAO applicationDAO = new ApplicationDAOImpl();
String existingAppName = applicationDAO.getServiceProviderNameByClientId
(inboundConfig.getInboundAuthKey(), inboundConfig.getInboundAuthType(), CarbonContext
.getThreadLocalCarbonContext().getTenantDomain());
if (StringUtils.isBlank(existingAppName)) {
if (log.isDebugEnabled()) {
log.debug("Cannot find application name for the inbound auth key: " + inboundConfig
.getInboundAuthKey() + " of inbound auth type: " + inboundConfig.getInboundAuthType());
}
return;
}
ServiceProvider existingApp = applicationDAO.getApplication(existingAppName, tenantDomain);
if (existingApp != null && existingApp.getApplicationID() != appId) {
String msg = "Inbound key: '" + inboundConfig.getInboundAuthKey() + "' of inbound auth type: '" +
inboundConfig.getInboundAuthType() + "' is already configured for the application :'" +
existingApp.getApplicationName() + "'";
/*
* Since this is a conflict scenario, we need to use a different error code. Hence throwing an
* 'IdentityApplicationManagementClientException' here with the correct error code.
*/
throw buildClientException(IdentityApplicationConstants.Error.INBOUND_KEY_ALREADY_EXISTS, msg);
}
}
Example 10
| Source File: CacheBackedApplicationDAO.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private void clearAppCacheByInboundKey(ServiceProvider serviceProvider, String tenantDomain) {
if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider
.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig()
.getInboundAuthenticationRequestConfigs();
for (InboundAuthenticationRequestConfig config : configs) {
if (config.getInboundAuthKey() != null) {
ServiceProviderCacheInboundAuthKey clientKey = new ServiceProviderCacheInboundAuthKey(
config.getInboundAuthKey(), config.getInboundAuthType(), tenantDomain);
appCacheByInboundAuth.clearCacheEntry(clientKey);
}
}
}
}
Example 11
| Source File: ServerApplicationManagementService.java From identity-api-server with Apache License 2.0 | 4 votes |
|
public OpenIDConnectConfiguration regenerateOAuthApplicationSecret(String applicationId) {
InboundAuthenticationRequestConfig oauthInbound = getInboundAuthRequestConfig(applicationId, OAUTH2);
String clientId = oauthInbound.getInboundAuthKey();
return OAuthInboundFunctions.regenerateClientSecret(clientId);
}
Example 12
| Source File: ServerApplicationManagementService.java From identity-api-server with Apache License 2.0 | 4 votes |
|
public void revokeOAuthClient(String applicationId) {
InboundAuthenticationRequestConfig oauthInbound = getInboundAuthRequestConfig(applicationId, OAUTH2);
String clientId = oauthInbound.getInboundAuthKey();
OAuthInboundFunctions.revokeOAuthClient(clientId);
}
Example 13
| Source File: CacheBackedApplicationDAO.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
private void addToCache(ServiceProvider serviceProvider, String tenantDomain) throws
IdentityApplicationManagementException {
if (log.isDebugEnabled()) {
log.debug("Add cache for the application " + serviceProvider.getApplicationName() + "@" + tenantDomain);
}
try {
ApplicationMgtUtil.startTenantFlow(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
IdentityServiceProviderCacheKey nameKey = new IdentityServiceProviderCacheKey(serviceProvider
.getApplicationName(), tenantDomain);
IdentityServiceProviderCacheEntry nameEntry = new IdentityServiceProviderCacheEntry(serviceProvider);
appCacheByName.addToCache(nameKey, nameEntry);
ServiceProviderIDCacheKey idKey = new ServiceProviderIDCacheKey(serviceProvider.getApplicationID());
ServiceProviderIDCacheEntry idEntry = new ServiceProviderIDCacheEntry(serviceProvider);
appCacheByID.addToCache(idKey, idEntry);
ServiceProviderResourceIdCacheKey resourceIdCacheKey =
new ServiceProviderResourceIdCacheKey(serviceProvider.getApplicationResourceId());
ServiceProviderResourceIdCacheEntry entry = new ServiceProviderResourceIdCacheEntry(serviceProvider);
appCacheByResourceId.addToCache(resourceIdCacheKey, entry);
if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider
.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig()
.getInboundAuthenticationRequestConfigs();
for (InboundAuthenticationRequestConfig config : configs) {
if (config.getInboundAuthKey() != null) {
ServiceProviderCacheInboundAuthKey clientKey = new ServiceProviderCacheInboundAuthKey(
config.getInboundAuthKey(), config.getInboundAuthType(), tenantDomain);
ServiceProviderCacheInboundAuthEntry clientEntry = new ServiceProviderCacheInboundAuthEntry(
serviceProvider.getApplicationName(), tenantDomain);
appCacheByInboundAuth.addToCache(clientKey, clientEntry);
}
}
}
} finally {
ApplicationMgtUtil.endTenantFlow();
}
}
Example 14
| Source File: ApplicationDAOImpl.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* @param applicationId
* @param inBoundAuthenticationConfig
* @param connection
* @throws SQLException
*/
private void updateInboundAuthRequestConfiguration(int applicationId,
InboundAuthenticationConfig inBoundAuthenticationConfig, Connection connection)
throws SQLException {
int tenantID = CarbonContext.getThreadLocalCarbonContext().getTenantId();
PreparedStatement inboundAuthReqConfigPrepStmt = null;
try {
if (inBoundAuthenticationConfig == null
|| inBoundAuthenticationConfig.getInboundAuthenticationRequestConfigs() == null
|| inBoundAuthenticationConfig.getInboundAuthenticationRequestConfigs().length == 0) {
// no in-bound authentication requests defined.
return;
}
inboundAuthReqConfigPrepStmt = connection
.prepareStatement(ApplicationMgtDBQueries.STORE_CLIENT_INFO);
InboundAuthenticationRequestConfig[] authRequests = inBoundAuthenticationConfig
.getInboundAuthenticationRequestConfigs();
for (InboundAuthenticationRequestConfig authRequest : authRequests) {
if (authRequest == null || authRequest.getInboundAuthKey() == null
|| authRequest.getInboundAuthType() == null) {
log.warn("Invalid in-bound authentication request");
// not a valid authentication request. Must have client and a type.
continue;
}
// TENANT_ID, INBOUND_AUTH_KEY,INBOUND_AUTH_TYPE,PROP_NAME, PROP_VALUE, APP_ID
Property[] properties = authRequest.getProperties();
if (properties != null && properties.length > 0) {
for (Property prop : properties) {
inboundAuthReqConfigPrepStmt.setInt(1, tenantID);
inboundAuthReqConfigPrepStmt.setString(2,authRequest.getInboundAuthKey());
inboundAuthReqConfigPrepStmt.setString(3,authRequest.getInboundAuthType());
inboundAuthReqConfigPrepStmt.setString(4,prop.getName());
inboundAuthReqConfigPrepStmt.setString(5,prop.getValue());
inboundAuthReqConfigPrepStmt.setInt(6, applicationId);
inboundAuthReqConfigPrepStmt.addBatch();
}
} else {
inboundAuthReqConfigPrepStmt.setInt(1, tenantID);
inboundAuthReqConfigPrepStmt.setString(2,authRequest.getInboundAuthKey());
inboundAuthReqConfigPrepStmt.setString(3,authRequest.getInboundAuthType());
inboundAuthReqConfigPrepStmt.setString(4, null);
inboundAuthReqConfigPrepStmt.setString(5, null);
inboundAuthReqConfigPrepStmt.setInt(6, applicationId);
inboundAuthReqConfigPrepStmt.addBatch();
}
if (log.isDebugEnabled()) {
log.debug("Updating inbound authentication request configuration of the application "
+ applicationId
+ "inbound auth key: "
+ authRequest.getInboundAuthKey()
+ " inbound auth type: "
+ authRequest.getInboundAuthType());
}
}
inboundAuthReqConfigPrepStmt.executeBatch();
} finally {
IdentityApplicationManagementUtil.closeStatement(inboundAuthReqConfigPrepStmt);
}
}
