java source code of SAMLSSOUtil

Project: carbon-identity (GitHub Link)

carbon-identity-master
- pom.xml
- components
  - notification-mgt
    - pom.xml
    - org.wso2.carbon.identity.notification.mgt
      - src
        main
        resources
        msg-mgt.properties
        java
        org
        wso2
        carbon
        identity
        notification
        mgt
        NotificationManagementException.java
        NotificationMgtConstants.java
        EventDistributionTask.java
        AbstractNotificationSendingModule.java
        internal
        NotificationManagementServiceComponent.java
        NotificationManagementServiceDataHolder.java
        NotificationMgtConfigBuilder.java
        bean
        ModuleConfiguration.java
        Subscription.java
        PublisherEvent.java
        NotificationManagementUtils.java
        NotificationSendingModule.java
        NotificationSender.java
      - pom.xml
    - org.wso2.carbon.identity.notification.mgt.email
      - src
        main
        java
        org
        wso2
        carbon
        identity
        notification
        mgt
        email
        EmailSendingModule.java
        internal
        EmailMessageSendingServiceComponent.java
        EmailModuleConstants.java
        bean
        EmailEndpointInfo.java
        EmailSubscription.java
      - pom.xml
    - org.wso2.carbon.identity.notification.mgt.json
      - src
        main
        java
        org
        wso2
        carbon
        identity
        notification
        mgt
        json
        JsonMessageModule.java
        internal
        JsonMessageSendingServiceComponent.java
        JsonModuleConstants.java
        bean
        JsonEndpointInfo.java
        JsonSubscription.java
      - pom.xml
  - security-mgt
    - org.wso2.carbon.security.mgt.ui
      - src
        main
        resources
        web
        images
        users.jpg
        usergroups.jpg
        keystores1.jpg
        userstores.jpg
        keystores2.jpg
        menu.jpg
        securityconfig
        extensions
        js
        vui.js
        remove-security.jsp
        images
        ut-ks-advance.jsp
        index.jsp
        docs
        images
        userguide.html
        view-scenario-detail_ajaxprocessor.jsp
        add-security.jsp
        security_userguide.html
        keystoremgt
        delete-cert.jsp
        images
        list.gif
        view.gif
        edit.gif
        add.gif
        close.gif
        delete.gif
        import.gif
        keystore.gif
        add-keystore-step2.jsp
        keystore-mgt.jsp
        view-keystore.jsp
        import-cert.jsp
        add-keystore-step1.jsp
        add-keystore-finish.jsp
        docs
        images
        keystoremanagement.JPG
        adding-keystore.JPG
        userguide.html
        import-cert-finish.jsp
        delete-keystore.jsp
        SecurityConfigAdmin.wsdl
        META-INF
        component.xml
        org
        wso2
        carbon
        security
        ui
        i18n
        Resources.properties
        KeyStoreAdmin.wsdl
        java
        org
        wso2
        carbon
        security
        ui
        ServiceHolder.java
        client
        KeyStoreBean.java
        SecurityAdminClient.java
        KeyStoreAdminClient.java
        jsp
        SecurityUIUtil.java
        Util.java
        SecurityUIConstants.java
      - pom.xml
    - org.wso2.carbon.security.mgt
      - src
        main
        resources
        scenarios
        scenario14-policy.xml
        scenario10-policy.xml
        scenario20-policy.xml
        scenario31-policy.xml
        scenario4-policy.xml
        scenario17-policy.xml
        scenario5-policy.xml
        scenario11-policy.xml
        scenario9-policy.xml
        scenario-config.xml
        scenario33-policy.xml
        scenario8-policy.xml
        scenario3-policy.xml
        scenario6-policy.xml
        scenario13-policy.xml
        scenario22-policy.xml
        scenario1-policy.xml
        scenario21-policy.xml
        scenario7-policy.xml
        scenario15-policy.xml
        scenario2-policy.xml
        scenario16-policy.xml
        scenario12-policy.xml
        scenario32-policy.xml
        scenario34-policy.xml
        META-INF
        module.xml
        services.xml
        org
        wso2
        carbon
        security
        errors.properties
        wsdls
        STSAdmin.wsdl
        java
        org
        wso2
        carbon
        security
        SecurityConstants.java
        keystore
        KeyStoreAdmin.java
        service
        CertDataDetail.java
        CertData.java
        PaginatedCertData.java
        KeyStoreData.java
        KeyStoreAdminServiceImpl.java
        PaginatedKeyStoreData.java
        KeyStoreAdminInterface.java
        pox
        POXSecurityHandler.java
        POXSecurityModule.java
        util
        ServicePasswordCallbackHandler.java
        RahasUtil.java
        WSS4JUtil.java
        SecurityConfigParamBuilder.java
        RampartConfigUtil.java
        ClientUserPasswordCallbackHandler.java
        SecurityTokenStore.java
        XKMSCryptoClient.java
        XmlConfiguration.java
        SecurityPersistenceUtils.java
        KeyStoreMgtUtil.java
        ServerCrypto.java
        SecurityConfigException.java
        config
        SecurityServiceAdmin.java
        service
        SecurityScenarioData.java
        SecurityConfigAdminService.java
        SecurityScenarioDataWrapper.java
        SecurityConfigData.java
        KerberosConfigData.java
        SecurityConfigAdmin.java
        deployment
        SecurityDeploymentInterceptor.java
        SecurityDeploymentListener.java
        internal
        SecurityMgtServiceComponent.java
        SecurityAxis2ConfigurationContextObserver.java
        UserCredentialRetriever.java
        SecurityConfigParams.java
        sts
        service
        STSAdminServiceImpl.java
        STSAdminServiceInterface.java
        util
        TrustedServiceData.java
        SecurityScenarioDatabase.java
        SecurityServiceHolder.java
        SecurityScenario.java
      - pom.xml
    - pom.xml
  - sso-saml
    - org.wso2.carbon.identity.sso.saml
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        sso
        saml
        SAMLSSOService.java
        dto
        SAMLSSOAuthnReqDTO.java
        SAMLSSOSessionDTO.java
        SingleLogoutRequestDTO.java
        QueryParamDTO.java
        SAMLSSORespDTO.java
        SAMLSSOReqValidationResponseDTO.java
        SAMLSSOServiceProviderDTO.java
        SAMLSSOServiceProviderInfoDTO.java
        admin
        SAMLSSOConfigAdmin.java
        FileBasedConfigManager.java
        builders
        ErrorResponseBuilder.java
        SignKeyDataHolder.java
        DefaultResponseBuilder.java
        ResponseBuilder.java
        SingleLogoutMessageBuilder.java
        assertion
        SAMLAssertionBuilder.java
        DefaultSAMLAssertionBuilder.java
        signature
        SSOSigner.java
        DefaultSSOSigner.java
        X509CredentialImpl.java
        encryption
        SSOEncrypter.java
        DefaultSSOEncrypter.java
        validators
        SPInitSSOAuthnRequestValidator.java
        SAML2HTTPRedirectSignatureValidator.java
        IdPInitSSOAuthnRequestValidator.java
        SSOAuthnRequestValidator.java
        SAML2HTTPRedirectDeflateSignatureValidator.java
        logout
        LogoutRequestSender.java
        SAMLSSOConfigService.java
        SAMLSSOConstants.java
        processors
        SPInitSSOAuthnRequestProcessor.java
        IdPInitLogoutRequestProcessor.java
        SPInitSSOLogoutRequestProcessor.java
        IdpInitSSOLogoutRequestProcessor.java
        SPInitLogoutRequestProcessor.java
        SSOAuthnRequestProcessor.java
        IdPInitSSOAuthnRequestProcessor.java
        util
        SAMLSSOUtil.java
        CarbonEntityResolver.java
        exception
        IdentitySAML2SSOException.java
        internal
        IdentitySAMLSSOServiceComponent.java
        SSOServiceProviderConfigManager.java
        cache
        SAMLSSOParticipantCacheKey.java
        SAMLSSOSessionIndexCacheEntry.java
        SAMLSSOSessionIndexCache.java
        SessionDataCacheEntry.java
        CacheKey.java
        SessionDataCacheKey.java
        SAMLSSOParticipantCache.java
        SessionDataCache.java
        SAMLSSOParticipantCacheEntry.java
        SAMLSSOSessionIndexCacheKey.java
        CacheEntry.java
        servlet
        SAMLSSOProviderServlet.java
        session
        SessionInfoData.java
        SSOSessionPersistenceManager.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.sso.saml.common
      - src
        main
        java
        org
        wso2
        carbon
        identity
        sso
        saml
        common
        Util.java
        SAMLSSOProviderConstants.java
      - pom.xml
    - org.wso2.carbon.identity.sso.saml.ui
      - src
        main
        resources
        IdentitySAMLSSOConfigService.wsdl
        web
        sso-saml
        add_service_provider_finish.jsp
        images
        is-button-bg-hover.gif
        is-header-bg.gif
        is-home-bg.gif
        sso.gif
        policy.gif
        is-header-region-bg.gif
        is-header-logo.gif
        delete.gif
        import.gif
        add_service_provider.jsp
        manage_service_providers.jsp
        update_claims.jsp
        remove_service_providers.jsp
        docs
        userguide.html
        css
        main.css
        org
        wso2
        carbon
        identity
        sso
        saml
        ui
        i18n
        Resources.properties
        IdentitySAMLSSOService.wsdl
        java
        org
        wso2
        carbon
        identity
        sso
        saml
        ui
        ErrorResponseBuilder.java
        SAMLSSOProviderConfigBean.java
        client
        SAMLSSOConfigServiceClient.java
        SAMLSSOUIConstants.java
        SAMLSSOUIUtil.java
        session
        mgt
        FESessionManager.java
        FESessionBean.java
      - pom.xml
  - claim-mgt
    - pom.xml
    - org.wso2.carbon.claim.mgt
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        claim
        mgt
        dto
        ClaimDTO.java
        ClaimDialectDTO.java
        ClaimAttributeDTO.java
        ClaimMappingDTO.java
        ClaimManagerHandler.java
        ClaimAdminService.java
        ClaimManagementException.java
        ClaimDialect.java
        internal
        ClaimManagementServiceDataHolder.java
        ClaimManagementServiceComponent.java
        ClaimMapping.java
      - pom.xml
    - org.wso2.carbon.claim.mgt.ui
      - src
        main
        resources
        web
        claim-mgt
        add-dialect.jsp
        images
        list.gif
        add.gif
        delete.gif
        claimmgt.gif
        add-dialect-submit.jsp
        update-claim-submit.jsp
        remove-dialect.jsp
        index.jsp
        add-claim.jsp
        add-dialect-claim.jsp
        add-claim-submit.jsp
        claim-view.jsp
        update-claim.jsp
        docs
        userguide.html
        remove-claim.jsp
        META-INF
        component.xml
        ClaimManagementService.wsdl
        org
        wso2
        carbon
        claim
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        claim
        mgt
        ui
        client
        ClaimAdminClient.java
      - pom.xml
    - docs
      - design
        storyboards
        claim-mgt.html
        menu.html
        top.html
        index.html
  - identity-mgt
    - pom.xml
    - org.wso2.carbon.identity.mgt.ui
      - src
        main
        resources
        web
        identity-mgt
        forgot_password_secret_questions_final.jsp
        validator_ajaxprocessor.jsp
        email-template-config.jsp
        unlock_account.jsp
        forgot_password_step1.jsp
        update_credential.jsp
        challenges-set-mgt.jsp
        forgot_password_send_email.jsp
        images
        ajax-loader.gif
        keys.gif
        edit.gif
        body-bg.gif
        features-bg.gif
        add.gif
        delete.gif
        update_credential_final.jsp
        fail_unlock.jsp
        forgot_password_secret_questions_step1.jsp
        challenges-mgt-finish.jsp
        challenges-mgt.jsp
        forgot_password_step2.jsp
        account-recovery-finish.jsp
        fail_user_verification.jsp
        forgot_accountId_finish.jsp
        account-recovery.jsp
        forgot_password_secret_questions_step2.jsp
        expired_reset_link.jsp
        success_update.jsp
        forgot_accountId.jsp
        email-template-config-finish.jsp
        success_unlock.jsp
        forgot_root.jsp
        js
        treeview.css
        element-min.js
        update_credentials.js
        logger-min.js
        dom-min.js
        event-min.js
        treeview-debug.js
        TaskNode.js
        forgot_password.js
        fail_password_reset.jsp
        docs
        userguide.html
        css
        forgot-password.css
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        mgt
        ui
        AccountCredentialMgtConfigClient.java
        UserInformationRecoveryClient.java
        IdentityManagementAdminClient.java
        EmailConfigDTO.java
        IdentityManagementClient.java
      - pom.xml
    - org.wso2.carbon.identity.mgt
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        mgt
        password
        DefaultPasswordGenerator.java
        RandomPasswordGenerator.java
        dto
        UserClaimDTO.java
        UserRecoveryDataDO.java
        IdentityMetadataDO.java
        UserIdentityClaimDTO.java
        UserIdentityDTO.java
        UserDTO.java
        UserEvidenceDTO.java
        NotificationDataDTO.java
        UserChallengesDTO.java
        UserRecoveryDTO.java
        UserIdentityClaimsDO.java
        ChallengeQuestionIdsDTO.java
        ChallengeQuestionDTO.java
        UserChallengesSetDTO.java
        EmailTemplateDTO.java
        services
        AccountCredentialMgtConfigService.java
        UserIdentityManagementAdminService.java
        UserIdentityManagementService.java
        UserInformationRecoveryService.java
        beans
        VerificationBean.java
        UserIdentityMgtBean.java
        IdentityMgtConfigException.java
        mail
        EmailConfig.java
        EmailNotificationSender.java
        DefaultEmailSendingModule.java
        Notification.java
        AbstractEmailSendingModule.java
        EmailNotification.java
        NotificationData.java
        NotificationBuilder.java
        NotificationSender.java
        policy
        password
        DefaultPasswordNamePolicy.java
        DefaultPasswordWhitespacePolicy.java
        DefaultPasswordLengthPolicy.java
        DefaultPasswordPatternPolicy.java
        PolicyRegistry.java
        PolicyEnforcer.java
        AbstractPasswordPolicyEnforcer.java
        PolicyViolationException.java
        IdentityMgtConfig.java
        RecoveryProcessor.java
        util
        Utils.java
        UserIdentityManagementUtil.java
        store
        UserIdentityMetadataStore.java
        UserRecoveryDataStore.java
        UserStoreBasedIdentityDataStore.java
        RegistryCleanUpService.java
        JDBCIdentityDataStore.java
        UserIdentityDataStore.java
        JDBCUserRecoveryDataStore.java
        InMemoryIdentityDataStore.java
        RegistryRecoveryDataStore.java
        config
        RegistryConfigReader.java
        ConfigWriter.java
        ConfigManager.java
        EmailNotificationConfig.java
        EmailConfigTransformer.java
        ConfigReader.java
        ConfigManagerImpl.java
        AbstractConfigManager.java
        Config.java
        StorageType.java
        RegistryConfigWriter.java
        ConfigType.java
        ConfigBuilder.java
        constants
        IdentityMgtConstants.java
        internal
        IdentityMgtDeploymentInterceptor.java
        IdentityMgtServiceComponent.java
        IdentityMgtServiceException.java
        ChallengeQuestionProcessor.java
        listener
        UserOperationsNotificationListener.java
        IdentityMgtEventListener.java
        NotificationSendingModule.java
        NotificationSender.java
        test
        java
        org
        wso2
        carbon
        identity
        mgt
        policy
        password
        DefaultPasswordPatternPolicyTest.java
        DefaultPasswordWhitespacePolicyTest.java
        DefaultPasswordNamePolicyTest.java
        DefaultPasswordLengthPolicyTest.java
      - pom.xml
  - openid
    - pom.xml
    - org.wso2.carbon.identity.provider
      - src
        main
        resources
        META-INF
        services.xml
        wsdls
        XMPPConfigurationService.wsdl
        OpenIDProviderService.wsdl
        IdentityProviderAdminService.wsdl
        RelyingPartyAdminService.wsdl
        java
        org
        wso2
        carbon
        identity
        provider
        XMPPConfigurationService.java
        RequestedClaimData.java
        dto
        OpenIDSignInDTO.java
        UserProfileDTO.java
        PapeInfoRequestDTO.java
        OpenIDAuthResponseDTO.java
        PapeInfoResponseDTO.java
        OpenIDUserProfileDTO.java
        XMPPSettingsDTO.java
        OpenIDRememberMeDTO.java
        OpenIDUserRPDTO.java
        OpenIDAuthRequestDTO.java
        OpenIDClaimDTO.java
        OpenIDParameterDTO.java
        OpenIDProviderInfoDTO.java
        OpenIDProviderService.java
        AttributeCallbackHandler.java
        openid
        extensions
        OpenIDPape.java
        OpenIDAttributeExchange.java
        OpenIDSimpleReg.java
        OpenIDExtension.java
        dao
        OpenIDSQLQueries.java
        OpenIDRememberMeTokenDAO.java
        OpenIDAssociationDAO.java
        OpenIDServerAssociationStore.java
        replication
        AssociationClusterMessage.java
        AssociationCleanupService.java
        OpenIDAssociationReplicationManager.java
        OpenIDRememberMeTokenManager.java
        client
        OpenIDAdminClient.java
        OpenIDUserServlet.java
        handlers
        OpenIDHandler.java
        OpenIDExtensionFactory.java
        OpenIDAuthenticationRequest.java
        util
        TokenDecrypter.java
        OpenIDUtil.java
        OpenIDProvider.java
        OpenIDServerConstants.java
        PrivateAssociationReplicationStore.java
        OpenIDServerManager.java
        PrivateAssociationCryptoStore.java
        OpenIDConstants.java
        cache
        OpenIDCacheEntry.java
        OpenIDRememberMeTokenCache.java
        OpenIDIdentityCacheEntry.java
        OpenIDBaseCache.java
        OpenIDAssociationCache.java
        OpenIDCacheKey.java
        OpenIDIdentityCacheKey.java
        OpenIDUtil.java
        OpenIDProviderServlet.java
        listener
        IdentityOpenIDUserEventListener.java
        IdentityAttributeService.java
        IdentityProviderService.java
        IdentityProviderException.java
        IdentityProviderData.java
        internal
        ServletContextListener.java
        IdentityProviderServiceComponent.java
        GenericIdentityProviderData.java
        xmpp
        XMPPConfigurator.java
        XmppResponseListener.java
        XmppSubscriber.java
        MPAuthenticationProvider.java
        XmppSubscriptionListener.java
        saml
        SAML2TokenBuilder.java
        SAMLTokenDirector.java
        SAML1TokenBuilder.java
        SAMLTokenBuilder.java
        IdentityAttributeServiceStore.java
        IdentityProviderUtil.java
      - pom.xml
  - directory-server-manager
    - org.wso2.carbon.directory.server.manager.ui
      - src
        main
        resources
        web
        servicestore
        change-passwd-finish.jsp
        add-step1.jsp
        images
        edit.gif
        add.gif
        delete.gif
        index.jsp
        change-passwd.jsp
        add-finish.jsp
        delete-finish.jsp
        docs
        images
        userguide.html
        DirectoryServerManager.wsdl
        META-INF
        component.xml
        org
        wso2
        carbon
        directory
        server
        manager
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        directory
        server
        manager
        ui
        ServerManagerClientException.java
        DirectoryServerManagerClient.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.directory.server.manager.common
      - src
        main
        java
        org
        wso2
        carbon
        directory
        server
        manager
        common
        ServerPrinciple.java
      - pom.xml
    - org.wso2.carbon.directory.server.manager
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        directory
        server
        manager
        DirectoryServerManagerException.java
        internal
        LDAPServerStoreManager.java
        LDAPServerManagerConstants.java
        DirectoryServerManager.java
        test
        resources
        example_partition_test_data.ldif
        README.txt
        java
        org
        wso2
        carbon
        directory
        server
        manager
        internal
        LDAPServerStoreManagerTest.java
      - pom.xml
      - ldap-server-mgr-findbugs-excluded.xml
  - application-authenticators
    - pom.xml
    - org.wso2.carbon.identity.application.authenticator.openid
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        openid
        OpenIDAuthenticator.java
        OpenIDAuthenticatorConstants.java
        exception
        OpenIDException.java
        internal
        OpenIDAuthenticatorServiceComponent.java
        manager
        OpenIDManager.java
        AttributesRequestor.java
        YahooFetchResponse.java
        DefaultOpenIDManager.java
        SampleAttributesRequestor.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.iwa
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        iwa
        IWAConstants.java
        IWAServiceDataHolder.java
        internal
        IWAAuthenticatorServiceComponent.java
        IWAAuthenticator.java
        servlet
        IWAServelet.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.basicauth
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        basicauth
        BasicAuthenticatorConstants.java
        BasicAuthenticator.java
        internal
        BasicAuthenticatorServiceComponent.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.passive.sts
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        passive
        sts
        util
        PassiveSTSConstants.java
        CarbonEntityResolver.java
        exception
        PassiveSTSException.java
        internal
        STSAuthenticatorServiceComponent.java
        PassiveSTSAuthenticator.java
        manager
        STSAgentKeyStoreCredential.java
        PassiveSTSManager.java
        STSAgentCredential.java
        X509CredentialImpl.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.requestpath.oauth
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        requestpath
        oauth
        OAuthRequestPathAuthenticator.java
        internal
        OAuthRequestPathAuthenticatorServiceComponent.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.oidc
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        oidc
        OIDCAuthenticatorConstants.java
        OpenIDConnectAuthenticator.java
        internal
        OpenIDConnectAuthenticatorServiceComponent.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.samlsso
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        samlsso
        util
        SSOUtils.java
        SSOConstants.java
        CarbonEntityResolver.java
        exception
        SAMLSSOException.java
        internal
        SAMLSSOAuthenticatorServiceComponent.java
        model
        StateInfo.java
        manager
        DefaultSAML2SSOManager.java
        SAML2SSOManager.java
        X509CredentialImpl.java
        SAMLSSOAuthenticator.java
      - pom.xml
      - pom.xml~
    - org.wso2.carbon.identity.application.authenticator.fido
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        fido
        dto
        FIDOUser.java
        dao
        DeviceStoreDAO.java
        u2f
        U2FService.java
        util
        FIDOAuthenticatorConstants.java
        FIDOUtil.java
        FIDOAuthenticator.java
        service
        FIDOAdminService.java
        exception
        FIDOAuthenticatorException.java
        FIDOAuthenticatorRuntimeException.java
        FIDOAuthenticatorServerException.java
        FIDOAuthenticatorClientException.java
        internal
        UserStoreConfigListenerImpl.java
        FIDOAuthenticatorServiceComponent.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.requestpath.basicauth
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        requestpath
        basicauth
        BasicAuthRequestPathAuthenticator.java
        internal
        BasicAuthRequestPathAuthenticatorServiceComponent.java
      - pom.xml
    - org.wso2.carbon.identity.application.authenticator.social
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authenticator
        social
        google
        GoogleOAuth2Authenticator.java
        GoogleOAuth2AuthenticationConstant.java
        internal
        SocialAuthenticatorServiceComponent.java
        facebook
        FacebookAuthenticator.java
        FacebookAuthenticatorConstants.java
        live
        WindowsLiveOAuth2Authenticator.java
        WindowsLiveOAuth2AuthenticatorConstants.java
        yahoo
        YahooOpenIDAuthenticatorConstants.java
        YahooOpenIDAuthenticator.java
        YahooOAuth2Authenticator.java
        YahooOAuth2AuthenticatorConstants.java
      - pom.xml
  - policy-editor
    - org.wso2.carbon.policyeditor
      - src
        main
        resources
        META-INF
        services.xml
        org
        wso2
        carbon
        policyeditor
        xsd
        wssecurity-secext-1.0.xsd
        ws-securitypolicy.xsd
        wssecurity-utility-1.0.xsd
        ws-policy.xsd
        wsrm-policy.xsd
        policies.xml
        java
        org
        wso2
        carbon
        policyeditor
        util
        CarbonEntityResolver.java
        PolicyEditorService.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.policyeditor.ui
      - src
        main
        resources
        web
        policyeditor
        xslt
        XMLFormatter.xsl
        prettyPrinter_ajaxprocessor.jsp
        index.jsp
        js
        sax-tree.js
        policy-editor-service-stub.js
        yui
        menu
        menu-min.js
        assets
        skins
        sam
        menu.css
        menu-skin.css
        map.gif
        menu.css
        menu-core.css
        button
        README
        button-beta-min.js
        assets
        skins
        sam
        button-skin.css
        button.css
        button-core.css
        yahoo-dom-event
        yahoo-dom-event.js
        container
        container_core-min.js
        README
        container-min.js
        assets
        info16_1.gif
        blck16_1.gif
        skins
        sam
        container.css
        container-skin.css
        close12_1.gif
        tip16_1.gif
        alrt16_1.gif
        container.css
        hlp16_1.gif
        warn16_1.gif
        container-core.css
        tabview
        tabview-min.js
        assets
        skins
        policyeditor
        tabview-skin.css
        tabview.css
        skin-sam.css
        tabview-core.css
        border_tabs.css
        loading.gif
        tabview.css
        element
        element-beta-min.js
        treeview
        treeview-min.js
        assets
        treeview.css
        skins
        sam
        treeview-sprite.gif
        treeview.css
        treeview-loading.gif
        treeview-skin.css
        treeview-core.css
        treeview-loading.gif
        treeview-menu.css
        sprite-menu.gif
        sprite-orig.gif
        sax-policy-menu.js
        policy-editor.js
        xml-for-script
        tinyxmlw3cdom.js
        tinyxmlsax.js
        docs
        images
        userguide.html
        css
        local-styles.css
        org
        wso2
        carbon
        policyeditor
        ui
        i18n
        Resources.properties
        JSResources.properties
      - pom.xml
  - idp-mgt
    - pom.xml
    - org.wso2.carbon.idp.mgt
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        idp
        mgt
        dao
        CacheBackedIdPMgtDAO.java
        FileBasedIdPMgtDAO.java
        IdPManagementDAO.java
        IdentityProviderManagementService.java
        IdentityProviderManager.java
        util
        IdPManagementConstants.java
        IdPManagementUtil.java
        IdentityProviderManagementException.java
        internal
        TenantManagementListener.java
        IdPManagementServiceComponent.java
        UserStoreListener.java
        cache
        IdPHomeRealmIdCacheKey.java
        IdPCacheByName.java
        IdPCacheByAuthProperty.java
        IdPAuthPropertyCacheKey.java
        IdPNameCacheKey.java
        IdPCacheByHRI.java
        IdPCacheEntry.java
        listener
        IDPMgtAuditLogger.java
        AbstractIdentityProviderMgtListener.java
        IdPMgtValidationListener.java
        IdentityProviderMgtListener.java
      - pom.xml
    - org.wso2.carbon.idp.mgt.ui
      - src
        main
        resources
        web
        idpmgt
        idp-mgt-add-finish.jsp
        images
        configure.gif
        enable.gif
        sts.gif
        disable.gif
        list.gif
        edit.gif
        add.gif
        delete.gif
        enable2.gif
        idp-mgt-list-load.jsp
        idp-mgt-edit-finish-local.jsp
        idp-mgt-edit-local.jsp
        idp-mgt-edit-load-local.jsp
        idp-mgt-edit-load.jsp
        idp-mgt-delete-finish.jsp
        docs
        userguide.html
        css
        idpmgt.css
        idp-mgt-list.jsp
        idp-mgt-edit-finish.jsp
        META-INF
        component.xml
        org
        wso2
        carbon
        idp
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        idp
        mgt
        ui
        client
        IdentityProviderMgtServiceClient.java
        util
        IdPManagementUIUtil.java
      - pom.xml
  - scim
    - pom.xml
    - org.wso2.carbon.identity.scim.common
      - src
        main
        resources
        META-INF
        component.xml
        java
        org
        wso2
        carbon
        identity
        scim
        common
        group
        SCIMGroupHandler.java
        GroupDAO.java
        impl
        ProvisioningClient.java
        utils
        SCIMCommonConstants.java
        AttributeMapper.java
        SCIMCommonUtils.java
        SQLQueries.java
        BasicAuthUtil.java
        IdentitySCIMException.java
        internal
        SCIMCommonComponent.java
        listener
        SCIMUserOperationListener.java
        aa
        test
        java
        org
        wso2
        carbon
        identity
        scim
        common
        AttributeMapperTest.java
      - pom.xml
    - org.wso2.carbon.identity.scim.provider
      - src
        main
        resources
        META-INF
        spring.schemas
        java
        org
        wso2
        carbon
        identity
        jaxrs
        designator
        PATCH.java
        scim
        provider
        impl
        IdentitySCIMManager.java
        ProvisioningEntityBuilder.java
        SCIMUserManager.java
        ApplicationInitializer.java
        resources
        GroupResource.java
        UserResource.java
        BulkResource.java
        AbstractResource.java
        util
        JAXRSResponseBuilder.java
        SCIMProviderConstants.java
        ClearThreadLocalInterceptor.java
        auth
        BasicAuthHandler.java
        SCIMAuthenticationHandler.java
        OAuthServiceClient.java
        OAuthHandler.java
        SCIMAuthConfigReader.java
        SCIMAuthenticatorRegistry.java
        filter
        AuthenticationFilter.java
        aa
        webapp
        META-INF
        webapp-classloading.xml
        WEB-INF
        cxf-servlet.xml
        web.xml
      - pom.xml
    - org.wso2.carbon.identity.scim.ui
      - src
        main
        resources
        web
        scim
        images
        delete.gif
        remove-provider.jsp
        my-scim-add-finish.jsp
        edit-finish.jsp
        my-scim-index.jsp
        my-scim-add.jsp
        my-scim-remove-provider.jsp
        index.jsp
        my-scim-edit.jsp
        edit.jsp
        add.jsp
        js
        scripts.js
        add-finish.jsp
        docs
        userguide.html
        css
        localstyles.css
        localstyles-ie7.css
        my-scim-edit-finish.jsp
        assets
        img
        js
        jquery-1.7.1.min.js
        html5.js
        css
        bootstrap.min.css
        SCIMConfigAdminService.wsdl
        org
        wso2
        carbon
        identity
        scim
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        scim
        ui
        utils
        SCIMUIUtils.java
        client
        SCIMConfigAdminClient.java
        internal
        SCIMUIServiceComponent.java
        SCIMConstants.java
      - pom.xml
  - agents
    - org.wso2.carbon.identity.entitlement.filter
      - src
        main
        resources
        NOTE
        updateCache.html
        web_xml_structure_simple.xml
        web_xml_structure_complete.xml
        java
        org
        wso2
        carbon
        identity
        entitlement
        filter
        EntitlementCacheUpdateServlet.java
        EntitlementFilter.java
        EntitlementConstants.java
        exception
        EntitlementCacheUpdateServletDataHolder.java
        EntitlementCacheUpdateServletException.java
        EntitlementFilterException.java
        callback
        BasicAuthCallBackHandler.java
        EntitlementFilterCallBackHandler.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.sso.agent
      - src
        main
        java
        org
        wso2
        carbon
        identity
        sso
        agent
        SSOAgentDataHolder.java
        SSOAgentFilter.java
        SSOAgentException.java
        openid
        OpenIDManager.java
        AttributesRequestor.java
        SSOAgentRequestResolver.java
        SSOAgentConstants.java
        util
        SAMLSignatureValidator.java
        SSOAgentConfigs.java
        SSOAgentConstants.java
        CarbonEntityResolver.java
        SSOAgentUtils.java
        oauth2
        SAML2GrantAccessTokenRequestor.java
        SAML2GrantManager.java
        exception
        SSOAgentException.java
        saml
        SSOAgentHttpSessionListener.java
        SSOAgentX509KeyStoreCredential.java
        SSOAgentX509Credential.java
        SSOAgentCarbonX509Credential.java
        SSOAgentSessionManager.java
        SSOAgentCredential.java
        SSOAgentKeyStoreCredential.java
        SAML2SSOManager.java
        X509CredentialImpl.java
        bean
        SSOAgentSessionBean.java
        LoggedInSessionBean.java
        SSOAgentConfig.java
        CarbonSSOAgentFilter.java
      - pom.xml
    - org.wso2.carbon.identity.entitlement.proxy
      - src
        main
        org
        wso2
        carbon
        identity
        entitlement
        proxy
        PEPProxyFactory.java
        AbstractEntitlementServiceClient.java
        ProxyConstants.java
        PEPProxyCache.java
        PEPProxy.java
        soap
        basicAuth
        BasicAuthEntitlementServiceClient.java
        authenticationAdmin
        Authenticator.java
        SOAPEntitlementServiceClient.java
        util
        EntitlementServiceStubFactory.java
        IdentityCacheKey.java
        util
        CarbonEntityResolver.java
        Attribute.java
        exception
        EntitlementProxyException.java
        XACMLRequetBuilder.java
        wsxacml
        WSXACMLEntitlementServiceClient.java
        X509CredentialImpl.java
        json
        JSONEntitlementServiceClient.java
        thrift
        Authenticator.java
        ThriftEntitlementServiceClient.java
        PEPProxyConfig.java
        IdentityCacheEntry.java
        generatedCode
        AuthenticatorService.java
        EntitlementException.java
        EntitlementThriftClient.java
        AuthenticationException.java
      - pom.xml
    - mobile-proxy-idp
      - Android
        IDP-Proxy-App
        res
        xml
        preferences.xml
        drawable-mdpi
        layout
        webview.xml
        activity_configuration.xml
        file_dialog_main.xml
        activity_main.xml
        file_dialog_row.xml
        drawable-xhdpi
        menu
        main.xml
        configuration.xml
        drawable-ldpi
        drawable-xxhdpi
        values-sw720dp-land
        dimens.xml
        values-sw600dp
        dimens.xml
        raw
        emm_truststore.bks
        drawable-hdpi
        values
        styles.xml
        dimens.xml
        strings.xml
        drawable
        btn_orange.xml
        src
        org
        wso2
        mobile
        idp
        OauthEndPoints.java
        MainActivity.java
        Configuration.java
        PrefsFragment.java
        OauthCostants.java
        filebrowser
        FileDialog.java
        SelectionMode.java
        WebViewActivity.java
        AndroidManifest.xml
        project.properties
        bin
        res
        drawable-mdpi
        drawable-xhdpi
        drawable-ldpi
        drawable-xxhdpi
        drawable-hdpi
        crunch
        drawable-mdpi
        drawable-xhdpi
        drawable-ldpi
        drawable-xxhdpi
        drawable-hdpi
        drawable
        drawable
        AndroidManifest.xml
        jarlist.cache
        resources.ap_
        gen
        org
        wso2
        mobile
        idp
        BuildConfig.java
        R.java
        assets
        index.html
        proguard.cfg
        android-idp-sdk-master
        res
        drawable-mdpi
        layout
        main.xml
        drawable-ldpi
        drawable-hdpi
        values
        strings.xml
        src
        main
        resources
        truststore.bks
        aar1javaresource.txt
        java
        org
        wso2
        mobile
        idp
        proxy
        callbacks
        AccessTokenCallBack.java
        CallBack.java
        utils
        IDPConstants.java
        ServerUtilities.java
        beans
        Token.java
        IDPProxyActivity.java
        handlers
        RefreshTokenHandler.java
        AccessTokenHandler.java
        IdentityProxy.java
        pom.xml
        AndroidManifest.xml
        project.properties
        README.md
        bin
        jarlist.cache
        .gitignore
        assets
        aar1asset.txt
      - iOS
        IdPProxy Application
        IdPProxyTests
        IdPProxyTests-Info.plist
        IdPProxyTests.m
        en.lproj
        InfoPlist.strings
        IdPProxy.xcodeproj
        xcuserdata
        shanmugarajah.xcuserdatad
        xcschemes
        xcschememanagement.plist
        IdPProxy.xcscheme
        xcdebugger
        Breakpoints_v2.xcbkptlist
        project.pbxproj
        project.xcworkspace
        contents.xcworkspacedata
        xcuserdata
        shanmugarajah.xcuserdatad
        UserInterfaceState.xcuserstate
        IdPProxy
        ViewController.m
        Base.lproj
        Main_iPad.storyboard
        Main_iPhone.storyboard
        ViewController.h
        IdPProxy-Prefix.pch
        IdPProxy-Info.plist
        AppDelegate.m
        Settings.plist
        images.jpeg
        main.m
        Images.xcassets
        LaunchImage.launchimage
        Contents.json
        AppIcon.appiconset
        Contents.json
        AppDelegate.h
        en.lproj
        InfoPlist.strings
  - provisioning
    - org.wso2.carbon.identity.provisioning.connector.spml
      - src
        main
        resources
        spmlv2.xsd.xml
        spml.mock.service.xml
        spml.wsdl.xml
        spmlHeader.xsd.xml
        java
        org
        wso2
        carbon
        identity
        provisioning
        connector
        spml
        internal
        SPMLConnectorServiceComponent.java
        SPMLProvisioningConnectorFactory.java
        SPMLProvisioningConnector.java
        SPMLProvisioningConnectorConfig.java
      - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.scim
      - src
        main
        java
        org
        wso2
        carbon
        identity
        provisioning
        connector
        scim
        SCIMProvisioningConnectorConstants.java
        SCIMProvisioningConnector.java
        internal
        SCIMConnectorServiceComponent.java
        SCIMProvisioningConnectorFactory.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.salesforce
      - src
        main
        java
        org
        wso2
        carbon
        identity
        provisioning
        connector
        salesforce
        SalesforceProvisioningConnector.java
        SalesforceProvisioningConnectorFactory.java
        SalesforceConnectorConstants.java
        SalesforceConnectorDBQueries.java
        internal
        SalesforceConnectorServiceComponent.java
        SalesforceProvisioningConnectorConfig.java
      - pom.xml
    - org.wso2.carbon.identity.provisioning
      - src
        main
        resources
        salesforce-rolemapping.csv
        identity-provision.properties
        java
        org
        wso2
        carbon
        identity
        provisioning
        dao
        ProvisioningManagementDAO.java
        CacheBackedProvisioningMgtDAO.java
        ProvisioningUtil.java
        AbstractProvisioningConnectorFactory.java
        IdentityProvisioningException.java
        ProvisioningThread.java
        internal
        ProvisioningServiceDataHolder.java
        IdentityProvisionServiceComponent.java
        OutboundProvisioningManager.java
        RuntimeProvisioningConfig.java
        ProvisioningEntityType.java
        cache
        ServiceProviderProvisioningConnectorCacheEntry.java
        ProvisioningEntityCacheKey.java
        ProvisioningConnectorCacheEntry.java
        ProvisioningEntityCache.java
        ServiceProviderProvisioningConnectorCache.java
        ProvisioningConnectorCache.java
        ProvisioningConnectorCacheKey.java
        ProvisioningEntityCacheEntry.java
        ServiceProviderProvisioningConnectorCacheKey.java
        AbstractOutboundProvisioningConnector.java
        ProvisioningEntity.java
        ProvisionedIdentifier.java
        IdentityProvisioningConstants.java
        listener
        ProvisioningApplicationMgtListener.java
        ProvisioningIdentityProviderMgtListener.java
        DefaultInboundUserProvisioningListener.java
        ProvisioningOperation.java
      - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.google
      - src
        main
        java
        org
        wso2
        carbon
        identity
        provisioning
        connector
        google
        internal
        GoogleConnectorServiceComponent.java
        GoogleProvisioningConnector.java
        GoogleProvisioningConnectorConfig.java
        GoogleProvisioningConnectorFactory.java
        GoogleConnectorConstants.java
      - pom.xml
  - application-mgt
    - org.wso2.carbon.identity.application.mgt
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        application
        mgt
        dao
        impl
        FileBasedApplicationDAO.java
        SAMLApplicationDAOImpl.java
        OAuthApplicationDAOImpl.java
        ApplicationDAOImpl.java
        IdentityProviderDAOImpl.java
        OAuthApplicationDAO.java
        IdentityProviderDAO.java
        ApplicationDAO.java
        SAMLApplicationDAO.java
        ApplicationManagementService.java
        ApplicationManagementAdminService.java
        ApplicationMgtDBQueries.java
        AbstractInboundAuthenticatorConfig.java
        ApplicationMgtSystemConfig.java
        internal
        ApplicationManagementServiceComponentHolder.java
        ApplicationManagementServiceComponent.java
        ApplicationMgtListenerServiceComponent.java
        ApplicationConstants.java
        cache
        IdentityServiceProviderCacheKey.java
        IdentityServiceProviderCache.java
        IdentityServiceProviderCacheEntry.java
        ApplicationManagementServiceImpl.java
        listener
        ApplicationMgtListener.java
        AbstractApplicationMgtListener.java
        ApplicationIdentityProviderMgtListener.java
        ApplicationMgtAuditLogger.java
        ApplicationMgtValidationListener.java
        ApplicationMgtUtil.java
      - pom.xml
    - org.wso2.carbon.identity.application.mgt.ui
      - src
        main
        resources
        web
        application
        list-service-providers.jsp
        images
        list.gif
        add.gif
        delete.gif
        configure-authentication-flow.jsp
        configure-service-provider-update.jsp
        remove-service-provider.jsp
        update-application-bean.jsp
        add-service-provider-finish.jsp
        load-service-provider.jsp
        configure-service-provider.jsp
        configure-local-service-provider.jsp
        add-service-provider.jsp
        configure-service-provider-finish.jsp
        docs
        userguide.html
        css
        idpmgt.css
        configure-authentication-flow-finish.jsp
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        application
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        application
        mgt
        ui
        client
        ApplicationManagementServiceClient.java
        util
        ApplicationMgtUIUtil.java
        internal
        ApplicationMgtUIServiceComponent.java
        ApplicationMgtServiceComponentHolder.java
        ApplicationBean.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.application.common
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        common
        IdentityApplicationManagementException.java
        processors
        RandomPasswordProcessor.java
        util
        IdentityApplicationConstants.java
        IdentityApplicationManagementUtil.java
        cache
        RandomPasswordContainerCacheKey.java
        RandomPasswordContainerCache.java
        BaseCache.java
        RandomPasswordContainerCacheEntry.java
        CacheKey.java
        CacheEntry.java
        ProvisioningConnectorService.java
        model
        RandomPassword.java
        PermissionsAndRoleConfig.java
        ApplicationPermission.java
        InboundProvisioningConfig.java
        Property.java
        SCIMProvisioningConnectorConfig.java
        JustInTimeProvisioningConfig.java
        LocalAndOutboundAuthenticationConfig.java
        InboundAuthenticationRequestConfig.java
        RoleMapping.java
        InboundAuthenticationConfig.java
        GoogleAppsProvisioningConnectorConfig.java
        IdentityProviderProperty.java
        ClaimConfig.java
        AuthenticationStep.java
        RequestPathAuthenticatorConfig.java
        CertData.java
        SAML2SSOFederatedAuthenticatorConfig.java
        ServiceProvider.java
        PassiveSTSFederatedAuthenticatorConfig.java
        InboundAuthenticationConnector.java
        ApplicationBasicInfo.java
        ThreadLocalProvisioningServiceProvider.java
        Claim.java
        FederatedAuthenticatorConfig.java
        ClaimMapping.java
        ServiceProviderProperty.java
        OpenIDFederatedAuthenticatorConfig.java
        OpenIDConnectFederatedAuthenticatorConfig.java
        OutboundProvisioningConfig.java
        User.java
        InboundProvisioningConnector.java
        RandomPasswordContainer.java
        IdentityProvider.java
        ProvisioningServiceProviderType.java
        LocalRole.java
        ProvisioningConnectorConfig.java
        FacebookFederatedAuthenticatorConfig.java
        LocalAuthenticatorConfig.java
        SalesforceProvisioningConnectorConfig.java
        SPMLProvisioningConnectorConfig.java
        ApplicationAuthenticatorService.java
        listener
        AbstractCacheListener.java
        test
        java
        org
        wso2
        carbon
        identity
        application
        common
        model
        test
        ProvisioningConnectorConfigTest.java
      - pom.xml
  - user-mgt
    - org.wso2.carbon.user.mgt.common
      - src
        main
        java
        org
        wso2
        carbon
        user
        mgt
        common
        UserAdminException.java
        MultipleCredentialsUserAdminException.java
        UserStoreInfo.java
        UIPermissionNode.java
        UserRealmInfo.java
        FlaggedName.java
        ClaimValue.java
        IUserAdmin.java
      - pom.xml
    - org.wso2.carbon.user.mgt.ui
      - src
        main
        resources
        web
        user
        view-roles.jsp
        change-passwd-finish.jsp
        add-step1.jsp
        edit-user-roles-finish.jsp
        edit-user-roles.jsp
        images
        bulk-import.gif
        external-users.gif
        test.gif
        users.gif
        users.JPG
        view.gif
        external-roles.gif
        edit.gif
        workflow_pending_add.gif
        user-store.gif
        userManager.JPG
        workflow_pending_remove.gif
        add.gif
        Thumbs.db
        delete.gif
        user-roles.gif
        user-mgt.jsp
        add-step2.jsp
        change-passwd.jsp
        add-finish.jsp
        bulk-import-finish.jsp
        bulk-import.jsp
        delete-finish.jsp
        docs
        userguide.html
        userstore
        display-messages.jsp
        ex-role-mgt.jsp
        extensions
        js
        vui.js
        images
        keys.gif
        External-user store.JPG
        external-users.gif
        test.gif
        users.gif
        list.gif
        view.gif
        external-roles.gif
        edit.gif
        user-store.gif
        add.gif
        delete.gif
        roles.JPG
        user-roles.gif
        user-role-search.jsp
        add-user-role.jsp
        index.jsp
        docs
        userguide.html
        role
        edit-users.jsp
        add-step3.jsp
        view-users.jsp
        add-step1.jsp
        edit-users-finish.jsp
        role-mgt.jsp
        images
        external-users.gif
        check0.gif
        check2.gif
        test.gif
        users.gif
        check1.gif
        view.gif
        external-roles.gif
        edit.gif
        workflow_pending_add.gif
        user-store.gif
        contractall.gif
        workflow_pending_remove.gif
        add.gif
        Thumbs.db
        delete.gif
        user-roles.gif
        expandall.gif
        rename-role.jsp
        add-step2.jsp
        edit-permissions.jsp
        rename-role-finish.jsp
        js
        yuiloader-min.js
        treeview.css
        element-min.js
        logger-min.js
        dom-min.js
        event-min.js
        treeview-debug.js
        TaskNode.js
        add-finish.jsp
        edit-permissions-finish.jsp
        docs
        rolepermissions.html
        userguide.html
        delete-role.jsp
        UserAdmin.wsdl
        META-INF
        component.xml
        org
        wso2
        carbon
        userstore
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        user
        mgt
        ui
        UserStoreConfigBean.java
        UserAdminUIConstants.java
        UserAdminClient.java
        UserBean.java
        PaginatedNamesBean.java
        HTMLEncoder.java
        Util.java
        UserManagementWorkflowServiceClient.java
        servlet
        UserAndRoleManagementServlet.java
        bean
        RoleSearchResult.java
        SearchResult.java
        UserSearchResult.java
        RoleBean.java
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        user
        mgt
        workflow
        util
        UserStoreWFConstants.java
        internal
        IdentityWorkflowDataHolder.java
        IdentityWorkflowServiceComponent.java
        userstore
        DeleteClaimWFRequestHandler.java
        UpdateUserRolesWFRequestHandler.java
        UpdateRoleUsersWFRequestHandler.java
        DeleteUserWFRequestHandler.java
        UpdateRoleNameWFRequestHandler.java
        SetUserClaimWFRequestHandler.java
        DeleteRoleWFRequestHandler.java
        DeleteMultipleClaimsWFRequestHandler.java
        AddUserWFRequestHandler.java
        AddRoleWFRequestHandler.java
        ChangeCredentialWFRequestHandler.java
        UserStoreActionListener.java
        SetMultipleClaimsWFRequestHandler.java
        UserManagementWorkflowService.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.um.ws.api
      - src
        main
        resources
        RemoteProfileConfigurationManagerService.wsdl
        RemoteTenantManagerService.wsdl
        RemoteAuthorizationManagerService.wsdl
        RemoteClaimManagerService.wsdl
        RemoteUserRealmService.wsdl
        RemoteUserStoreManagerService.wsdl
        java
        org
        wso2
        carbon
        um
        ws
        api
        WSProfileConfigurationManager.java
        WSRealmBuilder.java
        WSClaimManager.java
        WSRealm.java
        internal
        UserMgtWSAPIDataHolder.java
        UserMgtWSAPIDSComponent.java
        WSRemoteUserMgtConstants.java
        WSAuthorizationManager.java
        WSRealmUtil.java
        WSRealmTenantManager.java
        WSUserStoreManager.java
      - pom.xml
    - org.wso2.carbon.identity.user.profile
      - src
        main
        resources
        META-INF
        services.xml
        component.xml
        java
        org
        wso2
        carbon
        identity
        user
        profile
        mgt
        dao
        UserProfileMgtDAO.java
        UserProfileAdmin.java
        UserProfileException.java
        UserProfileDTO.java
        util
        Constants.java
        ServiceHodler.java
        internal
        UserStoreConfigListenerImpl.java
        IdentityUserProfileServiceComponent.java
        UserProfileUtil.java
        AssociatedAccountDTO.java
        UserFieldDTO.java
        listener
        ProfileMgtEventListener.java
      - pom.xml
    - org.wso2.carbon.um.ws.service
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        um
        ws
        service
        ClaimManagerService.java
        dao
        ClaimDTO.java
        RealmConfigurationDTO.java
        RealmPropertyDTO.java
        PermissionDTO.java
        ClaimValue.java
        UserRealmService.java
        UserStoreManagerService.java
        ProfileConfigurationManagerService.java
        internal
        UMRemoteServicesDSComponent.java
        UMRemoteServicesDataHolder.java
        Util.java
        TenantManagerService.java
        AuthorizationManagerService.java
      - pom.xml
    - org.wso2.carbon.user.mgt
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        user
        mgt
        UserMgtConstants.java
        UserAdmin.java
        listeners
        UserMgtAuditLogger.java
        PermissionAuthorizationListener.java
        internal
        UserMgtInitializer.java
        UserMgtDSComponent.java
        permission
        ManagementPermissionUtil.java
        ManagementPermissionsAdder.java
        UserRealmProxy.java
        UMDatabaseManager.java
        multiplecredentials
        MultipleCredentialsUserProxy.java
        MultipleCredentialsNotSupportedException.java
        MultipleCredentialsUserAdmin.java
        bulkimport
        CSVUserBulkImport.java
        ExcelUserBulkImport.java
        UserBulkImport.java
        BulkImportConfig.java
        test
        resources
        external_user_db.sql
        java
        org
        wso2
        carbon
        user
        core
        LDAPTestCase.java
      - pom.xml
    - org.wso2.carbon.identity.user.profile.ui
      - src
        main
        resources
        web
        userprofile
        set-finish.jsp
        images
        UserProfileMgt.JPG
        my-prof.gif
        EditUserProfile.JPG
        delete.gif
        edit-finish.jsp
        remove-profile.jsp
        index.jsp
        edit.jsp
        add.jsp
        docs
        userguide.html
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        user
        profile
        ui
        i18n
        Resources.properties
        UserProfileMgt.wsdl
        java
        org
        wso2
        carbon
        identity
        user
        profile
        ui
        client
        UserProfileCient.java
      - pom.xml
    - org.wso2.carbon.identity.user.account.association
      - src
        main
        resources
        META-INF
        services.xml
        component.xml
        java
        org
        wso2
        carbon
        identity
        user
        account
        association
        dto
        UserAccountAssociationDTO.java
        dao
        UserAccountAssociationDAO.java
        UserAccountConnectorImpl.java
        UserAccountConnector.java
        util
        UserAccountAssociationConstants.java
        UserAccountAssociationUtil.java
        exception
        UserAccountAssociationServerException.java
        UserAccountAssociationException.java
        UserAccountAssociationClientException.java
        internal
        IdentityAccountAssociationServiceDataHolder.java
        IdentityAccountAssociationServiceComponent.java
        UserStoreConfigListenerImpl.java
        UserOperationEventListenerImpl.java
        TenantMgtListenerImpl.java
        UserAccountAssociationService.java
      - pom.xml
    - org.wso2.carbon.identity.account.mgt.menu.ui
      - src
        main
        resources
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        account
        mgt
        menu
        ui
        i18n
        Resources.properties
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow.ui
      - src
        main
        resources
        web
        usermgt-workflow
        workflow_redirection.jsp
      - pom.xml
    - org.wso2.carbon.identity.user.registration
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        user
        registration
        SelfRegistrationConstants.java
        UserRegistrationService.java
        dto
        TenantRegistrationConfig.java
        UserDTO.java
        OpenIDDTO.java
        InfoCarDTO.java
        PasswordRegExDTO.java
        UserFieldDTO.java
        util
        CarbonEntityResolver.java
        internal
        UserRegistrationDSComponent.java
        UserRegistrationException.java
      - pom.xml
  - user-store
    - org.wso2.carbon.identity.user.store.configuration.ui
      - src
        main
        resources
        web
        userstore_config
        validateconnection-ajaxprocessor.jsp
        images
        enable.gif
        disable.gif
        list.gif
        edit.gif
        add.gif
        delete.gif
        remove-userstore.jsp
        userstore-config-finish.jsp
        index-update.jsp
        index.jsp
        enable-disable-userstores.jsp
        docs
        userguide.html
        userstore-config.jsp
        UserstoreConfigAdminService.wsdl
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        user
        store
        configuration
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        user
        store
        configuration
        ui
        utils
        UserStoreUIUtils.java
        client
        UserStoreConfigAdminServiceClient.java
        UserStoreUIConstants.java
      - pom.xml
    - org.wso2.carbon.ldap.server
      - src
        main
        resources
        embedded-ldap.xml
        java
        org
        wso2
        carbon
        ldap
        server
        configuration
        LDAPConfigurationBuilder.java
        util
        EmbeddingLDAPException.java
        IdentityIOStreamUtils.java
        exception
        DirectoryServerException.java
        tenant
        LDAPTenantManagerService.java
        DirectoryActivator.java
        apacheds
        impl
        ConfigurationConstants.java
        ApacheLDAPServer.java
        ApacheKDCServer.java
        CarbonSchemaLdifExtractor.java
        CarbonDirectoryServiceFactory.java
        ApacheDirectoryPartitionManager.java
        KDCServer.java
        PasswordAlgorithm.java
        DomainNameEntry.java
        AdminGroupInfo.java
        PartitionManager.java
        LDAPConfiguration.java
        PartitionInfo.java
        LDAPServer.java
        KdcConfiguration.java
        DirectoryServiceFactory.java
        AdminInfo.java
        test
        resources
        user-mgt.xml
        test-log4j.xml
        ldap-config.xml
        java
        org
        wso2
        carbon
        apacheds
        impl
        AbstractDirectoryTestCase.java
        CarbonSchemaLdifExtractorTest.java
        MyUser.java
        ApacheLDAPServerTest.java
        ApacheKDCServerTest.java
        PartitionInfoTest.java
        directory
        configuration
        TestLDAPConfigurationBuilder.java
      - pom.xml
    - org.wso2.carbon.identity.user.store.configuration
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        user
        store
        configuration
        dto
        UserStoreDTO.java
        PropertyDTO.java
        utils
        UserStoreConfigurationConstant.java
        SecondaryUserStoreConfigurationUtil.java
        IdentityUserStoreMgtException.java
        beans
        RandomPassword.java
        RandomPasswordContainer.java
        UserStoreConfigAdminService.java
        internal
        UserStoreConfigListenersHolder.java
        UserStoreConfigComponent.java
        cache
        RandomPasswordContainerCache.java
        listener
        UserStoreConfigListener.java
      - pom.xml
    - org.wso2.carbon.user.cassandra
      - src
        main
        java
        org
        wso2
        carbon
        user
        cassandra
        CassandraRoleContext.java
        CFConstants.java
        CassandraUserStoreManager.java
        internal
        CassandraUserStoreManagerServiceDataHolder.java
        CassandraUserStoreManagerServiceComponent.java
        Util.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.user.store.remote
      - src
        main
        java
        org
        wso2
        carbon
        identity
        user
        store
        remote
        internal
        CarbonRemoteUserStoreDSComponent.java
        CarbonRemoteUserStoreManger.java
        test
        java
        org
        wso2
        carbon
        identity
        user
        store
        remote
        CarbonRemoteUserStoreMangerTest.java
      - pom.xml
    - org.wso2.carbon.identity.user.store.configuration.deployer
      - src
        main
        resources
        META-INF
        component.xml
        java
        org
        wso2
        carbon
        identity
        user
        store
        configuration
        deployer
        util
        UserStoreUtil.java
        UserStoreConfigurationConstants.java
        UserStoreConfgurationContextObserver.java
        exception
        UserStoreConfigurationDeployerException.java
        internal
        UserStoreConfigComponent.java
        UserStoreConfigurationDeployer.java
      - pom.xml
  - workflow-mgt
    - org.wso2.carbon.identity.workflow.mgt
      - src
        main
        resources
        MetaDataType.xsd
        META-INF
        services.xml
        component.xml
        MetaData.xsd
        java
        org
        wso2
        carbon
        identity
        workflow
        mgt
        WorkflowManagementAdminService.java
        dto
        WorkflowRequest.java
        Template.java
        WorkflowImpl.java
        WorkflowWizard.java
        WorkflowEvent.java
        Association.java
        dao
        AssociationDAO.java
        WorkflowRequestDAO.java
        RequestEntityRelationshipDAO.java
        WorkflowRequestAssociationDAO.java
        WorkflowDAO.java
        WorkFlowExecutorManager.java
        WorkflowExecutorResult.java
        workflow
        TemplateInitializer.java
        WorkFlowExecutor.java
        AbstractWorkflow.java
        util
        WorkflowTemplateParamType.java
        WorkflowRequestStatus.java
        WFConstant.java
        WorkflowManagementUtil.java
        WorkflowRequestBuilder.java
        ExecutorResultState.java
        SQLConstants.java
        WorkflowDataType.java
        extension
        WorkflowRequestHandler.java
        AbstractWorkflowRequestHandler.java
        exception
        InternalWorkflowException.java
        WorkflowException.java
        WorkflowRuntimeException.java
        WorkflowManagementService.java
        internal
        WorkflowServiceDataHolder.java
        WorkflowMgtServiceComponent.java
        WorkflowManagementServiceImpl.java
        template
        AbstractTemplate.java
        callback
        WSWorkflowResponse.java
        WSWorkflowCallBackService.java
        WSParameter.java
        bean
        Parameter.java
        metadata
        MapType.java
        ObjectFactory.java
        Item.java
        MetaData.java
        ParametersMetaData.java
        type
        DataType.java
        InputType.java
        ParameterMetaData.java
        InputData.java
        package-info.java
        WorkflowRequest.java
        Entity.java
        WorkflowRequestAssociation.java
        WorkflowAssociation.java
        RequestParameter.java
        Workflow.java
        listener
        WorkflowAuditLogger.java
        AbstractWorkflowExecutorManagerListener.java
        WorkflowExecutorManagerListener.java
        WorkflowListener.java
        AbstractWorkflowListener.java
        WorkflowExecutorAuditLogger.java
      - pom.xml
    - org.wso2.carbon.identity.workflow.template
      - src
        main
        resources
        TemplateMetaData.xml
        java
        org
        wso2
        carbon
        identity
        workflow
        template
        MultiStepApprovalTemplate.java
        internal
        WorkflowTemplateServiceComponent.java
        TemplateConstant.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.workflow.impl
      - src
        main
        resources
        WorkflowImplMetaData.xml
        templates
        bpel
        MultiStepApprovalService
        callbackService.epr
        ApprovalProcess.bpel
        deploy.xml
        taskService.epr
        ws-humantask-types.xsd
        ApprovalProcessArtifacts.wsdl
        CallbackService.wsdl
        ApprovalTaskService.wsdl
        ws-humantask.xsd
        humantask
        MultiStepApprovalTask
        web
        ApprovalTask-input.jsp
        ApprovalTask-response.jsp
        ApprovalTask-output.jsp
        htconfig.xml
        ApprovalTask.ht
        ApprovalTaskService.wsdl
        ws-humantask.xsd
        META-INF
        services.xml
        component.xml
        java
        org
        wso2
        carbon
        identity
        workflow
        impl
        BPELDeployer.java
        dao
        BPSProfileDAO.java
        RequestExecutor.java
        WorkflowImplAdminService.java
        util
        HumanTaskClientAPIAdminClient.java
        ProcessManagementServiceClient.java
        WorkflowDeployerClient.java
        WorkflowRequestBuilder.java
        BPELPackageManagementServiceClient.java
        internal
        WorkflowImplServiceComponent.java
        WorkflowImplServiceDataHolder.java
        ApprovalWorkflow.java
        WFImplConstant.java
        bean
        BPSProfile.java
        listener
        WorkflowImplValidationListener.java
        AbstractWorkflowImplServiceListener.java
        WorkflowListenerImpl.java
        WorkflowImplTenantMgtListener.java
        WorkflowImplServiceListener.java
        WorkflowImplAuditLogger.java
        WorkflowImplException.java
        WorkflowImplService.java
        WorkflowImplServiceImpl.java
      - pom.xml
    - org.wso2.carbon.identity.workflow.impl.ui
      - src
        main
        resources
        web
        workflow-impl
        add-bps-profile-finish.jsp
        images
        workflow.gif
        enable.gif
        disable.gif
        users.gif
        edit.gif
        search.gif
        delete.gif
        wf-profile.gif
        user-roles.gif
        update-bps-profile.jsp
        add-bps-profile.jsp
        js
        tokenizer.js
        update-bps-profile-finish.jsp
        list-bps-profiles.jsp
        css
        input_style.css
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        workflow
        impl
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        workflow
        impl
        ui
        WorkflowImplAdminServiceClient.java
        WorkflowUIConstants.java
        mgt
        bean
        metadata
        type
        DataType.java
        ObjectFactory.java
        InputType.java
      - tmp
        WorkflowImplAdminServiceClient.java
      - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.ui
      - src
        main
        resources
        web
        workflow-mgt
        list-workflows.jsp
        template-wf-wizard.jsp
        workflowimpl-wf-wizard.jsp
        view-workflow.jsp
        images
        workflow.gif
        engagement.gif
        enable.gif
        disable.gif
        users.gif
        request-list.gif
        edit.gif
        search.gif
        delete.gif
        user-roles.gif
        list-associations.jsp
        finish-wf-wizard.jsp
        wf-request-delete-finish.jsp
        add-association.jsp
        js
        tokenizer.js
        wf-workflows-of-request.jsp
        update-association-finish.jsp
        css
        input_style.css
        wf-request-list.jsp
        add-wf-wizard.jsp
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        workflow
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        workflow
        mgt
        ui
        WorkflowAdminServiceClient.java
        util
        WorkflowUIUtil.java
        WorkflowUIConstants.java
        bean
        metadata
        type
        DataType.java
        InputType.java
      - pom.xml
  - identity-core
    - org.wso2.carbon.identity.core.ui
      - src
        main
        resources
        web
        identity
        validation
        js
        identity-validate.js
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        menu
        ui
        i18n
        Resources.properties
      - pom.xml
    - org.wso2.carbon.identity.core
      - src
        main
        resources
        openid-claim-mapper.xml
        META-INF
        component.xml
        java
        org
        wso2
        carbon
        identity
        core
        dao
        XMPPSettingsDAO.java
        OpenIDSQLQueries.java
        OpenIDRememberMeDAO.java
        OpenIDAdminDAO.java
        OAuthConsumerDAO.java
        AbstractDAO.java
        ParameterDAO.java
        OpenIDUserRPDAO.java
        SAMLSSOServiceProviderDAO.java
        OpenIDUserDAO.java
        AbstractIdentityUserOperationEventListener.java
        IdentityProfileManager.java
        IdentityRegistryResources.java
        util
        IdentityTenantUtil.java
        IdentityCoreInitializedEvent.java
        OpenIDClaimMapper.java
        IdentityUtil.java
        IdentityLogTokenParser.java
        IdentityCoreConstants.java
        IdentityConfigParser.java
        IdentityDatabaseUtil.java
        IdentityIOStreamUtils.java
        IdentityCoreInitializedEventImpl.java
        internal
        IdentityCoreServiceComponent.java
        IdentityClaimManager.java
        model
        IdentityEventListenerConfigKey.java
        XMPPSettingsDO.java
        ParameterDO.java
        OpenIDRememberMeDO.java
        IdentityCacheConfigKey.java
        OpenIDAdminDO.java
        InfoCardDO.java
        OpenIDUserDO.java
        IssuedTokensDO.java
        IdentityCacheConfig.java
        OAuthConsumerDO.java
        RevokedInfoCardDO.java
        IdentityEventListenerConfig.java
        SAMLSSOServiceProviderDO.java
        IdentityErrorMsgContext.java
        OpenIDUserRPDO.java
        persistence
        IdentityPersistenceConstants.java
        UmPersistenceManager.java
        IdentityPersistenceManager.java
        IdentityDBInitializer.java
        JDBCPersistenceManager.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.base
      - src
        main
        java
        org
        wso2
        carbon
        identity
        base
        IdentityBaseUtil.java
        IdentityException.java
        IdentityValidationException.java
        IdentityConstants.java
        InMemoryPasswordCallbackHandler.java
        IdentityRuntimeException.java
        CarbonEntityResolver.java
        IdentityValidatorConfig.java
        IdentityValidationUtil.java
      - pom.xml
  - entitlement
    - pom.xml
    - org.wso2.carbon.identity.entitlement.common
      - src
        main
        java
        org
        wso2
        carbon
        identity
        entitlement
        common
        RegistryPersistenceManager.java
        dto
        PolicyEditorDataHolder.java
        InMemoryPersistenceManager.java
        Utils.java
        util
        CarbonEntityResolver.java
        EntitlementConstants.java
        PolicyEditorException.java
        DataPersistenceManager.java
        PolicyEditorEngine.java
      - pom.xml
    - org.wso2.carbon.identity.entitlement.ui
      - src
        main
        resources
        web
        entitlement
        policy-search.jsp
        update.jsp
        select-extended-attributes.jsp
        add-policy.jsp
        create-policy-set.jsp
        update-policy-order.jsp
        rollback-policy.jsp
        policy-view-pdp.jsp
        pdp-manage.jsp
        eval-policy.jsp
        delete-rule-entry.jsp
        clear-attribute-cache.jsp
        advance-search.jsp
        images
        publish.gif
        down.gif
        icon-refresh.gif
        save.gif
        PolicySet-type.gif
        plus.gif
        enable.gif
        registry.gif
        disable.gif
        calendar.jpg
        publish-pdp.gif
        view.gif
        publish-all.gif
        config.gif
        minus.gif
        nodata.gif
        save-button.gif
        policies.gif
        edit.gif
        policy.gif
        user-store.gif
        Policy-type.gif
        cancel.gif
        search.gif
        wsdiscovery.gif
        add.gif
        delete.gif
        import.gif
        search-policy.gif
        up.gif
        view-finder.jsp
        policy-view.jsp
        policy-editor.jsp
        finish.jsp
        publish-finish.jsp
        update_order.jsp
        select-attribute.jsp
        prettyPrinter_ajaxprocessor.jsp
        import-policy-submit.jsp
        add-subscriber.jsp
        start-publish.jsp
        update-search.jsp
        remove-subscriber.jsp
        delete-policy-entry.jsp
        update-policy-submit.jsp
        update-rule.jsp
        finish-policy-set.jsp
        policy-publish.jsp
        eval-policy-submit.jsp
        import-policy.jsp
        index.jsp
        attribute-search.jsp
        basic-policy-update.jsp
        clear-cache.jsp
        simple-policy-editor.jsp
        enable-disable-policy.jsp
        select-attribute-values.jsp
        authorization-add.jsp
        re-order-policy.jsp
        update-policy-set.jsp
        refresh-finder.jsp
        simple-policy-finish.jsp
        my-pdp.jsp
        show-subscriber-status.jsp
        js
        treecontrol.js
        create-basic-policy.js
        popup.js
        basic-policy-editor.jsp
        edit-policy.jsp
        show-policy-version.jsp
        remove-policy.jsp
        docs
        userguide.html
        authorization-index.jsp
        css
        entitlement.css
        tree-styles.css
        policy-editor-config-view.jsp
        create-evaluation-request.jsp
        basic-policy-finish.jsp
        show-policy-status.jsp
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        entitlement
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        entitlement
        ui
        EntitlementPolicyBean.java
        dto
        SimplePolicyEditorDTO.java
        RowDTO.java
        ElementCountDTO.java
        PolicySetDTO.java
        PolicyRefIdDTO.java
        RuleDTO.java
        TargetDTO.java
        ObligationDTO.java
        RequestDTO.java
        PolicyDTO.java
        BasicRequestDTO.java
        SimplePolicyEditorElementDTO.java
        ExtendAttributeDTO.java
        EntitlementPolicyConstants.java
        client
        EntitlementServiceClient.java
        EntitlementAdminServiceClient.java
        EntitlementPolicyAdminServiceClient.java
        EntitlementPolicyUploadExecutor.java
        util
        ClientUtil.java
        PolicyCreatorUtil.java
        PolicyEditorUtil.java
        EntitlementPolicyCreationException.java
        PropertyDTOComparator.java
        EntitlementPolicyCreator.java
        PolicyEditorConstants.java
      - pom.xml
    - org.wso2.carbon.identity.entitlement
      - src
        main
        resources
        xacml1.xsd
        xacml3.xsd
        META-INF
        services.xml
        xacml2.xsd
        pip-config.xml
        xacml-request.xml
        template.xml
        java
        org
        wso2
        carbon
        identity
        entitlement
        PolicyOrderComparator.java
        dto
        AttributeDTO.java
        StatusHolder.java
        EntitlementFinderDataHolder.java
        EntitledAttributesDTO.java
        PIPFinderDataHolder.java
        EntitlementTreeNodeDTO.java
        PolicyFinderDataHolder.java
        PublisherPropertyDTO.java
        PolicyStoreDTO.java
        EntitledResultSetDTO.java
        PolicyDTO.java
        PaginatedPolicySetDTO.java
        PublisherDataHolder.java
        PDPDataHolder.java
        PaginatedStatusHolder.java
        PaginatedStringDTO.java
        SimplePAPStatusDataHandler.java
        NotificationConstants.java
        pdp
        EntitlementEngine.java
        EntitlementNotificationExtension.java
        policy
        PolicyTarget.java
        finder
        registry
        RegistryPolicyHandler.java
        RegistryPolicyMediaTypeMatcher.java
        RegistryPolicyReader.java
        AbstractPolicyFinderModule.java
        PolicyFinderModule.java
        CarbonPolicyFinder.java
        publisher
        PolicyPublishExecutor.java
        PublisherVerificationModule.java
        PolicyPublisher.java
        CarbonPDPPublisher.java
        PostPublisherModule.java
        AbstractPolicyPublisherModule.java
        CarbonBasicPolicyPublisherModule.java
        PolicyPublisherModule.java
        version
        PolicyVersionManager.java
        DefaultPolicyVersionManager.java
        PolicyRequestBuilder.java
        search
        SearchResult.java
        PolicySearch.java
        PolicyReader.java
        store
        PolicyDataStore.java
        DefaultPolicyDataStore.java
        RegistryPolicyStoreManageModule.java
        PolicyStoreManager.java
        PolicyStoreManageModule.java
        collection
        SimplePolicyCollection.java
        DefaultPolicyCollection.java
        PolicyCollection.java
        PolicyAttributeBuilder.java
        EntitlementException.java
        PAPStatusDataHandler.java
        util
        CarbonEntityResolver.java
        EntitlementUtil.java
        EntitlementService.java
        internal
        SchemaBuilder.java
        EntitlementExtensionBuilder.java
        EntitlementServiceComponent.java
        EntitlementConfigHolder.java
        pip
        CarbonAttributeFinder.java
        CarbonResourceFinder.java
        PIPExtension.java
        PIPAttributeFinder.java
        PIPResourceFinder.java
        DefaultAttributeFinder.java
        AbstractPIPResourceFinder.java
        AbstractPIPAttributeFinder.java
        DefaultResourceFinder.java
        wsxacml
        WSXACMLMessageReceiver.java
        XACMLHandler.java
        X509CredentialImpl.java
        PDPConstants.java
        StatusHolderComparator.java
        pap
        EntitlementDataFinderModule.java
        EntitlementAdminEngine.java
        EntitlementDataFinder.java
        CarbonEntitlementDataFinder.java
        store
        PAPPolicyStore.java
        PAPPolicyFinder.java
        PAPPolicyStoreManager.java
        PAPPolicyStoreReader.java
        PAPPolicyReader.java
        cache
        PolicyCacheUpdateListener.java
        IdentityCacheKey.java
        EntitlementEngineCache.java
        PolicySearchCache.java
        SimpleDecisionCache.java
        PolicyCacheCreatedListener.java
        PolicyStatus.java
        PIPAttributeCache.java
        EntitlementBaseCache.java
        DecisionCache.java
        IdentityCacheEntry.java
        PIPAbstractAttributeCache.java
        PolicyCache.java
        EntitlementPolicyAdminService.java
        thrift
        ThriftEntitlementServiceImpl.java
        EntitlementException.java
        ThriftConfigConstants.java
        EntitlementService.java
        EntitlementLRUCache.java
        EntitlementAdminService.java
        listener
        CacheClearingUserOperationListener.java
      - pom.xml
  - authentication-framework
    - org.wso2.carbon.identity.application.authentication.endpoint.util
      - src
        main
        resources
        TenantConfig.properties
        org
        wso2
        carbon
        identity
        application
        authentication
        endpoint
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        application
        authentication
        endpoint
        util
        TenantDataManager.java
        TenantMgtAdminServiceClient.java
        UserRegistrationAdminServiceClient.java
        Constants.java
        AuthenticationEndpointUtil.java
        AuthenticationException.java
        filter
        AuthenticationEndpointFilter.java
        listener
        AuthenticationEndpointContextListener.java
      - pom.xml
    - org.wso2.carbon.identity.application.authentication.framework
      - src
        main
        java
        org
        wso2
        carbon
        identity
        application
        authentication
        framework
        RequestPathApplicationAuthenticator.java
        AbstractApplicationAuthenticator.java
        LocalApplicationAuthenticator.java
        ApplicationAuthenticator.java
        context
        SessionContext.java
        AuthenticationContext.java
        AuthenticatorStatus.java
        util
        FrameworkConstants.java
        FrameworkUtils.java
        FederatedApplicationAuthenticator.java
        store
        SessionDataPersistTask.java
        SessionCleanUpService.java
        SessionContextDO.java
        SessionDataStore.java
        OperationCleanUpService.java
        config
        builder
        UIBasedConfigurationBuilder.java
        FileBasedConfigurationBuilder.java
        ConfigurationFacade.java
        model
        AuthenticatorConfig.java
        ApplicationConfig.java
        ExternalIdPConfig.java
        SequenceConfig.java
        StepConfig.java
        exception
        FrameworkException.java
        InvalidCredentialsException.java
        LogoutFailedException.java
        AuthenticationFailedException.java
        ApplicationAuthenticationException.java
        ApplicationAuthenticatorException.java
        AuthenticatorStateInfo.java
        CommonAuthenticationHandler.java
        internal
        FrameworkServiceComponent.java
        FrameworkServiceDataHolder.java
        inbound
        InboundAuthenticationContextCache.java
        InboundAuthenticationUtil.java
        InboundAuthenticationResponse.java
        InboundAuthenticationRequest.java
        InboundAuthenticationContextCacheEntry.java
        InboundAuthenticationConstants.java
        InboundAuthenticationContext.java
        InboundAuthenticationManager.java
        InboundAuthenticationContextCacheKey.java
        CommonInboundAuthenticationServlet.java
        InboundAuthenticationResponseProcessor.java
        AuthenticationFrameworkRuntimeException.java
        InboundAuthenticationRequestProcessor.java
        InboundAuthenticationRequestBuilder.java
        cache
        SessionContextCacheEntry.java
        AuthenticationResultCacheKey.java
        AuthenticationContextCache.java
        AuthenticationRequestCacheEntry.java
        AuthenticationContextCacheKey.java
        SessionContextCacheKey.java
        AuthenticationRequestCacheKey.java
        AuthenticationResultCacheEntry.java
        AuthenticationRequestCache.java
        AuthenticationContextCacheEntry.java
        AuthenticationResultCache.java
        SessionContextCache.java
        ApplicationAuthenticationService.java
        model
        CommonAuthRequestWrapper.java
        AuthenticationRequest.java
        CommonAuthResponseWrapper.java
        AuthenticationResult.java
        AuthenticatedUser.java
        AuthenticationFrameworkWrapper.java
        AuthenticatedIdPData.java
        servlet
        CommonAuthenticationServlet.java
        handler
        hrd
        impl
        DefaultHomeRealmDiscoverer.java
        HomeRealmDiscoverer.java
        step
        impl
        DefaultStepHandler.java
        StepHandler.java
        request
        impl
        DefaultAuthenticationRequestHandler.java
        DefaultRequestCoordinator.java
        DefaultLogoutRequestHandler.java
        LogoutRequestHandler.java
        RequestCoordinator.java
        AuthenticationRequestHandler.java
        provisioning
        impl
        DefaultProvisioningHandler.java
        ProvisioningHandler.java
        sequence
        impl
        DefaultRequestPathBasedSequenceHandler.java
        DefaultStepBasedSequenceHandler.java
        SequenceHandler.java
        RequestPathBasedSequenceHandler.java
        StepBasedSequenceHandler.java
        claims
        impl
        DefaultClaimHandler.java
        ClaimHandler.java
        listener
        AuthenticationEndpointTenantActivityListener.java
        AuthenticatorFlowStatus.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.application.authentication.endpoint
      - src
        main
        resources
        EndpointConfig.properties
        org
        wso2
        carbon
        identity
        application
        authentication
        endpoint
        i18n
        Resources.properties
        webapp
        create-account.jsp
        oauth2_error.jsp
        samlsso_notification.jsp
        domain.jsp
        basicauth.jsp
        libs
        jquery_1.11.3
        bootstrap_3.3.5
        fonts
        glyphicons-halflings-regular.woff
        glyphicons-halflings-regular.eot
        glyphicons-halflings-regular.woff2
        glyphicons-halflings-regular.ttf
        glyphicons-halflings-regular.svg
        js
        bootstrap.min.js
        bootstrap.js
        npm.js
        css
        bootstrap-theme.css.map
        bootstrap.min.css
        bootstrap.css
        bootstrap-theme.min.css
        bootstrap-theme.css
        tenantauth.jsp
        tenant_refresh_endpoint.jsp
        images
        openid-input.gif
        logo-inverse.svg
        repeat.jpg
        generic-exception-response.jsp
        openid.jsp
        registration.jsp
        fido-auth.jsp
        samlsso_redirect.jsp
        openid_profile.jsp
        oauth2_consent.jsp
        oauth2_authz.jsp
        fonts
        Roboto
        Roboto-Bold-webfont.ttf
        Roboto-Bold-webfont.svg
        Roboto-Bold-webfont.woff
        WEB-INF
        web.xml
        logout.jsp
        retry.jsp
        js
        scripts.js
        u2f-api.js
        login.jsp
        css
        localstyles.css
        openid-provider.css
        Roboto.css
        custom-common.css
        localstyles-ie7.css
        assets
        img
        js
        jquery-1.7.1.min.js
        html5.js
        css
        bootstrap.min.css
      - pom.xml
  - tools
    - pom.xml
    - samlsso-validator
      - pom.xml
      - org.wso2.carbon.identity.tools.saml.validator.ui
        src
        main
        resources
        web
        tools-saml
        images
        response_gen.gif
        sso.gif
        docs
        userguide.html
        css
        main.css
        saml_response_builder.jsp
        saml_request_validate.jsp
        IdentitySAMLValidatorService.wsdl
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        tools
        saml
        validator
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        tools
        saml
        validator
        ui
        client
        SAMLSSOValidatorServiceClient.java
        SAMLSSOUIUtil.java
        pom.xml
      - org.wso2.carbon.identity.tools.saml.validator
        src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        tools
        saml
        validator
        dto
        ValidatedItemDTO.java
        GeneratedResponseDTO.java
        processors
        SAMLAuthnRequestValidator.java
        SAMLResponseBuilder.java
        util
        SAMLValidatorUtil.java
        SAMLValidatorConstants.java
        SAMLValidatorService.java
        pom.xml
  - sts
    - org.wso2.carbon.identity.sts.passive.ui
      - src
        main
        resources
        IdentityPassiveSTSService.wsdl
        META-INF
        component.xml
        java
        org
        wso2
        carbon
        identity
        sts
        passive
        ui
        dto
        SessionDTO.java
        client
        IdentityPassiveSTSClient.java
        PassiveRequestorConstants.java
        util
        PassiveSTSUtil.java
        PassiveSTS.java
        cache
        SessionDataCacheEntry.java
        CacheKey.java
        SessionDataCacheKey.java
        SessionDataCache.java
        CacheEntry.java
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.sts.mgt
      - src
        main
        resources
        scenario19-policy.xml
        scenario-config.xml
        META-INF
        services.xml
        scenario18-policy.xml
        java
        org
        wso2
        carbon
        identity
        sts
        mgt
        STSObserver.java
        dto
        CardIssuerTokenDTO.java
        CardIssuerDTO.java
        IPPasswordCallbackHandler.java
        admin
        STSConfigAdmin.java
        STSConfigurationContextObserver.java
        internal
        IdentitySTSMgtServiceComponent.java
        TenantSTSObserver.java
        STSAdminService.java
        STSMgtConstants.java
      - pom.xml
    - org.wso2.carbon.identity.sts.passive
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        sts
        passive
        ClaimDTO.java
        utils
        QueryStringParser.java
        NoPersistenceTokenStore.java
        PassiveSTSUtil.java
        PassiveRequestorConstants.java
        processors
        SigningRequestProcessor.java
        PseudonymRequestProcessor.java
        SignoutRequestProcessor.java
        AttributeRequestProcessor.java
        RequestProcessor.java
        RequestProcessorFactory.java
        internal
        RegistryBasedTrustedServiceStore.java
        InMemoryTrustedServiceStore.java
        IdentityPassiveSTSServiceComponent.java
        ResponseToken.java
        RequestToken.java
        PassiveSTSService.java
      - pom.xml
    - org.wso2.carbon.sts
      - src
        main
        resources
        META-INF
        services.xml
        service.wsdl
        java
        org
        wso2
        carbon
        sts
        STSDeploymentListener.java
        internal
        STSServiceComponent.java
        STSServiceDataHolder.java
        STSDeploymentInterceptor.java
      - pom.xml
    - org.wso2.carbon.sts.ui
      - src
        main
        resources
        web
        sts
        images
        delete.gif
        type.gif
        extra_config.jsp
        index.jsp
        remove-trusted-service.jsp
        docs
        userguide.html
        org
        wso2
        carbon
        sts
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        sts
        ui
        STSUtil.java
      - pom.xml
    - org.wso2.carbon.identity.sts.mgt.ui
      - src
        main
        resources
        IdentitySTSAdminService.wsdl
        web
        generic-sts
        add-passive-sts-trusted-service.jsp
        images
        configure.gif
        sts.gif
        delete.gif
        passive-sts.jsp
        add-passive-sts-trusted-service-finish.jsp
        sts.jsp
        remove-passive-sts-trusted-service.jsp
        remove-trusted-service.jsp
        docs
        userguide.html
        identity-sts
        update_config.jsp
        configure.jsp
        images
        configure.gif
        cardIssuer.gif
        delete.gif
        index.jsp
        docs
        userguide.html
        STSAdmin.wsdl
        org
        wso2
        carbon
        identity
        sts
        mgt
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        sts
        mgt
        ui
        client
        CarbonSTSClient.java
        STSAdminServiceClient.java
      - pom.xml
    - org.wso2.carbon.identity.sts.store
      - src
        main
        java
        org
        wso2
        carbon
        identity
        sts
        store
        SerializableToken.java
        dao
        DBStsDAO.java
        DBTokenStore.java
        util
        STSStoreUtils.java
        internal
        STSStoreComponent.java
        JDBCTokenStore.java
        DBQueries.java
        STSMgtConstants.java
      - pom.xml
  - carbon-authenticators
    - signedjwt-authenticator
      - pom.xml
      - org.wso2.carbon.identity.authenticator.signedjwt
        src
        main
        java
        org
        wso2
        carbon
        identity
        authenticator
        signedjwt
        SignedJWTAuthenticator.java
        internal
        SignedJWTAuthenticatorServiceComponent.java
        pom.xml
    - pom.xml
    - saml2-sso-authenticator
      - org.wso2.carbon.identity.authenticator.saml2.sso.common
        src
        main
        java
        org
        wso2
        carbon
        identity
        authenticator
        saml2
        sso
        common
        FederatedSSOToken.java
        builders
        LogoutRequestBuilder.java
        SignKeyDataHolder.java
        AuthenticationRequestBuilder.java
        SAML2SSOUIAuthenticatorException.java
        util
        CarbonEntityResolver.java
        SAMLConstants.java
        SAML2SSOAuthenticatorConstants.java
        internal
        SAML2SSOAuthFEDataHolder.java
        Util.java
        SSOSessionManager.java
        pom.xml
      - pom.xml
      - org.wso2.carbon.identity.authenticator.saml2.sso.ui
        src
        main
        resources
        web
        sso-acs
        images
        reload.gif
        redirect_ajaxprocessor.jsp
        authFailure.jsp
        federation_ajaxprocessor.jsp
        notifications.jsp
        css
        authFailures.css
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        authenticator
        saml2
        sso
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        authenticator
        saml2
        sso
        ui
        client
        SAMLSSOServiceClient.java
        SAML2SSOAuthenticationClient.java
        internal
        SAML2SSOAuthenticatorUIDSComponent.java
        SAML2SSOAuthFEDataHolder.java
        filters
        LoginPageFilter.java
        SSOAssertionConsumerService.java
        session
        SSOSessionManager.java
        SessionClusterMessage.java
        authenticator
        SAML2SSOUIAuthenticator.java
        pom.xml
      - org.wso2.carbon.identity.authenticator.saml2.sso
        src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        authenticator
        saml2
        sso
        dto
        AuthnReqDTO.java
        util
        Util.java
        CarbonEntityResolver.java
        X509CredentialImpl.java
        SAML2SSOAuthenticator.java
        internal
        SAML2SSOAuthBEDataHolder.java
        SAML2SSOAuthenticatorDSComponent.java
        SAML2SSOAuthenticatorBEConstants.java
        SAML2SSOAuthenticatorException.java
        pom.xml
    - iwa-authenticator
      - pom.xml
      - org.wso2.carbon.identity.authenticator.iwa
        src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        authenticator
        iwa
        util
        IWADeploymentInterceptor.java
        internal
        IWAAuthenticatorDSComponent.java
        IWABEDataHolder.java
        IWAAuthenticator.java
        pom.xml
      - org.wso2.carbon.identity.authenticator.iwa.ui
        src
        main
        java
        org
        wso2
        carbon
        identity
        authenticator
        iwa
        ui
        IWAUIAuthenticator.java
        internal
        Activator.java
        pom.xml
    - thrift-authenticator
      - pom.xml
      - org.wso2.carbon.identity.authenticator.thrift
        src
        main
        resources
        thrift-authentication.xml
        authenticator.thrift
        java
        org
        wso2
        carbon
        identity
        thrift
        authentication
        TCPThriftAuthenticationService.java
        dao
        InMemoryThriftSessionDAO.java
        DBThriftSessionDAO.java
        ThriftSessionDAO.java
        AuthenticatorServlet.java
        exception
        ThriftAuthenticationException.java
        internal
        ThriftAuthenticationServiceComponent.java
        ThriftAuthenticatorServiceImpl.java
        util
        ThriftAuthenticationConstants.java
        ThriftAuthenticationDatabaseUtil.java
        ThriftAuthenticationConfigParser.java
        HostAddressFinder.java
        AuthenticatorServiceImpl.java
        persistance
        ThriftAuthenticationJDBCPersistenceManager.java
        generatedCode
        AuthenticatorService.java
        AuthenticationException.java
        ThriftAuthenticatorService.java
        pom.xml
    - mutual-ssl-authenticator
      - org.wso2.carbon.identity.authenticator.mutualssl
        src
        main
        java
        org
        wso2
        carbon
        identity
        authenticator
        mutualssl
        internal
        MutualSSLAuthenticatorServiceComponent.java
        MutualSSLAuthenticator.java
        pom.xml
      - pom.xml
  - oauth
    - org.wso2.carbon.identity.oauth
      - src
        main
        resources
        META-INF
        services.xml
        java
        org
        wso2
        carbon
        identity
        oauth2
        dto
        OAuth2TokenValidationResponseDTO.java
        OAuth2AuthorizeReqDTO.java
        OAuth2ClientValidationResponseDTO.java
        OAuth2AuthorizeRespDTO.java
        OAuth2IntrospectionResponseDTO.java
        OAuth2AccessTokenReqDTO.java
        OAuthRevocationResponseDTO.java
        OAuth2TokenValidationRequestDTO.java
        OAuth2ClientApplicationDTO.java
        OAuthRevocationRequestDTO.java
        OAuth2AccessTokenRespDTO.java
        dao
        AuthContextTokenDO.java
        SQLQueries.java
        TokenPersistenceTask.java
        AuthPersistenceTask.java
        TokenMgtDAO.java
        AccessContextTokenDO.java
        authz
        OAuthAuthzReqMessageContext.java
        handlers
        AbstractResponseTypeHandler.java
        CodeResponseTypeHandler.java
        TokenResponseTypeHandler.java
        ResponseTypeHandler.java
        AuthorizationHandlerManager.java
        authcontext
        AuthorizationContextTokenGenerator.java
        JWTTokenGenerator.java
        ClaimsRetriever.java
        DefaultClaimsRetriever.java
        validators
        DefaultOAuth2TokenValidator.java
        TokenValidationHandler.java
        OAuth2ScopeValidator.java
        SAML1GrantValidator.java
        OAuth2TokenValidationMessageContext.java
        OAuth2TokenValidator.java
        JDBCScopeValidator.java
        util
        OAuth2Util.java
        X509CredentialImpl.java
        OAuth2TokenValidationService.java
        OAuth2Service.java
        internal
        OAuth2ServiceComponentHolder.java
        OAuthUserStoreConfigListenerImpl.java
        OAuthTenantMgtListenerImpl.java
        OAuth2ServiceComponent.java
        OAuthApplicationMgtListener.java
        ResponseHeader.java
        IdentityOAuth2Exception.java
        token
        AccessTokenIssuer.java
        handlers
        grant
        AuthorizationCodeGrantHandler.java
        AbstractAuthorizationGrantHandler.java
        ClientCredentialsGrantHandler.java
        RefreshGrantHandler.java
        PasswordGrantHandler.java
        saml
        SAML1BearerGrantHandler.java
        CarbonKeyStoreCredentialResolver.java
        SAML2BearerGrantHandler.java
        SAML2TokenCallbackHandler.java
        iwa
        ntlm
        util
        SimpleRealm.java
        SimpleHttpSession.java
        SimpleFilterChain.java
        SimpleServletContext.java
        SimpleHttpResponse.java
        SimpleHttpRequest.java
        SimpleRequestDispatcher.java
        NTLMAuthenticationGrantHandlerWithHandshake.java
        NTLMAuthenticationGrantHandler.java
        AuthorizationGrantHandler.java
        clientauth
        BasicAuthClientAuthHandler.java
        AbstractClientAuthHandler.java
        ClientAuthenticationHandler.java
        OAuthTokenReqMessageContext.java
        model
        CarbonOAuthTokenRequest.java
        AccessTokenDO.java
        OAuth2Parameters.java
        RequestParameter.java
        AuthzCodeDO.java
        RefreshTokenValidationDataDO.java
        ClientCredentialDO.java
        ResourceScopeCacheEntry.java
        CarbonOAuthAuthzRequest.java
        openidconnect
        IDTokenBuilder.java
        RememberMeStore.java
        SAMLAssertionClaimsCallback.java
        CustomClaimsCallbackHandler.java
        DefaultIDTokenBuilder.java
        oauth
        dto
        OAuthConsumerDTO.java
        OAuthRevocationResponseDTO.java
        OAuthConsumerAppDTO.java
        OAuthMetaDataDTO.java
        OAuthRevocationRequestDTO.java
        dao
        OAuthAppDAO.java
        OAuthConsumerDAO.java
        OAuthAppDO.java
        SQLQueries.java
        Parameters.java
        IdentityOAuthAdminException.java
        user
        UserInfoResponseBuilder.java
        UserInfoRequestValidator.java
        UserInfoAccessTokenValidator.java
        UserInfoEndpointException.java
        UserInfoClaimRetriever.java
        OAuthService.java
        util
        ClaimCache.java
        ClaimCacheKey.java
        UserClaims.java
        config
        OAuthServerConfiguration.java
        OAuthCallbackHandlerMetaData.java
        internal
        OAuthServiceComponent.java
        OAuthComponentServiceHolder.java
        OAuthUtil.java
        OAuthAdminService.java
        cache
        AuthorizationGrantCache.java
        SessionDataCacheEntry.java
        AuthorizationGrantCacheKey.java
        CacheKey.java
        SessionDataCacheKey.java
        SessionDataCache.java
        OAuthCacheKey.java
        OAuthCache.java
        AppInfoCache.java
        CacheEntry.java
        AuthorizationGrantCacheEntry.java
        callback
        DefaultCallbackHandler.java
        OAuthCallback.java
        OAuthCallbackHandler.java
        OAuthCallbackManager.java
        AbstractOAuthCallbackHandler.java
        OAuthCallbackHandlerRegistry.java
        listener
        IdentityOathEventListener.java
        OAuthCacheRemoveListener.java
        tokenprocessor
        PlainTextPersistenceProcessor.java
        TokenPersistenceProcessor.java
        EncryptionDecryptionPersistenceProcessor.java
      - pom.xml
    - org.wso2.carbon.identity.oauth.endpoint
      - src
        main
        resources
        META-INF
        spring.schemas
        java
        org
        wso2
        carbon
        identity
        oauth
        endpoint
        authz
        OAuth2AuthzEndpoint.java
        user
        impl
        UserInfoJWTResponse.java
        UserInfoUserStoreClaimRetriever.java
        UserInfoEndpointConfig.java
        UserInfoISAccessTokenValidator.java
        UserInforRequestDefaultValidator.java
        UserInfoJSONResponseBuilder.java
        OpenIDConnectUserEndpoint.java
        revoke
        OAuthRevocationEndpoint.java
        CarbonOAuthASResponse.java
        util
        OpenIDConnectUserRPStore.java
        EndpointUtil.java
        ClaimUtil.java
        token
        OAuth2TokenEndpoint.java
        OAuthRequestWrapper.java
        webapp
        META-INF
        webapp-classloading.xml
        WEB-INF
        cxf-servlet.xml
        web.xml
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.oauth.ui
      - src
        main
        resources
        OAuthAdminService.wsdl
        web
        oauth
        images
        oauth.gif
        delete.gif
        remove-app.jsp
        edit-finish.jsp
        oauth-login-finish.jsp
        oauth-login.jsp
        my-oauth-app-remove-finish.jsp
        index.jsp
        edit.jsp
        my-oauth-apps-index.jsp
        add.jsp
        add-finish.jsp
        docs
        userguide.html
        META-INF
        component.xml
        org
        wso2
        carbon
        identity
        oauth
        ui
        i18n
        Resources.properties
        java
        org
        wso2
        carbon
        identity
        oauth
        ui
        client
        OAuthAdminClient.java
        OAuthServiceClient.java
        util
        OAuthUIUtil.java
        internal
        OAuthUIServiceComponent.java
        OAuthUIServiceComponentHolder.java
        OAuthServlet.java
      - pom.xml
    - org.wso2.carbon.identity.oauth.common
      - src
        main
        java
        org
        wso2
        carbon
        identity
        oauth
        common
        GrantType.java
        IDTokenTokenResponseValidator.java
        exception
        OAuthClientException.java
        InvalidOAuthClientException.java
        SAML2GrantValidator.java
        OAuth2ErrorCodes.java
        OAuthConstants.java
        NTLMAuthenticationValidator.java
        IDTokenResponseValidator.java
      - pom.xml
- README.md
- features
  - notification-mgt
    - org.wso2.carbon.identity.notification.mgt.server.feature
      - resources
        p2.inf
        msg-mgt.properties
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.notification.mgt.feature
      - pom.xml
  - security-mgt
    - pom.xml
    - org.wso2.carbon.security.mgt.ui.feature
      - pom.xml
    - org.wso2.carbon.security.mgt.server.feature
      - src
        main
        resources
        p2.inf
        build.properties
        conf
        jaas.conf
        krb5.conf
      - pom.xml
    - org.wso2.carbon.security.mgt.feature
      - pom.xml
  - sso-saml
    - pom.xml
    - org.wso2.carbon.identity.sso.saml.feature
      - pom.xml
    - org.wso2.carbon.identity.sso.saml.server.feature
      - resources
        p2.inf
        build.properties
        samlsso_response.html
        sso-idp-config.xml
      - pom.xml
    - org.wso2.carbon.identity.sso.saml.ui.feature
      - pom.xml
  - claim-mgt
    - pom.xml
    - org.wso2.carbon.claim.mgt.feature
      - pom.xml
    - org.wso2.carbon.claim.mgt.server.feature
      - resources
        p2.inf
        build.properties
        conf
        claim-config.xml
      - pom.xml
    - org.wso2.carbon.claim.mgt.ui.feature
      - pom.xml
  - identity-mgt
    - org.wso2.carbon.identity.mgt.ui.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.mgt.server.feature
      - resources
        p2.inf
        build.properties
        email-admin-config.xml
        identity-mgt.properties
      - pom.xml
    - org.wso2.carbon.identity.mgt.feature
      - pom.xml
  - openid
    - org.wso2.carbon.identity.provider.server.feature
      - resources
        p2.inf
        build.properties
        conf
        saml1-assertion-config.xml
        card.jpg
      - pom.xml
    - pom.xml
  - directory-server-manager
    - org.wso2.carbon.directory.service.mgr.ui.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.directory.service.mgr.feature
      - pom.xml
    - org.wso2.carbon.directory.service.mgr.server.feature
      - pom.xml
  - application-authenticators
    - pom.xml
    - social
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.social.server.feature
        pom.xml
    - openid
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.openid.server.feature
        pom.xml
    - basic-auth
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.basicauth.server.feature
        pom.xml
    - samlsso
      - org.wso2.carbon.identity.application.authenticator.samlsso.server.feature
        resources
        p2.inf
        samlsso_federate.html
        pom.xml
      - pom.xml
    - oidc
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.oidc.server.feature
        pom.xml
    - oauth-request-path-auth
      - org.wso2.carbon.identity.application.authenticator.requestpath.oauth.server.feature
        pom.xml
      - pom.xml
    - basicauth-request-path-auth
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.requestpath.basicauth.server.feature
        pom.xml
    - passive-sts
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.passive.sts.server.feature
        pom.xml
    - fido
      - pom.xml
      - org.wso2.carbon.identity.application.authenticator.fido.server.feature
        pom.xml
    - iwa
      - org.wso2.carbon.identity.application.authenticator.iwa.server.feature
        pom.xml
      - pom.xml
  - idp-mgt
    - pom.xml
    - org.wso2.carbon.idp.mgt.feature
      - pom.xml
    - org.wso2.carbon.idp.mgt.server.feature
      - resources
        p2.inf
        build.properties
        identity
        identity-providers
        default.xml
      - pom.xml
    - org.wso2.carbon.idp.mgt.ui.feature
      - pom.xml
  - scim
    - org.wso2.carbon.identity.scim.common.feature
      - resources
        p2.inf
        provisioning-config.xml
        scim-schema-extension.config
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.scim.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.scim.provider.feature
      - resources
        p2.inf
      - pom.xml
    - org.wso2.carbon.identity.scim.feature
      - pom.xml
  - agents
    - pom.xml
    - org.wso2.carbon.identity.sso.agent.server.feature
      - pom.xml
  - provisioning
    - org.wso2.carbon.identity.provisioning.connector.spml.server.feature
      - pom.xml
    - org.wso2.carbon.identity.provisioning.server.feature
      - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.salesforce.server.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.scim.server.feature
      - pom.xml
    - org.wso2.carbon.identity.provisioning.connector.google.server.feature
      - pom.xml
  - application-mgt
    - org.wso2.carbon.identity.application.mgt.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.application.mgt.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.application.mgt.server.feature
      - resources
        p2.inf
        build.properties
        identity
        service-providers
        default.xml
      - pom.xml
  - user-mgt
    - org.wso2.carbon.identity.user.registration.feature
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.user.profile.ui.feature
      - pom.xml
    - org.wso2.carbon.user.mgt.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.user.account.association.server.feature
      - pom.xml
    - org.wso2.carbon.identity.user.account.association.feature
      - pom.xml
    - org.wso2.carbon.identity.user.profile.server.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.ldap.server.server.feature
      - resources
        p2.inf
        build.properties
        conf
        embedded-ldap.xml
        identityPerson.ldif
        scimPerson.ldif
        wso2Person.ldif
      - pom.xml
    - org.wso2.carbon.user.mgt.feature
      - pom.xml
    - org.wso2.carbon.um.ws.service.client.feature
      - pom.xml
    - org.wso2.carbon.ldap.server.feature
      - pom.xml
    - org.wso2.carbon.identity.user.registration.server.feature
      - pom.xml
    - org.wso2.carbon.user.mgt.server.feature
      - pom.xml
    - org.wso2.carbon.identity.user.profile.feature
      - pom.xml
    - org.wso2.carbon.um.ws.service.feature
      - pom.xml
    - org.wso2.carbon.um.ws.service.server.feature
      - pom.xml
    - org.wso2.carbon.identity.account.mgt.menu.ui.feature
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow.feature
      - pom.xml
    - org.wso2.carbon.identity.user.registration.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.user.account.association.ui.feature
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow.server.feature
      - pom.xml
  - categories
    - outbound-authenticators
      - pom.xml
    - notification-mgt
      - pom.xml
    - outbound-authentication
      - pom.xml
    - keystore-mgt
      - pom.xml
    - inbound-authentication
      - pom.xml
    - pom.xml
    - inbound-autheticators
      - pom.xml
    - authorization
      - pom.xml
    - workflow
      - pom.xml
    - outbound-provisioning
      - pom.xml
    - inbound-provisioning-connectors
      - pom.xml
    - agents
      - pom.xml
    - user-mgt
      - pom.xml
    - inbound-provisioning
      - pom.xml
    - outbound-provisioning-connectors
      - pom.xml
    - sts
      - pom.xml
    - carbon-authenticators
      - pom.xml
  - workflow-mgt
    - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.feature
      - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.server.feature
      - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.ui.feature
      - pom.xml
  - identity-core
    - pom.xml
    - org.wso2.carbon.identity.core.feature
      - pom.xml
    - org.wso2.carbon.identity.core.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.core.server.feature
      - resources
        p2.inf
        identity_log_tokens.properties
        build.properties
        identity.xml
        dbscripts
        oracle.sql
        oracle_rac.sql
        informix.sql
        postgresql.sql
        mssql.sql
        db2.sql
        h2.sql
        mysql.sql
      - pom.xml
  - authentication-framework
    - org.wso2.carbon.identity.application.authentication.framework.server.feature
      - resources
        EndpointConfig.properties
        application-authentication.xml
        p2.inf
      - pom.xml
    - pom.xml
  - tools
    - pom.xml
    - org.wso2.carbon.identity.tools.saml.validator.feature
      - pom.xml
    - org.wso2.carbon.identity.tools.saml.validator.server.feature
      - pom.xml
    - org.wso2.carbon.identity.tools.saml.validator.ui.feature
      - pom.xml
  - xacml
    - org.wso2.carbon.identity.xacml.filter.feature
      - pom.xml
    - org.wso2.carbon.identity.xacml.feature
      - pom.xml
    - org.wso2.carbon.identity.xacml.server.feature
      - resources
        p2.inf
        policies
        sample-kmarket-blue-policy.xml
        sample-kmarket-gold-policy.xml
        sample-kmarket-sliver-policy.xml
        sample-xpath-policy-1.xml
        sample-xpath-policy-2.xml
        sample-kmarket-policy-set.xml
        entitlement.properties
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.xacml.ui.feature
      - pom.xml
  - sts
    - org.wso2.carbon.identity.sts.mgt.server.feature
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.sts.mgt.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.sts.passive.server.feature
      - resources
        p2.inf
        sts_response.html
      - pom.xml
    - org.wso2.carbon.identity.sts.passive.feature
      - pom.xml
    - org.wso2.carbon.identity.sts.mgt.feature
      - pom.xml
    - org.wso2.carbon.sts.ui.feature
      - pom.xml
    - org.wso2.carbon.sts.feature
      - pom.xml
    - org.wso2.carbon.identity.sts.passive.ui.feature
      - pom.xml
    - org.wso2.carbon.sts.server.feature
      - pom.xml
  - etc
    - feature.properties
  - carbon-authenticators
    - pom.xml
    - saml2-sso-authenticator
      - org.wso2.carbon.identity.authenticator.saml2.sso.server.feature
        pom.xml
      - pom.xml
      - org.wso2.carbon.identity.authenticator.saml2.sso.ui.feature
        pom.xml
      - org.wso2.carbon.identity.authenticator.saml2.sso.feature
        pom.xml
    - iwa-authenticator
      - pom.xml
      - org.wso2.carbon.identity.authenticator.iwa.ui.feature
        pom.xml
      - org.wso2.carbon.identity.authenticator.iwa.server.feature
        pom.xml
      - org.wso2.carbon.identity.authenticator.iwa.feature
        pom.xml
    - thrift-authenticator
      - org.wso2.carbon.identity.thrift.authentication.feature
        resources
        p2.inf
        thrift-authentication.xml
        pom.xml
      - pom.xml
    - mutual-ssl-authenticator
      - pom.xml
      - org.wso2.carbon.identity.authenticator.mutualssl.feature
        pom.xml
  - oauth
    - pom.xml
    - org.wso2.carbon.identity.oauth.common.feature
      - pom.xml
    - org.wso2.carbon.identity.oauth.feature
      - pom.xml
    - org.wso2.carbon.identity.oauth.ui.feature
      - pom.xml
    - org.wso2.carbon.identity.oauth.server.feature
      - resources
        p2.inf
      - pom.xml
- service-stubs
  - identity
    - org.wso2.carbon.um.ws.api.stub
      - src
        main
        resources
        RemoteProfileConfigurationManagerService.wsdl
        RemoteTenantManagerService.wsdl
        RemoteAuthorizationManagerService.wsdl
        RemoteClaimManagerService.wsdl
        RemoteUserRealmService.wsdl
        RemoteUserStoreManagerService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.authenticator.token.stub
      - src
        main
        resources
        AuthenticationAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.authenticator.fido.stub
      - src
        main
        resources
        FIDOService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.user.registration.stub
      - src
        main
        resources
        UserRegistrationAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.security.mgt.stub
      - src
        main
        resources
        SecurityConfigAdmin.wsdl
        KeyStoreAdmin.wsdl
      - pom.xml
    - org.wso2.carbon.identity.user.account.association.stub
      - src
        main
        resources
        UserAccountAssociationService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.mgt.stub
      - src
        main
        resources
        UserIdentityManagementAdminService.wsdl
        AccountCredentialMgtConfigService.wsdl
        UserIdentityManagementService.wsdl
        UserInformationRecoveryService.wsdl
      - pom.xml
    - org.wso2.carbon.directory.server.manager.stub
      - src
        main
        resources
        DirectoryServerManager.wsdl
      - pom.xml
    - org.wso2.carbon.identity.tools.saml.validator.stub
      - src
        main
        resources
        IdentitySAMLValidatorService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.user.store.configuration.stub
      - src
        main
        resources
        UserStoreConfigAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.provider.stub
      - src
        main
        resources
        XMPPConfigurationService.wsdl
        IdentityProviderAdminService.wsdl
        RelyingPartyAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.bps.stub
      - src
        main
        resources
        process_mgt.wsdl
        HumanTaskClientAPIAdmin.wsdl
        BPELUploader.wsdl
        xml.xsd
        package_mgt.wsdl
        ws-humantask-types.xsd
        bps_management.xsd
        HumanTaskUploader.wsdl
      - pom.xml
    - org.wso2.carbon.identity.application.mgt.stub
      - src
        main
        resources
        IdentityApplicationManagementService.wsdl
      - pom.xml
    - pom.xml
    - org.wso2.carbon.identity.authenticator.iwa.stub
      - src
        main
        resources
        IWAAuthenticator.wsdl
      - pom.xml
    - org.wso2.carbon.identity.sts.mgt.stub
      - src
        main
        resources
        IdentitySTSAdminService.wsdl
        STSAdmin.wsdl
      - pom.xml
    - org.wso2.carbon.identity.workflow.impl.stub
      - src
        main
        resources
        WorkflowImplAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.workflow.mgt.stub
      - src
        main
        resources
        WorkflowAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.sts.passive.stub
      - src
        main
        resources
        IdentityPassiveSTSService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.oauth.stub
      - src
        main
        resources
        OAuthAdminService.wsdl
        OAuth2TokenValidationService.wsdl
        OAuthService.wsdl
      - pom.xml
    - org.wso2.carbon.user.mgt.stub
      - src
        main
        resources
        UserAdmin.wsdl
        MultipleCredentialsUserAdmin.wsdl
      - pom.xml
    - org.wso2.carbon.identity.authenticator.webseal.stub
      - src
        main
        resources
        WebSealAuthenticator.wsdl
      - pom.xml
    - org.wso2.carbon.identity.provider.openid.stub
      - src
        main
        resources
        OpenIDProviderService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.entitlement.stub
      - src
        main
        resources
        EntitlementPolicyAdminService.wsdl
        EntitlementAdminService.wsdl
        EntitlementService.wsdl
      - pom.xml
    - org.wso2.carbon.sts.stub
      - src
        main
        resources
        STSAdmin.wsdl
      - pom.xml
    - org.wso2.carbon.idp.mgt.stub
      - src
        main
        resources
        IdentityProviderMgtService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.scim.common.stub
      - src
        main
        resources
        SCIMConfigAdminService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.user.profile.stub
      - src
        main
        resources
        UserProfileMgt.wsdl
      - pom.xml
    - org.wso2.carbon.user.mgt.workflow.stub
      - src
        main
        resources
        UserManagementWorkflowService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.authenticator.saml2.sso.stub
      - src
        main
        resources
        SAML2SSOAuthenticationService.wsdl
      - pom.xml
    - org.wso2.carbon.claim.mgt.stub
      - src
        main
        resources
        ClaimManagementService.wsdl
      - pom.xml
    - org.wso2.carbon.identity.sso.saml.stub
      - src
        main
        resources
        IdentitySAMLSSOConfigService.wsdl
        IdentitySAMLSSOService.wsdl
      - pom.xml
- .gitignore
- LICENSE.txt

/*
 * Copyright (c) 2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 * WSO2 Inc. licenses this file to you under the Apache License,
 *  Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.wso2.carbon.identity.sso.saml.util;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xerces.impl.Constants;
import org.apache.xerces.util.SecurityManager;
import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.EncryptedAssertion;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.saml2.core.RequestAbstractType;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallerFactory;
import org.opensaml.xml.io.Unmarshaller;
import org.opensaml.xml.io.UnmarshallerFactory;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.signature.SignableXMLObject;
import org.opensaml.xml.util.Base64;
import org.osgi.framework.BundleContext;
import org.osgi.service.http.HttpService;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.bootstrap.DOMImplementationRegistry;
import org.w3c.dom.ls.DOMImplementationLS;
import org.w3c.dom.ls.LSOutput;
import org.w3c.dom.ls.LSSerializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.SAML2SSOFederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
import org.wso2.carbon.identity.base.IdentityConstants;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.sso.saml.SAMLSSOConstants;
import org.wso2.carbon.identity.sso.saml.SSOServiceProviderConfigManager;
import org.wso2.carbon.identity.sso.saml.builders.DefaultResponseBuilder;
import org.wso2.carbon.identity.sso.saml.builders.ErrorResponseBuilder;
import org.wso2.carbon.identity.sso.saml.builders.ResponseBuilder;
import org.wso2.carbon.identity.sso.saml.builders.X509CredentialImpl;
import org.wso2.carbon.identity.sso.saml.builders.assertion.SAMLAssertionBuilder;
import org.wso2.carbon.identity.sso.saml.builders.encryption.SSOEncrypter;
import org.wso2.carbon.identity.sso.saml.builders.signature.SSOSigner;
import org.wso2.carbon.identity.sso.saml.dto.QueryParamDTO;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOAuthnReqDTO;
import org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2SSOException;
import org.wso2.carbon.identity.sso.saml.processors.IdPInitLogoutRequestProcessor;
import org.wso2.carbon.identity.sso.saml.processors.IdPInitSSOAuthnRequestProcessor;
import org.wso2.carbon.identity.sso.saml.processors.SPInitLogoutRequestProcessor;
import org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor;
import org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager;
import org.wso2.carbon.identity.sso.saml.validators.IdPInitSSOAuthnRequestValidator;
import org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectSignatureValidator;
import org.wso2.carbon.identity.sso.saml.validators.SPInitSSOAuthnRequestValidator;
import org.wso2.carbon.identity.sso.saml.validators.SSOAuthnRequestValidator;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.ConfigurationContextService;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;

import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import java.util.zip.DataFormatException;
import java.util.zip.Deflater;
import java.util.zip.DeflaterOutputStream;
import java.util.zip.Inflater;
import java.util.zip.InflaterInputStream;

public class SAMLSSOUtil {

    private static final char[] charMapping = {'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
            'k', 'l', 'm', 'n', 'o', 'p'};
    private static final Set<Character> UNRESERVED_CHARACTERS = new HashSet<>();
    private static final ThreadLocal<Boolean> isSaaSApplication = new ThreadLocal<>();
    private static final ThreadLocal<String> userTenantDomainThreadLocal = new ThreadLocal<>();
    private static final String DefaultAssertionBuilder = "org.wso2.carbon.identity.sso.saml.builders.assertion.DefaultSAMLAssertionBuilder";
    private static final String SECURITY_MANAGER_PROPERTY = Constants.XERCES_PROPERTY_PREFIX +
            Constants.SECURITY_MANAGER_PROPERTY;
    private static final int ENTITY_EXPANSION_LIMIT = 0;

    static {
        for (char c = 'a'; c <= 'z'; c++)
            UNRESERVED_CHARACTERS.add(Character.valueOf(c));

        for (char c = 'A'; c <= 'A'; c++)
            UNRESERVED_CHARACTERS.add(Character.valueOf(c));

        for (char c = '0'; c <= '9'; c++)
            UNRESERVED_CHARACTERS.add(Character.valueOf(c));

        UNRESERVED_CHARACTERS.add(Character.valueOf('-'));
        UNRESERVED_CHARACTERS.add(Character.valueOf('.'));
        UNRESERVED_CHARACTERS.add(Character.valueOf('_'));
        UNRESERVED_CHARACTERS.add(Character.valueOf('~'));
    }

    private static Log log = LogFactory.getLog(SAMLSSOUtil.class);
    private static RegistryService registryService;
    private static TenantRegistryLoader tenantRegistryLoader;
    private static BundleContext bundleContext;
    private static RealmService realmService;
    private static ConfigurationContextService configCtxService;
    private static HttpService httpService;
    private static boolean isBootStrapped = false;
    private static Random random = new Random();
    private static int singleLogoutRetryCount = 5;
    private static long singleLogoutRetryInterval = 60000;
    private static String responseBuilderClassName = null;
    private static SAMLAssertionBuilder samlAssertionBuilder = null;
    private static SSOEncrypter ssoEncrypter = null;
    private static SSOSigner ssoSigner = null;
    private static SAML2HTTPRedirectSignatureValidator samlHTTPRedirectSignatureValidator = null;
    private static String sPInitSSOAuthnRequestValidatorClassName = null;
    private static String iDPInitSSOAuthnRequestValidatorClassName = null;
    private static ThreadLocal tenantDomainInThreadLocal = new ThreadLocal();
    private static String idPInitLogoutRequestProcessorClassName = null;
    private static String idPInitSSOAuthnRequestProcessorClassName = null;
    private static String sPInitSSOAuthnRequestProcessorClassName = null;
    private static String sPInitLogoutRequestProcessorClassName = null;

    private SAMLSSOUtil() {
    }

    public static boolean isSaaSApplication() {

        if (isSaaSApplication == null) {
            // this is the default behavior.
            return true;
        }

        Boolean value = isSaaSApplication.get();

        if (value != null) {
            return value;
        }

        return false;
    }

    public static void setIsSaaSApplication(boolean isSaaSApp) {
        isSaaSApplication.set(isSaaSApp);
    }

    public static void removeSaaSApplicationThreaLocal() {
        isSaaSApplication.remove();
    }

    public static String getUserTenantDomain() {

        if (userTenantDomainThreadLocal == null) {
            // this is the default behavior.
            return null;
        }

        return userTenantDomainThreadLocal.get();
    }

    public static void setUserTenantDomain(String tenantDomain) throws UserStoreException, IdentityException {

        tenantDomain = validateTenantDomain(tenantDomain);
        if (tenantDomain != null) {
            userTenantDomainThreadLocal.set(tenantDomain);
        }
    }

    public static void removeUserTenantDomainThreaLocal() {
        userTenantDomainThreadLocal.remove();
    }

    public static BundleContext getBundleContext() {
        return SAMLSSOUtil.bundleContext;
    }

    public static void setBundleContext(BundleContext bundleContext) {
        SAMLSSOUtil.bundleContext = bundleContext;
    }

    public static RegistryService getRegistryService() {
        return registryService;
    }

    public static void setRegistryService(RegistryService registryService) {
        SAMLSSOUtil.registryService = registryService;
    }

    public static TenantRegistryLoader getTenantRegistryLoader() {
        return tenantRegistryLoader;
    }

    public static void setTenantRegistryLoader(TenantRegistryLoader tenantRegistryLoader) {
        SAMLSSOUtil.tenantRegistryLoader = tenantRegistryLoader;
    }

    public static RealmService getRealmService() {
        return realmService;
    }

    public static void setRealmService(RealmService realmService) {
        SAMLSSOUtil.realmService = realmService;
    }

    public static ConfigurationContextService getConfigCtxService() {
        return configCtxService;
    }

    public static void setConfigCtxService(ConfigurationContextService configCtxService) {
        SAMLSSOUtil.configCtxService = configCtxService;
    }

    public static HttpService getHttpService() {
        return httpService;
    }

    public static void setHttpService(HttpService httpService) {
        SAMLSSOUtil.httpService = httpService;
    }

    /**
     * Constructing the AuthnRequest Object from a String
     *
     * @param authReqStr Decoded AuthReq String
     * @return AuthnRequest Object
     * @throws org.wso2.carbon.identity.base.IdentityException
     */
    public static XMLObject unmarshall(String authReqStr) throws IdentityException {
        InputStream inputStream = null;
        try {
            doBootstrap();
            DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
            documentBuilderFactory.setNamespaceAware(true);

            documentBuilderFactory.setExpandEntityReferences(false);
            documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
            SecurityManager securityManager = new SecurityManager();
            securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT);
            documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager);

            DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
            docBuilder.setEntityResolver(new CarbonEntityResolver());
            inputStream = new ByteArrayInputStream(authReqStr.trim().getBytes(StandardCharsets.UTF_8));
            Document document = docBuilder.parse(inputStream);
            Element element = document.getDocumentElement();
            UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
            Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
            return unmarshaller.unmarshall(element);
        } catch (Exception e) {
            log.error("Error in constructing AuthRequest from the encoded String", e);
            throw IdentityException.error(
                    "Error in constructing AuthRequest from the encoded String ",
                    e);
        } finally {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                    log.error("Error while closing the stream", e);
                }
            }
        }
    }

    /**
     * Serialize the Auth. Request
     *
     * @param xmlObject
     * @return serialized auth. req
     */
    public static String marshall(XMLObject xmlObject) throws IdentityException {

        ByteArrayOutputStream byteArrayOutputStrm = null;
        try {
            doBootstrap();
            System.setProperty("javax.xml.parsers.DocumentBuilderFactory",
                    "org.apache.xerces.jaxp.DocumentBuilderFactoryImpl");

            MarshallerFactory marshallerFactory = org.opensaml.xml.Configuration.getMarshallerFactory();
            Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
            Element element = marshaller.marshall(xmlObject);

            byteArrayOutputStrm = new ByteArrayOutputStream();
            DOMImplementationRegistry registry = DOMImplementationRegistry.newInstance();
            DOMImplementationLS impl = (DOMImplementationLS) registry.getDOMImplementation("LS");
            LSSerializer writer = impl.createLSSerializer();
            LSOutput output = impl.createLSOutput();
            output.setByteStream(byteArrayOutputStrm);
            writer.write(element, output);
            return byteArrayOutputStrm.toString("UTF-8");
        } catch (Exception e) {
            log.error("Error Serializing the SAML Response");
            throw IdentityException.error("Error Serializing the SAML Response", e);
        } finally {
            if (byteArrayOutputStrm != null) {
                try {
                    byteArrayOutputStrm.close();
                } catch (IOException e) {
                    log.error("Error while closing the stream", e);
                }
            }
        }
    }

    /**
     * Encoding the response
     *
     * @param xmlString String to be encoded
     * @return encoded String
     */
    public static String encode(String xmlString) {
        // Encoding the message
        String encodedRequestMessage =
                Base64.encodeBytes(xmlString.getBytes(StandardCharsets.UTF_8),
                        Base64.DONT_BREAK_LINES);
        return encodedRequestMessage.trim();
    }

    /**
     * Decoding and deflating the encoded AuthReq
     *
     * @param encodedStr encoded AuthReq
     * @return decoded AuthReq
     */
    public static String decode(String encodedStr) throws IdentityException {
        try {
            org.apache.commons.codec.binary.Base64 base64Decoder =
                    new org.apache.commons.codec.binary.Base64();
            byte[] xmlBytes = encodedStr.getBytes("UTF-8");
            byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);

            try {
                Inflater inflater = new Inflater(true);
                inflater.setInput(base64DecodedByteArray);
                byte[] xmlMessageBytes = new byte[5000];
                int resultLength = inflater.inflate(xmlMessageBytes);

                if (!inflater.finished() ){
                    throw new RuntimeException("End of the compressed data stream has NOT been reached");
                }

                inflater.end();
                String decodedString = new String(xmlMessageBytes, 0, resultLength, "UTF-8");
                if (log.isDebugEnabled()) {
                    log.debug("Request message " + decodedString);
                }
                return decodedString;

            } catch (DataFormatException e) {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(base64DecodedByteArray);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                InflaterInputStream iis = new InflaterInputStream(byteArrayInputStream);
                byte[] buf = new byte[1024];
                int count = iis.read(buf);
                while (count != -1) {
                    byteArrayOutputStream.write(buf, 0, count);
                    count = iis.read(buf);
                }
                iis.close();
                String decodedStr = new String(byteArrayOutputStream.toByteArray(), StandardCharsets.UTF_8);
                if (log.isDebugEnabled()) {
                    log.debug("Request message " + decodedStr, e);
                }
                return decodedStr;
            }
        } catch (IOException e) {
            throw IdentityException.error("Error when decoding the SAML Request.", e);
        }

    }


    public static String decodeForPost(String encodedStr)
            throws IdentityException {
        try {
            org.apache.commons.codec.binary.Base64 base64Decoder = new org.apache.commons.codec.binary.Base64();
            byte[] xmlBytes = encodedStr.getBytes("UTF-8");
            byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);

            String decodedString = new String(base64DecodedByteArray, "UTF-8");
            if (log.isDebugEnabled()) {
                log.debug("Request message " + decodedString);
            }
            return decodedString;

        } catch (IOException e) {
            throw IdentityException.error(
                    "Error when decoding the SAML Request.", e);
        }

    }

    /**
     * Get the Issuer
     *
     * @return Issuer
     */
    public static Issuer getIssuer() throws IdentityException {

        return getIssuerFromTenantDomain(getTenantDomainFromThreadLocal());
    }

    public static Issuer getIssuerFromTenantDomain(String tenantDomain) throws IdentityException {

        Issuer issuer = new IssuerBuilder().buildObject();
        String idPEntityId = null;
        IdentityProvider identityProvider;
        int tenantId;

        if (StringUtils.isEmpty(tenantDomain) || "null".equals(tenantDomain)) {
            tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
            tenantId = MultitenantConstants.SUPER_TENANT_ID;
        } else {
            try {
                tenantId = SAMLSSOUtil.getRealmService().getTenantManager().getTenantId(tenantDomain);
            } catch (UserStoreException e) {
                throw IdentityException.error("Error occurred while retrieving tenant id from tenant domain", e);
            }

            if(MultitenantConstants.INVALID_TENANT_ID == tenantId) {
                throw IdentityException.error("Invalid tenant domain - '" + tenantDomain + "'" );
            }
        }

        IdentityTenantUtil.initializeRegistry(tenantId, tenantDomain);

        try {
            identityProvider = IdentityProviderManager.getInstance().getResidentIdP(tenantDomain);
        } catch (IdentityProviderManagementException e) {
            throw IdentityException.error(
                    "Error occurred while retrieving Resident Identity Provider information for tenant " +
                    tenantDomain, e);
        }
        FederatedAuthenticatorConfig[] authnConfigs = identityProvider.getFederatedAuthenticatorConfigs();
        for (FederatedAuthenticatorConfig config : authnConfigs) {
            if (IdentityApplicationConstants.Authenticator.SAML2SSO.NAME.equals(config.getName())) {
                SAML2SSOFederatedAuthenticatorConfig samlFedAuthnConfig = new SAML2SSOFederatedAuthenticatorConfig(config);
                idPEntityId = samlFedAuthnConfig.getIdpEntityId();
            }
        }
        if (idPEntityId == null) {
            idPEntityId = IdentityUtil.getProperty(IdentityConstants.ServerConfig.ENTITY_ID);
        }
        issuer.setValue(idPEntityId);
        issuer.setFormat(SAMLSSOConstants.NAME_ID_POLICY_ENTITY);
        return issuer;
    }

    /**
     *
     * @param tenantDomain
     * @return set of destination urls of resident identity provider
     * @throws IdentityException
     */

    public static List<String> getDestinationFromTenantDomain(String tenantDomain) throws IdentityException {

        List<String> destinationURLs = new ArrayList<String>();
        IdentityProvider identityProvider;

        try {
            identityProvider = IdentityProviderManager.getInstance().getResidentIdP(tenantDomain);
        } catch (IdentityProviderManagementException e) {
            throw IdentityException.error(
                    "Error occurred while retrieving Resident Identity Provider information for tenant " +
                            tenantDomain, e);
        }
        FederatedAuthenticatorConfig[] authnConfigs = identityProvider.getFederatedAuthenticatorConfigs();
        destinationURLs.addAll(IdentityApplicationManagementUtil.getPropertyValuesForNameStartsWith(authnConfigs,
                IdentityApplicationConstants.Authenticator.SAML2SSO.NAME, IdentityApplicationConstants.Authenticator
                        .SAML2SSO.DESTINATION_URL_PREFIX));
        if (destinationURLs.size() == 0) {
            String configDestination = IdentityUtil.getProperty(IdentityConstants.ServerConfig.SSO_IDP_URL);
            if (StringUtils.isBlank(configDestination)) {
                configDestination = IdentityUtil.getServerURL(SAMLSSOConstants.SAMLSSO_URL, true, true);
            }
            destinationURLs.add(configDestination);
        }

        return destinationURLs;
    }

    public static void doBootstrap() {
        if (!isBootStrapped) {
            try {
                DefaultBootstrap.bootstrap();
                isBootStrapped = true;
            } catch (ConfigurationException e) {
                log.error("Error in bootstrapping the OpenSAML2 library", e);
            }
        }
    }

    /**
     * Sign the SAML Assertion
     *
     * @param response
     * @param signatureAlgorithm
     * @param digestAlgorithm
     * @param cred
     * @return
     * @throws IdentityException
     */
    public static Assertion setSignature(Assertion response, String signatureAlgorithm, String digestAlgorithm,
                                         X509Credential cred) throws IdentityException {

        return (Assertion) doSetSignature(response, signatureAlgorithm, digestAlgorithm, cred);
    }

    /**
     * Sign the SAML Response message
     *
     * @param response
     * @param signatureAlgorithm
     * @param digestAlgorithm
     * @param cred
     * @return
     * @throws IdentityException
     */
    public static Response setSignature(Response response, String signatureAlgorithm, String digestAlgorithm,
                                        X509Credential cred) throws IdentityException {

        return (Response) doSetSignature(response, signatureAlgorithm, digestAlgorithm, cred);
    }

    /**
     * Sign the SAML LogoutResponse message
     *
     * @param response
     * @param signatureAlgorithm
     * @param digestAlgorithm
     * @param cred
     * @return
     * @throws IdentityException
     */
    public static LogoutResponse setSignature(LogoutResponse response, String signatureAlgorithm, String
            digestAlgorithm, X509Credential cred) throws IdentityException {

        return (LogoutResponse) doSetSignature(response, signatureAlgorithm, digestAlgorithm, cred);
    }

    /**
     *  Sign SAML Logout Request message
     *
     * @param request
     * @param signatureAlgorithm
     * @param digestAlgorithm
     * @param cred
     * @return
     * @throws IdentityException
     */
    public static LogoutRequest setSignature(LogoutRequest request, String signatureAlgorithm, String
            digestAlgorithm, X509Credential cred) throws IdentityException {

        return (LogoutRequest) doSetSignature(request, signatureAlgorithm, digestAlgorithm, cred);
    }

    /**
     * Generic method to sign SAML Logout Request
     *
     * @param request
     * @param signatureAlgorithm
     * @param digestAlgorithm
     * @param cred
     * @return
     * @throws IdentityException
     */
    private static SignableXMLObject doSetSignature(SignableXMLObject request, String signatureAlgorithm, String
            digestAlgorithm, X509Credential cred) throws IdentityException {

            doBootstrap();
            try {
                synchronized (Runtime.getRuntime().getClass()) {
                    ssoSigner = (SSOSigner) Class.forName(IdentityUtil.getProperty(
                            "SSOService.SAMLSSOSigner").trim()).newInstance();
                    ssoSigner.init();
                }

                return ssoSigner.setSignature(request, signatureAlgorithm, digestAlgorithm, cred);

            } catch (ClassNotFoundException e) {
                throw IdentityException.error("Class not found: "
                                            + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (InstantiationException e) {
                throw IdentityException.error("Error while instantiating class: "
                                            + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (IllegalAccessException e) {
                throw IdentityException.error("Illegal access to class: "
                                            + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (Exception e) {
                throw IdentityException.error("Error while signing the XML object.", e);
            }
    }

    public static EncryptedAssertion setEncryptedAssertion(Assertion assertion, String encryptionAlgorithm,
                                                           String alias, String domainName) throws IdentityException {
        doBootstrap();
        try {
            X509Credential cred = SAMLSSOUtil.getX509CredentialImplForTenant(domainName, alias);

            synchronized (Runtime.getRuntime().getClass()) {
                ssoEncrypter = (SSOEncrypter) Class.forName(IdentityUtil.getProperty(
                        "SSOService.SAMLSSOEncrypter").trim()).newInstance();
                ssoEncrypter.init();
            }
            return ssoEncrypter.doEncryptedAssertion(assertion, cred, alias, encryptionAlgorithm);
        } catch (ClassNotFoundException e) {
            throw IdentityException.error("Class not found: "
                    + IdentityUtil.getProperty("SSOService.SAMLSSOEncrypter"), e);
        } catch (InstantiationException e) {
            throw IdentityException.error("Error while instantiating class: "
                    + IdentityUtil.getProperty("SSOService.SAMLSSOEncrypter"), e);
        } catch (IllegalAccessException e) {
            throw IdentityException.error("Illegal access to class: "
                    + IdentityUtil.getProperty("SSOService.SAMLSSOEncrypter"), e);
        } catch (Exception e) {
            throw IdentityException.error("Error while signing the SAML Response message.", e);
        }
    }

    public static Assertion buildSAMLAssertion(SAMLSSOAuthnReqDTO authReqDTO, DateTime notOnOrAfter,
                                               String sessionId) throws IdentityException {

        doBootstrap();
        String assertionBuilderClass = null;
        try {
            assertionBuilderClass = IdentityUtil.getProperty("SSOService.SAMLSSOAssertionBuilder").trim();
            if (StringUtils.isBlank(assertionBuilderClass)) {
                assertionBuilderClass = DefaultAssertionBuilder;
            }
        } catch (Exception e) {
            if (log.isDebugEnabled()) {
                log.debug("SAMLSSOAssertionBuilder configuration is set to default builder ", e);
            }
            assertionBuilderClass = DefaultAssertionBuilder;
        }

        try {

            synchronized (Runtime.getRuntime().getClass()) {
                samlAssertionBuilder = (SAMLAssertionBuilder) Class.forName(assertionBuilderClass).newInstance();
                samlAssertionBuilder.init();
            }
            return samlAssertionBuilder.buildAssertion(authReqDTO, notOnOrAfter, sessionId);

        } catch (ClassNotFoundException e) {
            throw IdentityException.error("Class not found: "
                    + assertionBuilderClass, e);
        } catch (InstantiationException e) {
            throw IdentityException.error("Error while instantiating class: "
                    + assertionBuilderClass, e);
        } catch (IllegalAccessException e) {
            throw IdentityException.error("Illegal access to class: "
                    + assertionBuilderClass, e);
        } catch (Exception e) {
            throw IdentityException.error("Error while building the saml assertion", e);
        }
    }

    public static String createID() {

        byte[] bytes = new byte[20]; // 160 bits
        random.nextBytes(bytes);

        char[] chars = new char[40];

        for (int i = 0; i < bytes.length; i++) {
            int left = (bytes[i] >> 4) & 0x0f;
            int right = bytes[i] & 0x0f;
            chars[i * 2] = charMapping[left];
            chars[i * 2 + 1] = charMapping[right];
        }

        return String.valueOf(chars);
    }

    /**
     * Generate the key store name from the domain name
     *
     * @param tenantDomain tenant domain name
     * @return key store file name
     */
    public static String generateKSNameFromDomainName(String tenantDomain) {
        String ksName = tenantDomain.trim().replace(".", "-");
        return ksName + ".jks";
    }

    /**
     * Get the X509CredentialImpl object for a particular tenant
     *
     * @param tenantDomain
     * @param alias
     * @return X509CredentialImpl object containing the public certificate of
     * that tenant
     * @throws org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2SSOException Error when creating X509CredentialImpl object
     */
    public static X509CredentialImpl getX509CredentialImplForTenant(String tenantDomain, String alias)
            throws IdentitySAML2SSOException {

        if (tenantDomain == null || tenantDomain.trim().isEmpty() || alias == null || alias.trim().isEmpty()) {
            throw new IllegalArgumentException("Invalid parameters; domain name : " + tenantDomain + ", " +
                    "alias : " + alias);
        }
        int tenantId;
        try {
            tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            String errorMsg = "Error getting the tenant ID for the tenant domain : " + tenantDomain;
            throw new IdentitySAML2SSOException(errorMsg, e);
        }

        KeyStoreManager keyStoreManager;
        // get an instance of the corresponding Key Store Manager instance
        keyStoreManager = KeyStoreManager.getInstance(tenantId);

        X509CredentialImpl credentialImpl = null;
        KeyStore keyStore;

        try {
            if (tenantId != -1234) {// for tenants, load private key from their generated key store
                keyStore = keyStoreManager.getKeyStore(generateKSNameFromDomainName(tenantDomain));
            } else { // for super tenant, load the default pub. cert using the
                // config. in carbon.xml
                keyStore = keyStoreManager.getPrimaryKeyStore();
            }
            java.security.cert.X509Certificate cert =
                    (java.security.cert.X509Certificate) keyStore.getCertificate(alias);
            credentialImpl = new X509CredentialImpl(cert);

        } catch (Exception e) {
            String errorMsg = "Error instantiating an X509CredentialImpl object for the public certificate of " + tenantDomain;
            throw new IdentitySAML2SSOException(errorMsg, e);
        }
        return credentialImpl;
    }

    /**
     * Validates the request message's signature. Validates the signature of
     * both HTTP POST Binding and HTTP Redirect Binding.
     *
     * @param authnReqDTO
     * @return
     */
    public static boolean validateAuthnRequestSignature(SAMLSSOAuthnReqDTO authnReqDTO) {

        if (log.isDebugEnabled()) {
            log.debug("Validating SAML Request signature");
        }

        String domainName = authnReqDTO.getTenantDomain();
        if (authnReqDTO.isStratosDeployment()) {
            domainName = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
        }
        String alias = authnReqDTO.getCertAlias();
        RequestAbstractType request = null;
        try {
            String decodedReq = null;

            if (authnReqDTO.getQueryString() != null) {
                decodedReq = SAMLSSOUtil.decode(authnReqDTO.getRequestMessageString());
            } else {
                decodedReq = SAMLSSOUtil.decodeForPost(authnReqDTO.getRequestMessageString());
            }

            request = (RequestAbstractType) SAMLSSOUtil.unmarshall(decodedReq);
        } catch (IdentityException e) {
            if (log.isDebugEnabled()) {
                log.debug("Signature Validation failed for the SAMLRequest : Failed to unmarshall the SAML Assertion", e);
            }
        }

        try {
            if (authnReqDTO.getQueryString() != null) {
                // DEFLATE signature in Redirect Binding
                return validateDeflateSignature(authnReqDTO.getQueryString(), authnReqDTO.getIssuer(), alias,
                        domainName);
            } else {
                // XML signature in SAML Request message for POST Binding
                return validateXMLSignature(request, alias, domainName);
            }
        } catch (IdentityException e) {
            if (log.isDebugEnabled()) {
                log.debug("Signature Validation failed for the SAMLRequest : Failed to validate the SAML Assertion", e);
            }
            return false;
        }
    }

    /**
     * Validates the signature of the LogoutRequest message.
     * TODO : for stratos deployment, super tenant key should be used
     * @param logoutRequest
     * @param alias
     * @param subject
     * @param queryString
     * @return
     * @throws IdentityException
     */
    public static boolean validateLogoutRequestSignature(LogoutRequest logoutRequest, String alias,
                                                         String subject, String queryString) throws IdentityException {

        String domainName = getTenantDomainFromThreadLocal();
        if (queryString != null) {
            return validateDeflateSignature(queryString, logoutRequest.getIssuer().getValue(), alias, domainName);
        } else {
            return validateXMLSignature(logoutRequest, alias, domainName);
        }
    }

    /**
     * Signature validation for HTTP Redirect Binding
     * @param queryString
     * @param issuer
     * @param alias
     * @param domainName
     * @return
     * @throws IdentityException
     */
    public static boolean validateDeflateSignature(String queryString, String issuer,
                                                   String alias, String domainName) throws IdentityException {
        try {

            synchronized (Runtime.getRuntime().getClass()) {
                samlHTTPRedirectSignatureValidator = (SAML2HTTPRedirectSignatureValidator) Class.forName(IdentityUtil.getProperty(
                        "SSOService.SAML2HTTPRedirectSignatureValidator").trim()).newInstance();
                samlHTTPRedirectSignatureValidator.init();
            }

            return samlHTTPRedirectSignatureValidator.validateSignature(queryString, issuer,
                    alias, domainName);

        } catch (SecurityException e) {
            log.error("Error validating deflate signature", e);
            return false;
        } catch (IdentitySAML2SSOException e) {
            log.warn("Signature validation failed for the SAML Message : Failed to construct the X509CredentialImpl for the alias " +
                    alias, e);
            return false;
        } catch (ClassNotFoundException e) {
            throw IdentityException.error("Class not found: "
                    + IdentityUtil.getProperty("SSOService.SAML2HTTPRedirectSignatureValidator"), e);
        } catch (InstantiationException e) {
            throw IdentityException.error("Error while instantiating class: "
                    + IdentityUtil.getProperty("SSOService.SAML2HTTPRedirectSignatureValidator"), e);
        } catch (IllegalAccessException e) {
            throw IdentityException.error("Illegal access to class: "
                    + IdentityUtil.getProperty("SSOService.SAML2HTTPRedirectSignatureValidator"), e);
        }
    }

    /**
     * Validate the signature of an assertion
     *
     * @param request    SAML Assertion, this could be either a SAML Request or a
     *                   LogoutRequest
     * @param alias      Certificate alias against which the signature is validated.
     * @param domainName domain name of the subject
     * @return true, if the signature is valid.
     */
    public static boolean validateXMLSignature(RequestAbstractType request, String alias,
                                               String domainName) throws IdentityException {

        boolean isSignatureValid = false;

        if (request.getSignature() != null) {
            try {
                X509Credential cred = SAMLSSOUtil.getX509CredentialImplForTenant(domainName, alias);

                synchronized (Runtime.getRuntime().getClass()) {
                    ssoSigner = (SSOSigner) Class.forName(IdentityUtil.getProperty(
                            "SSOService.SAMLSSOSigner").trim()).newInstance();
                    ssoSigner.init();
                }

                return ssoSigner.validateXMLSignature(request, cred, alias);
            } catch (IdentitySAML2SSOException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Signature validation failed for the SAML Message : Failed to construct the X509CredentialImpl for the alias " +
                            alias, e);
                }
            } catch (IdentityException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Signature Validation Failed for the SAML Assertion : Signature is invalid.", e);
                }
            } catch (ClassNotFoundException e) {
                throw IdentityException.error("Class not found: "
                        + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (InstantiationException e) {
                throw IdentityException.error("Error while instantiating class: "
                        + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (IllegalAccessException e) {
                throw IdentityException.error("Illegal access to class: "
                        + IdentityUtil.getProperty("SSOService.SAMLSSOSigner"), e);
            } catch (Exception e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error while validating XML signature.", e);
                }
            }
        }
        return isSignatureValid;
    }

    /**
     * Return a Array of Claims containing requested attributes and values
     *
     * @param authnReqDTO
     * @return Map with attributes and values
     * @throws IdentityException
     */
    public static Map<String, String> getAttributes(SAMLSSOAuthnReqDTO authnReqDTO) throws IdentityException {

        int index = 0;

        // trying to get the Service Provider Configurations
        SSOServiceProviderConfigManager spConfigManager =
                SSOServiceProviderConfigManager.getInstance();
        SAMLSSOServiceProviderDO spDO = spConfigManager.getServiceProvider(authnReqDTO.getIssuer());

        if (spDO == null) {
            IdentityPersistenceManager persistenceManager =
                    IdentityPersistenceManager.getPersistanceManager();

            Registry registry = (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().
                    getRegistry(RegistryType.SYSTEM_CONFIGURATION);
            spDO = persistenceManager.getServiceProvider(registry, authnReqDTO.getIssuer());
        }

        if (!authnReqDTO.isIdPInitSSOEnabled()) {

            if ( authnReqDTO.getAttributeConsumingServiceIndex() == 0) {
                //SP has not provide a AttributeConsumingServiceIndex in the authnReqDTO
                if (StringUtils.isNotBlank(spDO.getAttributeConsumingServiceIndex()) && spDO
                        .isEnableAttributesByDefault()) {
                    index = Integer.parseInt(spDO.getAttributeConsumingServiceIndex());
                } else {
                    return null;
                }
            } else {
                //SP has provide a AttributeConsumingServiceIndex in the authnReqDTO
                index = authnReqDTO.getAttributeConsumingServiceIndex();
            }
        } else {
            if (StringUtils.isNotBlank(spDO.getAttributeConsumingServiceIndex()) && spDO.isEnableAttributesByDefault
                    ()) {
                index = Integer.parseInt(spDO.getAttributeConsumingServiceIndex());
            } else {
                return null;
            }

        }

		
		/*
         * IMPORTANT : checking if the consumer index in the request matches the
		 * given id to the SP
		 */
        if (spDO.getAttributeConsumingServiceIndex() == null ||
                "".equals(spDO.getAttributeConsumingServiceIndex()) ||
                index != Integer.parseInt(spDO.getAttributeConsumingServiceIndex())) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid AttributeConsumingServiceIndex in AuthnRequest");
            }
            return Collections.emptyMap();
        }

        Map<String, String> claimsMap = new HashMap<String, String>();
        if (authnReqDTO.getUser().getUserAttributes() != null) {
            for (Map.Entry<ClaimMapping, String> entry : authnReqDTO.getUser().getUserAttributes().entrySet()) {
                claimsMap.put(entry.getKey().getRemoteClaim().getClaimUri(), entry.getValue());
            }
        }
        return claimsMap;
    }


    /**
     * build the error response
     *
     * @param id
     * @param statusCodes
     * @param statusMsg
     * @return decoded response
     * @throws IdentityException
     */
    public static String buildErrorResponse(String id, List<String> statusCodes, String statusMsg, String destination)
            throws IdentityException {
        ErrorResponseBuilder respBuilder = new ErrorResponseBuilder();
        Response response = respBuilder.buildResponse(id, statusCodes, statusMsg, destination);
        return SAMLSSOUtil.encode(SAMLSSOUtil.marshall(response));
    }

    public static int getSAMLResponseValidityPeriod() {
        if (StringUtils.isNotBlank(IdentityUtil.getProperty(IdentityConstants.ServerConfig.SAML_RESPONSE_VALIDITY_PERIOD))) {
            return Integer.parseInt(IdentityUtil.getProperty(
                    IdentityConstants.ServerConfig.SAML_RESPONSE_VALIDITY_PERIOD).trim());
        } else {
            return 5;
        }
    }

    public static int getSingleLogoutRetryCount() {
        return singleLogoutRetryCount;
    }

    public static void setSingleLogoutRetryCount(int singleLogoutRetryCount) {
        SAMLSSOUtil.singleLogoutRetryCount = singleLogoutRetryCount;
    }

    public static long getSingleLogoutRetryInterval() {
        return singleLogoutRetryInterval;
    }

    public static void setSingleLogoutRetryInterval(long singleLogoutRetryInterval) {
        SAMLSSOUtil.singleLogoutRetryInterval = singleLogoutRetryInterval;
    }

    public static ResponseBuilder getResponseBuilder() {
        if (responseBuilderClassName == null || "".equals(responseBuilderClassName)) {
            return new DefaultResponseBuilder();
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(responseBuilderClassName);
                return (ResponseBuilder) clazz.newInstance();

            } catch (ClassNotFoundException e) {
                log.error("Error while instantiating the SAMLResponseBuilder ", e);
            } catch (InstantiationException e) {
                log.error("Error while instantiating the SAMLResponseBuilder ", e);
            } catch (IllegalAccessException e) {
                log.error("Error while instantiating the SAMLResponseBuilder ", e);
            }
        }
        return null;
    }

    public static void setResponseBuilder(String responseBuilder) {
        responseBuilderClassName = responseBuilder;
    }

    /**
     * This check if the status code is 2XX, check value between 200 and 300
     *
     * @param status
     * @return
     */
    public static boolean isHttpSuccessStatusCode(int status) {
        return status >= 200 && status < 300;
    }

    public static boolean isHttpRedirectStatusCode(int status) {
        return status == 302 || status == 303;
    }

    public static String getUserNameFromOpenID(String openid) throws IdentityException {
        String caller = null;
        String path = null;
        URI uri = null;
        String contextPath = "/openid/";

        try {
            uri = new URI(openid);
            path = uri.getPath();
        } catch (URISyntaxException e) {
            throw IdentityException.error("Invalid OpenID", e);
        }
        caller = path.substring(path.indexOf(contextPath) + contextPath.length(), path.length());
        return caller;
    }

    /**
     * Find the OpenID corresponding to the given user name.
     *
     * @param userName User name
     * @return OpenID corresponding the given user name.
     * @throws org.wso2.carbon.identity.base.IdentityException
     */
    public static String getOpenID(String userName) throws IdentityException {
        return generateOpenID(userName);
    }

    /**
     * Generate OpenID for a given user.
     *
     * @param user User
     * @return Generated OpenID
     * @throws org.wso2.carbon.identity.base.IdentityException
     */
    public static String generateOpenID(String user) throws IdentityException {
        String openIDUserUrl = null;
        String openID = null;
        URI uri = null;
        URL url = null;
        openIDUserUrl = IdentityUtil.getProperty(IdentityConstants.ServerConfig.OPENID_USER_PATTERN);
        user = normalizeUrlEncoding(user);
        openID = openIDUserUrl + user;
        try {
            uri = new URI(openID);
        } catch (URISyntaxException e) {
            throw IdentityException.error("Invalid OpenID URL :" + openID, e);
        }
        try {
            url = uri.normalize().toURL();
            if (url.getQuery() != null || url.getRef() != null) {
                throw IdentityException.error("Invalid user name for OpenID :" + openID);
            }
        } catch (MalformedURLException e) {
            throw IdentityException.error("Malformed OpenID URL :" + openID, e);
        }
        openID = url.toString();
        return openID;
    }

    private static String normalizeUrlEncoding(String text) {

        if (text == null)
            return null;

        int len = text.length();
        StringBuilder normalized = new StringBuilder(len);

        for (int i = 0; i < len; i++) {
            char current = text.charAt(i);
            if (current == '%' && i < len - 2) {
                String percentCode = text.substring(i, i + 3).toUpperCase();
                try {
                    String str = URLDecoder.decode(percentCode, "ISO-8859-1");
                    char chr = str.charAt(0);
                    if (UNRESERVED_CHARACTERS.contains(Character.valueOf(chr)))
                        normalized.append(chr);
                    else
                        normalized.append(percentCode);
                } catch (UnsupportedEncodingException e) {
                    normalized.append(percentCode);
                    if (log.isDebugEnabled()) {
                        log.debug("Unsupported Encoding exception while decoding percent code.", e);
                    }
                }
                i += 2;
            } else {
                normalized.append(current);
            }
        }
        return normalized.toString();
    }

    public static void removeSession(String sessionId, String issuer) {
        SSOSessionPersistenceManager ssoSessionPersistenceManager = SSOSessionPersistenceManager
                .getPersistenceManager();

        String sessionIndex = ssoSessionPersistenceManager.getSessionIndexFromTokenId(sessionId);

        SSOSessionPersistenceManager.removeSessionInfoDataFromCache(sessionIndex);
        SSOSessionPersistenceManager.removeSessionIndexFromCache(sessionId);
    }

    public static void setTenantDomainInThreadLocal(String tenantDomain) throws UserStoreException, IdentityException {

        tenantDomain = validateTenantDomain(tenantDomain);
        if (tenantDomain != null) {
            SAMLSSOUtil.tenantDomainInThreadLocal.set(tenantDomain);
        }
    }

    public static String getTenantDomainFromThreadLocal() {

        if (SAMLSSOUtil.tenantDomainInThreadLocal == null) {
            // this is the default behavior.
            return null;
        }
        return (String) SAMLSSOUtil.tenantDomainInThreadLocal.get();
    }

    public static void removeTenantDomainFromThreadLocal() {
        SAMLSSOUtil.tenantDomainInThreadLocal.remove();
    }

    public static String validateTenantDomain(String tenantDomain) throws UserStoreException, IdentityException {

        if (tenantDomain != null && !tenantDomain.trim().isEmpty() && !"null".equalsIgnoreCase(tenantDomain.trim())) {
            int tenantID = SAMLSSOUtil.getRealmService().getTenantManager().getTenantId(tenantDomain);
            if (tenantID == -1) {
                String message = "Invalid tenant domain : " + tenantDomain;
                if (log.isDebugEnabled()) {
                    log.debug(message);
                }
                throw IdentityException.error(message);
            } else {
                return tenantDomain;
            }
        }
        return null;
    }

    /**
     * build the error response
     *
     * @param status
     * @param message
     * @return decoded response
     * @throws org.wso2.carbon.identity.base.IdentityException
     */
    public static String buildErrorResponse(String status, String message, String destination)
            throws IdentityException, IOException {

        ErrorResponseBuilder respBuilder = new ErrorResponseBuilder();
        List<String> statusCodeList = new ArrayList<String>();
        statusCodeList.add(status);
        Response response = respBuilder.buildResponse(null, statusCodeList, message, destination);
        String resp = SAMLSSOUtil.marshall(response);
        return compressResponse(resp);
    }

    /**
     * Compresses the response String
     *
     * @param response
     * @return
     * @throws IOException
     */
    public static String compressResponse(String response) throws IOException {

        Deflater deflater = new Deflater(Deflater.DEFLATED, true);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream, deflater);
        try {
            deflaterOutputStream.write(response.getBytes(StandardCharsets.UTF_8));
            return Base64.encodeBytes(byteArrayOutputStream.toByteArray(), Base64.DONT_BREAK_LINES);
        } finally {
            deflaterOutputStream.close();
        }
    }

    public static String getNotificationEndpoint(){
        String redirectURL = IdentityUtil.getProperty(IdentityConstants.ServerConfig
                .NOTIFICATION_ENDPOINT);
        if (StringUtils.isBlank(redirectURL)){
            redirectURL = IdentityUtil.getServerURL(SAMLSSOConstants.NOTIFICATION_ENDPOINT, false, false);
        }
        return redirectURL;
    }

    public static String getDefaultLogoutEndpoint(){
        String defaultLogoutLocation = IdentityUtil.getProperty(IdentityConstants.ServerConfig
                .DEFAULT_LOGOUT_ENDPOINT);
        if (StringUtils.isBlank(defaultLogoutLocation)){
            defaultLogoutLocation = IdentityUtil.getServerURL(SAMLSSOConstants
                    .DEFAULT_LOGOUT_ENDPOINT, false, false);
        }
        return defaultLogoutLocation;
    }

    public static boolean isSAMLIssuerExists(String issuerName, String tenantDomain) throws IdentitySAML2SSOException {

        SSOServiceProviderConfigManager stratosIdpConfigManager = SSOServiceProviderConfigManager.getInstance();
        SAMLSSOServiceProviderDO serviceProvider = stratosIdpConfigManager.getServiceProvider(issuerName);
        if (serviceProvider != null) {
            return true;
        }

        int tenantId;
        if (StringUtils.isBlank(tenantDomain)) {
            tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
            tenantId = MultitenantConstants.SUPER_TENANT_ID;
        } else {
            try {
                tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
            } catch (UserStoreException e) {
                throw new IdentitySAML2SSOException("Error occurred while retrieving tenant id for the domain : " +
                                                    tenantDomain, e);
            }
        }

        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext privilegedCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            privilegedCarbonContext.setTenantId(tenantId);
            privilegedCarbonContext.setTenantDomain(tenantDomain);

            IdentityTenantUtil.initializeRegistry(tenantId, tenantDomain);
            IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager();
            Registry registry = (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry
                    (RegistryType.SYSTEM_CONFIGURATION);
            return persistenceManager.isServiceProviderExists(registry, issuerName);
        } catch (IdentityException e) {
            throw new IdentitySAML2SSOException("Error occurred while validating existence of SAML service provider " +
                                                "'" + issuerName + "' in the tenant domain '" + tenantDomain + "'");
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    public static boolean validateACS(String tenantDomain, String issuerName, String requestedACSUrl) throws
            IdentityException {
        SSOServiceProviderConfigManager stratosIdpConfigManager = SSOServiceProviderConfigManager.getInstance();
        SAMLSSOServiceProviderDO serviceProvider = stratosIdpConfigManager.getServiceProvider(issuerName);
        if (serviceProvider != null) {
            return true;
        }

        int tenantId;
        if (StringUtils.isBlank(tenantDomain)) {
            tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
            tenantId = MultitenantConstants.SUPER_TENANT_ID;
        } else {
            try {
                tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
            } catch (UserStoreException e) {
                throw new IdentitySAML2SSOException("Error occurred while retrieving tenant id for the domain : " +
                        tenantDomain, e);
            }
        }

        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext privilegedCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            privilegedCarbonContext.setTenantId(tenantId);
            privilegedCarbonContext.setTenantDomain(tenantDomain);

            IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager();
            Registry registry = (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry
                    (RegistryType.SYSTEM_CONFIGURATION);
            SAMLSSOServiceProviderDO spDO = persistenceManager.getServiceProvider(registry, issuerName);
            if (StringUtils.isBlank(requestedACSUrl) || !spDO.getAssertionConsumerUrlList().contains
                    (requestedACSUrl)) {
                String msg = "ALERT: Invalid Assertion Consumer URL value '" + requestedACSUrl + "' in the " +
                        "AuthnRequest message from  the issuer '" + spDO.getIssuer() +
                        "'. Possibly " + "an attempt for a spoofing attack";
                log.error(msg);
                return false;
            } else {
                return true;
            }
        } catch (IdentityException e) {
            throw new IdentitySAML2SSOException("Error occurred while validating existence of SAML service provider " +
                    "'" + issuerName + "' in the tenant domain '" + tenantDomain + "'");
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }

    }
    public static SSOAuthnRequestValidator getSPInitSSOAuthnRequestValidator(AuthnRequest authnRequest)  {
        if (sPInitSSOAuthnRequestValidatorClassName == null || "".equals(sPInitSSOAuthnRequestValidatorClassName)) {
            try {
                return new SPInitSSOAuthnRequestValidator(authnRequest);
            } catch (IdentityException e) {
                log.error("Error while instantiating the SPInitSSOAuthnRequestValidator ", e);
            }
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(sPInitSSOAuthnRequestValidatorClassName);
                return (SSOAuthnRequestValidator) clazz.getDeclaredConstructor(AuthnRequest.class).newInstance(authnRequest);

            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                log.error("Error while instantiating the SPInitSSOAuthnRequestValidator ", e);
            } catch (NoSuchMethodException e) {
                log.error("SP initiated authentication request validation class in run time does not have proper" +
                        "constructors defined.");
            } catch (InvocationTargetException e) {
                log.error("Error in creating an instance of the class: " + sPInitSSOAuthnRequestValidatorClassName);
            }
        }
        return null;
    }

    public static void setSPInitSSOAuthnRequestValidator(String sPInitSSOAuthnRequestValidator) {
        sPInitSSOAuthnRequestValidatorClassName = sPInitSSOAuthnRequestValidator;
    }


    public static SSOAuthnRequestValidator getIdPInitSSOAuthnRequestValidator(QueryParamDTO[] queryParamDTOs, String relayState) {
        if (iDPInitSSOAuthnRequestValidatorClassName == null || "".equals(iDPInitSSOAuthnRequestValidatorClassName)) {
            try {
                return new IdPInitSSOAuthnRequestValidator(queryParamDTOs, relayState);
            } catch (IdentityException e) {
                log.error("Error while instantiating the IdPInitSSOAuthnRequestValidator ", e);
            }
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(iDPInitSSOAuthnRequestValidatorClassName);
                return (SSOAuthnRequestValidator) clazz.getDeclaredConstructor(
                        QueryParamDTO[].class, String.class).newInstance(queryParamDTOs, relayState);

            } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
                log.error("Error while instantiating the IdPInitSSOAuthnRequestValidator ", e);
            } catch (NoSuchMethodException e) {
                log.error("SP initiated authentication request validation class in run time does not have proper" +
                        "constructors defined.");
            } catch (InvocationTargetException e) {
                log.error("Error in creating an instance of the class: " + sPInitSSOAuthnRequestValidatorClassName);
            }
        }
        return null;
    }

    public static void setIdPInitSSOAuthnRequestValidator(String iDPInitSSOAuthnRequestValidator) {
        iDPInitSSOAuthnRequestValidatorClassName = iDPInitSSOAuthnRequestValidator;
    }

    public static void setIdPInitSSOAuthnRequestProcessor(String idPInitSSOAuthnRequestProcessor) {
        SAMLSSOUtil.idPInitSSOAuthnRequestProcessorClassName = idPInitSSOAuthnRequestProcessor;
    }

    public static IdPInitSSOAuthnRequestProcessor getIdPInitSSOAuthnRequestProcessor() {
        if (iDPInitSSOAuthnRequestValidatorClassName == null || "".equals(iDPInitSSOAuthnRequestValidatorClassName)) {
                return new IdPInitSSOAuthnRequestProcessor();
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(iDPInitSSOAuthnRequestValidatorClassName);
                return (IdPInitSSOAuthnRequestProcessor) clazz.newInstance();

            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                log.error("Error while instantiating the IdPInitSSOAuthnRequestProcessor ", e);
            }
        }
        return null;
    }

    public static void setSPInitSSOAuthnRequestProcessor(String SPInitSSOAuthnRequestProcessor) {
        SAMLSSOUtil.sPInitSSOAuthnRequestProcessorClassName = SPInitSSOAuthnRequestProcessor;
    }

    public static SPInitSSOAuthnRequestProcessor getSPInitSSOAuthnRequestProcessor() {
        if (sPInitSSOAuthnRequestProcessorClassName == null || "".equals(sPInitSSOAuthnRequestProcessorClassName)) {
            return new SPInitSSOAuthnRequestProcessor();
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(sPInitSSOAuthnRequestProcessorClassName);
                return (SPInitSSOAuthnRequestProcessor) clazz.newInstance();

            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                log.error("Error while instantiating the SPInitSSOAuthnRequestProcessor ", e);
            }
        }
        return null;
    }

    public static void setSPInitLogoutRequestProcessor(String SPInitLogoutRequestProcessor) {
        SAMLSSOUtil.sPInitLogoutRequestProcessorClassName = SPInitLogoutRequestProcessor;
    }

    public static SPInitLogoutRequestProcessor getSPInitLogoutRequestProcessor() {
        if (sPInitLogoutRequestProcessorClassName == null || "".equals(sPInitLogoutRequestProcessorClassName)) {
            return new SPInitLogoutRequestProcessor();
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(sPInitLogoutRequestProcessorClassName);
                return (SPInitLogoutRequestProcessor) clazz.newInstance();

            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                log.error("Error while instantiating the SPInitLogoutRequestProcessor ", e);
            }
        }
        return null;
    }

    public static void setIdPInitLogoutRequestProcessor(String idPInitLogoutRequestProcessor) {
        SAMLSSOUtil.idPInitLogoutRequestProcessorClassName = idPInitLogoutRequestProcessor;
    }

    public static IdPInitLogoutRequestProcessor getIdPInitLogoutRequestProcessor() {
        if (idPInitLogoutRequestProcessorClassName == null || "".equals(idPInitLogoutRequestProcessorClassName)) {
            return new IdPInitLogoutRequestProcessor();
        } else {
            try {
                // Bundle class loader will cache the loaded class and returned
                // the already loaded instance, hence calling this method
                // multiple times doesn't cost.
                Class clazz = Thread.currentThread().getContextClassLoader()
                        .loadClass(idPInitLogoutRequestProcessorClassName);
                return (IdPInitLogoutRequestProcessor) clazz.newInstance();

            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                log.error("Error while instantiating the SPInitLogoutRequestProcessor ", e);
            }
        }
        return null;
    }

}