org.wso2.carbon.user.core.util.UserCoreUtil Java Examples
The following examples show how to use
org.wso2.carbon.user.core.util.UserCoreUtil.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AuthenticationEndpointUtil.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Build user object from complete username
* @param userName
* @return
*/
public static UserDTO getUser(String userName) {
if (userName == null) {
return null;
}
String userStoreDomain = extractDomainFromName(userName);
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
String userNameWithoutTenantDomainAndUserStoreDomain = MultitenantUtils
.getTenantAwareUsername(UserCoreUtil.removeDomainFromName(userName));
UserDTO user = new UserDTO();
user.setUsername(userNameWithoutTenantDomainAndUserStoreDomain);
user.setRealm(userStoreDomain);
user.setTenantDomain(tenantDomain);
return user;
}
Example #2
| Source File: IdentityManagementServiceUtil.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Build a user object from tenant domain and username.
*
* @param username username provided by user
* @param tenantDomain tenant domain of the application
* @return User
*/
public User resolveUser(String username, String tenantDomain, boolean isSaaSEnabled) {
if (username == null) {
return null;
}
String userStoreDomain = extractDomainFromName(username);
User user = new User();
user.setUsername(MultitenantUtils
.getTenantAwareUsername(UserCoreUtil.removeDomainFromName(username)));
if (isSaaSEnabled) {
user.setTenantDomain(MultitenantUtils.getTenantDomain(username));
} else {
user.setTenantDomain(tenantDomain);
}
user.setRealm(userStoreDomain);
return user;
}
Example #3
| Source File: WorkflowAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Trigger after adding a association
*
* @param associationName
* @param workflowId
* @param eventId
* @param condition
* @throws WorkflowException
*/
@Override
public void doPostAddAssociation(String associationName, String workflowId, String eventId, String condition)
throws WorkflowException {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (StringUtils.isBlank(loggedInUser)) {
loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
}
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);
String auditData = "\"" + "Association Name" + "\" : \"" + associationName+ "\",\""
+ "Workflow ID" + "\" : \"" + workflowId + "\",\""
+ "Event ID" + "\" : \"" + eventId + "\",\""
+ "Condition" + "\" : \"" + condition + "\"";
AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Add Association", auditData, AUDIT_SUCCESS));
}
Example #4
| Source File: RegistryTopicManager.java From carbon-commons with Apache License 2.0 | 6 votes |
|
/**
* Every queue/topic has a role with the same name as the queue/topic name. This role is used
* to store the permissions for the user who created the queue/topic.This role should be
* deleted when the queue/topic is deleted.
*
* @param destinationName name of the queue or topic
* @throws EventBrokerException
*/
private static void removeRoleCreateForLoggedInUser(String destinationName)
throws EventBrokerException {
//For registry we use a modified queue name
String newDestinationName = destinationName.replace("@", AT_REPLACE_CHAR);
String roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
newDestinationName.replace("/", "-"));
try {
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
if (userStoreManager.isExistingRole(roleName)) {
userStoreManager.deleteRole(roleName);
}
} catch (UserStoreException e) {
throw new EventBrokerException("Error while deleting " + newDestinationName, e);
}
}
Example #5
| Source File: IdentityManagementServiceUtil.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Build user object from complete username
* @param userName
* @return
*/
public User getUser(String userName) {
if (userName == null) {
return null;
}
String userStoreDomain = extractDomainFromName(userName);
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
String userNameWithoutTenantDomainAndUserStoreDomain = MultitenantUtils
.getTenantAwareUsername(UserCoreUtil.removeDomainFromName(userName));
User user = new User();
user.setUsername(userNameWithoutTenantDomainAndUserStoreDomain);
user.setRealm(userStoreDomain);
user.setTenantDomain(tenantDomain);
return user;
}
Example #6
| Source File: CarbonRemoteUserStoreManger.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public void deleteRole(String roleName) throws UserStoreException {
String domainAwareRoleName = UserCoreUtil.removeDomainFromName(roleName);
for (Iterator<Entry<String, WSUserStoreManager>> iterator = remoteServers.entrySet()
.iterator(); iterator.hasNext(); ) {
Entry<String, WSUserStoreManager> remoteStore = iterator.next();
try {
remoteStore.getValue().deleteRole(domainAwareRoleName);
} catch (UserStoreException e) {
if (!CONNECTION_REFUSED.equalsIgnoreCase(e.getMessage())) {
throw e;
}
log.error("Failed to connect to the remote server : " + remoteStore.getKey());
}
}
}
Example #7
| Source File: WorkflowExecutorAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Trigger after executing a workflow request
*
* @param workFlowRequest
* @throws WorkflowException
*/
@Override
public void doPostExecuteWorkflow(WorkflowRequest workFlowRequest, WorkflowExecutorResult result) throws
WorkflowException {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (StringUtils.isBlank(loggedInUser)) {
loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
}
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);
String auditData = "\"" + "Operation Type" + "\" : \"" + workFlowRequest.getEventType()
+ "\",\"" + "Request parameters" + "\" : \"" + workFlowRequest.getRequestParameterAsString()
+ "\"";
AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Initiate Workflow", auditData,
AUDIT_SUCCESS));
}
Example #8
| Source File: KeyManagerUserOperationListener.java From carbon-apimgt with Apache License 2.0 | 6 votes |
|
/**
* To get the fully qualified username with the user store domain.
*
* @param username Name of the User.
* @param userStoreManager User store manager, which the user is belong to.
* @return fully qualified username.
*/
private String getUserName(String username, UserStoreManager userStoreManager) {
String userStoreDomain = getUserStoreDomainName(userStoreManager);
String tenantDomain = getTenantDomain();
username = UserCoreUtil.addDomainToName(username, userStoreDomain);
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equalsIgnoreCase(tenantDomain) ||
(!MultitenantUtils.isEmailUserName() &&
username.indexOf(APIConstants.EMAIL_DOMAIN_SEPARATOR) > 0)) {
username = UserCoreUtil.addTenantDomainToEntry(username, tenantDomain);
}
//If the username is not case sensitive
if (!isUserStoreInUsernameCaseSensitive(username)) {
username = username.toLowerCase();
}
return username;
}
Example #9
| Source File: IDPMgtAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPostAddIdP(IdentityProvider identityProvider, String tenantDomain) throws
IdentityProviderManagementException {
String displayName = "Undefined";
String idpName = "Undefined";
if (identityProvider != null) {
if(StringUtils.isNotEmpty(identityProvider.getDisplayName())){
displayName = identityProvider.getDisplayName();
}
idpName = identityProvider.getIdentityProviderName();
}
audit.info(String.format(AUDIT_MESSAGE, getUser(), "add", UserCoreUtil.addTenantDomainToEntry(displayName,
tenantDomain), idpName, SUCCESS));
return true;
}
Example #10
| Source File: UserIdentityManagementAdminService.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* User change the password of the user.
*
* @param newPassword
* @throws IdentityMgtServiceException
*/
public void changeUserPassword(String newPassword, String oldPassword) throws IdentityMgtServiceException {
String userName = CarbonContext.getThreadLocalCarbonContext().getUsername();
try {
UserStoreManager userStoreManager = getUserStore(userName);
userName = UserCoreUtil.removeDomainFromName(userName);
userStoreManager.updateCredential(userName, newPassword, oldPassword);
log.info("Password changed for: " + userName);
} catch (UserStoreException e) {
String message = "Error while resetting the password for: " + userName;
log.error(message, e);
throw new IdentityMgtServiceException(message, e);
}
}
Example #11
| Source File: FrameworkUtils.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
public static String prependUserStoreDomainToName(String authenticatedSubject) {
if (authenticatedSubject == null || authenticatedSubject.trim().isEmpty()) {
throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
+ authenticatedSubject);
}
if (!authenticatedSubject.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
if (UserCoreUtil.getDomainFromThreadLocal() != null
&& !UserCoreUtil.getDomainFromThreadLocal().isEmpty()) {
authenticatedSubject = UserCoreUtil.getDomainFromThreadLocal()
+ CarbonConstants.DOMAIN_SEPARATOR + authenticatedSubject;
}
} else if (authenticatedSubject.indexOf(CarbonConstants.DOMAIN_SEPARATOR) == 0) {
throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
+ authenticatedSubject + " begins with \'" + CarbonConstants.DOMAIN_SEPARATOR
+ "\'");
}
return authenticatedSubject;
}
Example #12
| Source File: UserIdentityManagementUtil.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Locks the user account.
*
* @param userName
* @param userStoreManager
* @throws IdentityException
*/
public static void lockUserAccount(String userName, UserStoreManager userStoreManager)
throws IdentityException {
if (!isIdentityMgtListenerEnable()) {
throw IdentityException.error("Cannot lock account, IdentityMgtEventListener is not enabled.");
}
String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().
getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
userName = UserCoreUtil.addDomainToName(userName, domainName);
try {
if (!userStoreManager.isExistingUser(userName)) {
log.error("User " + userName + " does not exist in tenant " + userStoreManager.getTenantId());
throw IdentityException.error("No user account found for user " + userName);
}
Map<String, String> claims = new HashMap<>();
claims.put(UserIdentityDataStore.ACCOUNT_LOCK, "true");
claims.put(UserIdentityDataStore.UNLOCKING_TIME, "0");
userStoreManager.setUserClaimValues(userName, claims, null);
} catch (UserStoreException e) {
log.error("Error while reading/storing user identity data", e);
throw IdentityException.error("Error while lock user account : " + userName);
}
}
Example #13
| Source File: ExternalIdPConfig.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* @param identityProvider
*/
public ExternalIdPConfig(IdentityProvider identityProvider) {
this.identityProvider = identityProvider;
claimConfiguration = identityProvider.getClaimConfig();
roleConfiguration = identityProvider.getPermissionAndRoleConfig();
justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig();
RoleMapping[] mappings = roleConfiguration.getRoleMappings();
if (mappings != null && mappings.length > 0) {
for (RoleMapping roleMapping : mappings) {
if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) {
this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil.addDomainToName(roleMapping
.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId()));
} else {
this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole()
.getLocalRoleName());
}
}
}
}
Example #14
| Source File: IDPMgtAuditLogger.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPostAddIdP(IdentityProvider identityProvider, String tenantDomain) throws
IdentityProviderManagementException {
String displayName = "Undefined";
String idpName = "Undefined";
if (identityProvider != null) {
if(StringUtils.isNotEmpty(identityProvider.getDisplayName())){
displayName = identityProvider.getDisplayName();
}
idpName = identityProvider.getIdentityProviderName();
}
audit.info(String.format(AUDIT_MESSAGE, getUser(), "add", UserCoreUtil.addTenantDomainToEntry(displayName,
tenantDomain), idpName, SUCCESS));
return true;
}
Example #15
| Source File: WorkflowExecutorAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Trigger after handling a callback
*
* @param uuid
* @param status
* @param additionalParams
* @throws WorkflowException
*/
@Override
public void doPostHandleCallback(String uuid, String status, Map<String, Object> additionalParams) throws WorkflowException {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (StringUtils.isBlank(loggedInUser)) {
loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
}
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);
String auditData = "\"" + "Request ID" + "\" : \"" + uuid
+ "\",\"" + "Callback Status" + "\" : \"" + status
+ "\"";
AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Callback for Workflow Request", auditData,
AUDIT_SUCCESS));
}
Example #16
| Source File: DefaultProvisioningHandler.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Check for internal roles and convert internal role domain names to camel case to match with predefined
* internal role domains.
*
* @param roles roles to verify and update
* @return updated role list
*/
private List<String> convertInternalRoleDomainsToCamelCase(List<String> roles) {
List<String> updatedRoles = new ArrayList<>();
if (roles != null) {
// If internal roles exist, convert internal role domain names to case sensitive predefined domain names.
for (String role : roles) {
if (StringUtils.containsIgnoreCase(role, UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants
.DOMAIN_SEPARATOR)) {
updatedRoles.add(UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR +
UserCoreUtil.removeDomainFromName(role));
} else if (StringUtils.containsIgnoreCase(role, APPLICATION_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR)) {
updatedRoles.add(APPLICATION_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + UserCoreUtil
.removeDomainFromName(role));
} else if (StringUtils.containsIgnoreCase(role, WORKFLOW_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR)) {
updatedRoles.add(WORKFLOW_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + UserCoreUtil
.removeDomainFromName(role));
} else {
updatedRoles.add(role);
}
}
}
return updatedRoles;
}
Example #17
| Source File: FederatedAssociationManagerImpl.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
private void validateUserExistence(User user, int tenantId) throws FederatedAssociationManagerException {
try {
UserStoreManager userStoreManager = IdentityUserProfileServiceDataHolder.getInstance().getRealmService()
.getTenantUserRealm(tenantId).getUserStoreManager();
if (!userStoreManager.isExistingUser(
UserCoreUtil.addDomainToName(user.getUserName(), user.getUserStoreDomain()))) {
if (log.isDebugEnabled()) {
log.error("UserNotFound: userName: " + user.getUserName() + ", in the domain: "
+ user.getUserStoreDomain() + ", and in the tenant: " + user.getTenantDomain());
}
throw handleFederatedAssociationManagerClientException(INVALID_USER_IDENTIFIER_PROVIDED, null, true);
}
} catch (UserStoreException e) {
if (log.isDebugEnabled()) {
String msg = "Error occurred while verifying the existence of the userName: " + user.getUserName()
+ ", in the domain: " + user.getUserStoreDomain() + ", and in the tenant: "
+ user.getTenantDomain();
log.debug(msg);
}
throw handleFederatedAssociationManagerServerException(ERROR_WHILE_GETTING_THE_USER, e, true);
}
}
Example #18
| Source File: ApplicationMgtAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPostUpdateApplication(ServiceProvider serviceProvider, String tenantDomain, String userName)
throws IdentityApplicationManagementException {
int appId = -1;
String name = "Undefined";
if (serviceProvider != null) {
appId = serviceProvider.getApplicationID();
name = serviceProvider.getApplicationName();
}
// Append tenant domain to username.
userName = UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain);
audit.info(String.format(AUDIT_MESSAGE, userName, "update", appId, name, SUCCESS));
return true;
}
Example #19
| Source File: PostAuthenticatedSubjectIdentifierHandler.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Handle userstore domain and tenant domain with subjects identifier.
*
* @param sequenceConfig Relevant sequence config.
* @param subjectValue Subject value.
*/
private void handleUserStoreAndTenantDomain(SequenceConfig sequenceConfig, String subjectValue) {
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
/* Check whether the tenant domain should be appended to the subject identifier for this SP and if yes,
append it. */
if (sequenceConfig.getApplicationConfig().isUseTenantDomainInLocalSubjectIdentifier()) {
String tenantDomain = sequenceConfig.getAuthenticatedUser().getTenantDomain();
subjectValue = UserCoreUtil.addTenantDomainToEntry(subjectValue, tenantDomain);
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
}
/* Check whether the user store domain should be appended to the subject identifier for this SP and
if yes, append it. */
if (sequenceConfig.getApplicationConfig().isUseUserstoreDomainInLocalSubjectIdentifier()) {
String userStoreDomain = sequenceConfig.getAuthenticatedUser().getUserStoreDomain();
subjectValue = UserCoreUtil.addDomainToName(subjectValue, userStoreDomain);
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
}
if (log.isDebugEnabled()) {
log.debug(
"Authenticated User: " + sequenceConfig.getAuthenticatedUser().getAuthenticatedSubjectIdentifier());
log.debug("Authenticated User Tenant Domain: " + sequenceConfig.getAuthenticatedUser().getTenantDomain());
}
}
Example #20
| Source File: ApplicationMgtAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPostCreateApplication(ServiceProvider serviceProvider, String tenantDomain, String userName)
throws IdentityApplicationManagementException {
int appId = -1;
String name = "Undefined";
if (serviceProvider != null) {
appId = serviceProvider.getApplicationID();
name = serviceProvider.getApplicationName();
}
// Append tenant domain to username.
userName = UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain);
audit.info(String.format(AUDIT_MESSAGE, userName, "create", appId, name, SUCCESS));
return true;
}
Example #21
| Source File: ManagementPermissionUtil.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
public static Permission[] getRoleUIPermissions(String roleName, String[] rawPermissions)
throws UserAdminException {
Permission[] permissions;
if (ArrayUtils.isEmpty(rawPermissions)) {
return new Permission[0];
}
String[] optimizedList = UserCoreUtil.optimizePermissions(rawPermissions);
permissions = new Permission[optimizedList.length];
int i = 0;
for (String path : optimizedList) {
permissions[i++] = new Permission(path, UserMgtConstants.EXECUTE_ACTION);
}
return permissions;
}
Example #22
| Source File: FrameworkUtils.java From carbon-identity with Apache License 2.0 | 6 votes |
|
public static String prependUserStoreDomainToName(String authenticatedSubject) {
if (authenticatedSubject == null || authenticatedSubject.trim().isEmpty()) {
throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
+ authenticatedSubject);
}
if (!authenticatedSubject.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
if (UserCoreUtil.getDomainFromThreadLocal() != null
&& !UserCoreUtil.getDomainFromThreadLocal().isEmpty()) {
authenticatedSubject = UserCoreUtil.getDomainFromThreadLocal()
+ CarbonConstants.DOMAIN_SEPARATOR + authenticatedSubject;
}
} else if (authenticatedSubject.indexOf(CarbonConstants.DOMAIN_SEPARATOR) == 0) {
throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
+ authenticatedSubject + " begins with \'" + CarbonConstants.DOMAIN_SEPARATOR
+ "\'");
}
return authenticatedSubject;
}
Example #23
| Source File: UserOperationEventListenerImpl.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
if (StringUtils.isBlank(domainName)) {
domainName = UserAccountAssociationConstants.PRIMARY_USER_DOMAIN;
}
try {
if (log.isDebugEnabled()) {
log.debug("User account associations for user " + userName + " with tenant id " +
userStoreManager.getTenantId() + " is getting deleted.");
}
UserAccountAssociationDAO.getInstance().deleteUserAssociation(domainName, userStoreManager.getTenantId()
, userName);
return true;
} catch (UserAccountAssociationException e) {
throw new UserStoreException(String.format(UserAccountAssociationConstants.ErrorMessages
.ERROR_WHILE_DELETING_USER_ASSOC.getDescription(), userName), e);
}
}
Example #24
| Source File: ProvisioningEntityBuilder.java From carbon-identity with Apache License 2.0 | 6 votes |
|
ProvisioningEntity buildProvisioningEntityForUserUpdate(SCIMObject provisioningObject,
Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
String domainName) throws CharonException, IdentityApplicationManagementException {
User user = (User) provisioningObject;
//username should be included in user update SCIM request
if (user.getUserName() != null) {
outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
Arrays.asList(new String[] { user.getUserName() }));
}
String domainAwareName = UserCoreUtil.addDomainToName(user.getUserName(), domainName);
ProvisioningEntity provisioningEntity =
new ProvisioningEntity(ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PUT,
outboundAttributes);
Map<String, String> inboundAttributes =
AttributeMapper.getClaimsMap((AbstractSCIMObject) provisioningObject);
provisioningEntity.setInboundAttributes(inboundAttributes);
return provisioningEntity;
}
Example #25
| Source File: ApplicationMgtAuditLogger.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
@Override
public boolean doPostDeleteApplication(String applicationName, String tenantDomain, String userName)
throws IdentityApplicationManagementException {
// Append tenant domain to username.
userName = UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain);
audit.info(String.format(AUDIT_MESSAGE, userName, "delete", applicationName, null, SUCCESS));
return true;
}
Example #26
| Source File: SessionDataPublisherImpl.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* Method to build a AuthenticatedUser type object
* @param authenticatedUser required param
* @return AuthenticatedUser type object
* @throws IdentityOAuth2Exception exception
*/
private AuthenticatedUser buildAuthenticatedUser(AuthenticatedUser authenticatedUser)
throws IdentityOAuth2Exception {
AuthenticatedUser user = new AuthenticatedUser();
String tenantAwareusername = authenticatedUser.getUserName();
String tenantDomain = authenticatedUser.getTenantDomain();
user.setUserName(UserCoreUtil.removeDomainFromName(tenantAwareusername));
user.setTenantDomain(tenantDomain);
user.setUserStoreDomain(IdentityUtil.extractDomainFromName(tenantAwareusername));
user.setFederatedUser(true);
user.setUserStoreDomain(OAuth2Util.getUserStoreForFederatedUser(authenticatedUser));
return user;
}
Example #27
| Source File: ProfileMgtEventListener.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private String getFullQualifiedUsername(String tenantAwareUsername,
String userStoreDomain,
String tenantDomain) {
String fullyQualifiedUsername = UserCoreUtil.addDomainToName(tenantAwareUsername, userStoreDomain);
fullyQualifiedUsername = UserCoreUtil.addTenantDomainToEntry(fullyQualifiedUsername, tenantDomain);
return fullyQualifiedUsername;
}
Example #28
| Source File: AuthenticatedUser.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Returns an AuthenticatedUser instance populated from the given subject identifier string.
* It is assumed that this user is authenticated from a local authenticator thus extract user
* store domain and tenant domain from the given string.
*
* @param authenticatedSubjectIdentifier a string in
* <userstore_domain>/<username>@<tenant_domain> format
* @return populated AuthenticatedUser instance
*/
public static AuthenticatedUser createLocalAuthenticatedUserFromSubjectIdentifier(
String authenticatedSubjectIdentifier) {
if (authenticatedSubjectIdentifier == null || authenticatedSubjectIdentifier.trim().isEmpty()) {
throw new IllegalArgumentException(
"Failed to create Local Authenticated User from the given subject identifier." +
" Invalid argument. authenticatedSubjectIdentifier : " + authenticatedSubjectIdentifier);
}
AuthenticatedUser authenticatedUser = new AuthenticatedUser();
if (StringUtils.isNotEmpty(UserCoreUtil.getDomainFromThreadLocal())) {
if (authenticatedSubjectIdentifier.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0) {
String[] subjectIdentifierSplits =
authenticatedSubjectIdentifier.split(CarbonConstants.DOMAIN_SEPARATOR, 2);
if (UserCoreUtil.getDomainFromThreadLocal().equalsIgnoreCase(subjectIdentifierSplits[0])) {
authenticatedUser.setUserStoreDomain(subjectIdentifierSplits[0]);
authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(subjectIdentifierSplits[1]));
}
} else {
authenticatedUser.setUserStoreDomain(UserCoreUtil.getDomainFromThreadLocal());
authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedSubjectIdentifier));
}
} else {
authenticatedUser.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedSubjectIdentifier));
}
authenticatedUser.setTenantDomain(MultitenantUtils.getTenantDomain(authenticatedSubjectIdentifier));
authenticatedUser.setAuthenticatedSubjectIdentifier(authenticatedSubjectIdentifier);
return authenticatedUser;
}
Example #29
| Source File: ApplicationMgtUtil.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* @param oldName
* @param newName
* @throws IdentityApplicationManagementException
*/
public static void renameRole(String oldName, String newName) throws UserStoreException {
if (log.isDebugEnabled()) {
log.debug("Renaming application role : " + UserCoreUtil.addInternalDomainName(oldName)
+ " to new role : " + UserCoreUtil.addInternalDomainName(newName));
}
CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager()
.updateRoleName(UserCoreUtil.addInternalDomainName(oldName),
UserCoreUtil.addInternalDomainName(newName));
}
Example #30
| Source File: UserIdentityManagementUtil.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Enable the user account
*
* @param userName
* @param userStoreManager
* @throws IdentityException
*/
public static void enableUserAccount(String userName, UserStoreManager userStoreManager)
throws IdentityException {
if (!isIdentityMgtListenerEnable()) {
throw IdentityException.error("Cannot enable account, IdentityMgtEventListener is not enabled.");
}
String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().
getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
userName = UserCoreUtil.addDomainToName(userName, domainName);
try {
if (!userStoreManager.isExistingUser(userName)) {
log.error("User " + userName + " does not exist in tenant " + userStoreManager.getTenantId());
throw IdentityException.error("No user account found for user " + userName + "to enable");
}
} catch (UserStoreException e) {
log.error("Error while reading user identity data", e);
throw IdentityException.error("Error while enabling user account " + userName);
}
UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
UserIdentityClaimsDO userIdentityDO = store.load(UserCoreUtil.removeDomainFromName(userName), userStoreManager);
if (userIdentityDO != null) {
userIdentityDO.setAccountDisabled(false);
store.store(userIdentityDO, userStoreManager);
} else {
throw IdentityException.error("No user account found for user " + userName);
}
}
