Java Code Examples for org.wso2.carbon.user.core.UserRealm#getUserStoreManager()
The following examples show how to use
org.wso2.carbon.user.core.UserRealm#getUserStoreManager() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultClaimHandler.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
private UserStoreManager getUserStoreManager(String tenantDomain, UserRealm realm, String userDomain) throws
FrameworkException {
UserStoreManager userStore = null;
try {
userStore = realm.getUserStoreManager();
if (StringUtils.isNotBlank(userDomain)) {
userStore = realm.getUserStoreManager().getSecondaryUserStoreManager(userDomain);
}
if (userStore == null) {
// To avoid NPEs
throw new FrameworkException("Invalid user store domain name : " + userDomain + " in tenant : "
+ tenantDomain);
}
} catch (UserStoreException e) {
throw new FrameworkException("Error occurred while retrieving the UserStoreManager " +
"from Realm for " + tenantDomain + " to handle local claims", e);
}
return userStore;
}
Example 2
| Source File: DefaultClaimHandler.java From carbon-identity with Apache License 2.0 | 6 votes |
|
private UserStoreManager getUserStoreManager(String tenantDomain, UserRealm realm, String userDomain) throws
FrameworkException {
UserStoreManager userStore = null;
try {
userStore = realm.getUserStoreManager();
if (StringUtils.isNotBlank(userDomain)) {
userStore = realm.getUserStoreManager().getSecondaryUserStoreManager(userDomain);
}
if (userStore == null) {
// To avoid NPEs
throw new FrameworkException("Invalid user store domain name : " + userDomain + " in tenant : "
+ tenantDomain);
}
} catch (UserStoreException e) {
throw new FrameworkException("Error occurred while retrieving the UserStoreManager " +
"from Realm for " + tenantDomain + " to handle local claims", e);
}
return userStore;
}
Example 3
| Source File: UserRegistrationService.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* This service method will return back all available password validation regular expressions
* against the corresponding domain names.
*
* @return
* @throws IdentityException
*/
public PasswordRegExDTO[] getPasswordRegularExpressions() throws IdentityException {
UserRealm realm = null;
realm = IdentityTenantUtil.getRealm(null, null);
List<PasswordRegExDTO> passwordRegExList = new ArrayList<PasswordRegExDTO>();
PasswordRegExDTO passwordRegEx;
try {
UserStoreManager manager = realm.getUserStoreManager();
String domainName;
String regEx;
while (manager != null) {
domainName = manager.getRealmConfiguration().getUserStoreProperty(
UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
regEx = manager.getRealmConfiguration().getUserStoreProperty(
UserCoreConstants.RealmConfig.PROPERTY_JS_REG_EX);
if (regEx != null && regEx.length() > 0) {
passwordRegEx = new PasswordRegExDTO();
passwordRegEx.setDomainName(domainName);
passwordRegEx.setRegEx(regEx);
passwordRegExList.add(passwordRegEx);
}
manager = manager.getSecondaryUserStoreManager();
}
} catch (UserStoreException e) {
log.error(e);
throw IdentityException.error(
"Error occured while loading password validation regular expressions.");
}
return passwordRegExList.toArray(new PasswordRegExDTO[passwordRegExList.size()]);
}
Example 4
| Source File: DefaultProvisioningHandler.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private UserStoreManager getUserStoreManager(UserRealm realm, String userStoreDomain)
throws UserStoreException, FrameworkException {
UserStoreManager userStoreManager;
if (userStoreDomain != null && !userStoreDomain.isEmpty()) {
userStoreManager = realm.getUserStoreManager().getSecondaryUserStoreManager(
userStoreDomain);
} else {
userStoreManager = realm.getUserStoreManager();
}
if (userStoreManager == null) {
throw new FrameworkException("Specified user store is invalid");
}
return userStoreManager;
}
Example 5
| Source File: UserStoreManagerService.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private UserStoreManager getUserStoreManager() throws UserStoreException {
try {
UserRealm realm = super.getUserRealm();
if (realm == null) {
throw new UserStoreException(NULL_REALM_MESSAGE);
}
return realm.getUserStoreManager();
} catch (Exception e) {
throw new UserStoreException(e);
}
}
Example 6
| Source File: UserRegistrationService.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public boolean isAddUserEnabled() throws Exception {
UserRealm userRealm = IdentityTenantUtil.getRealm(null, null);
if (userRealm != null) {
UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (userStoreManager != null) {
return !userStoreManager.isReadOnly();
}
}
return false;
}
Example 7
| Source File: OutboundProvisioningManager.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* @param userName
* @param tenantDomain
* @return
* @throws CarbonException
* @throws UserStoreException
*/
private Map<String, String> getUserClaims(String userName, String tenantDomain) throws CarbonException,
UserStoreException {
Map<String, String> inboundAttributes = new HashMap<>();
RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
realmService, tenantDomain);
UserStoreManager userstore = null;
userstore = realm.getUserStoreManager();
Claim[] claimArray = null;
try {
claimArray = userstore.getUserClaimValues(userName, null);
} catch (UserStoreException e) {
if (e.getMessage().contains("UserNotFound")) {
if (log.isDebugEnabled()) {
log.debug("User " + userName + " not found in user store");
}
} else {
throw e;
}
}
if (claimArray != null) {
for (Claim claim : claimArray) {
inboundAttributes.put(claim.getClaimUri(), claim.getValue());
}
}
return inboundAttributes;
}
Example 8
| Source File: OutboundProvisioningManager.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* @param userName
* @param tenantDomain
* @return
* @throws CarbonException
* @throws UserStoreException
*/
private List<String> getUserRoles(String userName, String tenantDomain) throws CarbonException,
UserStoreException {
RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
realmService, tenantDomain);
UserStoreManager userstore = null;
userstore = realm.getUserStoreManager();
String[] newRoles = userstore.getRoleListOfUser(userName);
return Arrays.asList(newRoles);
}
Example 9
| Source File: UserSignUpWorkflowExecutor.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* Method updates Roles users with subscriber role
* @param serverURL
* @param adminUsername
* @param adminPassword
* @param userName
* @param role
* @throws Exception
*/
protected static void updateRolesOfUser(String serverURL, String adminUsername,
String adminPassword, String userName, String role)
throws Exception {
if (log.isDebugEnabled()) {
log.debug("Adding Subscriber role to " + userName);
}
String url = serverURL + "UserAdmin";
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
UserRealm realm = realmService.getBootstrapRealm();
UserStoreManager manager = realm.getUserStoreManager();
if (!manager.isExistingRole(role)){
log.error("Could not find role " + role + " in the user store");
throw new Exception("Could not find role " + role + " in the user store");
}
UserAdminStub userAdminStub = new UserAdminStub(url);
CarbonUtils.setBasicAccessSecurityHeaders(adminUsername, adminPassword, userAdminStub._getServiceClient());
FlaggedName[] flaggedNames = userAdminStub.getRolesOfUser(userName, "*", -1);
List<String> roles = new ArrayList<String>();
if (flaggedNames != null) {
for (FlaggedName flaggedName : flaggedNames) {
if (flaggedName.getSelected()) {
roles.add(flaggedName.getItemName());
}
}
}
roles.add(role);
userAdminStub.updateRolesOfUser(userName, roles.toArray(new String[roles.size()]));
}
Example 10
| Source File: DefaultProvisioningHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private UserStoreManager getUserStoreManager(UserRealm realm, String userStoreDomain)
throws UserStoreException, FrameworkException {
UserStoreManager userStoreManager;
if (userStoreDomain != null && !userStoreDomain.isEmpty()) {
userStoreManager = realm.getUserStoreManager().getSecondaryUserStoreManager(
userStoreDomain);
} else {
userStoreManager = realm.getUserStoreManager();
}
if (userStoreManager == null) {
throw new FrameworkException("Specified user store is invalid");
}
return userStoreManager;
}
Example 11
| Source File: UserProfileAdmin.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
public boolean isAddProfileEnabled() throws UserProfileException {
UserRealm realm = getUserRealm();
UserStoreManager userStoreManager = null;
try {
userStoreManager = realm.getUserStoreManager();
} catch (UserStoreException e) {
String errorMessage = "Error in obtaining UserStoreManager.";
log.error(errorMessage, e);
throw new UserProfileException(errorMessage, e);
}
return userStoreManager.isMultipleProfilesAllowed();
}
Example 12
| Source File: UserRegistrationService.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
public boolean isAddUserEnabled() throws Exception {
UserRealm userRealm = IdentityTenantUtil.getRealm(null, null);
if (userRealm != null) {
UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (userStoreManager != null) {
return !userStoreManager.isReadOnly();
}
}
return false;
}
Example 13
| Source File: UserRegistrationService.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* This service method will return back all available password validation regular expressions
* against the corresponding domain names.
*
* @return
* @throws IdentityException
*/
public PasswordRegExDTO[] getPasswordRegularExpressions() throws IdentityException {
UserRealm realm = null;
realm = IdentityTenantUtil.getRealm(null, null);
List<PasswordRegExDTO> passwordRegExList = new ArrayList<PasswordRegExDTO>();
PasswordRegExDTO passwordRegEx;
try {
UserStoreManager manager = realm.getUserStoreManager();
String domainName;
String regEx;
while (manager != null) {
domainName = manager.getRealmConfiguration().getUserStoreProperty(
UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
regEx = manager.getRealmConfiguration().getUserStoreProperty(
UserCoreConstants.RealmConfig.PROPERTY_JS_REG_EX);
if (regEx != null && regEx.length() > 0) {
passwordRegEx = new PasswordRegExDTO();
passwordRegEx.setDomainName(domainName);
passwordRegEx.setRegEx(regEx);
passwordRegExList.add(passwordRegEx);
}
manager = manager.getSecondaryUserStoreManager();
}
} catch (UserStoreException e) {
log.error(e);
throw IdentityException.error(
"Error occured while loading password validation regular expressions.");
}
return passwordRegExList.toArray(new PasswordRegExDTO[passwordRegExList.size()]);
}
Example 14
| Source File: UserProfileAdmin.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public boolean isAddProfileEnabled() throws UserProfileException {
UserRealm realm = getUserRealm();
UserStoreManager userStoreManager = null;
try {
userStoreManager = realm.getUserStoreManager();
} catch (UserStoreException e) {
String errorMessage = "Error in obtaining UserStoreManager.";
log.error(errorMessage, e);
throw new UserProfileException(errorMessage, e);
}
return userStoreManager.isMultipleProfilesAllowed();
}
Example 15
| Source File: APIManagerComponent.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
private void setupSelfRegistration(APIManagerConfiguration config) throws APIManagementException {
boolean enabled = Boolean.parseBoolean(config.getFirstProperty(APIConstants.SELF_SIGN_UP_ENABLED));
if (!enabled) {
return;
}
String role = config.getFirstProperty(APIConstants.SELF_SIGN_UP_ROLE);
if (role == null) {
// Required parameter missing - Throw an exception and interrupt startup
throw new APIManagementException("Required subscriber role parameter missing " + "in the self sign up configuration");
}
try {
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
UserRealm realm = realmService.getBootstrapRealm();
UserStoreManager manager = realm.getUserStoreManager();
if (!manager.isExistingRole(role)) {
if (log.isDebugEnabled()) {
log.debug("Creating subscriber role: " + role);
}
Permission[] subscriberPermissions = new Permission[] { new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION), new Permission(APIConstants.Permissions.API_SUBSCRIBE, UserMgtConstants.EXECUTE_ACTION) };
String superTenantName = ServiceReferenceHolder.getInstance().getRealmService().getBootstrapRealmConfiguration().getAdminUserName();
String[] userList = new String[] { superTenantName };
manager.addRole(role, userList, subscriberPermissions);
}
} catch (UserStoreException e) {
throw new APIManagementException("Error while creating subscriber role: " + role + " - " + "Self registration might not function properly.", e);
}
}
Example 16
| Source File: OutboundProvisioningManager.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* @param userName
* @param tenantDomain
* @return
* @throws CarbonException
* @throws UserStoreException
*/
private Map<String, String> getUserClaims(String userName, String tenantDomain) throws CarbonException,
UserStoreException {
Map<String, String> inboundAttributes = new HashMap<>();
RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
realmService, tenantDomain);
UserStoreManager userstore = null;
userstore = realm.getUserStoreManager();
Claim[] claimArray = null;
try {
claimArray = userstore.getUserClaimValues(userName, null);
} catch (UserStoreException e) {
if (e.getMessage().contains("UserNotFound")) {
if (log.isDebugEnabled()) {
log.debug("User " + userName + " not found in user store");
}
} else {
throw e;
}
}
if (claimArray != null) {
for (Claim claim : claimArray) {
inboundAttributes.put(claim.getClaimUri(), claim.getValue());
}
}
return inboundAttributes;
}
Example 17
| Source File: OutboundProvisioningManager.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* @param userName
* @param tenantDomain
* @return
* @throws CarbonException
* @throws UserStoreException
*/
private List<String> getUserRoles(String userName, String tenantDomain) throws CarbonException,
UserStoreException {
RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
realmService, tenantDomain);
UserStoreManager userstore = null;
userstore = realm.getUserStoreManager();
String[] newRoles = userstore.getRoleListOfUser(userName);
return Arrays.asList(newRoles);
}
Example 18
| Source File: UserRegistrationService.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
private void addUser(String userName, String password, Map<String, String> claimList,
String profileName, UserRealm realm) throws IdentityException {
UserStoreManager admin = null;
Permission permission = null;
try {
// get config from tenant registry
TenantRegistrationConfig tenantConfig = getTenantSignUpConfig(realm.getUserStoreManager().getTenantId());
// set tenant config specific sign up domain
if (tenantConfig != null && !"".equals(tenantConfig.getSignUpDomain())) {
int index = userName.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
if (index > 0) {
userName = tenantConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR
+ userName.substring(index + 1);
} else {
userName = tenantConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR
+ userName;
}
}
// add user to the relevant user store
admin = realm.getUserStoreManager();
if (!isUserNameWithAllowedDomainName(userName, realm)) {
throw IdentityException.error("Domain does not permit self registration");
}
// add user
admin.addUser(userName, password, null, claimList, profileName);
// after adding the user, assign specif roles
List<String> roleNamesArr = getRoleName(userName, tenantConfig);
if (claimList.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI) != null) {
// check is a user role is specified as a claim by the client, if so add it to the roles list
if (tenantConfig != null) {
roleNamesArr.add(tenantConfig.getSignUpDomain().toUpperCase()
+ UserCoreConstants.DOMAIN_SEPARATOR
+ claimList.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI));
} else {
roleNamesArr.add(UserCoreConstants.INTERNAL_DOMAIN
+ UserCoreConstants.DOMAIN_SEPARATOR
+ claimList.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI));
}
}
String[] identityRoleNames = roleNamesArr.toArray(new String[roleNamesArr.size()]);
for (int i = 0; i < identityRoleNames.length; i++) {
// if this is the first time a user signs up, needs to create role
doAddUser(i, admin, identityRoleNames, userName, permission);
}
} catch (UserStoreException e) {
throw IdentityException.error("Error occurred while adding user : " + userName + ". " + e.getMessage(), e);
}
}
Example 19
| Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Get claims from user store
*
* @param requestMsgCtx Token request message context
* @return Users claim map
* @throws Exception
*/
private static Map<String, Object> getClaimsFromUserStore(OAuthTokenReqMessageContext requestMsgCtx)
throws UserStoreException, IdentityApplicationManagementException, IdentityException {
String username = requestMsgCtx.getAuthorizedUser().toString();
String tenantDomain = requestMsgCtx.getAuthorizedUser().getTenantDomain();
UserRealm realm;
List<String> claimURIList = new ArrayList<String>();
Map<String, Object> mappedAppClaims = new HashMap<String, Object>();
ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService();
String spName = applicationMgtService
.getServiceProviderNameByClientId(requestMsgCtx.getOauth2AccessTokenReqDTO().getClientId(),
INBOUND_AUTH2_TYPE, tenantDomain);
ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName,
tenantDomain);
if (serviceProvider == null) {
return mappedAppClaims;
}
realm = IdentityTenantUtil.getRealm(tenantDomain, username);
if (realm == null) {
log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain
+ " and user " + username);
return new HashMap<>();
}
Map<String, String> spToLocalClaimMappings;
UserStoreManager userStoreManager = realm.getUserStoreManager();
ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings();
if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) {
for (ClaimMapping mapping : requestedLocalClaimMap) {
if (mapping.isRequested()) {
claimURIList.add(mapping.getLocalClaim().getClaimUri());
}
}
if (log.isDebugEnabled()) {
log.debug("Requested number of local claims: " + claimURIList.size());
}
spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(
SP_DIALECT, null, tenantDomain, false);
Map<String, String> userClaims = null;
try {
userClaims = userStoreManager.getUserClaimValues(
MultitenantUtils.getTenantAwareUsername(username),
claimURIList.toArray(new String[claimURIList.size()]), null);
} catch (UserStoreException e) {
if (e.getMessage().contains("UserNotFound")) {
if (log.isDebugEnabled()) {
log.debug("User " + username + " not found in user store");
}
} else {
throw e;
}
}
if (log.isDebugEnabled()) {
log.debug("Number of user claims retrieved from user store: " + userClaims.size());
}
if (MapUtils.isEmpty(userClaims)) {
return new HashMap<>();
}
for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator
.hasNext(); ) {
Map.Entry<String, String> entry = iterator.next();
String value = userClaims.get(entry.getValue());
if (value != null) {
mappedAppClaims.put(entry.getKey(), value);
if (log.isDebugEnabled() &&
IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
log.debug("Mapped claim: key - " + entry.getKey() + " value -" + value);
}
}
}
String domain = IdentityUtil.extractDomainFromName(username);
RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(domain)
.getRealmConfiguration();
String claimSeparator = realmConfiguration.getUserStoreProperty(
IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
if (StringUtils.isNotBlank(claimSeparator)) {
mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator);
}
}
return mappedAppClaims;
}
Example 20
| Source File: SAMLAssertionClaimsCallback.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private static Map<String, Object> getClaimsFromUserStore(OAuthAuthzReqMessageContext requestMsgCtx)
throws IdentityApplicationManagementException, IdentityException, UserStoreException,
ClaimManagementException {
AuthenticatedUser user = requestMsgCtx.getAuthorizationReqDTO().getUser();
String tenantDomain = requestMsgCtx.getAuthorizationReqDTO().getUser().getTenantDomain();
UserRealm realm;
List<String> claimURIList = new ArrayList<String>();
Map<String, Object> mappedAppClaims = new HashMap<String, Object>();
ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService();
String spName = applicationMgtService
.getServiceProviderNameByClientId(requestMsgCtx.getAuthorizationReqDTO().getConsumerKey(),
INBOUND_AUTH2_TYPE, tenantDomain);
ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName,
tenantDomain);
if (serviceProvider == null) {
return mappedAppClaims;
}
realm = IdentityTenantUtil.getRealm(tenantDomain, user.toString());
if (realm == null) {
log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain
+ " and user " + user);
return new HashMap<>();
}
Map<String, String> spToLocalClaimMappings;
UserStoreManager userStoreManager = realm.getUserStoreManager();
ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings();
if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) {
for (ClaimMapping mapping : requestedLocalClaimMap) {
if (mapping.isRequested()) {
claimURIList.add(mapping.getLocalClaim().getClaimUri());
}
}
if (log.isDebugEnabled()) {
log.debug("Requested number of local claims: " + claimURIList.size());
}
spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(
SP_DIALECT, null, tenantDomain, false);
Map<String, String> userClaims = null;
try {
userClaims = userStoreManager.getUserClaimValues(UserCoreUtil.addDomainToName(user.getUserName(),
user.getUserStoreDomain()), claimURIList.toArray(new String[claimURIList.size()]),null);
} catch (UserStoreException e) {
if (e.getMessage().contains("UserNotFound")) {
if (log.isDebugEnabled()) {
log.debug("User " + user + " not found in user store");
}
} else {
throw e;
}
}
if (log.isDebugEnabled()) {
log.debug("Number of user claims retrieved from user store: " + userClaims.size());
}
if (MapUtils.isEmpty(userClaims)) {
return new HashMap<>();
}
for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator
.hasNext(); ) {
Map.Entry<String, String> entry = iterator.next();
String value = userClaims.get(entry.getValue());
if (value != null) {
mappedAppClaims.put(entry.getKey(), value);
if (log.isDebugEnabled() &&
IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
log.debug("Mapped claim: key - " + entry.getKey() + " value -" + value);
}
}
}
RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(user.getUserStoreDomain())
.getRealmConfiguration();
String claimSeparator = realmConfiguration.getUserStoreProperty(
IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
if (StringUtils.isNotBlank(claimSeparator)) {
mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator);
}
}
return mappedAppClaims;
}
