Java Code Examples for org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getTenantDomain()

The following examples show how to use org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getTenantDomain() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractRequestCoordinator.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Returns the sequence config related to current Authentication Context.
 * @param context  Authentication Context
 * @param parameterMap Parameter Map, retrieved from (Http/etc) Request.
 * @return Generated Sequence Config.
 * @throws FrameworkException when there is an error in loading the Sequence Config, most probably error
 * in underlying data persistence layer.
 */
public SequenceConfig getSequenceConfig(AuthenticationContext context, Map<String, String[]> parameterMap)
        throws FrameworkException {
    String requestType = context.getRequestType();
    String[] issuers = parameterMap.get(FrameworkConstants.RequestParams.ISSUER);
    String issuer = null;
    if (!ArrayUtils.isEmpty(issuers)) {
        issuer = issuers[0];
    }
    String tenantDomain = context.getTenantDomain();

    SequenceLoader sequenceBuilder = FrameworkServiceDataHolder.getInstance().getSequenceLoader();
    if (sequenceBuilder != null) {
        ServiceProvider serviceProvider = getServiceProvider(requestType, issuer, tenantDomain);
        return sequenceBuilder.getSequenceConfig(context, parameterMap, serviceProvider);
    } else {
        //Backward compatibility, Using the deprecated method.
        //TODO: Need to remove the dependency to this.
        return ConfigurationFacade.getInstance().getSequenceConfig(issuer, requestType, tenantDomain);
    }

}
 
Example 2
Source File: DefaultClaimHandler.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private Map<String, String> mapLocalSpClaimsToRemoteSPClaims(String spStandardDialect,
                                                             AuthenticationContext context,
                                                             Map<String, String> spClaimMappings)
        throws FrameworkException {
    Map<String, String> localToSPClaimMappings = null;

    if (spStandardDialect != null) {
        // passing null for keySet argument to get all claim mappings,
        // since we don't know required claim mappings in advance
        // Key:value -> carbon_dialect:standard_dialect
        try {
            localToSPClaimMappings = getClaimMappings(spStandardDialect, null,
                                                      context.getTenantDomain(), true);
        } catch (Exception e) {
            throw new FrameworkException("Error occurred while getting all claim mappings from " +
                                         spStandardDialect + " dialect to " +
                                         ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT + " dialect for " +
                                         context.getTenantDomain() + " to handle federated claims", e);
        }
    } else if (!spClaimMappings.isEmpty()) {
        localToSPClaimMappings = FrameworkUtils.getLocalToSPClaimMappings(spClaimMappings);
    } else { // no standard dialect and no custom claim mappings
        throw new AssertionError("Authenticator Error! Authenticator does not have a " +
                                 "standard dialect and no custom claim mappings defined for IdP");
    }
    return localToSPClaimMappings;
}
 
Example 3
Source File: DefaultClaimHandler.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private Map<String, String> getLocalToIdpClaimMappingWithStandardDialect(Map<String, String> remoteClaims,
                                                                         ClaimMapping[] idPClaimMappings,
                                                                         AuthenticationContext context,
                                                                         String idPStandardDialect)
        throws FrameworkException {
    Map<String, String> localToIdPClaimMap;
    if (idPStandardDialect == null) {
        idPStandardDialect = ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT;
    }

    try {
        localToIdPClaimMap = getClaimMappings(idPStandardDialect,
                                              remoteClaims.keySet(), context.getTenantDomain(), true);
    } catch (Exception e) {
        throw new FrameworkException("Error occurred while getting claim mappings for " +
                                     "received remote claims from " +
                                     idPStandardDialect + " dialect to " +
                                     ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT + " dialect for " +
                                     context.getTenantDomain() + " to handle federated claims", e);
    }
    // adding remote claims with default values also to the key set because they may not come from the federated IdP
    localToIdPClaimMap.putAll(Arrays.stream(idPClaimMappings).filter(claimMapping -> StringUtils.
            isNotBlank(claimMapping.getDefaultValue()) && !localToIdPClaimMap.containsKey(claimMapping.
            getLocalClaim().getClaimUri())).collect(Collectors.toMap(claimMapping -> claimMapping.getLocalClaim().
            getClaimUri(), ClaimMapping::getDefaultValue)));

    return localToIdPClaimMap;
}
 
Example 4
Source File: AbstractLocalApplicationAuthenticator.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * To check whether user domain and tenant domain equal for non SaaS application.
 *
 * @param context the authentication context
 * @throws AuthenticationFailedException the exception in the authentication flow
 */
protected void validateNonSaasAppLogin(AuthenticationContext context) throws AuthenticationFailedException {

    String userTenantDomain = context.getSubject().getTenantDomain();
    String spTenantDomain = context.getTenantDomain();
    if (!StringUtils.equals(userTenantDomain, spTenantDomain)) {
        context.setProperty(FrameworkConstants.USER_TENANT_DOMAIN_MISMATCH, true);
        throw new AuthenticationFailedException("Service Provider tenant domain must be " +
                "equal to user tenant domain for non-SaaS applications", context.getSubject());
    }
}
 
Example 5
Source File: UIBasedConfigurationLoader.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Override
public SequenceConfig getSequenceConfig(AuthenticationContext context, Map<String, String[]> parameterMap,
                                        ServiceProvider serviceProvider) throws FrameworkException {

    String tenantDomain = context.getTenantDomain();

    AuthenticationStep[] authenticationSteps = null;

    LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = serviceProvider
            .getLocalAndOutBoundAuthenticationConfig();
    if (localAndOutboundAuthenticationConfig.getAuthenticationSteps() != null
            && localAndOutboundAuthenticationConfig.getAuthenticationSteps().length > 0) {
        //Use the default steps when there are no chains configured.
        authenticationSteps = localAndOutboundAuthenticationConfig.getAuthenticationSteps();
    }

    SequenceConfig sequenceConfig = getSequence(serviceProvider, tenantDomain, authenticationSteps);

    //Use script based evaluation if script is present.
    if (isAuthenticationScriptBasedSequence(localAndOutboundAuthenticationConfig)) {
        //Clear the sequenceConfig step map, so that it will be re-populated by Dynamic execution
        Map<Integer, StepConfig> originalStepConfigMap = new HashMap<>(sequenceConfig.getStepMap());
        Map<Integer, StepConfig> stepConfigMapCopy = new HashMap<>();
        originalStepConfigMap.forEach((k, v) -> stepConfigMapCopy.put(k, new StepConfig(v)));
        sequenceConfig.getStepMap().clear();
        JsGraphBuilderFactory jsGraphBuilderFactory = FrameworkServiceDataHolder.getInstance()
                .getJsGraphBuilderFactory();
        JsGraphBuilder jsGraphBuilder = jsGraphBuilderFactory.createBuilder(context, stepConfigMapCopy);
        context.setServiceProviderName(serviceProvider.getApplicationName());

        AuthenticationGraph graph = jsGraphBuilder
                .createWith(localAndOutboundAuthenticationConfig.getAuthenticationScriptConfig().getContent())
                .build();
        graph.setEnabled(localAndOutboundAuthenticationConfig.getAuthenticationScriptConfig().isEnabled());
        sequenceConfig.setAuthenticationGraph(graph);
        graph.setStepMap(originalStepConfigMap);
    }
    return sequenceConfig;
}
 
Example 6
Source File: FrameworkUtils.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Preprocess user's username considering authentication context.
 *
 * @param username Username of the user.
 * @param context  Authentication context.
 * @return preprocessed username
 */
public static String preprocessUsername(String username, AuthenticationContext context) {

    if (context.getSequenceConfig().getApplicationConfig().isSaaSApp()) {
        return username;
    }
    if (IdentityUtil.isEmailUsernameEnabled()) {
        if (StringUtils.countMatches(username, "@") == 1) {
            return username + "@" + context.getTenantDomain();
        }
    } else if (!username.endsWith(context.getTenantDomain())) {
        return username + "@" + context.getTenantDomain();
    }
    return username;
}
 
Example 7
Source File: DefaultClaimHandler.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private Map<String, String> mapLocalSpClaimsToRemoteSPClaims(String spStandardDialect,
                                                             AuthenticationContext context,
                                                             Map<String, String> spClaimMappings)
        throws FrameworkException {
    Map<String, String> localToSPClaimMappings = null;

    if (spStandardDialect != null) {
        // passing null for keySet argument to get all claim mappings,
        // since we don't know required claim mappings in advance
        // Key:value -> carbon_dialect:standard_dialect
        try {
            localToSPClaimMappings = getClaimMappings(spStandardDialect, null,
                                                      context.getTenantDomain(), true);
        } catch (Exception e) {
            throw new FrameworkException("Error occurred while getting all claim mappings from " +
                                         spStandardDialect + " dialect to " +
                                         ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT + " dialect for " +
                                         context.getTenantDomain() + " to handle federated claims", e);
        }
    } else if (!spClaimMappings.isEmpty()) {
        localToSPClaimMappings = FrameworkUtils.getLocalToSPClaimMappings(spClaimMappings);
    } else { // no standard dialect and no custom claim mappings
        throw new AssertionError("Authenticator Error! Authenticator does not have a " +
                                 "standard dialect and no custom claim mappings defined for IdP");
    }
    return localToSPClaimMappings;
}
 
Example 8
Source File: DefaultClaimHandler.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private Map<String, String> getLocalToIdpClaimMappingWithStandardDialect(Map<String, String> remoteClaims,
                                                                         ClaimMapping[] idPClaimMappings,
                                                                         AuthenticationContext context,
                                                                         String idPStandardDialect)
        throws FrameworkException {
    Map<String, String> localToIdPClaimMap;
    if (idPStandardDialect == null) {
        idPStandardDialect = ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT;
    }

    try {
        localToIdPClaimMap = getClaimMappings(idPStandardDialect,
                                              remoteClaims.keySet(), context.getTenantDomain(), true);
    } catch (Exception e) {
        throw new FrameworkException("Error occurred while getting claim mappings for " +
                                     "received remote claims from " +
                                     idPStandardDialect + " dialect to " +
                                     ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT + " dialect for " +
                                     context.getTenantDomain() + " to handle federated claims", e);
    }
    // adding remote claims with default values also to the key set because they may not come from the federated IdP
    for(ClaimMapping claimMapping : idPClaimMappings){
        if (StringUtils.isNotBlank(claimMapping.getDefaultValue()) && !localToIdPClaimMap.containsKey
                (claimMapping.getLocalClaim().getClaimUri())) {
            localToIdPClaimMap.put(claimMapping.getLocalClaim().getClaimUri(), claimMapping.getDefaultValue());
        }
    }
    return localToIdPClaimMap;
}
 
Example 9
Source File: DefaultAuthenticationRequestHandler.java    From carbon-identity-framework with Apache License 2.0 2 votes vote down vote up
private String getApplicationTenantDomain(AuthenticationContext context) {

        return (StringUtils.isNotEmpty(context.getTenantDomain()) ?
                context.getTenantDomain() : MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);

    }