Java Code Examples for org.wso2.carbon.user.core.util.UserCoreUtil#addDomainToName()
The following examples show how to use
org.wso2.carbon.user.core.util.UserCoreUtil#addDomainToName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PostAuthenticatedSubjectIdentifierHandler.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
/**
* Handle userstore domain and tenant domain with subjects identifier.
*
* @param sequenceConfig Relevant sequence config.
* @param subjectValue Subject value.
*/
private void handleUserStoreAndTenantDomain(SequenceConfig sequenceConfig, String subjectValue) {
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
/* Check whether the tenant domain should be appended to the subject identifier for this SP and if yes,
append it. */
if (sequenceConfig.getApplicationConfig().isUseTenantDomainInLocalSubjectIdentifier()) {
String tenantDomain = sequenceConfig.getAuthenticatedUser().getTenantDomain();
subjectValue = UserCoreUtil.addTenantDomainToEntry(subjectValue, tenantDomain);
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
}
/* Check whether the user store domain should be appended to the subject identifier for this SP and
if yes, append it. */
if (sequenceConfig.getApplicationConfig().isUseUserstoreDomainInLocalSubjectIdentifier()) {
String userStoreDomain = sequenceConfig.getAuthenticatedUser().getUserStoreDomain();
subjectValue = UserCoreUtil.addDomainToName(subjectValue, userStoreDomain);
sequenceConfig.getAuthenticatedUser().setAuthenticatedSubjectIdentifier(subjectValue);
}
if (log.isDebugEnabled()) {
log.debug(
"Authenticated User: " + sequenceConfig.getAuthenticatedUser().getAuthenticatedSubjectIdentifier());
log.debug("Authenticated User Tenant Domain: " + sequenceConfig.getAuthenticatedUser().getTenantDomain());
}
}
Example 2
| Source File: JsAuthenticatedUser.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
private String[] getLocalRoles() {
if (idp == null || FrameworkConstants.LOCAL.equals(idp)) {
RealmService realmService = FrameworkServiceDataHolder.getInstance().getRealmService();
int usersTenantId = IdentityTenantUtil.getTenantId(getWrapped().getTenantDomain());
try {
String usernameWithDomain = UserCoreUtil.addDomainToName(getWrapped().getUserName(), getWrapped()
.getUserStoreDomain());
UserRealm userRealm = realmService.getTenantUserRealm(usersTenantId);
return userRealm.getUserStoreManager().getRoleListOfUser(usernameWithDomain);
} catch (UserStoreException e) {
LOG.error("Error when getting role list of user: " + getWrapped(), e);
}
}
return ArrayUtils.EMPTY_STRING_ARRAY;
}
Example 3
| Source File: ProvisioningEntityBuilder.java From carbon-identity with Apache License 2.0 | 6 votes |
|
ProvisioningEntity buildProvisioningEntityForUserUpdate(SCIMObject provisioningObject,
Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
String domainName) throws CharonException, IdentityApplicationManagementException {
User user = (User) provisioningObject;
//username should be included in user update SCIM request
if (user.getUserName() != null) {
outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
Arrays.asList(new String[] { user.getUserName() }));
}
String domainAwareName = UserCoreUtil.addDomainToName(user.getUserName(), domainName);
ProvisioningEntity provisioningEntity =
new ProvisioningEntity(ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PUT,
outboundAttributes);
Map<String, String> inboundAttributes =
AttributeMapper.getClaimsMap((AbstractSCIMObject) provisioningObject);
provisioningEntity.setInboundAttributes(inboundAttributes);
return provisioningEntity;
}
Example 4
| Source File: ProfileMgtEventListener.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private String getFullQualifiedUsername(String tenantAwareUsername,
String userStoreDomain,
String tenantDomain) {
String fullyQualifiedUsername = UserCoreUtil.addDomainToName(tenantAwareUsername, userStoreDomain);
fullyQualifiedUsername = UserCoreUtil.addTenantDomainToEntry(fullyQualifiedUsername, tenantDomain);
return fullyQualifiedUsername;
}
Example 5
| Source File: AuthenticatedUser.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
public String getUsernameAsSubjectIdentifier(boolean useUserstoreDomainInLocalSubjectIdentifier, boolean
useTenantDomainInLocalSubjectIdentifier) {
String userName = this.userName;
if (useUserstoreDomainInLocalSubjectIdentifier && userStoreDomain != null) {
userName = UserCoreUtil.addDomainToName(userName, userStoreDomain);
}
if (useTenantDomainInLocalSubjectIdentifier && tenantDomain != null) {
userName = UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain);
}
return userName;
}
Example 6
| Source File: UserProfileMgtDAO.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Get association entry for the given federated identifier.
*
* @param tenantId tenant identifier
* @param idpId identity provider id
* @param federatedUserId federated identity id
* @return username of the user associated with the given federated identity id
* @throws UserProfileException
*/
public String getUserAssociatedFor(int tenantId, String idpId, String federatedUserId) throws UserProfileException {
String username = null;
try (Connection connection = IdentityDatabaseUtil.getDBConnection(false)) {
try (PreparedStatement prepStmt =
connection.prepareStatement(Constants.SQLQueries.RETRIEVE_USER_ASSOCIATED)) {
prepStmt.setInt(1, tenantId);
prepStmt.setString(2, idpId);
prepStmt.setInt(3, tenantId);
prepStmt.setString(4, federatedUserId);
try (ResultSet resultSet = prepStmt.executeQuery()) {
if (resultSet.next()) {
String domainName = resultSet.getString(1);
username = resultSet.getString(2);
if (!UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domainName)) {
username = UserCoreUtil.addDomainToName(username, domainName);
}
return username;
}
}
} catch (SQLException e1) {
throw new UserProfileException("Error occurred while retrieving user account associated for federated "
+ "ID: " + federatedUserId + " of IdP: " + idpId + " for tenant: " + tenantId, e1);
}
} catch (SQLException e) {
throw new UserProfileException("Error occurred while retrieving user account associated for federated " +
"ID: " + federatedUserId + " of IdP: " + idpId + " for tenant: " + tenantId, e);
}
return username;
}
Example 7
| Source File: ListenerUtils.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* This method will append the user store domain with user/role name.
*
* @param entity Entity that need to modified.
* @param userStoreManager UserStore Manager particular user/role handled by.
* @return UserStoreDomain/UserName or UserStoreDomain/RoleName
*/
public static String getEntityWithUserStoreDomain(String entity, UserStoreManager userStoreManager) {
String entityWithUserStoreDomain = entity;
if (StringUtils.isNotEmpty(entity) && userStoreManager != null) {
String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
entityWithUserStoreDomain = UserCoreUtil.addDomainToName(entity, userStoreDomain);
}
return entityWithUserStoreDomain;
}
Example 8
| Source File: DeleteRoleWFRequestHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public boolean startDeleteRoleFlow(String userStoreDomain, String roleName) throws WorkflowException {
WorkflowManagementService workflowService = IdentityWorkflowDataHolder.getInstance().getWorkflowService();
int tenant = CarbonContext.getThreadLocalCarbonContext().getTenantId();
String fullyQualifiedName = UserCoreUtil.addDomainToName(roleName, userStoreDomain);
Map<String, Object> wfParams = new HashMap<>();
Map<String, Object> nonWfParams = new HashMap<>();
wfParams.put(ROLENAME, roleName);
wfParams.put(USER_STORE_DOMAIN, userStoreDomain);
String uuid = UUID.randomUUID().toString();
Entity roleEntity = new Entity(fullyQualifiedName, UserStoreWFConstants.ENTITY_TYPE_ROLE, tenant);
if (workflowService.isEventAssociated(UserStoreWFConstants.DELETE_ROLE_EVENT) && !Boolean.TRUE.equals
(getWorkFlowCompleted()) && !isValidOperation(new Entity[]{roleEntity})) {
throw new WorkflowException("Operation is not valid.");
}
boolean state = startWorkFlow(wfParams, nonWfParams, uuid).getExecutorResultState().state();
//WF_REQUEST_ENTITY_RELATIONSHIP table has foreign key to WF_REQUEST, so need to run this after WF_REQUEST is
// updated
if (!Boolean.TRUE.equals(getWorkFlowCompleted()) && !state) {
//ToDo: Add thread local to handle scenarios where workflow is not associated with the event.
try {
workflowService.addRequestEntityRelationships(uuid, new Entity[]{roleEntity});
} catch (InternalWorkflowException e) {
//debug exception which occurs at DB level since no workflows associated with event
if (log.isDebugEnabled()) {
log.debug("No workflow associated with the operation.", e);
}
}
}
return state;
}
Example 9
| Source File: UserIdentityManagementUtil.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Enable the user account
*
* @param userName
* @param userStoreManager
* @throws IdentityException
*/
public static void enableUserAccount(String userName, UserStoreManager userStoreManager)
throws IdentityException {
if (!isIdentityMgtListenerEnable()) {
throw IdentityException.error("Cannot enable account, IdentityMgtEventListener is not enabled.");
}
String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().
getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
userName = UserCoreUtil.addDomainToName(userName, domainName);
try {
if (!userStoreManager.isExistingUser(userName)) {
log.error("User " + userName + " does not exist in tenant " + userStoreManager.getTenantId());
throw IdentityException.error("No user account found for user " + userName + "to enable");
}
} catch (UserStoreException e) {
log.error("Error while reading user identity data", e);
throw IdentityException.error("Error while enabling user account " + userName);
}
UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
UserIdentityClaimsDO userIdentityDO = store.load(UserCoreUtil.removeDomainFromName(userName), userStoreManager);
if (userIdentityDO != null) {
userIdentityDO.setAccountDisabled(false);
store.store(userIdentityDO, userStoreManager);
} else {
throw IdentityException.error("No user account found for user " + userName);
}
}
Example 10
| Source File: OutboundProvisioningManager.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private ProvisioningEntity getInboundProvisioningEntity(ProvisioningEntity provisioningEntity,
String tenantDomain, ProvisioningOperation operation,
String userName) throws CarbonException,
UserStoreException {
Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();
if (userName != null) {
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
Arrays.asList(new String[]{userName}));
}
List<String> roleListOfUser = getUserRoles(userName, tenantDomain);
if (roleListOfUser != null) {
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), roleListOfUser);
}
String domainAwareName = userName;
String domainName = getDomainFromName(provisioningEntity.getEntityName());
if (domainName != null && !domainName.equals(UserCoreConstants.INTERNAL_DOMAIN)) {
if (log.isDebugEnabled()) {
log.debug("Adding domain name : " + domainName + " to user : " + userName);
}
domainAwareName = UserCoreUtil.addDomainToName(userName, domainName);
}
ProvisioningEntity inboundProvisioningEntity = new ProvisioningEntity(
ProvisioningEntityType.USER, domainAwareName, operation, outboundAttributes);
inboundProvisioningEntity.setInboundAttributes(getUserClaims(userName, tenantDomain));
return inboundProvisioningEntity;
}
Example 11
| Source File: JDBCIdentityDataStore.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
@Override
public void remove(String userName, UserStoreManager userStoreManager) throws IdentityException {
super.remove(userName, userStoreManager);
String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).
getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
userName = UserCoreUtil.addDomainToName(userName, domainName);
Connection connection = IdentityDatabaseUtil.getDBConnection();
PreparedStatement prepStmt = null;
try {
int tenantId = userStoreManager.getTenantId();
boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(userName, tenantId);
String query;
if (isUsernameCaseSensitive) {
query = SQLQuery.DELETE_USER_DATA;
} else {
query = SQLQuery.DELETE_USER_DATA_CASE_INSENSITIVE;
}
prepStmt = connection.prepareStatement(query);
prepStmt.setInt(1, tenantId);
prepStmt.setString(2, userName);
prepStmt.execute();
IdentityDatabaseUtil.commitTransaction(connection);
} catch (SQLException | UserStoreException e) {
IdentityDatabaseUtil.rollbackTransaction(connection);
throw IdentityException.error("Error while reading user identity data", e);
} finally {
IdentityDatabaseUtil.closeStatement(prepStmt);
IdentityDatabaseUtil.closeConnection(connection);
}
}
Example 12
| Source File: User.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public String toString() {
String username = null;
if (StringUtils.isNotBlank(this.userName)) {
username = this.userName;
}
if (StringUtils.isNotBlank(this.userStoreDomain)) {
username = UserCoreUtil.addDomainToName(username, userStoreDomain);
}
if (StringUtils.isNotBlank(this.tenantDomain)) {
username = UserCoreUtil.addTenantDomainToEntry(username, tenantDomain);
}
return username;
}
Example 13
| Source File: DefaultProvisioningHandler.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
protected void associateUser(String username, String userStoreDomain, String tenantDomain, String subject,
String idp) throws FrameworkException {
String usernameWithUserstoreDomain = UserCoreUtil.addDomainToName(username, userStoreDomain);
try {
// start tenant flow
FrameworkUtils.startTenantFlow(tenantDomain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(usernameWithUserstoreDomain);
if (!StringUtils.isEmpty(idp) && !StringUtils.isEmpty(subject)) {
FederatedAssociationManager federatedAssociationManager = FrameworkUtils
.getFederatedAssociationManager();
User user = getAssociatedUser(tenantDomain, userStoreDomain, username);
federatedAssociationManager.createFederatedAssociation(user, idp, subject);
if (log.isDebugEnabled()) {
log.debug("Associated local user: " + usernameWithUserstoreDomain + " in tenant: " +
tenantDomain + " to the federated subject : " + subject + " in IdP: " + idp);
}
} else {
throw new FrameworkException("Error while associating local user: " + usernameWithUserstoreDomain +
" in tenant: " + tenantDomain + " to the federated subject : " + subject + " in IdP: " + idp);
}
} catch (FederatedAssociationManagerException e) {
if (isUserAlreadyAssociated(e)) {
log.info("An association already exists for user: " + subject + ". Skip association while JIT " +
"provisioning");
} else {
throw new FrameworkException("Error while associating local user: " + usernameWithUserstoreDomain +
" in tenant: " + tenantDomain + " to the federated subject : " + subject + " in IdP: " + idp, e);
}
} finally {
// end tenant flow
FrameworkUtils.endTenantFlow();
}
}
Example 14
| Source File: SSOConsentServiceImpl.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
private String buildSubjectWithUserStoreDomain(AuthenticatedUser authenticatedUser) {
String userStoreDomain;
if (authenticatedUser.isFederatedUser()) {
userStoreDomain = getFederatedUserDomain(authenticatedUser.getFederatedIdPName());
} else {
userStoreDomain = authenticatedUser.getUserStoreDomain();
}
return UserCoreUtil.addDomainToName(authenticatedUser.getUserName(), userStoreDomain);
}
Example 15
| Source File: CassandraUserStoreManager.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Lists the users in the user store.
*/
@Override
protected String[] doListUsers(String filter, int maxItemLimit) throws UserStoreException {
List<String> users = new ArrayList<String>();
int arrayLength = 0;
if (maxItemLimit == 0) {
return new String[0];
}
int givenMax = UserCoreConstants.MAX_USER_ROLE_LIST;
try {
givenMax = Integer.parseInt(realmConfig
.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_USER_LIST));
} catch (Exception e) {
givenMax = UserCoreConstants.MAX_USER_ROLE_LIST;
if (log.isDebugEnabled()) {
log.debug("Realm configuration maximum not set : Using User Core Constant value instead!", e);
}
}
if (maxItemLimit < 0 || maxItemLimit > givenMax) {
maxItemLimit = givenMax;
}
RangeSlicesQuery<String, String, String> rangeSliceQuery = HFactory.createRangeSlicesQuery(keyspace,
stringSerializer, stringSerializer, stringSerializer);
rangeSliceQuery.setColumnFamily(CFConstants.UM_USER);
rangeSliceQuery.setRange(filter, null, false, Integer.MAX_VALUE);
rangeSliceQuery.addEqualsExpression(CFConstants.UM_TENANT_ID, tenantIdString);
// TODO - Need to check how to use the filter for range
rangeSliceQuery.setKeys("", "");
rangeSliceQuery.setRowCount(maxItemLimit);
QueryResult<OrderedRows<String, String, String>> result = rangeSliceQuery.execute();
if (result != null) {
OrderedRows<String, String, String> rows = result.get();
if (rows.getCount() <= 0) {
// reformatted to avoid nesting too many blocks
return users.toArray(new String[arrayLength]);
}
arrayLength = rows.getCount();
Iterator<Row<String, String, String>> rowsIterator = rows.iterator();
while (rowsIterator.hasNext()) {
Row<String, String, String> row = rowsIterator.next();
if (row.getColumnSlice().getColumnByName(CFConstants.UM_USER_ID).getValue() != null) {
String name = row.getColumnSlice().getColumnByName(CFConstants.UM_USER_NAME).getValue();
// append the domain if exist
name = UserCoreUtil.addDomainToName(name, domain);
users.add(name);
}
}
}
return users.toArray(new String[arrayLength]);
}
Example 16
| Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
@Override
public boolean doPreDeleteUserClaimValue(String userName, String attributeToDelete, String profileName,
UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();
if (userName != null) {
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
Arrays.asList(new String[]{userName}));
}
String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
if (log.isDebugEnabled()) {
log.debug("Adding domain name : " + domainName + " to user : " + userName);
}
String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName);
ProvisioningEntity provisioningEntity = new ProvisioningEntity(
ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PATCH,
outboundAttributes);
Map<String, String> inboundAttributes = new HashMap<>();
inboundAttributes.put(attributeToDelete, "");
// set the in-bound attribute list.
provisioningEntity.setInboundAttributes(inboundAttributes);
String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
ThreadLocalProvisioningServiceProvider threadLocalServiceProvider;
threadLocalServiceProvider = IdentityApplicationManagementUtil
.getThreadLocalProvisioningServiceProvider();
if (threadLocalServiceProvider != null) {
String serviceProvider = threadLocalServiceProvider.getServiceProviderName();
tenantDomainName = threadLocalServiceProvider.getTenantDomain();
if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
try {
serviceProvider = ApplicationManagementService.getInstance()
.getServiceProviderNameByClientId(
threadLocalServiceProvider.getServiceProviderName(),
IdentityApplicationConstants.OAuth2.NAME, tenantDomainName);
} catch (IdentityApplicationManagementException e) {
log.error("Error while provisioning", e);
return true;
}
}
// call framework method to provision the user.
OutboundProvisioningManager.getInstance().provision(provisioningEntity,
serviceProvider, threadLocalServiceProvider.getClaimDialect(),
tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning());
} else {
// call framework method to provision the user.
OutboundProvisioningManager.getInstance()
.provision(provisioningEntity, ApplicationConstants.LOCAL_SP,
IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false);
}
return true;
}
Example 17
| Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
@Override
public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager)
throws UserStoreException {
if (!isEnable()) {
return true;
}
Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays
.asList(new String[]{userName}));
String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
if (log.isDebugEnabled()) {
log.debug("Adding domain name : " + domainName + " to user : " + userName);
}
String domainAwareName = UserCoreUtil.addDomainToName(userName, domainName);
ProvisioningEntity provisioningEntity = new ProvisioningEntity(
ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.DELETE,
outboundAttributes);
String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
ThreadLocalProvisioningServiceProvider threadLocalServiceProvider;
threadLocalServiceProvider = IdentityApplicationManagementUtil
.getThreadLocalProvisioningServiceProvider();
if (threadLocalServiceProvider != null) {
String serviceProvider = threadLocalServiceProvider.getServiceProviderName();
tenantDomainName = threadLocalServiceProvider.getTenantDomain();
if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
try {
serviceProvider = ApplicationManagementService.getInstance()
.getServiceProviderNameByClientId(
threadLocalServiceProvider.getServiceProviderName(),
IdentityApplicationConstants.OAuth2.NAME, tenantDomainName);
} catch (IdentityApplicationManagementException e) {
log.error("Error while provisioning", e);
return true;
}
}
// call framework method to provision the user.
OutboundProvisioningManager.getInstance().provision(provisioningEntity,
serviceProvider, threadLocalServiceProvider.getClaimDialect(),
tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning());
} else {
OutboundProvisioningManager.getInstance()
.provision(provisioningEntity, ApplicationConstants.LOCAL_SP,
IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false);
}
return true;
}
Example 18
| Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
@Override
public boolean doPostUpdateUserListOfRole(String roleName, String[] deletedUsers,
String[] newUsers, UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
String[] userList = userStoreManager.getUserListOfRole(roleName);
Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays
.asList(new String[]{roleName}));
outboundAttributes.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI,
null, null, false), Arrays.asList(userList));
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.NEW_USER_CLAIM_URI, null, null, false), Arrays
.asList(newUsers));
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.DELETED_USER_CLAIM_URI, null, null, false),
Arrays.asList(deletedUsers));
String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
if (log.isDebugEnabled()) {
log.debug("Adding domain name : " + domainName + " to role : " + roleName);
}
String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName);
ProvisioningEntity provisioningEntity = new ProvisioningEntity(
ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.PUT,
outboundAttributes);
String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
ThreadLocalProvisioningServiceProvider threadLocalServiceProvider;
threadLocalServiceProvider = IdentityApplicationManagementUtil
.getThreadLocalProvisioningServiceProvider();
if (threadLocalServiceProvider != null) {
String serviceProvider = threadLocalServiceProvider.getServiceProviderName();
tenantDomainName = threadLocalServiceProvider.getTenantDomain();
if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
try {
serviceProvider = ApplicationManagementService.getInstance()
.getServiceProviderNameByClientId(
threadLocalServiceProvider.getServiceProviderName(),
IdentityApplicationConstants.OAuth2.NAME, tenantDomainName);
} catch (IdentityApplicationManagementException e) {
log.error("Error while provisioning", e);
return true;
}
}
// call framework method to provision the user.
OutboundProvisioningManager.getInstance().provision(provisioningEntity,
serviceProvider, threadLocalServiceProvider.getClaimDialect(),
tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning());
} else {
// call framework method to provision the group.
OutboundProvisioningManager.getInstance()
.provision(provisioningEntity, ApplicationConstants.LOCAL_SP,
IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false);
}
return true;
}
Example 19
| Source File: DefaultInboundUserProvisioningListener.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
@Override
public boolean doPreAddRole(String roleName, String[] userList, Permission[] permissions,
UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();
if (roleName != null) {
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), Arrays
.asList(new String[]{roleName}));
}
if (userList != null && userList.length > 0) {
outboundAttributes.put(ClaimMapping.build(
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false), Arrays
.asList(userList));
}
String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
if (log.isDebugEnabled()) {
log.debug("Adding domain name : " + domainName + " to user : " + roleName);
}
String domainAwareName = UserCoreUtil.addDomainToName(roleName, domainName);
ProvisioningEntity provisioningEntity = new ProvisioningEntity(
ProvisioningEntityType.GROUP, domainAwareName, ProvisioningOperation.POST,
outboundAttributes);
String tenantDomainName = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
ThreadLocalProvisioningServiceProvider threadLocalServiceProvider;
threadLocalServiceProvider = IdentityApplicationManagementUtil
.getThreadLocalProvisioningServiceProvider();
if (threadLocalServiceProvider != null) {
String serviceProvider = threadLocalServiceProvider.getServiceProviderName();
tenantDomainName = threadLocalServiceProvider.getTenantDomain();
if (threadLocalServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
try {
serviceProvider = ApplicationManagementService.getInstance()
.getServiceProviderNameByClientId(
threadLocalServiceProvider.getServiceProviderName(),
IdentityApplicationConstants.OAuth2.NAME, tenantDomainName);
} catch (IdentityApplicationManagementException e) {
log.error("Error while provisioning", e);
return true;
}
}
// call framework method to provision the user.
OutboundProvisioningManager.getInstance().provision(provisioningEntity,
serviceProvider, threadLocalServiceProvider.getClaimDialect(),
tenantDomainName, threadLocalServiceProvider.isJustInTimeProvisioning());
} else {
// call framework method to provision the group.
OutboundProvisioningManager.getInstance()
.provision(provisioningEntity, ApplicationConstants.LOCAL_SP,
IdentityProvisioningConstants.WSO2_CARBON_DIALECT, tenantDomainName, false);
}
return true;
}
Example 20
| Source File: SetMultipleClaimsWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
public boolean startSetMultipleClaimsWorkflow(String userStoreDomain, String userName, Map<String, String>
claims, String profileName) throws WorkflowException {
WorkflowManagementService workflowService = IdentityWorkflowDataHolder.getInstance().getWorkflowService();
if (claims == null) {
claims = new HashMap<>();
}
int tenant = CarbonContext.getThreadLocalCarbonContext().getTenantId();
String fullyQualifiedName = UserCoreUtil.addDomainToName(userName, userStoreDomain);
Map<String, Object> wfParams = new HashMap<>();
Map<String, Object> nonWfParams = new HashMap<>();
wfParams.put(USERNAME, userName);
wfParams.put(USER_STORE_DOMAIN, userStoreDomain);
wfParams.put(CLAIMS, claims);
wfParams.put(PROFILE_NAME, profileName);
String uuid = UUID.randomUUID().toString();
Entity[] entities = new Entity[claims.size() + 1];
entities[0] = new Entity(fullyQualifiedName, UserStoreWFConstants.ENTITY_TYPE_USER, tenant);
int i = 1;
for (String key : claims.keySet()) {
entities[i] = new Entity(key, UserStoreWFConstants.ENTITY_TYPE_CLAIM, tenant);
i++;
}
if (workflowService.isEventAssociated(UserStoreWFConstants.SET_MULTIPLE_USER_CLAIMS_EVENT) &&
!Boolean.TRUE.equals(getWorkFlowCompleted()) && !isValidOperation(entities)) {
throw new WorkflowException("Operation is not valid.");
}
boolean state = startWorkFlow(wfParams, nonWfParams, uuid).getExecutorResultState().state();
//WF_REQUEST_ENTITY_RELATIONSHIP table has foreign key to WF_REQUEST, so need to run this after WF_REQUEST is
// updated
if (!Boolean.TRUE.equals(getWorkFlowCompleted()) && !state) {
try {
workflowService.addRequestEntityRelationships(uuid, entities);
} catch (InternalWorkflowException e) {
//debug exception which occurs at DB level since no workflows associated with event
if (log.isDebugEnabled()) {
log.debug("No workflow associated with the operation.", e);
}
}
}
return state;
}
