org.wso2.carbon.identity.core.util.IdentityUtil Java Examples

The following examples show how to use org.wso2.carbon.identity.core.util.IdentityUtil. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: IdentityApplicationManagementUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * extract one certificate from series of certificates.
 *
 * @param decodedCertificate series of certificate value in readable format
 * @param ordinal            relating to the order of the certificate in a series of certificate values
 * @return
 */
public static String extractCertificate(String decodedCertificate, int ordinal) {

    String certificateVal;
    int numberOfCertificatesInCertificate = StringUtils.countMatches(decodedCertificate,
            IdentityUtil.PEM_BEGIN_CERTFICATE);
    if (ordinal == numberOfCertificatesInCertificate) {
        certificateVal = decodedCertificate.substring(StringUtils.ordinalIndexOf(decodedCertificate
                , IdentityUtil.PEM_BEGIN_CERTFICATE, ordinal));
    } else {
        certificateVal = decodedCertificate.substring(StringUtils.ordinalIndexOf(
                decodedCertificate, IdentityUtil.PEM_BEGIN_CERTFICATE, ordinal),
                StringUtils.ordinalIndexOf(decodedCertificate,
                        IdentityUtil.PEM_BEGIN_CERTFICATE, ordinal + 1));
    }
    return certificateVal;
}
 
Example #2
Source File: IdentityProvider.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * handle the certificate which is in encoded format.
 *
 * @param certificateValue
 * @return array of certificate value and thumbPrint of each certificates.
 * @throws NoSuchAlgorithmException
 */
private CertificateInfo[] handleEncodedCertificate(String certificateValue) throws NoSuchAlgorithmException {

    if (log.isDebugEnabled()) {
        log.debug("Handling encoded certificates: " + certificateValue);
    }
    String decodedCertificate;
    try {
        decodedCertificate = new String(Base64.getDecoder().decode(certificateValue), StandardCharsets.UTF_8);
    } catch (IllegalArgumentException ex) {
        // TODO Need to handle the exception handling in proper way.
        return createCertificateInfoForNoBeginCertificate(certificateValue);
    }
    if (StringUtils.isNotBlank(decodedCertificate) &&
            !decodedCertificate.startsWith(IdentityUtil.PEM_BEGIN_CERTFICATE)) {
        // Handle certificates which are one time encoded but doesn't have BEGIN and END statement
        return createCertificateInfoForNoBeginCertificate(certificateValue);
    } else {
        return createEncodedCertificateInfo(decodedCertificate, true);
    }
}
 
Example #3
Source File: SPInitSSOAuthnRequestValidator.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
protected String splitAppendedTenantDomain(String issuer) throws UserStoreException, IdentityException {

        if(IdentityUtil.isBlank(SAMLSSOUtil.getTenantDomainFromThreadLocal())) {
            if (issuer.contains("@")) {
                String tenantDomain = issuer.substring(issuer.lastIndexOf('@') + 1);
                issuer = issuer.substring(0, issuer.lastIndexOf('@'));
                if (StringUtils.isNotBlank(tenantDomain) && StringUtils.isNotBlank(issuer)) {
                    SAMLSSOUtil.setTenantDomainInThreadLocal(tenantDomain);
                    if (log.isDebugEnabled()) {
                        log.debug("Tenant Domain: " + tenantDomain + " & Issuer name: " + issuer + "has been " +
                                "split");
                    }
                }
            }
        }
        if(IdentityUtil.isBlank(SAMLSSOUtil.getTenantDomainFromThreadLocal())){
            SAMLSSOUtil.setTenantDomainInThreadLocal(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        }
        return issuer;
    }
 
Example #4
Source File: SecondaryUserStoreConfigurationUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * To get the path of the userStore XML file
 * @param domainName userStore domain name
 * @return the path of the userstore xml
 * @throws IdentityUserStoreMgtException if an error occurs when getting the file path.
 */
public static Path getUserStoreConfigurationFile(String domainName) throws IdentityUserStoreMgtException {

    String fileName = domainName.replace(UserStoreConfigurationConstant.PERIOD,
            UserStoreConfigurationConstant.UNDERSCORE);
    Path userStore;

    if (!IdentityUtil.isValidFileName(fileName)) {
        String message = "Provided domain name : '" + domainName + "' is invalid.";
        throw new IdentityUserStoreMgtException(message);
    }

    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();

    if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
        userStore = Paths.get(DEPLOYMENT_DIRECTORY);
    } else {
        String tenantFilePath = CarbonUtils.getCarbonTenantsDirPath();
        userStore = Paths.get(tenantFilePath, String.valueOf(tenantId), USERSTORES);
    }
    return getUserStoreConfigFile(userStore, fileName);
}
 
Example #5
Source File: IdentityUserNameResolverListener.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
@Override
public boolean doPreDeleteUserWithID(String userID, UserStoreManager userStoreManager) throws UserStoreException {

    if (!isEnable()) {
        return true;
    }

    String userName = getUserNameFromUserID(userID, (AbstractUserStoreManager) userStoreManager);
    if (userName == null) {
        return handleUserNameResolveFailure(userID, userStoreManager);
    }

    // Setting the thread-local to keep userName for doPostDeleteUserWithID listener.
    IdentityUtil.threadLocalProperties.get().put(DO_PRE_DELETE_USER_USER_NAME, userName);

    for (UserOperationEventListener listener : getUserStoreManagerListeners()) {
        if (isNotAResolverListener(listener)) {
            if (!listener.doPreDeleteUser(userName, userStoreManager)) {
                return false;
            }
        }
    }

    return true;
}
 
Example #6
Source File: PassiveSTSManager.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Returns the redirection URL with the appended SAML2
 * Request message
 *
 * @param request
 * @param loginPage
 * @param contextIdentifier
 * @return redirectionUrl
 * @throws PassiveSTSException
 */
public String buildRequest(HttpServletRequest request, String loginPage,
                           String contextIdentifier, Map<String, String> authenticationProperties)
        throws PassiveSTSException {

    String replyUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
    String action = "wsignin1.0";
    String realm = authenticationProperties.get(PassiveSTSConstants.REALM_ID);
    String redirectUrl = loginPage + "?wa=" + action + "&wreply=" + replyUrl + "&wtrealm=" + realm;
    try {
        redirectUrl = redirectUrl + "&wctx=" + URLEncoder.encode(contextIdentifier, "UTF-8").trim();
    } catch (UnsupportedEncodingException e) {
        throw new PassiveSTSException("Error occurred while url encoding WCTX ", e);
    }
    return redirectUrl;
}
 
Example #7
Source File: HttpIdentityResponseFactory.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public void init(InitConfig initConfig) {

        this.initConfig = initConfig;

        IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
                (HttpIdentityResponseFactory.class.getName(), this.getClass().getName());

        if (identityEventListenerConfig == null) {
            return;
        }

        if(identityEventListenerConfig.getProperties() != null) {
            for(Map.Entry<Object,Object> property:identityEventListenerConfig.getProperties().entrySet()) {
                String key = (String)property.getKey();
                String value = (String)property.getValue();
                if(!properties.containsKey(key)) {
                    properties.setProperty(key, value);
                } else {
                    log.warn("Property key " + key + " already exists. Cannot add property!!");
                }
            }
        }
    }
 
Example #8
Source File: UserAdmin.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param userStoreDomain
 * @param fileName
 * @param handler
 * @param defaultPassword
 * @throws UserAdminException
 */
public void bulkImportUsers(String userStoreDomain, String fileName, DataHandler handler, String defaultPassword)
        throws UserAdminException {
    //password will no longer be used, instead the password will be taken from the file
    if (fileName == null || handler == null) {
        throw new UserAdminException("Required data not provided");
    }
    if (StringUtils.isEmpty(userStoreDomain)) {
        userStoreDomain = IdentityUtil.getPrimaryDomainName();
    }
    try {
        InputStream inStream = handler.getInputStream();
        getUserAdminProxy().bulkImportUsers(userStoreDomain, fileName, inStream, defaultPassword);
    } catch (IOException e) {
        log.error(e.getMessage(), e);
        throw new UserAdminException(e.getMessage(), e);
    }

}
 
Example #9
Source File: UserStoreCountUtils.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Create an instance of the given count retriever class
 *
 * @param domain
 * @return
 * @throws UserStoreCounterException
 */
public static UserStoreCountRetriever getCounterInstanceForDomain(String domain) throws UserStoreCounterException {
    if (StringUtils.isEmpty(domain)) {
        domain = IdentityUtil.getPrimaryDomainName();
    }

    RealmConfiguration realmConfiguration = getUserStoreList().get(domain);
    if (realmConfiguration != null && realmConfiguration.getUserStoreProperty(COUNT_RETRIEVER_CLASS) != null) {
        String retrieverType = realmConfiguration.getUserStoreProperty(COUNT_RETRIEVER_CLASS);
        UserStoreCountRetriever userStoreCountRetriever = UserStoreCountDataHolder.getInstance()
                .getCountRetrieverFactories().get(retrieverType).buildCountRetriever(realmConfiguration);
        if (userStoreCountRetriever == null) {
            throw new UserStoreCounterException(
                    "Could not create an instance of class: " + retrieverType + " for " +
                            "the domain: " + domain);
        }
        return userStoreCountRetriever;
    } else {
        return null;
    }
}
 
Example #10
Source File: UserIdentityManagementUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private static boolean isIdentityMgtListenerEnable() {

        String listenerClassName = IdentityMgtConfig.getInstance().getProperty
                (IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
        if (StringUtils.isBlank(listenerClassName)) {
            listenerClassName = IdentityMgtEventListener.class.getName();
        }

        IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
                (UserOperationEventListener.class.getName(), listenerClassName);
        if (identityEventListenerConfig == null) {
            return true;
        }

        if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
            return Boolean.parseBoolean(identityEventListenerConfig.getEnable());
        } else {
            return true;
        }
    }
 
Example #11
Source File: AuthenticatedUser.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Sets authenticated subject identifier according to the useTenantDomainInLocalSubjectIdentifier and
 * useUserstoreDomainInLocalSubjectIdentifier properties.
 *
 * @param authenticatedSubjectIdentifier authenticated subject identifier
 * @param serviceProvider service provider
 */

public void setAuthenticatedSubjectIdentifier(String authenticatedSubjectIdentifier, ServiceProvider serviceProvider) {

    if (!isFederatedUser() && serviceProvider != null) {
        boolean useUserstoreDomainInLocalSubjectIdentifier = serviceProvider.getLocalAndOutBoundAuthenticationConfig()
                .isUseUserstoreDomainInLocalSubjectIdentifier();
        boolean useTenantDomainInLocalSubjectIdentifier = serviceProvider.getLocalAndOutBoundAuthenticationConfig()
                .isUseTenantDomainInLocalSubjectIdentifier();
        if (useUserstoreDomainInLocalSubjectIdentifier && StringUtils.isNotEmpty(userStoreDomain)) {
            authenticatedSubjectIdentifier = IdentityUtil.addDomainToName(userName, userStoreDomain);
        }
        if (useTenantDomainInLocalSubjectIdentifier && StringUtils.isNotEmpty(tenantDomain) &&
                StringUtils.isNotEmpty(authenticatedSubjectIdentifier)) {
            authenticatedSubjectIdentifier = UserCoreUtil.addTenantDomainToEntry(authenticatedSubjectIdentifier,
                    tenantDomain);
        }
    }
    this.authenticatedSubjectIdentifier = authenticatedSubjectIdentifier;
}
 
Example #12
Source File: AbstractIdentityHandler.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
@Override
public void init(InitConfig initConfig) {

    this.initConfig = initConfig;

    IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
            (AbstractIdentityHandler.class.getName(), this.getClass().getName());

    if (identityEventListenerConfig == null) {
        return;
    }

    if(identityEventListenerConfig.getProperties() != null) {
        for(Map.Entry<Object,Object> property:identityEventListenerConfig.getProperties().entrySet()) {
            String key = (String)property.getKey();
            String value = (String)property.getValue();
            if(!properties.containsKey(key)) {
                properties.setProperty(key, value);
            } else {
                log.warn("Property key " + key + " already exists. Cannot add property!!");
            }
        }
    }
}
 
Example #13
Source File: ConsentDeletionAppMgtListener.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private boolean buildConfig() {

        IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
                (ApplicationMgtListener.class.getName(), this.getClass().getName());

        if (identityEventListenerConfig == null) {
            return true;
        }

        if (identityEventListenerConfig.getProperties() != null) {
            for (Map.Entry<Object, Object> property : identityEventListenerConfig.getProperties().entrySet()) {
                String key = (String) property.getKey();
                String value = (String) property.getValue();
                if (!properties.containsKey(key)) {
                    properties.setProperty(key, value);
                } else {
                    log.warn("Property key " + key + " already exists. Cannot add property!!");
                }
            }
        }
        return false;
    }
 
Example #14
Source File: ApplicationResourceManagementListener.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Get the execution order identifier for this listener.
 *
 * @return The execution order identifier integer value.
 */
default int getExecutionOrderId() {

    IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
            (ApplicationResourceManagementListener.class.getName(), this.getClass().getName());
    int orderId;
    if (identityEventListenerConfig == null) {
        orderId = IdentityCoreConstants.EVENT_LISTENER_ORDER_ID;
    } else {
        orderId = identityEventListenerConfig.getOrder();
    }

    if (orderId != IdentityCoreConstants.EVENT_LISTENER_ORDER_ID) {
        return orderId;
    }

    return getDefaultOrderId();
}
 
Example #15
Source File: FileBasedTemplateHandler.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
@Override
public List<Template> listTemplates(String templateType, Integer limit, Integer offset, Condition
        searchCondition) throws TemplateManagementException {

    validatePaginationParameters(limit, offset);

    if (limit == null || limit == 0) {
        limit = IdentityUtil.getDefaultItemsPerPage();
        if (log.isDebugEnabled()) {
            log.debug("Limit is not defined in the request, default to: " + limit);
        }
    }

    if (offset == null) {
        offset = DEFAULT_SEARCH_OFFSET;
    }

    return removeWSTrustTemplate(TemplateManagerDataHolder.getInstance().getFileBasedTemplates().entrySet().stream()
            .filter(entry -> StringUtils.equals(entry.getValue().getTemplateType().toString(), (templateType)))
            .skip(offset)
            .limit(limit)
            .map(Map.Entry::getValue)
            .collect(Collectors.toList()));
}
 
Example #16
Source File: OAuthAppDAO.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private boolean isDuplicateApplication(String username, int tenantId, String userDomain, OAuthAppDO consumerAppDTO)
        throws IdentityOAuthAdminException {
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement prepStmt = null;
    ResultSet rSet = null;

    boolean isDuplicateApp = false;
    boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(username, tenantId);

    try {
        String sql = SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_APPLICATION;
        if (!isUsernameCaseSensitive) {
            sql = sql.replace("USERNAME", "LOWER(USERNAME)");
        }
        prepStmt = connection.prepareStatement(sql);
        if (isUsernameCaseSensitive) {
            prepStmt.setString(1, username);
        } else {
            prepStmt.setString(1, username.toLowerCase());
        }
        prepStmt.setInt(2, tenantId);
        prepStmt.setString(3, userDomain);
        prepStmt.setString(4, consumerAppDTO.getApplicationName());

        rSet = prepStmt.executeQuery();
        if (rSet.next()) {
            isDuplicateApp = true;
        }
        connection.commit();
    } catch (SQLException e) {
        throw new IdentityOAuthAdminException("Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_APPLICATION, e);
    } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt);
    }
    return isDuplicateApp;
}
 
Example #17
Source File: FacebookAuthenticator.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private Map<String, Object> getUserInfoJson(String fbAuthUserInfoUrl, String userInfoFields, String token)
        throws ApplicationAuthenticatorException {

    String userInfoString = getUserInfoString(fbAuthUserInfoUrl, userInfoFields, token);
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_ID_TOKEN)) {
        log.debug("UserInfoString : " + userInfoString);
    }
    Map<String, Object> jsonObject = JSONUtils.parseJSON(userInfoString);
    return jsonObject;
}
 
Example #18
Source File: DefaultAuthSeqMgtServiceImpl.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private void checkUnsupportedXMLElements(String seqConfigXml, String tenantDomain,
                                         String errorMsg) throws DefaultAuthSeqMgtException {

    List<String> validationMsg = new ArrayList<>();

    if (seqConfigXml != null) {
        try {
            DocumentBuilder builder = IdentityUtil.getSecuredDocumentBuilderFactory().newDocumentBuilder();
            InputSource src = new InputSource();
            src.setCharacterStream(new StringReader(seqConfigXml));
            Document doc = builder.parse(src);
            if (!doc.getDocumentElement().getNodeName().equalsIgnoreCase(
                    LocalAndOutboundAuthenticationConfig.class.getSimpleName())) {
                validationMsg.add("Invalid XML element: " + doc.getDocumentElement().getNodeName() + " in the " +
                        "sequence configuration.");
            } else {
                NodeList nodeList = doc.getDocumentElement().getChildNodes();
                for (int i = 0; i < nodeList.getLength(); i++) {
                    Node currentNode = nodeList.item(i);
                    if (currentNode.getNodeType() == Node.ELEMENT_NODE &&
                            !currentNode.getNodeName().equals("AuthenticationSteps") &&
                            !currentNode.getNodeName().equals("AuthenticationScript")) {
                        validationMsg.add("Invalid XML element: " + currentNode.getNodeName() + " in the " +
                                "sequence configuration.");
                    }
                }
            }
        } catch (ParserConfigurationException | SAXException | IOException e) {
            throw new DefaultAuthSeqMgtServerException(errorMsg, e);
        }
    }

    if (!validationMsg.isEmpty()) {
        log.error(errorMsg + tenantDomain);
        for (String msg : validationMsg) {
            log.error(msg);
        }
        throw new DefaultAuthSeqMgtException(validationMsg.toArray(new String[0]));
    }
}
 
Example #19
Source File: AbstractIdentityHandler.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Override
public boolean isEnabled() {

    IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
            (AbstractIdentityHandler.class.getName(), this.getClass().getName());

    if (identityEventListenerConfig == null) {
        return true;
    }

    return Boolean.parseBoolean(identityEventListenerConfig.getEnable());
}
 
Example #20
Source File: FrameworkUtils.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Check whether the authentication flow should continue upon facing a claim handling error.
 *
 * @return true/false Continue or break flow when facing claim handling errors.
 */
public static boolean isContinueOnClaimHandlingErrorAllowed() {

    String continueOnClaimHandlingErrorValue = IdentityUtil.getProperty(CONTINUE_ON_CLAIM_HANDLING_ERROR);

    // If config is empty or not a boolean value, the property must be set to the default value which is true.
    return !Boolean.FALSE.toString().equalsIgnoreCase(continueOnClaimHandlingErrorValue);
}
 
Example #21
Source File: AbstractIdentityUserMgtFailureEventListener.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * To get the execution order id from the configuration file.
 *
 * @return relevant order id of the event listener.
 */
public int getOrderId() {

    IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
            (UserManagementErrorEventListener.class.getName(), this.getClass().getName());
    if (identityEventListenerConfig == null) {
        return IdentityCoreConstants.EVENT_LISTENER_ORDER_ID;
    }
    return identityEventListenerConfig.getOrder();
}
 
Example #22
Source File: JDBCIdentityDataStore.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Override
public void remove(String userName, UserStoreManager userStoreManager) throws IdentityException {

    super.remove(userName, userStoreManager);
    String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).
            getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
    userName = UserCoreUtil.addDomainToName(userName, domainName);
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement prepStmt = null;
    try {
        int tenantId = userStoreManager.getTenantId();
        boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(userName, tenantId);
        String query;
        if (isUsernameCaseSensitive) {
            query = SQLQuery.DELETE_USER_DATA;
        } else {
            query = SQLQuery.DELETE_USER_DATA_CASE_INSENSITIVE;
        }
        prepStmt = connection.prepareStatement(query);
        prepStmt.setInt(1, tenantId);
        prepStmt.setString(2, userName);
        prepStmt.execute();
        IdentityDatabaseUtil.commitTransaction(connection);
    } catch (SQLException | UserStoreException e) {
        IdentityDatabaseUtil.rollbackTransaction(connection);
        throw IdentityException.error("Error while reading user identity data", e);
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);
        IdentityDatabaseUtil.closeConnection(connection);
    }
}
 
Example #23
Source File: AbstractWorkflowListener.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * get order ID (priority of current listener)
 *
 * @return
 */
public int getOrderId() {
    IdentityEventListenerConfig workflowListener = IdentityUtil.readEventListenerProperty
            (WorkflowListener.class.getName(), this.getClass().getName());
    if (workflowListener == null) {
        return IdentityCoreConstants.EVENT_LISTENER_ORDER_ID;
    }
    return workflowListener.getOrder();
}
 
Example #24
Source File: FileBasedConfigurationBuilder.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private void readIdentifierFirstConfirmationURL(OMElement documentElement) {
    OMElement readIDFConfirmationElement = documentElement.getFirstChildWithName(IdentityApplicationManagementUtil.
            getQNameWithIdentityApplicationNS(FrameworkConstants.Config.QNAME_AUTHENTICATION_ENDPOINT_IDF_CONFIRM_URL));

    if (readIDFConfirmationElement != null) {
        identifierFirstConfirmationURL = IdentityUtil.fillURLPlaceholders(readIDFConfirmationElement.getText());
    }
}
 
Example #25
Source File: EntitlementEngine.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Test request for PDP
 *
 * @param xacmlRequest XACML request as String
 * @return response as String
 */
public String test(String xacmlRequest) {

    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_REQUEST)) {
        log.debug("XACML Request : " + xacmlRequest);
    }

    String xacmlResponse = pdpTest.evaluate(xacmlRequest);

    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.XACML_RESPONSE)) {
        log.debug("XACML Response : " + xacmlResponse);
    }

    return xacmlResponse;
}
 
Example #26
Source File: SAMLSSOService.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static boolean isOpenIDLoginAccepted() {
    if (IdentityUtil.getProperty(IdentityConstants.ServerConfig.ACCEPT_OPENID_LOGIN) != null &&
            !"".equals(IdentityUtil.getProperty(IdentityConstants.ServerConfig.ACCEPT_OPENID_LOGIN).trim())) {
        return Boolean.parseBoolean(IdentityUtil.getProperty(IdentityConstants.ServerConfig.ACCEPT_OPENID_LOGIN).trim());
    } else {
        return false;
    }
}
 
Example #27
Source File: SCIMUserManager.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Get the full group with all the details including users.
 *
 * @param groupName
 * @return
 * @throws CharonException
 * @throws org.wso2.carbon.user.core.UserStoreException
 * @throws IdentitySCIMException
 */
private Group getGroupWithName(String groupName)
        throws CharonException, org.wso2.carbon.user.core.UserStoreException,
        IdentitySCIMException {

    String userStoreDomainName = IdentityUtil.extractDomainFromName(groupName);
    if(!isInternalOrApplicationGroup(userStoreDomainName) && StringUtils.isNotBlank(userStoreDomainName) &&
            !isSCIMEnabled(userStoreDomainName)){
        throw new CharonException("Cannot retrieve group through scim to user store " + ". SCIM is not " +
                "enabled for user store " + userStoreDomainName);
    }

    Group group = new Group();
    group.setDisplayName(groupName);
    String[] userNames = carbonUM.getUserListOfRole(groupName);

    //get the ids of the users and set them in the group with id + display name
    if (userNames != null && userNames.length != 0) {
        for (String userName : userNames) {
            String userId = carbonUM.getUserClaimValue(userName, SCIMConstants.ID_URI, null);
            group.setMember(userId, userName);
        }
    }
    //get other group attributes and set.
    SCIMGroupHandler groupHandler = new SCIMGroupHandler(carbonUM.getTenantId());
    group = groupHandler.getGroupWithAttributes(group, groupName);
    return group;
}
 
Example #28
Source File: TokenMgtDAO.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public TokenMgtDAO() {
    try {
        persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
    } catch (IdentityOAuth2Exception e) {
        log.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextProcessor", e);
        persistenceProcessor = new PlainTextPersistenceProcessor();
    }

    if (IdentityUtil.getProperty("JDBCPersistenceManager.TokenPersist.Enable") != null) {
        enablePersist = Boolean.parseBoolean(IdentityUtil.getProperty("JDBCPersistenceManager.TokenPersist.Enable"));
    }
}
 
Example #29
Source File: OpenIDUtil.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static String getOpenIDUserPattern() {
    // Read from OpenID configuration in identity.xml
    String openIDUserPattern = IdentityUtil.getProperty(IdentityConstants.ServerConfig.OPENID_USER_PATTERN);
    // If configuration are not defined,  build URL from server configurations.
    if (StringUtils.isBlank(openIDUserPattern)) {
        openIDUserPattern = IdentityUtil.getServerURL(OpenIDServerConstants.OPENID, true, true);
    }
    return openIDUserPattern;
}
 
Example #30
Source File: AbstractIdentityProviderMgtListener.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public boolean isEnable() {
    IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty
            (IdentityProviderMgtListener.class.getName(), this.getClass().getName());
    if (identityEventListenerConfig == null) {
        return true;
    }
    if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
        return Boolean.parseBoolean(identityEventListenerConfig.getEnable());
    } else {
        return true;
    }
}