Java Code Examples for org.wso2.carbon.user.core.UserStoreManager#getUserClaimValues()

The following examples show how to use org.wso2.carbon.user.core.UserStoreManager#getUserClaimValues() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultRequestCoordinator.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * This method retrieves requested claim value from the user store
 *
 * @param username
 * @param userStoreManager
 * @param claimURI
 * @return claim value as a String
 * @throws FrameworkException
 */
private String getClaimValue(String username, UserStoreManager userStoreManager, String claimURI) throws
        FrameworkException {

    try {
        Map<String, String> values = userStoreManager.getUserClaimValues(username, new String[]{claimURI},
                UserCoreConstants.DEFAULT_PROFILE);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s claim value of user %s is set to: " + values.get(claimURI),
                    claimURI, username));
        }
        return values.get(claimURI);

    } catch (UserStoreException e) {
        throw new FrameworkException("Error occurred while retrieving claim: " + claimURI, e);
    }
}
 
Example 2
Source File: UserClaimsAuditLogger.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private void logClaims(String userName, String action, UserStoreManager userStoreManager) {

        try {
            Map<String, String> loggableClaims = userStoreManager.getUserClaimValues(userName, loggableClaimURIs,
                    DEFAULT);
            if (MapUtils.isNotEmpty(loggableClaims)) {
                audit.info(String.format(AUDIT_MESSAGE, getUser(), action, userName, formatClaims(loggableClaims)));
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("No claims are configured under the user : " + userName);
                }
            }
        } catch (UserStoreException e) {
            log.error("Error occurred while logging user claim changes.", e);
        }
    }
 
Example 3
Source File: XMPPConfigurationService.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Get the IM Address of an user to populate the IM field of XMPP Configuration page.
 *
 * @param userId
 * @return
 * @throws IdentityProviderException
 */
public String getUserIM(String userId) throws IdentityProviderException {
    String message = "Invalid parameters provided to hasXMPPSettings";
    validateInputParameters(new String[] { userId }, message);
    checkUserAuthorization(userId, "hasXMPPSettings");

    Map<String, String> claimValues = null;
    try {
        UserStoreManager userStore = AdminServicesUtil.getUserRealm().getUserStoreManager();
        String[] imClaim = { UserCoreConstants.ClaimTypeURIs.IM };
        claimValues = userStore.getUserClaimValues(userId, imClaim, UserCoreConstants.DEFAULT_PROFILE);
    } catch (UserStoreException | CarbonException e) {
        throw new IdentityProviderException("Failed to get claims for user " + userId);
    }

    if (claimValues.containsKey(UserCoreConstants.ClaimTypeURIs.IM)) {
        return claimValues.get(UserCoreConstants.ClaimTypeURIs.IM);
    } else {
        return null;
    }
}
 
Example 4
Source File: OutboundProvisioningManager.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * @param userName
 * @param tenantDomain
 * @return
 * @throws CarbonException
 * @throws UserStoreException
 */
private Map<String, String> getUserClaims(String userName, String tenantDomain) throws CarbonException,
                                                                                       UserStoreException {

    Map<String, String> inboundAttributes = new HashMap<>();

    RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
    RealmService realmService = IdentityProvisionServiceComponent.getRealmService();

    UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
                                                                  realmService, tenantDomain);

    UserStoreManager userstore = null;
    userstore = realm.getUserStoreManager();
    Claim[] claimArray = null;
    try {
        claimArray = userstore.getUserClaimValues(userName, null);
    } catch (UserStoreException e) {
        if (e.getMessage().contains("UserNotFound")) {
            if (log.isDebugEnabled()) {
                log.debug("User " + userName + " not found in user store");
            }
        } else {
            throw e;
        }
    }
    if (claimArray != null) {
        for (Claim claim : claimArray) {
            inboundAttributes.put(claim.getClaimUri(), claim.getValue());
        }
    }

    return inboundAttributes;
}
 
Example 5
Source File: OutboundProvisioningManager.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * @param userName
 * @param tenantDomain
 * @return
 * @throws CarbonException
 * @throws UserStoreException
 */
private Map<String, String> getUserClaims(String userName, String tenantDomain) throws CarbonException,
        UserStoreException {

    Map<String, String> inboundAttributes = new HashMap<>();

    RegistryService registryService = IdentityProvisionServiceComponent.getRegistryService();
    RealmService realmService = IdentityProvisionServiceComponent.getRealmService();

    UserRealm realm = AnonymousSessionUtil.getRealmByTenantDomain(registryService,
            realmService, tenantDomain);

    UserStoreManager userstore = null;
    userstore = realm.getUserStoreManager();
    Claim[] claimArray = null;
    try {
        claimArray = userstore.getUserClaimValues(userName, null);
    } catch (UserStoreException e) {
        if (e.getMessage().contains("UserNotFound")) {
            if (log.isDebugEnabled()) {
                log.debug("User " + userName + " not found in user store");
            }
        } else {
            throw e;
        }
    }
    if (claimArray != null) {
        for (Claim claim : claimArray) {
            inboundAttributes.put(claim.getClaimUri(), claim.getValue());
        }
    }

    return inboundAttributes;
}
 
Example 6
Source File: ClaimUtil.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
public static Map<String, Object> getClaimsFromUserStore(OAuth2TokenValidationResponseDTO tokenResponse) throws
        UserInfoEndpointException {
    String username = tokenResponse.getAuthorizedUser();
    String tenantDomain = MultitenantUtils.getTenantDomain(tokenResponse.getAuthorizedUser());
    UserRealm realm;
    List<String> claimURIList = new ArrayList<>();
    Map<String, Object> mappedAppClaims = new HashMap<>();

    try {
        realm = IdentityTenantUtil.getRealm(tenantDomain, username);

        if (realm == null) {
            log.warn("No valid tenant domain provider. Empty claim returned back");
            return new HashMap<>();
        }

        Map<String, String> spToLocalClaimMappings;

        UserStoreManager userstore = realm.getUserStoreManager();

        // need to get all the requested claims
        Map<String, String> requestedLocalClaimMap = ClaimManagerHandler.getInstance()
                .getMappingsMapFromOtherDialectToCarbon(SP_DIALECT, null, tenantDomain, true);
        if (MapUtils.isNotEmpty(requestedLocalClaimMap)) {
            for (String s : requestedLocalClaimMap.keySet()) {
                claimURIList.add(s);

            }
            if (log.isDebugEnabled()) {
                log.debug("Requested number of local claims: " + claimURIList.size());
            }

            spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon
                    (SP_DIALECT, null, tenantDomain, false);

            Map<String, String> userClaims = userstore.getUserClaimValues(MultitenantUtils.getTenantAwareUsername
                    (username), claimURIList.toArray(new String[claimURIList.size()]), null);
            if (log.isDebugEnabled()) {
                log.debug("User claims retrieved from user store: " + userClaims.size());
            }

            if (MapUtils.isEmpty(userClaims)) {
                return new HashMap<>();
            }

            for (Map.Entry<String, String> entry : spToLocalClaimMappings.entrySet()) {
                String value = userClaims.get(entry.getValue());
                if (value != null) {
                    mappedAppClaims.put(entry.getKey(), value);
                    if (log.isDebugEnabled() &&
                            IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
                        log.debug("Mapped claim: key -  " + entry.getKey() + " value -" + value);
                    }
                }
            }
        }

    } catch (Exception e) {
        if(e instanceof UserStoreException){
            if (e.getMessage().contains("UserNotFound")) {
                if (log.isDebugEnabled()) {
                    log.debug("User " + username + " not found in user store");
                }
            }
        } else {
            log.error("Error while retrieving the claims from user store for " + username, e);
            throw new UserInfoEndpointException("Error while retrieving the claims from user store for " + username);
        }
    }
    return mappedAppClaims;
}
 
Example 7
Source File: SAMLAssertionClaimsCallback.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
/**
 * Get claims from user store
 *
 * @param requestMsgCtx Token request message context
 * @return Users claim map
 * @throws Exception
 */
private static Map<String, Object> getClaimsFromUserStore(OAuthTokenReqMessageContext requestMsgCtx)
        throws UserStoreException, IdentityApplicationManagementException, IdentityException {

    String username = requestMsgCtx.getAuthorizedUser().toString();
    String tenantDomain = requestMsgCtx.getAuthorizedUser().getTenantDomain();

    UserRealm realm;
    List<String> claimURIList = new ArrayList<String>();
    Map<String, Object> mappedAppClaims = new HashMap<String, Object>();

    ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService();
    String spName = applicationMgtService
            .getServiceProviderNameByClientId(requestMsgCtx.getOauth2AccessTokenReqDTO().getClientId(),
                                              INBOUND_AUTH2_TYPE, tenantDomain);
    ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName,
                                                                                                tenantDomain);
    if (serviceProvider == null) {
        return mappedAppClaims;
    }

    realm = IdentityTenantUtil.getRealm(tenantDomain, username);
    if (realm == null) {
        log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain
                 + " and user " + username);
        return new HashMap<>();
    }

    Map<String, String> spToLocalClaimMappings;
    UserStoreManager userStoreManager = realm.getUserStoreManager();
    ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings();

    if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) {

        for (ClaimMapping mapping : requestedLocalClaimMap) {
            if (mapping.isRequested()) {
                claimURIList.add(mapping.getLocalClaim().getClaimUri());
            }
        }

        if (log.isDebugEnabled()) {
            log.debug("Requested number of local claims: " + claimURIList.size());
        }

        spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(
                SP_DIALECT, null, tenantDomain, false);

        Map<String, String> userClaims = null;
        try {
            userClaims = userStoreManager.getUserClaimValues(
                    MultitenantUtils.getTenantAwareUsername(username),
                    claimURIList.toArray(new String[claimURIList.size()]), null);
        } catch (UserStoreException e) {
            if (e.getMessage().contains("UserNotFound")) {
                if (log.isDebugEnabled()) {
                    log.debug("User " + username + " not found in user store");
                }
            } else {
                throw e;
            }
        }

        if (log.isDebugEnabled()) {
            log.debug("Number of user claims retrieved from user store: " + userClaims.size());
        }

        if (MapUtils.isEmpty(userClaims)) {
            return new HashMap<>();
        }

        for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator
                .hasNext(); ) {
            Map.Entry<String, String> entry = iterator.next();
            String value = userClaims.get(entry.getValue());
            if (value != null) {
                mappedAppClaims.put(entry.getKey(), value);
                if (log.isDebugEnabled() &&
                        IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
                    log.debug("Mapped claim: key -  " + entry.getKey() + " value -" + value);
                }
            }
        }

        String domain = IdentityUtil.extractDomainFromName(username);
        RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(domain)
                .getRealmConfiguration();

        String claimSeparator = realmConfiguration.getUserStoreProperty(
                IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
        if (StringUtils.isNotBlank(claimSeparator)) {
            mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator);
        }
    }
    return mappedAppClaims;
}
 
Example 8
Source File: SAMLAssertionClaimsCallback.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
private static Map<String, Object> getClaimsFromUserStore(OAuthAuthzReqMessageContext requestMsgCtx)
        throws IdentityApplicationManagementException, IdentityException, UserStoreException,
        ClaimManagementException {

    AuthenticatedUser user = requestMsgCtx.getAuthorizationReqDTO().getUser();
    String tenantDomain = requestMsgCtx.getAuthorizationReqDTO().getUser().getTenantDomain();

    UserRealm realm;
    List<String> claimURIList = new ArrayList<String>();
    Map<String, Object> mappedAppClaims = new HashMap<String, Object>();

    ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService();
    String spName = applicationMgtService
            .getServiceProviderNameByClientId(requestMsgCtx.getAuthorizationReqDTO().getConsumerKey(),
                    INBOUND_AUTH2_TYPE, tenantDomain);
    ServiceProvider serviceProvider = applicationMgtService.getApplicationExcludingFileBasedSPs(spName,
            tenantDomain);
    if (serviceProvider == null) {
        return mappedAppClaims;
    }

    realm = IdentityTenantUtil.getRealm(tenantDomain, user.toString());
    if (realm == null) {
        log.warn("No valid tenant domain provider. Empty claim returned back for tenant " + tenantDomain
                + " and user " + user);
        return new HashMap<>();
    }

    Map<String, String> spToLocalClaimMappings;
    UserStoreManager userStoreManager = realm.getUserStoreManager();
    ClaimMapping[] requestedLocalClaimMap = serviceProvider.getClaimConfig().getClaimMappings();

    if (requestedLocalClaimMap != null && requestedLocalClaimMap.length > 0) {

        for (ClaimMapping mapping : requestedLocalClaimMap) {
            if (mapping.isRequested()) {
                claimURIList.add(mapping.getLocalClaim().getClaimUri());
            }
        }

        if (log.isDebugEnabled()) {
            log.debug("Requested number of local claims: " + claimURIList.size());
        }

        spToLocalClaimMappings = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(
                SP_DIALECT, null, tenantDomain, false);

        Map<String, String> userClaims = null;
        try {
            userClaims = userStoreManager.getUserClaimValues(UserCoreUtil.addDomainToName(user.getUserName(),
                    user.getUserStoreDomain()), claimURIList.toArray(new String[claimURIList.size()]),null);
        } catch (UserStoreException e) {
            if (e.getMessage().contains("UserNotFound")) {
                if (log.isDebugEnabled()) {
                    log.debug("User " + user + " not found in user store");
                }
            } else {
                throw e;
            }
        }

        if (log.isDebugEnabled()) {
            log.debug("Number of user claims retrieved from user store: " + userClaims.size());
        }

        if (MapUtils.isEmpty(userClaims)) {
            return new HashMap<>();
        }

        for (Iterator<Map.Entry<String, String>> iterator = spToLocalClaimMappings.entrySet().iterator(); iterator
                .hasNext(); ) {
            Map.Entry<String, String> entry = iterator.next();
            String value = userClaims.get(entry.getValue());
            if (value != null) {
                mappedAppClaims.put(entry.getKey(), value);
                if (log.isDebugEnabled() &&
                        IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
                    log.debug("Mapped claim: key -  " + entry.getKey() + " value -" + value);
                }
            }
        }

        RealmConfiguration realmConfiguration = userStoreManager.getSecondaryUserStoreManager(user.getUserStoreDomain())
                .getRealmConfiguration();

        String claimSeparator = realmConfiguration.getUserStoreProperty(
                IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR);
        if (StringUtils.isNotBlank(claimSeparator)) {
            mappedAppClaims.put(IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR, claimSeparator);
        }
    }
    return mappedAppClaims;
}