org.wso2.carbon.identity.application.common.model.ClaimMapping Java Examples

The following examples show how to use org.wso2.carbon.identity.application.common.model.ClaimMapping. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ProvisioningUtil.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param claimUri
 * @param attributeList
 */
public static void setClaimValue(String claimUri, Map<ClaimMapping, List<String>> attributeMap,
                                 List<String> attributeList) {

    ClaimMapping clmMapping = null;

    for (Map.Entry<ClaimMapping, List<String>> entry : attributeMap.entrySet()) {
        ClaimMapping mapping = entry.getKey();
        if (mapping.getLocalClaim() != null
                && claimUri.equals(mapping.getLocalClaim().getClaimUri())) {
            clmMapping = mapping;
            break;
        }
    }

    if (clmMapping != null) {
        attributeMap.put(clmMapping, attributeList);
    }
}
 
Example #2
Source File: ProvisioningEntityBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
ProvisioningEntity buildProvisioningEntityForGroupDelete(SCIMObject provisioningObject,
    Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
    String domainName) throws CharonException, IdentityApplicationManagementException, NotFoundException {

    Group group = (Group) provisioningObject;
    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.ID_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { group.getId() }));

    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.USER_STORE_DOMAIN_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { domainName }));
    ProvisioningEntity provisioningEntity = new ProvisioningEntity(
            ProvisioningEntityType.GROUP, ProvisioningOperation.DELETE, outboundAttributes);
    return provisioningEntity;
}
 
Example #3
Source File: FrameworkUtils.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Returns the local claim uri that is mapped for the IdP role claim uri configured.
 * If no role claim uri is configured for the IdP returns the local role claim 'http://wso2.org/claims/role'.
 *
 * @param externalIdPConfig IdP configurations
 * @return local claim uri mapped for the IdP role claim uri.
 */
public static String getLocalClaimUriMappedForIdPRoleClaim(ExternalIdPConfig externalIdPConfig) {
    // get external identity provider role claim uri.
    String idpRoleClaimUri = externalIdPConfig.getRoleClaimUri();
    if (StringUtils.isNotBlank(idpRoleClaimUri)) {
        // Iterate over IdP claim mappings and check for the local claim that is mapped for the remote IdP role
        // claim uri configured.
        ClaimMapping[] idpToLocalClaimMapping = externalIdPConfig.getClaimMappings();
        if (!ArrayUtils.isEmpty(idpToLocalClaimMapping)) {
            for (ClaimMapping mapping : idpToLocalClaimMapping) {
                if (mapping.getRemoteClaim() != null && idpRoleClaimUri
                        .equals(mapping.getRemoteClaim().getClaimUri())) {
                    return mapping.getLocalClaim().getClaimUri();
                }
            }
        }
    }
    return FrameworkConstants.LOCAL_ROLE_CLAIM_URI;
}
 
Example #4
Source File: JITProvisioningPostAuthenticationHandler.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private String getUserIdClaimUriInLocalDialect(ExternalIdPConfig idPConfig) {
    // get external identity provider user id claim URI.
    String userIdClaimUri = idPConfig.getUserIdClaimUri();

    if (StringUtils.isBlank(userIdClaimUri)) {
        return null;
    }

    boolean useDefaultLocalIdpDialect = idPConfig.useDefaultLocalIdpDialect();
    if (useDefaultLocalIdpDialect) {
        return userIdClaimUri;
    } else {
        ClaimMapping[] claimMappings = idPConfig.getClaimMappings();
        if (!ArrayUtils.isEmpty(claimMappings)) {
            for (ClaimMapping claimMapping : claimMappings) {
                if (userIdClaimUri.equals(claimMapping.getRemoteClaim().getClaimUri())) {
                    return claimMapping.getLocalClaim().getClaimUri();
                }
            }
        }
    }

    return null;
}
 
Example #5
Source File: CacheBackedApplicationDAO.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public Map<String, String> getLocalIdPToServiceProviderClaimMapping(String serviceProviderName, String
        tenantDomain) throws IdentityApplicationManagementException {

    ServiceProvider applicationFromCache = getApplicationFromCache(serviceProviderName, tenantDomain);
    if (applicationFromCache != null) {
        Map<String, String> localIdPToSPClaimMapping = new HashMap<>();
        ClaimConfig claimConfig = applicationFromCache.getClaimConfig();
        ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
        for (ClaimMapping claimMapping : claimMappings) {
            localIdPToSPClaimMapping.put(claimMapping.getLocalClaim().getClaimUri(),
                    claimMapping.getRemoteClaim().getClaimUri());
        }
        return localIdPToSPClaimMapping;
    }
    return appDAO.getLocalIdPToServiceProviderClaimMapping(serviceProviderName, tenantDomain);
}
 
Example #6
Source File: CacheBackedApplicationDAO.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public List<String> getAllRequestedClaimsByServiceProvider(String serviceProviderName, String tenantDomain)
        throws IdentityApplicationManagementException {

    ServiceProvider applicationFromCache = getApplicationFromCache(serviceProviderName, tenantDomain);
    if (applicationFromCache != null) {
        List<String> requestedLocalClaims = new ArrayList<>();
        ClaimConfig claimConfig = applicationFromCache.getClaimConfig();
        ClaimMapping[] claimMappings = claimConfig.getClaimMappings();
        for (ClaimMapping claimMapping : claimMappings) {
            if (claimMapping.isRequested()) {
                requestedLocalClaims.add(claimMapping.getLocalClaim().getClaimUri());
            }
        }
        return requestedLocalClaims;
    }
    return appDAO.getAllRequestedClaimsByServiceProvider(serviceProviderName, tenantDomain);
}
 
Example #7
Source File: FrameworkUtils.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param attributeValue
 * @return
 */
public static Map<ClaimMapping, String> buildClaimMappings(Map<String, String> attributeValue) {

    Map<ClaimMapping, String> claimMap = new HashMap<ClaimMapping, String>();

    for (Iterator<Entry<String, String>> iterator = attributeValue.entrySet().iterator(); iterator
            .hasNext(); ) {
        Entry<String, String> entry = iterator.next();
        if (entry.getValue() == null) {
            continue;
        }
        claimMap.put(ClaimMapping.build(entry.getKey(), entry.getKey(), null, false),
                     entry.getValue());
    }

    return claimMap;

}
 
Example #8
Source File: ProvisioningEntityBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
ProvisioningEntity buildProvisioningEntityForUserDelete(SCIMObject provisioningObject,
    Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
    String domainName) throws CharonException, IdentityApplicationManagementException {

    User user = (User) provisioningObject;
    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.ID_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { user.getId() }));

    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.USER_STORE_DOMAIN_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { domainName }));

    ProvisioningEntity provisioningEntity = new ProvisioningEntity(ProvisioningEntityType.USER,
                                                                   ProvisioningOperation.DELETE,
                                                                   outboundAttributes);
    return provisioningEntity;
}
 
Example #9
Source File: ProvisioningEntityBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
ProvisioningEntity buildProvisioningEntityForUserUpdate(SCIMObject provisioningObject,
    Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
    String domainName) throws CharonException, IdentityApplicationManagementException {

    User user = (User) provisioningObject;
    //username should be included in user update SCIM request
    if (user.getUserName() != null) {
        outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                       IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
                               Arrays.asList(new String[] { user.getUserName() }));
    }
    String domainAwareName = UserCoreUtil.addDomainToName(user.getUserName(), domainName);
    ProvisioningEntity provisioningEntity =
            new ProvisioningEntity(ProvisioningEntityType.USER, domainAwareName, ProvisioningOperation.PUT,
                                   outboundAttributes);
    Map<String, String> inboundAttributes =
            AttributeMapper.getClaimsMap((AbstractSCIMObject) provisioningObject);
    provisioningEntity.setInboundAttributes(inboundAttributes);
    return provisioningEntity;
}
 
Example #10
Source File: FrameworkUtils.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param attributeValue
 * @return
 */
public static Map<ClaimMapping, String> buildClaimMappings(Map<String, String> attributeValue) {

    Map<ClaimMapping, String> claimMap = new HashMap<ClaimMapping, String>();

    for (Iterator<Entry<String, String>> iterator = attributeValue.entrySet().iterator(); iterator
            .hasNext(); ) {
        Entry<String, String> entry = iterator.next();
        if (entry.getValue() == null) {
            continue;
        }
        claimMap.put(ClaimMapping.build(entry.getKey(), entry.getKey(), null, false),
                     entry.getValue());
    }

    return claimMap;

}
 
Example #11
Source File: OAuth2AuthzEndpoint.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private void addUserAttributesToCache(SessionDataCacheEntry sessionDataCacheEntry, String code, String codeId) {
    AuthorizationGrantCacheKey authorizationGrantCacheKey = new AuthorizationGrantCacheKey(code);
    AuthorizationGrantCacheEntry authorizationGrantCacheEntry = new AuthorizationGrantCacheEntry(
            sessionDataCacheEntry.getLoggedInUser().getUserAttributes());
    String sub = sessionDataCacheEntry.getLoggedInUser().getUserAttributes().get("sub");
    if(StringUtils.isBlank(sub)){
        sub = sessionDataCacheEntry.getLoggedInUser().getAuthenticatedSubjectIdentifier();
    }
    if(StringUtils.isNotBlank(sub)){
        ClaimMapping claimMapping = new ClaimMapping();
        Claim claim = new Claim();
        claim.setClaimUri("sub");
        claimMapping.setRemoteClaim(claim);
        sessionDataCacheEntry.getLoggedInUser().getUserAttributes().put(claimMapping, sub);
    }
    authorizationGrantCacheEntry.setNonceValue(sessionDataCacheEntry.getoAuth2Parameters().getNonce());
    authorizationGrantCacheEntry.setCodeId(codeId);
    AuthorizationGrantCache.getInstance().addToCacheByCode(authorizationGrantCacheKey, authorizationGrantCacheEntry);
}
 
Example #12
Source File: ProvisioningUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param claimUri
 * @param attributeList
 */
public static void setClaimValue(String claimUri, Map<ClaimMapping, List<String>> attributeMap,
                                 List<String> attributeList) {

    ClaimMapping clmMapping = null;

    for (Map.Entry<ClaimMapping, List<String>> entry : attributeMap.entrySet()) {
        ClaimMapping mapping = entry.getKey();
        if (mapping.getLocalClaim() != null
                && claimUri.equals(mapping.getLocalClaim().getClaimUri())) {
            clmMapping = mapping;
            break;
        }
    }

    if (clmMapping != null) {
        attributeMap.put(clmMapping, attributeList);
    }
}
 
Example #13
Source File: FrameworkUtils.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param claimMappings
 * @param useLocalDialectAsKey
 * @return
 */
public static Map<String, String> getClaimMappings(Map<ClaimMapping, String> claimMappings,
                                                   boolean useLocalDialectAsKey) {

    Map<String, String> remoteToLocalClaimMap = new HashMap<String, String>();

    for (Entry<ClaimMapping, String> entry : claimMappings.entrySet()) {
        ClaimMapping claimMapping = entry.getKey();
        if (useLocalDialectAsKey) {
            remoteToLocalClaimMap.put(claimMapping.getLocalClaim().getClaimUri(), entry.getValue());
        } else {
            remoteToLocalClaimMap.put(claimMapping.getRemoteClaim().getClaimUri(), entry.getValue());
        }
    }
    return remoteToLocalClaimMap;
}
 
Example #14
Source File: ProvisioningEntityBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
ProvisioningEntity buildProvisioningEntityForUserPatch(SCIMObject provisioningObject,
    Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> outboundAttributes,
    String domainName) throws CharonException, IdentityApplicationManagementException {

    User user = (User) provisioningObject;

    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.ID_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { user.getId() }));

    outboundAttributes.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build(
                                   IdentityProvisioningConstants.USER_STORE_DOMAIN_CLAIM_URI, null, null, false),
                           Arrays.asList(new String[] { domainName }));

    ProvisioningEntity provisioningEntity =
            new ProvisioningEntity(ProvisioningEntityType.USER, ProvisioningOperation.PATCH, outboundAttributes);
    Map<String, String> inboundAttributes = AttributeMapper.getClaimsMap((AbstractSCIMObject) provisioningObject);
    provisioningEntity.setInboundAttributes(inboundAttributes);

    return provisioningEntity;
}
 
Example #15
Source File: UserInfoJSONResponseBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
@Override
public String getResponseString(OAuth2TokenValidationResponseDTO tokenResponse)
        throws UserInfoEndpointException {

    Map<ClaimMapping, String> userAttributes = getUserAttributesFromCache(tokenResponse);
    Map<String, Object> claims = null;

    if (userAttributes == null || userAttributes.isEmpty()) {
        if (log.isDebugEnabled()) {
            log.debug("User attributes not found in cache. Trying to retrieve from user store.");
        }
        claims = ClaimUtil.getClaimsFromUserStore(tokenResponse);
    } else {
        UserInfoClaimRetriever retriever = UserInfoEndpointConfig.getInstance().getUserInfoClaimRetriever();
        claims = retriever.getClaimsMap(userAttributes);
    }
    if(claims == null){
        claims = new HashMap<String,Object>();
    }
    if(!claims.containsKey("sub") || StringUtils.isBlank((String) claims.get("sub"))) {
        claims.put("sub", tokenResponse.getAuthorizedUser());
    }
    return JSONUtils.buildJSON(claims);
}
 
Example #16
Source File: DefaultSAML2SSOManager.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private Map<ClaimMapping, String> getAssertionStatements(Assertion assertion) {

        Map<ClaimMapping, String> results = new HashMap<ClaimMapping, String>();

        if (assertion != null) {

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                for (AttributeStatement statement : attributeStatementList) {
                    List<Attribute> attributesList = statement.getAttributes();
                    for (Attribute attribute : attributesList) {
                        Element value = attribute.getAttributeValues().get(0)
                                .getDOM();
                        String attributeValue = value.getTextContent();
                        results.put(ClaimMapping.build(attribute.getName(),
                                attribute.getName(), null, false), attributeValue);
                    }
                }
            }
        }
        return results;
    }
 
Example #17
Source File: GraphBasedSequenceHandlerAbstractTest.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Override
public AuthenticatedUser getAuthenticatedUser(AuthenticationContext context) {

    AuthenticatedUser result = AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier("test_user");
    result.getUserAttributes().put(ClaimMapping
                    .build("http://wso2.org/claims/givenname", "http://wso2.org/claims/givenname", "Test", false),
            "Test");
    result.getUserAttributes().put(ClaimMapping
                    .build("http://wso2.org/claims/lastname", "http://wso2.org/claims/lastname", "Test", false),
            "User");
    return result;
}
 
Example #18
Source File: ProvisioningUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Required provisioning entity attribute value can be retrieved by passing attribute key, return null if value is
 * not found
 * @param provisioningEntity
 * @param claimURI
 * @return
 */
public static String getAttributeValue(ProvisioningEntity provisioningEntity, String claimURI){
    Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, List<String>> attributes =
            provisioningEntity.getAttributes();
    if (MapUtils.isNotEmpty(attributes)) {
        List<String> valueList = attributes.get(org.wso2.carbon.identity.application.common.model.ClaimMapping
                                                        .build(claimURI, null, null, false));
        if (valueList != null && !valueList.isEmpty()) {
            return valueList.get(0);
        }
    }
    return null;
}
 
Example #19
Source File: SAMLAssertionClaimsCallback.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Get claims map
 *
 * @param userAttributes User Attributes
 * @return User attribute map
 */
private Map<String, Object> getClaimsMap(Map<ClaimMapping, String> userAttributes) {

    Map<String, Object> claims = new HashMap();
    if (MapUtils.isNotEmpty(userAttributes)) {
        for (Map.Entry<ClaimMapping, String> entry : userAttributes.entrySet()) {
            claims.put(entry.getKey().getRemoteClaim().getClaimUri(), entry.getValue());
        }
    }
    return claims;
}
 
Example #20
Source File: OutboundProvisioningManager.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private ProvisioningEntity getInboundProvisioningEntity(ProvisioningEntity provisioningEntity,
                                                        String tenantDomain, ProvisioningOperation operation,
                                                        String userName) throws CarbonException,
        UserStoreException {
    Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();

    if (userName != null) {
        outboundAttributes.put(ClaimMapping.build(
                IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
                Arrays.asList(new String[]{userName}));
    }
    List<String> roleListOfUser = getUserRoles(userName, tenantDomain);
    if (roleListOfUser != null) {
        outboundAttributes.put(ClaimMapping.build(
                IdentityProvisioningConstants.GROUP_CLAIM_URI, null, null, false), roleListOfUser);
    }

    String domainAwareName = userName;

    String domainName = getDomainFromName(provisioningEntity.getEntityName());
    if (domainName != null && !domainName.equals(UserCoreConstants.INTERNAL_DOMAIN)) {
        if (log.isDebugEnabled()) {
            log.debug("Adding domain name : " + domainName + " to user : " + userName);
        }
        domainAwareName = UserCoreUtil.addDomainToName(userName, domainName);
    }
    ProvisioningEntity inboundProvisioningEntity = new ProvisioningEntity(
            ProvisioningEntityType.USER, domainAwareName, operation, outboundAttributes);
    inboundProvisioningEntity.setInboundAttributes(getUserClaims(userName, tenantDomain));
    return inboundProvisioningEntity;
}
 
Example #21
Source File: ProvisioningEntity.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 *
 * @param entityType
 * @param entityName
 * @param operation
 * @param attributes
 */
public ProvisioningEntity(ProvisioningEntityType entityType, String entityName,
                          ProvisioningOperation operation, Map<ClaimMapping, List<String>> attributes) {
    super();
    this.entityType = entityType;
    this.entityName = entityName;
    this.operation = operation;
    this.attributes = attributes;
}
 
Example #22
Source File: JsClaims.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Check if the user has a federated claim with given name.
 *
 * @param claimUri Federated claim URI
 * @return <code>true</code> if the IdP is federated and it has a claim for user with given URI.
 * <code>false</code> otherwise
 */
private boolean hasFederatedClaim(String claimUri) {

    if (isFederatedIdP()) {
        Map<ClaimMapping, String> attributesMap = authenticatedUser.getUserAttributes();
        Map<String, String> remoteMapping = FrameworkUtils.getClaimMappings(attributesMap, false);
        return remoteMapping.containsKey(claimUri);
    }
    // Can be a case where step is not set (e.g. associated local user)
    return false;
}
 
Example #23
Source File: PostAuthAssociationHandlerTest.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private boolean isSpRoleMappingSuccessful(Map<ClaimMapping, String> authenticatedUserAttributes) {

        for (Map.Entry<ClaimMapping, String> entry : authenticatedUserAttributes.entrySet()) {
            if (FrameworkConstants.LOCAL_ROLE_CLAIM_URI.equals(entry.getKey().getLocalClaim().getClaimUri())) {
                List<String> roles = Arrays.asList(entry.getValue().split(","));
                return roles.size() == 2 && roles.contains(SP_MAPPED_ROLE_1) && roles.contains(SP_MAPPED_ROLE_2);
            }

        }
        return false;
    }
 
Example #24
Source File: IdentityProviderManager.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Retrieves Identity provider information about a given tenant
 *
 * @param idPName        Unique Name of the IdP to which the given local claim URIs need to be mapped
 * @param tenantDomain   The tenant domain of whose local claim URIs to be mapped
 * @param localClaimURIs Local claim URIs which need to be mapped to IdP's claim URIs
 * @throws IdentityProviderManagementException Error when getting claim mappings
 */
public Map<String, String> getMappedIdPClaimsMap(String idPName, String tenantDomain,
                                                 List<String> localClaimURIs) throws
        IdentityProviderManagementException {

    Set<ClaimMapping> claimMappings = getMappedIdPClaims(idPName, tenantDomain, localClaimURIs);
    Map<String, String> returnMap = new HashMap<String, String>();
    for (ClaimMapping claimMapping : claimMappings) {
        returnMap.put(claimMapping.getLocalClaim().getClaimUri(), claimMapping.getRemoteClaim()
                .getClaimUri());
    }
    return returnMap;
}
 
Example #25
Source File: ApplicationConfig.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Set all the claim mappings of the configured SP claim dialects.
 *
 * @param claimConfig Application claim configuration
 * return Application claim mappings
 */
private void setSpDialectClaims(ClaimConfig claimConfig, List<ClaimMapping> spClaimMappings) {

    String[] spClaimDialects = claimConfig.getSpClaimDialects();
    if (!ArrayUtils.isEmpty(spClaimDialects)) {
        List<String> spClaimDialectsList = Arrays.asList(spClaimDialects);
        spClaimDialectsList.forEach(spClaimDialect -> {
            try {
                String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                if (ApplicationConstants.LOCAL_IDP_DEFAULT_CLAIM_DIALECT.equals(spClaimDialect)) {
                    List<LocalClaim> localClaims = FrameworkServiceDataHolder.getInstance()
                            .getClaimMetadataManagementService().getLocalClaims(tenantDomain);
                    localClaims.stream().map(localClaim -> ClaimMapping.build(localClaim
                            .getClaimURI(), localClaim.getClaimURI(), null, true))
                            .forEach(spClaimMappings::add);
                } else {
                    List<ExternalClaim> externalClaims = FrameworkServiceDataHolder.getInstance()
                            .getClaimMetadataManagementService().getExternalClaims(spClaimDialect, tenantDomain);
                    externalClaims.stream().map(externalClaim -> ClaimMapping.build(externalClaim
                            .getMappedLocalClaim(), externalClaim.getClaimURI(), null, true))
                            .forEach(spClaimMappings::add);
                }
            } catch (ClaimMetadataException e) {
                log.error("Error when getting external claims of dialect: " + spClaimDialect, e);
            }
        });
    }
}
 
Example #26
Source File: OpenIDConnectAuthenticator.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
protected void buildClaimMappings(Map<ClaimMapping, String> claims, Map.Entry<String, Object> entry, String
        separator) {
    String claimValue = null;
    if (StringUtils.isBlank(separator)) {
        separator = IdentityCoreConstants.MULTI_ATTRIBUTE_SEPARATOR_DEFAULT;
    }
    try {
        JSONArray jsonArray = (JSONArray) JSONValue.parseWithException(entry.getValue().toString());
        if (jsonArray != null && jsonArray.size() > 0) {
            Iterator attributeIterator = jsonArray.iterator();
            while (attributeIterator.hasNext()) {
                if (claimValue == null) {
                    claimValue = attributeIterator.next().toString();
                } else {
                    claimValue = claimValue + separator + attributeIterator.next().toString();
                }
            }

        }
    } catch (Exception e) {
        claimValue = entry.getValue().toString();
    }

    claims.put(ClaimMapping.build(entry.getKey(), entry.getKey(), null, false), claimValue);
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
        log.debug("Adding claim mapping : " + entry.getKey() + " <> " + entry.getKey() + " : " + claimValue);
    }

}
 
Example #27
Source File: DefaultStepBasedSequenceHandlerTest.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Test(dataProvider = "idpClaimMappingProvider")
public void testGetIdpRoleClaimUriFromClaimMappings(Object claimMappings,
                                                    String expectedRoleClaimUri) throws Exception {

    ExternalIdPConfig externalIdPConfig = mock(ExternalIdPConfig.class);
    when(externalIdPConfig.getClaimMappings()).thenReturn((ClaimMapping[]) claimMappings);

    String roleClaim = stepBasedSequenceHandler.getIdpRoleClaimUri(externalIdPConfig);
    assertEquals(roleClaim, expectedRoleClaimUri);

}
 
Example #28
Source File: FileBasedApplicationDAO.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
@Override
public Map<String, String> getServiceProviderToLocalIdPClaimMapping(String serviceProviderName,
                                                                    String tenantDomain) throws IdentityApplicationManagementException {

    ServiceProvider serviceProvider = ApplicationManagementServiceComponent.getFileBasedSPs()
            .get(serviceProviderName);
    Map<String, String> claimMap = new HashMap<String, String>();

    if (serviceProvider == null || serviceProvider.getClaimConfig() == null) {
        return claimMap;
    }

    ClaimMapping[] claimMappings = serviceProvider.getClaimConfig().getClaimMappings();

    if (claimMappings != null && claimMappings.length > 0) {

        for (ClaimMapping mapping : claimMappings) {
            if (mapping.getLocalClaim() != null
                    && mapping.getLocalClaim().getClaimUri() != null
                    && mapping.getRemoteClaim() != null
                    && mapping.getRemoteClaim().getClaimUri() != null) {
                claimMap.put(mapping.getRemoteClaim().getClaimUri(), mapping.getLocalClaim()
                        .getClaimUri());
            }
        }
    }

    return claimMap;

}
 
Example #29
Source File: DefaultClaimFilterTest.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@BeforeMethod
public void setSpClaimMappings() throws Exception {

    ClaimMapping claimMapping = ClaimMapping.build(legalPersonIdLocalClaimUri, legalPersonIdRemoteClaimUri, null,
            true, true);
    spClaimMappings.add(claimMapping);
}
 
Example #30
Source File: DefaultClaimFilterTest.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
@Test
public void testFilterSpClaimMappings() throws Exception {

    DefaultClaimFilter defaultClaimFilter = new DefaultClaimFilter();
    List<ClaimMapping> filteredClaims = defaultClaimFilter.filterRequestedClaims(spClaimMappings,
            null);
    assertEquals(filteredClaims.size(), 1, "Error in filtering requested claims in sp config.");
    assertEquals(filteredClaims.get(0).getLocalClaim().getClaimUri(), legalPersonIdLocalClaimUri,
            "Error in filtering requested claims in sp config.");
    assertEquals(filteredClaims.get(0).getRemoteClaim().getClaimUri(), legalPersonIdRemoteClaimUri,
            "Error in filtering requested claims in sp config.");
}