org.wso2.carbon.identity.base.IdentityException Java Examples

The following examples show how to use org.wso2.carbon.identity.base.IdentityException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SAMLSSOUtil.java    From carbon-identity with Apache License 2.0 7 votes vote down vote up
public static String decodeForPost(String encodedStr)
        throws IdentityException {
    try {
        org.apache.commons.codec.binary.Base64 base64Decoder = new org.apache.commons.codec.binary.Base64();
        byte[] xmlBytes = encodedStr.getBytes("UTF-8");
        byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);

        String decodedString = new String(base64DecodedByteArray, "UTF-8");
        if (log.isDebugEnabled()) {
            log.debug("Request message " + decodedString);
        }
        return decodedString;

    } catch (IOException e) {
        throw IdentityException.error(
                "Error when decoding the SAML Request.", e);
    }

}
 
Example #2
Source File: IdentityTenantUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private static UserRealm getRealmForAnonymousSession(String domainName, String username)
        throws IdentityException {

    try {
        if (username != null) {
            return AnonymousSessionUtil.getRealmByUserName(registryService, realmService,
                    username);
        }

        if (domainName == null) {
            domainName = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
        }

        return AnonymousSessionUtil.getRealmByTenantDomain(registryService, realmService,
                domainName);

    } catch (CarbonException e) {
        throw IdentityException.error("Error Obtaining a realm for user name: " + username + " and " +
                "domain:" + domainName, e);
    }
}
 
Example #3
Source File: SAMLInboundFunctions.java    From identity-api-server with Apache License 2.0 6 votes vote down vote up
private static void rollbackSAMLSpRemoval(SAMLSSOServiceProviderDTO oldSAMLSp) {

        if (oldSAMLSp != null) {
            if (logger.isDebugEnabled()) {
                String issuer =
                        SAMLSSOUtil.getIssuerWithQualifier(oldSAMLSp.getIssuer(), oldSAMLSp.getIssuerQualifier());
                logger.debug("Error occurred while updating SAML SP with issuer: " + issuer +
                        ". Attempting to rollback by recreating the old SAML SP.");
            }
            try {
                getSamlSsoConfigService().addRPServiceProvider(oldSAMLSp);
            } catch (IdentityException e) {
                throw handleException(e);
            }
        }
    }
 
Example #4
Source File: OpenIDPape.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param authRequest OpenID authentication request
 * @return A set of policies requested
 * @throws IdentityException
 */
public static String[] getAuthenticationPolicies(AuthRequest authRequest) throws IdentityException {

    MessageExtension message = null;
    PapeRequest papeRequest = null;
    List preferredPolicies = null;

    try {
        if (authRequest.hasExtension(PapeMessage.OPENID_NS_PAPE)) {
            message = authRequest.getExtension(PapeMessage.OPENID_NS_PAPE);

            if (message instanceof PapeRequest) {
                papeRequest = (PapeRequest) message;
                preferredPolicies = papeRequest.getPreferredAuthPoliciesList();
                if (preferredPolicies != null && !preferredPolicies.isEmpty()) {
                    return (String[]) preferredPolicies.toArray(new String[preferredPolicies.size()]);
                }
            }
        }
        return new String[0];
    } catch (MessageException e) {
        throw IdentityException.error("Failed retrieve authentication policies", e);
    }
}
 
Example #5
Source File: JDBCUserRecoveryDataStore.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param userId
 * @param tenant
 * @throws IdentityException
 */
@Override
public void invalidate(String userId, int tenant) throws IdentityException {

    PreparedStatement prepStmt = null;
    Connection connection = null;
    try {
        connection = IdentityDatabaseUtil.getDBConnection();
        prepStmt = connection.prepareStatement(SQLQuery.INVALIDATE_METADATA);
        prepStmt.setString(1, userId.toLowerCase());
        prepStmt.setInt(2, tenant);
        prepStmt.execute();
        IdentityDatabaseUtil.commitTransaction(connection);
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollbackTransaction(connection);
        throw IdentityException.error("Error while invalidating user identity data", e);
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);
        IdentityDatabaseUtil.closeConnection(connection);
    }

}
 
Example #6
Source File: ServerApplicationManagementService.java    From identity-api-server with Apache License 2.0 6 votes vote down vote up
private String buildFilter(String filter) {
    if (StringUtils.isNotBlank(filter)) {
        try {

            FilterTreeBuilder filterTreeBuilder = new FilterTreeBuilder(filter);
            Node rootNode = filterTreeBuilder.buildTree();
            if (rootNode instanceof ExpressionNode) {
                ExpressionNode expressionNode = (ExpressionNode) rootNode;
                if (SEARCH_SUPPORTED_FIELDS.contains(expressionNode.getAttributeValue())) {
                    return generateFilterStringForBackend(expressionNode.getAttributeValue(), expressionNode
                            .getOperation(), expressionNode.getValue());
                } else {
                    throw buildClientError(ErrorMessage.UNSUPPORTED_FILTER_ATTRIBUTE, expressionNode
                            .getAttributeValue());
                }

            } else {
                throw buildClientError(ErrorMessage.INVALID_FILTER_FORMAT);
            }
        } catch (IOException | IdentityException e) {
            throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_FORMAT, null);
        }
    } else {
        return null;
    }
}
 
Example #7
Source File: IdentityPersistenceManager.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param registry
 * @param paramName
 * @param value
 * @throws IdentityException
 */
public void createOrUpdateParameter(Registry registry, String paramName, String value)
        throws IdentityException {

    if (paramName == null || value == null) {
        throw IdentityException.error("Invalid inputs");
    }

    ParameterDO param = null;
    param = new ParameterDO();
    paramName = paramName.trim();
    param.setName(paramName);

    param.setValue(value);

    ParameterDAO dao = new ParameterDAO(registry);
    dao.createOrUpdateParameter(param);
}
 
Example #8
Source File: UserIdentityMetadataStore.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param metadataSet
 * @throws IdentityException
 */
public void invalidateMetadataSet(IdentityMetadataDO[] metadataSet) throws IdentityException {
    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement prepStmt = null;
    try {
        prepStmt = connection.prepareStatement(SQLQuery.INVALIDATE_METADATA);
        for (IdentityMetadataDO metadata : metadataSet) {
            prepStmt.setString(1, metadata.getUserName());
            prepStmt.setInt(2, metadata.getTenantId());
            prepStmt.setString(3, metadata.getMetadataType());
            prepStmt.setString(4, metadata.getMetadata());
            prepStmt.addBatch();
        }
        prepStmt.executeBatch();
        IdentityDatabaseUtil.commitTransaction(connection);
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollbackTransaction(connection);
        throw IdentityException.error("Error while invalidating user identity data", e);
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);
        IdentityDatabaseUtil.closeConnection(connection);
    }

}
 
Example #9
Source File: AttributeCallbackHandler.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
protected void loadClaims(String userIdentifier) throws IdentityProviderException {

        IdentityClaimManager claimManager = null;
        Claim[] claims = null;

        if (log.isDebugEnabled()) {
            log.debug("Loading claims");
        }

        try {
            claimManager = IdentityClaimManager.getInstance();
            claims = claimManager.getAllSupportedClaims(UserCoreConstants.DEFAULT_CARBON_DIALECT,
                                                        IdentityTenantUtil.getRealm(null, userIdentifier));
            for (int i = 0; i < claims.length; i++) {
                Claim temp = claims[i];
                supportedClaims.put(temp.getClaimUri(), temp);
            }
        } catch (IdentityException e) {
            log.error("Error while loading claims", e);
            throw new IdentityProviderException("Error while loading claims", e);
        }
    }
 
Example #10
Source File: SPInitLogoutRequestProcessor.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Builds the SAML error response and sets the compressed value to the reqValidationResponseDTO
 *
 * @param id
 * @param status
 * @param statMsg
 * @param destination
 * @return
 * @throws IdentityException
 */
private SAMLSSOReqValidationResponseDTO buildErrorResponse(String id, String status, String statMsg, String
        destination, String responseSigningAlgorithmUri, String responseDigestAlgorithmUri)
        throws IdentityException {
    SAMLSSOReqValidationResponseDTO reqValidationResponseDTO = new SAMLSSOReqValidationResponseDTO();
    LogoutResponse logoutResp = new SingleLogoutMessageBuilder().buildLogoutResponse(id, status, statMsg,
            destination, false, null, responseSigningAlgorithmUri, responseDigestAlgorithmUri);
    reqValidationResponseDTO.setLogOutReq(true);
    reqValidationResponseDTO.setValid(false);
    try {
        reqValidationResponseDTO.setResponse(SAMLSSOUtil.compressResponse(SAMLSSOUtil.marshall(logoutResp)));
    } catch (IOException e) {
        throw IdentityException.error("Error while creating logout response", e);
    }
    return reqValidationResponseDTO;
}
 
Example #11
Source File: UserStoreBasedIdentityDataStore.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * This method sets user claim values in user store
 *
 * @param userStoreManager userStoreManager object
 * @param username         user name
 * @param claims           set of claims
 * @param profile          profile
 * @throws IdentityException
 */
protected void setUserClaimsValuesInUserStore(UserStoreManager userStoreManager,
                                              String username,
                                              Map<String, String> claims, String profile) throws IdentityException {

    try {
        // We are calling the doSetUserClaimsValues() method of the userstore to prevent Identity Management
        // listener being called once again for claim value set events.
        if (userStoreManager instanceof JDBCUserStoreManager) {
            ((JDBCUserStoreManager) userStoreManager).doSetUserClaimValues(username, claims, null);
        } else if (userStoreManager instanceof ActiveDirectoryUserStoreManager) {
            ((ActiveDirectoryUserStoreManager) userStoreManager).doSetUserClaimValues(username, claims, null);
        } else if (userStoreManager instanceof ReadWriteLDAPUserStoreManager) {
            ((ReadWriteLDAPUserStoreManager) userStoreManager).doSetUserClaimValues(username, claims, null);
        } else {
            String msg = "Cannot persist identity data to userstore for user:%s. Unsupported userstore type:%s to" +
                    " be used as UserStoreBasedIdentityDataStore.";
            throw IdentityException.error(String.format(msg, username, userStoreManager.getClass().getName()));
        }

    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        throw IdentityException.error("Error while persisting identity user data in to user store for user: "
                + username, e);
    }

}
 
Example #12
Source File: OAuthConsumerDAO.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param ppid
 * @return
 * @throws IdentityException
 */
public String getOAuthConsumerSecret(String consumerKey) throws IdentityException {
    String path = null;
    Resource resource = null;

    if (log.isDebugEnabled()) {
        log.debug("Retreiving user for OAuth consumer key  " + consumerKey);
    }

    try {
        path = RegistryConstants.PROFILES_PATH + consumerKey;
        if (registry.resourceExists(path)) {
            resource = registry.get(path);
            return resource.getProperty(IdentityRegistryResources.OAUTH_CONSUMER_PATH);
        } else {
            return null;
        }
    } catch (RegistryException e) {
        log.error("Error while retreiving user for OAuth consumer key  " + consumerKey, e);
        throw IdentityException.error("Error while retreiving user for OAuth consumer key  "
                + consumerKey, e);
    }
}
 
Example #13
Source File: UserIdentityManagementAdminService.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * get all challenge questions
 *
 * @return array of questions
 * @throws IdentityMgtServiceException if fails
 */
public ChallengeQuestionDTO[] getAllChallengeQuestions() throws IdentityMgtServiceException {

    ChallengeQuestionProcessor processor = IdentityMgtServiceComponent.
            getRecoveryProcessor().getQuestionProcessor();
    List<ChallengeQuestionDTO> questionDTOs = null;
    try {
        questionDTOs = processor.getAllChallengeQuestions();
    } catch (IdentityException e) {
        String errorMessage = "Error while loading user challenge questions";
        log.error(errorMessage, e);
        throw new IdentityMgtServiceException(errorMessage);
    }
    return questionDTOs.toArray(new ChallengeQuestionDTO[questionDTOs.size()]);

}
 
Example #14
Source File: UserRegistrationService.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private boolean isUserNameWithAllowedDomainName(String userName, UserRealm realm)
        throws IdentityException {
    int index;
    index = userName.indexOf("/");

    // Check whether we have a secondary UserStoreManager setup.
    if (index > 0) {
        // Using the short-circuit. User name comes with the domain name.
        try {
            return !realm.getRealmConfiguration().isRestrictedDomainForSlefSignUp(
                    userName.substring(0, index));
        } catch (UserStoreException e) {
            throw IdentityException.error(e.getMessage(), e);
        }
    }
    return true;
}
 
Example #15
Source File: JDBCUserRecoveryDataStore.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Stores identity data.
 *
 * @throws IdentityException
 */
@Override
public void store(UserRecoveryDataDO recoveryDataDO) throws IdentityException {

    Connection connection = IdentityDatabaseUtil.getDBConnection();
    PreparedStatement prepStmt = null;
    try {
        prepStmt = connection.prepareStatement(SQLQuery.STORE_META_DATA);
        prepStmt.setString(1, recoveryDataDO.getUserName().toLowerCase());
        prepStmt.setInt(2, PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
        prepStmt.setString(3, recoveryDataDO.getCode().toLowerCase());
        prepStmt.setString(4, recoveryDataDO.getSecret());
        prepStmt.setString(5, recoveryDataDO.getExpireTime());
        prepStmt.execute();
        IdentityDatabaseUtil.commitTransaction(connection);
    } catch (SQLException e) {
        IdentityDatabaseUtil.rollbackTransaction(connection);
        throw IdentityException.error("Error while storing user identity data", e);
    } finally {
        IdentityDatabaseUtil.closeStatement(prepStmt);
        IdentityDatabaseUtil.closeConnection(connection);
    }
}
 
Example #16
Source File: IdentityMgtEventListener.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private void sendEmail(String userName, int tenantId, String notification) {
    UserRecoveryDTO dto;
    String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId);

    if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
        dto = new UserRecoveryDTO(userName);
    } else {
        UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
        userDTO.setTenantId(tenantId);
        dto = new UserRecoveryDTO(userDTO);
    }
    dto.setNotification(notification);
    dto.setNotificationType(EMAIL_NOTIFICATION_TYPE);
    try {
        IdentityMgtServiceComponent.getRecoveryProcessor().recoverWithNotification(dto);
    } catch (IdentityException e) {
        //proceed with the rest of the flow even if the email is not sent
        log.error("Email notification sending failed for user:" + userName + " for " + notification);
    }
}
 
Example #17
Source File: FilterTreeBuilder.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * We build the parser using the recursive descent parser technique.
 */
private void factor() throws IdentityException {

    symbol = nextSymbol();
    if (symbol.equals(String.valueOf(IdentityCoreConstants.Filter.NOT))) {
        OperationNode not = new OperationNode(IdentityCoreConstants.Filter.NOT);
        factor();
        not.setRightNode(root);
        root = not;
    } else if (symbol.equals(String.valueOf("("))) {
        expression();
        symbol = nextSymbol(); // We don't care about ')'.
    } else {
        if (!(symbol.equals(String.valueOf(")")))) {
            ExpressionNode expressionNode = new ExpressionNode();
            validateAndBuildFilterExpression(symbol, expressionNode);
            root = expressionNode;
            symbol = nextSymbol();
        } else {
            throw new IdentityException("Invalid argument: Identity Provider filter name value is empty or " +
                    "invalid symbol: " + symbol);
        }
    }
}
 
Example #18
Source File: IWAUIAuthenticator.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param request
 * @return
 * @throws AxisFault
 */
private IWAAuthenticatorStub getIWAClient(HttpServletRequest request)
        throws AxisFault, IdentityException {

    HttpSession session = request.getSession();
    ServletContext servletContext = session.getServletContext();
    String backendServerURL = request.getParameter("backendURL");
    if (backendServerURL == null) {
        backendServerURL = CarbonUIUtil.getServerURL(servletContext, request.getSession());
    }

    ConfigurationContext configContext = (ConfigurationContext) servletContext
            .getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);

    String serviceEPR = backendServerURL + "IWAAuthenticator";
    IWAAuthenticatorStub stub = new IWAAuthenticatorStub(configContext, serviceEPR);
    ServiceClient client = stub._getServiceClient();
    client.engageModule("rampart");
    Policy rampartConfig = IdentityBaseUtil.getDefaultRampartConfig();
    Policy signOnly = IdentityBaseUtil.getSignOnlyPolicy();
    Policy mergedPolicy = signOnly.merge(rampartConfig);
    Options options = client.getOptions();
    options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, mergedPolicy);
    options.setManageSession(true);
    return stub;
}
 
Example #19
Source File: Utils.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * gets no of verified user challenges
 *
 * @param userDTO bean class that contains user and tenant Information
 * @return no of verified challenges
 * @throws IdentityException if fails
 */
public static int getVerifiedChallenges(UserDTO userDTO) throws IdentityException {

    int noOfChallenges = 0;

    try {
        UserRegistry registry = IdentityMgtServiceComponent.getRegistryService().
                getConfigSystemRegistry(MultitenantConstants.SUPER_TENANT_ID);
        String identityKeyMgtPath = IdentityMgtConstants.IDENTITY_MANAGEMENT_CHALLENGES +
                RegistryConstants.PATH_SEPARATOR + userDTO.getUserId() +
                RegistryConstants.PATH_SEPARATOR + userDTO.getUserId();

        Resource resource;
        if (registry.resourceExists(identityKeyMgtPath)) {
            resource = registry.get(identityKeyMgtPath);
            String property = resource.getProperty(IdentityMgtConstants.VERIFIED_CHALLENGES);
            if (property != null) {
                return Integer.parseInt(property);
            }
        }
    } catch (RegistryException e) {
        log.error("Error while processing userKey", e);
    }

    return noOfChallenges;
}
 
Example #20
Source File: OAuthConsumerDAO.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Returns oAuth consumer secret for a give consumer key.
 *
 * @param consumerKey consumer key
 * @return oAuth consumer secret
 * @throws IdentityException if error occurs while obtaining the consumer secret
 */
public String getOAuthConsumerSecret(String consumerKey) throws IdentityException {
    String path = null;
    Resource resource = null;

    if (log.isDebugEnabled()) {
        log.debug("Retreiving user for OAuth consumer key  " + consumerKey);
    }

    try {
        path = RegistryConstants.PROFILES_PATH + consumerKey;
        if (registry.resourceExists(path)) {
            resource = registry.get(path);
            return resource.getProperty(IdentityRegistryResources.OAUTH_CONSUMER_PATH);
        } else {
            return null;
        }
    } catch (RegistryException e) {
        log.error("Error while retreiving user for OAuth consumer key  " + consumerKey, e);
        throw IdentityException.error("Error while retreiving user for OAuth consumer key  "
                + consumerKey, e);
    }
}
 
Example #21
Source File: UserRegistrationService.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private boolean isUserNameWithAllowedDomainName(String userName, UserRealm realm)
        throws IdentityException {
    int index;
    index = userName.indexOf("/");

    // Check whether we have a secondary UserStoreManager setup.
    if (index > 0) {
        // Using the short-circuit. User name comes with the domain name.
        try {
            return !realm.getRealmConfiguration().isRestrictedDomainForSlefSignUp(
                    userName.substring(0, index));
        } catch (UserStoreException e) {
            throw IdentityException.error(e.getMessage(), e);
        }
    }
    return true;
}
 
Example #22
Source File: FilterTreeBuilder.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * create a expression node from the given values
 *
 * @param attributeValue Attribute value.
 * @param operation      operation value.
 * @param value          the value of the filter
 * @param expressionNode filter index.
 */
private void setExpressionNodeValues(String attributeValue, String operation, String value,
                                     ExpressionNode expressionNode) throws IdentityException {

    if (StringUtils.isNotBlank(attributeValue) || StringUtils.isNotBlank(operation)) {
        expressionNode.setAttributeValue(attributeValue.trim());
        expressionNode.setOperation(operation.trim());
        if (value != null) {
            expressionNode.setValue(value.trim());
        }
    } else {
        throw new IdentityException("Given filter value is empty. attributeValue: " + attributeValue +
                "operation: " + operation);
    }
}
 
Example #23
Source File: AbstractDAO.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the first object in a registry path with a given property value.
 *
 * @param path registry path
 * @param propName name of the property to be matched
 * @param value value of the property to be matched
 * @return first objects matching the given property value in the given registry path
 * @throws IdentityException if an error occurs while reading the registry
 */
public T getFirstObjectWithPropertyValue(String path, String propName, String value)
        throws IdentityException {
    Resource resource = null;
    Map<String, String> params = null;
    Resource result = null;
    String[] paths = null;

    try {

        if (log.isErrorEnabled()) {
            log.debug("Retrieving first object from the registry path with property value "
                    + path);
        }
        params = new HashMap<String, String>();
        params.put("1", propName);
        params.put("2", value);
        result = registry.executeQuery(getCustomQuery(), params);
        paths = (String[]) result.getContent();

        if (paths != null && paths.length > 0) {
            resource = registry.get(paths[0]);
        }
    } catch (RegistryException e) {
        String message = "Error while retrieving first object from the registry path with property value";
        log.error(message, e);
        throw IdentityException.error(message, e);
    }

    return resourceToObject(resource);
}
 
Example #24
Source File: FilterTreeBuilder.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * We build the parser using the recursive descent parser technique.
 */
private void term() throws IdentityException {

    factor();
    while (symbol.equals(String.valueOf(IdentityCoreConstants.Filter.AND))) {
        OperationNode and = new OperationNode(IdentityCoreConstants.Filter.AND);
        and.setLeftNode(root);
        factor();
        and.setRightNode(root);
        root = and;
    }
}
 
Example #25
Source File: FilterTreeBuilder.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * We build the parser using the recursive descent parser technique.
 */
private void expression() throws IdentityException {

    term();
    while (symbol.equals(String.valueOf(IdentityCoreConstants.Filter.OR))) {
        OperationNode or = new OperationNode(IdentityCoreConstants.Filter.OR);
        or.setLeftNode(root);
        term();
        or.setRightNode(root);
        root = or;
    }
}
 
Example #26
Source File: UserIdentityManagementUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Invalidates the identity metadata
 *
 * @param userName
 * @param tenantId
 * @param metadataType
 * @param metadata
 * @throws IdentityException
 */
public static void invalidateUserIdentityMetadata(String userName, int tenantId, String metadataType,
                                                  String metadata) throws IdentityException {
    JDBCUserRecoveryDataStore store = new JDBCUserRecoveryDataStore();
    UserRecoveryDataDO metadataDO =
            new UserRecoveryDataDO(userName, tenantId, metadataType,
                    metadata);
    store.invalidate(metadataDO);

}
 
Example #27
Source File: OpenIDAdminDAO.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Create or update the OpenID admin.
 *
 * @param opAdmin openID admin
 * @throws IdentityException if error occurs while creating or updating the OpenID admin
 */
public void createOrUpdate(OpenIDAdminDO opAdmin) throws IdentityException {
    String path = null;
    Resource resource = null;

    try {
        path = IdentityRegistryResources.OPEN_ID_ADMIN_SETTINGS;
        if (!registry.resourceExists(path)) {
            if (log.isDebugEnabled()) {
                log.debug("Creating new openid admin");
            }
            resource = registry.newResource();
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Updating openid admin");
            }
            resource = registry.get(path);
            resource.removeProperty(IdentityRegistryResources.SUB_DOMAIN);
            resource.removeProperty(IdentityRegistryResources.OPENID_PATTERN);
        }
        resource.addProperty(IdentityRegistryResources.SUB_DOMAIN, opAdmin.getSubDomain());
        resource.addProperty(IdentityRegistryResources.OPENID_PATTERN, opAdmin
                .getTenantOpenIDPattern());
        registry.put(path, resource);
    } catch (RegistryException e) {
        log.error("Error while creating/updating openid admin", e);
        throw IdentityException.error("Error while creating/updating openid admin", e);
    }
}
 
Example #28
Source File: ThriftAuthenticatorServiceImpl.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private void addThriftSession(ThriftSession thriftSession) throws IdentityException {
    //add to cache
    authenticatedSessions.put(thriftSession.getSessionId(), thriftSession);
    //add to database
    ThriftSessionDAO sessionDAO = this.thriftSessionDAO.getInstance();
    sessionDAO.addSession(thriftSession);
}
 
Example #29
Source File: ChallengeQuestionProcessor.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * @param userName
 * @param tenantId
 * @return
 */
public List<String> getChallengeQuestionUris(String userName, int tenantId) throws IdentityMgtServiceException{

    if (log.isDebugEnabled()) {
        log.debug("Challenge Question from the user profile.");
    }

    List<String> challenges = new ArrayList<String>();
    String claimValue = null;
    String[] challengesUris;

    try {
        claimValue = Utils.getClaimFromUserStoreManager(userName, tenantId,
                "http://wso2.org/claims/challengeQuestionUris");
    } catch (IdentityException e) {
        throw new IdentityMgtServiceException("Error while getting cliams.", e);
    }

    if (claimValue != null) {
        if (claimValue.contains(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator())) {
            challengesUris = claimValue.split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
        } else {
            challengesUris = new String[]{claimValue.trim()};
        }

        for (String challengesUri : challengesUris) {
            if (StringUtils.isNotBlank(challengesUri)) {
                challenges.add(challengesUri.trim());
            }
        }
    }

    return challenges;
}
 
Example #30
Source File: OpenIDAdminDAO.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * @param rp
 * @throws IdentityException
 */
public void createOrUpdate(OpenIDAdminDO opAdmin) throws IdentityException {
    String path = null;
    Resource resource = null;

    try {
        path = IdentityRegistryResources.OPEN_ID_ADMIN_SETTINGS;
        if (!registry.resourceExists(path)) {
            if (log.isDebugEnabled()) {
                log.debug("Creating new openid admin");
            }
            resource = registry.newResource();
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Updating openid admin");
            }
            resource = registry.get(path);
            resource.removeProperty(IdentityRegistryResources.SUB_DOMAIN);
            resource.removeProperty(IdentityRegistryResources.OPENID_PATTERN);
        }
        resource.addProperty(IdentityRegistryResources.SUB_DOMAIN, opAdmin.getSubDomain());
        resource.addProperty(IdentityRegistryResources.OPENID_PATTERN, opAdmin
                .getTenantOpenIDPattern());
        registry.put(path, resource);
    } catch (RegistryException e) {
        log.error("Error while creating/updating openid admin", e);
        throw IdentityException.error("Error while creating/updating openid admin", e);
    }
}