/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil.addDomainToName(roleMapping .getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole() .getLocalRoleName()); } } } }
LocalRole localRole = new LocalRole(); localRole.setLocalRoleName(resultSet.getString(1)); roleMapping.setLocalRole(localRole); roleMapping.setRemoteRole(resultSet.getString(2)); log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
public static RoleMapping build(OMElement roleMappingOM) { RoleMapping roleMapping = new RoleMapping(); Iterator<?> iter = roleMappingOM.getChildElements(); while (iter.hasNext()) { OMElement element = (OMElement) (iter.next()); String elementName = element.getLocalName(); if ("localRole".equals(elementName)) { roleMapping.setLocalRole(LocalRole.build(element)); } if ("remoteRole".equals(elementName)) { roleMapping.setRemoteRole(element.getText()); } } return roleMapping; }
public static LocalRole build(OMElement localRoleOM) { LocalRole localRole = new LocalRole(); Iterator<?> iter = localRoleOM.getChildElements(); while (iter.hasNext()) { OMElement element = (OMElement) (iter.next()); String elementName = element.getLocalName(); if ("LocalRoleName".equals(elementName)) { localRole.setLocalRoleName(element.getText()); } else if ("UserStoreId".equals(elementName)) { localRole.setUserStoreId(element.getText()); } } return localRole; }
private static String getLocalRoleName(RoleMapping roleMapping) { return roleMapping.getLocalRole().getLocalRoleName(); }
rs2 = prepStmt2.executeQuery(); while (rs2.next()) { LocalRole localRole = new LocalRole(rs2.getString("USER_STORE_ID"), rs2.getString("LOCAL_ROLE")); RoleMapping roleMapping = new RoleMapping(localRole, rs2.getString("ROLE"));
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
public static LocalRole build(OMElement localRoleOM) { LocalRole localRole = new LocalRole(); Iterator<?> iter = localRoleOM.getChildElements(); while (iter.hasNext()) { OMElement element = (OMElement) (iter.next()); String elementName = element.getLocalName(); if ("LocalRoleName".equals(elementName)) { localRole.setLocalRoleName(element.getText()); } else if ("UserStoreId".equals(elementName)) { localRole.setUserStoreId(element.getText()); } } return localRole; }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
LocalRole localRole = new LocalRole(); localRole.setLocalRoleName(resultSet.getString(1)); roleMapping.setLocalRole(localRole); roleMapping.setRemoteRole(resultSet.getString(2)); log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
public static RoleMapping build(OMElement roleMappingOM) { RoleMapping roleMapping = new RoleMapping(); Iterator<?> iter = roleMappingOM.getChildElements(); while (iter.hasNext()) { OMElement element = (OMElement) (iter.next()); String elementName = element.getLocalName(); if ("localRole".equals(elementName)) { roleMapping.setLocalRole(LocalRole.build(element)); } if ("remoteRole".equals(elementName)) { roleMapping.setRemoteRole(element.getText()); } } return roleMapping; }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
/** * @param provisioningEntity * @param idPRoleMapping */ private void updateProvisioningUserWithMappedRoles(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping) { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || idPRoleMapping == null || idPRoleMapping.length == 0) { return; } List<String> userGroups = getGroupNames(provisioningEntity.getAttributes()); if (CollectionUtils.isEmpty(userGroups)) { return; } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = userGroups.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } ProvisioningUtil.setClaimValue(IdentityProvisioningConstants.GROUP_CLAIM_URI, provisioningEntity.getAttributes(), mappedUserGroups); }
String userStoreId = mapping.getLocalRole().getUserStoreId(); String localRole = mapping.getLocalRole().getLocalRoleName();
/** * Validate local roles in role mapping configuration. * * @param validationMsg validation error messages * @param permissionsAndRoleConfig permission and role configurations * @param tenantDomain tenant domain */ private void validateRoleConfigs(List<String> validationMsg, PermissionsAndRoleConfig permissionsAndRoleConfig, String tenantDomain) { if (permissionsAndRoleConfig == null || permissionsAndRoleConfig.getRoleMappings() == null) { return; } try { UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm() .getUserStoreManager(); for (RoleMapping roleMapping : permissionsAndRoleConfig.getRoleMappings()) { if (!userStoreManager.isExistingRole(roleMapping.getLocalRole().getLocalRoleName())) { validationMsg.add(String.format(ROLE_NOT_AVAILABLE, roleMapping.getLocalRole().getLocalRoleName())); break; } } } catch (UserStoreException e) { validationMsg.add(String.format("Error when checking the existence of local roles in %s.", tenantDomain)); } } }
.getUserStoreManager(); String role = null; if (mapping.getLocalRole().getUserStoreId() != null) { role = mapping.getLocalRole().getUserStoreId() + CarbonConstants.DOMAIN_SEPARATOR + mapping.getLocalRole().getLocalRoleName(); } else { role = mapping.getLocalRole().getLocalRoleName();
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID);
.getTenantUserRealm(tenantId).getUserStoreManager(); String role = null; if (mapping.getLocalRole().getUserStoreId() != null) { role = mapping.getLocalRole().getUserStoreId() + CarbonConstants.DOMAIN_SEPARATOR + mapping.getLocalRole().getLocalRoleName();
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID);