/** * Return a SCIMUser object as defined in SCIM schema * * @return */ public User createUser() { return new User(); }
@Override public User updateUser(User user, Map<String, Boolean> requiredAttributes) throws NotImplementedException, CharonException, BadRequestException, NotFoundException { try { if (log.isDebugEnabled()) { log.debug("Updating user: " + user.toString()); } //get the claims map from the new scim user object. Map<String, String> claims = SCIMClaimResolver.getClaimsMap(user); //get the claim list to be updated. List<Claim> claimList = getUserBeanFromClaims(claims).getClaims(); //TODO this is a temporary method. need to remove this once the claim management is completed. claimList = ClaimMapper.getInstance().convertMetaToWso2Dialect(claimList); //set user updated claim values identityStore.updateUserClaims(user.getId(), claimList); if (log.isDebugEnabled()) { log.debug("User: " + user.getUserName() + " updated through SCIM."); } //get the updated user from the user core and sent it to client. return this.getUser(user.getId(), requiredAttributes); } catch (UserNotFoundException | NotFoundException e) { throw new NotFoundException("No such user with the user id : " + user.getId()); } catch (IdentityStoreException e) { throw new CharonException("Error in updating the user", e); } }
/** * Sets the password for the user. * * @param user * @param password * @throws CharonException * @throws BadRequestException */ private void setPassword(User user, String password) throws CharonException, BadRequestException { if (user.isAttributeExist(SCIMConstants.UserSchemaConstants.PASSWORD)) { ((SimpleAttribute) user.getAttributeList().get(SCIMConstants.UserSchemaConstants.PASSWORD)). updateValue(password); } else { SimpleAttribute simpleAttribute = new SimpleAttribute(SCIMConstants.UserSchemaConstants.PASSWORD, password); simpleAttribute = (SimpleAttribute) DefaultAttributeFactory. createAttribute(SCIMSchemaDefinitions.SCIMUserSchemaDefinition.PASSWORD, simpleAttribute); user.getAttributeList().put(SCIMConstants.UserSchemaConstants.PASSWORD, simpleAttribute); } }
@Override public User updateUser(User user, Map<String, Boolean> requiredAttributes) throws NotImplementedException, CharonException, BadRequestException, NotFoundException { log.debug("Updating user: {}", user); Map<String, String> attributesMap = SCIMClaimResolver.getClaimsMap(user); // need to populate the supported claims/attributes. Then filter out // user attributes against the supported list ? List<Attribute> attributeList = getAttributeListFromMap(attributesMap); try { userStoreConnector.updateUserAttributes(user.getId(), attributeList); //handle password if (user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD) != null) { char[] password = ((SimpleAttribute) (user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD))) .getStringValue().toCharArray(); PasswordCallback passwordCallback = new PasswordCallback(SCIMConstants.UserSchemaConstants.PASSWORD, false); passwordCallback.setPassword(password); userStoreConnector.updateCredentials(user.getId(), passwordCallback); } // get the updated user from the user core and sent it to client. return this.getUser(user.getId(), requiredAttributes); } catch (UserStoreConnectorException e) { //Charon wrap exception to SCIMResponse and does not log exceptions log.error("Error occurred while updating user: " + user + " to user store", e); handleUserStoreExceptionWhenUpdating(e); } return null; }
try { if (log.isDebugEnabled()) { log.debug("Updating user: " + user.getUserName()); String userStoreDomainFromSP = getUserStoreDomainFromSP(); SCIMResourceTypeSchema schema = SCIMResourceSchemaManager.getInstance().getUserResourceSchema(); User oldUser = this.getUser(user.getId(), ResourceManagerUtil.getAllAttributeURIs(schema)); if (userStoreDomainFromSP != null && !userStoreDomainFromSP .equalsIgnoreCase(IdentityUtil.extractDomainFromName(oldUser.getUserName()))) { throw new CharonException("User :" + oldUser.getUserName() + "is not belong to user store " + userStoreDomainFromSP + "Hence user updating fail"); user.setUserName(IdentityUtil .addDomainToName(UserCoreUtil.removeDomainFromName(user.getUserName()), getUserStoreDomainFromSP())); if (!carbonUM.isExistingUser(user.getUserName())) { throw new CharonException("User name is immutable in carbon user store."); Map<String, String> oldClaimList = carbonUM.getUserClaimValues(user.getUserName(), requiredClaimsInLocalDialect .toArray(new String[requiredClaims.size()]), null); carbonUM.deleteUserClaimValue(user.getUserName(), entry.getKey(), null); carbonUM.setUserClaimValues(user.getUserName(), claimValuesInLocalDialect, null); if (user.getPassword() != null) { carbonUM.updateCredentialByAdmin(user.getUserName(), user.getPassword());
public void deleteUser() throws IdentitySCIMException { String filter = USER_FILTER + ((User) scimObject).getUserName(); List<User> users = (List<User>) (List<?>) listWithGet(null, null, filter, 1, 1, null, null, SCIM2CommonConstants.USER); String userId = user.getId(); if (userId == null) { logger.error("Trying to delete a user entry which doesn't support SCIM. " + handleSCIMErrorResponse(response); } else { logger.error("No Users found with userName: " + ((User) scimObject).getUserName());
log.debug("Creating user: " + user.toString()); String userStoreDomain = SCIMCommonUtils.extractDomainFromName(user.getUserName(), identityStore); user.setUserName(SCIMCommonUtils.removeDomainFromName(user.getUserName())); user.getAttribute(SCIMConstants.UserSchemaConstants.GROUPS)); throw new ConflictException("User with the name: " + user.getUserName() + " already exists in the system."); Attribute passwordAttribute = user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD); if (passwordAttribute != null) { char[] password = ((SimpleAttribute) (user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD))). getStringValue().toCharArray(); log.debug("User: " + user.getUserName() + " is created through SCIM."); String errMsg = "Error occurred while adding user:" + user.getUserName() + "to user store"; String errMsg = "Error in retrieving newly added user:" + user.getUserName() + " from user store";
scimUser.setGroup(null, group.getUniqueGroupId(), null); scimUser.setId(userStoreUser.getUniqueUserId()); scimUser.setSchemas(); scimUser.setLocation(SCIMCommonConstants.USERS_LOCATION + "/" + userStoreUser.getUniqueUserId());
/** * Deletes the user. * * @param userEntity * @throws IdentityProvisioningException */ private void deleteUser(ProvisioningEntity userEntity) throws IdentityProvisioningException { String userName = null; try { List<String> userNames = getUserNames(userEntity.getAttributes()); if (CollectionUtils.isNotEmpty(userNames)) { userName = userNames.get(0); } User user = new User(); user.setUserName(userName); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, user, null); scimProvsioningClient.provisionDeleteUser(); } catch (Exception e) { throw new IdentityProvisioningException("Error while deleting user : " + userName, e); } }
String currentUserName = user.getUserName(); currentUserName = UserCoreUtil.removeDomainFromName(currentUserName); user.setUserName(userName.append(userStoreName) .append(CarbonConstants.DOMAIN_SEPARATOR).append(currentUserName) .toString()); String userStoreDomainName = IdentityUtil.extractDomainFromName(user.getUserName()); if(StringUtils.isNotBlank(userStoreDomainName) && !isSCIMEnabled(userStoreDomainName)){ throw new CharonException("Cannot add user through scim to user store " + ". SCIM is not " + log.debug("Creating user: " + user.getUserName()); if (carbonUM.isExistingUser(user.getUserName())) { String error = "User with the name: " + user.getUserName() + " already exists in the system."; throw new ConflictException(error); carbonUM.addUser(user.getUserName(), user.getPassword(), null, claimsInLocalDialect, null); log.info("User: " + user.getUserName() + " is created through SCIM."); String errMsg = "Error in adding the user: " + user.getUserName() + " to the user store. "; errMsg += e.getMessage(); throw new CharonException(errMsg, e);
} else { scimUser.setSchemas(); log.info("User: " + scimUser.getUserName() + " is retrieved through SCIM."); return scimUser;
Optional<Group> group = Optional.ofNullable(getSCIMGroup(groupId, requiredGroupClaims, false)); if (group.isPresent()) { scimUser.setGroup(null, group.get().getId(), group.get().getDisplayName()); } else { log.warn("Group " + groupId + " recorded as a group of user " + userId + " but group " scimUser.setSchemas(); scimUser.setLocation(SCIMCommonConstants.USERS_LOCATION + "/" + userId);
User user = (User) SCIMClaimResolver.constructSCIMObjectFromAttributes(attributes, SCIMCommonConstants.USER); user.setId(UUID.randomUUID().toString()); User addedUser = userManager.createUser(user, requiredAttributes); if (addedUser != null) { Group group = (Group) SCIMClaimResolver.constructSCIMObjectFromAttributes(attributes, SCIMCommonConstants.GROUP); group.setMember(addedUser.getId(), username); group.setId(UUID.randomUUID().toString()); Group newGroup = userManager.createGroup(group, requiredGroupAttributes);
private void addSCIMUsers(List<Object> filteredUsers, String[] userNames, List<String> requiredClaims, Map<String, String> scimToLocalClaimsMap) throws CharonException { User scimUser; for (String userName : userNames) { if (CarbonConstants.REGISTRY_ANONNYMOUS_USERNAME.equals(userName)) { continue; } scimUser = this.getSCIMUser(userName, requiredClaims, scimToLocalClaimsMap); //if SCIM-ID is not present in the attributes, skip if (scimUser != null && StringUtils.isBlank(scimUser.getId())) { continue; } filteredUsers.add(scimUser); } }
@Override public User getUser(String userId, Map<String, Boolean> requiredAttributes) throws CharonException, BadRequestException, NotFoundException { if (log.isDebugEnabled()) { log.debug("Retrieving user: " + userId); } try { org.wso2.carbon.identity.mgt.User userStoreUser = identityStore.getUser(userId); //TODO:We need to pass the scim claim dialect for this method List<Claim> claimList = userStoreUser.getClaims(); //TODO this is a temporary method. need to remove this once the claim management is completed. claimList = ClaimMapper.getInstance().convertToScimDialect(claimList); User scimUser = getSCIMUser(userStoreUser, claimList); if (log.isDebugEnabled()) { log.debug("User: " + scimUser.getUserName() + " is retrieved through SCIM."); } return scimUser; } catch (IdentityStoreException e) { throw new CharonException("Error in getting user from the userid :" + userId, e); } catch (UserNotFoundException e) { throw new NotFoundException("User not found with the given userid :" + userId); } }
private void retriveSCIMUsers(List<Object> users, String[] userNames, List<String> requiredClaims, Map<String, String> scimToLocalClaimsMap) throws CharonException { for (String userName : userNames) { if (userName.contains(UserCoreConstants.NAME_COMBINER)) { userName = userName.split("\\" + UserCoreConstants.NAME_COMBINER)[0]; } User scimUser = this.getSCIMUser(userName, requiredClaims, scimToLocalClaimsMap); if (scimUser != null) { Map<String, Attribute> attrMap = scimUser.getAttributeList(); if (attrMap != null && !attrMap.isEmpty()) { users.add(scimUser); } } } }
scimUser.setGroup(null, group.getId(), role);
/** * Creates the user. * * @param userEntity * @throws UserStoreException */ private void createUser(ProvisioningEntity userEntity) throws IdentityProvisioningException { String userName = null; try { List<String> userNames = getUserNames(userEntity.getAttributes()); if (CollectionUtils.isNotEmpty(userNames)) { userName = userNames.get(0); } // get single-valued claims Map<String, String> singleValued = getSingleValuedClaims(userEntity.getAttributes()); // if user created through management console, claim values are not present. User user = (User) SCIMClaimResolver.constructSCIMObjectFromAttributes(singleValued, 1); user.setUserName(userName); setUserPassword(user, userEntity); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, user, null); scimProvsioningClient.provisionCreateUser(); } catch (Exception e) { throw new IdentityProvisioningException("Error while creating the user : " + userName, e); } }
if (user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD) != null) { char[] password = ((SimpleAttribute) (user.getAttribute(SCIMConstants.UserSchemaConstants.PASSWORD))) .getStringValue().toCharArray(); PasswordCallback passwordCallback =
public void updateUser(String httpMethod) throws IdentitySCIMException { String filter = USER_FILTER + ((User) scimObject).getUserName(); List<User> users = (List<User>) (List<?>) listWithGet(null, null, filter, 1, 1, null, null, SCIM2CommonConstants.USER); if (users != null && users.size() > 0) { user = users.get(0); String userId = user.getId(); if (userId == null) { logger.error("Trying to update a user entry which doesn't support SCIM. " + logger.error("No Users found with userName: " + ((User) scimObject).getUserName());