private static String getLocalRoleName(RoleMapping roleMapping) { return roleMapping.getLocalRole().getLocalRoleName(); }
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
/** * Retrieves Identity provider information about a given tenant * * @param idPName Unique name of the IdP to which the given IdP roles need to be mapped * @param tenantDomain The tenant domain of whose local roles to be mapped * @param idPRoles IdP roles which need to be mapped to local roles * @throws IdentityProviderManagementException Error when getting role mappings */ @Override public Map<String, LocalRole> getMappedLocalRolesMap(String idPName, String tenantDomain, String[] idPRoles) throws IdentityProviderManagementException { Set<RoleMapping> roleMappings = getMappedLocalRoles(idPName, tenantDomain, idPRoles); Map<String, LocalRole> returnMap = new HashMap<String, LocalRole>(); for (RoleMapping roleMapping : roleMappings) { returnMap.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole()); } return returnMap; }
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
/** * Retrieves Identity provider information about a given tenant * * @param idPName Unique name of the IdP to which the given local roles need to be mapped * @param tenantDomain The tenant domain of whose local roles need to be mapped * @param localRoles Local roles which need to be mapped to IdP roles * @throws IdentityProviderManagementException Error when getting role mappings */ @Override public Map<LocalRole, String> getMappedIdPRolesMap(String idPName, String tenantDomain, LocalRole[] localRoles) throws IdentityProviderManagementException { Set<RoleMapping> roleMappings = getMappedIdPRoles(idPName, tenantDomain, localRoles); Map<LocalRole, String> returnMap = new HashMap<LocalRole, String>(); for (RoleMapping roleMapping : roleMappings) { returnMap.put(roleMapping.getLocalRole(), roleMapping.getRemoteRole()); } return returnMap; }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil.addDomainToName(roleMapping .getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole() .getLocalRoleName()); } } } }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
/** * @param provisioningEntity * @param idPRoleMapping */ private void updateProvisioningUserWithMappedRoles(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping) { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || idPRoleMapping == null || idPRoleMapping.length == 0) { return; } List<String> userGroups = getGroupNames(provisioningEntity.getAttributes()); if (CollectionUtils.isEmpty(userGroups)) { return; } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = userGroups.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } ProvisioningUtil.setClaimValue(IdentityProvisioningConstants.GROUP_CLAIM_URI, provisioningEntity.getAttributes(), mappedUserGroups); }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
String userStoreId = mapping.getLocalRole().getUserStoreId(); String localRole = mapping.getLocalRole().getLocalRoleName();
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID); log.debug("Storing Claim Mapping. IDPRole: " + roleMapping.getLocalRole() + " SPRole: " + roleMapping.getRemoteRole());
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID); log.debug("Storing Claim Mapping. IDPRole: " + roleMapping.getLocalRole() + " SPRole: " + roleMapping.getRemoteRole());
/** * Validate local roles in role mapping configuration. * * @param validationMsg validation error messages * @param permissionsAndRoleConfig permission and role configurations * @param tenantDomain tenant domain */ private void validateRoleConfigs(List<String> validationMsg, PermissionsAndRoleConfig permissionsAndRoleConfig, String tenantDomain) { if (permissionsAndRoleConfig == null || permissionsAndRoleConfig.getRoleMappings() == null) { return; } try { UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm() .getUserStoreManager(); for (RoleMapping roleMapping : permissionsAndRoleConfig.getRoleMappings()) { if (!userStoreManager.isExistingRole(roleMapping.getLocalRole().getLocalRoleName())) { validationMsg.add(String.format(ROLE_NOT_AVAILABLE, roleMapping.getLocalRole().getLocalRoleName())); break; } } } catch (UserStoreException e) { validationMsg.add(String.format("Error when checking the existence of local roles in %s.", tenantDomain)); } } }
log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
for (RoleMapping roleMapping : permissionAndRoleConfig.getRoleMappings()) { if (roleMapping.getRemoteRole().equals(receivedRole)) { updatedRoleClaimValues.add(roleMapping.getLocalRole().getLocalRoleName()); continue loop;
for (LocalRole localRole : localRoles) { for (RoleMapping roleMapping : roleMappings) { if (roleMapping.getLocalRole().equals(localRole)) { returnSet.add(roleMapping); break;
this.roleMappings = new HashMap<String, String>(); for (RoleMapping roleMapping : tempRoleMappings) { this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());
this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());
this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());