private int getTenantIdFromDomain(String tenantDomainName) throws IdentityProvisioningException { if (StringUtils.isBlank(tenantDomainName)) { throw new IdentityProvisioningException("Provided tenant domain is invalid"); } try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomainName); } catch (UserStoreException e) { throw new IdentityProvisioningException( "Error occurred while resolving tenant Id from tenant domain :" + tenantDomainName, e); } }
private int getTenantIdFromDomain(String tenantDomainName) throws IdentityProvisioningException { if (StringUtils.isBlank(tenantDomainName)) { throw new IdentityProvisioningException("Provided tenant domain is invalid"); } try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomainName); } catch (UserStoreException e) { throw new IdentityProvisioningException( "Error occurred while resolving tenant Id from tenant domain :" + tenantDomainName, e); } }
private int getTenantIdFromDomain(String tenantDomainName) throws IdentityProvisioningException { if (StringUtils.isBlank(tenantDomainName)) { throw new IdentityProvisioningException("Provided tenant domain is invalid"); } try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomainName); } catch (UserStoreException e) { throw new IdentityProvisioningException( "Error occurred while resolving tenant Id from tenant domain :" + tenantDomainName, e); } }
private String[] buildProvisioningEntries(String provisioningPattern) throws IdentityProvisioningException { if (!provisioningPattern.contains("{") || !provisioningPattern.contains("}")) { throw new IdentityProvisioningException("Invalid Provisioning Pattern"); } String provisioningPatternWithoutCurlBrace = provisioningPattern.replaceAll("\\{", "").replaceAll("\\}", ""); return provisioningPatternWithoutCurlBrace.split(","); }
private String[] buildProvisioningEntries(String provisioningPattern) throws IdentityProvisioningException { if (!provisioningPattern.contains("{") || !provisioningPattern.contains("}")) { throw new IdentityProvisioningException("Invalid Provisioning Pattern"); } String provisioningPatternWithoutCurlBrace = provisioningPattern.replaceAll("\\{", "").replaceAll("\\}", ""); return provisioningPatternWithoutCurlBrace.split(","); }
private String[] buildProvisioningEntries(String provisioningPattern) throws IdentityProvisioningException { if (!provisioningPattern.contains("{") || !provisioningPattern.contains("}")) { throw new IdentityProvisioningException("Invalid Provisioning Pattern"); } String provisioningPatternWithoutCurlBrace = provisioningPattern.replaceAll("\\{", "").replaceAll("\\}", ""); return provisioningPatternWithoutCurlBrace.split(","); }
/** * @return * @throws IdentityProvisioningException */ public String getUserIdClaim() throws IdentityProvisioningException { String userIDClaim = this.configs .getProperty(SalesforceConnectorConstants.PropertyConfig.USER_ID_CLAIM); if (StringUtils.isBlank(userIDClaim)) { log.error("Required claim for user id is not defined in config"); throw new IdentityProvisioningException( "Required claim for user id is not defined in config"); } if (log.isDebugEnabled()) { log.debug("Mapped claim for UserId is : " + userIDClaim); } return userIDClaim; }
String getUserIdClaim() throws IdentityProvisioningException { String userIDClaim = this.configs.getProperty(GoogleConnectorConstants.PropertyConfig.USER_ID_CLAIM); if (StringUtils.isBlank(userIDClaim)) { log.warn("Claim for user id is not defined in config. Using " + GoogleConnectorConstants.ATTRIBUTE_PRIMARYEMAIL + "'s claim instead"); userIDClaim = this.configs.getProperty(GoogleConnectorConstants.ATTRIBUTE_PRIMARYEMAIL); } if (StringUtils.isBlank(userIDClaim)) { log.warn("Claim for user id is set to default value : " + "http://wso2.org/claims/streetaddress"); //TODO make userIDClaim read from UI\DB userIDClaim = "http://wso2.org/claims/streetaddress"; } if (StringUtils.isBlank(userIDClaim)) { log.error("UserId cannot mapped to a claim"); throw new IdentityProvisioningException("UserId cannot mapped to a claim"); } if (log.isDebugEnabled()) { log.debug("Mapped claim for UserId is : " + userIDClaim); } return userIDClaim; }
private boolean evaluateXACMLResponse(String xacmlResponse) throws IdentityProvisioningException { try { DocumentBuilderFactory documentBuilderFactory = IdentityUtil.getSecuredDocumentBuilderFactory(); DocumentBuilder db = documentBuilderFactory.newDocumentBuilder(); InputSource is = new InputSource(); is.setCharacterStream(new StringReader(xacmlResponse)); Document doc = db.parse(is); String decision = ""; NodeList decisionNode = doc.getDocumentElement().getElementsByTagName( ProvisioningRuleConstanats.XACML_RESPONSE_DECISION_NODE); if (decisionNode != null && decisionNode.item(0) != null) { decision = decisionNode.item(0).getTextContent(); } if (decision.equalsIgnoreCase(EntitlementPolicyConstants.RULE_EFFECT_PERMIT) || decision.equalsIgnoreCase(EntitlementPolicyConstants.RULE_EFFECT_NOT_APPLICABLE)) { return true; } } catch (ParserConfigurationException | SAXException | IOException e) { throw new IdentityProvisioningException("Exception occurred while xacmlResponse processing", e); } return false; }
private boolean evaluateXACMLResponse(String xacmlResponse) throws IdentityProvisioningException { try { DocumentBuilderFactory documentBuilderFactory = IdentityUtil.getSecuredDocumentBuilderFactory(); DocumentBuilder db = documentBuilderFactory.newDocumentBuilder(); InputSource is = new InputSource(); is.setCharacterStream(new StringReader(xacmlResponse)); Document doc = db.parse(is); String decision = ""; NodeList decisionNode = doc.getDocumentElement().getElementsByTagName( ProvisioningRuleConstanats.XACML_RESPONSE_DECISION_NODE); if (decisionNode != null && decisionNode.item(0) != null) { decision = decisionNode.item(0).getTextContent(); } if (decision.equalsIgnoreCase(EntitlementPolicyConstants.RULE_EFFECT_PERMIT) || decision.equalsIgnoreCase(EntitlementPolicyConstants.RULE_EFFECT_NOT_APPLICABLE)) { return true; } } catch (ParserConfigurationException | SAXException | IOException e) { throw new IdentityProvisioningException("Exception occurred while xacmlResponse processing", e); } return false; }
private void executeOutboundProvisioning(ProvisioningEntity provisioningEntity, ExecutorService executors, String connectorType, String idPName, Callable<Boolean> proThread, boolean isBlocking) throws IdentityProvisioningException { if (!isBlocking) { executors.submit(proThread); } else { try { boolean success = proThread.call(); if (!success) { if (executors != null) { executors.shutdown(); } throw new IdentityProvisioningException (generateMessageOnFailureProvisioningOperation(idPName, connectorType, provisioningEntity)); //DO Rollback } } catch (Exception e) { //call() of Callable interface throws this exception handleException(idPName, connectorType, provisioningEntity, executors, e); } } }
private void executeOutboundProvisioning(ProvisioningEntity provisioningEntity, ExecutorService executors, String connectorType, String idPName, Callable<Boolean> proThread, boolean isBlocking) throws IdentityProvisioningException { if (!isBlocking) { executors.submit(proThread); } else { try { boolean success = proThread.call(); if (!success) { if (executors != null) { executors.shutdown(); } throw new IdentityProvisioningException (generateMessageOnFailureProvisioningOperation(idPName, connectorType, provisioningEntity)); //DO Rollback } } catch (Exception e) { //call() of Callable interface throws this exception handleException(idPName, connectorType, provisioningEntity, executors, e); } } }
/** * @param provisioningEntity * @throws IdentityProvisioningException */ private void deleteUser(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { JSONObject entity = new JSONObject(); try { entity.put(SalesforceConnectorConstants.IS_ACTIVE, false); entity.put(SalesforceConnectorConstants.USERNAME_ATTRIBUTE, alterUsername(provisioningEntity)); update(provisioningEntity.getIdentifier().getIdentifier(), entity); } catch (JSONException e) { log.error("Error while creating JSON body"); throw new IdentityProvisioningException(e); } }
/** * adding OAuth authorization headers to a httpMethod * * @param httpMethod method which wants to add Authorization header */ private void setAuthorizationHeader(HttpMethodBase httpMethod) throws IdentityProvisioningException { boolean isDebugEnabled = log.isDebugEnabled(); String accessToken = authenticate(); if (StringUtils.isNotBlank(accessToken)) { httpMethod.setRequestHeader(SalesforceConnectorConstants.AUTHORIZATION_HEADER_NAME, SalesforceConnectorConstants.AUTHORIZATION_HEADER_OAUTH + " " + accessToken); if (isDebugEnabled) { log.debug("Setting authorization header for method : " + httpMethod.getName() + " as follows,"); Header authorizationHeader = httpMethod .getRequestHeader(SalesforceConnectorConstants.AUTHORIZATION_HEADER_NAME); log.debug(authorizationHeader.getName() + ": " + authorizationHeader.getValue()); } } else { throw new IdentityProvisioningException("Authentication failed"); } }
/** * Alter username while changing user to active state to inactive state. This is necessary when adding previously * deleted users. * * @param provisioningEntity * @return * @throws IdentityProvisioningException */ protected String alterUsername(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { if (StringUtils.isBlank(provisioningEntity.getEntityName())) { throw new IdentityProvisioningException("Could Not Find Entity Name from Provisioning Entity"); } String alteredUsername = SalesforceConnectorConstants.SALESFORCE_OLD_USERNAME_PREFIX + UUIDGenerator.generateUUID() + provisioningEntity.getEntityName(); if (log.isDebugEnabled()) { log.debug("Alter username: " + provisioningEntity.getEntityName() + " to: " + alteredUsername + "while deleting user"); } return alteredUsername; } }
/** * Deletes the user. * * @param userEntity * @throws IdentityProvisioningException */ private void deleteUser(ProvisioningEntity userEntity) throws IdentityProvisioningException { String userName = null; try { List<String> userNames = getUserNames(userEntity.getAttributes()); if (CollectionUtils.isNotEmpty(userNames)) { userName = userNames.get(0); } User user = new User(); user.setUserName(userName); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, user, null); scimProvsioningClient.provisionDeleteUser(); } catch (Exception e) { throw new IdentityProvisioningException("Error while deleting user : " + userName, e); } }
/** * Deletes the group. * * @param groupEntity * @throws IdentityProvisioningException */ private void deleteGroup(ProvisioningEntity groupEntity) throws IdentityProvisioningException { String groupName = null; try { List<String> groupNames = getGroupNames(groupEntity.getAttributes()); if (CollectionUtils.isNotEmpty(groupNames)) { groupName = groupNames.get(0); } Group group = new Group(); group.setDisplayName(groupName); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, group, null); scimProvsioningClient.provisionDeleteGroup(); } catch (Exception e) { throw new IdentityProvisioningException("Error while deleting group : " + groupName, e); } }
protected String createUser(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { boolean isDebugEnabled = log.isDebugEnabled(); if (isDebugEnabled) { log.debug("Triggering create operation for Google Provisioning Connector"); } User createdUser = null; try { User newUser = new User(); newUser = buildGoogleUser(provisioningEntity); Directory.Users.Insert request = getDirectoryService().users().insert(newUser); createdUser = request.execute(); } catch (IOException e) { throw new IdentityProvisioningException("Error while creating user : " + provisioningEntity.getEntityName(), e); } if (isDebugEnabled) { log.debug("Returning created user's email : " + createdUser.getPrimaryEmail()); } if (log.isTraceEnabled()) { log.trace("Ending createUser() of " + GoogleProvisioningConnector.class); } return createdUser.getPrimaryEmail(); }
protected String createUser(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { boolean isDebugEnabled = log.isDebugEnabled(); if (isDebugEnabled) { log.debug("Triggering create operation for Google Provisioning Connector"); } User createdUser; try { User newUser = buildGoogleUser(provisioningEntity); Directory.Users.Insert request = getDirectoryService().users().insert(newUser); createdUser = request.execute(); } catch (IOException e) { throw new IdentityProvisioningException("Error while creating user: " + provisioningEntity.getEntityName(), e); } if (isDebugEnabled) { log.debug("Returning created user's email: " + createdUser.getPrimaryEmail()); } return createdUser.getPrimaryEmail(); }
/** * Creates the user. * * @param userEntity * @throws UserStoreException */ private void createUser(ProvisioningEntity userEntity) throws IdentityProvisioningException { String userName = null; try { List<String> userNames = getUserNames(userEntity.getAttributes()); if (CollectionUtils.isNotEmpty(userNames)) { userName = userNames.get(0); } // get single-valued claims Map<String, String> singleValued = getSingleValuedClaims(userEntity.getAttributes()); // if user created through management console, claim values are not present. User user = (User) SCIMClaimResolver.constructSCIMObjectFromAttributes(singleValued, 1); user.setUserName(userName); setUserPassword(user, userEntity); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, user, null); scimProvsioningClient.provisionCreateUser(); } catch (Exception e) { throw new IdentityProvisioningException("Error while creating the user : " + userName, e); } }