@Override public String serializeToString() { StringBuilder str = new StringBuilder(); return str.append(this.getClass().getSimpleName()).append(":[").append( "id=<").append(getId()).append(">").append( ", login=<").append(getLogin() == null ? "\\0" : BeansUtils.createEscaping(getLogin())).append(">").append( ", source=<").append(extSource == null ? "\\0" : getExtSource().serializeToString()).append(">").append( ", userId=<").append(getUserId()).append(">").append( ", loa=<").append(getLoa()).append(">").append( ']').toString(); }
private static UserExtSource createUserExtSource(Map<String, String> beanAttr) { if(beanAttr==null) return null; UserExtSource userExtSource = new UserExtSource(); userExtSource.setId(Integer.valueOf(beanAttr.get("id"))); userExtSource.setLoa(Integer.valueOf(beanAttr.get("loa"))); userExtSource.setLogin(BeansUtils.eraseEscaping(beanAttr.get("login"))); //Add userId if exists if(beanAttr.get("userId") != null) userExtSource.setUserId(Integer.valueOf(beanAttr.get("userId"))); //Parse and get ExtSource ExtSource extSource; if(beanAttr.get("source").equals("\\0")) extSource = null; else { List<Pair<String, Map<String, String>>> extSourceList = beansToMap(beanAttr.get("source")); extSource = createExtSource(extSourceList.get(0).getRight()); } userExtSource.setExtSource(extSource); return userExtSource; }
@Override public int compareTo(PerunBean perunBean) { if(perunBean == null) throw new NullPointerException("PerunBean to compare with is null."); if(perunBean instanceof UserExtSource) { UserExtSource userExtSource = (UserExtSource) perunBean; int compare; //Compare on extSource if (this.getExtSource() == null && userExtSource.getExtSource() != null) compare = -1; else if (userExtSource.getExtSource() == null && this.getExtSource() != null) compare = 1; else if (this.getExtSource() == null && userExtSource.getExtSource() == null) compare = 0; else compare = this.getExtSource().compareTo(userExtSource.getExtSource()); if(compare != 0) return compare; //Compare on login if (this.getLogin()== null && userExtSource.getLogin() != null) compare = -1; else if (userExtSource.getLogin() == null && this.getLogin() != null) compare = 1; else if (this.getLogin()== null && userExtSource.getLogin() == null) compare = 0; else compare = this.getLogin().compareToIgnoreCase(userExtSource.getLogin()); if(compare != 0) return compare; //Compare to id if not return (this.getId() - perunBean.getId()); } else { return (this.getId() - perunBean.getId()); } } }
for (UserExtSource ues : u.getUserExtSources()) { if (ues.getExtSource().getType().equals(ExtSourcesManagerEntry.EXTSOURCE_X509)) { es.add(ues.getExtSource()); } else if (ues.getExtSource().getType().equals(ExtSourcesManagerEntry.EXTSOURCE_IDP)) { if (ues.getExtSource().getName().equals("https://extidp.cesnet.cz/idp/shibboleth")) { String type = ues.getLogin().split("@")[1].split("\\.")[0]; ues.getExtSource().setName("https://extidp.cesnet.cz/idp/shibboleth&authnContextClassRef=urn:cesnet:extidp:authn:"+type); if (uesAttr.getValue() != null && !((String) uesAttr.getValue()).isEmpty()) { ues.getExtSource().setId(0); ues.getExtSource().setName((String) uesAttr.getValue()); es.add(ues.getExtSource()); } else if (ues.getExtSource().getType().equals(ExtSourcesManagerEntry.EXTSOURCE_KERBEROS)) { es.add(ues.getExtSource());
/** * Creates ExtSource and UserExtSource if necessary for the purpose of joining users identities. * * @param user User to add UES to * @param actor Actor to add * @param extSourceName ExtSource name to add * @param extSourceType ExtSource type to add * @param loa loa in ext source * @return created UserExtSource * @throws PerunException when anything fails */ private UserExtSource createExtSourceAndUserExtSource(User user, String actor, String extSourceName, String extSourceType, int loa) throws PerunException { ExtSource extSource = new ExtSource(extSourceName, extSourceType); try { extSource = perun.getExtSourcesManagerBl().getExtSourceByName(registrarSession, extSourceName); } catch (ExtSourceNotExistsException ex) { extSource = perun.getExtSourcesManager().createExtSource(registrarSession, extSource, null); } UserExtSource ues = new UserExtSource(); ues.setLogin(actor); ues.setLoa(loa); ues.setExtSource(extSource); return perun.getUsersManager().addUserExtSource(registrarSession, user, ues); }
@Override public void canBeApproved(PerunSession session, Application app) throws PerunException { // check if submitted from trusted IdP if (!Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", app.getExtSourceName())) { // submitted by untrusted IdP PerunBl perun = (PerunBl) session.getPerun(); User user = null; // check if user is known if (app.getUser() != null) { user = app.getUser(); } else { try { user = perun.getUsersManagerBl().getUserByExtSourceNameAndExtLogin(session, app.getExtSourceName(), app.getCreatedBy()); } catch (Exception ex) { // unable to find user -> untrusted IdP throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true); } } List<UserExtSource> ueses = perun.getUsersManagerBl().getUserExtSources(session, user); for (UserExtSource ues : ueses) { if (Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", ues.getExtSource().getName())) { // user has trusted identity return; } } throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true); } // submitted from trusted IdP }
/** * Create proper UserExtSource */ @Override public Application approveApplication(PerunSession session, Application app) throws PerunException { PerunBl perun = (PerunBl)session.getPerun(); User user = app.getUser(); if (user == null) { log.error("At the end of approval action, we should have user present in application: {}", app); } else { Attribute userLogin = perun.getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":login-namespace:lifescience-hostel"); if (userLogin.getValue() != null) { ExtSource extSource = perun.getExtSourcesManagerBl().getExtSourceByName(session, "https://login.bbmri-eric.eu/lshostel/"); UserExtSource ues = new UserExtSource(extSource, userLogin + "@lifescience-hostel.org"); ues.setLoa(0); try { perun.getUsersManagerBl().addUserExtSource(session, user, ues); } catch (UserExtSourceExistsException ex) { // this is OK } } // User doesn't have login - don't set UES } return app; }
UserExtSource userExtSource = new UserExtSource(extSource, dn); try { perun.getUsersManagerBl().addUserExtSource(session, user, userExtSource);
for (UserExtSource es : ues) { if (es.getExtSource().getName().equalsIgnoreCase("LDAPMU")) { authorId = es.getLogin(); // get only UCO break; } else if (es.getExtSource().getName().equalsIgnoreCase("https://idp2.ics.muni.cz/idp/shibboleth")){ authorId = es.getLogin().substring(0, es.getLogin().indexOf("@")); // get only UCO from UCO@mail.muni.cz break;
" and a.created_by=? and a.extsourcename=? and a.extsourcetype=?", APP_MAPPER, vo.getId(), AppState.VERIFIED.toString(), ue.getLogin(), ue.getExtSource().getName(), ue.getExtSource().getType());
List<String> extLogins = new ArrayList<>(); for(UserExtSource ues: userExtSources) { if(ues != null && ues.getExtSource() != null) { String type = ues.getExtSource().getType(); if(type != null) { if(type.equals(ExtSourcesManager.EXTSOURCE_IDP)) { String extLogin; extLogin = ues.getLogin(); if(extLogin == null) extLogin = ""; writer.write("eduPersonPrincipalNames: " + extLogin + '\n');
if(this.userExtSource.getExtSource() != null && this.userExtSource.getExtSource().getType() != null) { String extLogin; if(this.userExtSource.getExtSource().getType().equals(ExtSourcesManager.EXTSOURCE_IDP)) { extLogin = this.userExtSource.getLogin(); if(extLogin == null) extLogin = ""; updateUserAttribute(ldapAttrEduPersonPrincipalNames, extLogin, LdapOperation.ADD_ATTRIBUTE, user); if(this.userExtSource.getExtSource() != null && this.userExtSource.getExtSource().getType() != null) { String extLogin; if(this.userExtSource.getExtSource().getType().equals(ExtSourcesManager.EXTSOURCE_IDP)) { extLogin = this.userExtSource.getLogin(); if(extLogin == null) extLogin = ""; updateUserAttribute(ldapAttrEduPersonPrincipalNames, extLogin, LdapOperation.REMOVE_ATTRIBUTE, this.user);