@NotNull @Override public SyncResult sync(@NotNull ExternalIdentity identity) throws SyncException { throw new SyncException("sync " + identity); }
@NotNull @Override public SyncResult sync(@NotNull String id) throws SyncException { throw new SyncException("sync " + id); } };
/** * Retrieves the repository authorizable that corresponds to the given external identity * @param external the external identity * @param type the authorizable type * @return the repository authorizable or {@code null} if not found. * @throws RepositoryException if an error occurs. * @throws SyncException if the repository contains a colliding authorizable with the same name. */ @Nullable protected <T extends Authorizable> T getAuthorizable(@NotNull ExternalIdentity external, @NotNull Class<T> type) throws RepositoryException, SyncException { Authorizable authorizable = userManager.getAuthorizable(external.getId()); if (authorizable == null) { authorizable = userManager.getAuthorizable(external.getPrincipalName()); } if (authorizable == null) { return null; } else if (type.isInstance(authorizable)) { //noinspection unchecked return (T) authorizable; } else { log.error("Unable to process external {}: {}. Colliding authorizable exists in repository.", type.getSimpleName(), external.getId()); throw new SyncException("Unexpected authorizable: " + authorizable); } }
/** * Initiates synchronization of a possible remove user * @param id the user id */ private void validateUser(@NotNull String id) throws SyncException { SyncContext context = null; try { Root root = getRoot(); if (root == null) { throw new SyncException("Cannot synchronize user. root == null"); } UserManager userManager = getUserManager(); if (userManager == null) { throw new SyncException("Cannot synchronize user. userManager == null"); } DebugTimer timer = new DebugTimer(); context = syncHandler.createContext(idp, userManager, new ValueFactoryImpl(root, NamePathMapper.DEFAULT)); context.sync(id); timer.mark("sync"); root.commit(); timer.mark("commit"); debug("validateUser({}) {}", id, timer.getString()); } catch (CommitFailedException e) { throw new SyncException("User synchronization failed during commit.", e); } finally { if (context != null) { context.close(); } } }
@NotNull @Override public SyncResult sync(@NotNull ExternalIdentity identity) throws SyncException { if (identity instanceof ExternalUser) { return super.sync(identity); } else if (identity instanceof ExternalGroup) { try { Group group = getAuthorizable(identity, Group.class); if (group != null) { // group has been synchronized before -> continue updating for consistency. return syncGroup((ExternalGroup) identity, group); } else { // external group has never been synchronized before: // don't sync external groups into the repository internal user management // but limit synchronized information to group-principals stored // separately with each external user such that the subject gets // properly populated upon login ExternalIdentityRef ref = identity.getExternalId(); log.debug("ExternalGroup {}: Not synchronized as authorizable Group into the repository.", ref.getString()); SyncResult.Status status = (isSameIDP(ref)) ? SyncResult.Status.NOP : SyncResult.Status.FOREIGN; return new DefaultSyncResultImpl(new DefaultSyncedIdentity(identity.getId(), ref, true, -1), status); } } catch (RepositoryException e) { throw new SyncException(e); } } else { throw new IllegalArgumentException("identity must be user or group but was: " + identity); } }
Root root = getRoot(); if (root == null) { throw new SyncException("Cannot synchronize user. root == null"); throw new SyncException("Cannot synchronize user. userManager == null"); throw new SyncException("User synchronization failed during commit after " + MAX_SYNC_ATTEMPTS + " attempts");
throw new SyncException(e);
throw new SyncException(e);