private void handleCrossDomainPermission(String receiptId) throws ConsentManagementException { String tenantDomain = ConsentUtils.getTenantDomainFromCarbonContext(); Receipt receipt = consentManager.getReceipt(receiptId); if (receipt != null) { if (StringUtils.equals(receipt.getTenantDomain(), tenantDomain)) { return; } else if (receipt.getServices().stream().anyMatch(service -> StringUtils.equals(service.getTenantDomain(), tenantDomain))) { return; } } String message = String.format(ERROR_CODE_RECEIPT_ID_INVALID.getMessage(), receiptId) + " in tenant: " + tenantDomain; throw new ConsentManagementClientException(message, ERROR_CODE_RECEIPT_ID_INVALID.getCode()); }
private List<ClaimMetaData> getConsentClaimsFromReceipt(Receipt receipt) { List<ReceiptService> services = receipt.getServices(); List<PIICategoryValidity> piiCategories = getPIICategoriesFromServices(services); List<ClaimMetaData> claimsFromPIICategoryValidity = getClaimsFromPIICategoryValidity(piiCategories); if (isDebugEnabled()) { String message = String.format("User: %s has provided consent in receipt: %s for claims: " + claimsFromPIICategoryValidity, receipt.getPiiPrincipalId(), receipt.getConsentReceiptId()); logDebug(message); } return claimsFromPIICategoryValidity; }
private List<ClaimMetaData> getAllUserApprovedClaims(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser, UserConsent userConsent) throws SSOConsentServiceException { List<ClaimMetaData> claimsWithConsent = new ArrayList<>(); claimsWithConsent.addAll(userConsent.getApprovedClaims()); String spName = serviceProvider.getApplicationName(); String spTenantDomain = getSPTenantDomain(serviceProvider); String subject = buildSubjectWithUserStoreDomain(authenticatedUser); Receipt receipt = getConsentReceiptOfUser(serviceProvider, authenticatedUser, spName, spTenantDomain, subject); if (receipt == null) { return claimsWithConsent; } List<PIICategoryValidity> piiCategoriesFromServices = getPIICategoriesFromServices(receipt.getServices()); List<ClaimMetaData> claimsFromPIICategoryValidity = getClaimsFromPIICategoryValidity(piiCategoriesFromServices); claimsWithConsent.addAll(claimsFromPIICategoryValidity); return getDistinctClaims(claimsWithConsent); }
private List<ClaimMetaData> getConsentClaimsFromReceipt(Receipt receipt) { List<ReceiptService> services = receipt.getServices(); List<PIICategoryValidity> piiCategories = getPIICategoriesFromServices(services); List<ClaimMetaData> claimsFromPIICategoryValidity = getClaimsFromPIICategoryValidity(piiCategories); if (isDebugEnabled()) { String message = String.format("User: %s has provided consent in receipt: %s for claims: " + claimsFromPIICategoryValidity, receipt.getPiiPrincipalId(), receipt.getConsentReceiptId()); logDebug(message); } return claimsFromPIICategoryValidity; }
private List<ClaimMetaData> getAllUserApprovedClaims(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser, UserConsent userConsent) throws SSOConsentServiceException { List<ClaimMetaData> claimsWithConsent = new ArrayList<>(); claimsWithConsent.addAll(userConsent.getApprovedClaims()); String spName = serviceProvider.getApplicationName(); String spTenantDomain = getSPTenantDomain(serviceProvider); String subject = buildSubjectWithUserStoreDomain(authenticatedUser); Receipt receipt = getConsentReceiptOfUser(serviceProvider, authenticatedUser, spName, spTenantDomain, subject); if (receipt == null) { return claimsWithConsent; } List<PIICategoryValidity> piiCategoriesFromServices = getPIICategoriesFromServices(receipt.getServices()); List<ClaimMetaData> claimsFromPIICategoryValidity = getClaimsFromPIICategoryValidity(piiCategoriesFromServices); claimsWithConsent.addAll(claimsFromPIICategoryValidity); return getDistinctClaims(claimsWithConsent); }
private void populateTenantDomain(Receipt receipt) throws ConsentManagementServerException { receipt.setTenantDomain(ConsentUtils.getTenantDomain(realmService, receipt.getTenantId())); receipt.getServices().forEach(rethrowConsumer(receiptService -> receiptService.setTenantDomain(ConsentUtils .getTenantDomain(realmService, receiptService.getTenantId())))); }
public void deleteReceipt(String receiptID) throws ConsentManagementException { Receipt receipt = getReceipt(receiptID); if (receipt == null) { throw ConsentUtils.handleServerException(ErrorMessages.ERROR_CODE_DELETE_RECEIPT, String .valueOf(receiptID)); } JdbcTemplate jdbcTemplate = JdbcUtils.getNewTemplate(); try { jdbcTemplate.withTransaction(template -> { receipt.getServices().forEach(rethrowConsumer(receiptService -> { int receiptToServiceId = receiptService.getReceiptToServiceId(); receiptService.getPurposes().forEach(rethrowConsumer(consentPurpose -> { int serviceToPurposeId = consentPurpose.getServiceToPurposeId(); deleteSpPurposeToPiiCategoryAssociation(serviceToPurposeId); deleteSpPurposeToPurposeCategoryAssociation(serviceToPurposeId); })); deleteSpToPurposeAssociation(receiptToServiceId); })); deleteReceiptSPAssociation(receiptID); deleteReceiptProperties(receiptID); deleteReceiptOnly(receiptID); return null; }); } catch (TransactionException e) { throw ConsentUtils.handleServerException(ErrorMessages.ERROR_CODE_DELETE_RECEIPT, receiptID, e); } }
consentReceiptDTO.setVersion(receipt.getVersion()); consentReceiptDTO.setState(receipt.getState()); consentReceiptDTO.setServices(receipt.getServices().stream().map(receiptService -> { ServiceDTO serviceDTO = new ServiceDTO(); serviceDTO.setService(receiptService.getService());