private long getCleanupTimeout(String type, int tenantId) { if (isTempCache(type)) { return TimeUnit.MINUTES.toNanos(IdentityUtil.getTempDataCleanUpTimeout()); } else if (tenantId != MultitenantConstants.INVALID_TENANT_ID) { String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); return TimeUnit.SECONDS.toNanos(IdPManagementUtil.getRememberMeTimeout(tenantDomain)); } else { return TimeUnit.MINUTES.toNanos(IdentityUtil.getCleanUpTimeout()); } }
private long getCleanupTimeout(String type, int tenantId) { if (isTempCache(type)) { return TimeUnit.MINUTES.toNanos(IdentityUtil.getTempDataCleanUpTimeout()); } else if (tenantId != MultitenantConstants.INVALID_TENANT_ID) { String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); return TimeUnit.SECONDS.toNanos(IdPManagementUtil.getRememberMeTimeout(tenantDomain)); } else { return TimeUnit.MINUTES.toNanos(IdentityUtil.getCleanUpTimeout()); } }
String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId);
String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId);
public static String getTenantDomain(UserStoreManager userStoreManager) { try { return IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId()); } catch (UserStoreException e) { throw AccountLockRuntimeException.error(e.getMessage(), e); } }
public static String getTenantDomain(UserStoreManager userStoreManager) { try { return IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId()); } catch (UserStoreException e) { throw AccountLockRuntimeException.error(e.getMessage(), e); } }
/** * Delete federated user account associations a user has upon deleting the local user account. * * @param userName * @param userStoreManager * @return * @throws UserStoreException */ @Override public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (StringUtils.isBlank(userStoreDomain)) { userStoreDomain = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME; } int tenantId = userStoreManager.getTenantId(); if (log.isDebugEnabled()) { log.debug("doPreDeleteUser method executed in ProfileMgtEventListener for user:" + getFullQualifiedUsername(userName, userStoreDomain, IdentityTenantUtil.getTenantDomain(tenantId))); } deleteFederatedIdpAccountAssociations(userName, userStoreDomain, tenantId); return true; }
/** * Delete federated user account associations a user has upon deleting the local user account. * * @param userName * @param userStoreManager * @return * @throws UserStoreException */ @Override public boolean doPreDeleteUser(String userName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (StringUtils.isBlank(userStoreDomain)) { userStoreDomain = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME; } int tenantId = userStoreManager.getTenantId(); if (log.isDebugEnabled()) { log.debug("doPreDeleteUser method executed in ProfileMgtEventListener for user:" + getFullQualifiedUsername(userName, userStoreDomain, IdentityTenantUtil.getTenantDomain(tenantId))); } deleteFederatedIdpAccountAssociations(userName, userStoreDomain, tenantId); return true; }
@Override public boolean doPreSetUserClaimValues(String userName, Map<String, String> claims, String profileName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } if (log.isDebugEnabled()) { String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (StringUtils.isBlank(userStoreDomain)) { userStoreDomain = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME; } String tenantDomain = IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId()); log.debug("doPreSetUserClaimValues method executed in ProfileMgtEventListener for user: " + getFullQualifiedUsername(userName, userStoreDomain, tenantDomain)); } //The following black listed patterns contain possible invalid inputs for profile which could be used for a // stored XSS attack. String[] whiteListPatternKeys = {ALPHANUMERICS_ONLY, DIGITS_ONLY}; String[] blackListPatternKeys = {WHITESPACE_EXISTS, URI_RESERVED_EXISTS, HTML_META_EXISTS, XML_META_EXISTS, REGEX_META_EXISTS, URL}; if (!IdentityValidationUtil.isValid(profileName, whiteListPatternKeys, blackListPatternKeys)) { throw new UserStoreException("profile name contains invalid characters!"); } return true; }
@Override public boolean doPreSetUserClaimValues(String userName, Map<String, String> claims, String profileName, UserStoreManager userStoreManager) throws UserStoreException { if (!isEnable()) { return true; } if (log.isDebugEnabled()) { String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); if (StringUtils.isBlank(userStoreDomain)) { userStoreDomain = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME; } String tenantDomain = IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId()); log.debug("doPreSetUserClaimValues method executed in ProfileMgtEventListener for user: " + getFullQualifiedUsername(userName, userStoreDomain, tenantDomain)); } //The following black listed patterns contain possible invalid inputs for profile which could be used for a // stored XSS attack. String[] whiteListPatternKeys = {ALPHANUMERICS_ONLY, DIGITS_ONLY}; String[] blackListPatternKeys = {WHITESPACE_EXISTS, URI_RESERVED_EXISTS, HTML_META_EXISTS, XML_META_EXISTS, REGEX_META_EXISTS, URL}; if (!IdentityValidationUtil.isValid(profileName, whiteListPatternKeys, blackListPatternKeys)) { throw new UserStoreException("profile name contains invalid characters!"); } return true; }
User user = new User(); user.setUserName(resultSet.getString("USER_NAME")); user.setTenantDomain(IdentityTenantUtil.getTenantDomain(resultSet.getInt("TENANT_ID"))); user.setUserStoreDomain(resultSet.getString("USER_DOMAIN"));
private void sendEmail(String userName, int tenantId, String notification) { UserRecoveryDTO dto; String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) { dto = new UserRecoveryDTO(userName); } else { UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain)); userDTO.setTenantId(tenantId); dto = new UserRecoveryDTO(userDTO); } dto.setNotification(notification); dto.setNotificationType(EMAIL_NOTIFICATION_TYPE); try { IdentityMgtServiceComponent.getRecoveryProcessor().recoverWithNotification(dto); } catch (IdentityException e) { //proceed with the rest of the flow even if the email is not sent log.error("Email notification sending failed for user:" + userName + " for " + notification); } }
private void sendEmail(String userName, int tenantId, String notification) { UserRecoveryDTO dto; String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) { dto = new UserRecoveryDTO(userName); } else { UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain)); userDTO.setTenantId(tenantId); dto = new UserRecoveryDTO(userDTO); } dto.setNotification(notification); dto.setNotificationType(EMAIL_NOTIFICATION_TYPE); try { IdentityMgtServiceComponent.getRecoveryProcessor().recoverWithNotification(dto); } catch (IdentityException e) { //proceed with the rest of the flow even if the email is not sent log.error("Email notification sending failed for user:" + userName + " for " + notification); } } }
/** * Remove user claims from ClaimCache * * @param userName */ private boolean removeUserClaimsFromCache(String userName, UserStoreManager userStoreManager) throws UserStoreException { ClaimCache claimCache = ClaimCache.getInstance(); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(userName); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId())); authenticatedUser.setUserStoreDomain(UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration())); ClaimCacheKey cacheKey = new ClaimCacheKey(authenticatedUser); if (cacheKey != null) { claimCache.clearCacheEntry(cacheKey); } return true; }
/** * Remove user claims from ClaimCache * * @param userName */ private boolean removeUserClaimsFromCache(String userName, UserStoreManager userStoreManager) throws UserStoreException { ClaimCache claimCache = ClaimCache.getInstance(); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(userName); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId())); authenticatedUser.setUserStoreDomain(UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration())); ClaimCacheKey cacheKey = new ClaimCacheKey(authenticatedUser); if (cacheKey != null) { claimCache.clearCacheEntry(cacheKey); } return true; }
.get(IdentityEventConstants.EventProperty.USER_STORE_MANAGER); int userTenantId = userStoreManager.getRealmConfiguration().getTenantId(); String userTenantDomain = IdentityTenantUtil.getTenantDomain(userTenantId); userData.setTenantDomain(userTenantDomain);
Registry registry = null; try { String tenantDomain = IdentityTenantUtil.getTenantDomain(recoveryDataDO.getTenantId()); IdentityTenantUtil.initializeRegistry(recoveryDataDO.getTenantId(), tenantDomain); registry = IdentityMgtServiceComponent.getRegistryService().
private void removeTokensFromCache(String userName, UserStoreManager userStoreManager) throws UserStoreException { String userStoreDomain = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()); String tenantDomain = IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId()); Set<String> accessTokens; Set<String> authorizationCodes; AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserStoreDomain(userStoreDomain); authenticatedUser.setTenantDomain(tenantDomain); authenticatedUser.setUserName(userName); try { accessTokens = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getAccessTokensByUser(authenticatedUser); authorizationCodes = OAuthTokenPersistenceFactory.getInstance() .getAuthorizationCodeDAO().getAuthorizationCodesByUser(authenticatedUser); removeAccessTokensFromCache(accessTokens); removeAuthzCodesFromCache(authorizationCodes); } catch (IdentityOAuth2Exception e) { String errorMsg = "Error occurred while retrieving access tokens issued for user : " + userName; log.error(errorMsg, e); } }
/** * Remove ClaimCache Entry if available. * * @param username * @param userStoreManager */ private void removeClaimCacheEntry(String username, UserStoreManager userStoreManager) throws UserStoreException { AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(username); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId())); authenticatedUser.setUserStoreDomain(UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration())); ClaimMetaDataCacheEntry cacheEntry = ClaimMetaDataCache.getInstance().getValueFromCache( new ClaimMetaDataCacheKey(authenticatedUser)); if(cacheEntry == null) { return; } ClaimCache.getInstance().clearCacheEntry(cacheEntry.getClaimCacheKey()); } }
/** * Remove ClaimCache Entry if available. * * @param username * @param userStoreManager */ private void removeClaimCacheEntry(String username, UserStoreManager userStoreManager) throws UserStoreException { AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(username); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(userStoreManager.getTenantId())); authenticatedUser.setUserStoreDomain(UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration())); ClaimMetaDataCacheEntry cacheEntry = ClaimMetaDataCache.getInstance().getValueFromCache( new ClaimMetaDataCacheKey(authenticatedUser)); if(cacheEntry == null) { return; } ClaimCache.getInstance().clearCacheEntry(cacheEntry.getClaimCacheKey()); } }