/** * Return a SCIMUser object as defined in SCIM schema * * @return */ public User createUser() { return new User(); }
public Group createGroup() { return new Group(); }
/** * Sets the password for the user. * * @param user * @param password * @throws CharonException * @throws BadRequestException */ private void setPassword(User user, String password) throws CharonException, BadRequestException { if (user.isAttributeExist(SCIMConstants.UserSchemaConstants.PASSWORD)) { ((SimpleAttribute) user.getAttributeList().get(SCIMConstants.UserSchemaConstants.PASSWORD)). updateValue(password); } else { SimpleAttribute simpleAttribute = new SimpleAttribute(SCIMConstants.UserSchemaConstants.PASSWORD, password); simpleAttribute = (SimpleAttribute) DefaultAttributeFactory. createAttribute(SCIMSchemaDefinitions.SCIMUserSchemaDefinition.PASSWORD, simpleAttribute); user.getAttributeList().put(SCIMConstants.UserSchemaConstants.PASSWORD, simpleAttribute); } }
private SCIMObject decodeSCIMResponse(String scimResponse, JSONDecoder decoder, int resourceType) throws AbstractCharonException { switch (resourceType) { case 1: User userObject = (User) decoder.decodeResource(scimResponse, SCIMSchemaDefinitions.SCIM_USER_SCHEMA, new User()); ClientSideValidator.validateRetrievedSCIMObject(userObject, SCIMSchemaDefinitions.SCIM_USER_SCHEMA); return userObject; case 2: Group groupObject = (Group) decoder.decodeResource(scimResponse, SCIMSchemaDefinitions.SCIM_GROUP_SCHEMA, new Group()); ClientSideValidator.validateRetrievedSCIMObject(groupObject, SCIMSchemaDefinitions.SCIM_GROUP_SCHEMA); return groupObject; default: throw new CharonException("Resource type didn't match any existing types."); } }
/** * When adding group through SCIM Resource endpoint, add the group attributes to the * Identity_SCIM_GROUP table, in addition to the ones added in UserStore (i.e display name, users) * * @param group */ public void createSCIMAttributes(Group group) throws IdentitySCIMException { try { Map<String, String> attributes = new HashMap<>(); attributes.put(SCIMConstants.CommonSchemaConstants.ID_URI, group.getId()); attributes.put(SCIMConstants.CommonSchemaConstants.CREATED_URI, AttributeUtil.formatDateTime( group.getCreatedDate())); attributes.put(SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI, AttributeUtil.formatDateTime( group.getLastModified())); attributes.put(SCIMConstants.CommonSchemaConstants.LOCATION_URI, group.getLocation()); GroupDAO groupDAO = new GroupDAO(); groupDAO.addSCIMGroupAttributes(tenantId, group.getDisplayName(), attributes); } catch (CharonException e) { throw new IdentitySCIMException("Error getting group name from SCIM Group.", e); } }
private static void constructSCIMObjectFromSingleValuedAttributesOfLevelTwo( Map.Entry<String, String> attributeEntry, SCIMObject scimObject, String attributeName, AttributeSchema attributeSchema, AttributeSchema parentAttributeSchema) throws CharonException, BadRequestException, NotFoundException { //sub attribute of a complex attribute AttributeSchema subAttributeSchema = attributeSchema; //we assume sub attribute is simple attribute SimpleAttribute simpleAttribute = new SimpleAttribute(attributeName, AttributeUtil. getAttributeValueFromString(attributeEntry.getValue(), subAttributeSchema.getType())); DefaultAttributeFactory.createAttribute(subAttributeSchema, simpleAttribute); //check whether parent attribute exists. if (((AbstractSCIMObject) scimObject).isAttributeExist(parentAttributeSchema.getName())) { ComplexAttribute complexAttribute = (ComplexAttribute) scimObject.getAttribute(parentAttributeSchema. getName()); complexAttribute.setSubAttribute(simpleAttribute); } else { //create parent attribute and set sub attribute ComplexAttribute complexAttribute = new ComplexAttribute(parentAttributeSchema.getName()); complexAttribute.setSubAttribute(simpleAttribute); DefaultAttributeFactory.createAttribute(parentAttributeSchema, complexAttribute); ((AbstractSCIMObject) scimObject).setAttribute(complexAttribute); } }
/** * Get group with only meta attributes. * * @param groupName * @return * @throws CharonException * @throws IdentitySCIMException * @throws org.wso2.carbon.user.core.UserStoreException */ private Group getGroupOnlyWithMetaAttributes(String groupName) throws CharonException, IdentitySCIMException, org.wso2.carbon.user.core.UserStoreException, BadRequestException { //get other group attributes and set. Group group = new Group(); group.setDisplayName(groupName); SCIMGroupHandler groupHandler = new SCIMGroupHandler(carbonUM.getTenantId()); return groupHandler.getGroupWithAttributes(group, groupName); }
/** * Deletes the user. * * @param userEntity * @throws IdentityProvisioningException */ private void deleteUser(ProvisioningEntity userEntity) throws IdentityProvisioningException { String userName = null; try { List<String> userNames = getUserNames(userEntity.getAttributes()); if (CollectionUtils.isNotEmpty(userNames)) { userName = userNames.get(0); } User user = new User(); user.setUserName(userName); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, user, null); scimProvsioningClient.provisionDeleteUser(); } catch (Exception e) { throw new IdentityProvisioningException("Error while deleting user : " + userName, e); } }
private void updateMemberList(Group oldGroup, Group newGroup) throws CharonException, IdentityStoreException { // list to store the new user ids which will be added to the group's members. List<String> newUserIds = new ArrayList<>(); MultiValuedAttribute newMembersAttribute = (MultiValuedAttribute) newGroup.getAttribute(SCIMConstants.GroupSchemaConstants.MEMBERS); //add the member ids to newUserIds list if (newMembersAttribute != null) { List<Attribute> membersValues = newMembersAttribute.getAttributeValues(); for (Attribute attribute : membersValues) { ComplexAttribute attributeValue = (ComplexAttribute) attribute; SimpleAttribute valueAttribute = (SimpleAttribute) attributeValue.getSubAttribute(SCIMConstants.CommonSchemaConstants.VALUE); newUserIds.add((String) valueAttribute.getValue()); } } //TODO : add the domain name here. identityStore.updateUsersOfGroup(oldGroup.getId(), newUserIds); } }
/** * Sets the member to the group. * * @param group * @param userName * @throws BadRequestException * @throws CharonException */ private void setMember(Group group, String userName) throws BadRequestException, CharonException { if (group.isAttributeExist(SCIMConstants.GroupSchemaConstants.MEMBERS)) { MultiValuedAttribute members = (MultiValuedAttribute) group.getAttributeList().get( SCIMConstants.GroupSchemaConstants.MEMBERS); ComplexAttribute complexAttribute = setMemberCommon(userName); members.setAttributeValue(complexAttribute); } else { MultiValuedAttribute members = new MultiValuedAttribute(SCIMConstants.GroupSchemaConstants.MEMBERS); DefaultAttributeFactory.createAttribute(SCIMSchemaDefinitions.SCIMGroupSchemaDefinition.MEMBERS, members); ComplexAttribute complexAttribute = setMemberCommon(userName); members.setAttributeValue(complexAttribute); group.setAttribute(members); } }
private void addSCIMUsers(List<Object> filteredUsers, String[] userNames, List<String> requiredClaims, Map<String, String> scimToLocalClaimsMap) throws CharonException { User scimUser; for (String userName : userNames) { if (CarbonConstants.REGISTRY_ANONNYMOUS_USERNAME.equals(userName)) { continue; } scimUser = this.getSCIMUser(userName, requiredClaims, scimToLocalClaimsMap); //if SCIM-ID is not present in the attributes, skip if (scimUser != null && StringUtils.isBlank(scimUser.getId())) { continue; } filteredUsers.add(scimUser); } }
private void retriveSCIMUsers(List<Object> users, String[] userNames, List<String> requiredClaims, Map<String, String> scimToLocalClaimsMap) throws CharonException { for (String userName : userNames) { if (userName.contains(UserCoreConstants.NAME_COMBINER)) { userName = userName.split("\\" + UserCoreConstants.NAME_COMBINER)[0]; } User scimUser = this.getSCIMUser(userName, requiredClaims, scimToLocalClaimsMap); if (scimUser != null) { Map<String, Attribute> attrMap = scimUser.getAttributeList(); if (attrMap != null && !attrMap.isEmpty()) { users.add(scimUser); } } } }
@Override public Group getGroup(String id, Map<String, Boolean> requiredAttributes) throws CharonException { if (log.isDebugEnabled()) { log.debug("Retrieving group with id: " + id); } Group group = null; try { SCIMGroupHandler groupHandler = new SCIMGroupHandler(carbonUM.getTenantId()); //get group name by Id String groupName = groupHandler.getGroupName(id); if (groupName != null) { group = getGroupWithName(groupName); group.setSchemas(); return group; } else { //returning null will send a resource not found error to client by Charon. return null; } } catch (org.wso2.carbon.user.core.UserStoreException e) { throw new CharonException("Error in retrieving group : " + id, e); } catch (IdentitySCIMException e) { throw new CharonException("Error in retrieving SCIM Group information from database.", e); } catch (CharonException | BadRequestException e) { throw new CharonException("Error in retrieving the group", e); } }
/** * This is to decode SCIM Response received for a SCIM List/Filter requests. * * @param scimResponse * @param format * @param containedResourceType * @return */ public List<SCIMObject> decodeSCIMResponseWithListedResource(String scimResponse, String format, int containedResourceType) throws CharonException, BadRequestException { if ((format.equals(SCIMConstants.JSON)) && (jsonDecoder != null)) { SCIMDecoder scimDecoder = new SCIMDecoder(); switch (containedResourceType) { case 1: return scimDecoder.decodeListedResource(scimResponse, SCIMSchemaDefinitions.SCIM_USER_SCHEMA, new User()); case 2: return scimDecoder.decodeListedResource(scimResponse, SCIMSchemaDefinitions.SCIM_GROUP_SCHEMA, new Group()); default: throw new CharonException("Resource type didn't match any existing types."); } } else { throw new CharonException("Encoder in the given format is not properly initialized."); } }
/** * Deletes the group. * * @param groupEntity * @throws IdentityProvisioningException */ private void deleteGroup(ProvisioningEntity groupEntity) throws IdentityProvisioningException { String groupName = null; try { List<String> groupNames = getGroupNames(groupEntity.getAttributes()); if (CollectionUtils.isNotEmpty(groupNames)) { groupName = groupNames.get(0); } Group group = new Group(); group.setDisplayName(groupName); ProvisioningClient scimProvsioningClient = new ProvisioningClient(scimProvider, group, null); scimProvsioningClient.provisionDeleteGroup(); } catch (Exception e) { throw new IdentityProvisioningException("Error while deleting group : " + groupName, e); } }
/** * Retrieve user attribute for given introspect response * * @param introspectionResponse Introspect response * @return Map of user attributes * @throws UserInfoException If failed to retrieve user attributes */ public static Map<String, Attribute> getUserAttributes(IntrospectionResponse introspectionResponse) throws UserInfoException { Map<String, Attribute> userAttributes = new HashMap<>(); try { User user = getUserManager().getMe(introspectionResponse.getUsername(), null); if (user != null) { userAttributes = user.getAttributeList(); } } catch (CharonException | BadRequestException | NotFoundException e) { String errorMsg = "Error while retrieving user attributes."; throw new UserInfoException(errorMsg, e, ExceptionCodes.INTERNAL_ERROR); } return userAttributes; }