From a4f07be4067dce8631961ac1697c817f7976b16c Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Wed, 20 Nov 2024 17:13:39 +0530 Subject: [PATCH] Addressed comments. --- ...nticatorEndpointConfigServerException.java | 2 +- .../idp/mgt/IdentityProviderManager.java | 125 +---- .../idp/mgt/dao/CacheBackedIdPMgtDAO.java | 4 +- .../idp/mgt/dao/IdPManagementFacade.java | 447 ++++++++++++++++++ .../OutboundProvisioningTest.java | 12 +- 5 files changed, 476 insertions(+), 114 deletions(-) create mode 100644 components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java index 8c22fba16eae..0f9dff9471f7 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java @@ -21,7 +21,7 @@ /** * Exception class for user defined federated authenticator endpoint configurations related exceptions. */ -public class AuthenticatorEndpointConfigServerException extends IdentityProviderManagementException { +public class AuthenticatorEndpointConfigServerException extends IdentityProviderManagementServerException { public AuthenticatorEndpointConfigServerException(String message) { diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java index 60732d57c9d0..b6af93d6bb2e 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java @@ -62,7 +62,6 @@ import org.wso2.carbon.idp.mgt.util.IdPManagementConstants; import org.wso2.carbon.idp.mgt.util.IdPManagementUtil; import org.wso2.carbon.idp.mgt.util.MetadataConverter; -import org.wso2.carbon.idp.mgt.util.UserDefinedAuthenticatorEndpointConfigManager; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreManager; import org.wso2.carbon.user.core.UserCoreConstants; @@ -100,8 +99,6 @@ public class IdentityProviderManager implements IdpManager { private static volatile IdentityProviderManager instance = new IdentityProviderManager(); private final Pattern userDefinedAuthNameRegexPattern = Pattern.compile(IdPManagementConstants.USER_DEFINED_AUTHENTICATOR_NAME_REGEX); - private final UserDefinedAuthenticatorEndpointConfigManager endpointConfigurationManager = - new UserDefinedAuthenticatorEndpointConfigManager(); private IdentityProviderManager() { @@ -835,7 +832,6 @@ public IdentityProvider getIdPByName(String idPName, String tenantDomain, IdentityApplicationConstants.DEFAULT_IDP_CONFIG); } } - populateEndpointConfig(identityProvider, tenantDomain); return identityProvider; } @@ -869,7 +865,6 @@ public IdentityProvider getIdPById(String id, String tenantDomain, IdentityApplicationConstants.DEFAULT_IDP_CONFIG); } } - populateEndpointConfig(identityProvider, tenantDomain); return identityProvider; } @@ -881,7 +876,6 @@ public IdentityProvider getIdPByResourceId(String resourceId, String tenantDomai validateGetIdPInputValues(resourceId); int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); IdentityProvider identityProvider = dao.getIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null) { identityProvider = new FileBasedIdPMgtDAO().getIdPByResourceId(resourceId, tenantDomain); if (identityProvider == null) { @@ -926,7 +920,6 @@ public IdentityProvider getEnabledIdPByName(String idPName, String tenantDomain, throws IdentityProviderManagementException { IdentityProvider idp = getIdPByName(idPName, tenantDomain, ignoreFileBasedIdps); - populateEndpointConfig(idp, tenantDomain); if (idp != null && idp.isEnable()) { return idp; } @@ -977,7 +970,6 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, Stri IdentityProvider identityProvider = dao.getIdPByAuthenticatorPropertyValue( null, property, value, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null && !ignoreFileBasedIdps) { identityProvider = new FileBasedIdPMgtDAO() @@ -1009,7 +1001,6 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, Stri IdentityProvider identityProvider = dao.getIdPByAuthenticatorPropertyValue( null, property, value, authenticator, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null && !ignoreFileBasedIdps) { identityProvider = new FileBasedIdPMgtDAO() @@ -1540,18 +1531,8 @@ public IdentityProvider addIdPWithResourceId(IdentityProvider identityProvider, handleMetadata(tenantId, identityProvider); resolveAuthenticatorDefinedByProperty(identityProvider, true); - - String resourceId; - addEndpointConfig(identityProvider, tenantDomain); - try { - resourceId = dao.addIdP(identityProvider, tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - deleteEndpointConfig(identityProvider, tenantDomain); - throw e; - } - + String resourceId = dao.addIdP(identityProvider, tenantId, tenantDomain); identityProvider = dao.getIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); // invoking the post listeners for (IdentityProviderMgtListener listener : listeners) { @@ -1612,7 +1593,7 @@ public void deleteIdP(String idPName, String tenantDomain) throws IdentityProvid if (identityProvider == null) { return; } - deleteIDP(identityProvider, tenantDomain); + deleteIDP(identityProvider.getResourceId(), idPName, tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1678,7 +1659,7 @@ public void deleteIdPByResourceId(String resourceId, String tenantDomain) throws if (identityProvider == null) { return; } - deleteIDP(identityProvider, tenantDomain); + deleteIDP(resourceId, identityProvider.getIdentityProviderName(), tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1708,27 +1689,20 @@ private void deleteMetadataStrings(String idpName, int tenantId) throws Identity /** * Delete an IDP. * - * @param identityProvider Identity Provider + * @param resourceId Resource Id + * @param idpName Name of the IDP * @param tenantDomain Tenant Domain * @throws IdentityProviderManagementException */ - private void deleteIDP(IdentityProvider identityProvider, String tenantDomain) throws + private void deleteIDP(String resourceId, String idpName, String tenantDomain) throws IdentityProviderManagementException { int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); // Delete metadata strings of the IDP - deleteMetadataStrings(identityProvider.getIdentityProviderName(), tenantId); - - deleteEndpointConfig(identityProvider, tenantDomain); - - try { - dao.deleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - addEndpointConfig(identityProvider, tenantDomain); - throw e; - } + deleteMetadataStrings(idpName, tenantId); + dao.deleteIdPByResourceId(resourceId, tenantId, tenantDomain); } /** @@ -1756,7 +1730,7 @@ public void forceDeleteIdp(String idpName, String tenantDomain) throws IdentityP throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage .ERROR_CODE_IDP_NAME_DOES_NOT_EXIST, idpName); } - forceDeleteIDP(identityProvider, tenantDomain); + forceDeleteIDP(identityProvider.getResourceId(), idpName, tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1789,7 +1763,7 @@ public void forceDeleteIdpByResourceId(String resourceId, String tenantDomain) t throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage .ERROR_CODE_IDP_DOES_NOT_EXIST, resourceId); } - forceDeleteIDP(identityProvider, tenantDomain); + forceDeleteIDP(resourceId, identityProvider.getIdentityProviderName(), tenantDomain); // Invoking the post listeners for (IdentityProviderMgtListener listener : listeners) { @@ -1800,23 +1774,17 @@ public void forceDeleteIdpByResourceId(String resourceId, String tenantDomain) t } } - private void forceDeleteIDP(IdentityProvider identityProvider, String tenantDomain) throws + private void forceDeleteIDP(String resourceId, String idpName, String tenantDomain) throws IdentityProviderManagementException { int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); for (MetadataConverter metadataConverter : IdpMgtServiceComponentHolder.getInstance().getMetadataConverters()) { - if (metadataConverter.canDelete(tenantId, identityProvider.getIdentityProviderName())) { - metadataConverter.deleteMetadataString(tenantId, identityProvider.getIdentityProviderName()); + if (metadataConverter.canDelete(tenantId, idpName)) { + metadataConverter.deleteMetadataString(tenantId, idpName); } } - deleteEndpointConfig(identityProvider, tenantDomain); - try { - dao.forceDeleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - addEndpointConfig(identityProvider, tenantDomain); - throw e; - } + dao.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); } /** @@ -1896,9 +1864,7 @@ public IdentityProvider updateIdPByResourceId(String resourceId, IdentityProvide return null; } } - IdentityProvider identityProvider = dao.getUpdatedIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); - return identityProvider; + return dao.getUpdatedIdPByResourceId(resourceId, tenantId, tenantDomain); } private void updateIDP(IdentityProvider currentIdentityProvider, IdentityProvider newIdentityProvider, int tenantId, @@ -1915,14 +1881,7 @@ private void updateIDP(IdentityProvider currentIdentityProvider, IdentityProvide validateIdPIssuerName(currentIdentityProvider, newIdentityProvider, tenantId, tenantDomain); handleMetadata(tenantId, newIdentityProvider); resolveAuthenticatorDefinedByProperty(newIdentityProvider, false); - updateEndpointConfig(newIdentityProvider, currentIdentityProvider, tenantDomain); - try { - dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - updateEndpointConfig(currentIdentityProvider, newIdentityProvider, tenantDomain); - throw e; - } - + dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId, tenantDomain); } /** @@ -2788,56 +2747,4 @@ private void resolveAuthenticatorDefinedByProperty(IdentityProvider idp, boolean } } } - - private void populateEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.resolveEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - - private void addEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.addEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - - private void updateEndpointConfig(IdentityProvider newIdentityProvider, IdentityProvider oldIdentityProvider, - String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (newIdentityProvider == null || newIdentityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - FederatedAuthenticatorConfig newFederatedAuth = newIdentityProvider.getFederatedAuthenticatorConfigs()[0]; - FederatedAuthenticatorConfig oldFederatedAuth = oldIdentityProvider.getFederatedAuthenticatorConfigs()[0]; - if (newFederatedAuth.getDefinedByType() == DefinedByType.SYSTEM) { - return; - } - - if (StringUtils.equals(newFederatedAuth.getName(), oldFederatedAuth.getName())) { - endpointConfigurationManager.updateEndpointConfig(newIdentityProvider.getFederatedAuthenticatorConfigs()[0], - oldIdentityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - endpointConfigurationManager.deleteEndpointConfig(oldFederatedAuth, tenantDomain); - endpointConfigurationManager.addEndpointConfig(newFederatedAuth, tenantDomain); - } - - private void deleteEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.deleteEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } } diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java index a2c08113d34c..337ee1153f88 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java @@ -56,7 +56,7 @@ public class CacheBackedIdPMgtDAO { private static final Log log = LogFactory.getLog(CacheBackedIdPMgtDAO.class); - private IdPManagementDAO idPMgtDAO = null; + private IdPManagementFacade idPMgtDAO = null; private IdPCacheByName idPCacheByName = null; private IdPCacheByHRI idPCacheByHRI = null; @@ -68,7 +68,7 @@ public class CacheBackedIdPMgtDAO { * @param idPMgtDAO */ public CacheBackedIdPMgtDAO(IdPManagementDAO idPMgtDAO) { - this.idPMgtDAO = idPMgtDAO; + this.idPMgtDAO = new IdPManagementFacade(idPMgtDAO); idPCacheByName = IdPCacheByName.getInstance(); idPCacheByHRI = IdPCacheByHRI.getInstance(); idPCacheByAuthProperty = IdPCacheByAuthProperty.getInstance(); diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java new file mode 100644 index 000000000000..60221de4c96b --- /dev/null +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java @@ -0,0 +1,447 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.idp.mgt.dao; + +import org.apache.commons.lang.StringUtils; +import org.wso2.carbon.identity.application.common.model.*; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants; +import org.wso2.carbon.identity.core.model.ExpressionNode; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.idp.mgt.AuthenticatorEndpointConfigServerException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementServerException; +import org.wso2.carbon.idp.mgt.model.ConnectedAppsResult; +import org.wso2.carbon.idp.mgt.util.UserDefinedAuthenticatorEndpointConfigManager; + +import java.sql.Connection; +import java.sql.SQLException; +import java.util.List; +import java.util.Map; +import java.util.Set; + +public class IdPManagementFacade { + + private static IdPManagementDAO dao; + private final UserDefinedAuthenticatorEndpointConfigManager endpointConfigurationManager = + new UserDefinedAuthenticatorEndpointConfigManager(); + + public IdPManagementFacade(IdPManagementDAO dao) { + this.dao = dao; + } + + public List getIdPs(Connection dbConnection, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + List idpList = dao.getIdPs(dbConnection, tenantId, tenantDomain); + for (IdentityProvider idp : idpList) { + populateEndpointConfig(idp, tenantDomain); + } + return idpList; + } + + public List getIdPsSearch(int tenantId, List expressionConditions, + int limit, int offset, String sortOrder, String sortBy, + List requiredAttributes) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + List idpList = dao.getIdPsSearch(tenantId, expressionConditions, limit, offset, sortOrder, + sortBy, requiredAttributes); + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + for (IdentityProvider idp : idpList) { + populateEndpointConfig(idp, tenantDomain); + } + return idpList; + } + + public List getIdPsSearch(int tenantId, List expressionConditions, + int limit, int offset, String sortOrder, String sortBy) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + List idpList = dao.getIdPsSearch(tenantId, expressionConditions, limit, offset, sortOrder, + sortBy); + for (IdentityProvider idp : idpList) { + populateEndpointConfig(idp, tenantDomain); + } + return idpList; + } + + public List getIdPsSearch(Connection dbConnection, int tenantId, String tenantDomain, + String filter) throws IdentityProviderManagementException { + + List idpList = dao.getIdPsSearch(dbConnection, tenantId, tenantDomain, filter); + for (IdentityProvider idp : idpList) { + populateEndpointConfig(idp, tenantDomain); + } + return idpList; + } + + public List getTrustedTokenIssuerSearch(int tenantId, List expressionNode, + int limit, int offset, String sortOrder, String sortBy, List requiredAttributes) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getTrustedTokenIssuerSearch(tenantId, expressionNode, limit, offset, sortOrder, sortBy, + requiredAttributes); + } + + public int getCountOfFilteredTokenIssuers(int tenantId, List expressionConditions) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getCountOfFilteredTokenIssuers(tenantId, expressionConditions); + } + + public int getCountOfFilteredIdPs(int tenantId, List expressionConditions) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getCountOfFilteredIdPs(tenantId, expressionConditions); + } + + public PermissionsAndRoleConfig getPermissionsAndRoleConfiguration(Connection dbConnection, String idPName, + int idPId, int tenantId) + throws SQLException { + + return dao.getPermissionsAndRoleConfiguration(dbConnection, idPName, idPId, tenantId); + } + + public void addFederatedAuthenticatorConfigs(FederatedAuthenticatorConfig[] authnConfigs, Connection dbConnection, + int idpId, int tenantId) + throws IdentityProviderManagementException, SQLException { + + dao.addFederatedAuthenticatorConfigs(authnConfigs, dbConnection, idpId, tenantId); + } + + public IdPGroup[] getIdPGroupConfiguration(Connection dbConnection, int idPId) + throws SQLException { + + return dao.getIdPGroupConfiguration(dbConnection, idPId); + } + + public ProvisioningConnectorConfig[] getProvisioningConnectorConfigs(Connection dbConnection, + String idPName, int idPId, int tenantId) + throws IdentityProviderManagementException, SQLException { + + return dao.getProvisioningConnectorConfigs(dbConnection, idPName, idPId, tenantId); + } + + public IdentityProvider getIdPByName(Connection dbConnection, String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByName(dbConnection, idPName, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIDPbyId(Connection dbConnection, int idpId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIDPbyId(dbConnection, idpId, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIDPbyResourceId(Connection dbConnection, String resourceId, int tenantId, + String tenantDomain) throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIDPbyResourceId(dbConnection, resourceId, tenantId, tenantDomain), + tenantDomain); + } + + public String getIDPNameByResourceId(String resourceId) throws IdentityProviderManagementException { + + return dao.getIDPNameByResourceId(resourceId); + } + + public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, + String authenticator, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, + authenticator, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, + int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, tenantId, + tenantDomain), tenantDomain); + } + + public IdentityProvider getIdPByRealmId(String realmId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByRealmId(realmId, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getEnabledIdPByRealmId(String realmId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getEnabledIdPByRealmId(realmId, tenantId, tenantDomain), tenantDomain); + } + + public void addIdP(IdentityProvider identityProvider, int tenantId) throws IdentityProviderManagementException { + + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + addEndpointConfig(identityProvider, tenantDomain); + try { + dao.addIdP(identityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + deleteEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public String addIdPWithResourceId(IdentityProvider identityProvider, int tenantId) + throws IdentityProviderManagementException { + + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + addEndpointConfig(identityProvider, tenantDomain); + try { + return dao.addIdPWithResourceId(identityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + deleteEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void updateIdP(IdentityProvider newIdentityProvider, IdentityProvider currentIdentityProvider, int tenantId) + throws IdentityProviderManagementException { + + updateEndpointConfig(newIdentityProvider, currentIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + try { + dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + updateEndpointConfig(currentIdentityProvider, newIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + throw e; + } + } + + public void updateIdPWithResourceId(String resourceId, IdentityProvider newIdentityProvider, + IdentityProvider currentIdentityProvider, int tenantId) + throws IdentityProviderManagementException { + + updateEndpointConfig(newIdentityProvider, currentIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + try { + dao.updateIdPWithResourceId(resourceId, newIdentityProvider, currentIdentityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + updateEndpointConfig(currentIdentityProvider, newIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + throw e; + } + } + + public boolean isIdpReferredBySP(String idPName, int tenantId) throws IdentityProviderManagementException { + + return dao.isIdpReferredBySP(idPName, tenantId); + } + + public void deleteIdP(String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIdPByName(null, idPName, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.deleteIdP(idPName, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void deleteIdPs(int tenantId) throws IdentityProviderManagementException { + + List idpList = getIdPs(null, tenantId, IdentityTenantUtil.getTenantDomain(tenantId)); + for (IdentityProvider idp : idpList) { + deleteEndpointConfig(idp, IdentityTenantUtil.getTenantDomain(tenantId)); + } + try { + dao.deleteIdPs(tenantId); + } catch (IdentityProviderManagementException e) { + for (IdentityProvider idp : idpList) { + addEndpointConfig(idp, IdentityTenantUtil.getTenantDomain(tenantId)); + } + throw e; + } + } + + public void deleteIdPByResourceId(String resourceId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.deleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void forceDeleteIdP(String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIdPByName(null, idPName, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.forceDeleteIdP(idPName, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void forceDeleteIdPByResourceId(String resourceId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void deleteTenantRole(int tenantId, String role, String tenantDomain) + throws IdentityProviderManagementException { + + dao.deleteTenantRole(tenantId, role, tenantDomain); + } + + public void renameTenantRole(String newRoleName, String oldRoleName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + dao.renameTenantRole(newRoleName, oldRoleName, tenantId, tenantDomain); + } + + public void renameClaimURI(String newClaimURI, String oldClaimURI, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + dao.renameClaimURI(newClaimURI, oldClaimURI, tenantId, tenantDomain); + } + + public boolean isIdPAvailableForAuthenticatorProperty(String authenticatorName, String propertyName, + String idPEntityId, int tenantId) + throws IdentityProviderManagementException { + + return dao.isIdPAvailableForAuthenticatorProperty(authenticatorName, propertyName, idPEntityId, tenantId); + } + + public ConnectedAppsResult getConnectedApplications(String resourceId, int limit, int offset) + throws IdentityProviderManagementException { + + return dao.getConnectedApplications(resourceId, limit, offset); + } + + public ConnectedAppsResult getConnectedAppsOfLocalAuthenticator(String authenticatorId, int tenantId, + Integer limit, Integer offset) + throws IdentityProviderManagementException { + + return dao.getConnectedAppsOfLocalAuthenticator(authenticatorId, tenantId, limit, offset); + } + + public String getIdPNameByMetadataProperty(Connection dbConnection, String property, String value, int tenantId) + throws IdentityProviderManagementException { + + return dao.getIdPNameByMetadataProperty(dbConnection, property, value, tenantId); + } + + public boolean isClaimReferredByAnyIdp(Connection dbConnection, String claimUri, int tenantId) + throws IdentityProviderManagementException { + + return dao.isClaimReferredByAnyIdp(dbConnection, claimUri, tenantId); + } + + public Map getIdPNamesById(int tenantId, Set idpIds) + throws IdentityProviderManagementException { + + return dao.getIdPNamesById(tenantId, idpIds); + } + + public List getIdPGroupsByIds(List idpGroupIds, int tenantId) + throws IdentityProviderManagementException { + + return dao.getIdPGroupsByIds(idpGroupIds, tenantId); + } + + public List getAllUserDefinedFederatedAuthenticators(int tenantId) + throws IdentityProviderManagementException { + + List configList = dao.getAllUserDefinedFederatedAuthenticators(tenantId); + for (FederatedAuthenticatorConfig config : configList) { + endpointConfigurationManager.resolveEndpointConfig(config, IdentityTenantUtil.getTenantDomain(tenantId)); + } + return configList; + } + + private IdentityProvider populateEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return identityProvider; + } + endpointConfigurationManager.resolveEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + return identityProvider; + } + + private void addEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + endpointConfigurationManager.addEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } + + private void updateEndpointConfig(IdentityProvider newIdentityProvider, IdentityProvider oldIdentityProvider, + String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (newIdentityProvider == null || newIdentityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + FederatedAuthenticatorConfig newFederatedAuth = newIdentityProvider.getFederatedAuthenticatorConfigs()[0]; + FederatedAuthenticatorConfig oldFederatedAuth = oldIdentityProvider.getFederatedAuthenticatorConfigs()[0]; + if (newFederatedAuth.getDefinedByType() == AuthenticatorPropertyConstants.DefinedByType.SYSTEM) { + return; + } + + if (StringUtils.equals(newFederatedAuth.getName(), oldFederatedAuth.getName())) { + endpointConfigurationManager.updateEndpointConfig(newIdentityProvider.getFederatedAuthenticatorConfigs()[0], + oldIdentityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } + endpointConfigurationManager.deleteEndpointConfig(oldFederatedAuth, tenantDomain); + endpointConfigurationManager.addEndpointConfig(newFederatedAuth, tenantDomain); + } + + private void deleteEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + endpointConfigurationManager.deleteEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } +} + diff --git a/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java b/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java index c446246c35f1..f198af5fc42c 100644 --- a/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java +++ b/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java @@ -57,6 +57,8 @@ import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService; import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException; import org.wso2.carbon.identity.role.v2.mgt.core.model.RoleBasicInfo; +import org.wso2.carbon.identity.secret.mgt.core.SecretManagerImpl; +import org.wso2.carbon.identity.secret.mgt.core.model.SecretType; import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; import org.wso2.carbon.idp.mgt.IdentityProviderManager; import org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO; @@ -84,8 +86,7 @@ import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; +import static org.mockito.Mockito.*; import static org.testng.Assert.assertEquals; import static org.wso2.carbon.identity.provisioning.IdentityProvisioningConstants.FAIL_ON_BLOCKING_OUTBOUND_PROVISION_FAILURE; @@ -131,6 +132,13 @@ public class OutboundProvisioningTest { @BeforeClass public void setUpClass() throws Exception { + SecretManagerImpl secretManager = mock(SecretManagerImpl.class); + SecretType secretType = mock(SecretType.class); + IdpMgtServiceComponentHolder.getInstance().setSecretManager(secretManager); + when(secretType.getId()).thenReturn("secretId"); + doReturn(secretType).when(secretManager).getSecretType(any()); + when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(false); + IdPSecretsProcessor idpSecretsProcessor = mock(IdPSecretsProcessor.class); when(idpSecretsProcessor.decryptAssociatedSecrets(any())).thenAnswer( invocation -> invocation.getArguments()[0]);