From ea60d98fb7a7d781e570d3cd60ce77c691c0d827 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Wed, 20 Nov 2024 17:13:39 +0530 Subject: [PATCH] Addressed comments. --- ...nticatorEndpointConfigServerException.java | 2 +- .../idp/mgt/IdentityProviderManager.java | 126 +----- .../idp/mgt/dao/CacheBackedIdPMgtDAO.java | 76 ++-- .../idp/mgt/dao/IdPManagementFacade.java | 428 ++++++++++++++++++ ...IdentityProviderManagementServiceTest.java | 79 +++- .../idp/mgt/dao/IdPManagementDAOTest.java | 44 +- .../OutboundProvisioningTest.java | 10 + 7 files changed, 583 insertions(+), 182 deletions(-) create mode 100644 components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java index 8c22fba16eae..0f9dff9471f7 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/AuthenticatorEndpointConfigServerException.java @@ -21,7 +21,7 @@ /** * Exception class for user defined federated authenticator endpoint configurations related exceptions. */ -public class AuthenticatorEndpointConfigServerException extends IdentityProviderManagementException { +public class AuthenticatorEndpointConfigServerException extends IdentityProviderManagementServerException { public AuthenticatorEndpointConfigServerException(String message) { diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java index 60732d57c9d0..c4d08def9d30 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java @@ -62,7 +62,6 @@ import org.wso2.carbon.idp.mgt.util.IdPManagementConstants; import org.wso2.carbon.idp.mgt.util.IdPManagementUtil; import org.wso2.carbon.idp.mgt.util.MetadataConverter; -import org.wso2.carbon.idp.mgt.util.UserDefinedAuthenticatorEndpointConfigManager; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreManager; import org.wso2.carbon.user.core.UserCoreConstants; @@ -100,8 +99,6 @@ public class IdentityProviderManager implements IdpManager { private static volatile IdentityProviderManager instance = new IdentityProviderManager(); private final Pattern userDefinedAuthNameRegexPattern = Pattern.compile(IdPManagementConstants.USER_DEFINED_AUTHENTICATOR_NAME_REGEX); - private final UserDefinedAuthenticatorEndpointConfigManager endpointConfigurationManager = - new UserDefinedAuthenticatorEndpointConfigManager(); private IdentityProviderManager() { @@ -835,7 +832,6 @@ public IdentityProvider getIdPByName(String idPName, String tenantDomain, IdentityApplicationConstants.DEFAULT_IDP_CONFIG); } } - populateEndpointConfig(identityProvider, tenantDomain); return identityProvider; } @@ -869,7 +865,6 @@ public IdentityProvider getIdPById(String id, String tenantDomain, IdentityApplicationConstants.DEFAULT_IDP_CONFIG); } } - populateEndpointConfig(identityProvider, tenantDomain); return identityProvider; } @@ -881,7 +876,6 @@ public IdentityProvider getIdPByResourceId(String resourceId, String tenantDomai validateGetIdPInputValues(resourceId); int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); IdentityProvider identityProvider = dao.getIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null) { identityProvider = new FileBasedIdPMgtDAO().getIdPByResourceId(resourceId, tenantDomain); if (identityProvider == null) { @@ -926,7 +920,6 @@ public IdentityProvider getEnabledIdPByName(String idPName, String tenantDomain, throws IdentityProviderManagementException { IdentityProvider idp = getIdPByName(idPName, tenantDomain, ignoreFileBasedIdps); - populateEndpointConfig(idp, tenantDomain); if (idp != null && idp.isEnable()) { return idp; } @@ -977,7 +970,6 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, Stri IdentityProvider identityProvider = dao.getIdPByAuthenticatorPropertyValue( null, property, value, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null && !ignoreFileBasedIdps) { identityProvider = new FileBasedIdPMgtDAO() @@ -1009,7 +1001,6 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(String property, Stri IdentityProvider identityProvider = dao.getIdPByAuthenticatorPropertyValue( null, property, value, authenticator, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); if (identityProvider == null && !ignoreFileBasedIdps) { identityProvider = new FileBasedIdPMgtDAO() @@ -1540,18 +1531,8 @@ public IdentityProvider addIdPWithResourceId(IdentityProvider identityProvider, handleMetadata(tenantId, identityProvider); resolveAuthenticatorDefinedByProperty(identityProvider, true); - - String resourceId; - addEndpointConfig(identityProvider, tenantDomain); - try { - resourceId = dao.addIdP(identityProvider, tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - deleteEndpointConfig(identityProvider, tenantDomain); - throw e; - } - + String resourceId = dao.addIdP(identityProvider, tenantId, tenantDomain); identityProvider = dao.getIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); // invoking the post listeners for (IdentityProviderMgtListener listener : listeners) { @@ -1612,7 +1593,7 @@ public void deleteIdP(String idPName, String tenantDomain) throws IdentityProvid if (identityProvider == null) { return; } - deleteIDP(identityProvider, tenantDomain); + deleteIDP(identityProvider.getResourceId(), idPName, tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1678,7 +1659,7 @@ public void deleteIdPByResourceId(String resourceId, String tenantDomain) throws if (identityProvider == null) { return; } - deleteIDP(identityProvider, tenantDomain); + deleteIDP(resourceId, identityProvider.getIdentityProviderName(), tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1708,27 +1689,20 @@ private void deleteMetadataStrings(String idpName, int tenantId) throws Identity /** * Delete an IDP. * - * @param identityProvider Identity Provider + * @param resourceId Resource Id + * @param idpName Name of the IDP * @param tenantDomain Tenant Domain * @throws IdentityProviderManagementException */ - private void deleteIDP(IdentityProvider identityProvider, String tenantDomain) throws + private void deleteIDP(String resourceId, String idpName, String tenantDomain) throws IdentityProviderManagementException { int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); // Delete metadata strings of the IDP - deleteMetadataStrings(identityProvider.getIdentityProviderName(), tenantId); - - deleteEndpointConfig(identityProvider, tenantDomain); - - try { - dao.deleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - addEndpointConfig(identityProvider, tenantDomain); - throw e; - } + deleteMetadataStrings(idpName, tenantId); + dao.deleteIdPByResourceId(resourceId, tenantId, tenantDomain); } /** @@ -1756,7 +1730,7 @@ public void forceDeleteIdp(String idpName, String tenantDomain) throws IdentityP throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage .ERROR_CODE_IDP_NAME_DOES_NOT_EXIST, idpName); } - forceDeleteIDP(identityProvider, tenantDomain); + forceDeleteIDP(identityProvider.getResourceId(), idpName, tenantDomain); // Invoking the post listeners. for (IdentityProviderMgtListener listener : listeners) { @@ -1789,7 +1763,7 @@ public void forceDeleteIdpByResourceId(String resourceId, String tenantDomain) t throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage .ERROR_CODE_IDP_DOES_NOT_EXIST, resourceId); } - forceDeleteIDP(identityProvider, tenantDomain); + forceDeleteIDP(resourceId, identityProvider.getIdentityProviderName(), tenantDomain); // Invoking the post listeners for (IdentityProviderMgtListener listener : listeners) { @@ -1800,23 +1774,17 @@ public void forceDeleteIdpByResourceId(String resourceId, String tenantDomain) t } } - private void forceDeleteIDP(IdentityProvider identityProvider, String tenantDomain) throws + private void forceDeleteIDP(String resourceId, String idpName, String tenantDomain) throws IdentityProviderManagementException { int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); for (MetadataConverter metadataConverter : IdpMgtServiceComponentHolder.getInstance().getMetadataConverters()) { - if (metadataConverter.canDelete(tenantId, identityProvider.getIdentityProviderName())) { - metadataConverter.deleteMetadataString(tenantId, identityProvider.getIdentityProviderName()); + if (metadataConverter.canDelete(tenantId, idpName)) { + metadataConverter.deleteMetadataString(tenantId, idpName); } } - deleteEndpointConfig(identityProvider, tenantDomain); - try { - dao.forceDeleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - addEndpointConfig(identityProvider, tenantDomain); - throw e; - } + dao.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); } /** @@ -1896,9 +1864,7 @@ public IdentityProvider updateIdPByResourceId(String resourceId, IdentityProvide return null; } } - IdentityProvider identityProvider = dao.getUpdatedIdPByResourceId(resourceId, tenantId, tenantDomain); - populateEndpointConfig(identityProvider, tenantDomain); - return identityProvider; + return dao.getUpdatedIdPByResourceId(resourceId, tenantId, tenantDomain); } private void updateIDP(IdentityProvider currentIdentityProvider, IdentityProvider newIdentityProvider, int tenantId, @@ -1915,14 +1881,7 @@ private void updateIDP(IdentityProvider currentIdentityProvider, IdentityProvide validateIdPIssuerName(currentIdentityProvider, newIdentityProvider, tenantId, tenantDomain); handleMetadata(tenantId, newIdentityProvider); resolveAuthenticatorDefinedByProperty(newIdentityProvider, false); - updateEndpointConfig(newIdentityProvider, currentIdentityProvider, tenantDomain); - try { - dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId, tenantDomain); - } catch (IdentityProviderManagementException e) { - updateEndpointConfig(currentIdentityProvider, newIdentityProvider, tenantDomain); - throw e; - } - + dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId, tenantDomain); } /** @@ -2703,6 +2662,7 @@ private Map> createFedAuthConfidentialPropsMap() throws Ide Map> metaFedAuthConfigMap = new HashMap<>(); FederatedAuthenticatorConfig[] metaFedAuthConfigs = getAllFederatedAuthenticators(); for (FederatedAuthenticatorConfig metaFedAuthConfig : metaFedAuthConfigs) { + // Continuing as user defined authenticators does not have any authenticator properties having secrets. if (metaFedAuthConfig.getDefinedByType() == DefinedByType.USER) { continue; } @@ -2788,56 +2748,4 @@ private void resolveAuthenticatorDefinedByProperty(IdentityProvider idp, boolean } } } - - private void populateEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.resolveEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - - private void addEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.addEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - - private void updateEndpointConfig(IdentityProvider newIdentityProvider, IdentityProvider oldIdentityProvider, - String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (newIdentityProvider == null || newIdentityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - FederatedAuthenticatorConfig newFederatedAuth = newIdentityProvider.getFederatedAuthenticatorConfigs()[0]; - FederatedAuthenticatorConfig oldFederatedAuth = oldIdentityProvider.getFederatedAuthenticatorConfigs()[0]; - if (newFederatedAuth.getDefinedByType() == DefinedByType.SYSTEM) { - return; - } - - if (StringUtils.equals(newFederatedAuth.getName(), oldFederatedAuth.getName())) { - endpointConfigurationManager.updateEndpointConfig(newIdentityProvider.getFederatedAuthenticatorConfigs()[0], - oldIdentityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } - endpointConfigurationManager.deleteEndpointConfig(oldFederatedAuth, tenantDomain); - endpointConfigurationManager.addEndpointConfig(newFederatedAuth, tenantDomain); - } - - private void deleteEndpointConfig(IdentityProvider identityProvider, String tenantDomain) - throws AuthenticatorEndpointConfigServerException { - - if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { - return; - } - endpointConfigurationManager.deleteEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], - tenantDomain); - } } diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java index a2c08113d34c..cc95138d0bb7 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAO.java @@ -56,7 +56,7 @@ public class CacheBackedIdPMgtDAO { private static final Log log = LogFactory.getLog(CacheBackedIdPMgtDAO.class); - private IdPManagementDAO idPMgtDAO = null; + private IdPManagementFacade idPManagementFacade = null; private IdPCacheByName idPCacheByName = null; private IdPCacheByHRI idPCacheByHRI = null; @@ -68,7 +68,7 @@ public class CacheBackedIdPMgtDAO { * @param idPMgtDAO */ public CacheBackedIdPMgtDAO(IdPManagementDAO idPMgtDAO) { - this.idPMgtDAO = idPMgtDAO; + idPManagementFacade = new IdPManagementFacade(idPMgtDAO); idPCacheByName = IdPCacheByName.getInstance(); idPCacheByHRI = IdPCacheByHRI.getInstance(); idPCacheByAuthProperty = IdPCacheByAuthProperty.getInstance(); @@ -86,7 +86,7 @@ public CacheBackedIdPMgtDAO(IdPManagementDAO idPMgtDAO) { public List getIdPs(Connection dbConnection, int tenantId, String tenantDomain) throws IdentityProviderManagementException { - return idPMgtDAO.getIdPs(dbConnection, tenantId, tenantDomain); + return idPManagementFacade.getIdPs(dbConnection, tenantId, tenantDomain); } /** @@ -100,7 +100,7 @@ public List getIdPs(Connection dbConnection, int tenantId, public List getIdPsSearch(Connection dbConnection, int tenantId, String tenantDomain, String filter) throws IdentityProviderManagementException { - return idPMgtDAO.getIdPsSearch(dbConnection, tenantId, tenantDomain, + return idPManagementFacade.getIdPsSearch(dbConnection, tenantId, tenantDomain, filter); } @@ -121,7 +121,7 @@ public List getPaginatedIdPsSearch(int tenantId, List getPaginatedIdPsSearch(int tenantId, List requiredAttributes) throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { - return idPMgtDAO + return idPManagementFacade .getIdPsSearch(tenantId, expressionConditions, limit, offset, sortOrder, sortBy, requiredAttributes); } @@ -168,7 +168,7 @@ public List getPaginatedTrustedTokenIssuersSearch(int tenantId List requiredAttributes) throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { - return idPMgtDAO.getTrustedTokenIssuerSearch(tenantId, expressionConditions, limit, offset, sortOrder, + return idPManagementFacade.getTrustedTokenIssuerSearch(tenantId, expressionConditions, limit, offset, sortOrder, sortBy, requiredAttributes); } @@ -184,7 +184,7 @@ public List getPaginatedTrustedTokenIssuersSearch(int tenantId public int getTotalIdPCount(int tenantId, List expressionConditions) throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { - return idPMgtDAO.getCountOfFilteredIdPs(tenantId, expressionConditions); + return idPManagementFacade.getCountOfFilteredIdPs(tenantId, expressionConditions); } /** @@ -199,7 +199,7 @@ public int getTotalIdPCount(int tenantId, List expressionConditi public int getTotalTrustedTokenIssuerCount(int tenantId, List expressionConditions) throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { - return idPMgtDAO.getCountOfFilteredTokenIssuers(tenantId, expressionConditions); + return idPManagementFacade.getCountOfFilteredTokenIssuers(tenantId, expressionConditions); } /** @@ -227,7 +227,7 @@ public IdentityProvider getIdPByName(Connection dbConnection, String idPName, + ". Fetching entry from DB"); } - IdentityProvider identityProvider = idPMgtDAO.getIdPByName(dbConnection, idPName, + IdentityProvider identityProvider = idPManagementFacade.getIdPByName(dbConnection, idPName, tenantId, tenantDomain); if (identityProvider != null) { @@ -256,7 +256,7 @@ public IdentityProvider getIdPByName(Connection dbConnection, String idPName, public IdentityProvider getIdPById(Connection dbConnection, int id, int tenantId, String tenantDomain) throws IdentityProviderManagementException { - IdentityProvider identityProvider = idPMgtDAO.getIDPbyId(dbConnection, id, + IdentityProvider identityProvider = idPManagementFacade.getIDPbyId(dbConnection, id, tenantId, tenantDomain); if (identityProvider != null) { @@ -306,7 +306,7 @@ public IdentityProvider getIdPByResourceId(String resourceId, int tenantId, Stri log.debug("Cache entry not found for Identity Provider with resource ID: " + resourceId + ". Fetching entry from DB"); } - identityProvider = idPMgtDAO.getIDPbyResourceId(null, resourceId, + identityProvider = idPManagementFacade.getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); if (identityProvider != null) { @@ -352,7 +352,7 @@ public IdentityProvider getUpdatedIdPByResourceId(String resourceId, int tenantI tenantId, tenantDomain); } - identityProvider = idPMgtDAO.getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); + identityProvider = idPManagementFacade.getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); if (identityProvider == null) { if (log.isDebugEnabled()) { @@ -382,7 +382,7 @@ public String getIdPNameByResourceId(String resourceId) throws IdentityProviderM log.debug("Cache entry not found for Identity Provider with resource ID: " + resourceId + ". Fetching the name from DB"); } - return idPMgtDAO.getIDPNameByResourceId(resourceId); + return idPManagementFacade.getIDPNameByResourceId(resourceId); } /** @@ -411,7 +411,7 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnecti + " and with value " + value + ". Fetching entry from DB"); } - IdentityProvider identityProvider = idPMgtDAO.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, + IdentityProvider identityProvider = idPManagementFacade.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, tenantId, tenantDomain); if (identityProvider != null) { @@ -461,7 +461,7 @@ public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnecti + " and with value " + value + ". Fetching entry from DB"); } - IdentityProvider identityProvider = idPMgtDAO.getIdPByAuthenticatorPropertyValue(dbConnection, property, + IdentityProvider identityProvider = idPManagementFacade.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, authenticator, tenantId, tenantDomain); if (identityProvider != null) { @@ -503,7 +503,7 @@ public IdentityProvider getIdPByRealmId(String realmId, int tenantId, + ". Fetching entry from DB"); } - IdentityProvider identityProvider = idPMgtDAO.getIdPByRealmId(realmId, tenantId, tenantDomain); + IdentityProvider identityProvider = idPManagementFacade.getIdPByRealmId(realmId, tenantId, tenantDomain); if (identityProvider != null) { log.debug("Entry fetched from DB for Identity Provider with Home Realm ID " + realmId @@ -552,7 +552,7 @@ public IdentityProvider getEnabledIdPByRealmId(String realmId, int tenantId, } } - IdentityProvider identityProvider = idPMgtDAO.getEnabledIdPByRealmId(realmId, tenantId, tenantDomain); + IdentityProvider identityProvider = idPManagementFacade.getEnabledIdPByRealmId(realmId, tenantId, tenantDomain); if (identityProvider != null) { if (log.isDebugEnabled()) { @@ -582,7 +582,7 @@ public IdentityProvider getEnabledIdPByRealmId(String realmId, int tenantId, public String addIdP(IdentityProvider identityProvider, int tenantId, String tenantDomain) throws IdentityProviderManagementException { - return idPMgtDAO.addIdPWithResourceId(identityProvider, tenantId); + return idPManagementFacade.addIdPWithResourceId(identityProvider, tenantId); } /** @@ -602,7 +602,7 @@ public void updateIdP(IdentityProvider newIdentityProvider, } clearIdpCache(currentIdentityProvider.getIdentityProviderName(), currentIdentityProvider.getResourceId(), tenantId, tenantDomain); - idPMgtDAO.updateIdPWithResourceId(currentIdentityProvider.getResourceId(), + idPManagementFacade.updateIdPWithResourceId(currentIdentityProvider.getResourceId(), newIdentityProvider, currentIdentityProvider, tenantId); } @@ -615,14 +615,14 @@ public void updateIdP(IdentityProvider newIdentityProvider, public void deleteIdP(String idPName, int tenantId, String tenantDomain) throws IdentityProviderManagementException { - if (idPMgtDAO.isIdpReferredBySP(idPName, tenantId)) { + if (idPManagementFacade.isIdpReferredBySP(idPName, tenantId)) { throw new IdentityProviderManagementException("Identity Provider '" + idPName + "' " + "cannot be deleted as it is referred by Service Providers."); } IdentityProvider identityProvider = this.getIdPByName(null, idPName, tenantId, tenantDomain); if (identityProvider != null) { - idPMgtDAO.deleteIdP(idPName, tenantId, tenantDomain); + idPManagementFacade.deleteIdP(idPName, tenantId, tenantDomain); clearIdpCache(idPName, tenantId, tenantDomain); } else { if (log.isDebugEnabled()) { @@ -640,7 +640,7 @@ public void deleteIdP(String idPName, int tenantId, String tenantDomain) */ public void deleteIdPs(int tenantId) throws IdentityProviderManagementException { - idPMgtDAO.deleteIdPs(tenantId); + idPManagementFacade.deleteIdPs(tenantId); if (log.isDebugEnabled()) { log.debug(String.format("All Identity Providers of tenant:%d are deleted", tenantId)); } @@ -659,14 +659,14 @@ public void deleteIdPByResourceId(String resourceId, int tenantId, String tenant IdentityProvider identityProvider = this.getIdPByResourceId(resourceId, tenantId, tenantDomain); if (identityProvider != null) { String idPName = identityProvider.getIdentityProviderName(); - if (idPMgtDAO.isIdpReferredBySP(idPName, tenantId)) { + if (idPManagementFacade.isIdpReferredBySP(idPName, tenantId)) { String data = "Identity Provider '" + idPName + "' cannot be deleted as it is referred by Service " + "Providers."; throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage .ERROR_CODE_DELETE_IDP, data); } - idPMgtDAO.deleteIdPByResourceId(resourceId, tenantId, tenantDomain); + idPManagementFacade.deleteIdPByResourceId(resourceId, tenantId, tenantDomain); clearIdpCache(idPName, resourceId, tenantId, tenantDomain); } else { if (log.isDebugEnabled()) { @@ -686,7 +686,7 @@ public void forceDeleteIdP(String idPName, int tenantId, String tenantDomain) // Remove cache entries related to the force deleted idps. IdentityProvider identityProvider = this.getIdPByName(null, idPName, tenantId, tenantDomain); if (identityProvider != null) { - idPMgtDAO.forceDeleteIdP(idPName, tenantId, tenantDomain); + idPManagementFacade.forceDeleteIdP(idPName, tenantId, tenantDomain); clearIdpCache(idPName, tenantId, tenantDomain); } else { if (log.isDebugEnabled()) { @@ -712,7 +712,7 @@ public void forceDeleteIdPByResourceId(String resourceId, int tenantId, String t // Remove cache entries related to the force deleted idps. IdentityProvider identityProvider = this.getIdPByResourceId(resourceId, tenantId, tenantDomain); if (identityProvider != null) { - idPMgtDAO.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); + idPManagementFacade.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); clearIdpCache(identityProvider.getIdentityProviderName(), resourceId, tenantId, tenantDomain); } else { if (log.isDebugEnabled()) { @@ -844,7 +844,7 @@ public void deleteTenantRole(int tenantId, String role, String tenantDomain) } } - idPMgtDAO.deleteTenantRole(tenantId, role, tenantDomain); + idPManagementFacade.deleteTenantRole(tenantId, role, tenantDomain); } /** @@ -882,7 +882,7 @@ public void renameTenantRole(String newRoleName, String oldRoleName, int tenantI } } - idPMgtDAO.renameTenantRole(newRoleName, oldRoleName, tenantId, tenantDomain); + idPManagementFacade.renameTenantRole(newRoleName, oldRoleName, tenantId, tenantDomain); } /** @@ -917,7 +917,7 @@ public void deleteTenantClaimURI(int tenantId, String claimURI, String tenantDom } } - idPMgtDAO.deleteTenantRole(tenantId, claimURI, tenantDomain); + idPManagementFacade.deleteTenantRole(tenantId, claimURI, tenantDomain); } /** @@ -953,7 +953,7 @@ public void renameTenantClaimURI(String newClaimURI, String oldClaimURI, int ten } } - idPMgtDAO.renameTenantRole(newClaimURI, oldClaimURI, tenantId, tenantDomain); + idPManagementFacade.renameTenantRole(newClaimURI, oldClaimURI, tenantId, tenantDomain); } /** @@ -966,7 +966,7 @@ public boolean isIdPAvailableForAuthenticatorProperty(String authenticatorName, String idPEntityId, int tenantId) throws IdentityProviderManagementException { - return idPMgtDAO.isIdPAvailableForAuthenticatorProperty(authenticatorName, propertyName, idPEntityId, tenantId); + return idPManagementFacade.isIdPAvailableForAuthenticatorProperty(authenticatorName, propertyName, idPEntityId, tenantId); } /** @@ -981,14 +981,14 @@ public boolean isIdPAvailableForAuthenticatorProperty(String authenticatorName, public ConnectedAppsResult getConnectedApplications(String resourceId, int limit, int offset) throws IdentityProviderManagementException { - return idPMgtDAO.getConnectedApplications(resourceId, limit, offset); + return idPManagementFacade.getConnectedApplications(resourceId, limit, offset); } public ConnectedAppsResult getConnectedAppsOfLocalAuthenticator(String authenticatorId, int tenantId, Integer limit, Integer offset) throws IdentityProviderManagementException { - return idPMgtDAO.getConnectedAppsOfLocalAuthenticator(authenticatorId, tenantId, limit, offset); + return idPManagementFacade.getConnectedAppsOfLocalAuthenticator(authenticatorId, tenantId, limit, offset); } /** @@ -1022,7 +1022,7 @@ public String getIdPNameByMetadataProperty(Connection dbConnection, String prope } } - idPName = idPMgtDAO.getIdPNameByMetadataProperty(dbConnection, property, value, tenantId); + idPName = idPManagementFacade.getIdPNameByMetadataProperty(dbConnection, property, value, tenantId); if (idPName != null) { if (log.isDebugEnabled()) { log.debug("DB entry IDP name: " + idPName + " found for IDP metadata property name: " @@ -1062,7 +1062,7 @@ private String getIDPIssuerName(IdentityProvider identityProvider) { public Map getIdPNamesById(int tenantId, Set idpIds) throws IdentityProviderManagementException { - return idPMgtDAO.getIdPNamesById(tenantId, idpIds); + return idPManagementFacade.getIdPNamesById(tenantId, idpIds); } /** @@ -1076,7 +1076,7 @@ public Map getIdPNamesById(int tenantId, Set idpIds) public List getIdPGroupsByIds(List idpGroupIds, int tenantId) throws IdentityProviderManagementException { - return idPMgtDAO.getIdPGroupsByIds(idpGroupIds, tenantId); + return idPManagementFacade.getIdPGroupsByIds(idpGroupIds, tenantId); } /** @@ -1090,6 +1090,6 @@ public List getIdPGroupsByIds(List idpGroupIds, int tenantId) public List getAllUserDefinedFederatedAuthenticators(int tenantId) throws IdentityProviderManagementException { - return idPMgtDAO.getAllUserDefinedFederatedAuthenticators(tenantId); + return idPManagementFacade.getAllUserDefinedFederatedAuthenticators(tenantId); } } diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java new file mode 100644 index 000000000000..f5950eee86d5 --- /dev/null +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementFacade.java @@ -0,0 +1,428 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.idp.mgt.dao; + +import org.apache.commons.lang.StringUtils; +import org.wso2.carbon.identity.application.common.model.*; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants; +import org.wso2.carbon.identity.core.model.ExpressionNode; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.idp.mgt.AuthenticatorEndpointConfigServerException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; +import org.wso2.carbon.idp.mgt.IdentityProviderManagementServerException; +import org.wso2.carbon.idp.mgt.model.ConnectedAppsResult; +import org.wso2.carbon.idp.mgt.util.UserDefinedAuthenticatorEndpointConfigManager; + +import java.sql.Connection; +import java.sql.SQLException; +import java.util.List; +import java.util.Map; +import java.util.Set; + +public class IdPManagementFacade { + + private final IdPManagementDAO dao; + private final UserDefinedAuthenticatorEndpointConfigManager endpointConfigurationManager = + new UserDefinedAuthenticatorEndpointConfigManager(); + + public IdPManagementFacade(IdPManagementDAO dao) { + this.dao = dao; + } + + public List getIdPs(Connection dbConnection, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return dao.getIdPs(dbConnection, tenantId, tenantDomain); + } + + public List getIdPsSearch(int tenantId, List expressionConditions, + int limit, int offset, String sortOrder, String sortBy, + List requiredAttributes) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getIdPsSearch(tenantId, expressionConditions, limit, offset, sortOrder, sortBy, requiredAttributes); + } + + public List getIdPsSearch(int tenantId, List expressionConditions, + int limit, int offset, String sortOrder, String sortBy) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getIdPsSearch(tenantId, expressionConditions, limit, offset, sortOrder, + sortBy); + } + + public List getIdPsSearch(Connection dbConnection, int tenantId, String tenantDomain, + String filter) throws IdentityProviderManagementException { + + return dao.getIdPsSearch(dbConnection, tenantId, tenantDomain, filter); + } + + public List getTrustedTokenIssuerSearch(int tenantId, List expressionNode, + int limit, int offset, String sortOrder, String sortBy, List requiredAttributes) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getTrustedTokenIssuerSearch(tenantId, expressionNode, limit, offset, sortOrder, sortBy, + requiredAttributes); + } + + public int getCountOfFilteredTokenIssuers(int tenantId, List expressionConditions) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getCountOfFilteredTokenIssuers(tenantId, expressionConditions); + } + + public int getCountOfFilteredIdPs(int tenantId, List expressionConditions) + throws IdentityProviderManagementServerException, IdentityProviderManagementClientException { + + return dao.getCountOfFilteredIdPs(tenantId, expressionConditions); + } + + public PermissionsAndRoleConfig getPermissionsAndRoleConfiguration(Connection dbConnection, String idPName, + int idPId, int tenantId) + throws SQLException { + + return dao.getPermissionsAndRoleConfiguration(dbConnection, idPName, idPId, tenantId); + } + + public void addFederatedAuthenticatorConfigs(FederatedAuthenticatorConfig[] authnConfigs, Connection dbConnection, + int idpId, int tenantId) + throws IdentityProviderManagementException, SQLException { + + dao.addFederatedAuthenticatorConfigs(authnConfigs, dbConnection, idpId, tenantId); + } + + public IdPGroup[] getIdPGroupConfiguration(Connection dbConnection, int idPId) + throws SQLException { + + return dao.getIdPGroupConfiguration(dbConnection, idPId); + } + + public ProvisioningConnectorConfig[] getProvisioningConnectorConfigs(Connection dbConnection, + String idPName, int idPId, int tenantId) + throws IdentityProviderManagementException, SQLException { + + return dao.getProvisioningConnectorConfigs(dbConnection, idPName, idPId, tenantId); + } + + public IdentityProvider getIdPByName(Connection dbConnection, String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByName(dbConnection, idPName, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIDPbyId(Connection dbConnection, int idpId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIDPbyId(dbConnection, idpId, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIDPbyResourceId(Connection dbConnection, String resourceId, int tenantId, + String tenantDomain) throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIDPbyResourceId(dbConnection, resourceId, tenantId, tenantDomain), + tenantDomain); + } + + public String getIDPNameByResourceId(String resourceId) throws IdentityProviderManagementException { + + return dao.getIDPNameByResourceId(resourceId); + } + + public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, + String authenticator, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, + authenticator, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getIdPByAuthenticatorPropertyValue(Connection dbConnection, String property, String value, + int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByAuthenticatorPropertyValue(dbConnection, property, value, tenantId, + tenantDomain), tenantDomain); + } + + public IdentityProvider getIdPByRealmId(String realmId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getIdPByRealmId(realmId, tenantId, tenantDomain), tenantDomain); + } + + public IdentityProvider getEnabledIdPByRealmId(String realmId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + return populateEndpointConfig(dao.getEnabledIdPByRealmId(realmId, tenantId, tenantDomain), tenantDomain); + } + + public void addIdP(IdentityProvider identityProvider, int tenantId) throws IdentityProviderManagementException { + + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + addEndpointConfig(identityProvider, tenantDomain); + try { + dao.addIdP(identityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + deleteEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public String addIdPWithResourceId(IdentityProvider identityProvider, int tenantId) + throws IdentityProviderManagementException { + + String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId); + addEndpointConfig(identityProvider, tenantDomain); + try { + return dao.addIdPWithResourceId(identityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + deleteEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void updateIdP(IdentityProvider newIdentityProvider, IdentityProvider currentIdentityProvider, int tenantId) + throws IdentityProviderManagementException { + + updateEndpointConfig(newIdentityProvider, currentIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + try { + dao.updateIdP(newIdentityProvider, currentIdentityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + updateEndpointConfig(currentIdentityProvider, newIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + throw e; + } + } + + public void updateIdPWithResourceId(String resourceId, IdentityProvider newIdentityProvider, + IdentityProvider currentIdentityProvider, int tenantId) + throws IdentityProviderManagementException { + + updateEndpointConfig(newIdentityProvider, currentIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + try { + dao.updateIdPWithResourceId(resourceId, newIdentityProvider, currentIdentityProvider, tenantId); + } catch (IdentityProviderManagementException e) { + updateEndpointConfig(currentIdentityProvider, newIdentityProvider, + IdentityTenantUtil.getTenantDomain(tenantId)); + throw e; + } + } + + public boolean isIdpReferredBySP(String idPName, int tenantId) throws IdentityProviderManagementException { + + return dao.isIdpReferredBySP(idPName, tenantId); + } + + public void deleteIdP(String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIdPByName(null, idPName, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.deleteIdP(idPName, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void deleteIdPs(int tenantId) throws IdentityProviderManagementException { + + List idpList = getIdPs(null, tenantId, IdentityTenantUtil.getTenantDomain(tenantId)); + for (IdentityProvider idp : idpList) { + deleteEndpointConfig(idp, IdentityTenantUtil.getTenantDomain(tenantId)); + } + try { + dao.deleteIdPs(tenantId); + } catch (IdentityProviderManagementException e) { + for (IdentityProvider idp : idpList) { + addEndpointConfig(idp, IdentityTenantUtil.getTenantDomain(tenantId)); + } + throw e; + } + } + + public void deleteIdPByResourceId(String resourceId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.deleteIdPByResourceId(identityProvider.getResourceId(), tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void forceDeleteIdP(String idPName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIdPByName(null, idPName, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.forceDeleteIdP(idPName, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void forceDeleteIdPByResourceId(String resourceId, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + IdentityProvider identityProvider = getIDPbyResourceId(null, resourceId, tenantId, tenantDomain); + deleteEndpointConfig(identityProvider, tenantDomain); + try { + dao.forceDeleteIdPByResourceId(resourceId, tenantId, tenantDomain); + } catch (IdentityProviderManagementException e) { + addEndpointConfig(identityProvider, tenantDomain); + throw e; + } + } + + public void deleteTenantRole(int tenantId, String role, String tenantDomain) + throws IdentityProviderManagementException { + + dao.deleteTenantRole(tenantId, role, tenantDomain); + } + + public void renameTenantRole(String newRoleName, String oldRoleName, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + dao.renameTenantRole(newRoleName, oldRoleName, tenantId, tenantDomain); + } + + public void renameClaimURI(String newClaimURI, String oldClaimURI, int tenantId, String tenantDomain) + throws IdentityProviderManagementException { + + dao.renameClaimURI(newClaimURI, oldClaimURI, tenantId, tenantDomain); + } + + public boolean isIdPAvailableForAuthenticatorProperty(String authenticatorName, String propertyName, + String idPEntityId, int tenantId) + throws IdentityProviderManagementException { + + return dao.isIdPAvailableForAuthenticatorProperty(authenticatorName, propertyName, idPEntityId, tenantId); + } + + public ConnectedAppsResult getConnectedApplications(String resourceId, int limit, int offset) + throws IdentityProviderManagementException { + + return dao.getConnectedApplications(resourceId, limit, offset); + } + + public ConnectedAppsResult getConnectedAppsOfLocalAuthenticator(String authenticatorId, int tenantId, + Integer limit, Integer offset) + throws IdentityProviderManagementException { + + return dao.getConnectedAppsOfLocalAuthenticator(authenticatorId, tenantId, limit, offset); + } + + public String getIdPNameByMetadataProperty(Connection dbConnection, String property, String value, int tenantId) + throws IdentityProviderManagementException { + + return dao.getIdPNameByMetadataProperty(dbConnection, property, value, tenantId); + } + + public boolean isClaimReferredByAnyIdp(Connection dbConnection, String claimUri, int tenantId) + throws IdentityProviderManagementException { + + return dao.isClaimReferredByAnyIdp(dbConnection, claimUri, tenantId); + } + + public Map getIdPNamesById(int tenantId, Set idpIds) + throws IdentityProviderManagementException { + + return dao.getIdPNamesById(tenantId, idpIds); + } + + public List getIdPGroupsByIds(List idpGroupIds, int tenantId) + throws IdentityProviderManagementException { + + return dao.getIdPGroupsByIds(idpGroupIds, tenantId); + } + + public List getAllUserDefinedFederatedAuthenticators(int tenantId) + throws IdentityProviderManagementException { + + List configList = dao.getAllUserDefinedFederatedAuthenticators(tenantId); + for (FederatedAuthenticatorConfig config : configList) { + endpointConfigurationManager.resolveEndpointConfig(config, IdentityTenantUtil.getTenantDomain(tenantId)); + } + return configList; + } + + private IdentityProvider populateEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return identityProvider; + } + endpointConfigurationManager.resolveEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + return identityProvider; + } + + private void addEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + endpointConfigurationManager.addEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } + + private void updateEndpointConfig(IdentityProvider newIdentityProvider, IdentityProvider oldIdentityProvider, + String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (newIdentityProvider == null || newIdentityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + FederatedAuthenticatorConfig newFederatedAuth = newIdentityProvider.getFederatedAuthenticatorConfigs()[0]; + FederatedAuthenticatorConfig oldFederatedAuth = oldIdentityProvider.getFederatedAuthenticatorConfigs()[0]; + if (newFederatedAuth.getDefinedByType() == AuthenticatorPropertyConstants.DefinedByType.SYSTEM) { + return; + } + + if (StringUtils.equals(newFederatedAuth.getName(), oldFederatedAuth.getName())) { + endpointConfigurationManager.updateEndpointConfig(newIdentityProvider.getFederatedAuthenticatorConfigs()[0], + oldIdentityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } + endpointConfigurationManager.deleteEndpointConfig(oldFederatedAuth, tenantDomain); + endpointConfigurationManager.addEndpointConfig(newFederatedAuth, tenantDomain); + } + + private void deleteEndpointConfig(IdentityProvider identityProvider, String tenantDomain) + throws AuthenticatorEndpointConfigServerException { + + if (identityProvider == null || identityProvider.getFederatedAuthenticatorConfigs().length != 1) { + return; + } + endpointConfigurationManager.deleteEndpointConfig(identityProvider.getFederatedAuthenticatorConfigs()[0], + tenantDomain); + } +} + diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java index 302527d8a444..1201645f5918 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java @@ -83,14 +83,19 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertThrows; + import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.doNothing; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mockStatic; +import static org.mockito.Mockito.times; import static org.mockito.Mockito.when; +import static org.mockito.Mockito.verify; +import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertNull; import static org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_ID; @@ -109,7 +114,12 @@ public class IdentityProviderManagementServiceTest { MetadataConverter mockMetadataConverter; private IdentityProviderManagementService identityProviderManagementService; + private CacheBackedIdPMgtDAO dao; + private CacheBackedIdPMgtDAO daoForException; + private Field field; + private IdentityProviderManager identityProviderManager; private MockedStatic cryptoUtil; + private ActionManagementService actionManagementService; private static final String ASSOCIATED_ACTION_ID = "Dummp_Action_ID"; private static final String CUSTOM_IDP_NAME = "customIdP"; @@ -133,10 +143,10 @@ public void setUpClass() throws Exception { CryptoUtil mockCryptoUtil = mock(CryptoUtil.class); cryptoUtil.when(CryptoUtil::getDefaultCryptoUtil).thenReturn(mockCryptoUtil); - CacheBackedIdPMgtDAO dao = new CacheBackedIdPMgtDAO(new IdPManagementDAO()); - IdentityProviderManager identityProviderManager = mock(IdentityProviderManager.class); + dao = new CacheBackedIdPMgtDAO(new IdPManagementDAO()); + identityProviderManager = mock(IdentityProviderManager.class); identityProviderManagementService = new IdentityProviderManagementService(); - Field field = IdentityProviderManager.class.getDeclaredField("dao"); + field = IdentityProviderManager.class.getDeclaredField("dao"); field.setAccessible(true); field.set(identityProviderManager, dao); @@ -158,11 +168,12 @@ public void tearDownClass() { @BeforeMethod public void setUp() throws Exception { + field.set(identityProviderManager, dao); mockMetadataConverter = mock(MetadataConverter.class); List metadataConverterList = Arrays.asList(mockMetadataConverter); IdpMgtServiceComponentHolder.getInstance().setMetadataConverters(metadataConverterList); - ActionManagementService actionManagementService = mock(ActionManagementService.class); + actionManagementService = mock(ActionManagementService.class); IdpMgtServiceComponentHolder.getInstance().setActionManagementService(actionManagementService); when(actionManagementService.addAction(anyString(), any(), any())).thenReturn(action); when(actionManagementService.updateAction(anyString(), any(), any(), any())).thenReturn(action); @@ -173,6 +184,7 @@ public void setUp() throws Exception { @AfterMethod public void tearDown() throws Exception { + field.set(identityProviderManager, dao); // Clear Database after every test. removeTestIdps(); } @@ -1130,6 +1142,61 @@ public void testGetResidentIDPMetadataException() throws Exception { identityProviderManagementService.getResidentIDPMetadata()); } + @Test + public void testAddIdPDAOException() throws Exception { + + IdPManagementDAO daoForError = mock(IdPManagementDAO.class); + doThrow(IdentityProviderManagementServerException.class).when(daoForError) + .addIdPWithResourceId(any(), anyInt()); + daoForException = new CacheBackedIdPMgtDAO(daoForError); + field.set(identityProviderManager, daoForException); + + assertThrows(IdentityProviderManagementServerException.class, () -> + identityProviderManagementService.addIdP(userDefinedIdP)); + + // check ActionManagementService actionManagementService.deleteAction() is called. + verify(actionManagementService, times(1)).deleteAction(anyString(), any(), any()); + } + + @Test + public void testUpdateIdPDAOException() throws Exception { + + identityProviderManagementService.addIdP(userDefinedIdP); + IdPManagementDAO daoForError = mock(IdPManagementDAO.class); + doThrow(IdentityProviderManagementServerException.class).when(daoForError).updateIdPWithResourceId(anyString(), + any(), any(), anyInt()); + when(daoForError.getIdPByName(any(), anyString(), anyInt(), anyString())).thenReturn(userDefinedIdP); + daoForException = new CacheBackedIdPMgtDAO(daoForError); + field.set(identityProviderManager, daoForException); + + assertThrows(IdentityProviderManagementServerException.class, () -> + identityProviderManagementService.updateIdP(userDefinedIdP.getIdentityProviderName(), userDefinedIdP)); + + // check ActionManagementService actionManagementService.deleteAction() is called. + verify(actionManagementService, times(2)).updateAction(anyString(), anyString(), + any(), anyString()); + } + + @Test + public void testDeleteIdPDAOException() throws Exception { + + identityProviderManagementService.addIdP(userDefinedIdP); + IdPManagementDAO daoForError = mock(IdPManagementDAO.class); + doThrow(IdentityProviderManagementException.class).when(daoForError) + .deleteIdPByResourceId(anyString(), anyInt(), anyString()); + when(daoForError.getIdPByName(any(), anyString(), anyInt(), anyString())).thenReturn(userDefinedIdP); + when(daoForError.getIDPbyResourceId(any(), anyString(), anyInt(), anyString())).thenReturn(userDefinedIdP); + daoForException = new CacheBackedIdPMgtDAO(daoForError); + field.set(identityProviderManager, daoForException); + + assertThrows(IdentityProviderManagementException.class, () -> + identityProviderManagementService.deleteIdP(userDefinedIdP.getIdentityProviderName())); + + /* check ActionManagementService actionManagementService.deleteAction() is called. Two time, when creating idp + and rollback when idp deletion. */ + verify(actionManagementService, times(2)).addAction(anyString(), any(), anyString()); + } + private void addTestIdps() throws IdentityProviderManagementException { // Initialize Test Identity Provider 1. @@ -1404,13 +1471,13 @@ private void assertIdPResult(IdentityProvider idpResult) { for (FederatedAuthenticatorConfig config : idpResult.getFederatedAuthenticatorConfigs()) { if (config instanceof UserDefinedFederatedAuthenticatorConfig) { - assertEquals(DefinedByType.USER, config.getDefinedByType()); + Assert.assertEquals(DefinedByType.USER, config.getDefinedByType()); Property[] prop = idpResult.getFederatedAuthenticatorConfigs()[0].getProperties(); assertEquals(1, prop.length); assertEquals("actionId", prop[0].getName()); assertEquals(ASSOCIATED_ACTION_ID, prop[0].getValue()); } else { - assertEquals(DefinedByType.SYSTEM, config.getDefinedByType()); + Assert.assertEquals(DefinedByType.SYSTEM, config.getDefinedByType()); } } } diff --git a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java index a020b4b9d327..07656accef06 100644 --- a/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java +++ b/components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java @@ -30,9 +30,6 @@ import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.core.util.CryptoUtil; -import org.wso2.carbon.identity.action.management.ActionManagementService; -import org.wso2.carbon.identity.action.management.exception.ActionMgtException; -import org.wso2.carbon.identity.action.management.model.Action; import org.wso2.carbon.identity.action.management.model.Authentication; import org.wso2.carbon.identity.action.management.model.EndpointConfig; import org.wso2.carbon.identity.application.common.model.Claim; @@ -83,8 +80,14 @@ import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyString; -import static org.mockito.Mockito.*; -import static org.testng.Assert.*; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.mockStatic; +import static org.mockito.Mockito.when; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertNotEquals; +import static org.testng.Assert.assertNull; +import static org.testng.Assert.assertThrows; import static org.wso2.carbon.idp.mgt.util.IdPManagementConstants.RESET_PROVISIONING_ENTITIES_ON_CONFIG_UPDATE; /** @@ -105,7 +108,6 @@ public class IdPManagementDAOTest { private static final String ASSOCIATED_ACTION_ID = "Dummp_Action_ID"; private static final String CUSTOM_IDP_NAME = "customIdP"; - private static Action action; private static EndpointConfig endpointConfig; private static EndpointConfig endpointConfigToBeUpdated; private IdentityProvider idpForErrorScenarios; @@ -174,10 +176,9 @@ public void setUp() throws Exception { endpointConfig = createEndpointConfig("http://localhost", "admin", "admin"); endpointConfigToBeUpdated = createEndpointConfig("http://localhost1", "admin1", "admin1"); - action = createAction(endpointConfig); - userDefinedIdP = createIdPWithUserDefinedFederatedAuthenticatorConfig(CUSTOM_IDP_NAME, action.getEndpoint()); + userDefinedIdP = createIdPWithUserDefinedFederatedAuthenticatorConfig(CUSTOM_IDP_NAME, endpointConfig); idpForErrorScenarios = createIdPWithUserDefinedFederatedAuthenticatorConfig( - CUSTOM_IDP_NAME + "Error", action.getEndpoint()); + CUSTOM_IDP_NAME + "Error", endpointConfig); } @AfterClass @@ -202,13 +203,6 @@ public void setup() throws Exception { initiateH2Database(DB_NAME, getFilePath("h2.sql")); identityTenantUtil = mockStatic(IdentityTenantUtil.class); identityTenantUtil.when(() -> IdentityTenantUtil.getTenantDomain(anyInt())).thenReturn(TENANT_DOMAIN); - - ActionManagementService actionManagementService = mock(ActionManagementService.class); - IdpMgtServiceComponentHolder.getInstance().setActionManagementService(actionManagementService); - when(actionManagementService.addAction(anyString(), any(), any())).thenReturn(action); - when(actionManagementService.updateAction(anyString(), any(), any(), any())).thenReturn(action); - when(actionManagementService.getActionByActionId(anyString(), any(), any())).thenReturn(action); - doNothing().when(actionManagementService).deleteAction(anyString(), any(), any()); } @AfterMethod @@ -1321,6 +1315,12 @@ public Object[][] updateIdPData() { CUSTOM_IDP_NAME + "new", createEndpointConfig("http://localhostnew1", "adminnew1", "adminnew1")); return new Object[][]{ + // Update PermissionsAndRoleConfig,FederatedAuthenticatorConfig,ProvisioningConnectorConfig,ClaimConfig. + {idp1, idp1New, SAMPLE_TENANT_ID}, + // Update name, LocalClaimDialect, ClaimConfig. + {idp2, idp2New, SAMPLE_TENANT_ID}, + // Update name. + {idp3, idp3New, SAMPLE_TENANT_ID2}, // IDP with User Defined Federated Authenticator. {userDefinedIdP, userDefinedIdPToBeUpdated, SAMPLE_TENANT_ID2}, }; @@ -2081,18 +2081,6 @@ private int getIdPCount(Connection connection, String idpName, int tenantId) thr return resultSize; } - private Action createAction(EndpointConfig endpointConfig) { - - Action.ActionResponseBuilder actionResponseBuilder = new Action.ActionResponseBuilder(); - actionResponseBuilder.id(ASSOCIATED_ACTION_ID); - actionResponseBuilder.name("SampleAssociatedAction"); - actionResponseBuilder.type(Action.ActionTypes.AUTHENTICATION); - actionResponseBuilder.description("SampleDescription"); - actionResponseBuilder.status(Action.Status.ACTIVE); - actionResponseBuilder.endpoint(endpointConfig); - return actionResponseBuilder.build(); - } - private EndpointConfig createEndpointConfig(String uri, String username, String password) { EndpointConfig.EndpointConfigBuilder endpointConfigBuilder = new EndpointConfig.EndpointConfigBuilder(); diff --git a/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java b/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java index c446246c35f1..bcc54d4b5dad 100644 --- a/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java +++ b/components/provisioning/org.wso2.carbon.identity.provisioning/src/test/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningTest.java @@ -57,6 +57,8 @@ import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService; import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException; import org.wso2.carbon.identity.role.v2.mgt.core.model.RoleBasicInfo; +import org.wso2.carbon.identity.secret.mgt.core.SecretManagerImpl; +import org.wso2.carbon.identity.secret.mgt.core.model.SecretType; import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; import org.wso2.carbon.idp.mgt.IdentityProviderManager; import org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO; @@ -84,6 +86,7 @@ import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; @@ -131,6 +134,13 @@ public class OutboundProvisioningTest { @BeforeClass public void setUpClass() throws Exception { + SecretManagerImpl secretManager = mock(SecretManagerImpl.class); + SecretType secretType = mock(SecretType.class); + IdpMgtServiceComponentHolder.getInstance().setSecretManager(secretManager); + when(secretType.getId()).thenReturn("secretId"); + doReturn(secretType).when(secretManager).getSecretType(any()); + when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(false); + IdPSecretsProcessor idpSecretsProcessor = mock(IdPSecretsProcessor.class); when(idpSecretsProcessor.decryptAssociatedSecrets(any())).thenAnswer( invocation -> invocation.getArguments()[0]);