diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java
index 99673b78af..c5ca56e28f 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java
@@ -202,6 +202,9 @@ public enum ErrorMessage {
"Server encountered an error while retrieving the identity provider JIT config for identifier %s."),
ERROR_CODE_ERROR_RETRIEVING_IDP_GROUPS("65033", "Unable to retrieve identity provider group config.",
"Server encountered an error while retrieving the identity provider group config for identifier %s."),
+ ERROR_CODE_ERROR_RETRIEVING_IDP_ASSOCIATION("65034", "Unable to retrieve identity provider federated " +
+ "association config.", "Server encountered an error while retrieving the identity provider " +
+ "federated association config for identifier %s."),
ERROR_CODE_ERROR_RETRIEVING_IDP_CONNECTED_APPS("65042",
"Unable to retrieve identity provider connected applications.",
"Server encountered an error while retrieving the identity provider connected applications %s."),
@@ -244,6 +247,9 @@ public enum ErrorMessage {
"Unable to update identity provider groups.",
"Server encountered an error while updating the identity provider " +
"group config for identifier %s."),
+ ERROR_CODE_ERROR_UPDATING_IDP_ASSOCIATION("65037", "Unable to update identity provider federated " +
+ "association config.", "Server encountered an error while updating the identity provider " +
+ "federated association config for identifier %s."),
ERROR_CODE_ERROR_LISTING_IDP_TEMPLATES("65050", "Unable to list existing identity provider " +
"templates.", "Error occured while listing identity provider templates."),
ERROR_CODE_ERROR_ADDING_IDP_TEMPLATE("65051", "Unable to add IDP template.",
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApi.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApi.java
index 9da827812c..1c004ca914 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApi.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApi.java
@@ -1,18 +1,20 @@
/*
-* Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
package org.wso2.carbon.identity.api.server.idp.v1;
@@ -23,6 +25,8 @@
import java.io.InputStream;
import java.util.List;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationRequest;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationResponse;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
import org.wso2.carbon.identity.api.server.idp.v1.model.ConnectedApps;
import org.wso2.carbon.identity.api.server.idp.v1.model.Error;
@@ -235,6 +239,30 @@ public Response getConnectedApps(@ApiParam(value = "ID of the identity provider.
return delegate.getConnectedApps(identityProviderId, limit, offset );
}
+ @Valid
+ @GET
+ @Path("/{identity-provider-id}/implicit-association")
+
+ @Produces({ "application/json" })
+ @ApiOperation(value = "Federated association config of an identity provider ", notes = "This API provides the federated association config of an identity provider.
Permission required:
* /permission/admin/manage/identity/idpmgt/view
Scope required:
* internal_idp_view ", response = AssociationResponse.class, authorizations = {
+ @Authorization(value = "BasicAuth"),
+ @Authorization(value = "OAuth2", scopes = {
+
+ })
+ }, tags={ "Association", })
+ @ApiResponses(value = {
+ @ApiResponse(code = 200, message = "Successful response", response = AssociationResponse.class),
+ @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+ @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+ @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+ @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+ @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+ })
+ public Response getFederatedAssociationConfig(@ApiParam(value = "ID of the identity provider.",required=true) @PathParam("identity-provider-id") String identityProviderId) {
+
+ return delegate.getFederatedAssociationConfig(identityProviderId );
+ }
+
@Valid
@GET
@Path("/{identity-provider-id}/federated-authenticators/{federated-authenticator-id}")
@@ -694,6 +722,30 @@ public Response updateClaimConfig(@ApiParam(value = "ID of the identity provider
return delegate.updateClaimConfig(identityProviderId, claims );
}
+ @Valid
+ @PUT
+ @Path("/{identity-provider-id}/implicit-association")
+ @Consumes({ "application/json" })
+ @Produces({ "application/json" })
+ @ApiOperation(value = "Update the federated association config of an identity provider ", notes = "This API provides the capability to update the federated association config of an identity provider by specifying the identity provider ID.
Permission required:
* /permission/admin/manage/identity/idpmgt/update
Scope required:
* internal_idp_update ", response = AssociationResponse.class, authorizations = {
+ @Authorization(value = "BasicAuth"),
+ @Authorization(value = "OAuth2", scopes = {
+
+ })
+ }, tags={ "Association", })
+ @ApiResponses(value = {
+ @ApiResponse(code = 200, message = "Successful response", response = AssociationResponse.class),
+ @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+ @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+ @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+ @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+ @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+ })
+ public Response updateFederatedAssociationConfig(@ApiParam(value = "ID of the identity provider.",required=true) @PathParam("identity-provider-id") String identityProviderId, @ApiParam(value = "This represents the federated association config to be updated." ,required=true) @Valid AssociationRequest associationRequest) {
+
+ return delegate.updateFederatedAssociationConfig(identityProviderId, associationRequest );
+ }
+
@Valid
@PUT
@Path("/{identity-provider-id}/federated-authenticators/{federated-authenticator-id}")
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApiService.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApiService.java
index b8f333f479..85c9061b10 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApiService.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/IdentityProvidersApiService.java
@@ -1,18 +1,20 @@
/*
-* Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
package org.wso2.carbon.identity.api.server.idp.v1;
@@ -23,6 +25,8 @@
import org.apache.cxf.jaxrs.ext.multipart.Multipart;
import java.io.InputStream;
import java.util.List;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationRequest;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationResponse;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
import org.wso2.carbon.identity.api.server.idp.v1.model.ConnectedApps;
import org.wso2.carbon.identity.api.server.idp.v1.model.Error;
@@ -68,6 +72,8 @@ public interface IdentityProvidersApiService {
public Response getConnectedApps(String identityProviderId, Integer limit, Integer offset);
+ public Response getFederatedAssociationConfig(String identityProviderId);
+
public Response getFederatedAuthenticator(String identityProviderId, String federatedAuthenticatorId);
public Response getFederatedAuthenticators(String identityProviderId);
@@ -106,6 +112,8 @@ public interface IdentityProvidersApiService {
public Response updateClaimConfig(String identityProviderId, Claims claims);
+ public Response updateFederatedAssociationConfig(String identityProviderId, AssociationRequest associationRequest);
+
public Response updateFederatedAuthenticator(String identityProviderId, String federatedAuthenticatorId, FederatedAuthenticatorPUTRequest federatedAuthenticatorPUTRequest);
public Response updateFederatedAuthenticators(String identityProviderId, FederatedAuthenticatorRequest federatedAuthenticatorRequest);
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationRequest.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationRequest.java
new file mode 100644
index 0000000000..fa6afcf9ae
--- /dev/null
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationRequest.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.idp.v1.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.ArrayList;
+import java.util.List;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class AssociationRequest {
+
+ private Boolean isEnabled;
+ private List lookupAttribute = null;
+
+
+ /**
+ **/
+ public AssociationRequest isEnabled(Boolean isEnabled) {
+
+ this.isEnabled = isEnabled;
+ return this;
+ }
+
+ @ApiModelProperty(example = "false", value = "")
+ @JsonProperty("isEnabled")
+ @Valid
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled;
+ }
+
+ /**
+ **/
+ public AssociationRequest lookupAttribute(List lookupAttribute) {
+
+ this.lookupAttribute = lookupAttribute;
+ return this;
+ }
+
+ @ApiModelProperty(example = "[\"email\"]", value = "")
+ @JsonProperty("lookupAttribute")
+ @Valid
+ public List getLookupAttribute() {
+ return lookupAttribute;
+ }
+ public void setLookupAttribute(List lookupAttribute) {
+ this.lookupAttribute = lookupAttribute;
+ }
+
+ public AssociationRequest addLookupAttributeItem(String lookupAttributeItem) {
+ if (this.lookupAttribute == null) {
+ this.lookupAttribute = new ArrayList<>();
+ }
+ this.lookupAttribute.add(lookupAttributeItem);
+ return this;
+ }
+
+
+
+ @Override
+ public boolean equals(java.lang.Object o) {
+
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+ AssociationRequest associationRequest = (AssociationRequest) o;
+ return Objects.equals(this.isEnabled, associationRequest.isEnabled) &&
+ Objects.equals(this.lookupAttribute, associationRequest.lookupAttribute);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(isEnabled, lookupAttribute);
+ }
+
+ @Override
+ public String toString() {
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("class AssociationRequest {\n");
+
+ sb.append(" isEnabled: ").append(toIndentedString(isEnabled)).append("\n");
+ sb.append(" lookupAttribute: ").append(toIndentedString(lookupAttribute)).append("\n");
+ sb.append("}");
+ return sb.toString();
+ }
+
+ /**
+ * Convert the given object to string with each line indented by 4 spaces
+ * (except the first line).
+ */
+ private String toIndentedString(java.lang.Object o) {
+
+ if (o == null) {
+ return "null";
+ }
+ return o.toString().replace("\n", "\n");
+ }
+}
+
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationResponse.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationResponse.java
new file mode 100644
index 0000000000..f0fd8849d1
--- /dev/null
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/AssociationResponse.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.idp.v1.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.ArrayList;
+import java.util.List;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class AssociationResponse {
+
+ private Boolean isEnabled;
+ private List lookupAttribute = null;
+
+
+ /**
+ **/
+ public AssociationResponse isEnabled(Boolean isEnabled) {
+
+ this.isEnabled = isEnabled;
+ return this;
+ }
+
+ @ApiModelProperty(example = "false", value = "")
+ @JsonProperty("isEnabled")
+ @Valid
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled;
+ }
+
+ /**
+ **/
+ public AssociationResponse lookupAttribute(List lookupAttribute) {
+
+ this.lookupAttribute = lookupAttribute;
+ return this;
+ }
+
+ @ApiModelProperty(example = "[\"email\"]", value = "")
+ @JsonProperty("lookupAttribute")
+ @Valid
+ public List getLookupAttribute() {
+ return lookupAttribute;
+ }
+ public void setLookupAttribute(List lookupAttribute) {
+ this.lookupAttribute = lookupAttribute;
+ }
+
+ public AssociationResponse addLookupAttributeItem(String lookupAttributeItem) {
+ if (this.lookupAttribute == null) {
+ this.lookupAttribute = new ArrayList<>();
+ }
+ this.lookupAttribute.add(lookupAttributeItem);
+ return this;
+ }
+
+
+
+ @Override
+ public boolean equals(java.lang.Object o) {
+
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+ AssociationResponse associationResponse = (AssociationResponse) o;
+ return Objects.equals(this.isEnabled, associationResponse.isEnabled) &&
+ Objects.equals(this.lookupAttribute, associationResponse.lookupAttribute);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(isEnabled, lookupAttribute);
+ }
+
+ @Override
+ public String toString() {
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("class AssociationResponse {\n");
+
+ sb.append(" isEnabled: ").append(toIndentedString(isEnabled)).append("\n");
+ sb.append(" lookupAttribute: ").append(toIndentedString(lookupAttribute)).append("\n");
+ sb.append("}");
+ return sb.toString();
+ }
+
+ /**
+ * Convert the given object to string with each line indented by 4 spaces
+ * (except the first line).
+ */
+ private String toIndentedString(java.lang.Object o) {
+
+ if (o == null) {
+ return "null";
+ }
+ return o.toString().replace("\n", "\n");
+ }
+}
+
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderPOSTRequest.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderPOSTRequest.java
index 69e96174d1..27d59d3cd1 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderPOSTRequest.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderPOSTRequest.java
@@ -24,6 +24,7 @@
import io.swagger.annotations.ApiModelProperty;
import java.util.ArrayList;
import java.util.List;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationRequest;
import org.wso2.carbon.identity.api.server.idp.v1.model.Certificate;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
import org.wso2.carbon.identity.api.server.idp.v1.model.FederatedAuthenticatorRequest;
@@ -56,6 +57,7 @@ public class IdentityProviderPOSTRequest {
private FederatedAuthenticatorRequest federatedAuthenticators;
private ProvisioningRequest provisioning;
+ private AssociationRequest implicitAssociation;
/**
**/
@@ -338,6 +340,24 @@ public void setProvisioning(ProvisioningRequest provisioning) {
this.provisioning = provisioning;
}
+ /**
+ **/
+ public IdentityProviderPOSTRequest implicitAssociation(AssociationRequest implicitAssociation) {
+
+ this.implicitAssociation = implicitAssociation;
+ return this;
+ }
+
+ @ApiModelProperty(value = "")
+ @JsonProperty("implicitAssociation")
+ @Valid
+ public AssociationRequest getImplicitAssociation() {
+ return implicitAssociation;
+ }
+ public void setImplicitAssociation(AssociationRequest implicitAssociation) {
+ this.implicitAssociation = implicitAssociation;
+ }
+
@Override
@@ -364,12 +384,13 @@ public boolean equals(java.lang.Object o) {
Objects.equals(this.roles, identityProviderPOSTRequest.roles) &&
Objects.equals(this.groups, identityProviderPOSTRequest.groups) &&
Objects.equals(this.federatedAuthenticators, identityProviderPOSTRequest.federatedAuthenticators) &&
- Objects.equals(this.provisioning, identityProviderPOSTRequest.provisioning);
+ Objects.equals(this.provisioning, identityProviderPOSTRequest.provisioning) &&
+ Objects.equals(this.implicitAssociation, identityProviderPOSTRequest.implicitAssociation);
}
@Override
public int hashCode() {
- return Objects.hash(name, description, image, templateId, isPrimary, isFederationHub, homeRealmIdentifier, certificate, alias, idpIssuerName, claims, roles, groups, federatedAuthenticators, provisioning);
+ return Objects.hash(name, description, image, templateId, isPrimary, isFederationHub, homeRealmIdentifier, certificate, alias, idpIssuerName, claims, roles, groups, federatedAuthenticators, provisioning, implicitAssociation);
}
@Override
@@ -393,6 +414,7 @@ public String toString() {
sb.append(" groups: ").append(toIndentedString(groups)).append("\n");
sb.append(" federatedAuthenticators: ").append(toIndentedString(federatedAuthenticators)).append("\n");
sb.append(" provisioning: ").append(toIndentedString(provisioning)).append("\n");
+ sb.append(" implicitAssociation: ").append(toIndentedString(implicitAssociation)).append("\n");
sb.append("}");
return sb.toString();
}
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderResponse.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderResponse.java
index 14e080f9e1..21930c295d 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderResponse.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/gen/java/org/wso2/carbon/identity/api/server/idp/v1/model/IdentityProviderResponse.java
@@ -24,6 +24,7 @@
import io.swagger.annotations.ApiModelProperty;
import java.util.ArrayList;
import java.util.List;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationResponse;
import org.wso2.carbon.identity.api.server.idp.v1.model.Certificate;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
import org.wso2.carbon.identity.api.server.idp.v1.model.FederatedAuthenticatorListResponse;
@@ -58,6 +59,7 @@ public class IdentityProviderResponse {
private FederatedAuthenticatorListResponse federatedAuthenticators;
private ProvisioningResponse provisioning;
+ private AssociationResponse implicitAssociation;
/**
**/
@@ -374,6 +376,24 @@ public void setProvisioning(ProvisioningResponse provisioning) {
this.provisioning = provisioning;
}
+ /**
+ **/
+ public IdentityProviderResponse implicitAssociation(AssociationResponse implicitAssociation) {
+
+ this.implicitAssociation = implicitAssociation;
+ return this;
+ }
+
+ @ApiModelProperty(value = "")
+ @JsonProperty("implicitAssociation")
+ @Valid
+ public AssociationResponse getImplicitAssociation() {
+ return implicitAssociation;
+ }
+ public void setImplicitAssociation(AssociationResponse implicitAssociation) {
+ this.implicitAssociation = implicitAssociation;
+ }
+
@Override
@@ -402,12 +422,13 @@ public boolean equals(java.lang.Object o) {
Objects.equals(this.roles, identityProviderResponse.roles) &&
Objects.equals(this.groups, identityProviderResponse.groups) &&
Objects.equals(this.federatedAuthenticators, identityProviderResponse.federatedAuthenticators) &&
- Objects.equals(this.provisioning, identityProviderResponse.provisioning);
+ Objects.equals(this.provisioning, identityProviderResponse.provisioning) &&
+ Objects.equals(this.implicitAssociation, identityProviderResponse.implicitAssociation);
}
@Override
public int hashCode() {
- return Objects.hash(id, name, description, templateId, isEnabled, isPrimary, image, isFederationHub, homeRealmIdentifier, certificate, alias, idpIssuerName, claims, roles, groups, federatedAuthenticators, provisioning);
+ return Objects.hash(id, name, description, templateId, isEnabled, isPrimary, image, isFederationHub, homeRealmIdentifier, certificate, alias, idpIssuerName, claims, roles, groups, federatedAuthenticators, provisioning, implicitAssociation);
}
@Override
@@ -433,6 +454,7 @@ public String toString() {
sb.append(" groups: ").append(toIndentedString(groups)).append("\n");
sb.append(" federatedAuthenticators: ").append(toIndentedString(federatedAuthenticators)).append("\n");
sb.append(" provisioning: ").append(toIndentedString(provisioning)).append("\n");
+ sb.append(" implicitAssociation: ").append(toIndentedString(implicitAssociation)).append("\n");
sb.append("}");
return sb.toString();
}
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java
index 6d3fcb5fb2..cc198d5828 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java
@@ -41,6 +41,8 @@
import org.wso2.carbon.identity.api.server.common.error.ErrorResponse;
import org.wso2.carbon.identity.api.server.idp.common.Constants;
import org.wso2.carbon.identity.api.server.idp.common.IdentityProviderServiceHolder;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationRequest;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationResponse;
import org.wso2.carbon.identity.api.server.idp.v1.model.Certificate;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claim;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
@@ -80,6 +82,7 @@
import org.wso2.carbon.identity.application.common.model.CertificateInfo;
import org.wso2.carbon.identity.application.common.model.ClaimConfig;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
+import org.wso2.carbon.identity.application.common.model.FederatedAssociationConfig;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.IdentityProviderProperty;
@@ -1075,6 +1078,47 @@ public ProvisioningResponse getProvisioningConfig(String idpId) {
}
}
+ public AssociationResponse getFederatedAssociationConfig(String idpId) {
+
+ try {
+ IdentityProvider identityProvider =
+ IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(idpId, ContextLoader
+ .getTenantDomainFromContext(), true);
+ if (identityProvider == null) {
+ throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
+ idpId);
+ }
+
+ return createAssociationResponse(identityProvider);
+ } catch (IdentityProviderManagementException e) {
+ throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_IDP_ASSOCIATION, idpId);
+ }
+ }
+
+ public AssociationResponse updateFederatedAssociationConfig(String idpId, AssociationRequest associationRequest) {
+
+ try {
+ IdentityProvider idP =
+ IdentityProviderServiceHolder.getIdentityProviderManager().getIdPByResourceId(idpId, ContextLoader
+ .getTenantDomainFromContext(), true);
+
+ if (idP == null) {
+ throw handleException(Response.Status.NOT_FOUND, Constants.ErrorMessage.ERROR_CODE_IDP_NOT_FOUND,
+ idpId);
+ }
+
+ updateFederatedAssociation(idP, associationRequest);
+
+ IdentityProvider updatedIdP =
+ IdentityProviderServiceHolder.getIdentityProviderManager().updateIdPByResourceId(idpId,
+ idP, ContextLoader.getTenantDomainFromContext());
+
+ return createAssociationResponse(updatedIdP);
+ } catch (IdentityProviderManagementException e) {
+ throw handleIdPException(e, Constants.ErrorMessage.ERROR_CODE_ERROR_UPDATING_IDP_ASSOCIATION, idpId);
+ }
+ }
+
/**
* Get Just-In-Time Provisioning configuration.
*
@@ -1859,6 +1903,24 @@ private void updateJIT(IdentityProvider identityProvider, JustInTimeProvisioning
}
}
+ private void updateFederatedAssociation(IdentityProvider identityProvider, AssociationRequest associationRequest) {
+
+ if (associationRequest != null) {
+
+ if (associationRequest.getIsEnabled() == null ||
+ associationRequest.getLookupAttribute().isEmpty()) {
+ throw handleException(Response.Status.BAD_REQUEST,
+ Constants.ErrorMessage.ERROR_CODE_INVALID_INPUT,
+ "Provided request body content is not in the expected format.");
+ }
+
+ FederatedAssociationConfig associationConfig = new FederatedAssociationConfig();
+ associationConfig.setEnabled(associationRequest.getIsEnabled());
+ associationConfig.setLookupAttributes(associationRequest.getLookupAttribute().toArray(new String[0]));
+ identityProvider.setFederatedAssociationConfig(associationConfig);
+ }
+ }
+
private void updateClaims(IdentityProvider idp, Claims claims) {
if (claims != null) {
@@ -2045,6 +2107,10 @@ private IdentityProvider createIDP(IdentityProviderPOSTRequest identityProviderP
updateOutboundConnectorConfig(idp, identityProviderPOSTRequest.getProvisioning().getOutboundConnectors());
updateJIT(idp, identityProviderPOSTRequest.getProvisioning().getJit());
}
+
+ if (identityProviderPOSTRequest.getImplicitAssociation() != null) {
+ updateFederatedAssociation(idp, identityProviderPOSTRequest.getImplicitAssociation());
+ }
updateClaims(idp, identityProviderPOSTRequest.getClaims());
updateRoles(idp, identityProviderPOSTRequest.getRoles());
updateGroups(idp, identityProviderPOSTRequest.getGroups());
@@ -2211,6 +2277,7 @@ private IdentityProviderResponse createIDPResponse(IdentityProvider identityProv
idpResponse.setGroups(createGroupResponse(identityProvider));
idpResponse.setFederatedAuthenticators(createFederatedAuthenticatorResponse(identityProvider));
idpResponse.setProvisioning(createProvisioningResponse(identityProvider));
+ idpResponse.setImplicitAssociation(createAssociationResponse(identityProvider));
return idpResponse;
}
@@ -2412,6 +2479,15 @@ private ProvisioningResponse createProvisioningResponse(IdentityProvider idp) {
return provisioningResponse;
}
+ private AssociationResponse createAssociationResponse(IdentityProvider idp) {
+
+ AssociationResponse associationResponse = new AssociationResponse();
+ associationResponse.setIsEnabled(idp.getFederatedAssociationConfig().isEnabled());
+ associationResponse.setLookupAttribute(
+ Arrays.asList(idp.getFederatedAssociationConfig().getLookupAttributes()));;
+ return associationResponse;
+ }
+
private OutboundConnectorListResponse createOutboundProvisioningResponse(IdentityProvider idp) {
ProvisioningConnectorConfig[] connectorConfigs = idp.getProvisioningConnectorConfigs();
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/IdentityProvidersApiServiceImpl.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/IdentityProvidersApiServiceImpl.java
index 96ae223f37..3ce6a56487 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/IdentityProvidersApiServiceImpl.java
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/IdentityProvidersApiServiceImpl.java
@@ -26,6 +26,7 @@
import org.wso2.carbon.identity.api.server.common.FileContent;
import org.wso2.carbon.identity.api.server.idp.v1.IdentityProvidersApiService;
import org.wso2.carbon.identity.api.server.idp.v1.core.ServerIdpManagementService;
+import org.wso2.carbon.identity.api.server.idp.v1.model.AssociationRequest;
import org.wso2.carbon.identity.api.server.idp.v1.model.Claims;
import org.wso2.carbon.identity.api.server.idp.v1.model.FederatedAuthenticatorPUTRequest;
import org.wso2.carbon.identity.api.server.idp.v1.model.FederatedAuthenticatorRequest;
@@ -143,6 +144,12 @@ public Response getGroupConfig(String identityProviderId) {
return Response.ok().entity(idpManagementService.getGroupConfig(identityProviderId)).build();
}
+ @Override
+ public Response getFederatedAssociationConfig(String identityProviderId) {
+
+ return Response.ok().entity(idpManagementService.getFederatedAssociationConfig(identityProviderId)).build();
+ }
+
@Override
public Response getIDP(String identityProviderId) {
@@ -278,6 +285,13 @@ public Response updateGroupConfig(String identityProviderId, List idPG
return Response.ok().entity(idpManagementService.updateGroupConfig(identityProviderId, idPGroup)).build();
}
+ @Override
+ public Response updateFederatedAssociationConfig(String identityProviderId, AssociationRequest associationRequest) {
+
+ return Response.ok().entity(idpManagementService.updateFederatedAssociationConfig(identityProviderId,
+ associationRequest)).build();
+ }
+
@Override
public Response updateIDPTemplate(String templateId, IdentityProviderTemplate
identityProviderTemplatePOSTRequest) {
diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/resources/idp.yaml b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/resources/idp.yaml
index e2e20f1868..8fee505e59 100644
--- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/resources/idp.yaml
+++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/resources/idp.yaml
@@ -1529,6 +1529,116 @@ paths:
$ref: '#/components/schemas/IdPGroupsConfig'
description: This represents the group config to be updated.
required: true
+ '/identity-providers/{identity-provider-id}/implicit-association':
+ get:
+ tags:
+ - Association
+ summary: |
+ Federated association config of an identity provider
+ description: >
+ This API provides the federated association config of an identity provider.
+ Permission required:
+ * /permission/admin/manage/identity/idpmgt/view
+ Scope required:
+ * internal_idp_view
+ operationId: getFederatedAssociationConfig
+ parameters:
+ - name: identity-provider-id
+ in: path
+ description: ID of the identity provider.
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: Successful response
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AssociationResponse'
+ '400':
+ description: Bad Request
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ '401':
+ description: Unauthorized
+ '403':
+ description: Forbidden
+ '404':
+ description: Not Found
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ '500':
+ description: Server Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ put:
+ tags:
+ - Association
+ summary: |
+ Update the federated association config of an identity provider
+ description: >
+ This API provides the capability to update the federated association config of an
+ identity provider by specifying the identity provider ID.
+ Permission required:
+ * /permission/admin/manage/identity/idpmgt/update
+ Scope required:
+ * internal_idp_update
+ operationId: updateFederatedAssociationConfig
+ parameters:
+ - name: identity-provider-id
+ in: path
+ description: ID of the identity provider.
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: Successful response
+ headers:
+ Location:
+ description: Location of the updated federated association config.
+ schema:
+ type: string
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AssociationResponse'
+ '400':
+ description: Bad Request
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ '401':
+ description: Unauthorized
+ '403':
+ description: Forbidden
+ '404':
+ description: Not Found
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ '500':
+ description: Server Error
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Error'
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AssociationRequest'
+ description: This represents the federated association config to be updated.
+ required: true
'/identity-providers/{identity-provider-id}/provisioning/jit':
get:
tags:
@@ -2536,6 +2646,8 @@ components:
$ref: '#/components/schemas/FederatedAuthenticatorRequest'
provisioning:
$ref: '#/components/schemas/ProvisioningRequest'
+ implicitAssociation:
+ $ref: '#/components/schemas/AssociationRequest'
IdentityProviderResponse:
type: object
properties:
@@ -2584,6 +2696,8 @@ components:
$ref: '#/components/schemas/FederatedAuthenticatorListResponse'
provisioning:
$ref: '#/components/schemas/ProvisioningResponse'
+ implicitAssociation:
+ $ref: '#/components/schemas/AssociationResponse'
IdentityProviderListResponse:
type: object
properties:
@@ -2837,6 +2951,28 @@ components:
type: array
items:
$ref: '#/components/schemas/MetaProperty'
+ AssociationRequest:
+ type: object
+ properties:
+ isEnabled:
+ type: boolean
+ example: false
+ lookupAttribute:
+ type: array
+ items:
+ type: string
+ example: [ 'email' ]
+ AssociationResponse:
+ type: object
+ properties:
+ isEnabled:
+ type: boolean
+ example: false
+ lookupAttribute:
+ type: array
+ items:
+ type: string
+ example: [ 'email' ]
ProvisioningRequest:
type: object
properties:
diff --git a/pom.xml b/pom.xml
index 68b7dee6b4..6ab65e1ba1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -760,7 +760,7 @@
1.4
1.2.4
1.8.62
- 5.25.383
+ 5.25.407
3.0.5
5.2.0
**/gen/**/*