From 6500b425fbef06da722a9619ec4bddb387ff4911 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Wed, 13 Nov 2024 08:03:54 +0530 Subject: [PATCH] Update APIs to support custom authentication management. --- .../api/server/idp/common/Constants.java | 10 +++--- .../v1/core/ServerIdpManagementService.java | 32 +++++++++++-------- ...atedAuthenticatorConfigBuilderFactory.java | 17 +++------- 3 files changed, 27 insertions(+), 32 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java index 7b96242696..858226befd 100644 --- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java +++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.common/src/main/java/org/wso2/carbon/identity/api/server/idp/common/Constants.java @@ -146,13 +146,13 @@ public enum ErrorMessage { ERROR_CODE_ERROR_LISTING_TRUSTED_TOKEN_ISSUERS("60021", "Unable to list existing trusted token issuers.", "Server encountered an error while listing the trusted token issuers."), - ERROR_CODE_ENDPOINT_PROVIDED_FOR_SYSTEM_AUTH("60039", "No endpoint configuration is allowed " + - "for system defined authenticators.", "No endpoint configuration must be " + + ERROR_CODE_ENDPOINT_PROVIDED_FOR_SYSTEM_AUTH("60039", "Invalid Request.", + "No endpoint configuration must be " + "provided for the system defined federated authenticators %s."), - ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH("60040", "No properties are allowed for " + - "user defined authenticators.", "No properties must be provided for the user defined " + + ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH("60040", "Invalid Request.", + "No properties must be provided for the user defined " + "federated authenticators %s."), - ERROR_CODE_NO_ENDPOINT_PROVIDED("60041", "No endpoint provided.", "Endpoint " + + ERROR_CODE_NO_ENDPOINT_PROVIDED("60041", "Invalid Request.", "Endpoint " + "configuration must be provided for the user defined federated authenticators %s."), ERROR_CODE_NON_DECODABLE_AUTH_ID("60042", "Non-decodable authenticator ID.", "Unable to decode the provided authenticator ID %s."), diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java index 34602068d7..8df5af1f01 100644 --- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java +++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/core/ServerIdpManagementService.java @@ -146,6 +146,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; import java.util.function.Function; import java.util.stream.Collectors; @@ -1775,15 +1776,15 @@ private void updateFederatedAuthenticatorConfig(IdentityProvider idp, FederatedA List fedAuthConfigs = new ArrayList<>(); for (FederatedAuthenticator authenticator : federatedAuthenticators) { String authenticatorName = getDecodedAuthenticatorName(authenticator.getAuthenticatorId()); - String definedByType; + DefinedByType definedByType; if (isNewFederatedAuthenticator) { - definedByType = resolveDefinedByTypeForCreateFederatedAuthenticator( - authenticator.getDefinedBy().toString()).toString(); + definedByType = resolveDefinedByTypeToCreateFederatedAuthenticator( + authenticator.getDefinedBy()); } else { - definedByType = resolveDefinedByTypeForUpdateFederatedAuthenticator(authenticatorName).toString(); + definedByType = resolveDefinedByTypeToUpdateFederatedAuthenticator(authenticatorName); } - if (DefinedByType.SYSTEM.toString().equals(definedByType)) { + if (DefinedByType.SYSTEM == definedByType) { validateAuthenticatorProperties(authenticatorName, authenticator.getProperties()); } @@ -1794,8 +1795,9 @@ private void updateFederatedAuthenticatorConfig(IdentityProvider idp, FederatedA builder.enabled(authenticator.getIsEnabled()); builder.displayName(getDisplayNameOfAuthenticator(authenticatorName)); builder.endpoint(authenticator.getEndpoint()); - List properties = authenticator.getProperties().stream().map(propertyToInternal) - .collect(Collectors.toList()); + List properties = Optional.ofNullable(authenticator.getProperties()) + .map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList())) + .orElse(null); builder.properties(properties); FederatedAuthenticatorConfig authConfig = builder.build(); @@ -2848,8 +2850,8 @@ private FederatedAuthenticatorConfig updateFederatedAuthenticatorConfig(String f FederatedAuthenticatorPUTRequest authenticator) throws IdentityProviderManagementClientException { String authenticatorName = getDecodedAuthenticatorName(federatedAuthenticatorId); - String definedByType = resolveDefinedByTypeForUpdateFederatedAuthenticator(authenticatorName).toString(); - if (DefinedByType.SYSTEM.toString().equals(definedByType)) { + DefinedByType definedByType = resolveDefinedByTypeToUpdateFederatedAuthenticator(authenticatorName); + if (DefinedByType.SYSTEM == definedByType) { validateAuthenticatorProperties(authenticatorName, authenticator.getProperties()); } @@ -2860,24 +2862,26 @@ private FederatedAuthenticatorConfig updateFederatedAuthenticatorConfig(String f builder.enabled(authenticator.getIsEnabled()); builder.displayName(getDisplayNameOfAuthenticator(authenticatorName)); builder.endpoint(authenticator.getEndpoint()); - List properties = authenticator.getProperties().stream().map(propertyToInternal) - .collect(Collectors.toList()); + List properties = Optional.ofNullable(authenticator.getProperties()) + .map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList())) + .orElse(null); builder.properties(properties); return builder.build(); } - private DefinedByType resolveDefinedByTypeForCreateFederatedAuthenticator(String definedByType) { + private DefinedByType resolveDefinedByTypeToCreateFederatedAuthenticator( + FederatedAuthenticator.DefinedByEnum definedByType) { /* For new federated authenticators: If 'definedByType' is not null, use the value provided in the request payload. If not, default to SYSTEM. */ if (definedByType != null) { - return DefinedByType.valueOf(definedByType); + return DefinedByType.valueOf(definedByType.toString()); } return DefinedByType.SYSTEM; } - private DefinedByType resolveDefinedByTypeForUpdateFederatedAuthenticator(String authenticatorName) { + private DefinedByType resolveDefinedByTypeToUpdateFederatedAuthenticator(String authenticatorName) { /* For existing federated authenticators, disregard any value provided in the request payload. Instead, resolve and retrieve the 'definedBy' type of the corresponding existing authenticator. diff --git a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java index f769c1e31b..4250a67985 100644 --- a/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java +++ b/components/org.wso2.carbon.identity.api.server.idp/org.wso2.carbon.identity.api.server.idp.v1/src/main/java/org/wso2/carbon/identity/api/server/idp/v1/impl/FederatedAuthenticatorConfigBuilderFactory.java @@ -20,7 +20,6 @@ import org.wso2.carbon.identity.api.server.idp.common.Constants; import org.wso2.carbon.identity.api.server.idp.v1.model.Endpoint; -import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService; import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.Property; import org.wso2.carbon.identity.application.common.model.UserDefinedAuthenticatorEndpointConfig; @@ -42,7 +41,7 @@ private static FederatedAuthenticatorConfig createFederatedAuthenticatorConfig(B throws IdentityProviderManagementClientException { FederatedAuthenticatorConfig config; - if (DefinedByType.SYSTEM.toString().equals(builder.definedByType)) { + if (DefinedByType.SYSTEM == builder.definedByType) { config = createSystemDefinedFederatedAuthenticator(builder); } else { config = createUserDefinedFederatedAuthenticator(builder); @@ -74,14 +73,6 @@ private static void validateSystemDefinedFederatedAuthenticatorModel(Builder bui throw new IdentityProviderManagementClientException(error.getCode(), String.format(error.getDescription(), builder.authenticatorName)); } - - // Check if there is an authenticator registered in the system for the given authenticator ID. - if (ApplicationAuthenticatorService.getInstance() - .getFederatedAuthenticatorByName(builder.authenticatorName) == null) { - Constants.ErrorMessage error = Constants.ErrorMessage.ERROR_CODE_NO_SYSTEM_AUTHENTICATOR_FOUND; - throw new IdentityProviderManagementClientException(error.getCode(), - String.format(error.getDescription(), builder.authenticatorName)); - } } private static UserDefinedFederatedAuthenticatorConfig createUserDefinedFederatedAuthenticator(Builder builder) @@ -106,7 +97,7 @@ private static void validateUserDefinedFederatedAuthenticatorModel(Builder build throws IdentityProviderManagementClientException { // The User-defined authenticator configs must not have properties configurations; throw an error if they do. - if (builder.properties == null || !builder.properties.isEmpty()) { + if (builder.properties != null) { Constants.ErrorMessage error = Constants.ErrorMessage.ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH; throw new IdentityProviderManagementClientException(error.getCode(), String.format(error.getDescription(), builder.authenticatorName)); @@ -124,14 +115,14 @@ private static void validateUserDefinedFederatedAuthenticatorModel(Builder build * Builder class to build FederatedAuthenticatorConfig. */ public static class Builder { - private String definedByType; + private DefinedByType definedByType; private String authenticatorName; private String displayName; private Endpoint endpoint; private List properties; private Boolean isEnabled; - public Builder definedByType(String definedByType) { + public Builder definedByType(DefinedByType definedByType) { this.definedByType = definedByType; return this;