Skip to content

Commit

Permalink
Update APIs to support custom authentication management.
Browse files Browse the repository at this point in the history
  • Loading branch information
Thisara-Welmilla committed Nov 13, 2024
1 parent 6d3a143 commit f8ad6fb
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 32 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -146,13 +146,13 @@ public enum ErrorMessage {
ERROR_CODE_ERROR_LISTING_TRUSTED_TOKEN_ISSUERS("60021",
"Unable to list existing trusted token issuers.",
"Server encountered an error while listing the trusted token issuers."),
ERROR_CODE_ENDPOINT_PROVIDED_FOR_SYSTEM_AUTH("60039", "No endpoint configuration is allowed " +
"for system defined authenticators.", "No endpoint configuration must be " +
ERROR_CODE_ENDPOINT_PROVIDED_FOR_SYSTEM_AUTH("60039", "Invalid Request.",
"No endpoint configuration must be " +
"provided for the system defined federated authenticators %s."),
ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH("60040", "No properties are allowed for " +
"user defined authenticators.", "No properties must be provided for the user defined " +
ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH("60040", "Invalid Request.",
"No properties must be provided for the user defined " +
"federated authenticators %s."),
ERROR_CODE_NO_ENDPOINT_PROVIDED("60041", "No endpoint provided.", "Endpoint " +
ERROR_CODE_NO_ENDPOINT_PROVIDED("60041", "Invalid Request.", "Endpoint " +
"configuration must be provided for the user defined federated authenticators %s."),
ERROR_CODE_NON_DECODABLE_AUTH_ID("60042", "Non-decodable authenticator ID.",
"Unable to decode the provided authenticator ID %s."),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
Expand Down Expand Up @@ -1775,15 +1776,15 @@ private void updateFederatedAuthenticatorConfig(IdentityProvider idp, FederatedA
List<FederatedAuthenticatorConfig> fedAuthConfigs = new ArrayList<>();
for (FederatedAuthenticator authenticator : federatedAuthenticators) {
String authenticatorName = getDecodedAuthenticatorName(authenticator.getAuthenticatorId());
String definedByType;
DefinedByType definedByType;
if (isNewFederatedAuthenticator) {
definedByType = resolveDefinedByTypeForCreateFederatedAuthenticator(
authenticator.getDefinedBy().toString()).toString();
definedByType = resolveDefinedByTypeToCreateFederatedAuthenticator(
authenticator.getDefinedBy());
} else {
definedByType = resolveDefinedByTypeForUpdateFederatedAuthenticator(authenticatorName).toString();
definedByType = resolveDefinedByTypeToUpdateFederatedAuthenticator(authenticatorName);
}

if (DefinedByType.SYSTEM.toString().equals(definedByType)) {
if (DefinedByType.SYSTEM == definedByType) {
validateAuthenticatorProperties(authenticatorName, authenticator.getProperties());
}

Expand All @@ -1794,8 +1795,9 @@ private void updateFederatedAuthenticatorConfig(IdentityProvider idp, FederatedA
builder.enabled(authenticator.getIsEnabled());
builder.displayName(getDisplayNameOfAuthenticator(authenticatorName));
builder.endpoint(authenticator.getEndpoint());
List<Property> properties = authenticator.getProperties().stream().map(propertyToInternal)
.collect(Collectors.toList());
List<Property> properties = Optional.ofNullable(authenticator.getProperties())
.map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList()))
.orElse(null);
builder.properties(properties);
FederatedAuthenticatorConfig authConfig = builder.build();

Expand Down Expand Up @@ -2701,6 +2703,12 @@ private IdentityProvider createIdPClone(IdentityProvider idP) {

Gson gson = new Gson();
IdentityProvider clonedIdentityProvider = gson.fromJson(gson.toJson(idP), IdentityProvider.class);
if (idP.getFederatedAuthenticatorConfigs().length == 1 &&
idP.getFederatedAuthenticatorConfigs()[0].getDefinedByType() == DefinedByType.USER) {
UserDefinedFederatedAuthenticatorConfig clonedFedAuth = gson.fromJson(gson.toJson(
idP.getFederatedAuthenticatorConfigs()[0]), UserDefinedFederatedAuthenticatorConfig.class);
clonedIdentityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[]{clonedFedAuth});
}
return clonedIdentityProvider;
}

Expand Down Expand Up @@ -2848,8 +2856,8 @@ private FederatedAuthenticatorConfig updateFederatedAuthenticatorConfig(String f
FederatedAuthenticatorPUTRequest authenticator) throws IdentityProviderManagementClientException {

String authenticatorName = getDecodedAuthenticatorName(federatedAuthenticatorId);
String definedByType = resolveDefinedByTypeForUpdateFederatedAuthenticator(authenticatorName).toString();
if (DefinedByType.SYSTEM.toString().equals(definedByType)) {
DefinedByType definedByType = resolveDefinedByTypeToUpdateFederatedAuthenticator(authenticatorName);
if (DefinedByType.SYSTEM == definedByType) {
validateAuthenticatorProperties(authenticatorName, authenticator.getProperties());
}

Expand All @@ -2860,24 +2868,26 @@ private FederatedAuthenticatorConfig updateFederatedAuthenticatorConfig(String f
builder.enabled(authenticator.getIsEnabled());
builder.displayName(getDisplayNameOfAuthenticator(authenticatorName));
builder.endpoint(authenticator.getEndpoint());
List<Property> properties = authenticator.getProperties().stream().map(propertyToInternal)
.collect(Collectors.toList());
List<Property> properties = Optional.ofNullable(authenticator.getProperties())
.map(props -> props.stream().map(propertyToInternal).collect(Collectors.toList()))
.orElse(null);
builder.properties(properties);

return builder.build();
}

private DefinedByType resolveDefinedByTypeForCreateFederatedAuthenticator(String definedByType) {
private DefinedByType resolveDefinedByTypeToCreateFederatedAuthenticator(
FederatedAuthenticator.DefinedByEnum definedByType) {

/* For new federated authenticators:
If 'definedByType' is not null, use the value provided in the request payload. If not, default to SYSTEM. */
if (definedByType != null) {
return DefinedByType.valueOf(definedByType);
return DefinedByType.valueOf(definedByType.toString());
}
return DefinedByType.SYSTEM;
}

private DefinedByType resolveDefinedByTypeForUpdateFederatedAuthenticator(String authenticatorName) {
private DefinedByType resolveDefinedByTypeToUpdateFederatedAuthenticator(String authenticatorName) {

/* For existing federated authenticators, disregard any value provided in the request payload.
Instead, resolve and retrieve the 'definedBy' type of the corresponding existing authenticator.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@

import org.wso2.carbon.identity.api.server.idp.common.Constants;
import org.wso2.carbon.identity.api.server.idp.v1.model.Endpoint;
import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.UserDefinedAuthenticatorEndpointConfig;
Expand All @@ -42,7 +41,7 @@ private static FederatedAuthenticatorConfig createFederatedAuthenticatorConfig(B
throws IdentityProviderManagementClientException {

FederatedAuthenticatorConfig config;
if (DefinedByType.SYSTEM.toString().equals(builder.definedByType)) {
if (DefinedByType.SYSTEM == builder.definedByType) {
config = createSystemDefinedFederatedAuthenticator(builder);
} else {
config = createUserDefinedFederatedAuthenticator(builder);
Expand Down Expand Up @@ -74,14 +73,6 @@ private static void validateSystemDefinedFederatedAuthenticatorModel(Builder bui
throw new IdentityProviderManagementClientException(error.getCode(), String.format(error.getDescription(),
builder.authenticatorName));
}

// Check if there is an authenticator registered in the system for the given authenticator ID.
if (ApplicationAuthenticatorService.getInstance()
.getFederatedAuthenticatorByName(builder.authenticatorName) == null) {
Constants.ErrorMessage error = Constants.ErrorMessage.ERROR_CODE_NO_SYSTEM_AUTHENTICATOR_FOUND;
throw new IdentityProviderManagementClientException(error.getCode(),
String.format(error.getDescription(), builder.authenticatorName));
}
}

private static UserDefinedFederatedAuthenticatorConfig createUserDefinedFederatedAuthenticator(Builder builder)
Expand All @@ -106,7 +97,7 @@ private static void validateUserDefinedFederatedAuthenticatorModel(Builder build
throws IdentityProviderManagementClientException {

// The User-defined authenticator configs must not have properties configurations; throw an error if they do.
if (builder.properties == null || !builder.properties.isEmpty()) {
if (builder.properties != null) {
Constants.ErrorMessage error = Constants.ErrorMessage.ERROR_CODE_PROPERTIES_PROVIDED_FOR_USER_AUTH;
throw new IdentityProviderManagementClientException(error.getCode(),
String.format(error.getDescription(), builder.authenticatorName));
Expand All @@ -124,14 +115,14 @@ private static void validateUserDefinedFederatedAuthenticatorModel(Builder build
* Builder class to build FederatedAuthenticatorConfig.
*/
public static class Builder {
private String definedByType;
private DefinedByType definedByType;
private String authenticatorName;
private String displayName;
private Endpoint endpoint;
private List<Property> properties;
private Boolean isEnabled;

public Builder definedByType(String definedByType) {
public Builder definedByType(DefinedByType definedByType) {

this.definedByType = definedByType;
return this;
Expand Down

0 comments on commit f8ad6fb

Please sign in to comment.