From e18b8ca1a55c276c7f7e363f43c06381d010c4d1 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 28 Oct 2024 07:28:50 +0530 Subject: [PATCH 1/3] Add new VerificationAuthenticatorConfig for verification authenticators --- .../ApplicationAuthenticatorService.java | 170 ++++++++++++++++++ .../AuthenticatorMgtErrorConstants.java | 79 ++++++++ .../AuthenticatorMgtClientException.java | 30 ++++ .../exception/AuthenticatorMgtException.java | 79 ++++++++ .../AuthenticatorMgtServerException.java | 51 ++++++ .../VerificationAuthenticatorConfig.java | 49 +++++ ...serDefinedLocalAuthenticatorValidator.java | 87 +++++++++ 7 files changed, 545 insertions(+) create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index e93a82f42b75..0af8b676bbf4 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -18,9 +18,20 @@ package org.wso2.carbon.identity.application.common; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; +import org.wso2.carbon.identity.application.common.dao.impl.AuthenticatorManagementDAOImpl; +import org.wso2.carbon.identity.application.common.dao.impl.CacheBackedAuthenticatorMgtDAO; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.UserDefinedLocalAuthenticatorValidator; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.AuthenticationType; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import java.util.ArrayList; import java.util.List; @@ -31,10 +42,15 @@ public class ApplicationAuthenticatorService { private static volatile ApplicationAuthenticatorService instance; + private static final Log LOG = LogFactory.getLog(ApplicationAuthenticatorService.class); + private static final CacheBackedAuthenticatorMgtDAO CACHE_BACKED_DAO = + new CacheBackedAuthenticatorMgtDAO(new AuthenticatorManagementDAOImpl()); private List localAuthenticators = new ArrayList<>(); private List federatedAuthenticators = new ArrayList<>(); private List requestPathAuthenticators = new ArrayList<>(); + private UserDefinedLocalAuthenticatorValidator authenticatorValidator = + new UserDefinedLocalAuthenticatorValidator(); public static ApplicationAuthenticatorService getInstance() { if (instance == null) { @@ -47,10 +63,30 @@ public static ApplicationAuthenticatorService getInstance() { return instance; } + /** + * This returns only SYSTEM defined local authenticators. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + @Deprecated public List getLocalAuthenticators() { return this.localAuthenticators; } + /** + * This returns both SYSTEM and USER defined local authenticators. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + public List getLocalAuthenticators(String tenantDomain) + throws AuthenticatorMgtException { + + List userDefinedAuthenticators = + CACHE_BACKED_DAO.getAllUserDefinedLocalAuthenticator(IdentityTenantUtil.getTenantId(tenantDomain)); + userDefinedAuthenticators.addAll(localAuthenticators); + return userDefinedAuthenticators; + } + public List getFederatedAuthenticators() { return this.federatedAuthenticators; } @@ -59,6 +95,14 @@ public List getRequestPathAuthenticators() { return this.requestPathAuthenticators; } + /** + * This returns only SYSTEM defined local authenticator by name. + * + * @param name The name of the Local Application Authenticator configuration. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + @Deprecated public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { for (LocalAuthenticatorConfig localAuthenticator : localAuthenticators) { if (localAuthenticator.getName().equals(name)) { @@ -68,6 +112,28 @@ public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { return null; } + /** + * Retrieve both USER and SYSTEM defined Local Application Authenticator configuration by name. + * + * @param name The name of the Local Application Authenticator configuration. + * @param tenantDomain Tenant domain. + * + * @return Retrieved LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration by name. + */ + public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name, String tenantDomain) + throws AuthenticatorMgtException { + + /* First, check whether an authenticator by the given name is in the system defined authenticators list. + If not, check in user defined authenticators. */ + for (LocalAuthenticatorConfig localAuthenticator : localAuthenticators) { + if (localAuthenticator.getName().equals(name)) { + return localAuthenticator; + } + } + return getUserDefinedLocalAuthenticator(name, tenantDomain); + } + public FederatedAuthenticatorConfig getFederatedAuthenticatorByName(String name) { for (FederatedAuthenticatorConfig federatedAuthenticator : federatedAuthenticators) { if (federatedAuthenticator.getName().equals(name)) { @@ -121,4 +187,108 @@ public void removeRequestPathAuthenticator(RequestPathAuthenticatorConfig authen requestPathAuthenticators.remove(authenticator); } } + + /** + * Create a user defined Local Application Authenticator configuration. + * + * @param authenticatorConfig The Local Application Authenticator configuration. + * @param type Authentication type of the authenticator. + * @param tenantDomain Tenant domain. + * + * @return Updated LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while creating the authenticator configuration. + */ + public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, + AuthenticationType type, String tenantDomain) throws AuthenticatorMgtException { + + LocalAuthenticatorConfig config = getLocalAuthenticatorByName(authenticatorConfig.getName(), tenantDomain); + if (config != null) { + ErrorMessages error = ErrorMessages.ERROR_AUTHENTICATOR_ALREADY_EXIST; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorConfig.getName())); + } + authenticatorValidator.validateAuthenticatorName(authenticatorConfig.getName()); + authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); + authenticatorValidator.validateDefinedByType(authenticatorConfig); + + return CACHE_BACKED_DAO.addUserDefinedLocalAuthenticator( + authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain), type); + } + + /** + * Update a user defined Local Application Authenticator configuration. + * + * @param authenticatorConfig The Local Application Authenticator configuration. + * @param tenantDomain Tenant Domain. + * + * @return Updated LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while updating the authenticator configuration. + */ + public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, + String tenantDomain) throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + authenticatorConfig.getName(), tenantDomain); + authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); + + return CACHE_BACKED_DAO.updateUserDefinedLocalAuthenticator( + existingConfig, authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain)); + } + + /** + * Update a Local Application Authenticator configuration. + * + * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. + * @param tenantDomain Tenant domain. + * + * @throws AuthenticatorMgtException If an error occurs while deleting the authenticator configuration. + */ + public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); + authenticatorValidator.validateDefinedByType(existingConfig); + + CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, + IdentityTenantUtil.getTenantId(tenantDomain)); + } + + /** + * Retrieve a Local Application Authenticator configuration by name. + * + * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. + * @param tenantDomain Tenant domain. + * + * @return Retrieved LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration. + */ + public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator(authenticatorName, + IdentityTenantUtil.getTenantId(tenantDomain)); + + if (config != null && !config.getDefinedByType().equals(DefinedByType.USER)) { + return null; + } + + return config; + + } + + private LocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( + authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); + + if (existingAuthenticatorConfig == null) { + ErrorMessages error = ErrorMessages.ERROR_NOT_FOUND_AUTHENTICATOR; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorName)); + } + + return existingAuthenticatorConfig; + } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java new file mode 100644 index 000000000000..28ef974ac2ba --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.constant; + +/** + * Constants for authenticator configuration management service. + */ +public class AuthenticatorMgtErrorConstants { + + /** + * Error messages. + */ + public enum ErrorMessages { + + // Client errors. + ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator is found.", + "No authenticator is found by given authenticator name: %s."), + ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", + "Do not allow to perform any operation on system defined authenticator: %s."), + ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "There is already an authenticator.", + "There is already an authenticator by the given name: %s."), + ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Invalid authenticator name is provided.", + "The provided authenticator name %s is not in the expected format %s."), + ERROR_BLANK_FIELD_VALUE("60004", "Blank field value is provided.", + "The provided authenticator field value %s should not be empty."), + + // Server errors. + ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", + "Error while persisting authenticator in the system."), + ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", + "Error while updating authenticator in the system."), + ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", + "Error while retrieving authenticator in the system."), + ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", + "Error while deleting authenticator in the system."),; + + private final String code; + private final String message; + private final String description; + + ErrorMessages(String code, String message, String description) { + + this.code = code; + this.message = message; + this.description = description; + } + + public String getCode() { + + return code; + } + + public String getMessage() { + + return message; + } + + public String getDescription() { + + return description; + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java new file mode 100644 index 000000000000..1542f39297fc --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management client exception. + */ +public class AuthenticatorMgtClientException extends AuthenticatorMgtException { + + public AuthenticatorMgtClientException(String errorCode, String message, String description) { + + super(message, description, errorCode); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java new file mode 100644 index 000000000000..9d44982db528 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management exception. + */ +public class AuthenticatorMgtException extends Exception { + + private String errorCode; + private String description; + + public AuthenticatorMgtException(String message) { + + super(message); + } + + public AuthenticatorMgtException(String message, String errorCode) { + + super(message); + this.errorCode = errorCode; + } + + public AuthenticatorMgtException(String message, String errorCode, Throwable cause) { + + super(message, cause); + this.errorCode = errorCode; + } + + public AuthenticatorMgtException(String message, String description, String errorCode) { + + super(message); + this.errorCode = errorCode; + this.description = description; + } + + public AuthenticatorMgtException(String message, String description, String errorCode, Throwable cause) { + + super(message, cause); + this.errorCode = errorCode; + this.description = description; + } + + public String getErrorCode() { + + return this.errorCode; + } + + public void setErrorCode(String errorCode) { + + this.errorCode = errorCode; + } + + public String getDescription() { + + return this.description; + } + + public void setDescription(String description) { + + this.description = description; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java new file mode 100644 index 000000000000..507022c1c030 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management server exception. + */ +public class AuthenticatorMgtServerException extends AuthenticatorMgtException { + + public AuthenticatorMgtServerException(String message, String errorCode) { + + super(message, errorCode); + } + + public AuthenticatorMgtServerException(String message, String description, String errorCode) { + + super(message, description, errorCode); + } + + public AuthenticatorMgtServerException(String message, String errorCode, Throwable cause) { + + super(message, errorCode, cause); + } + + public AuthenticatorMgtServerException(String message, String description, String errorCode, + Throwable cause) { + + super(message, description, errorCode, cause); + } + + public AuthenticatorMgtServerException(String message) { + + super(message); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java new file mode 100644 index 000000000000..97efab22cc93 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.model; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +/** + * Verification authenticator configuration. + */ +public class VerificationAuthenticatorConfig extends LocalAuthenticatorConfig { + + private static final String TAG_2FA = "2FA"; + + public VerificationAuthenticatorConfig() { + + setTags(new String[0]); + } + + @Override + public void setTags(String[] tagList) { + + // Check if "2FA" is in the tag list; if not, add it. + List tagsAsList = new ArrayList<>(Arrays.asList()); + if (tagsAsList.contains(TAG_2FA)) { + tags = tagList; + } + + tagsAsList.add(TAG_2FA); + tags = tagsAsList.toArray(new String[0]); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java new file mode 100644 index 000000000000..e2afcc1f0ed2 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.util; + + +import org.apache.commons.lang.StringUtils; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; + +import java.util.regex.Pattern; + +/** + * User Defined Local Authenticator Validator class. + */ +public class UserDefinedLocalAuthenticatorValidator { + + private static final String AUTHENTICATOR_NAME_REGEX = "^[a-zA-Z0-9][a-zA-Z0-9-_]*$"; + private final Pattern authenticatorNameRegexPattern = Pattern.compile(AUTHENTICATOR_NAME_REGEX); + + /** + * Validate whether required fields exist. + * + * @param fieldName Field name. + * @param fieldValue Field value. + * @throws AuthenticatorMgtClientException if the provided field is empty. + */ + public void validateForBlank(String fieldName, String fieldValue) throws AuthenticatorMgtClientException { + + if (StringUtils.isBlank(fieldValue)) { + ErrorMessages error = ErrorMessages.ERROR_BLANK_FIELD_VALUE; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), fieldName)); + } + } + + /** + * Validate the user defined local authenticator name. + * + * @param name The authenticator name. + * + * @throws AuthenticatorMgtClientException if the authenticator name is not valid. + */ + public void validateAuthenticatorName(String name) throws AuthenticatorMgtClientException { + + boolean isValidName = authenticatorNameRegexPattern.matcher(name).matches(); + if (!isValidName) { + ErrorMessages error = ErrorMessages.ERROR_INVALID_AUTHENTICATOR_NAME; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), name, AUTHENTICATOR_NAME_REGEX)); + } + } + + /** + * Validate the authenticator is a user defined by authenticator. + * + * @param authenticatorConfig The authenticator config. + * + * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. + */ + public void validateDefinedByType(LocalAuthenticatorConfig authenticatorConfig) + throws AuthenticatorMgtClientException { + + if (authenticatorConfig.getDefinedByType() != DefinedByType.USER) { + ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorConfig.getName())); + } + } +} From 86c5ebf1673fdcb0e0cb51a4b032a54b86b88242 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 28 Oct 2024 11:54:19 +0530 Subject: [PATCH 2/3] Comments addressed. --- .../ApplicationAuthenticatorService.java | 6 ++--- .../AuthenticatorMgtErrorConstants.java | 22 +++++++++---------- .../exception/AuthenticatorMgtException.java | 10 --------- ...serDefinedLocalAuthenticatorValidator.java | 4 ++-- 4 files changed, 16 insertions(+), 26 deletions(-) diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index 0af8b676bbf4..021a881b70cd 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -209,7 +209,7 @@ public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthent } authenticatorValidator.validateAuthenticatorName(authenticatorConfig.getName()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); - authenticatorValidator.validateDefinedByType(authenticatorConfig); + authenticatorValidator.validateDefinedByType(authenticatorConfig.getDefinedByType()); return CACHE_BACKED_DAO.addUserDefinedLocalAuthenticator( authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain), type); @@ -229,7 +229,7 @@ public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthent LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( authenticatorConfig.getName(), tenantDomain); - authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); return CACHE_BACKED_DAO.updateUserDefinedLocalAuthenticator( @@ -248,7 +248,7 @@ public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String throws AuthenticatorMgtException { LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); - authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java index 28ef974ac2ba..02ecc9e52d00 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -29,26 +29,26 @@ public class AuthenticatorMgtErrorConstants { public enum ErrorMessages { // Client errors. - ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator is found.", - "No authenticator is found by given authenticator name: %s."), + ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator found.", + "No Authenticator found by given authenticator name: %s."), ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", "Do not allow to perform any operation on system defined authenticator: %s."), - ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "There is already an authenticator.", - "There is already an authenticator by the given name: %s."), - ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Invalid authenticator name is provided.", + ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "An authenticator already exists.", + "As authenticator already exists for the given name: %s."), + ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Authenticator name is invalid.", "The provided authenticator name %s is not in the expected format %s."), - ERROR_BLANK_FIELD_VALUE("60004", "Blank field value is provided.", - "The provided authenticator field value %s should not be empty."), + ERROR_BLANK_FIELD_VALUE("60004", "Invalid empty or blank value.", + "Value for %s should not be empty or blank."), // Server errors. ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", - "Error while persisting authenticator in the system."), + "Error while persisting authenticator from the system."), ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", - "Error while updating authenticator in the system."), + "Error while updating authenticator from the system."), ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", - "Error while retrieving authenticator in the system."), + "Error while retrieving authenticator from the system."), ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", - "Error while deleting authenticator in the system."),; + "Error while deleting authenticator from the system."),; private final String code; private final String message; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java index 9d44982db528..d14e39d17060 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java @@ -62,18 +62,8 @@ public String getErrorCode() { return this.errorCode; } - public void setErrorCode(String errorCode) { - - this.errorCode = errorCode; - } - public String getDescription() { return this.description; } - - public void setDescription(String description) { - - this.description = description; - } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java index e2afcc1f0ed2..1ff69af14d20 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -75,10 +75,10 @@ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClient * * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. */ - public void validateDefinedByType(LocalAuthenticatorConfig authenticatorConfig) + public void validateDefinedByType(DefinedByType definedByType) throws AuthenticatorMgtClientException { - if (authenticatorConfig.getDefinedByType() != DefinedByType.USER) { + if (definedByType != DefinedByType.USER) { ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), String.format(error.getDescription(), authenticatorConfig.getName())); From 5a98250e30d47c9c5f72268e3ff827ccafa5372f Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 11 Nov 2024 09:03:11 +0530 Subject: [PATCH 3/3] Add service layer support for the custom local auth extensions. --- .../ApplicationAuthenticatorService.java | 36 ++-- .../AuthenticatorMgtErrorConstants.java | 4 +- ...nticatorEndpointConfigServerException.java | 35 ++++ .../VerificationAuthenticatorConfig.java | 49 ----- ...calAuthenticatorEndpointConfigManager.java | 197 ++++++++++++++++++ ...serDefinedLocalAuthenticatorValidator.java | 4 +- 6 files changed, 256 insertions(+), 69 deletions(-) create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorEndpointConfigServerException.java delete mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorEndpointConfigManager.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index 021a881b70cd..ccb476acb5ba 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -28,6 +28,7 @@ import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.util.UserDefinedLocalAuthenticatorValidator; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.AuthenticationType; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; @@ -198,8 +199,9 @@ public void removeRequestPathAuthenticator(RequestPathAuthenticatorConfig authen * @return Updated LocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while creating the authenticator configuration. */ - public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, - AuthenticationType type, String tenantDomain) throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig createUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, AuthenticationType type, String tenantDomain) + throws AuthenticatorMgtException { LocalAuthenticatorConfig config = getLocalAuthenticatorByName(authenticatorConfig.getName(), tenantDomain); if (config != null) { @@ -221,13 +223,14 @@ public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthent * @param authenticatorConfig The Local Application Authenticator configuration. * @param tenantDomain Tenant Domain. * - * @return Updated LocalAuthenticatorConfig. + * @return Updated UserDefinedLocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while updating the authenticator configuration. */ - public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, - String tenantDomain) throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, String tenantDomain) + throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + UserDefinedLocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( authenticatorConfig.getName(), tenantDomain); authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); @@ -247,7 +250,8 @@ public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthent public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); + UserDefinedLocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + authenticatorName, tenantDomain); authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, @@ -260,14 +264,14 @@ public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. * @param tenantDomain Tenant domain. * - * @return Retrieved LocalAuthenticatorConfig. + * @return Retrieved UserDefinedLocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration. */ - public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) - throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, + String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator(authenticatorName, - IdentityTenantUtil.getTenantId(tenantDomain)); + UserDefinedLocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( + authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); if (config != null && !config.getDefinedByType().equals(DefinedByType.USER)) { return null; @@ -277,11 +281,11 @@ public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenti } - private LocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, String tenantDomain) - throws AuthenticatorMgtException { + private UserDefinedLocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, + String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( - authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); + UserDefinedLocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO. + getUserDefinedLocalAuthenticator(authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); if (existingAuthenticatorConfig == null) { ErrorMessages error = ErrorMessages.ERROR_NOT_FOUND_AUTHENTICATOR; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java index 02ecc9e52d00..0e5fa90c883d 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -48,7 +48,9 @@ public enum ErrorMessages { ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", "Error while retrieving authenticator from the system."), ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", - "Error while deleting authenticator from the system."),; + "Error while deleting authenticator from the system."), + ERROR_CODE_ENDPOINT_CONFIG_MGT("65005", "Error while managing endpoint configurations.", + "Error while managing endpoint configurations for the user defined local authenticator %s."),; private final String code; private final String message; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorEndpointConfigServerException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorEndpointConfigServerException.java new file mode 100644 index 000000000000..b402c171b0a7 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorEndpointConfigServerException.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Exception class for user defined local authenticator endpoint configurations related exceptions. + */ +public class AuthenticatorEndpointConfigServerException extends AuthenticatorMgtServerException{ + + public AuthenticatorEndpointConfigServerException(String message) { + + super(message); + } + + public AuthenticatorEndpointConfigServerException(String errorCode, String message, Throwable throwable) { + + super(errorCode, message, throwable); + } +} \ No newline at end of file diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java deleted file mode 100644 index 97efab22cc93..000000000000 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.application.common.model; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -/** - * Verification authenticator configuration. - */ -public class VerificationAuthenticatorConfig extends LocalAuthenticatorConfig { - - private static final String TAG_2FA = "2FA"; - - public VerificationAuthenticatorConfig() { - - setTags(new String[0]); - } - - @Override - public void setTags(String[] tagList) { - - // Check if "2FA" is in the tag list; if not, add it. - List tagsAsList = new ArrayList<>(Arrays.asList()); - if (tagsAsList.contains(TAG_2FA)) { - tags = tagList; - } - - tagsAsList.add(TAG_2FA); - tags = tagsAsList.toArray(new String[0]); - } -} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorEndpointConfigManager.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorEndpointConfigManager.java new file mode 100644 index 000000000000..6a2963b8f160 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorEndpointConfigManager.java @@ -0,0 +1,197 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.util; + +import org.wso2.carbon.identity.action.management.exception.ActionMgtException; +import org.wso2.carbon.identity.action.management.model.Action; +import org.wso2.carbon.identity.action.management.model.EndpointConfig; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorEndpointConfigServerException; +import org.wso2.carbon.identity.application.common.model.Property; +import org.wso2.carbon.identity.application.common.model.UserDefinedAuthenticatorEndpointConfig; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import static org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants + .ErrorMessages.ERROR_CODE_ENDPOINT_CONFIG_MGT; + +/** + * This class responsible for managing authenticator endpoint configurations for the user defined Local + * authenticators. + */ +public class UserDefinedLocalAuthenticatorEndpointConfigManager { + + private static final String ACTION_ID_PROPERTY = "actionId"; + + /** + * Create a new action for given endpoint configurations of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @throws AuthenticatorEndpointConfigServerException If an error occurs while adding the action. + */ + public void addEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, int tenantId) + throws AuthenticatorEndpointConfigServerException { + + try { + Action action = IdpMgtServiceComponentHolder.getInstance().getActionManagementService() + .addAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + buildActionToCreate(config.getName(), config.getEndpointConfig().getEndpointConfig()), + IdentityTenantUtil.getTenantDomain(tenantId)); + Property endpointProperty = new Property(); + endpointProperty.setName(ACTION_ID_PROPERTY); + endpointProperty.setValue(action.getId()); + config.setProperties(new Property[]{endpointProperty}); + } catch (ActionMgtException e) { + throw new AuthenticatorEndpointConfigServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + "Error occurred while adding associated action for the authenticator:" + config.getName(), e); + } + } + + /** + * Updated associated action for given updated endpoint configurations of the user defined authenticator. + * + * @param newConfig The Local application authenticator configuration to be updated. + * @param oldConfig The current Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @throws AuthenticatorEndpointConfigServerException If an error occurs while updating associated action. + */ + public void updateEndpointConfigurations(UserDefinedLocalAuthenticatorConfig newConfig, + UserDefinedLocalAuthenticatorConfig oldConfig, int tenantId) + throws AuthenticatorEndpointConfigServerException { + + String actionId = getActionIdFromProperty(oldConfig.getProperties(), oldConfig.getName()); + try { + IdpMgtServiceComponentHolder.getInstance().getActionManagementService() + .updateAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + buildActionToUpdate(newConfig.getEndpointConfig().getEndpointConfig()), + IdentityTenantUtil.getTenantDomain(tenantId)); + newConfig.setProperties(oldConfig.getProperties()); + } catch (ActionMgtException e) { + throw new AuthenticatorEndpointConfigServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred while updating associated action with id %s for the authenticator %s", + actionId, oldConfig.getName()), e); + } + } + + /** + * Retrieve associated action of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @return Local authenticator with endpoint configurations resolved. + * @throws AuthenticatorEndpointConfigServerException If an error occurs retrieving updating associated action. + */ + public UserDefinedLocalAuthenticatorConfig resolveEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, + int tenantId) throws AuthenticatorEndpointConfigServerException { + + String actionId = getActionIdFromProperty(config.getProperties(), config.getName()); + try { + Action action = IdpMgtServiceComponentHolder.getInstance().getActionManagementService() + .getActionByActionId(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + IdentityTenantUtil.getTenantDomain(tenantId)); + + config.setEndpointConfig(buildUserDefinedAuthenticatorEndpointConfig(action.getEndpoint())); + return config; + } catch (ActionMgtException e) { + throw new AuthenticatorEndpointConfigServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred retrieving associated action with id %s for the authenticator %s", + actionId, config.getName()), e); + } + } + + private UserDefinedAuthenticatorEndpointConfig buildUserDefinedAuthenticatorEndpointConfig( + EndpointConfig endpointConfig) { + + UserDefinedAuthenticatorEndpointConfig.UserDefinedAuthenticatorEndpointConfigBuilder endpointConfigBuilder = + new UserDefinedAuthenticatorEndpointConfig.UserDefinedAuthenticatorEndpointConfigBuilder(); + endpointConfigBuilder.uri(endpointConfig.getUri()); + endpointConfigBuilder.authenticationType(endpointConfig.getAuthentication().getType().getName()); + Map propMap = new HashMap<>(); + endpointConfig.getAuthentication().getProperties() + .forEach(prop -> propMap.put(prop.getName(), prop.getValue())); + endpointConfigBuilder.authenticationProperties(propMap); + return endpointConfigBuilder.build(); + } + + /** + * Delete associated action of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * + * @throws AuthenticatorEndpointConfigServerException If an error occurs while deleting associated action. + */ + public void deleteEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, int tenantId) throws + AuthenticatorEndpointConfigServerException { + + if (config.getDefinedByType() == AuthenticatorPropertyConstants.DefinedByType.SYSTEM) { + return; + } + + String actionId = getActionIdFromProperty(config.getProperties(), config.getName()); + try { + IdpMgtServiceComponentHolder.getInstance().getActionManagementService() + .deleteAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + IdentityTenantUtil.getTenantDomain(tenantId)); + } catch (ActionMgtException e) { + throw new AuthenticatorEndpointConfigServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred while deleting associated action with id %s for the authenticator %s", + actionId, config.getName()), e); + } + } + + private Action buildActionToCreate(String authenticatorName, EndpointConfig endpointConfig) { + + Action.ActionRequestBuilder actionRequestBuilder = new Action.ActionRequestBuilder(); + actionRequestBuilder.name(authenticatorName); + actionRequestBuilder.description(String.format("This is the action associated to the user defined Local" + + "authenticator %s.", authenticatorName)); + actionRequestBuilder.endpoint(endpointConfig); + + return actionRequestBuilder.build(); + } + + private Action buildActionToUpdate(EndpointConfig endpointConfig) { + + Action.ActionRequestBuilder actionRequestBuilder = new Action.ActionRequestBuilder(); + actionRequestBuilder.endpoint(endpointConfig); + + return actionRequestBuilder.build(); + } + + private String getActionIdFromProperty(Property[] properties, String authenticatorName) + throws AuthenticatorEndpointConfigServerException { + + return Arrays.stream(properties) + .filter(property -> ACTION_ID_PROPERTY.equals(property.getName())) + .map(Property::getValue) + .findFirst() + .orElseThrow(() -> new AuthenticatorEndpointConfigServerException( + "No action Id was found in the properties of the authenticator configurations for" + + " the authenticator: " + authenticatorName)); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java index 1ff69af14d20..f01b294760e9 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -55,7 +55,6 @@ public void validateForBlank(String fieldName, String fieldValue) throws Authent * Validate the user defined local authenticator name. * * @param name The authenticator name. - * * @throws AuthenticatorMgtClientException if the authenticator name is not valid. */ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClientException { @@ -71,8 +70,7 @@ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClient /** * Validate the authenticator is a user defined by authenticator. * - * @param authenticatorConfig The authenticator config. - * + * @param definedByType The defined by type of the authenticator config. * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. */ public void validateDefinedByType(DefinedByType definedByType)