/*
* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.provider;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.core.util.AdminServicesUtil;
import org.wso2.carbon.identity.base.IdentityConstants.ServerConfig;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.provider.cards.CardIssuer;
import org.wso2.carbon.utils.ServerConstants;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
* This services has the functionality related to Information Cards / OpenID dash-board
* functionality in the UI. To access this service, users should have 'login' permission. Only the
* functionality related to logged in user can be performed.
*/
public class IdentityProviderService extends AbstractAdmin {
protected Log log = LogFactory.getLog(IdentityProviderService.class);
/**
* @param username
* @param requireAppliesTo
* @return
* @throws Exception
*/
public String issueCardForUsername(String username, boolean requireAppliesTo) throws Exception {
CardIssuer issuer = null;
Element card = null;
validateInputParameters(new String[]{username},
"Invalid parameters provided to issueCardForUsername");
checkUserAuthorization(username, "issueCardForUsername");
issuer = new CardIssuer();
card = issuer.issueCardForUsername(username, requireAppliesTo);
return IdentityProviderUtil.dumpInfoCard(MessageContext.getCurrentMessageContext().
getConfigurationContext(), card);
}
/**
* @param ppid
* @param requireAppliesTo
* @return
* @throws Exception
*/
public String issueCardForSelfIssuedCards(String ppid, boolean requireAppliesTo)
throws Exception {
CardIssuer issuer = null;
Element card = null;
validateInputParameters(new String[]{ppid},
"Invalid parameters provided to issueCardForSelfIssuedCards");
checkUserAuthorization(extractPrimaryUserName(ppid), "issueCardForSelfIssuedCards");
issuer = new CardIssuer();
card = issuer.issueCardForSelfIssuedCard(ppid, requireAppliesTo);
return IdentityProviderUtil.dumpInfoCard(MessageContext.getCurrentMessageContext().
getConfigurationContext(), card);
}
/**
* @param username
* @param requireAppliesTo
* @return
* @throws Exception
*/
public String issueOpenIDInfoCardForUsername(String username, boolean requireAppliesTo)
throws Exception {
CardIssuer issuer = null;
Element card = null;
validateInputParameters(new String[]{username},
"Invalid parameters provided to issueOpenIDInfoCardForUsername");
checkUserAuthorization(username, "issueOpenIDInfoCardForUsername");
issuer = new CardIssuer();
issuer.setIsOpenIdInfoCard(true);
card = issuer.issueCardForUsername(username, requireAppliesTo);
return IdentityProviderUtil.dumpInfoCard(MessageContext.getCurrentMessageContext().
getConfigurationContext(), card);
}
/**
* @param ppid
* @param requireAppliesTo
* @return
* @throws Exception
*/
public String issueOpenIDInfoCardForSelfIssuedCard(String ppid, boolean requireAppliesTo)
throws Exception {
CardIssuer issuer = null;
Element card = null;
validateInputParameters(new String[]{ppid},
"Invalid parameters provided to issueOpenIDInfoCardForSelfIssuedCard");
checkUserAuthorization(extractPrimaryUserName(ppid), "issueOpenIDInfoCardForSelfIssuedCard");
issuer = new CardIssuer();
issuer.setIsOpenIdInfoCard(true);
card = issuer.issueCardForSelfIssuedCard(ppid, requireAppliesTo);
return IdentityProviderUtil.dumpInfoCard(MessageContext.getCurrentMessageContext().
getConfigurationContext(), card);
}
/**
* @param userName
* @return
* @throws Exception
* @throws
*/
public String getPrimaryOpenID(String userName) throws Exception {
validateInputParameters(new String[]{userName}, "Invalid parameters provided to getOpenID");
checkUserAuthorization(userName, "getOpenID");
return IdentityUtil.getProperty(ServerConfig.OPENID_USER_PATTERN) + userName;
}
/**
* @param userName
* @return
* @throws Exception
*/
public String[] getAllOpenIDs(String userName) throws Exception {
validateInputParameters(new String[]{userName},
"Invalid parameters provided to getAllOpenIDs");
// checkUserAuthorization(extractPrimaryUserName(userName), "getAllOpenIDs");
IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager();
// Get all External OpenIDs of an user
String[] externalOpenIDs = persistenceManager.getOpenIDsForUser(IdentityTenantUtil.getRegistry()
,AdminServicesUtil.getUserRealm(), userName);
String[] openIDset = new String[externalOpenIDs.length + 1];
// Index zero of the returning array would be the primary OpenID.
openIDset[0] = getPrimaryOpenID(userName);
// Append all the external OpenIDs to the end of the array.
for (int i = 0; i < externalOpenIDs.length; i++) {
openIDset[i + 1] = externalOpenIDs[i];
}
return openIDset;
}
public void removeOpenID(String openID) {
try {
IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager();
persistenceManager.removeOpenIDSignUp(IdentityTenantUtil.getRegistry(),
AdminServicesUtil.getUserRealm(), openID);
} catch (Exception e) {
log.error("Error instantiating a Persistence Manager.", e);
}
}
/**
* @param ppid
* @return
* @throws Exception
*/
public String extractPrimaryUserName(String ppid) throws Exception {
return IdentityUtil.getPPIDDisplayValue(ppid);
}
/**
* @param username
* @param operation
* @throws IdentityProviderException
*/
private void checkUserAuthorization(String username, String operation)
throws IdentityProviderException {
MessageContext msgContext = MessageContext.getCurrentMessageContext();
HttpServletRequest request = (HttpServletRequest) msgContext
.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
HttpSession httpSession = request.getSession(false);
if (username.contains("@")) {
username = username.substring(0, username.indexOf("@"));
}
if (httpSession != null) {
String userName = (String) httpSession.getAttribute(ServerConstants.USER_LOGGED_IN);
if (!username.equals(userName)) {
throw new IdentityProviderException("Unauthorised action by user " + username
+ " to access " + operation);
}
return;
}
throw new IdentityProviderException("Unauthorised action by user " + username
+ " to access " + operation);
}
/**
* @param params
* @param message
*/
private void validateInputParameters(String[] params, String message) {
for (int i = 0; i < params.length; i++) {
if (params[i] == null || params[i].trim().length() == 0) {
if (log.isDebugEnabled()) {
log.debug(message);
}
throw new IllegalArgumentException(message);
}
}
}
}