/*
* Copyright 2005,2006 WSO2, Inc. http://www.wso2.org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.identity.provider.admin;
import org.apache.axis2.AxisFault;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonException;
import org.wso2.carbon.identity.base.IdentityConstants;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.model.RelyingPartyDO;
import org.wso2.carbon.identity.core.model.UserTrustedRPDO;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.provider.IdentityProviderException;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.security.SecurityConfigException;
import org.wso2.carbon.security.keystore.KeyStoreAdmin;
import java.io.File;
public class RelyingPartyAdmin {
private static Log log = LogFactory.getLog(RelyingPartyAdmin.class);
private IdentityPersistenceManager dbMan;
private String userIdentifier;
public RelyingPartyAdmin() throws IdentityProviderException {
try {
dbMan = IdentityPersistenceManager.getPersistanceManager();
} catch (Exception e) {
throw new IdentityProviderException(e.getMessage(), e);
}
}
public RelyingPartyAdmin(String userName) throws IdentityProviderException {
try {
dbMan = IdentityPersistenceManager.getPersistanceManager();
userIdentifier = userName;
} catch (Exception e) {
throw new IdentityProviderException(e.getMessage(), e);
}
}
/**
* These are the relying parties globally trusted. We should have their issuer certificates
* either in our key store [wso2carbon.jks] or the cacerts.
*
* @param rpName
* @throws AxisFault
*/
public void createGloabllyTrustedRelyingParty(String rpName) throws AxisFault {
RelyingPartyDO rp = new RelyingPartyDO();
rp.setHostName(rpName);
try {
dbMan.createGloabllyTrustedRelyingParty(getRegsitry(), rp);
} catch (Exception e) {
throw new AxisFault(e.getMessage(), e);
}
}
private Registry getRegsitry() throws IdentityException, CarbonException {
if (userIdentifier != null) {
return IdentityTenantUtil.getRegistry(null, userIdentifier);
} else {
return IdentityTenantUtil.getRegistry();
}
}
/**
* These are the relying parties globally trusted. We should have their issuer certificates
* either in our key store [wso2carbon.jks] or the cacerts.
*
* @param rp
* @throws AxisFault
*/
public void createGloballyTrusted(RelyingPartyDO rp) throws AxisFault {
try {
dbMan.createGloabllyTrustedRelyingParty(getRegsitry(), rp);
} catch (Exception e) {
throw new AxisFault(e.getMessage(), e);
}
}
public UserTrustedRPDO getUserTrudetRelyingParty(String alias, String user) throws Exception {
return dbMan.getUserTrustedRelyingParty(getRegsitry(), user, alias);
}
public void create(UserTrustedRPDO rp) throws Exception {
dbMan.createUserTrustedRelyingParty(getRegsitry(), rp);
}
public RelyingPartyDO[] getAllGloballyTrustedRelyingParties() throws AxisFault {
try {
return dbMan.getAllGloballyTrustedRelyingParties(getRegsitry());
} catch (Exception e) {
throw new AxisFault(e.getMessage(), e);
}
}
/**
* Returns the relying party corresponding to the given host name. These are globally trusted
* relying parties.
*
* @param hostName Applies to host-name while issuing an information card.
* @return
*/
public RelyingPartyDO getRelyingParty(String hostName) throws AxisFault {
try {
return dbMan.getGloballyTrustedRelyingParty(getRegsitry(), hostName);
} catch (Exception e) {
throw new AxisFault(e.getMessage(), e);
}
}
public UserTrustedRPDO[] getAllUserTrustedRelyingParties(String user) throws Exception {
return dbMan.getAllUserTrusteddRelyingParties(getRegsitry(), user);
}
public void createUserTrustedRelyingParty(String userName, String hostName, String content)
throws IdentityProviderException, IdentityException, CarbonException {
KeyStoreAdmin keyAdmin = null;
UserTrustedRPDO rpdo = null;
String storeFilePath = null;
storeFilePath = IdentityUtil
.getProperty(IdentityConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
try {
keyAdmin = new KeyStoreAdmin(
IdentityTenantUtil.getRegistryService().getGovernanceSystemRegistry());
if (hostName == null) {
hostName = keyAdmin.importCertToStore(content, new File(storeFilePath).getName());
} else {
keyAdmin.importCertToStore(hostName, content, new File(storeFilePath).getName());
}
} catch (Exception e) {
throw new IdentityProviderException(e.getMessage(), e);
}
if (hostName != null) {
rpdo = new UserTrustedRPDO();
rpdo.setHostName(hostName);
rpdo.setUserId(userName);
dbMan.createUserTrustedRelyingParty(getRegsitry(), rpdo);
}
}
/**
* Remove a personal relying party
*
* @param user
* @param hostName
* @throws IdentityException
*/
public void removeUserTrustedRelyingParty(String user, String hostName)
throws IdentityProviderException, IdentityException, CarbonException {
String storeFilePath = null;
KeyStoreAdmin keyAdmin = null;
UserTrustedRPDO rpdo = null;
storeFilePath = IdentityUtil
.getProperty(IdentityConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
rpdo = new UserTrustedRPDO();
rpdo.setHostName(hostName);
rpdo.setUserId(user);
dbMan.removeUserTrustedRelyingParty(getRegsitry(), rpdo);
try {
keyAdmin = new KeyStoreAdmin(IdentityTenantUtil.getRegistryService().getGovernanceSystemRegistry());
keyAdmin.removeCertFromStore(hostName, new File(storeFilePath).getName());
} catch (SecurityConfigException e) {
throw new IdentityProviderException(e.getMessage(), e);
} catch (RegistryException e) {
throw new IdentityProviderException(e.getMessage(), e);
}
}
}