From 5ef08cc0409d2cbb76db5acbd75fb35978780846 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Tue, 3 Dec 2024 10:38:55 +0530 Subject: [PATCH] Add authentication DAO layer for user def auth mgt. --- .../common/cache/AuthenticatorCache.java | 47 +++ .../common/cache/AuthenticatorCacheEntry.java | 45 +++ .../common/cache/AuthenticatorCacheKey.java | 54 +++ .../dao/AuthenticatorManagementDAO.java | 91 +++++ .../impl/AuthenticatorManagementDAOImpl.java | 338 ++++++++++++++++++ .../impl/AuthenticatorManagementFacade.java | 105 ++++++ .../impl/CacheBackedAuthenticatorMgtDAO.java | 103 ++++++ 7 files changed, 783 insertions(+) create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCache.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheEntry.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheKey.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/AuthenticatorManagementDAO.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementDAOImpl.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementFacade.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/CacheBackedAuthenticatorMgtDAO.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCache.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCache.java new file mode 100644 index 000000000000..b1495a2f30db --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCache.java @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.cache; + +import org.wso2.carbon.identity.core.cache.BaseCache; +import org.wso2.carbon.utils.CarbonUtils; + +/** + * Cache for the user defined local application authenticator configurations. + */ +public class AuthenticatorCache extends BaseCache { + + private static final String CACHE_NAME = "AuthenticatorCache"; + private static final AuthenticatorCache INSTANCE = new AuthenticatorCache(); + + private AuthenticatorCache() { + + super(CACHE_NAME); + } + + /** + * Get Authenticator cache by the name instance. + * + * @return Authenticator cache by name instance. + */ + public static AuthenticatorCache getInstance() { + + CarbonUtils.checkSecurity(); + return INSTANCE; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheEntry.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheEntry.java new file mode 100644 index 000000000000..31b29923ecd0 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheEntry.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.cache; + +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.core.cache.CacheEntry; + +/** + * Cache Entry for the user defined local application authenticator configurations. + */ +public class AuthenticatorCacheEntry extends CacheEntry { + + private UserDefinedLocalAuthenticatorConfig authenticatorConfig; + + public AuthenticatorCacheEntry(UserDefinedLocalAuthenticatorConfig authenticatorConfig) { + + this.authenticatorConfig = authenticatorConfig; + } + + public UserDefinedLocalAuthenticatorConfig getAuthenticatorConfig() { + + return authenticatorConfig; + } + + public void setAuthenticatorConfig(UserDefinedLocalAuthenticatorConfig authenticatorConfig) { + + this.authenticatorConfig = authenticatorConfig; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheKey.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheKey.java new file mode 100644 index 000000000000..849aade9b671 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/cache/AuthenticatorCacheKey.java @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.cache; + +import org.wso2.carbon.identity.core.cache.CacheKey; + +/** + * Cache key for the user defined local application authenticator configurations. + */ +public class AuthenticatorCacheKey extends CacheKey { + + private final String authenticatorName; + + public AuthenticatorCacheKey(String authenticatorName) { + + this.authenticatorName = authenticatorName; + } + + public String getAuthenticatorName() { + + return authenticatorName; + } + + @Override + public boolean equals(Object o) { + + if (!(o instanceof AuthenticatorCacheKey)) { + return false; + } + return authenticatorName.equals(((AuthenticatorCacheKey) o).getAuthenticatorName()); + } + + @Override + public int hashCode() { + + return authenticatorName.hashCode(); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/AuthenticatorManagementDAO.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/AuthenticatorManagementDAO.java new file mode 100644 index 000000000000..7698e0d596a1 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/AuthenticatorManagementDAO.java @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.dao; + +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; + +import java.util.List; + +/** + * This interface performs CRUD operations for the user defined local application authenticator configurations. + */ +public interface AuthenticatorManagementDAO { + + /** + * Create a new user defined local application authenticator configuration. + * + * @param authenticatorConfig Local application authenticator configuration. + * @param tenantId Tenant Id. + * + * @return Created UserDefinedLocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while adding the authenticator configuration. + */ + UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException; + + /** + * Update a user defined local application authenticator configuration. + * + * @param existingAuthenticatorConfig Existing Local application authenticator configuration. + * @param updatedAuthenticatorConfig New local application authenticator configuration. + * @param tenantId Tenant Id. + * + * @return Updated UserDefinedLocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while updating the authenticator configuration. + */ + UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig existingAuthenticatorConfig, + UserDefinedLocalAuthenticatorConfig updatedAuthenticatorConfig, int tenantId) + throws AuthenticatorMgtException; + + /** + * Retrieve a Local user defined Application Authenticator configuration by name. + * + * @param authenticatorConfigName Name of the local application authenticator configuration. + * @param tenantId Tenant Id. + * + * @return Retrieved UserDefinedLocalAuthenticatorConfig + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration. + */ + UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator( + String authenticatorConfigName, int tenantId) throws AuthenticatorMgtException; + + /** + * Retrieve all user defined local application authenticator configurations. + * + * @param tenantId Tenant Id. + * + * @return Retrieved UserDefinedLocalAuthenticatorConfig + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configurations. + */ + List getAllUserDefinedLocalAuthenticator(int tenantId) + throws AuthenticatorMgtException; + + /** + * Create a new user defined local application authenticator configuration. + * + * @param authenticatorConfigName Name of the local application authenticator configuration. + * @param tenantId Tenant Id. + * + * @throws AuthenticatorMgtException If an error occurs while deleting the authenticator configuration. + */ + void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, UserDefinedLocalAuthenticatorConfig + authenticatorConfig, int tenantId) throws AuthenticatorMgtException; +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementDAOImpl.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementDAOImpl.java new file mode 100644 index 000000000000..1b8e559ccbfd --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementDAOImpl.java @@ -0,0 +1,338 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.dao.impl; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtSQLConstants.Column; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtSQLConstants.Query; +import org.wso2.carbon.identity.application.common.dao.AuthenticatorManagementDAO; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtServerException; +import org.wso2.carbon.identity.application.common.model.Property; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.AuthenticatorMgtError; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.AuthenticationType; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; +import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; + +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; + +import static org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.buildServerException; + +/** + * This class implements the AuthenticatorManagementDAO interface which perform CRUD operation on database. + */ +public class AuthenticatorManagementDAOImpl implements AuthenticatorManagementDAO { + + private static final Log LOG = LogFactory.getLog(AuthenticatorManagementDAOImpl.class); + public static final String IS_TRUE_VALUE = "1"; + public static final String IS_FALSE_VALUE = "0"; + public static final String LOCAL_IDP_NAME = "LOCAL"; + + @Override + public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true); + + try (NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, Query.ADD_AUTHENTICATOR_SQL)) { + statement.setString(Column.NAME, authenticatorConfig.getName()); + statement.setString(Column.DISPLAY_NAME, authenticatorConfig.getDisplayName()); + statement.setString(Column.DEFINED_BY, authenticatorConfig.getDefinedByType().toString()); + statement.setString(Column.AUTHENTICATION_TYPE, authenticatorConfig.getAuthenticationType().toString()); + statement.setInt(Column.IS_ENABLED, authenticatorConfig.isEnabled() ? 1 : 0); + statement.setString(Column.IDP_NAME, LOCAL_IDP_NAME); + statement.setInt(Column.TENANT_ID, tenantId); + statement.executeUpdate(); + + if (authenticatorConfig.getProperties() != null) { + + int authenticatorConfigID = getAuthenticatorIdentifier(dbConnection, authenticatorConfig.getName(), + tenantId); + addAuthenticatorProperties(dbConnection, authenticatorConfigID, authenticatorConfig.getProperties(), + tenantId); + } + IdentityDatabaseUtil.commitTransaction(dbConnection); + + return getUserDefinedLocalAuthenticatorByName(dbConnection, authenticatorConfig.getName(), tenantId); + } catch (SQLException e) { + if (LOG.isDebugEnabled()) { + LOG.debug(String.format("Error while adding the authenticator: %s in tenant domain: %s. " + + "Rolling back added Authenticator information.", authenticatorConfig.getName(), + IdentityTenantUtil.getTenantDomain(tenantId))); + } + IdentityDatabaseUtil.rollbackTransaction(dbConnection); + throw buildServerException(AuthenticatorMgtError.ERROR_WHILE_ADDING_AUTHENTICATOR, e); + } finally { + IdentityDatabaseUtil.closeConnection(dbConnection); + } + } + + @Override + public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig existingAuthenticatorConfig, + UserDefinedLocalAuthenticatorConfig updatedAuthenticatorConfig, int tenantId) + throws AuthenticatorMgtException { + + Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true); + try { + if (isBasicInfoUpdated(existingAuthenticatorConfig, updatedAuthenticatorConfig)) { + try (NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, + Query.UPDATE_AUTHENTICATOR_SQL)) { + statement.setString(Column.DISPLAY_NAME, updatedAuthenticatorConfig.getDisplayName()); + statement.setInt(Column.IS_ENABLED, updatedAuthenticatorConfig.isEnabled() ? 1 : 0); + statement.setString(Column.NAME, existingAuthenticatorConfig.getName()); + statement.setInt(Column.TENANT_ID, tenantId); + statement.executeUpdate(); + } + } + + // Will delete all the properties of given authenticator and add the updated properties. + int authenticatorConfigID = getAuthenticatorIdentifier(dbConnection, + existingAuthenticatorConfig.getName(), tenantId); + deletedAuthenticatorProperties(dbConnection, authenticatorConfigID, tenantId); + addAuthenticatorProperties(dbConnection, authenticatorConfigID, updatedAuthenticatorConfig.getProperties(), + tenantId); + + IdentityDatabaseUtil.commitTransaction(dbConnection); + + return getUserDefinedLocalAuthenticatorByName(dbConnection, updatedAuthenticatorConfig.getName(), tenantId); + } catch (SQLException e) { + if (LOG.isDebugEnabled()) { + LOG.debug(String.format("Error while updating the authenticator: %s in tenant domain: %s. " + + "Rolling back updated Authenticator information.", + existingAuthenticatorConfig.getName(), IdentityTenantUtil.getTenantDomain(tenantId))); + } + IdentityDatabaseUtil.rollbackTransaction(dbConnection); + throw buildServerException(AuthenticatorMgtError.ERROR_WHILE_UPDATING_AUTHENTICATOR, e); + } finally { + IdentityDatabaseUtil.closeConnection(dbConnection); + } + } + + @Override + public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator( + String authenticatorConfigName, int tenantId) throws AuthenticatorMgtException { + + Connection dbConnection = IdentityDatabaseUtil.getDBConnection(false); + try { + return getUserDefinedLocalAuthenticatorByName(dbConnection, authenticatorConfigName, tenantId); + } finally { + IdentityDatabaseUtil.closeConnection(dbConnection); + } + } + + @Override + public List getAllUserDefinedLocalAuthenticator(int tenantId) + throws AuthenticatorMgtException { + + try (Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true); + NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, + Query.GET_ALL_USER_DEFINED_AUTHENTICATOR_SQL)) { + statement.setString(Column.DEFINED_BY, DefinedByType.USER.toString()); + statement.setInt(Column.TENANT_ID, tenantId); + + List allUserDefinedLocalConfigs = new ArrayList<>(); + try (ResultSet rs = statement.executeQuery()) { + while (rs.next()) { + UserDefinedLocalAuthenticatorConfig config = getLocalAuthenticatorConfigBasedOnType( + rs.getString(Column.AUTHENTICATION_TYPE)); + config.setName(rs.getString(Column.NAME)); + config.setDisplayName(rs.getString(Column.DISPLAY_NAME)); + config.setEnabled(rs.getString(Column.IS_ENABLED).equals(IS_TRUE_VALUE)); + config.setDefinedByType(DefinedByType.valueOf(rs.getString(Column.DEFINED_BY))); + + int authenticatorConfigID = getAuthenticatorIdentifier(dbConnection, config.getName(), tenantId); + try (NamedPreparedStatement statementProp = new NamedPreparedStatement(dbConnection, + Query.GET_AUTHENTICATOR_PROP_SQL)) { + statementProp.setInt(Column.AUTHENTICATOR_ID, authenticatorConfigID); + statementProp.setInt(Column.TENANT_ID, tenantId); + + try (ResultSet rsProp = statementProp.executeQuery()) { + List properties = new ArrayList<>(); + while (rsProp.next()) { + Property property = new Property(); + property.setName(rsProp.getString(Column.PROPERTY_KEY)); + property.setValue(rsProp.getString(Column.PROPERTY_VALUE)); + property.setConfidential(false); + properties.add(property); + } + config.setProperties(properties.toArray(new Property[0])); + } + } + + allUserDefinedLocalConfigs.add(config); + } + } + + return allUserDefinedLocalConfigs; + } catch (SQLException e) { + if (LOG.isDebugEnabled()) { + LOG.debug(String.format("Error while retrieving the all user defined local authenticators in tenant " + + "domain: %s.", IdentityTenantUtil.getTenantDomain(tenantId))); + } + throw buildServerException(AuthenticatorMgtError.ERROR_WHILE_DELETING_AUTHENTICATOR, e); + } + } + + @Override + public void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + Connection dbConnection = IdentityDatabaseUtil.getDBConnection(true); + try (NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, + Query.DELETE_AUTHENTICATOR_SQL)) { + statement.setString(Column.NAME, authenticatorConfigName); + statement.setInt(Column.TENANT_ID, tenantId); + statement.executeUpdate(); + + IdentityDatabaseUtil.commitTransaction(dbConnection); + } catch (SQLException e) { + if (LOG.isDebugEnabled()) { + LOG.debug(String.format("Error while deleting the authenticator: %s in tenant domain: %s. " + + "Rolling back deleted Authenticator information.", authenticatorConfigName, + IdentityTenantUtil.getTenantDomain(tenantId))); + } + IdentityDatabaseUtil.rollbackTransaction(dbConnection); + throw buildServerException(AuthenticatorMgtError.ERROR_WHILE_DELETING_AUTHENTICATOR, e); + } finally { + IdentityDatabaseUtil.closeConnection(dbConnection); + } + } + + private UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticatorByName( + Connection dbConnection, String authenticatorConfigName, int tenantId) + throws AuthenticatorMgtServerException { + + UserDefinedLocalAuthenticatorConfig config = null; + try (NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, Query.GET_AUTHENTICATOR_SQL)) { + statement.setString(Column.NAME, authenticatorConfigName); + statement.setInt(Column.TENANT_ID, tenantId); + + try (ResultSet rs = statement.executeQuery()) { + if (rs.next()) { + config = getLocalAuthenticatorConfigBasedOnType(rs.getString(Column.AUTHENTICATION_TYPE)); + config.setName(rs.getString(Column.NAME)); + config.setDisplayName(rs.getString(Column.DISPLAY_NAME)); + config.setEnabled(rs.getString(Column.IS_ENABLED).equals(IS_TRUE_VALUE)); + config.setDefinedByType(DefinedByType.valueOf(rs.getString(Column.DEFINED_BY))); + } + } + + if (config == null) { + return null; + } + + int authenticatorConfigID = getAuthenticatorIdentifier(dbConnection, config.getName(), tenantId); + try (NamedPreparedStatement statementProp = new NamedPreparedStatement(dbConnection, + Query.GET_AUTHENTICATOR_PROP_SQL)) { + statementProp.setInt(Column.AUTHENTICATOR_ID, authenticatorConfigID); + statementProp.setInt(Column.TENANT_ID, tenantId); + + try (ResultSet rs = statementProp.executeQuery()) { + List properties = new ArrayList<>(); + while (rs.next()) { + Property property = new Property(); + property.setName(rs.getString(Column.PROPERTY_KEY)); + property.setValue(rs.getString(Column.PROPERTY_VALUE)); + property.setConfidential(false); + properties.add(property); + } + config.setProperties(properties.toArray(new Property[0])); + } + } + + IdentityDatabaseUtil.commitTransaction(dbConnection); + return config; + } catch (SQLException e) { + throw buildServerException(AuthenticatorMgtError.ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME, e); + } + } + + private UserDefinedLocalAuthenticatorConfig getLocalAuthenticatorConfigBasedOnType(String authenticationType) { + + if (AuthenticationType.VERIFICATION.toString().equals(authenticationType)) { + return new UserDefinedLocalAuthenticatorConfig(AuthenticationType.VERIFICATION); + } + return new UserDefinedLocalAuthenticatorConfig(AuthenticationType.IDENTIFICATION); + } + + private boolean isBasicInfoUpdated(UserDefinedLocalAuthenticatorConfig existingAuthenticatorConfig, + UserDefinedLocalAuthenticatorConfig updatedAuthenticatorConfig) { + + return !existingAuthenticatorConfig.getDisplayName().equals(updatedAuthenticatorConfig.getDisplayName()) || + existingAuthenticatorConfig.isEnabled() != updatedAuthenticatorConfig.isEnabled(); + } + + private int getAuthenticatorIdentifier(Connection dbConnection, String authenticatorConfigName, + int tenantId) throws AuthenticatorMgtServerException, SQLException { + + try (NamedPreparedStatement statement = new NamedPreparedStatement(dbConnection, + Query.GET_AUTHENTICATOR_ID_SQL)) { + statement.setString(Column.NAME, authenticatorConfigName); + statement.setInt(Column.TENANT_ID, tenantId); + + try (ResultSet rs = statement.executeQuery()) { + if (rs.next()) { + return rs.getInt(Column.ID); + } + } + IdentityDatabaseUtil.commitTransaction(dbConnection); + } + throw buildServerException(AuthenticatorMgtError.ERROR_CODE_NO_AUTHENTICATOR_FOUND, authenticatorConfigName); + } + + private void deletedAuthenticatorProperties(Connection dbConnection, int authenticatorConfigID, int tenantId) + throws SQLException { + + try (NamedPreparedStatement statementDeleteProp = new NamedPreparedStatement(dbConnection, + Query.DELETE_AUTHENTICATOR_PROP_SQL)) { + statementDeleteProp.setInt(Column.AUTHENTICATOR_ID, authenticatorConfigID); + statementDeleteProp.setInt(Column.TENANT_ID, tenantId); + statementDeleteProp.executeUpdate(); + } + } + + private void addAuthenticatorProperties(Connection dbConnection, int authenticatorConfigID, Property[] properties, + int tenantId) throws SQLException { + + try (NamedPreparedStatement statementProp = new NamedPreparedStatement(dbConnection, + Query.ADD_AUTHENTICATOR_PROP_SQL)) { + for (Property prop : properties) { + statementProp.setInt(Column.AUTHENTICATOR_ID, authenticatorConfigID); + statementProp.setInt(Column.TENANT_ID, tenantId); + statementProp.setString(Column.PROPERTY_KEY, prop.getName()); + statementProp.setString(Column.PROPERTY_VALUE, prop.getValue()); + if (prop.isConfidential()) { + statementProp.setString(Column.IS_SECRET, IS_TRUE_VALUE); + } else { + statementProp.setString(Column.IS_SECRET, IS_FALSE_VALUE); + } + statementProp.executeUpdate(); + } + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementFacade.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementFacade.java new file mode 100644 index 000000000000..a8c54afa99e0 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementFacade.java @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.dao.impl; + +import org.wso2.carbon.identity.application.common.dao.AuthenticatorManagementDAO; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.UserDefinedAuthenticatorEndpointConfigManager; + +import java.util.List; + +/** + * This class responsible for managing authenticator endpoint configurations for the user defined local + * authenticators. + */ +public class AuthenticatorManagementFacade implements AuthenticatorManagementDAO { + + private final AuthenticatorManagementDAO dao; + private UserDefinedAuthenticatorEndpointConfigManager endpointConfigManager = + new UserDefinedAuthenticatorEndpointConfigManager(); + + public AuthenticatorManagementFacade(AuthenticatorManagementDAO dao) { + + this.dao = dao; + } + + @Override + public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + endpointConfigManager.addEndpointConfigurations(authenticatorConfig, tenantId); + try { + return dao.addUserDefinedLocalAuthenticator(authenticatorConfig, tenantId); + } catch (AuthenticatorMgtException e) { + endpointConfigManager.deleteEndpointConfigurations(authenticatorConfig, tenantId); + throw e; + } + } + + @Override + public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(UserDefinedLocalAuthenticatorConfig + existingAuthenticatorConfig, UserDefinedLocalAuthenticatorConfig newAuthenticatorConfig, + int tenantId) throws AuthenticatorMgtException { + + endpointConfigManager.updateEndpointConfigurations(newAuthenticatorConfig, existingAuthenticatorConfig, + tenantId); + try { + return dao.updateUserDefinedLocalAuthenticator(existingAuthenticatorConfig, newAuthenticatorConfig, + tenantId); + } catch (AuthenticatorMgtException e) { + endpointConfigManager.updateEndpointConfigurations(existingAuthenticatorConfig, newAuthenticatorConfig, + tenantId); + throw e; + } + } + + @Override + public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator( + String authenticatorConfigName, int tenantId) throws AuthenticatorMgtException { + + UserDefinedLocalAuthenticatorConfig config = dao.getUserDefinedLocalAuthenticator(authenticatorConfigName, + tenantId); + return endpointConfigManager.resolveEndpointConfigurations(config, tenantId); + } + + @Override + public List getAllUserDefinedLocalAuthenticator(int tenantId) + throws AuthenticatorMgtException { + + List configList = dao.getAllUserDefinedLocalAuthenticator(tenantId); + for (UserDefinedLocalAuthenticatorConfig config : configList) { + endpointConfigManager.resolveEndpointConfigurations(config, tenantId); + } + return configList; + } + + @Override + public void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, UserDefinedLocalAuthenticatorConfig + authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + endpointConfigManager.deleteEndpointConfigurations(authenticatorConfig, tenantId); + try { + dao.deleteUserDefinedLocalAuthenticator(authenticatorConfigName, authenticatorConfig, tenantId); + } catch (AuthenticatorMgtException e) { + endpointConfigManager.addEndpointConfigurations(authenticatorConfig, tenantId); + throw e; + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/CacheBackedAuthenticatorMgtDAO.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/CacheBackedAuthenticatorMgtDAO.java new file mode 100644 index 000000000000..8f098f61b140 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/CacheBackedAuthenticatorMgtDAO.java @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.dao.impl; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.application.common.cache.AuthenticatorCache; +import org.wso2.carbon.identity.application.common.cache.AuthenticatorCacheEntry; +import org.wso2.carbon.identity.application.common.cache.AuthenticatorCacheKey; +import org.wso2.carbon.identity.application.common.dao.AuthenticatorManagementDAO; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; + +import java.util.List; + +/** + * This class implements the Cache backed AuthenticatorManagementDAO interface. + */ +public class CacheBackedAuthenticatorMgtDAO implements AuthenticatorManagementDAO { + + private static final Log LOG = LogFactory.getLog(CacheBackedAuthenticatorMgtDAO.class); + private final AuthenticatorCache authenticatorCache; + private final AuthenticatorManagementFacade authenticatorMgtFacade; + + public CacheBackedAuthenticatorMgtDAO(AuthenticatorManagementDAO authenticatorManagementDAO) { + + authenticatorMgtFacade = new AuthenticatorManagementFacade(authenticatorManagementDAO); + authenticatorCache = AuthenticatorCache.getInstance(); + } + + @Override + public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + UserDefinedLocalAuthenticatorConfig createdConfig = authenticatorMgtFacade.addUserDefinedLocalAuthenticator( + authenticatorConfig, tenantId); + + AuthenticatorCacheKey cacheKey = new AuthenticatorCacheKey(authenticatorConfig.getName()); + authenticatorCache.addToCache(cacheKey, new AuthenticatorCacheEntry(createdConfig), tenantId); + return createdConfig; + } + + @Override + public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(UserDefinedLocalAuthenticatorConfig + existingAuthenticatorConfig, UserDefinedLocalAuthenticatorConfig newAuthenticatorConfig, + int tenantId) throws AuthenticatorMgtException { + + AuthenticatorCacheKey cacheKey = new AuthenticatorCacheKey(existingAuthenticatorConfig.getName()); + authenticatorCache.clearCacheEntry(cacheKey, tenantId); + + return authenticatorMgtFacade.updateUserDefinedLocalAuthenticator( + existingAuthenticatorConfig, newAuthenticatorConfig, tenantId); + } + + @Override + public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator( + String authenticatorConfigName, int tenantId) throws AuthenticatorMgtException { + + AuthenticatorCacheKey cacheKey = new AuthenticatorCacheKey(authenticatorConfigName); + AuthenticatorCacheEntry entry = authenticatorCache.getValueFromCache(cacheKey, tenantId); + + if (entry != null) { + return entry.getAuthenticatorConfig(); + } + + UserDefinedLocalAuthenticatorConfig authenticatorConfig = authenticatorMgtFacade + .getUserDefinedLocalAuthenticator(authenticatorConfigName, tenantId); + authenticatorCache.addToCache(cacheKey, new AuthenticatorCacheEntry(authenticatorConfig), tenantId); + return authenticatorConfig; + } + + @Override + public List getAllUserDefinedLocalAuthenticator(int tenantId) + throws AuthenticatorMgtException { + + return authenticatorMgtFacade.getAllUserDefinedLocalAuthenticator(tenantId); + } + + @Override + public void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, + UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException { + + authenticatorCache.clearCacheEntry(new AuthenticatorCacheKey(authenticatorConfigName), tenantId); + authenticatorMgtFacade.deleteUserDefinedLocalAuthenticator(authenticatorConfigName, authenticatorConfig, + tenantId); + } +}