From e18b8ca1a55c276c7f7e363f43c06381d010c4d1 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 28 Oct 2024 07:28:50 +0530 Subject: [PATCH 1/4] Add new VerificationAuthenticatorConfig for verification authenticators --- .../ApplicationAuthenticatorService.java | 170 ++++++++++++++++++ .../AuthenticatorMgtErrorConstants.java | 79 ++++++++ .../AuthenticatorMgtClientException.java | 30 ++++ .../exception/AuthenticatorMgtException.java | 79 ++++++++ .../AuthenticatorMgtServerException.java | 51 ++++++ .../VerificationAuthenticatorConfig.java | 49 +++++ ...serDefinedLocalAuthenticatorValidator.java | 87 +++++++++ 7 files changed, 545 insertions(+) create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index e93a82f42b75..0af8b676bbf4 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -18,9 +18,20 @@ package org.wso2.carbon.identity.application.common; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; +import org.wso2.carbon.identity.application.common.dao.impl.AuthenticatorManagementDAOImpl; +import org.wso2.carbon.identity.application.common.dao.impl.CacheBackedAuthenticatorMgtDAO; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.UserDefinedLocalAuthenticatorValidator; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.AuthenticationType; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import java.util.ArrayList; import java.util.List; @@ -31,10 +42,15 @@ public class ApplicationAuthenticatorService { private static volatile ApplicationAuthenticatorService instance; + private static final Log LOG = LogFactory.getLog(ApplicationAuthenticatorService.class); + private static final CacheBackedAuthenticatorMgtDAO CACHE_BACKED_DAO = + new CacheBackedAuthenticatorMgtDAO(new AuthenticatorManagementDAOImpl()); private List localAuthenticators = new ArrayList<>(); private List federatedAuthenticators = new ArrayList<>(); private List requestPathAuthenticators = new ArrayList<>(); + private UserDefinedLocalAuthenticatorValidator authenticatorValidator = + new UserDefinedLocalAuthenticatorValidator(); public static ApplicationAuthenticatorService getInstance() { if (instance == null) { @@ -47,10 +63,30 @@ public static ApplicationAuthenticatorService getInstance() { return instance; } + /** + * This returns only SYSTEM defined local authenticators. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + @Deprecated public List getLocalAuthenticators() { return this.localAuthenticators; } + /** + * This returns both SYSTEM and USER defined local authenticators. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + public List getLocalAuthenticators(String tenantDomain) + throws AuthenticatorMgtException { + + List userDefinedAuthenticators = + CACHE_BACKED_DAO.getAllUserDefinedLocalAuthenticator(IdentityTenantUtil.getTenantId(tenantDomain)); + userDefinedAuthenticators.addAll(localAuthenticators); + return userDefinedAuthenticators; + } + public List getFederatedAuthenticators() { return this.federatedAuthenticators; } @@ -59,6 +95,14 @@ public List getRequestPathAuthenticators() { return this.requestPathAuthenticators; } + /** + * This returns only SYSTEM defined local authenticator by name. + * + * @param name The name of the Local Application Authenticator configuration. + * + * @return Retrieved LocalAuthenticatorConfig. + */ + @Deprecated public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { for (LocalAuthenticatorConfig localAuthenticator : localAuthenticators) { if (localAuthenticator.getName().equals(name)) { @@ -68,6 +112,28 @@ public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { return null; } + /** + * Retrieve both USER and SYSTEM defined Local Application Authenticator configuration by name. + * + * @param name The name of the Local Application Authenticator configuration. + * @param tenantDomain Tenant domain. + * + * @return Retrieved LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration by name. + */ + public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name, String tenantDomain) + throws AuthenticatorMgtException { + + /* First, check whether an authenticator by the given name is in the system defined authenticators list. + If not, check in user defined authenticators. */ + for (LocalAuthenticatorConfig localAuthenticator : localAuthenticators) { + if (localAuthenticator.getName().equals(name)) { + return localAuthenticator; + } + } + return getUserDefinedLocalAuthenticator(name, tenantDomain); + } + public FederatedAuthenticatorConfig getFederatedAuthenticatorByName(String name) { for (FederatedAuthenticatorConfig federatedAuthenticator : federatedAuthenticators) { if (federatedAuthenticator.getName().equals(name)) { @@ -121,4 +187,108 @@ public void removeRequestPathAuthenticator(RequestPathAuthenticatorConfig authen requestPathAuthenticators.remove(authenticator); } } + + /** + * Create a user defined Local Application Authenticator configuration. + * + * @param authenticatorConfig The Local Application Authenticator configuration. + * @param type Authentication type of the authenticator. + * @param tenantDomain Tenant domain. + * + * @return Updated LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while creating the authenticator configuration. + */ + public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, + AuthenticationType type, String tenantDomain) throws AuthenticatorMgtException { + + LocalAuthenticatorConfig config = getLocalAuthenticatorByName(authenticatorConfig.getName(), tenantDomain); + if (config != null) { + ErrorMessages error = ErrorMessages.ERROR_AUTHENTICATOR_ALREADY_EXIST; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorConfig.getName())); + } + authenticatorValidator.validateAuthenticatorName(authenticatorConfig.getName()); + authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); + authenticatorValidator.validateDefinedByType(authenticatorConfig); + + return CACHE_BACKED_DAO.addUserDefinedLocalAuthenticator( + authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain), type); + } + + /** + * Update a user defined Local Application Authenticator configuration. + * + * @param authenticatorConfig The Local Application Authenticator configuration. + * @param tenantDomain Tenant Domain. + * + * @return Updated LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while updating the authenticator configuration. + */ + public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, + String tenantDomain) throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + authenticatorConfig.getName(), tenantDomain); + authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); + + return CACHE_BACKED_DAO.updateUserDefinedLocalAuthenticator( + existingConfig, authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain)); + } + + /** + * Update a Local Application Authenticator configuration. + * + * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. + * @param tenantDomain Tenant domain. + * + * @throws AuthenticatorMgtException If an error occurs while deleting the authenticator configuration. + */ + public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); + authenticatorValidator.validateDefinedByType(existingConfig); + + CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, + IdentityTenantUtil.getTenantId(tenantDomain)); + } + + /** + * Retrieve a Local Application Authenticator configuration by name. + * + * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. + * @param tenantDomain Tenant domain. + * + * @return Retrieved LocalAuthenticatorConfig. + * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration. + */ + public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator(authenticatorName, + IdentityTenantUtil.getTenantId(tenantDomain)); + + if (config != null && !config.getDefinedByType().equals(DefinedByType.USER)) { + return null; + } + + return config; + + } + + private LocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, String tenantDomain) + throws AuthenticatorMgtException { + + LocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( + authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); + + if (existingAuthenticatorConfig == null) { + ErrorMessages error = ErrorMessages.ERROR_NOT_FOUND_AUTHENTICATOR; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorName)); + } + + return existingAuthenticatorConfig; + } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java new file mode 100644 index 000000000000..28ef974ac2ba --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.constant; + +/** + * Constants for authenticator configuration management service. + */ +public class AuthenticatorMgtErrorConstants { + + /** + * Error messages. + */ + public enum ErrorMessages { + + // Client errors. + ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator is found.", + "No authenticator is found by given authenticator name: %s."), + ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", + "Do not allow to perform any operation on system defined authenticator: %s."), + ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "There is already an authenticator.", + "There is already an authenticator by the given name: %s."), + ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Invalid authenticator name is provided.", + "The provided authenticator name %s is not in the expected format %s."), + ERROR_BLANK_FIELD_VALUE("60004", "Blank field value is provided.", + "The provided authenticator field value %s should not be empty."), + + // Server errors. + ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", + "Error while persisting authenticator in the system."), + ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", + "Error while updating authenticator in the system."), + ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", + "Error while retrieving authenticator in the system."), + ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", + "Error while deleting authenticator in the system."),; + + private final String code; + private final String message; + private final String description; + + ErrorMessages(String code, String message, String description) { + + this.code = code; + this.message = message; + this.description = description; + } + + public String getCode() { + + return code; + } + + public String getMessage() { + + return message; + } + + public String getDescription() { + + return description; + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java new file mode 100644 index 000000000000..1542f39297fc --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtClientException.java @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management client exception. + */ +public class AuthenticatorMgtClientException extends AuthenticatorMgtException { + + public AuthenticatorMgtClientException(String errorCode, String message, String description) { + + super(message, description, errorCode); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java new file mode 100644 index 000000000000..9d44982db528 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management exception. + */ +public class AuthenticatorMgtException extends Exception { + + private String errorCode; + private String description; + + public AuthenticatorMgtException(String message) { + + super(message); + } + + public AuthenticatorMgtException(String message, String errorCode) { + + super(message); + this.errorCode = errorCode; + } + + public AuthenticatorMgtException(String message, String errorCode, Throwable cause) { + + super(message, cause); + this.errorCode = errorCode; + } + + public AuthenticatorMgtException(String message, String description, String errorCode) { + + super(message); + this.errorCode = errorCode; + this.description = description; + } + + public AuthenticatorMgtException(String message, String description, String errorCode, Throwable cause) { + + super(message, cause); + this.errorCode = errorCode; + this.description = description; + } + + public String getErrorCode() { + + return this.errorCode; + } + + public void setErrorCode(String errorCode) { + + this.errorCode = errorCode; + } + + public String getDescription() { + + return this.description; + } + + public void setDescription(String description) { + + this.description = description; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java new file mode 100644 index 000000000000..507022c1c030 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management server exception. + */ +public class AuthenticatorMgtServerException extends AuthenticatorMgtException { + + public AuthenticatorMgtServerException(String message, String errorCode) { + + super(message, errorCode); + } + + public AuthenticatorMgtServerException(String message, String description, String errorCode) { + + super(message, description, errorCode); + } + + public AuthenticatorMgtServerException(String message, String errorCode, Throwable cause) { + + super(message, errorCode, cause); + } + + public AuthenticatorMgtServerException(String message, String description, String errorCode, + Throwable cause) { + + super(message, description, errorCode, cause); + } + + public AuthenticatorMgtServerException(String message) { + + super(message); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java new file mode 100644 index 000000000000..97efab22cc93 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.model; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +/** + * Verification authenticator configuration. + */ +public class VerificationAuthenticatorConfig extends LocalAuthenticatorConfig { + + private static final String TAG_2FA = "2FA"; + + public VerificationAuthenticatorConfig() { + + setTags(new String[0]); + } + + @Override + public void setTags(String[] tagList) { + + // Check if "2FA" is in the tag list; if not, add it. + List tagsAsList = new ArrayList<>(Arrays.asList()); + if (tagsAsList.contains(TAG_2FA)) { + tags = tagList; + } + + tagsAsList.add(TAG_2FA); + tags = tagsAsList.toArray(new String[0]); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java new file mode 100644 index 000000000000..e2afcc1f0ed2 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.util; + + +import org.apache.commons.lang.StringUtils; +import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; +import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; + +import java.util.regex.Pattern; + +/** + * User Defined Local Authenticator Validator class. + */ +public class UserDefinedLocalAuthenticatorValidator { + + private static final String AUTHENTICATOR_NAME_REGEX = "^[a-zA-Z0-9][a-zA-Z0-9-_]*$"; + private final Pattern authenticatorNameRegexPattern = Pattern.compile(AUTHENTICATOR_NAME_REGEX); + + /** + * Validate whether required fields exist. + * + * @param fieldName Field name. + * @param fieldValue Field value. + * @throws AuthenticatorMgtClientException if the provided field is empty. + */ + public void validateForBlank(String fieldName, String fieldValue) throws AuthenticatorMgtClientException { + + if (StringUtils.isBlank(fieldValue)) { + ErrorMessages error = ErrorMessages.ERROR_BLANK_FIELD_VALUE; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), fieldName)); + } + } + + /** + * Validate the user defined local authenticator name. + * + * @param name The authenticator name. + * + * @throws AuthenticatorMgtClientException if the authenticator name is not valid. + */ + public void validateAuthenticatorName(String name) throws AuthenticatorMgtClientException { + + boolean isValidName = authenticatorNameRegexPattern.matcher(name).matches(); + if (!isValidName) { + ErrorMessages error = ErrorMessages.ERROR_INVALID_AUTHENTICATOR_NAME; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), name, AUTHENTICATOR_NAME_REGEX)); + } + } + + /** + * Validate the authenticator is a user defined by authenticator. + * + * @param authenticatorConfig The authenticator config. + * + * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. + */ + public void validateDefinedByType(LocalAuthenticatorConfig authenticatorConfig) + throws AuthenticatorMgtClientException { + + if (authenticatorConfig.getDefinedByType() != DefinedByType.USER) { + ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription(), authenticatorConfig.getName())); + } + } +} From 86c5ebf1673fdcb0e0cb51a4b032a54b86b88242 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 28 Oct 2024 11:54:19 +0530 Subject: [PATCH 2/4] Comments addressed. --- .../ApplicationAuthenticatorService.java | 6 ++--- .../AuthenticatorMgtErrorConstants.java | 22 +++++++++---------- .../exception/AuthenticatorMgtException.java | 10 --------- ...serDefinedLocalAuthenticatorValidator.java | 4 ++-- 4 files changed, 16 insertions(+), 26 deletions(-) diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index 0af8b676bbf4..021a881b70cd 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -209,7 +209,7 @@ public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthent } authenticatorValidator.validateAuthenticatorName(authenticatorConfig.getName()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); - authenticatorValidator.validateDefinedByType(authenticatorConfig); + authenticatorValidator.validateDefinedByType(authenticatorConfig.getDefinedByType()); return CACHE_BACKED_DAO.addUserDefinedLocalAuthenticator( authenticatorConfig, IdentityTenantUtil.getTenantId(tenantDomain), type); @@ -229,7 +229,7 @@ public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthent LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( authenticatorConfig.getName(), tenantDomain); - authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); return CACHE_BACKED_DAO.updateUserDefinedLocalAuthenticator( @@ -248,7 +248,7 @@ public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String throws AuthenticatorMgtException { LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); - authenticatorValidator.validateDefinedByType(existingConfig); + authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java index 28ef974ac2ba..02ecc9e52d00 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -29,26 +29,26 @@ public class AuthenticatorMgtErrorConstants { public enum ErrorMessages { // Client errors. - ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator is found.", - "No authenticator is found by given authenticator name: %s."), + ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator found.", + "No Authenticator found by given authenticator name: %s."), ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", "Do not allow to perform any operation on system defined authenticator: %s."), - ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "There is already an authenticator.", - "There is already an authenticator by the given name: %s."), - ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Invalid authenticator name is provided.", + ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "An authenticator already exists.", + "As authenticator already exists for the given name: %s."), + ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Authenticator name is invalid.", "The provided authenticator name %s is not in the expected format %s."), - ERROR_BLANK_FIELD_VALUE("60004", "Blank field value is provided.", - "The provided authenticator field value %s should not be empty."), + ERROR_BLANK_FIELD_VALUE("60004", "Invalid empty or blank value.", + "Value for %s should not be empty or blank."), // Server errors. ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", - "Error while persisting authenticator in the system."), + "Error while persisting authenticator from the system."), ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", - "Error while updating authenticator in the system."), + "Error while updating authenticator from the system."), ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", - "Error while retrieving authenticator in the system."), + "Error while retrieving authenticator from the system."), ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", - "Error while deleting authenticator in the system."),; + "Error while deleting authenticator from the system."),; private final String code; private final String message; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java index 9d44982db528..d14e39d17060 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java @@ -62,18 +62,8 @@ public String getErrorCode() { return this.errorCode; } - public void setErrorCode(String errorCode) { - - this.errorCode = errorCode; - } - public String getDescription() { return this.description; } - - public void setDescription(String description) { - - this.description = description; - } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java index e2afcc1f0ed2..1ff69af14d20 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -75,10 +75,10 @@ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClient * * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. */ - public void validateDefinedByType(LocalAuthenticatorConfig authenticatorConfig) + public void validateDefinedByType(DefinedByType definedByType) throws AuthenticatorMgtClientException { - if (authenticatorConfig.getDefinedByType() != DefinedByType.USER) { + if (definedByType != DefinedByType.USER) { ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), String.format(error.getDescription(), authenticatorConfig.getName())); From baefb6896b8a7b5888206c4769720349f69cc052 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Mon, 11 Nov 2024 09:03:11 +0530 Subject: [PATCH 3/4] Add service layer support for the custom local auth extensions. --- .../pom.xml | 1 + .../ApplicationAuthenticatorService.java | 69 +++---- .../AuthenticatorMgtErrorConstants.java | 6 +- .../exception/AuthenticatorMgtException.java | 6 - .../AuthenticatorMgtServerException.java | 14 +- ...uthenticatorMgtServerRuntimeException.java | 45 ++++ .../ApplicationCommonServiceComponent.java | 67 ++++++ .../ApplicationCommonServiceDataHolder.java | 65 ++++++ .../UserDefinedLocalAuthenticatorConfig.java | 22 ++ .../VerificationAuthenticatorConfig.java | 49 ----- ...nedAuthenticatorEndpointConfigManager.java | 193 ++++++++++++++++++ ...serDefinedLocalAuthenticatorValidator.java | 9 +- .../resources/identity.xml | 13 ++ .../resources/identity.xml.j2 | 12 ++ .../resources/resource-access-control-v2.xml | 11 + .../resource-access-control-v2.xml.j2 | 11 + 16 files changed, 483 insertions(+), 110 deletions(-) create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceComponent.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceDataHolder.java delete mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml b/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml index 7f68606282a5..66f69612d683 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml @@ -106,6 +106,7 @@ org.wso2.carbon.identity.core.util; version="${carbon.identity.package.import.version.range}", org.wso2.carbon.identity.core.cache; version="${carbon.identity.package.import.version.range}", org.wso2.carbon.identity.central.log.mgt.*; version="${carbon.identity.package.import.version.range}", + org.wso2.carbon.identity.action.management.*; version="${carbon.identity.package.import.version.range}", com.fasterxml.jackson.annotation; version="${com.fasterxml.jackson.annotation.version.range}" diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index 021a881b70cd..fb9d7726490c 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -28,6 +28,7 @@ import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.util.UserDefinedLocalAuthenticatorValidator; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.AuthenticationType; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; @@ -36,6 +37,8 @@ import java.util.ArrayList; import java.util.List; +import static org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages.ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED; + /** * Application authenticator service. */ @@ -63,28 +66,19 @@ public static ApplicationAuthenticatorService getInstance() { return instance; } - /** - * This returns only SYSTEM defined local authenticators. - * - * @return Retrieved LocalAuthenticatorConfig. - */ - @Deprecated public List getLocalAuthenticators() { return this.localAuthenticators; } /** - * This returns both SYSTEM and USER defined local authenticators. + * This returns User defined local authenticators. * * @return Retrieved LocalAuthenticatorConfig. */ - public List getLocalAuthenticators(String tenantDomain) + public List getUserDefinedLocalAuthenticators(String tenantDomain) throws AuthenticatorMgtException { - List userDefinedAuthenticators = - CACHE_BACKED_DAO.getAllUserDefinedLocalAuthenticator(IdentityTenantUtil.getTenantId(tenantDomain)); - userDefinedAuthenticators.addAll(localAuthenticators); - return userDefinedAuthenticators; + return CACHE_BACKED_DAO.getAllUserDefinedLocalAuthenticator(IdentityTenantUtil.getTenantId(tenantDomain)); } public List getFederatedAuthenticators() { @@ -99,8 +93,10 @@ public List getRequestPathAuthenticators() { * This returns only SYSTEM defined local authenticator by name. * * @param name The name of the Local Application Authenticator configuration. - * * @return Retrieved LocalAuthenticatorConfig. + * + * @deprecated It is recommended to use {@link #getLocalAuthenticatorByName(String, String)}, + * which supports retrieving both USER and SYSTEM defined Local Application Authenticator configuration by name. */ @Deprecated public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { @@ -117,7 +113,6 @@ public LocalAuthenticatorConfig getLocalAuthenticatorByName(String name) { * * @param name The name of the Local Application Authenticator configuration. * @param tenantDomain Tenant domain. - * * @return Retrieved LocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration by name. */ @@ -153,7 +148,12 @@ public RequestPathAuthenticatorConfig getRequestPathAuthenticatorByName(String n } public void addLocalAuthenticator(LocalAuthenticatorConfig authenticator) { + if (authenticator != null) { + if (authenticator.getDefinedByType() != DefinedByType.SYSTEM) { + throw new AuthenticatorMgtServerRuntimeException( + ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED.getMessage()); + } localAuthenticators.add(authenticator); } } @@ -194,12 +194,12 @@ public void removeRequestPathAuthenticator(RequestPathAuthenticatorConfig authen * @param authenticatorConfig The Local Application Authenticator configuration. * @param type Authentication type of the authenticator. * @param tenantDomain Tenant domain. - * * @return Updated LocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while creating the authenticator configuration. */ - public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, - AuthenticationType type, String tenantDomain) throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, AuthenticationType type, String tenantDomain) + throws AuthenticatorMgtException { LocalAuthenticatorConfig config = getLocalAuthenticatorByName(authenticatorConfig.getName(), tenantDomain); if (config != null) { @@ -220,14 +220,14 @@ public LocalAuthenticatorConfig createUserDefinedLocalAuthenticator(LocalAuthent * * @param authenticatorConfig The Local Application Authenticator configuration. * @param tenantDomain Tenant Domain. - * - * @return Updated LocalAuthenticatorConfig. + * @return Updated UserDefinedLocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while updating the authenticator configuration. */ - public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthenticatorConfig authenticatorConfig, - String tenantDomain) throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator( + UserDefinedLocalAuthenticatorConfig authenticatorConfig, String tenantDomain) + throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + UserDefinedLocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( authenticatorConfig.getName(), tenantDomain); authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); @@ -241,16 +241,16 @@ public LocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(LocalAuthent * * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. * @param tenantDomain Tenant domain. - * * @throws AuthenticatorMgtException If an error occurs while deleting the authenticator configuration. */ public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator(authenticatorName, tenantDomain); + UserDefinedLocalAuthenticatorConfig existingConfig = resolveExistingAuthenticator( + authenticatorName, tenantDomain); authenticatorValidator.validateDefinedByType(existingConfig.getDefinedByType()); - CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, + CACHE_BACKED_DAO.deleteUserDefinedLocalAuthenticator(authenticatorName, existingConfig, IdentityTenantUtil.getTenantId(tenantDomain)); } @@ -259,15 +259,14 @@ public void deleteUserDefinedLocalAuthenticator(String authenticatorName, String * * @param authenticatorName Name of Local Application Authenticator configuration to be deleted. * @param tenantDomain Tenant domain. - * - * @return Retrieved LocalAuthenticatorConfig. + * @return Retrieved UserDefinedLocalAuthenticatorConfig. * @throws AuthenticatorMgtException If an error occurs while retrieving the authenticator configuration. */ - public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, String tenantDomain) - throws AuthenticatorMgtException { + public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenticatorName, + String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator(authenticatorName, - IdentityTenantUtil.getTenantId(tenantDomain)); + UserDefinedLocalAuthenticatorConfig config = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( + authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); if (config != null && !config.getDefinedByType().equals(DefinedByType.USER)) { return null; @@ -277,11 +276,11 @@ public LocalAuthenticatorConfig getUserDefinedLocalAuthenticator(String authenti } - private LocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, String tenantDomain) - throws AuthenticatorMgtException { + private UserDefinedLocalAuthenticatorConfig resolveExistingAuthenticator(String authenticatorName, + String tenantDomain) throws AuthenticatorMgtException { - LocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO.getUserDefinedLocalAuthenticator( - authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); + UserDefinedLocalAuthenticatorConfig existingAuthenticatorConfig = CACHE_BACKED_DAO. + getUserDefinedLocalAuthenticator(authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); if (existingAuthenticatorConfig == null) { ErrorMessages error = ErrorMessages.ERROR_NOT_FOUND_AUTHENTICATOR; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java index 02ecc9e52d00..e7053b61d03e 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java @@ -48,7 +48,11 @@ public enum ErrorMessages { ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", "Error while retrieving authenticator from the system."), ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", - "Error while deleting authenticator from the system."),; + "Error while deleting authenticator from the system."), + ERROR_CODE_ENDPOINT_CONFIG_MGT("65005", "Error while managing endpoint configurations.", + "Error while managing endpoint configurations for the user defined local authenticator %s."), + ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED("65006", "Error while adding local authenticator.", + "Only system defined authenticators are allowed to add via this method."); private final String code; private final String message; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java index d14e39d17060..1e2e37da3981 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtException.java @@ -31,12 +31,6 @@ public AuthenticatorMgtException(String message) { super(message); } - public AuthenticatorMgtException(String message, String errorCode) { - - super(message); - this.errorCode = errorCode; - } - public AuthenticatorMgtException(String message, String errorCode, Throwable cause) { super(message, cause); diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java index 507022c1c030..f336ec560b11 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java @@ -23,22 +23,12 @@ */ public class AuthenticatorMgtServerException extends AuthenticatorMgtException { - public AuthenticatorMgtServerException(String message, String errorCode) { - - super(message, errorCode); - } - - public AuthenticatorMgtServerException(String message, String description, String errorCode) { - - super(message, description, errorCode); - } - - public AuthenticatorMgtServerException(String message, String errorCode, Throwable cause) { + public AuthenticatorMgtServerException(String errorCode, String message, Throwable cause) { super(message, errorCode, cause); } - public AuthenticatorMgtServerException(String message, String description, String errorCode, + public AuthenticatorMgtServerException(String errorCode, String message, String description, Throwable cause) { super(message, description, errorCode, cause); diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java new file mode 100644 index 000000000000..5c11ce9d22ee --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.exception; + +/** + * Authenticator configuration management server runtime exception. + */ +public class AuthenticatorMgtServerRuntimeException extends RuntimeException { + + private final String errorCode; + private final String description; + + public AuthenticatorMgtServerRuntimeException(String message, String description, String errorCode) { + + super(message); + this.errorCode = errorCode; + this.description = description; + } + + public String getErrorCode() { + + return this.errorCode; + } + + public String getDescription() { + + return this.description; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceComponent.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceComponent.java new file mode 100644 index 000000000000..c5c3e818aa3e --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceComponent.java @@ -0,0 +1,67 @@ +package org.wso2.carbon.identity.application.common.internal; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.osgi.framework.BundleContext; +import org.osgi.service.component.ComponentContext; +import org.osgi.service.component.annotations.Activate; +import org.osgi.service.component.annotations.Component; +import org.osgi.service.component.annotations.Reference; +import org.osgi.service.component.annotations.ReferenceCardinality; +import org.osgi.service.component.annotations.ReferencePolicy; +import org.wso2.carbon.identity.action.management.ActionManagementService; +import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService; + +/** + * OSGI service component for the Application Common Service Component. + */ +@Component( + name = "application.common.service.component", + immediate = true +) +public class ApplicationCommonServiceComponent { + + private static final Log LOG = LogFactory.getLog(ApplicationCommonServiceComponent.class); + + @Activate + protected void activate(ComponentContext context) { + + try { + BundleContext bundleCtx = context.getBundleContext(); + bundleCtx.registerService(ApplicationAuthenticatorService.class.getName(), + ApplicationAuthenticatorService.getInstance(), + null); + LOG.debug("Application Authenticator Service is activated."); + } catch (Throwable e) { + LOG.error("Error while initializing Application Authenticator Service component.", e); + } + } + + @Reference( + name = "action.management.service", + service = ActionManagementService.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetActionManagementService" + ) + protected void setActionManagementService(ActionManagementService actionManagementService) { + + if (LOG.isDebugEnabled()) { + LOG.debug( + "Registering a reference for ActionManagementService in the ApplicationCommonServiceComponent."); + } + ApplicationCommonServiceDataHolder.getInstance().setActionManagementService(actionManagementService); + } + + protected void unsetActionManagementService(ActionManagementService actionManagementService) { + + if (LOG.isDebugEnabled()) { + LOG.debug("Unregistering the reference for ActionManagementService in the " + + "ApplicationCommonServiceComponent."); + } + if (ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() + .equals(actionManagementService)) { + ApplicationCommonServiceDataHolder.getInstance().setActionManagementService(null); + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceDataHolder.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceDataHolder.java new file mode 100644 index 000000000000..7c333500324a --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/internal/ApplicationCommonServiceDataHolder.java @@ -0,0 +1,65 @@ +package org.wso2.carbon.identity.application.common.internal; + +import org.wso2.carbon.identity.action.management.ActionManagementService; +import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService; + +/** + * The data holder for the Application Common Service Component. + */ +public class ApplicationCommonServiceDataHolder { + + private static final ApplicationCommonServiceDataHolder INSTANCE = new ApplicationCommonServiceDataHolder(); + + private ActionManagementService actionManagementService; + private ApplicationAuthenticatorService applicationAuthenticatorService; + + /** + * Get the instance of the ApplicationCommonServiceDataHolder. + * + * @return ApplicationCommonServiceDataHolder instance. + */ + public static ApplicationCommonServiceDataHolder getInstance() { + + return INSTANCE; + } + + /** + * Get the ActionManagementService. + * + * @return ActionManagementService instance. + */ + public ActionManagementService getActionManagementService() { + + return actionManagementService; + } + + /** + * Set the ActionManagementService. + * + * @param actionManagementService ActionManagementService instance. + */ + public void setActionManagementService(ActionManagementService actionManagementService) { + + this.actionManagementService = actionManagementService; + } + + /** + * Get the ApplicationAuthenticatorService. + * + * @return ApplicationAuthenticatorService instance. + */ + public ApplicationAuthenticatorService getApplicationAuthenticatorService() { + + return applicationAuthenticatorService; + } + + /** + * Set the ApplicationAuthenticatorService. + * + * @param applicationAuthenticatorService ApplicationAuthenticatorService instance. + */ + public void setApplicationAuthenticatorService(ApplicationAuthenticatorService applicationAuthenticatorService) { + + this.applicationAuthenticatorService = applicationAuthenticatorService; + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/UserDefinedLocalAuthenticatorConfig.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/UserDefinedLocalAuthenticatorConfig.java index fab5a37a69bd..24e15f469b3f 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/UserDefinedLocalAuthenticatorConfig.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/UserDefinedLocalAuthenticatorConfig.java @@ -28,11 +28,13 @@ public class UserDefinedLocalAuthenticatorConfig extends LocalAuthenticatorConfi private static final String TAG_2FA = "2FA"; private static final String TAG_CUSTOM = "CUSTOM"; + private AuthenticationType authenticationType; protected UserDefinedAuthenticatorEndpointConfig endpointConfig; public UserDefinedLocalAuthenticatorConfig(AuthenticationType type) { + authenticationType = type; definedByType = DefinedByType.USER; if (AuthenticationType.VERIFICATION == type) { setTags(new String[]{TAG_CUSTOM, TAG_2FA}); @@ -60,4 +62,24 @@ public void setEndpointConfig(UserDefinedAuthenticatorEndpointConfig endpointCon this.endpointConfig = endpointConfig; } + + /** + * Get the authentication type of the User defined local authenticator config. + * + * @return AuthenticationType. + */ + public AuthenticationType getAuthenticationType() { + + return authenticationType; + } + + /** + * Set the authentication type of the User defined local authenticator config. + * + * @param authenticationType The authentication type of the User defined local authenticator config. + */ + public void setAuthenticationType(AuthenticationType authenticationType) { + + this.authenticationType = authenticationType; + } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java deleted file mode 100644 index 97efab22cc93..000000000000 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/model/VerificationAuthenticatorConfig.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.application.common.model; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -/** - * Verification authenticator configuration. - */ -public class VerificationAuthenticatorConfig extends LocalAuthenticatorConfig { - - private static final String TAG_2FA = "2FA"; - - public VerificationAuthenticatorConfig() { - - setTags(new String[0]); - } - - @Override - public void setTags(String[] tagList) { - - // Check if "2FA" is in the tag list; if not, add it. - List tagsAsList = new ArrayList<>(Arrays.asList()); - if (tagsAsList.contains(TAG_2FA)) { - tags = tagList; - } - - tagsAsList.add(TAG_2FA); - tags = tagsAsList.toArray(new String[0]); - } -} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java new file mode 100644 index 000000000000..b0057bdb4af7 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java @@ -0,0 +1,193 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.util; + +import org.wso2.carbon.identity.action.management.exception.ActionMgtException; +import org.wso2.carbon.identity.action.management.model.Action; +import org.wso2.carbon.identity.action.management.model.EndpointConfig; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtServerException; +import org.wso2.carbon.identity.application.common.internal.ApplicationCommonServiceDataHolder; +import org.wso2.carbon.identity.application.common.model.Property; +import org.wso2.carbon.identity.application.common.model.UserDefinedAuthenticatorEndpointConfig; +import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import static org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants + .ErrorMessages.ERROR_CODE_ENDPOINT_CONFIG_MGT; + +/** + * This class responsible for managing authenticator endpoint configurations for the user defined Local + * authenticators. + */ +public class UserDefinedAuthenticatorEndpointConfigManager { + + private static final String ACTION_ID_PROPERTY = "actionId"; + + /** + * Create a new action for given endpoint configurations of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @throws AuthenticatorMgtServerException If an error occurs while adding the action. + */ + public void addEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, int tenantId) + throws AuthenticatorMgtServerException { + + try { + Action action = ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() + .addAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + buildActionToCreate(config.getName(), config.getEndpointConfig().getEndpointConfig()), + IdentityTenantUtil.getTenantDomain(tenantId)); + Property endpointProperty = new Property(); + endpointProperty.setName(ACTION_ID_PROPERTY); + endpointProperty.setValue(action.getId()); + config.setProperties(new Property[]{endpointProperty}); + } catch (ActionMgtException e) { + throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + "Error occurred while adding associated action for the authenticator:" + config.getName(), e); + } + } + + /** + * Updated associated action for given updated endpoint configurations of the user defined authenticator. + * + * @param newConfig The Local application authenticator configuration to be updated. + * @param oldConfig The current Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @throws AuthenticatorMgtServerException If an error occurs while updating associated action. + */ + public void updateEndpointConfigurations(UserDefinedLocalAuthenticatorConfig newConfig, + UserDefinedLocalAuthenticatorConfig oldConfig, int tenantId) + throws AuthenticatorMgtServerException { + + String actionId = getActionIdFromProperty(oldConfig.getProperties(), oldConfig.getName()); + try { + ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() + .updateAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + buildActionToUpdate(newConfig.getEndpointConfig().getEndpointConfig()), + IdentityTenantUtil.getTenantDomain(tenantId)); + newConfig.setProperties(oldConfig.getProperties()); + } catch (ActionMgtException e) { + throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred while updating associated action with id %s for the authenticator %s", + actionId, oldConfig.getName()), e); + } + } + + /** + * Retrieve associated action of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * @return Local authenticator with endpoint configurations resolved. + * @throws AuthenticatorMgtServerException If an error occurs retrieving updating associated action. + */ + public UserDefinedLocalAuthenticatorConfig resolveEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, + int tenantId) throws AuthenticatorMgtServerException { + + String actionId = getActionIdFromProperty(config.getProperties(), config.getName()); + try { + Action action = ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() + .getActionByActionId(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + IdentityTenantUtil.getTenantDomain(tenantId)); + + config.setEndpointConfig(buildUserDefinedAuthenticatorEndpointConfig(action.getEndpoint())); + return config; + } catch (ActionMgtException e) { + throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred retrieving associated action with id %s for the authenticator %s", + actionId, config.getName()), e); + } + } + + private UserDefinedAuthenticatorEndpointConfig buildUserDefinedAuthenticatorEndpointConfig( + EndpointConfig endpointConfig) { + + UserDefinedAuthenticatorEndpointConfig.UserDefinedAuthenticatorEndpointConfigBuilder endpointConfigBuilder = + new UserDefinedAuthenticatorEndpointConfig.UserDefinedAuthenticatorEndpointConfigBuilder(); + endpointConfigBuilder.uri(endpointConfig.getUri()); + endpointConfigBuilder.authenticationType(endpointConfig.getAuthentication().getType().getName()); + Map propMap = new HashMap<>(); + endpointConfig.getAuthentication().getProperties() + .forEach(prop -> propMap.put(prop.getName(), prop.getValue())); + endpointConfigBuilder.authenticationProperties(propMap); + return endpointConfigBuilder.build(); + } + + /** + * Delete associated action of the user defined authenticator. + * + * @param config The Local application authenticator configuration. + * @param tenantId The id of Tenant domain. + * + * @throws AuthenticatorMgtServerException If an error occurs while deleting associated action. + */ + public void deleteEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, int tenantId) throws + AuthenticatorMgtServerException { + + String actionId = getActionIdFromProperty(config.getProperties(), config.getName()); + try { + ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() + .deleteAction(Action.ActionTypes.AUTHENTICATION.getPathParam(), + actionId, + IdentityTenantUtil.getTenantDomain(tenantId)); + } catch (ActionMgtException e) { + throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), + String.format("Error occurred while deleting associated action with id %s for the authenticator %s", + actionId, config.getName()), e); + } + } + + private Action buildActionToCreate(String authenticatorName, EndpointConfig endpointConfig) { + + Action.ActionRequestBuilder actionRequestBuilder = new Action.ActionRequestBuilder(); + actionRequestBuilder.name(authenticatorName); + actionRequestBuilder.description(String.format("This is the action associated to the user defined Local" + + "authenticator %s.", authenticatorName)); + actionRequestBuilder.endpoint(endpointConfig); + + return actionRequestBuilder.build(); + } + + private Action buildActionToUpdate(EndpointConfig endpointConfig) { + + Action.ActionRequestBuilder actionRequestBuilder = new Action.ActionRequestBuilder(); + actionRequestBuilder.endpoint(endpointConfig); + + return actionRequestBuilder.build(); + } + + private String getActionIdFromProperty(Property[] properties, String authenticatorName) + throws AuthenticatorMgtServerException { + + return Arrays.stream(properties) + .filter(property -> ACTION_ID_PROPERTY.equals(property.getName())) + .map(Property::getValue) + .findFirst() + .orElseThrow(() -> new AuthenticatorMgtServerException( + "No action Id was found in the properties of the authenticator configurations for" + + " the authenticator: " + authenticatorName)); + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java index 1ff69af14d20..cc02731ba9d8 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -18,11 +18,9 @@ package org.wso2.carbon.identity.application.common.util; - import org.apache.commons.lang.StringUtils; import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; -import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; import java.util.regex.Pattern; @@ -55,7 +53,6 @@ public void validateForBlank(String fieldName, String fieldValue) throws Authent * Validate the user defined local authenticator name. * * @param name The authenticator name. - * * @throws AuthenticatorMgtClientException if the authenticator name is not valid. */ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClientException { @@ -71,8 +68,7 @@ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClient /** * Validate the authenticator is a user defined by authenticator. * - * @param authenticatorConfig The authenticator config. - * + * @param definedByType The defined by type of the authenticator config. * @throws AuthenticatorMgtClientException if the authenticator is not a user defined authenticator. */ public void validateDefinedByType(DefinedByType definedByType) @@ -80,8 +76,7 @@ public void validateDefinedByType(DefinedByType definedByType) if (definedByType != DefinedByType.USER) { ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription(), authenticatorConfig.getName())); + throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), error.getDescription()); } } } diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml index 257bd346b95f..507ca922e489 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml @@ -2308,6 +2308,19 @@ internal_action_mgt_view + + /permission/admin/manage/custom_authenticator/create + internal_custom_authenticator_create + + + /permission/admin/manage/custom_authenticator/update + internal_custom_authenticator_update + + + /permission/admin/manage/custom_authenticator/delete + internal_custom_authenticator_delete + + diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2 b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2 index 9b3d9becafaf..39dfc288b8a9 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2 +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2 @@ -3562,6 +3562,18 @@ internal_action_mgt_view + + /permission/admin/manage/custom_authenticator/create + internal_custom_authenticator_create + + + /permission/admin/manage/custom_authenticator/update + internal_custom_authenticator_update + + + /permission/admin/manage/custom_authenticator/delete + internal_custom_authenticator_delete + diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml index a3dd2b5533fc..5310395e9c16 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml @@ -1199,6 +1199,17 @@ internal_action_mgt_view + + + internal_custom_authenticator_create + + + internal_custom_authenticator_update + + + internal_custom_authenticator_delete + + diff --git a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2 b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2 index 9b36cf2be9c3..deca28315451 100644 --- a/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2 +++ b/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2 @@ -1255,6 +1255,17 @@ internal_action_mgt_view + + + internal_custom_authenticator_create + + + internal_custom_authenticator_update + + + internal_custom_authenticator_delete + + From 676e93fa97f0507847a0f28ccb129a869ce67fd2 Mon Sep 17 00:00:00 2001 From: Thisara-Welmilla Date: Sun, 1 Dec 2024 22:00:44 +0530 Subject: [PATCH 4/4] Add service layer support to manage the user defined local authenticators --- .../pom.xml | 4 + .../ApplicationAuthenticatorService.java | 19 +-- .../AuthenticatorMgtErrorConstants.java | 83 ----------- .../AuthenticatorMgtServerException.java | 9 +- ...uthenticatorMgtServerRuntimeException.java | 2 +- .../AuthenticatorMgtExceptionBuilder.java | 138 ++++++++++++++++++ ...nedAuthenticatorEndpointConfigManager.java | 30 ++-- ...serDefinedLocalAuthenticatorValidator.java | 16 +- .../resources/system-api-resource.xml | 12 ++ .../resources/system-api-resource.xml.j2 | 12 ++ 10 files changed, 198 insertions(+), 127 deletions(-) delete mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java create mode 100644 components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/AuthenticatorMgtExceptionBuilder.java diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml b/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml index afebca5c4b47..938336adf514 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/pom.xml @@ -91,6 +91,8 @@ org.apache.commons.logging; version="${import.package.version.commons.logging}", org.apache.commons.lang; version="${commons-lang.wso2.osgi.version.range}", org.apache.commons.collections; version="${commons-collections.wso2.osgi.version.range}", + org.wso2.carbon.database.utils.jdbc; version="${org.wso2.carbon.database.utils.version.range}", + org.wso2.carbon.database.utils.jdbc.exceptions; version="${org.wso2.carbon.database.utils.version.range}", org.apache.axis2.*; version="${axis2.osgi.version.range}", @@ -107,6 +109,8 @@ org.wso2.carbon.identity.core.cache; version="${carbon.identity.package.import.version.range}", org.wso2.carbon.identity.central.log.mgt.*; version="${carbon.identity.package.import.version.range}", org.wso2.carbon.identity.action.management.*; version="${carbon.identity.package.import.version.range}", + org.osgi.framework; version="${osgi.framework.imp.pkg.version.range}", + org.osgi.service.component; version="${osgi.service.component.imp.pkg.version.range}", com.fasterxml.jackson.annotation; version="${com.fasterxml.jackson.annotation.version.range}" diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java index 2164d7e51099..4fefeab4dfec 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/ApplicationAuthenticatorService.java @@ -20,15 +20,14 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; import org.wso2.carbon.identity.application.common.dao.impl.AuthenticatorManagementDAOImpl; import org.wso2.carbon.identity.application.common.dao.impl.CacheBackedAuthenticatorMgtDAO; -import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException; import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig; import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.AuthenticatorMgtError; import org.wso2.carbon.identity.application.common.util.UserDefinedLocalAuthenticatorValidator; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; @@ -36,7 +35,8 @@ import java.util.ArrayList; import java.util.List; -import static org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages.ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED; +import static org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.buildClientException; +import static org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.buildRuntimeServerException; /** * Application authenticator service. @@ -150,8 +150,8 @@ public void addLocalAuthenticator(LocalAuthenticatorConfig authenticator) { if (authenticator != null) { if (authenticator.getDefinedByType() != DefinedByType.SYSTEM) { - throw new AuthenticatorMgtServerRuntimeException( - ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED.getMessage()); + throw buildRuntimeServerException( + AuthenticatorMgtError.ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED, null); } localAuthenticators.add(authenticator); } @@ -201,9 +201,8 @@ public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator( LocalAuthenticatorConfig config = getLocalAuthenticatorByName(authenticatorConfig.getName(), tenantDomain); if (config != null) { - ErrorMessages error = ErrorMessages.ERROR_AUTHENTICATOR_ALREADY_EXIST; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription(), authenticatorConfig.getName())); + throw buildClientException(AuthenticatorMgtError.ERROR_AUTHENTICATOR_ALREADY_EXIST, + authenticatorConfig.getName()); } authenticatorValidator.validateAuthenticatorName(authenticatorConfig.getName()); authenticatorValidator.validateForBlank("Display name", authenticatorConfig.getDisplayName()); @@ -281,9 +280,7 @@ private UserDefinedLocalAuthenticatorConfig resolveExistingAuthenticator(String getUserDefinedLocalAuthenticator(authenticatorName, IdentityTenantUtil.getTenantId(tenantDomain)); if (existingAuthenticatorConfig == null) { - ErrorMessages error = ErrorMessages.ERROR_NOT_FOUND_AUTHENTICATOR; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription(), authenticatorName)); + throw buildClientException(AuthenticatorMgtError.ERROR_NOT_FOUND_AUTHENTICATOR, authenticatorName); } return existingAuthenticatorConfig; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java deleted file mode 100644 index e7053b61d03e..000000000000 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/constant/AuthenticatorMgtErrorConstants.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.application.common.constant; - -/** - * Constants for authenticator configuration management service. - */ -public class AuthenticatorMgtErrorConstants { - - /** - * Error messages. - */ - public enum ErrorMessages { - - // Client errors. - ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator found.", - "No Authenticator found by given authenticator name: %s."), - ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", - "Do not allow to perform any operation on system defined authenticator: %s."), - ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "An authenticator already exists.", - "As authenticator already exists for the given name: %s."), - ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Authenticator name is invalid.", - "The provided authenticator name %s is not in the expected format %s."), - ERROR_BLANK_FIELD_VALUE("60004", "Invalid empty or blank value.", - "Value for %s should not be empty or blank."), - - // Server errors. - ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", - "Error while persisting authenticator from the system."), - ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", - "Error while updating authenticator from the system."), - ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", - "Error while retrieving authenticator from the system."), - ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", - "Error while deleting authenticator from the system."), - ERROR_CODE_ENDPOINT_CONFIG_MGT("65005", "Error while managing endpoint configurations.", - "Error while managing endpoint configurations for the user defined local authenticator %s."), - ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED("65006", "Error while adding local authenticator.", - "Only system defined authenticators are allowed to add via this method."); - - private final String code; - private final String message; - private final String description; - - ErrorMessages(String code, String message, String description) { - - this.code = code; - this.message = message; - this.description = description; - } - - public String getCode() { - - return code; - } - - public String getMessage() { - - return message; - } - - public String getDescription() { - - return description; - } - } -} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java index f336ec560b11..d70c44ab7b83 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerException.java @@ -23,9 +23,9 @@ */ public class AuthenticatorMgtServerException extends AuthenticatorMgtException { - public AuthenticatorMgtServerException(String errorCode, String message, Throwable cause) { + public AuthenticatorMgtServerException(String errorCode, String message, String description) { - super(message, errorCode, cause); + super(message, errorCode, description); } public AuthenticatorMgtServerException(String errorCode, String message, String description, @@ -33,9 +33,4 @@ public AuthenticatorMgtServerException(String errorCode, String message, String super(message, description, errorCode, cause); } - - public AuthenticatorMgtServerException(String message) { - - super(message); - } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java index 5c11ce9d22ee..2f90d762d0ef 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/exception/AuthenticatorMgtServerRuntimeException.java @@ -26,7 +26,7 @@ public class AuthenticatorMgtServerRuntimeException extends RuntimeException { private final String errorCode; private final String description; - public AuthenticatorMgtServerRuntimeException(String message, String description, String errorCode) { + public AuthenticatorMgtServerRuntimeException(String errorCode, String message, String description) { super(message); this.errorCode = errorCode; diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/AuthenticatorMgtExceptionBuilder.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/AuthenticatorMgtExceptionBuilder.java new file mode 100644 index 000000000000..d8948a3625c0 --- /dev/null +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/AuthenticatorMgtExceptionBuilder.java @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.application.common.util; + +import org.apache.commons.lang.ArrayUtils; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtServerException; +import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtServerRuntimeException; + +/** + * Utility class for building authenticator management exceptions. + */ +public class AuthenticatorMgtExceptionBuilder { + + private AuthenticatorMgtExceptionBuilder() { + + } + + public static AuthenticatorMgtClientException buildClientException(AuthenticatorMgtError error, String... data) { + + String description = error.getDescription(); + if (ArrayUtils.isNotEmpty(data)) { + description = String.format(description, data); + } + + return new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), description); + } + + public static AuthenticatorMgtServerException buildServerException(AuthenticatorMgtError error, String... data) { + + String description = error.getDescription(); + if (ArrayUtils.isNotEmpty(data)) { + description = String.format(description, data); + } + + return new AuthenticatorMgtServerException(error.getCode(), error.getMessage(), description); + } + + public static AuthenticatorMgtServerException buildServerException(AuthenticatorMgtError error, Throwable e, + String... data) { + + String description = error.getDescription(); + if (ArrayUtils.isNotEmpty(data)) { + description = String.format(description, data); + } + + return new AuthenticatorMgtServerException(error.getCode(), error.getMessage(), description, e); + } + + public static AuthenticatorMgtServerRuntimeException buildRuntimeServerException(AuthenticatorMgtError error, + Throwable e, String... data) { + + String description = error.getDescription(); + if (ArrayUtils.isNotEmpty(data)) { + description = String.format(description, data); + } + + return new AuthenticatorMgtServerRuntimeException(error.getCode(), error.getMessage(), description); + } + + /** + * Enum class to represent the rule metadata errors. + */ + public enum AuthenticatorMgtError { + + // Client errors. + ERROR_NOT_FOUND_AUTHENTICATOR("60001", "No Authenticator found.", + "No Authenticator found by given authenticator name: %s."), + ERROR_OP_ON_SYSTEM_AUTHENTICATOR("60002", "No operations allowed on system authenticators.", + "Do not allow to perform any operation on system defined authenticator: %s."), + ERROR_AUTHENTICATOR_ALREADY_EXIST("60003", "An authenticator already exists.", + "As authenticator already exists for the given name: %s."), + ERROR_INVALID_AUTHENTICATOR_NAME("60004", "Authenticator name is invalid.", + "The provided authenticator name %s is not in the expected format %s."), + ERROR_BLANK_FIELD_VALUE("60004", "Invalid empty or blank value.", + "Value for %s should not be empty or blank."), + + // Server errors. + ERROR_WHILE_ADDING_AUTHENTICATOR("65001", "Error while adding authenticator.", + "Error while persisting authenticator to the system."), + ERROR_WHILE_UPDATING_AUTHENTICATOR("65002", "Error while updating authenticator.", + "Error while updating authenticator in the system."), + ERROR_WHILE_RETRIEVING_AUTHENTICATOR_BY_NAME("65003", "Error while retrieving authenticator.", + "Error while retrieving authenticator in the system."), + ERROR_WHILE_DELETING_AUTHENTICATOR("65004", "Error while deleting authenticator.", + "Error while deleting authenticator in the system."), + ERROR_CODE_ENDPOINT_CONFIG_MGT("65005", "Error while managing endpoint configurations.", + "Error while managing endpoint configurations for the user defined local authenticator %s."), + ERROR_CODE_INVALID_DEFINED_BY_AUTH_PROVIDED("65006", "Error while adding local authenticator.", + "Only system defined authenticators are allowed to add via this method."), + ERROR_CODE_NO_AUTHENTICATOR_FOUND("65007", "No authenticator found.", + "No authenticator found by given authenticator name: %s."), + ERROR_CODE_NO_ACTION_ID_FOUND("65008", "No action id found.", + "No action id found for the authenticator: %s."); + + private final String code; + private final String message; + private final String description; + + AuthenticatorMgtError(String code, String message, String description) { + + this.code = code; + this.message = message; + this.description = description; + } + + public String getCode() { + + return code; + } + + public String getMessage() { + + return message; + } + + public String getDescription() { + + return description; + } + } +} diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java index b0057bdb4af7..b2852b32c17d 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedAuthenticatorEndpointConfigManager.java @@ -26,14 +26,14 @@ import org.wso2.carbon.identity.application.common.model.Property; import org.wso2.carbon.identity.application.common.model.UserDefinedAuthenticatorEndpointConfig; import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig; +import org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.AuthenticatorMgtError; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import java.util.Arrays; import java.util.HashMap; import java.util.Map; -import static org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants - .ErrorMessages.ERROR_CODE_ENDPOINT_CONFIG_MGT; +import static org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.buildServerException; /** * This class responsible for managing authenticator endpoint configurations for the user defined Local @@ -63,8 +63,7 @@ public void addEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config endpointProperty.setValue(action.getId()); config.setProperties(new Property[]{endpointProperty}); } catch (ActionMgtException e) { - throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), - "Error occurred while adding associated action for the authenticator:" + config.getName(), e); + throw buildServerException(AuthenticatorMgtError.ERROR_CODE_ENDPOINT_CONFIG_MGT, e, config.getName()); } } @@ -89,9 +88,8 @@ public void updateEndpointConfigurations(UserDefinedLocalAuthenticatorConfig new IdentityTenantUtil.getTenantDomain(tenantId)); newConfig.setProperties(oldConfig.getProperties()); } catch (ActionMgtException e) { - throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), - String.format("Error occurred while updating associated action with id %s for the authenticator %s", - actionId, oldConfig.getName()), e); + throw buildServerException(AuthenticatorMgtError.ERROR_CODE_ENDPOINT_CONFIG_MGT, e, + actionId, oldConfig.getName()); } } @@ -106,6 +104,9 @@ public void updateEndpointConfigurations(UserDefinedLocalAuthenticatorConfig new public UserDefinedLocalAuthenticatorConfig resolveEndpointConfigurations(UserDefinedLocalAuthenticatorConfig config, int tenantId) throws AuthenticatorMgtServerException { + if (config == null) { + return null; + } String actionId = getActionIdFromProperty(config.getProperties(), config.getName()); try { Action action = ApplicationCommonServiceDataHolder.getInstance().getActionManagementService() @@ -116,9 +117,8 @@ public UserDefinedLocalAuthenticatorConfig resolveEndpointConfigurations(UserDef config.setEndpointConfig(buildUserDefinedAuthenticatorEndpointConfig(action.getEndpoint())); return config; } catch (ActionMgtException e) { - throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), - String.format("Error occurred retrieving associated action with id %s for the authenticator %s", - actionId, config.getName()), e); + throw buildServerException(AuthenticatorMgtError.ERROR_CODE_ENDPOINT_CONFIG_MGT, e, + actionId, config.getName()); } } @@ -154,9 +154,8 @@ public void deleteEndpointConfigurations(UserDefinedLocalAuthenticatorConfig con actionId, IdentityTenantUtil.getTenantDomain(tenantId)); } catch (ActionMgtException e) { - throw new AuthenticatorMgtServerException(ERROR_CODE_ENDPOINT_CONFIG_MGT.getCode(), - String.format("Error occurred while deleting associated action with id %s for the authenticator %s", - actionId, config.getName()), e); + throw buildServerException(AuthenticatorMgtError.ERROR_CODE_ENDPOINT_CONFIG_MGT, e, + actionId, config.getName()); } } @@ -186,8 +185,7 @@ private String getActionIdFromProperty(Property[] properties, String authenticat .filter(property -> ACTION_ID_PROPERTY.equals(property.getName())) .map(Property::getValue) .findFirst() - .orElseThrow(() -> new AuthenticatorMgtServerException( - "No action Id was found in the properties of the authenticator configurations for" + - " the authenticator: " + authenticatorName)); + .orElseThrow(() -> buildServerException(AuthenticatorMgtError.ERROR_CODE_NO_ACTION_ID_FOUND, + authenticatorName)); } } diff --git a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java index cc02731ba9d8..a457c1d49f91 100644 --- a/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java +++ b/components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/util/UserDefinedLocalAuthenticatorValidator.java @@ -19,12 +19,14 @@ package org.wso2.carbon.identity.application.common.util; import org.apache.commons.lang.StringUtils; -import org.wso2.carbon.identity.application.common.constant.AuthenticatorMgtErrorConstants.ErrorMessages; import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtClientException; +import org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.AuthenticatorMgtError; import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType; import java.util.regex.Pattern; +import static org.wso2.carbon.identity.application.common.util.AuthenticatorMgtExceptionBuilder.buildClientException; + /** * User Defined Local Authenticator Validator class. */ @@ -43,9 +45,7 @@ public class UserDefinedLocalAuthenticatorValidator { public void validateForBlank(String fieldName, String fieldValue) throws AuthenticatorMgtClientException { if (StringUtils.isBlank(fieldValue)) { - ErrorMessages error = ErrorMessages.ERROR_BLANK_FIELD_VALUE; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription(), fieldName)); + throw buildClientException(AuthenticatorMgtError.ERROR_BLANK_FIELD_VALUE, fieldName); } } @@ -59,9 +59,8 @@ public void validateAuthenticatorName(String name) throws AuthenticatorMgtClient boolean isValidName = authenticatorNameRegexPattern.matcher(name).matches(); if (!isValidName) { - ErrorMessages error = ErrorMessages.ERROR_INVALID_AUTHENTICATOR_NAME; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription(), name, AUTHENTICATOR_NAME_REGEX)); + throw buildClientException(AuthenticatorMgtError.ERROR_INVALID_AUTHENTICATOR_NAME, + name, AUTHENTICATOR_NAME_REGEX); } } @@ -75,8 +74,7 @@ public void validateDefinedByType(DefinedByType definedByType) throws AuthenticatorMgtClientException { if (definedByType != DefinedByType.USER) { - ErrorMessages error = ErrorMessages.ERROR_OP_ON_SYSTEM_AUTHENTICATOR; - throw new AuthenticatorMgtClientException(error.getCode(), error.getMessage(), error.getDescription()); + throw buildClientException(AuthenticatorMgtError.ERROR_OP_ON_SYSTEM_AUTHENTICATOR); } } } diff --git a/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml b/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml index c62001bd8ce9..0b22a4cd6893 100644 --- a/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml +++ b/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml @@ -116,6 +116,18 @@ description="Delete actions"/> + + + + + + + diff --git a/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2 b/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2 index da9c594f422d..196e82cb7d89 100644 --- a/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2 +++ b/features/api-resource-mgt/org.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2 @@ -125,6 +125,18 @@ description="Delete actions"/> + + + + + + +