Skip to content

Commit

Permalink
initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
sadilchamishka committed Sep 13, 2023
1 parent c3fb470 commit 16fe20a
Show file tree
Hide file tree
Showing 10 changed files with 60 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException;
import org.wso2.carbon.identity.application.authentication.framework.exception.UserSessionException;
import org.wso2.carbon.identity.application.authentication.framework.handler.step.StepHandler;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedIdPData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorData;
Expand All @@ -66,6 +67,8 @@
import org.wso2.carbon.identity.core.util.IdentityCoreConstants;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementClientException;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserStoreClientException;
Expand Down Expand Up @@ -751,6 +754,10 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse
return;
}

if (FrameworkServiceDataHolder.getInstance().isOrganizationManagementEnabled()) {
setUserOrganization(context.getSubject(), authenticatorConfig);
}

if (authenticator instanceof FederatedApplicationAuthenticator) {

if (context.getSubject().getUserName() == null) {
Expand Down Expand Up @@ -1420,4 +1427,29 @@ private void setLoggedInOrgIdInRequest(AuthenticatedIdPData authenticatedIdPData
}
}
}

private void setUserOrganization(AuthenticatedUser authenticatedUser, AuthenticatorConfig authenticatorConfig) {

String userOrganization = null;
if (authenticatedUser.getUserAttributes() != null && isLoggedInWithOrganizationLogin(authenticatorConfig)) {
for (Map.Entry<ClaimMapping, String> userAttributes : authenticatedUser.getUserAttributes().entrySet()) {
if (FrameworkConstants.USER_ORGANIZATION_CLAIM.equals(
userAttributes.getKey().getLocalClaim().getClaimUri())) {
userOrganization = userAttributes.getValue();
}
}
}

if (userOrganization == null) {
try {
userOrganization = FrameworkServiceDataHolder.getInstance().getOrganizationManager()
.resolveOrganizationId(authenticatedUser.getTenantDomain());
} catch (OrganizationManagementClientException e) {
LOG.debug("Organization ID is not found for the given tenant domain");
} catch (OrganizationManagementException e) {
throw new IdentityRuntimeException("Error while resolving the organization ID using tenant domain");
}
}
authenticatedUser.setUserOrganization(userOrganization);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ public class AuthenticatedUser extends User {
private String authenticatedSubjectIdentifier;
private String federatedIdPName;
private boolean isFederatedUser;
private String userOrganization;
private Map<ClaimMapping, String> userAttributes = new HashMap<>();

/**
Expand Down Expand Up @@ -100,6 +101,7 @@ public AuthenticatedUser(AuthenticatedUser authenticatedUser) {
if (!isFederatedUser && StringUtils.isNotEmpty(userStoreDomain) && StringUtils.isNotEmpty(tenantDomain)) {
updateCaseSensitivity();
}
this.userOrganization = authenticatedUser.getUserOrganization();
}

public AuthenticatedUser(org.wso2.carbon.user.core.common.User user) {
Expand Down Expand Up @@ -468,6 +470,16 @@ public void setFederatedIdPName(String federatedIdPName) {
this.federatedIdPName = federatedIdPName;
}

public String getUserOrganization() {

return userOrganization;
}

public void setUserOrganization(String userOrganization) {

this.userOrganization = userOrganization;
}

@Override
public boolean equals(Object o) {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -95,10 +95,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE' NOT NULL,
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF)) INDEX IN TS32K
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION)) INDEX IN TS32K
/

CREATE TABLE IDN_OAUTH2_TOKEN_BINDING (
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,11 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF)
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION)
);

CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING (
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -88,10 +88,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF)
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION)
);

IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_TOKEN_BINDING]') AND TYPE IN (N'U'))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,11 +90,12 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR(32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS (ID)
ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, USER_TYPE, TOKEN_SCOPE_HASH,
TOKEN_STATE, TOKEN_STATE_ID, IDP_ID, TOKEN_BINDING_REF)
TOKEN_STATE, TOKEN_STATE_ID, IDP_ID, TOKEN_BINDING_REF, USER_ORGANIZATION)
)
ENGINE NDB;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,11 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF)
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION)
)DEFAULT CHARACTER SET latin1 ENGINE INNODB;

CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING (
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -89,10 +89,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR2 (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF))
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION))
/
CREATE TABLE IDN_OAUTH2_TOKEN_BINDING (
TOKEN_ID VARCHAR2 (255),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,10 +90,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR2 (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF))
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION))
/
CREATE TABLE IDN_OAUTH2_TOKEN_BINDING (
TOKEN_ID VARCHAR2 (255),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,10 +90,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
IDP_ID INTEGER DEFAULT -1 NOT NULL,
TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE',
CONSENTED_TOKEN VARCHAR(6),
USER_ORGANIZATION VARCHAR(36),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF)
TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF,USER_ORGANIZATION)
);

DROP TABLE IF EXISTS IDN_OAUTH2_TOKEN_BINDING;
Expand Down

0 comments on commit 16fe20a

Please sign in to comment.