diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManager.java b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManager.java index 7e8907e688c7..673f9d19dda8 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManager.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManager.java @@ -18,6 +18,9 @@ package org.wso2.carbon.identity.core; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.base.IdentityException; import org.wso2.carbon.identity.core.dao.SAMLServiceProviderPersistenceManagerFactory; import org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderDAO; @@ -33,6 +36,7 @@ public class SAMLSSOServiceProviderManager { new SAMLServiceProviderPersistenceManagerFactory(); SAMLSSOServiceProviderDAO serviceProviderDAO = samlSSOPersistenceManagerFactory.getSAMLServiceProviderPersistenceManager(); + private static Log LOG = LogFactory.getLog(SAMLSSOServiceProviderManager.class); /** * Add a saml service provider. @@ -45,6 +49,13 @@ public class SAMLSSOServiceProviderManager { public boolean addServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, int tenantId) throws IdentityException { + validateServiceProvider(serviceProviderDO); + if (isServiceProviderExists(serviceProviderDO.getIssuer(), tenantId)) { + if (LOG.isDebugEnabled()){ + LOG.debug(serviceProviderInfo(serviceProviderDO) + " already exists."); + } + return false; + } return serviceProviderDAO.addServiceProvider(serviceProviderDO, tenantId); } @@ -60,6 +71,15 @@ public boolean addServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, in public boolean updateServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, String currentIssuer, int tenantId) throws IdentityException { + validateServiceProvider(serviceProviderDO); + String newIssuer = serviceProviderDO.getIssuer(); + boolean isIssuerUpdated = !StringUtils.equals(currentIssuer, newIssuer); + if (isIssuerUpdated && isServiceProviderExists(newIssuer, tenantId)) { + if (LOG.isDebugEnabled()) { + LOG.debug(serviceProviderInfo(serviceProviderDO) + " already exists."); + } + return false; + } return serviceProviderDAO.updateServiceProvider(serviceProviderDO, currentIssuer, tenantId); } @@ -110,20 +130,89 @@ public boolean isServiceProviderExists(String issuer, int tenantId) throws Ident */ public boolean removeServiceProvider(String issuer, int tenantId) throws IdentityException { + if (issuer == null || StringUtils.isEmpty(issuer.trim())) { + throw new IllegalArgumentException("Trying to delete issuer \'" + issuer + "\'"); + } + if (!isServiceProviderExists(issuer, tenantId)) { + if (LOG.isDebugEnabled()) { + LOG.debug("Service Provider with issuer: " + issuer + " does not exist."); + } + return false; + } return serviceProviderDAO.removeServiceProvider(issuer, tenantId); } /** * Upload the SAML configuration related to the application, using metadata. * - * @param samlssoServiceProviderDO SAML service provider information object. + * @param serviceProviderDO SAML service provider information object. * @param tenantId Tenant ID. * @return SAML service provider information object. * @throws IdentityException Error when uploading the SAML configuration. */ - public SAMLSSOServiceProviderDO uploadServiceProvider(SAMLSSOServiceProviderDO samlssoServiceProviderDO, + public SAMLSSOServiceProviderDO uploadServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, int tenantId) throws IdentityException { - return serviceProviderDAO.uploadServiceProvider(samlssoServiceProviderDO, tenantId); + validateServiceProvider(serviceProviderDO); + if (serviceProviderDO.getDefaultAssertionConsumerUrl() == null) { + throw new IdentityException("No default assertion consumer URL provided for service provider :" + + serviceProviderDO.getIssuer()); + } + if (isServiceProviderExists(serviceProviderDO.getIssuer(), tenantId)) { + if (LOG.isDebugEnabled()){ + LOG.debug(serviceProviderInfo(serviceProviderDO) + " already exists."); + } + throw new IdentityException("A Service Provider already exists."); + } + + return serviceProviderDAO.uploadServiceProvider(serviceProviderDO, tenantId); + } + + private void validateServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO) throws IdentityException { + + if (serviceProviderDO == null || serviceProviderDO.getIssuer() == null || + StringUtils.isBlank(serviceProviderDO.getIssuer())) { + throw new IdentityException("Issuer cannot be found in the provided arguments."); + } + + if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier()) && + !serviceProviderDO.getIssuer().contains(IdentityRegistryResources.QUALIFIER_ID)) { + serviceProviderDO.setIssuer( + getIssuerWithQualifier(serviceProviderDO.getIssuer(), serviceProviderDO.getIssuerQualifier())); + } + } + + private String serviceProviderInfo(SAMLSSOServiceProviderDO serviceProviderDO) { + + if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { + return "SAML2 Service Provider with issuer: " + getIssuerWithoutQualifier(serviceProviderDO.getIssuer()) + + " and qualifier name " + serviceProviderDO.getIssuerQualifier(); + } else { + return "SAML2 Service Provider with issuer: " + serviceProviderDO.getIssuer(); + } + } + + /** + * Get the issuer value to be added to registry by appending the qualifier. + * + * @param issuer value given as 'issuer' when configuring SAML SP. + * @return issuer value with qualifier appended. + */ + private String getIssuerWithQualifier(String issuer, String qualifier) { + + return issuer + IdentityRegistryResources.QUALIFIER_ID + qualifier; + } + + /** + * Get the issuer value by removing the qualifier. + * + * @param issuerWithQualifier issuer value saved in the registry. + * @return issuer value given as 'issuer' when configuring SAML SP. + */ + private String getIssuerWithoutQualifier(String issuerWithQualifier) { + + String issuerWithoutQualifier = StringUtils.substringBeforeLast(issuerWithQualifier, + IdentityRegistryResources.QUALIFIER_ID); + return issuerWithoutQualifier; } } diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/RegistrySAMLSSOServiceProviderDAOImpl.java b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/RegistrySAMLSSOServiceProviderDAOImpl.java index fc8608eb4b1f..91c1b3f701eb 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/RegistrySAMLSSOServiceProviderDAOImpl.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/dao/RegistrySAMLSSOServiceProviderDAOImpl.java @@ -256,36 +256,11 @@ SAMLSSOServiceProviderDO buildSAMLSSOServiceProviderDAO (Resource resource) { public boolean addServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, int tenantId) throws IdentityException { Registry registry = getRegistry(tenantId); - if (serviceProviderDO == null || serviceProviderDO.getIssuer() == null || - StringUtils.isBlank(serviceProviderDO.getIssuer())) { - throw new IdentityException("Issuer cannot be found in the provided arguments."); - } - - // If an issuer qualifier value is specified, it is appended to the end of the issuer value. - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - serviceProviderDO.setIssuer(getIssuerWithQualifier(serviceProviderDO.getIssuer(), - serviceProviderDO.getIssuerQualifier())); - } - String path = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(serviceProviderDO.getIssuer()); boolean isTransactionStarted = Transaction.isStarted(); boolean isErrorOccurred = false; try { - if (registry.resourceExists(path)) { - if (LOG.isDebugEnabled()) { - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + getIssuerWithoutQualifier(serviceProviderDO.getIssuer()) + " and qualifier name " - + serviceProviderDO.getIssuerQualifier()); - } else { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + serviceProviderDO.getIssuer()); - } - } - return false; - } - Resource resource = createResource(serviceProviderDO, registry); if (!isTransactionStarted) { registry.beginTransaction(); @@ -480,17 +455,6 @@ public boolean updateServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, throws IdentityException { Registry registry = getRegistry(tenantId); - if (serviceProviderDO == null || serviceProviderDO.getIssuer() == null || - StringUtils.isBlank(serviceProviderDO.getIssuer())) { - throw new IdentityException("Issuer cannot be found in the provided arguments."); - } - - // If an issuer qualifier value is specified, it is appended to the end of the issuer value. - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - serviceProviderDO.setIssuer(getIssuerWithQualifier(serviceProviderDO.getIssuer(), - serviceProviderDO.getIssuerQualifier())); - } - String currentPath = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(currentIssuer); String newPath = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(serviceProviderDO.getIssuer()); @@ -498,21 +462,6 @@ public boolean updateServiceProvider(SAMLSSOServiceProviderDO serviceProviderDO, boolean isTransactionStarted = Transaction.isStarted(); boolean isErrorOccurred = false; try { - // Check if the updated issuer value already exists. - if (isIssuerUpdated && registry.resourceExists(newPath)) { - if (LOG.isDebugEnabled()) { - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + getIssuerWithoutQualifier(serviceProviderDO.getIssuer()) + " and qualifier name " - + serviceProviderDO.getIssuerQualifier()); - } else { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + serviceProviderDO.getIssuer()); - } - } - return false; - } - Resource resource = createResource(serviceProviderDO, registry); if (!isTransactionStarted) { registry.beginTransaction(); @@ -578,21 +527,11 @@ public SAMLSSOServiceProviderDO[] getServiceProviders(int tenantId) throws Ident public boolean removeServiceProvider(String issuer, int tenantId) throws IdentityException { Registry registry = getRegistry(tenantId); - if (issuer == null || StringUtils.isEmpty(issuer.trim())) { - throw new IllegalArgumentException("Trying to delete issuer \'" + issuer + "\'"); - } String path = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(issuer); boolean isTransactionStarted = Transaction.isStarted(); boolean isErrorOccurred = false; try { - if (!registry.resourceExists(path)) { - if (LOG.isDebugEnabled()) { - LOG.debug("Registry resource does not exist for the path: " + path); - } - return false; - } - // Since we are getting a global registry object, better to check whether this is a task inside already // started transaction. if (!isTransactionStarted) { @@ -738,39 +677,11 @@ public SAMLSSOServiceProviderDO uploadServiceProvider(SAMLSSOServiceProviderDO s throws IdentityException { Registry registry = getRegistry(tenantId); - if (serviceProviderDO == null || serviceProviderDO.getIssuer() == null) { - throw new IdentityException("Issuer cannot be found in the provided arguments."); - } - - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - serviceProviderDO.setIssuer(getIssuerWithQualifier(serviceProviderDO.getIssuer(), - serviceProviderDO.getIssuerQualifier())); - } - - if (serviceProviderDO.getDefaultAssertionConsumerUrl() == null) { - throw new IdentityException("No default assertion consumer URL provided for service provider :" + - serviceProviderDO.getIssuer()); - } - String path = IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodePath(serviceProviderDO.getIssuer()); boolean isTransactionStarted = Transaction.isStarted(); boolean isErrorOccurred = false; try { - if (registry.resourceExists(path)) { - if (LOG.isDebugEnabled()) { - if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + getIssuerWithoutQualifier(serviceProviderDO.getIssuer()) + " and qualifier name " - + serviceProviderDO.getIssuerQualifier()); - } else { - LOG.debug("SAML2 Service Provider already exists with the same issuer name " - + serviceProviderDO.getIssuer()); - } - } - throw IdentityException.error("A Service Provider already exists."); - } - if (!isTransactionStarted) { registry.beginTransaction(); } diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java index b5b680dd7f29..50c6fbe5befb 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java @@ -19,11 +19,10 @@ import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.dao.OpenIDAdminDAO; import org.wso2.carbon.identity.core.dao.OpenIDUserDAO; import org.wso2.carbon.identity.core.dao.ParameterDAO; -import org.wso2.carbon.identity.core.dao.SAMLServiceProviderPersistenceManagerFactory; -import org.wso2.carbon.identity.core.dao.SAMLSSOServiceProviderDAO; import org.wso2.carbon.identity.core.dao.XMPPSettingsDAO; import org.wso2.carbon.identity.core.model.OpenIDAdminDO; import org.wso2.carbon.identity.core.model.OpenIDUserDO; @@ -36,9 +35,7 @@ public class IdentityPersistenceManager { private static IdentityPersistenceManager manager = new IdentityPersistenceManager(); - SAMLServiceProviderPersistenceManagerFactory - samlSSOPersistenceManagerFactory = new SAMLServiceProviderPersistenceManagerFactory(); - SAMLSSOServiceProviderDAO serviceProviderDAO = samlSSOPersistenceManagerFactory.getSAMLServiceProviderPersistenceManager(); + SAMLSSOServiceProviderManager samlSSOServiceProviderManager = new SAMLSSOServiceProviderManager(); private IdentityPersistenceManager() { } @@ -242,20 +239,20 @@ public boolean addServiceProvider(Registry registry, SAMLSSOServiceProviderDO se throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.addServiceProvider(serviceProviderDO, tenantId); + return samlSSOServiceProviderManager.addServiceProvider(serviceProviderDO, tenantId); } /** * Upload Service Provider * - * @param registry,samlssoServiceProviderDO + * @param registry, samlSSOServiceProviderDO * @return * @throws IdentityException */ - public SAMLSSOServiceProviderDO uploadServiceProvider(Registry registry, SAMLSSOServiceProviderDO samlssoServiceProviderDO) throws IdentityException { + public SAMLSSOServiceProviderDO uploadServiceProvider(Registry registry, SAMLSSOServiceProviderDO samlSSOServiceProviderDO) throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.uploadServiceProvider(samlssoServiceProviderDO, tenantId); + return samlSSOServiceProviderManager.uploadServiceProvider(samlSSOServiceProviderDO, tenantId); } /** @@ -268,26 +265,26 @@ public SAMLSSOServiceProviderDO[] getServiceProviders(Registry registry) throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.getServiceProviders(tenantId); + return samlSSOServiceProviderManager.getServiceProviders(tenantId); } public boolean removeServiceProvider(Registry registry, String issuer) throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.removeServiceProvider(issuer, tenantId); + return samlSSOServiceProviderManager.removeServiceProvider(issuer, tenantId); } public SAMLSSOServiceProviderDO getServiceProvider(Registry registry, String issuer) throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.getServiceProvider(issuer, tenantId); + return samlSSOServiceProviderManager.getServiceProvider(issuer, tenantId); } public boolean isServiceProviderExists(Registry registry, String issuer) throws IdentityException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - return serviceProviderDAO.isServiceProviderExists(issuer, tenantId); + return samlSSOServiceProviderManager.isServiceProviderExists(issuer, tenantId); } public void createOrUpdateOpenIDAdmin(Registry registry, OpenIDAdminDO opAdmin) diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderDAOTest.java b/components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManagerTest.java similarity index 68% rename from components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderDAOTest.java rename to components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManagerTest.java index 91217e2b1298..98754012947e 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/dao/SAMLSSOServiceProviderDAOTest.java +++ b/components/identity-core/org.wso2.carbon.identity.core/src/test/java/org/wso2/carbon/identity/core/SAMLSSOServiceProviderManagerTest.java @@ -16,7 +16,7 @@ * under the License. */ -package org.wso2.carbon.identity.core.dao; +package org.wso2.carbon.identity.core; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang.StringUtils; @@ -29,7 +29,6 @@ import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import org.wso2.carbon.identity.base.IdentityException; -import org.wso2.carbon.identity.core.IdentityRegistryResources; import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO; import org.wso2.carbon.identity.core.util.IdentityCoreConstants; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; @@ -66,11 +65,11 @@ import static org.testng.Assert.fail; /** - * Test class for SAMLSSOServiceProviderDAO. + * Test class for SAMLSSOServiceProviderManager. */ -public class SAMLSSOServiceProviderDAOTest { +public class SAMLSSOServiceProviderManagerTest { - private RegistrySAMLSSOServiceProviderDAOImpl objUnderTest; + private SAMLSSOServiceProviderManager samlSSOServiceProviderManager; private boolean transactionStarted = false; private Registry mockRegistry; @@ -106,7 +105,7 @@ public Object answer(InvocationOnMock invocationOnMock) throws Throwable { } }).when(mockRegistry).beginTransaction(); - objUnderTest = new RegistrySAMLSSOServiceProviderDAOImpl(); + samlSSOServiceProviderManager = new SAMLSSOServiceProviderManager(); identityTenantUtil = mockStatic(IdentityTenantUtil.class); when(IdentityTenantUtil.getRegistryService()).thenReturn(mockRegistryService); when(mockRegistryService.getConfigSystemRegistry(TENANT_ID)).thenReturn((UserRegistry) mockRegistry); @@ -213,7 +212,7 @@ public void testResourceToObject(Object paramMapObj) throws Exception { properties.putAll((Map) paramMapObj); Resource dummyResource = new ResourceImpl(); dummyResource.setProperties(properties); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.buildSAMLSSOServiceProviderDAO(dummyResource); + SAMLSSOServiceProviderDO serviceProviderDO = buildSAMLSSOServiceProviderDAO(dummyResource); assertEquals(serviceProviderDO.getIssuer(), dummyResource.getProperty(IdentityRegistryResources .PROP_SAML_SSO_ISSUER), "Issuer Mismatch."); @@ -346,7 +345,7 @@ public void testAddServiceProvider(Object paramMapObj) throws Exception { properties.putAll((Map) paramMapObj); Resource dummyResource = new ResourceImpl(); dummyResource.setProperties(properties); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.buildSAMLSSOServiceProviderDAO(dummyResource); + SAMLSSOServiceProviderDO serviceProviderDO = buildSAMLSSOServiceProviderDAO(dummyResource); ArgumentCaptor captor = ArgumentCaptor.forClass(String.class); String expectedPath = getPath(dummyResource .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER)); @@ -355,7 +354,7 @@ public void testAddServiceProvider(Object paramMapObj) throws Exception { + IdentityRegistryResources.QUALIFIER_ID + dummyResource.getProperty(IdentityRegistryResources. PROP_SAML_SSO_ISSUER_QUALIFIER)); } - objUnderTest.addServiceProvider(serviceProviderDO, TENANT_ID); + samlSSOServiceProviderManager.addServiceProvider(serviceProviderDO, TENANT_ID); verify(mockRegistry).put(captor.capture(), any(Resource.class)); assertEquals(captor.getValue(), expectedPath, "Resource is not added at correct path"); } @@ -366,7 +365,7 @@ public void testAddExistingServiceProvider() throws Exception { String existingPath = getPath("existingIssuer"); serviceProviderDO.setIssuer("existingIssuer"); when(mockRegistry.resourceExists(existingPath)).thenReturn(true); - assertFalse(objUnderTest.addServiceProvider(serviceProviderDO, TENANT_ID), "Resource should not have added."); + assertFalse(samlSSOServiceProviderManager.addServiceProvider(serviceProviderDO, TENANT_ID), "Resource should not have added."); } @Test(expectedExceptions = {IdentityException.class}) @@ -376,7 +375,7 @@ public void testAddServiceProviderRegistryError() throws Exception { String existingPath = getPath("erringIssuer"); serviceProviderDO.setIssuer("erringIssuer"); doThrow(RegistryException.class).when(mockRegistry).put(eq(existingPath), any(Resource.class)); - objUnderTest.addServiceProvider(serviceProviderDO, TENANT_ID); + samlSSOServiceProviderManager.addServiceProvider(serviceProviderDO, TENANT_ID); } @Test(dataProvider = "ResourceToObjectData") @@ -385,7 +384,7 @@ public void testUpdateServiceProvider(Object paramMapObj) throws Exception { properties.putAll((Map) paramMapObj); Resource dummyResource = new ResourceImpl(); dummyResource.setProperties(properties); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.buildSAMLSSOServiceProviderDAO(dummyResource); + SAMLSSOServiceProviderDO serviceProviderDO = buildSAMLSSOServiceProviderDAO(dummyResource); ArgumentCaptor captor = ArgumentCaptor.forClass(String.class); String existingIssuer = dummyResource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER); if (StringUtils.isNotBlank(serviceProviderDO.getIssuerQualifier())) { @@ -395,7 +394,7 @@ public void testUpdateServiceProvider(Object paramMapObj) throws Exception { } String expectedPath = getPath(existingIssuer); when(mockRegistry.resourceExists(expectedPath)).thenReturn(true); - objUnderTest.updateServiceProvider(serviceProviderDO, existingIssuer, TENANT_ID); + samlSSOServiceProviderManager.updateServiceProvider(serviceProviderDO, existingIssuer, TENANT_ID); verify(mockRegistry).put(captor.capture(), any(Resource.class)); assertEquals(captor.getValue(), expectedPath, "Resource is not added at correct path"); } @@ -405,7 +404,7 @@ public void testUpdatingServiceProviderExistingIssuer() throws Exception { SAMLSSOServiceProviderDO serviceProviderDO = new SAMLSSOServiceProviderDO(); serviceProviderDO.setIssuer("newIssuer"); when(mockRegistry.resourceExists(getPath("newIssuer"))).thenReturn(true); - assertFalse(objUnderTest.updateServiceProvider(serviceProviderDO, "existingIssuer", TENANT_ID), "Resource should not have updated."); + assertFalse(samlSSOServiceProviderManager.updateServiceProvider(serviceProviderDO, "existingIssuer", TENANT_ID), "Resource should not have updated."); } @Test @@ -438,7 +437,7 @@ public void testGetServiceProviders() throws Exception { when(mockRegistry.resourceExists(paths[0])).thenReturn(true); when(mockRegistry.resourceExists(paths[1])).thenReturn(true); when(mockRegistry.resourceExists(paths[2])).thenReturn(true); - SAMLSSOServiceProviderDO[] serviceProviders = objUnderTest.getServiceProviders(TENANT_ID); + SAMLSSOServiceProviderDO[] serviceProviders = samlSSOServiceProviderManager.getServiceProviders(TENANT_ID); assertEquals(serviceProviders.length, 3, "Should have returned 3 service providers."); } @@ -447,7 +446,7 @@ public void testRemoveServiceProvider() throws Exception { String existingIssuer = "ExistingIssuer"; String path = getPath(existingIssuer); when(mockRegistry.resourceExists(path)).thenReturn(true); - assertTrue(objUnderTest.removeServiceProvider(existingIssuer, TENANT_ID), "SP Resource is not deleted from path"); + assertTrue(samlSSOServiceProviderManager.removeServiceProvider(existingIssuer, TENANT_ID), "SP Resource is not deleted from path"); } @Test @@ -455,13 +454,13 @@ public void testRemoveNonExistingServiceProvider() throws Exception { String nonExistingIssuer = "NonExistingIssuer"; String path = getPath(nonExistingIssuer); when(mockRegistry.resourceExists(path)).thenReturn(false); - assertFalse(objUnderTest.removeServiceProvider(nonExistingIssuer, TENANT_ID), "SP Resource should not have existed to " + + assertFalse(samlSSOServiceProviderManager.removeServiceProvider(nonExistingIssuer, TENANT_ID), "SP Resource should not have existed to " + "delete."); } @Test(expectedExceptions = IllegalArgumentException.class) public void testRemoveEmptyServiceProvider() throws Exception { - objUnderTest.removeServiceProvider("", TENANT_ID); + samlSSOServiceProviderManager.removeServiceProvider("", TENANT_ID); fail("SP Resource with empty name could not have been deleted."); } @@ -483,7 +482,7 @@ public void testGetServiceProvider() throws Exception { when(mockRegistry.resourceExists(path)).thenReturn(true); when(mockRegistry.get(path)).thenReturn(dummyResource); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.getServiceProvider(dummyResource.getProperty + SAMLSSOServiceProviderDO serviceProviderDO = samlSSOServiceProviderManager.getServiceProvider(dummyResource.getProperty (IdentityRegistryResources.PROP_SAML_SSO_ISSUER), TENANT_ID); assertEquals(serviceProviderDO.getTenantDomain(), "test.com", "Retrieved resource's tenant domain mismatch"); @@ -495,7 +494,7 @@ public void testIsServiceProviderExists() throws Exception { String validSP = "ValidSP"; String path = getPath(validSP); when(mockRegistry.resourceExists(path)).thenReturn(true); - assertTrue(objUnderTest.isServiceProviderExists(validSP, TENANT_ID)); + assertTrue(samlSSOServiceProviderManager.isServiceProviderExists(validSP, TENANT_ID)); } @Test @@ -503,7 +502,7 @@ public void testNonExistingSPIsServiceProviderExists() throws Exception { String invalidSP = "InvalidSP"; String path = getPath(invalidSP); when(mockRegistry.resourceExists(path)).thenReturn(false); - assertFalse(objUnderTest.isServiceProviderExists(invalidSP, TENANT_ID)); + assertFalse(samlSSOServiceProviderManager.isServiceProviderExists(invalidSP, TENANT_ID)); } @Test @@ -516,8 +515,8 @@ public void testUploadServiceProvider() throws Exception { String expectedPath = getPath(dummyResource .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER)); when(mockRegistry.resourceExists(expectedPath)).thenReturn(false); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.buildSAMLSSOServiceProviderDAO(dummyResource); - assertEquals(objUnderTest.uploadServiceProvider(serviceProviderDO, TENANT_ID), serviceProviderDO, "Same resource should" + + SAMLSSOServiceProviderDO serviceProviderDO = buildSAMLSSOServiceProviderDAO(dummyResource); + assertEquals(samlSSOServiceProviderManager.uploadServiceProvider(serviceProviderDO, TENANT_ID), serviceProviderDO, "Same resource should" + " have returned after successful upload."); } @@ -531,8 +530,8 @@ public void testUploadExistingServiceProvider() throws Exception { String expectedPath = getPath(dummyResource .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER)); when(mockRegistry.resourceExists(expectedPath)).thenReturn(true); - SAMLSSOServiceProviderDO serviceProviderDO = objUnderTest.buildSAMLSSOServiceProviderDAO(dummyResource); - objUnderTest.uploadServiceProvider(serviceProviderDO, TENANT_ID); + SAMLSSOServiceProviderDO serviceProviderDO = buildSAMLSSOServiceProviderDAO(dummyResource); + samlSSOServiceProviderManager.uploadServiceProvider(serviceProviderDO, TENANT_ID); fail("Uploading an existing SP should have failed"); } @@ -540,4 +539,184 @@ private String getPath(String path) { String encodedStr = new String(Base64.encodeBase64(path.getBytes())); return IdentityRegistryResources.SAML_SSO_SERVICE_PROVIDERS + encodedStr.replace("=", ""); } + + SAMLSSOServiceProviderDO buildSAMLSSOServiceProviderDAO (Resource resource) { + SAMLSSOServiceProviderDO serviceProviderDO = new SAMLSSOServiceProviderDO(); + serviceProviderDO.setIssuer(resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER)); + serviceProviderDO.setAssertionConsumerUrls(resource.getPropertyValues( + IdentityRegistryResources.PROP_SAML_SSO_ASSERTION_CONS_URLS)); + serviceProviderDO.setDefaultAssertionConsumerUrl(resource.getProperty( + IdentityRegistryResources.PROP_DEFAULT_SAML_SSO_ASSERTION_CONS_URL)); + serviceProviderDO.setCertAlias(resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER_CERT_ALIAS)); + + if (StringUtils.isNotEmpty(resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_SIGNING_ALGORITHM))) { + serviceProviderDO.setSigningAlgorithmUri(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_SIGNING_ALGORITHM)); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ASSERTION_QUERY_REQUEST_PROFILE_ENABLED) != + null) { + serviceProviderDO.setAssertionQueryRequestProfileEnabled(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_ASSERTION_QUERY_REQUEST_PROFILE_ENABLED).trim())); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES) != + null) { + serviceProviderDO.setSupportedAssertionQueryRequestTypes(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_SUPPORTED_ASSERTION_QUERY_REQUEST_TYPES).trim()); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ENABLE_SAML2_ARTIFACT_BINDING) != + null) { + serviceProviderDO.setEnableSAML2ArtifactBinding(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_ENABLE_SAML2_ARTIFACT_BINDING).trim())); + } + + if (StringUtils.isNotEmpty(resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_DIGEST_ALGORITHM))) { + serviceProviderDO.setDigestAlgorithmUri(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_DIGEST_ALGORITHM)); + } + + if (StringUtils.isNotEmpty(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_ASSERTION_ENCRYPTION_ALGORITHM))) { + serviceProviderDO.setAssertionEncryptionAlgorithmUri(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_ASSERTION_ENCRYPTION_ALGORITHM)); + } + + if (StringUtils.isNotEmpty(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_KEY_ENCRYPTION_ALGORITHM))) { + serviceProviderDO.setKeyEncryptionAlgorithmUri(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_KEY_ENCRYPTION_ALGORITHM)); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_DO_SINGLE_LOGOUT) != null) { + serviceProviderDO.setDoSingleLogout(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_DO_SINGLE_LOGOUT).trim())); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_NAMEID_FORMAT) != null) { + serviceProviderDO.setNameIDFormat(resource. + getProperty(IdentityRegistryResources.PROP_SAML_SSO_NAMEID_FORMAT)); + } + + if (resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ENABLE_NAMEID_CLAIMURI) != null) { + if (Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_ENABLE_NAMEID_CLAIMURI).trim())) { + serviceProviderDO.setNameIdClaimUri(resource. + getProperty(IdentityRegistryResources.PROP_SAML_SSO_NAMEID_CLAIMURI)); + } + } + + serviceProviderDO.setLoginPageURL(resource. + getProperty(IdentityRegistryResources.PROP_SAML_SSO_LOGIN_PAGE_URL)); + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_RESPONSE) != null) { + serviceProviderDO.setDoSignResponse(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_RESPONSE).trim())); + } + + if (serviceProviderDO.isDoSingleLogout()) { + serviceProviderDO.setSloResponseURL(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SLO_RESPONSE_URL)); + serviceProviderDO.setSloRequestURL(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SLO_REQUEST_URL)); + // Check front channel logout enable. + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_DO_FRONT_CHANNEL_LOGOUT) != null) { + serviceProviderDO.setDoFrontChannelLogout(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_DO_FRONT_CHANNEL_LOGOUT).trim())); + if (serviceProviderDO.isDoFrontChannelLogout()) { + if (resource.getProperty(IdentityRegistryResources. + PROP_SAML_SSO_FRONT_CHANNEL_LOGOUT_BINDING) != null) { + serviceProviderDO.setFrontChannelLogoutBinding(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_FRONT_CHANNEL_LOGOUT_BINDING)); + } else { + // Default is redirect-binding. + serviceProviderDO.setFrontChannelLogoutBinding(IdentityRegistryResources + .DEFAULT_FRONT_CHANNEL_LOGOUT_BINDING); + } + + } + } + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_ASSERTIONS) != null) { + serviceProviderDO.setDoSignAssertions(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_DO_SIGN_ASSERTIONS).trim())); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_ENABLE_ECP) != null) { + serviceProviderDO.setSamlECP(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_ENABLE_ECP).trim())); + } + + if (resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ATTRIB_CONSUMING_SERVICE_INDEX) != null) { + serviceProviderDO + .setAttributeConsumingServiceIndex(resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ATTRIB_CONSUMING_SERVICE_INDEX)); + } else { + // Specific DB's (like oracle) returns empty strings as null. + serviceProviderDO.setAttributeConsumingServiceIndex(""); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_CLAIMS) != null) { + serviceProviderDO.setRequestedClaims(resource + .getPropertyValues(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_CLAIMS)); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_AUDIENCES) != null) { + serviceProviderDO.setRequestedAudiences(resource + .getPropertyValues(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_AUDIENCES)); + } + + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_RECIPIENTS) != null) { + serviceProviderDO.setRequestedRecipients(resource + .getPropertyValues(IdentityRegistryResources.PROP_SAML_SSO_REQUESTED_RECIPIENTS)); + } + + if (resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ENABLE_ATTRIBUTES_BY_DEFAULT) != null) { + String enableAttrByDefault = resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ENABLE_ATTRIBUTES_BY_DEFAULT); + serviceProviderDO.setEnableAttributesByDefault(Boolean.valueOf(enableAttrByDefault)); + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_IDP_INIT_SSO_ENABLED) != null) { + serviceProviderDO.setIdPInitSSOEnabled(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_IDP_INIT_SSO_ENABLED).trim())); + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SLO_IDP_INIT_SLO_ENABLED) != null) { + serviceProviderDO.setIdPInitSLOEnabled(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SLO_IDP_INIT_SLO_ENABLED).trim())); + if (serviceProviderDO.isIdPInitSLOEnabled() && resource.getProperty( + IdentityRegistryResources.PROP_SAML_IDP_INIT_SLO_RETURN_URLS) != null) { + serviceProviderDO.setIdpInitSLOReturnToURLs(resource.getPropertyValues( + IdentityRegistryResources.PROP_SAML_IDP_INIT_SLO_RETURN_URLS)); + } + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ENABLE_ENCRYPTED_ASSERTION) != null) { + serviceProviderDO.setDoEnableEncryptedAssertion(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_ENABLE_ENCRYPTED_ASSERTION).trim())); + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_VALIDATE_SIGNATURE_IN_REQUESTS) != null) { + serviceProviderDO.setDoValidateSignatureInRequests(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_VALIDATE_SIGNATURE_IN_REQUESTS).trim())); + } + if (resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_VALIDATE_SIGNATURE_IN_ARTIFACT_RESOLVE) != null) { + serviceProviderDO.setDoValidateSignatureInArtifactResolve(Boolean.valueOf(resource.getProperty( + IdentityRegistryResources.PROP_SAML_SSO_VALIDATE_SIGNATURE_IN_ARTIFACT_RESOLVE).trim())); + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER_QUALIFIER) != null) { + serviceProviderDO.setIssuerQualifier(resource + .getProperty(IdentityRegistryResources.PROP_SAML_SSO_ISSUER_QUALIFIER)); + } + if (resource.getProperty(IdentityRegistryResources.PROP_SAML_SSO_IDP_ENTITY_ID_ALIAS) != null) { + serviceProviderDO.setIdpEntityIDAlias(resource.getProperty(IdentityRegistryResources + .PROP_SAML_SSO_IDP_ENTITY_ID_ALIAS)); + } + return serviceProviderDO; + } } diff --git a/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/testng.xml b/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/testng.xml index 086c07b39dae..97b6667547f6 100644 --- a/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/testng.xml +++ b/components/identity-core/org.wso2.carbon.identity.core/src/test/resources/testng.xml @@ -24,13 +24,13 @@ - +