Skip to content

Commit

Permalink
Address review comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@sadilchamishka
sadilchamishka committed Oct 17, 2023
1 parent dbce554 commit d228741
Showing 1 changed file with 20 additions and 23 deletions.
43 changes: 20 additions & 23 deletions ...so2/carbon/identity/organization/management/claim/provider/OrganizationClaimProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ public class OrganizationClaimProvider implements ClaimProvider, JWTAccessTokenC

private static final String AUTHORIZED_ORGANIZATION_ID_ATTRIBUTE = "org_id";
private static final String AUTHORIZED_ORGANIZATION_NAME_ATTRIBUTE = "org_name";
private static final String USER_RESIDENT_ORGANIZATION_NAME_ATTRIBUTE = "user_organization";
private static final String USER_RESIDENT_ORGANIZATION_NAME_ATTRIBUTE = "user_org";

@Override
public Map<String, Object> getAdditionalClaims(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext,
Expand All @@ -52,21 +52,20 @@ public Map<String, Object> getAdditionalClaims(OAuthAuthzReqMessageContext oAuth

String tenantDomain = oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getLoggedInTenantDomain();
String organizationId = resolveOrganizationId(tenantDomain);
return setOrganizationInformation(organizationId, organizationId);
return buildOrganizationInformation(organizationId, organizationId);
}

@Override
public Map<String, Object> getAdditionalClaims(OAuthTokenReqMessageContext oAuthTokenReqMessageContext,
OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO)
throws IdentityOAuth2Exception {

String userResidentOrganization = oAuthTokenReqMessageContext.getAuthorizedUser().getUserResidentOrganization();
String accessingOrganization = oAuthTokenReqMessageContext.getAuthorizedUser().getAccessingOrganization();
if (StringUtils.isEmpty(accessingOrganization)) {
accessingOrganization =
resolveOrganizationId(oAuthTokenReqMessageContext.getAuthorizedUser().getTenantDomain());
String userResidentOrgId = oAuthTokenReqMessageContext.getAuthorizedUser().getUserResidentOrganization();
String authorizedOrgId = oAuthTokenReqMessageContext.getAuthorizedUser().getAccessingOrganization();
if (StringUtils.isEmpty(authorizedOrgId)) {
authorizedOrgId = resolveOrganizationId(oAuthTokenReqMessageContext.getAuthorizedUser().getTenantDomain());
}
return setOrganizationInformation(userResidentOrganization, accessingOrganization);
return buildOrganizationInformation(userResidentOrgId, authorizedOrgId);
}

@Override
Expand All @@ -75,37 +74,34 @@ public Map<String, Object> getAdditionalClaims(OAuthAuthzReqMessageContext oAuth

String tenantDomain = oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getLoggedInTenantDomain();
String organizationId = resolveOrganizationId(tenantDomain);
return setOrganizationInformation(organizationId, organizationId);
return buildOrganizationInformation(organizationId, organizationId);
}

@Override
public Map<String, Object> getAdditionalClaims(OAuthTokenReqMessageContext oAuthTokenReqMessageContext)
throws IdentityOAuth2Exception {

String userResidentOrganization = oAuthTokenReqMessageContext.getAuthorizedUser().getUserResidentOrganization();
String authorizedOrganization = oAuthTokenReqMessageContext.getAuthorizedUser().getAccessingOrganization();
if (StringUtils.isEmpty(authorizedOrganization)) {
authorizedOrganization =
resolveOrganizationId(oAuthTokenReqMessageContext.getAuthorizedUser().getTenantDomain());
String userResidentOrgId = oAuthTokenReqMessageContext.getAuthorizedUser().getUserResidentOrganization();
String authorizedOrgId = oAuthTokenReqMessageContext.getAuthorizedUser().getAccessingOrganization();
if (StringUtils.isEmpty(authorizedOrgId)) {
authorizedOrgId = resolveOrganizationId(oAuthTokenReqMessageContext.getAuthorizedUser().getTenantDomain());
}
return setOrganizationInformation(userResidentOrganization, authorizedOrganization);
return buildOrganizationInformation(userResidentOrgId, authorizedOrgId);
}

private Map<String, Object> setOrganizationInformation(String userResidentOrganization,
String authorizedOrganization)
private Map<String, Object> buildOrganizationInformation(String userResideOrgId, String authorizedOrgId)
throws IdentityOAuth2Exception {

Map<String, Object> additionalClaims = new HashMap<>();
if (!OrganizationClaimProviderServiceComponentHolder.getInstance().isOrganizationManagementEnable()) {
return additionalClaims;
}
try {
if (StringUtils.isNotBlank(authorizedOrganization)) {
String authorizedOrganizationName =
getOrganizationManager().getOrganizationNameById(authorizedOrganization);
additionalClaims.put(USER_RESIDENT_ORGANIZATION_NAME_ATTRIBUTE, userResidentOrganization);
additionalClaims.put(AUTHORIZED_ORGANIZATION_ID_ATTRIBUTE, authorizedOrganization);
additionalClaims.put(AUTHORIZED_ORGANIZATION_NAME_ATTRIBUTE, authorizedOrganizationName);
if (StringUtils.isNotBlank(authorizedOrgId)) {
String authorizedOrgName = getOrganizationManager().getOrganizationNameById(authorizedOrgId);
additionalClaims.put(USER_RESIDENT_ORGANIZATION_NAME_ATTRIBUTE, userResideOrgId);
additionalClaims.put(AUTHORIZED_ORGANIZATION_ID_ATTRIBUTE, authorizedOrgId);
additionalClaims.put(AUTHORIZED_ORGANIZATION_NAME_ATTRIBUTE, authorizedOrgName);
}
} catch (OrganizationManagementException e) {
throw new IdentityOAuth2Exception("Error while resolving organization name by ID.", e);
Expand All @@ -118,6 +114,7 @@ private String resolveOrganizationId(String tenantDomain) throws IdentityOAuth2E
try {
return getOrganizationManager().resolveOrganizationId(tenantDomain);
} catch (OrganizationManagementClientException e) {
// This client error handling should be removed once all the tenants have corresponding organization.
if (ERROR_CODE_ORGANIZATION_NOT_FOUND_FOR_TENANT.getCode().equals(e.getErrorCode())) {
return null;
}
Expand Down

0 comments on commit d228741

Please sign in to comment.