Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce mappedLocalSubjectMandatory service provider configuration #521

Merged
merged 4 commits into from
Nov 6, 2023
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,9 @@ public enum ErrorMessage {
INVALID_POLICY_TYPE_FOR_API_RESOURCE("60512", "Invalid policy type provided for the API " +
"resource.", "API resource with id: %s doesn't allow the provided policy type: %s."),

ERROR_ASSERT_LOCAL_SUBJECT_IDENTIFIER_DISABLED("60513",
"Invalid configuration.",
"useMappedLocalSubject cannot be disabled when mappedLocalSubjectMandatory is enabled."),
Yasasr1 marked this conversation as resolved.
Show resolved Hide resolved
// Server Errors.
ERROR_RETRIEVING_SAML_METADATA("65001",
"Error occurred while retrieving SAML Metadata.",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ public class SubjectConfig {
private Boolean includeUserDomain;
private Boolean includeTenantDomain;
private Boolean useMappedLocalSubject;
private Boolean mappedLocalSubjectMandatory;

/**
**/
Expand Down Expand Up @@ -110,6 +111,24 @@ public void setUseMappedLocalSubject(Boolean useMappedLocalSubject) {
this.useMappedLocalSubject = useMappedLocalSubject;
}

/**
**/
public SubjectConfig mappedLocalSubjectMandatory(Boolean mappedLocalSubjectMandatory) {

this.mappedLocalSubjectMandatory = mappedLocalSubjectMandatory;
return this;
}

@ApiModelProperty(example = "false", value = "")
@JsonProperty("mappedLocalSubjectMandatory")
@Valid
public Boolean getMappedLocalSubjectMandatory() {
return mappedLocalSubjectMandatory;
}
public void setMappedLocalSubjectMandatory(Boolean mappedLocalSubjectMandatory) {
this.mappedLocalSubjectMandatory = mappedLocalSubjectMandatory;
}



@Override
Expand All @@ -125,12 +144,13 @@ public boolean equals(java.lang.Object o) {
return Objects.equals(this.claim, subjectConfig.claim) &&
Objects.equals(this.includeUserDomain, subjectConfig.includeUserDomain) &&
Objects.equals(this.includeTenantDomain, subjectConfig.includeTenantDomain) &&
Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject);
Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject) &&
Objects.equals(this.mappedLocalSubjectMandatory, subjectConfig.mappedLocalSubjectMandatory);
}

@Override
public int hashCode() {
return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject);
return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject, mappedLocalSubjectMandatory);
}

@Override
Expand All @@ -143,6 +163,7 @@ public String toString() {
sb.append(" includeUserDomain: ").append(toIndentedString(includeUserDomain)).append("\n");
sb.append(" includeTenantDomain: ").append(toIndentedString(includeTenantDomain)).append("\n");
sb.append(" useMappedLocalSubject: ").append(toIndentedString(useMappedLocalSubject)).append("\n");
sb.append(" mappedLocalSubjectMandatory: ").append(toIndentedString(mappedLocalSubjectMandatory)).append("\n");
sb.append("}");
return sb.toString();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,7 @@ private SubjectConfig buildSubjectClaimConfig(ServiceProvider application) {

if (application.getClaimConfig() != null) {
subjectConfig.useMappedLocalSubject(application.getClaimConfig().isAlwaysSendMappedLocalSubjectId());
subjectConfig.mappedLocalSubjectMandatory(application.getClaimConfig().isMappedLocalSubjectMandatory());
}

LocalAndOutboundAuthenticationConfig localAndOutboundAuthConfig =
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,8 @@
import java.util.Optional;
import java.util.stream.Collectors;

import static org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ErrorMessage.ERROR_ASSERT_LOCAL_SUBJECT_IDENTIFIER_DISABLED;
import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.buildBadRequestError;
import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull;

/**
Expand Down Expand Up @@ -131,6 +133,14 @@ private void updateSubjectClaimConfigs(SubjectConfig subjectApiModel, ServicePro

if (subjectApiModel != null) {

if (subjectApiModel.getMappedLocalSubjectMandatory() != null &&
subjectApiModel.getMappedLocalSubjectMandatory() &&
subjectApiModel.getUseMappedLocalSubject() != null &&
!subjectApiModel.getUseMappedLocalSubject()) {
Yasasr1 marked this conversation as resolved.
Show resolved Hide resolved
throw buildBadRequestError(ERROR_ASSERT_LOCAL_SUBJECT_IDENTIFIER_DISABLED.getCode(),
ERROR_ASSERT_LOCAL_SUBJECT_IDENTIFIER_DISABLED.getDescription());
}

LocalAndOutboundAuthenticationConfig authConfig = getLocalAndOutboundConfig(application);
if (subjectApiModel.getClaim() != null) {
setIfNotNull(subjectApiModel.getClaim().getUri(), authConfig::setSubjectClaimUri);
Expand All @@ -142,6 +152,7 @@ private void updateSubjectClaimConfigs(SubjectConfig subjectApiModel, ServicePro

ClaimConfig claimConfig = getClaimConfig(application);
setIfNotNull(subjectApiModel.getUseMappedLocalSubject(), claimConfig::setAlwaysSendMappedLocalSubjectId);
setIfNotNull(subjectApiModel.getMappedLocalSubjectMandatory(), claimConfig::setMappedLocalSubjectMandatory);
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2934,6 +2934,9 @@ components:
useMappedLocalSubject:
type: boolean
example: false
mappedLocalSubjectMandatory:
type: boolean
example: false
RoleConfig:
type: object
properties:
Expand Down
Loading