Merge pull request #5990 from Thisara-Welmilla/add-definedBy-type-prop

Add definedBy property for authenticators.
wso2 · Oct 11, 2024 · 9ff18dd · 9ff18dd
2 parents 5f1b008 + eb2ca3b
commit 9ff18dd
Show file tree

Hide file tree

Showing 7 changed files with 115 additions and 13 deletions.
diff --git a/.../java/org/wso2/carbon/identity/application/common/model/FederatedAuthenticatorConfig.java b/.../java/org/wso2/carbon/identity/application/common/model/FederatedAuthenticatorConfig.java
@@ -22,6 +22,7 @@
 import org.apache.axiom.om.OMElement;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 
 import java.io.Serializable;
 import java.util.ArrayList;
@@ -63,6 +64,9 @@ public class FederatedAuthenticatorConfig implements Serializable {
     @XmlElement(name = "Tags")
     protected String[] tags;
 
+    @XmlElement(name = "DefinedBy")
+    protected DefinedByType definedByType;
+
     public static FederatedAuthenticatorConfig build(OMElement federatedAuthenticatorConfigOM) {
 
         if (federatedAuthenticatorConfigOM == null) {
@@ -101,9 +105,15 @@ public static FederatedAuthenticatorConfig build(OMElement federatedAuthenticato
                     Property[] propertiesArr = propertiesArrList.toArray(new Property[propertiesArrList.size()]);
                     federatedAuthenticatorConfig.setProperties(propertiesArr);
                 }
+            } else if ("DefinedBy".equals(elementName)) {
+                federatedAuthenticatorConfig.setDefinedByType(DefinedByType.valueOf(element.getText()));
             }
         }
 
+        if (federatedAuthenticatorConfig.getDefinedByType() == null) {
+            federatedAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
+        }
+
         return federatedAuthenticatorConfig;
     }
 
@@ -230,4 +240,24 @@ public void setTags(String[] tagList) {
 
         tags = tagList;
     }
+
+    /**
+     * Get the defined by type of the federated authenticator config.
+     *
+     * @return DefinedByType
+     */
+    public DefinedByType getDefinedByType() {
+
+        return definedByType;
+    }
+
+    /**
+     * Set the defined by type of the federated authenticator config.
+     *
+     * @param type The defined by type of the federated authenticator config.
+     */
+    public void setDefinedByType(DefinedByType type) {
+
+        definedByType = type;
+    }
 }
diff --git a/...main/java/org/wso2/carbon/identity/application/common/model/LocalAuthenticatorConfig.java b/...main/java/org/wso2/carbon/identity/application/common/model/LocalAuthenticatorConfig.java
@@ -22,6 +22,7 @@
 import org.apache.axiom.om.OMElement;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 import org.wso2.carbon.identity.base.IdentityConstants;
 
 import java.io.Serializable;
@@ -63,6 +64,9 @@ public class LocalAuthenticatorConfig implements Serializable {
     @XmlElement(name = "Tags")
     protected String[] tags;
 
+    @XmlElement(name = "DefinedBy")
+    protected DefinedByType definedByType;
+
     /*
      * <LocalAuthenticatorConfig> <Name></Name> <DisplayName></DisplayName> <IsEnabled></IsEnabled>
      * <Properties></Properties> </LocalAuthenticatorConfig>
@@ -111,8 +115,15 @@ public static LocalAuthenticatorConfig build(OMElement localAuthenticatorConfigO
                     Property[] propertiesArr = propertiesArrList.toArray(new Property[0]);
                     localAuthenticatorConfig.setProperties(propertiesArr);
                 }
+            } else if ("DefinedBy".equals(member.getLocalName())) {
+                localAuthenticatorConfig.setDefinedByType(DefinedByType.valueOf(member.getText()));
             }
         }
+
+        if (localAuthenticatorConfig.getDefinedByType() == null) {
+            localAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
+        }
+
         return localAuthenticatorConfig;
     }
 
@@ -224,4 +235,24 @@ public void setTags(String[] tagList) {
 
         tags = tagList;
     }
+
+    /**
+     * Get the defined by type of the Local authenticator config.
+     *
+     * @return DefinedByType
+     */
+    public DefinedByType getDefinedByType() {
+
+        return definedByType;
+    }
+
+    /**
+     * Set the defined by type of the Local authenticator config.
+     *
+     * @param type The defined by type of the local authenticator config.
+     */
+    public void setDefinedByType(DefinedByType type) {
+
+        definedByType = type;
+    }
 }
diff --git a/...ava/org/wso2/carbon/identity/application/common/model/RequestPathAuthenticatorConfig.java b/...ava/org/wso2/carbon/identity/application/common/model/RequestPathAuthenticatorConfig.java
@@ -20,6 +20,7 @@
 
 import org.apache.axiom.om.OMElement;
 import org.apache.commons.collections.CollectionUtils;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants;
 
 import java.util.ArrayList;
 import java.util.Iterator;
@@ -74,6 +75,10 @@ public static RequestPathAuthenticatorConfig build(OMElement requestPathAuthenti
                 }
             }
         }
+
+        // Since custom request path authenticators are not allowed, the definedBy type will always be set to SYSTEM.
+        requestPathAuthenticatorConfig.setDefinedByType(AuthenticatorPropertyConstants.DefinedByType.SYSTEM);
+
         return requestPathAuthenticatorConfig;
     }
 

diff --git a/...g/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java b/...g/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java
@@ -24,6 +24,7 @@
 import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
 import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorData;
 import org.wso2.carbon.identity.application.common.model.Property;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 
 import java.io.Serializable;
 import java.util.List;
@@ -171,4 +172,13 @@ default String getI18nKey() {
         return StringUtils.EMPTY;
     }
 
+    /**
+     * Get the authenticator type. Default value will be SYSTEM.
+     *
+     * @return Authenticator Type.
+     */
+    default DefinedByType getDefinedByType() {
+
+        return DefinedByType.SYSTEM;
+    }
 }
diff --git a/...bon/identity/application/authentication/framework/internal/FrameworkServiceComponent.java b/...bon/identity/application/authentication/framework/internal/FrameworkServiceComponent.java
@@ -99,6 +99,7 @@
 import org.wso2.carbon.identity.application.common.model.Property;
 import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService;
 import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager;
 import org.wso2.carbon.identity.core.handler.HandlerComparator;
@@ -508,13 +509,15 @@ protected void setAuthenticator(ApplicationAuthenticator authenticator) {
             localAuthenticatorConfig.setTags(getTags(authenticator));
             AuthenticatorConfig fileBasedConfig = getAuthenticatorConfig(authenticator.getName());
             localAuthenticatorConfig.setEnabled(fileBasedConfig.isEnabled());
+            localAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
             ApplicationAuthenticatorService.getInstance().addLocalAuthenticator(localAuthenticatorConfig);
         } else if (authenticator instanceof FederatedApplicationAuthenticator) {
             FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
             federatedAuthenticatorConfig.setName(authenticator.getName());
             federatedAuthenticatorConfig.setProperties(configProperties);
             federatedAuthenticatorConfig.setDisplayName(authenticator.getFriendlyName());
             federatedAuthenticatorConfig.setTags(getTags(authenticator));
+            federatedAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
             ApplicationAuthenticatorService.getInstance().addFederatedAuthenticator(federatedAuthenticatorConfig);
         } else if (authenticator instanceof RequestPathApplicationAuthenticator) {
             RequestPathAuthenticatorConfig reqPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
@@ -524,6 +527,7 @@ protected void setAuthenticator(ApplicationAuthenticator authenticator) {
             reqPathAuthenticatorConfig.setTags(getTags(authenticator));
             AuthenticatorConfig fileBasedConfig = getAuthenticatorConfig(authenticator.getName());
             reqPathAuthenticatorConfig.setEnabled(fileBasedConfig.isEnabled());
+            reqPathAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
             ApplicationAuthenticatorService.getInstance().addRequestPathAuthenticator(reqPathAuthenticatorConfig);
         }
 

diff --git a/...tity.base/src/main/java/org/wso2/carbon/identity/base/AuthenticatorPropertyConstants.java b/...tity.base/src/main/java/org/wso2/carbon/identity/base/AuthenticatorPropertyConstants.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.base;
+
+public class AuthenticatorPropertyConstants {
+
+    /**
+     * The Defined by Types - SYSTEM: system define authenticator, USER: user defined authentication extension.
+     */
+    public enum DefinedByType {
+
+        SYSTEM,
+        USER
+    }
+}
diff --git a/...rg.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java b/...rg.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java
@@ -18,15 +18,12 @@
 
 package org.wso2.carbon.idp.mgt;
 
-import org.apache.axiom.om.util.Base64;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.ArrayUtils;
 import org.apache.commons.lang.NotImplementedException;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.context.PrivilegedCarbonContext;
-import org.wso2.carbon.core.util.KeyStoreManager;
 import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
 import org.wso2.carbon.identity.application.common.ProvisioningConnectorService;
 import org.wso2.carbon.identity.application.common.model.ClaimConfig;
@@ -43,10 +40,9 @@
 import org.wso2.carbon.identity.application.common.model.SubProperty;
 import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
 import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
+import org.wso2.carbon.identity.base.AuthenticatorPropertyConstants.DefinedByType;
 import org.wso2.carbon.identity.base.IdentityConstants;
 import org.wso2.carbon.identity.base.IdentityException;
-import org.wso2.carbon.identity.core.ServiceURLBuilder;
-import org.wso2.carbon.identity.core.URLBuilderException;
 import org.wso2.carbon.identity.core.model.ExpressionNode;
 import org.wso2.carbon.identity.core.model.FilterTreeBuilder;
 import org.wso2.carbon.identity.core.model.Node;
@@ -70,15 +66,8 @@
 import org.wso2.carbon.user.api.UserStoreManager;
 import org.wso2.carbon.user.core.UserCoreConstants;
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
-import org.wso2.carbon.utils.security.KeystoreUtils;
 
 import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.KeyStore;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
 import java.sql.Connection;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -89,7 +78,6 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 import javax.xml.stream.XMLStreamException;
@@ -171,6 +159,7 @@ public void addResidentIdP(IdentityProvider identityProvider, String tenantDomai
         if (saml2SSOResidentAuthenticatorConfig == null) {
             saml2SSOResidentAuthenticatorConfig = new FederatedAuthenticatorConfig();
             saml2SSOResidentAuthenticatorConfig.setName(IdentityApplicationConstants.Authenticator.SAML2SSO.NAME);
+            saml2SSOResidentAuthenticatorConfig.setDefinedByType(DefinedByType.SYSTEM);
         }
         if (saml2SSOResidentAuthenticatorConfig.getProperties() == null) {
             saml2SSOResidentAuthenticatorConfig.setProperties(new Property[0]);
@@ -255,6 +244,7 @@ public void addResidentIdP(IdentityProvider identityProvider, String tenantDomai
         FederatedAuthenticatorConfig oidcAuthenticationConfig = new FederatedAuthenticatorConfig();
         oidcAuthenticationConfig.setProperties(new Property[]{oidcProperty});
         oidcAuthenticationConfig.setName(IdentityApplicationConstants.Authenticator.OIDC.NAME);
+        oidcAuthenticationConfig.setDefinedByType(DefinedByType.SYSTEM);
 
         Property passiveStsProperty = new Property();
         passiveStsProperty.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.IDENTITY_PROVIDER_ENTITY_ID);
@@ -263,6 +253,7 @@ public void addResidentIdP(IdentityProvider identityProvider, String tenantDomai
         FederatedAuthenticatorConfig passiveStsAuthenticationConfig = new FederatedAuthenticatorConfig();
         passiveStsAuthenticationConfig.setProperties(new Property[]{passiveStsProperty});
         passiveStsAuthenticationConfig.setName(IdentityApplicationConstants.Authenticator.PassiveSTS.NAME);
+        passiveStsAuthenticationConfig.setDefinedByType(DefinedByType.SYSTEM);
 
         FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = {saml2SSOResidentAuthenticatorConfig,
                 passiveStsAuthenticationConfig, oidcAuthenticationConfig};