UmaPolicyApplicationListener.java revision ba3008548cd047b233fcd32bb3c5d69926eed22f
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2015 ForgeRock AS.
*/
/**
* Listens for changes to UMA Resource Server (OAuth2 Agent) to create or delete its policy
* application.
*
* @since 13.0.0
*/
public class UmaPolicyApplicationListener implements IdEventListener {
private final AMIdentityRepositoryFactory idRepoFactory;
private final ApplicationManagerWrapper applicationManager;
private final ApplicationTypeManagerWrapper applicationTypeManagerWrapper;
private final PromisedRequestHandler policyResource;
private final ResourceSetStoreFactory resourceSetStoreFactory;
/**
* Creates an instance of the {@code UmaPolicyApplicationListener}.
*
* @param idRepoFactory An instance of the {@code AMIdentityRepositoryFactory}.
* @param applicationManager An instance of the {@code ApplicationManagerWrapper}.
* @param applicationTypeManagerWrapper An instance of the {@code ApplicationTypeManagerWrapper}.
* @param policyResource An instance of the policy backend {@code PromisedRequestHandler}.
* @param resourceSetStoreFactory An instance of the {@code ResourceSetStoreFactory}.
*/
this.idRepoFactory = idRepoFactory;
this.applicationManager = applicationManager;
this.policyResource = policyResource;
}
/**
* Ensures that if the identity is a UMA resource server then a policy application exists for
* it, otherwise (based on configuration) deletes the resource servers policy application,
* policies and resource sets.
*
* @param universalId {@inheritDoc}
*/
try {
if (!isAgentIdentity(identity)) {
return;
}
if (isResourceServer(identity)) {
} else {
}
} catch (IdRepoException e) {
} catch (SSOException e) {
} catch (NotFoundException e) {
} catch (ServerException e) {
}
}
/**
* Not required.
*
* @param universalId {@inheritDoc}
*/
//OAuth2 agents cannot be renamed
}
/**
* Deletes, (based on configuration), the resource servers policy application, policies and
* resource sets.
*
* @param universalId {@inheritDoc}
*/
try {
if (!isAgentIdentity(identity)) {
return;
}
} catch (IdRepoException e) {
} catch (NotFoundException e) {
} catch (ServerException e) {
}
}
/**
* Not required.
*/
public void allIdentitiesChanged() {
}
}
}
@SuppressWarnings("unchecked")
private Map<String, Set<String>> getIdentityAttributes(AMIdentity identity) throws IdRepoException, SSOException {
throw new IdRepoException("UmaPolicyApplicationListener.getIdentityAttributes : More than one agent found");
}
return new HashMap<String, Set<String>>((Map) searchResults.getResultAttributes().values().iterator().next());
}
}
return true;
}
}
return false;
}
try {
if (application == null) {
}
} catch (EntitlementException e) {
}
}
private void removeApplication(String realm, String resourceServerId) throws NotFoundException, ServerException {
OpenAMSettingsImpl umaSettings = new OpenAMSettingsImpl(UmaConstants.SERVICE_NAME, UmaConstants.SERVICE_VERSION);
try {
}
} catch (EntitlementException e) {
}
}
}
}
private boolean onDeleteResourceServerDeletePolicies(OpenAMSettings umaSettings, String realm) throws ServerException {
try {
return umaSettings.getBooleanSetting(realm, UmaConstants.DELETE_POLICIES_ON_RESOURCE_SERVER_DELETION);
} catch (SMSException e) {
throw new ServerException(e);
} catch (SSOException e) {
throw new ServerException(e);
}
}
private boolean onDeleteResourceServerDeleteResourceSets(OpenAMSettings umaSettings, String realm) throws ServerException {
try {
return umaSettings.getBooleanSetting(realm, UmaConstants.DELETE_RESOURCE_SETS_ON_RESOURCE_SERVER_DELETION);
} catch (SMSException e) {
throw new ServerException(e);
} catch (SSOException e) {
throw new ServerException(e);
}
}
.thenAsync(new AsyncFunction<Pair<QueryResult, List<Resource>>, List<Resource>, ResourceException>() {
}
return when;
}
})
}
});
}
private void deleteResourceSets(String realm, String resourceServerId) throws NotFoundException, ServerException {
ResourceSetStore resourceSetStore = resourceSetStoreFactory.create(DNMapper.orgNameToRealmName(realm));
}
}
/**
* SubjectContext implementation which contains an admin token.
*/
private final SSOToken adminToken;
super("subjectContext", parent);
}
public Subject getCallerSubject() {
}
try {
} catch (SSOException ssoE) {
return null;
}
}
return adminToken;
}
}
}
}
}