CoreServicesWrapper.java revision ecf1257183378eed78053afa34a6f3f8b3cda6ab
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms of the Common Development and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Distribution License (the License). You may not use this file except in compliance with the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * specific language governing permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Software, include this CDDL Header Notice in each file and include
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header, with the fields enclosed by brackets [] replaced by your own identifying
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * information: "Portions copyright [year] [name of copyright owner]".
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright 2013-2015 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.client.AuthClientUtils;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.server.AuthContextLocal;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.service.AuthException;
f340ca28e0f04c4b3b878647094bfd9439c0b698David Lunaimport com.sun.identity.authentication.service.AuthUtils;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.util.AMAuthUtils;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.security.AdminTokenAction;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.ServiceConfigManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * A wrapper class around core static class and methods.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Providing a wrapper around these methods allows for easy decoupling and unit testing.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Gets the Session Id from the HttpServletRequest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.authentication.service.AuthUtils#getSessionIDFromRequest(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * javax.servlet.http.HttpServletRequest)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param request The HttpServletRequest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return The SessionID from the request.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public SessionID getSessionIDFromRequest(HttpServletRequest request) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AuthUtils.getSessionIDFromRequest(request);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Gets the environment map from a HttpServletRequest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.authentication.client.AuthClientUtils#getEnvMap(javax.servlet.http.HttpServletRequest)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param request The HttpServletRequest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return The environment map.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Map<String, Set<String>> getEnvMap(HttpServletRequest request) {
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * Gets the resource URL to use for resource-based authentication.
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * {@link AuthClientUtils#getResourceURL(HttpServletRequest)}
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * @param request the servlet request.
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * @return the resource URL to authenticate for.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getResourceURL(HttpServletRequest request) {
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * Gets the admin SSO Token.
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * {@link java.security.AccessController#doPrivileged(java.security.PrivilegedAction)}
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna * @return The SSOToken.
f340ca28e0f04c4b3b878647094bfd9439c0b698David Luna return AccessController.doPrivileged(AdminTokenAction.getInstance());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Gets a ServiceConfigManager instance.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.sm.ServiceConfigManager(String, com.iplanet.sso.SSOToken)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName The service name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param token The SSOToken.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return A ServiceConfigManager instance.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws com.iplanet.sso.SSOException If there is a problem when creating the ServiceConfigManager instance.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws com.sun.identity.sm.SMSException If the SSO Token is invalid or expired.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public ServiceConfigManager getServiceConfigManager(String serviceName, SSOToken token) throws SSOException,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return new ServiceConfigManager(serviceName, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Checks to see if the given value contains the given key. The value being a concatenated array.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.authentication.client.AuthClientUtils#isContain(String, String)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param value The value.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param key The key.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return If the value does or does not contain the key.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public boolean doesValueContainKey(String value, String key) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Gets the SSO Token for an existing valid session.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param sessionID The SSO Token Id/Session id of the existing session.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return The SSO Token.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public SSOToken getExistingValidSSOToken(SessionID sessionID) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AuthUtils.getExistingValidSSOToken(sessionID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the data from Realm qualified data. This could be authentication scheme or authentication level or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param realmQualifiedData Realm qualified data.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return String representing of Realmm qualified data.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getDataFromRealmQualifiedData(String realmQualifiedData) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AMAuthUtils.getDataFromRealmQualifiedData(realmQualifiedData);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the Realm name from Realm qualified data.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param realmQualifiedData Realm qualified data. This could be Realm qualified authentication scheme or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * authentication level or service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return String representing realm name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getRealmFromRealmQualifiedData(String realmQualifiedData) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AMAuthUtils.getRealmFromRealmQualifiedData(realmQualifiedData);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Converts organisation name which is "/" separated to DN, else if DN normalize the DN and return.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param orgName The organisation name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return The Organisation DN.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the authentication service or chain configured for the given organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param orgDN organization DN.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return the authentication service or chain configured for the given organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getOrgConfiguredAuthenticationChain(String orgDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AuthUtils.getOrgConfiguredAuthenticationChain(orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This method determines the organization parameter and determines the organization DN based on query parameters.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.authentication.client.AuthClientUtils#getDomainNameByRequest(HttpServletRequest,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Hashtable)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param request The HTTP Servlet Request.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return Organization DN.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getDomainNameByRequest(HttpServletRequest request) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return AuthClientUtils.getDomainNameByRequest(request, AuthClientUtils.parseRequestParameters(request));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Checks to see if the Organization is active.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * {@link com.sun.identity.idm.IdUtils#isOrganizationActive(SSOToken, String)}
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param realm The organization DN to check the status of.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return True if organization is active, otherwise false.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws IdRepoException If cannot find any information for organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SSOException If there is a problem with the admin SSOToken.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public boolean isOrganizationActive(String realm) throws IdRepoException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return IdUtils.isOrganizationActive(getAdminToken(), realm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Creates and sets the load balancer cookies on the response.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param authContext The AuthContextLocal object.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param request The HttpServletRequest.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param response The HttpServletResponse.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws AuthException If there is a problem setting the load balancer cookies.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void setLbCookie(AuthContextLocal authContext, HttpServletRequest request, HttpServletResponse response)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AuthUtils.setlbCookie(authContext, request, response);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Gets the AMIdentity of a user with username equal to {@literal username} that exists in realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param username username of the user to get.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param realm realm the user belongs to.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return The AMIdentity of user with username equal to {@literal username}.