Add protocol config handler (#412)

* Add protocol config handler * Bump framework version * Fix formatting issues
wso2-extensions · Feb 16, 2024 · efa8470 · efa8470
1 parent 18c29ce
commit efa8470
Show file tree

Hide file tree

Showing 15 changed files with 958 additions and 82 deletions.
diff --git a/...g.wso2.carbon.identity.sso.saml.stub/src/main/resources/IdentitySAMLSSOConfigService.wsdl b/...g.wso2.carbon.identity.sso.saml.stub/src/main/resources/IdentitySAMLSSOConfigService.wsdl
@@ -237,6 +237,17 @@
                     <xs:element minOccurs="0" name="tenantZero" type="xs:boolean"/>
                 </xs:sequence>
             </xs:complexType>
+            <xs:complexType name="AuditLogDataType">
+                <xs:sequence>
+                    <xs:element name="entry" type="ax2380:MapEntry" minOccurs="0" maxOccurs="unbounded"/>
+                </xs:sequence>
+            </xs:complexType>
+            <xs:complexType name="MapEntry">
+                <xs:sequence>
+                    <xs:element name="key" type="xs:string"/>
+                    <xs:element name="value" type="xs:anyType"/>
+                </xs:sequence>
+            </xs:complexType>
             <xs:complexType name="SAMLSSOServiceProviderDTO">
 <!--                <xs:complexContent>-->
 <!--                    <xs:extension base="ax2381:InboundConfigurationProtocol">-->
@@ -246,6 +257,7 @@
                             <xs:element minOccurs="0" name="assertionEncryptionAlgorithmURI" nillable="true" type="xs:string"/>
                             <xs:element minOccurs="0" name="assertionQueryRequestProfileEnabled" type="xs:boolean"/>
                             <xs:element minOccurs="0" name="attributeConsumingServiceIndex" nillable="true" type="xs:string"/>
+                            <xs:element maxOccurs="unbounded" minOccurs="0" name="auditLogData" nillable="true" type="ax2380:AuditLogDataType"/>
                             <xs:element minOccurs="0" name="certAlias" nillable="true" type="xs:string"/>
                             <xs:element minOccurs="0" name="certificateContent" nillable="true" type="xs:string"/>
                             <xs:element minOccurs="0" name="defaultAssertionConsumerUrl" nillable="true" type="xs:string"/>

diff --git a/components/org.wso2.carbon.identity.sso.saml/pom.xml b/components/org.wso2.carbon.identity.sso.saml/pom.xml
@@ -303,6 +303,14 @@
             <artifactId>org.apache.felix.scr.ds-annotations</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.apache.axis2.wso2</groupId>
+            <artifactId>axis2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.google.code.gson</groupId>
+            <artifactId>gson</artifactId>
+        </dependency>
 
         <!-- for Java 17 Compatibility -->
         <dependency>

diff --git a/...o.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAML2InboundAuthConfigHandler.java b/...o.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAML2InboundAuthConfigHandler.java
diff --git a/...ty.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConfigServiceImpl.java b/...ty.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConfigServiceImpl.java
@@ -116,9 +116,14 @@ public boolean updateRPServiceProvider(SAMLSSOServiceProviderDTO serviceProvider
      * @throws IdentityException
      */
     public SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO spDto) throws IdentityException {
-
+
+        return createServiceProvider(spDto, true);
+    }
+
+    SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO spDto, boolean enableAuditing) throws IdentityException {
+
         validateSAMLSSOServiceProviderDTO(spDto);
-        SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+        SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
         try {
             return configAdmin.addSAMLServiceProvider(spDto);
         } catch (IdentityException ex) {
@@ -137,8 +142,15 @@ public SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO
     public SAMLSSOServiceProviderDTO updateServiceProvider(SAMLSSOServiceProviderDTO serviceProviderDTO, String currentIssuer)
             throws IdentityException {
 
+        return updateServiceProvider(serviceProviderDTO, currentIssuer, true);
+    }
+
+    SAMLSSOServiceProviderDTO updateServiceProvider(SAMLSSOServiceProviderDTO serviceProviderDTO, String currentIssuer,
+                                                    boolean enableAuditing)
+            throws IdentityException {
+
         validateSAMLSSOServiceProviderDTO(serviceProviderDTO);
-        SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+        SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
         try {
             return configAdmin.updateSAMLServiceProvider(serviceProviderDTO, currentIssuer);
         } catch (IdentityException ex) {
@@ -179,8 +191,14 @@ private void validateSAMLSSOServiceProviderDTO(SAMLSSOServiceProviderDTO service
 
     public SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata) throws IdentitySAML2SSOException {
 
+        return uploadRPServiceProvider(metadata, true);
+    }
+
+    SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata, boolean enableAuditing)
+            throws IdentitySAML2SSOException {
+
         try {
-            SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+            SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
             if (log.isDebugEnabled()) {
                 log.debug("Creating SAML Service Provider with metadata: " + metadata);
             }
@@ -202,8 +220,15 @@ public SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata) throws
     public SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String metadata, String currentIssuer)
             throws IdentitySAML2SSOException {
 
+        return updateRPServiceProviderWithMetadata(metadata, currentIssuer, true);
+    }
+
+    SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String metadata, String currentIssuer,
+                                                                  boolean enableAuditing)
+            throws IdentitySAML2SSOException {
+
         try {
-            SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+            SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
             if (log.isDebugEnabled()) {
                 log.debug("Updating SAML Service Provider with metadata: " + metadata);
             }
@@ -222,15 +247,21 @@ public SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String meta
      */
     public SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String metadataUrl)
             throws IdentitySAML2SSOException {
-
+
+        return createServiceProviderWithMetadataURL(metadataUrl, true);
+    }
+
+    SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String metadataUrl, boolean enableAuditing)
+            throws IdentitySAML2SSOException {
+
         try {
             URL url = new URL(metadataUrl);
             URLConnection con = url.openConnection();
             con.setConnectTimeout(getConnectionTimeoutInMillis());
             con.setReadTimeout(getReadTimeoutInMillis());
             try (InputStream inputStream = new BoundedInputStream(con.getInputStream(), getMaxSizeInBytes())) {
                 String metadata = IOUtils.toString(inputStream);
-                return uploadRPServiceProvider(metadata);
+                return uploadRPServiceProvider(metadata, enableAuditing);
             }
         } catch (IOException e) {
             throw handleIOException(URL_NOT_FOUND, "Non-existing metadata URL for SAML service provider creation in tenantDomain: "
@@ -249,19 +280,26 @@ public SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String met
     public SAMLSSOServiceProviderDTO updateServiceProviderWithMetadataURL(String metadataUrl, String currentIssuer)
             throws IdentitySAML2SSOException {
 
+        return updateServiceProviderWithMetadataURL(metadataUrl, currentIssuer, true);
+    }
+
+    SAMLSSOServiceProviderDTO updateServiceProviderWithMetadataURL(String metadataUrl, String currentIssuer,
+                                                                   boolean enableAuditing)
+            throws IdentitySAML2SSOException {
+
         try {
             URL url = new URL(metadataUrl);
             URLConnection connection = url.openConnection();
             connection.setConnectTimeout(getConnectionTimeoutInMillis());
             connection.setReadTimeout(getReadTimeoutInMillis());
             try (InputStream inputStream = new BoundedInputStream(connection.getInputStream(), getMaxSizeInBytes())) {
                 String metadata = IOUtils.toString(inputStream);
-                return updateRPServiceProviderWithMetadata(metadata, currentIssuer);
+                return updateRPServiceProviderWithMetadata(metadata, currentIssuer, enableAuditing);
             }
         } catch (IOException e) {
             throw handleIOException(URL_NOT_FOUND,
                     "Non-existing metadata URL for SAML service provider creation in tenantDomain: "
-                    + getTenantDomain(), e);
+                            + getTenantDomain(), e);
         }
     }
 
@@ -459,8 +497,13 @@ public String getKeyEncryptionAlgorithmURIByConfig() {
      */
     public boolean removeServiceProvider(String issuer) throws IdentityException {
 
+        return removeServiceProvider(issuer, true);
+    }
+
+    boolean removeServiceProvider(String issuer, boolean enableAuditing) throws IdentityException {
+
         try {
-            SAMLSSOConfigAdmin ssoConfigAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+            SAMLSSOConfigAdmin ssoConfigAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
             return ssoConfigAdmin.removeServiceProvider(issuer);
         } catch (IdentityException ex) {
             String msg = "Error removing SAML SP with issuer: " + issuer + " in tenantDomain: " + getTenantDomain();
@@ -557,9 +600,12 @@ private Registry getGovernanceRegistry() {
     private IdentitySAML2SSOException handleException(String message, IdentityException ex) {
 
         setErrorCodeIfNotDefined(ex);
-        if (ex instanceof IdentitySAML2SSOException) {
+        if (ex instanceof IdentitySAML2ClientException) {
+            return (IdentitySAML2ClientException) ex;
+        } else if (ex instanceof IdentitySAML2SSOException) {
             return (IdentitySAML2SSOException) ex;
-        } else {
+        }
+        else {
             return new IdentitySAML2SSOException(ex.getErrorCode(), message, ex);
         }
     }

diff --git a/...n.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConstants.java b/...n.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConstants.java
@@ -209,6 +209,7 @@ public static class LogConstants {
 
         public static final String CREATE_SAML_APPLICATION = "CREATE SAML APPLICATION";
         public static final String DELETE_SAML_APPLICATION = "DELETE SAML APPLICATION";
+        public static final String UPDATE_SAML_APPLICATION = "UPDATE SAML APPLICATION";
         public static final String SAML_INBOUND_SERVICE = "saml-inbound-service";
 
         /**