Add protocol config handler (#412)

* Add protocol config handler * Bump framework version * Fix formatting issues
wso2-extensions · Feb 16, 2024 · efa8470 · efa8470
1 parent 18c29ce
commit efa8470
Show file tree

Hide file tree

Showing 15 changed files with 958 additions and 82 deletions.
diff --git a/...g.wso2.carbon.identity.sso.saml.stub/src/main/resources/IdentitySAMLSSOConfigService.wsdl b/...g.wso2.carbon.identity.sso.saml.stub/src/main/resources/IdentitySAMLSSOConfigService.wsdl
@@ -237,6 +237,17 @@
  <xs:element minOccurs="0" name="tenantZero" type="xs:boolean"/>
  </xs:sequence>
  </xs:complexType>
+ <xs:complexType name="AuditLogDataType">
+ <xs:sequence>
+ <xs:element name="entry" type="ax2380:MapEntry" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="MapEntry">
+ <xs:sequence>
+ <xs:element name="key" type="xs:string"/>
+ <xs:element name="value" type="xs:anyType"/>
+ </xs:sequence>
+ </xs:complexType>
  <xs:complexType name="SAMLSSOServiceProviderDTO">
 <!-- <xs:complexContent>-->
 <!-- <xs:extension base="ax2381:InboundConfigurationProtocol">-->
@@ -246,6 +257,7 @@
  <xs:element minOccurs="0" name="assertionEncryptionAlgorithmURI" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="assertionQueryRequestProfileEnabled" type="xs:boolean"/>
  <xs:element minOccurs="0" name="attributeConsumingServiceIndex" nillable="true" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="auditLogData" nillable="true" type="ax2380:AuditLogDataType"/>
  <xs:element minOccurs="0" name="certAlias" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="certificateContent" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="defaultAssertionConsumerUrl" nillable="true" type="xs:string"/>

diff --git a/components/org.wso2.carbon.identity.sso.saml/pom.xml b/components/org.wso2.carbon.identity.sso.saml/pom.xml
@@ -303,6 +303,14 @@
  <artifactId>org.apache.felix.scr.ds-annotations</artifactId>
  <scope>provided</scope>
  </dependency>
+ <dependency>
+ <groupId>org.apache.axis2.wso2</groupId>
+ <artifactId>axis2</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.google.code.gson</groupId>
+ <artifactId>gson</artifactId>
+ </dependency>
 
  <!-- for Java 17 Compatibility -->
  <dependency>

diff --git a/...o.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAML2InboundAuthConfigHandler.java b/...o.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAML2InboundAuthConfigHandler.java
diff --git a/...ty.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConfigServiceImpl.java b/...ty.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConfigServiceImpl.java
@@ -116,9 +116,14 @@ public boolean updateRPServiceProvider(SAMLSSOServiceProviderDTO serviceProvider
  * @throws IdentityException
  */
  public SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO spDto) throws IdentityException {
-
+
+ return createServiceProvider(spDto, true);
+ }
+
+ SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO spDto, boolean enableAuditing) throws IdentityException {
+
  validateSAMLSSOServiceProviderDTO(spDto);
- SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
  try {
  return configAdmin.addSAMLServiceProvider(spDto);
  } catch (IdentityException ex) {
@@ -137,8 +142,15 @@ public SAMLSSOServiceProviderDTO createServiceProvider(SAMLSSOServiceProviderDTO
  public SAMLSSOServiceProviderDTO updateServiceProvider(SAMLSSOServiceProviderDTO serviceProviderDTO, String currentIssuer)
  throws IdentityException {
 
+ return updateServiceProvider(serviceProviderDTO, currentIssuer, true);
+ }
+
+ SAMLSSOServiceProviderDTO updateServiceProvider(SAMLSSOServiceProviderDTO serviceProviderDTO, String currentIssuer,
+ boolean enableAuditing)
+ throws IdentityException {
+
  validateSAMLSSOServiceProviderDTO(serviceProviderDTO);
- SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
  try {
  return configAdmin.updateSAMLServiceProvider(serviceProviderDTO, currentIssuer);
  } catch (IdentityException ex) {
@@ -179,8 +191,14 @@ private void validateSAMLSSOServiceProviderDTO(SAMLSSOServiceProviderDTO service
 
  public SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata) throws IdentitySAML2SSOException {
 
+ return uploadRPServiceProvider(metadata, true);
+ }
+
+ SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata, boolean enableAuditing)
+ throws IdentitySAML2SSOException {
+
  try {
- SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
  if (log.isDebugEnabled()) {
  log.debug("Creating SAML Service Provider with metadata: " + metadata);
  }
@@ -202,8 +220,15 @@ public SAMLSSOServiceProviderDTO uploadRPServiceProvider(String metadata) throws
  public SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String metadata, String currentIssuer)
  throws IdentitySAML2SSOException {
 
+ return updateRPServiceProviderWithMetadata(metadata, currentIssuer, true);
+ }
+
+ SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String metadata, String currentIssuer,
+ boolean enableAuditing)
+ throws IdentitySAML2SSOException {
+
  try {
- SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
  if (log.isDebugEnabled()) {
  log.debug("Updating SAML Service Provider with metadata: " + metadata);
  }
@@ -222,15 +247,21 @@ public SAMLSSOServiceProviderDTO updateRPServiceProviderWithMetadata(String meta
  */
  public SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String metadataUrl)
  throws IdentitySAML2SSOException {
-
+
+ return createServiceProviderWithMetadataURL(metadataUrl, true);
+ }
+
+ SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String metadataUrl, boolean enableAuditing)
+ throws IdentitySAML2SSOException {
+
  try {
  URL url = new URL(metadataUrl);
  URLConnection con = url.openConnection();
  con.setConnectTimeout(getConnectionTimeoutInMillis());
  con.setReadTimeout(getReadTimeoutInMillis());
  try (InputStream inputStream = new BoundedInputStream(con.getInputStream(), getMaxSizeInBytes())) {
  String metadata = IOUtils.toString(inputStream);
- return uploadRPServiceProvider(metadata);
+ return uploadRPServiceProvider(metadata, enableAuditing);
  }
  } catch (IOException e) {
  throw handleIOException(URL_NOT_FOUND, "Non-existing metadata URL for SAML service provider creation in tenantDomain: "
@@ -249,19 +280,26 @@ public SAMLSSOServiceProviderDTO createServiceProviderWithMetadataURL(String met
  public SAMLSSOServiceProviderDTO updateServiceProviderWithMetadataURL(String metadataUrl, String currentIssuer)
  throws IdentitySAML2SSOException {
 
+ return updateServiceProviderWithMetadataURL(metadataUrl, currentIssuer, true);
+ }
+
+ SAMLSSOServiceProviderDTO updateServiceProviderWithMetadataURL(String metadataUrl, String currentIssuer,
+ boolean enableAuditing)
+ throws IdentitySAML2SSOException {
+
  try {
  URL url = new URL(metadataUrl);
  URLConnection connection = url.openConnection();
  connection.setConnectTimeout(getConnectionTimeoutInMillis());
  connection.setReadTimeout(getReadTimeoutInMillis());
  try (InputStream inputStream = new BoundedInputStream(connection.getInputStream(), getMaxSizeInBytes())) {
  String metadata = IOUtils.toString(inputStream);
- return updateRPServiceProviderWithMetadata(metadata, currentIssuer);
+ return updateRPServiceProviderWithMetadata(metadata, currentIssuer, enableAuditing);
  }
  } catch (IOException e) {
  throw handleIOException(URL_NOT_FOUND,
  "Non-existing metadata URL for SAML service provider creation in tenantDomain: "
- + getTenantDomain(), e);
+  + getTenantDomain(), e);
  }
  }
 
@@ -459,8 +497,13 @@ public String getKeyEncryptionAlgorithmURIByConfig() {
  */
  public boolean removeServiceProvider(String issuer) throws IdentityException {
 
+ return removeServiceProvider(issuer, true);
+ }
+
+ boolean removeServiceProvider(String issuer, boolean enableAuditing) throws IdentityException {
+
  try {
- SAMLSSOConfigAdmin ssoConfigAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ SAMLSSOConfigAdmin ssoConfigAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry(), enableAuditing);
  return ssoConfigAdmin.removeServiceProvider(issuer);
  } catch (IdentityException ex) {
  String msg = "Error removing SAML SP with issuer: " + issuer + " in tenantDomain: " + getTenantDomain();
@@ -557,9 +600,12 @@ private Registry getGovernanceRegistry() {
  private IdentitySAML2SSOException handleException(String message, IdentityException ex) {
 
  setErrorCodeIfNotDefined(ex);
- if (ex instanceof IdentitySAML2SSOException) {
+ if (ex instanceof IdentitySAML2ClientException) {
+ return (IdentitySAML2ClientException) ex;
+ } else if (ex instanceof IdentitySAML2SSOException) {
  return (IdentitySAML2SSOException) ex;
- } else {
+ }
+ else {
  return new IdentitySAML2SSOException(ex.getErrorCode(), message, ex);
  }
  }

diff --git a/...n.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConstants.java b/...n.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/SAMLSSOConstants.java
@@ -209,6 +209,7 @@ public static class LogConstants {
 
  public static final String CREATE_SAML_APPLICATION = "CREATE SAML APPLICATION";
  public static final String DELETE_SAML_APPLICATION = "DELETE SAML APPLICATION";
+ public static final String UPDATE_SAML_APPLICATION = "UPDATE SAML APPLICATION";
  public static final String SAML_INBOUND_SERVICE = "saml-inbound-service";
 
  /**