diff --git a/components/org.wso2.carbon.identity.organization.management.application/src/main/java/org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.java b/components/org.wso2.carbon.identity.organization.management.application/src/main/java/org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.java index b336a5eb3..0758bc8e0 100644 --- a/components/org.wso2.carbon.identity.organization.management.application/src/main/java/org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.java +++ b/components/org.wso2.carbon.identity.organization.management.application/src/main/java/org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.java @@ -24,10 +24,12 @@ import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; +import org.wso2.carbon.identity.application.common.model.AssociatedRolesConfig; import org.wso2.carbon.identity.application.common.model.Claim; import org.wso2.carbon.identity.application.common.model.ClaimConfig; import org.wso2.carbon.identity.application.common.model.ClaimMapping; import org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig; +import org.wso2.carbon.identity.application.common.model.RoleV2; import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty; import org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig; @@ -46,6 +48,7 @@ import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementClientException; import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; +import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Optional; @@ -210,6 +213,14 @@ public boolean doPostGetServiceProvider(ServiceProvider serviceProvider, String .setUseUserstoreDomainInRoles(mainApplication .getLocalAndOutBoundAuthenticationConfig().isUseUserstoreDomainInRoles()); } + + // Set application's associated roles. + AssociatedRolesConfig associatedRolesConfigOfMainApp = mainApplication.getAssociatedRolesConfig(); + if (associatedRolesConfigOfMainApp != null) { + AssociatedRolesConfig associatedRolesConfigForSharedApp = + getAssociatedRolesConfigForSharedApp(associatedRolesConfigOfMainApp); + serviceProvider.setAssociatedRolesConfig(associatedRolesConfigForSharedApp); + } } } catch (OrganizationManagementException e) { throw new IdentityApplicationManagementException @@ -219,6 +230,19 @@ public boolean doPostGetServiceProvider(ServiceProvider serviceProvider, String return super.doPostGetServiceProvider(serviceProvider, applicationName, tenantDomain); } + private AssociatedRolesConfig getAssociatedRolesConfigForSharedApp( + AssociatedRolesConfig associatedRolesConfigOfMainApp) { + + String allowedAudience = associatedRolesConfigOfMainApp.getAllowedAudience(); + List mainAppRoles = associatedRolesConfigOfMainApp.getRoles(); + AssociatedRolesConfig associatedRolesConfigForSharedApp = new AssociatedRolesConfig(); + associatedRolesConfigForSharedApp.setAllowedAudience(allowedAudience); + // TODO resolve to shared role id reference and re build. + List associatedRolesOfSharedApp = mainAppRoles; + associatedRolesConfigForSharedApp.setRoles(associatedRolesOfSharedApp); + return associatedRolesConfigForSharedApp; + } + @Override public boolean doPreDeleteApplication(String applicationName, String tenantDomain, String userName) throws IdentityApplicationManagementException {