Skip to content

Commit

Permalink
Fix error at cloning authentication context.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Thisara-Welmilla
Thisara-Welmilla committed Feb 14, 2025
1 parent d5366d7 commit c4ff8db
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 69 deletions.
8 changes: 4 additions & 4 deletions ...rbon/identity/application/authentication/framework/cache/AuthenticationContextLoader.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,11 +314,11 @@ private IdentityProvider getIdPByIdPName(String idPName, String tenantDomain)
private IdentityProvider getIdPByResourceID(String resourceId, String tenantDomain)
throws SessionDataStorageOptimizationException {

IdentityProviderManager manager =
(IdentityProviderManager) FrameworkServiceDataHolder.getInstance().getIdentityProviderManager();
IdentityProvider idp;
try {
idp = manager.getIdPByResourceId(resourceId, tenantDomain, false);
idp = ApplicationAuthenticatorManager.getInstance().getSerializableIdPByResourceId(
resourceId, tenantDomain);

if (idp == null) {
throw new SessionDataStorageOptimizationClientException(
String.format("Cannot find the Identity Provider by the resource ID: %s " +
Expand All @@ -332,7 +332,7 @@ private IdentityProvider getIdPByResourceID(String resourceId, String tenantDoma
throw new SessionDataStorageOptimizationServerException(
String.format("IDP management server error. Failed to get the Identity Provider by " +
"resource id: %s tenant domain: %s", resourceId, tenantDomain), e);
} catch (IdentityProviderManagementException e) {
} catch (IdentityProviderManagementException | FrameworkException e) {
throw new SessionDataStorageOptimizationServerException(
String.format("Failed to get the Identity Provider by resource id: %s tenant domain: %s",
resourceId, tenantDomain), e);
Expand Down
14 changes: 5 additions & 9 deletions ...dentity/application/authentication/framework/config/model/OptimizedApplicationConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationClientException;
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationException;
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationServerException;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.internal.core.ApplicationAuthenticatorManager;
import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException;
import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
Expand Down Expand Up @@ -337,12 +337,10 @@ private IdentityProvider[] getFederatedIdPs(List<String> federatedIdPResourceIds
throws FrameworkException {

IdentityProvider[] idPs = new IdentityProvider[federatedIdPResourceIds.size()];
IdentityProviderManager manager =
(IdentityProviderManager) FrameworkServiceDataHolder.getInstance().getIdentityProviderManager();
for (int i = 0; i < federatedIdPResourceIds.size(); i++) {
try {
IdentityProvider idp = manager.getIdPByResourceId(federatedIdPResourceIds.get(i), tenantDomain,
false);
IdentityProvider idp = ApplicationAuthenticatorManager.getInstance().getSerializableIdPByResourceId(
federatedIdPResourceIds.get(i), tenantDomain);
if (idp == null) {
throw new SessionDataStorageOptimizationClientException(
String.format("Cannot find the IdP by the resource Id: %s Tenant Domain: %s",
Expand Down Expand Up @@ -379,12 +377,10 @@ private IdentityProvider[] getIdPsFromOptimizedFederatedIdPs(
throws FrameworkException {

List<IdentityProvider> idPList = new ArrayList<>();
IdentityProviderManager manager =
(IdentityProviderManager) FrameworkServiceDataHolder.getInstance().getIdentityProviderManager();
for (OptimizedAuthStep.OptimizedFederatedIdP optimizedFederatedIdP : optimizedFederatedIdPs) {
try {
IdentityProvider idPByResourceId = manager.getIdPByResourceId(optimizedFederatedIdP.getIdpResourceId(),
tenantDomain, false);
IdentityProvider idPByResourceId = ApplicationAuthenticatorManager.getInstance()
.getSerializableIdPByResourceId(optimizedFederatedIdP.getIdpResourceId(), tenantDomain);
if (idPByResourceId == null) {
throw new SessionDataStorageOptimizationClientException(
String.format("Cannot find the IdP by the resource Id: %s Tenant Domain: %s",
Expand Down
25 changes: 15 additions & 10 deletions ...ntity/application/authentication/framework/config/model/OptimizedAuthenticatorConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,11 @@
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationClientException;
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationException;
import org.wso2.carbon.identity.application.authentication.framework.exception.session.storage.SessionDataStorageOptimizationServerException;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.internal.core.ApplicationAuthenticatorManager;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementServerException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;

import java.io.Serializable;
import java.util.ArrayList;
Expand Down Expand Up @@ -92,30 +90,37 @@ public AuthenticatorConfig getAuthenticatorConfig() throws
authenticatorConfig.setParameterMap(this.parameterMap);
Map<String, IdentityProvider> idps = new HashMap<>();
List<String> idpNames = new ArrayList<>();
for (String resourceId : this.idPResourceIds) {
IdentityProvider idp = getIdPByResourceID(resourceId, this.tenantDomain);
idps.put(idp.getIdentityProviderName(), idp);
idpNames.add(idp.getIdentityProviderName());

try {
for (String resourceId : this.idPResourceIds) {

IdentityProvider idp = getIdPByResourceID(resourceId, this.tenantDomain);
idps.put(idp.getIdentityProviderName(), idp);
idpNames.add(idp.getIdentityProviderName());
}
} catch (FrameworkException e) {
throw new SessionDataStorageOptimizationException(String.format("An error occurred while " +
"resolving IDP for the authenticator:%s", this.name), e);
}

authenticatorConfig.setIdPs(idps);
authenticatorConfig.setIdPNames(idpNames);
authenticatorConfig.setTenantDomain(this.tenantDomain);
return authenticatorConfig;
}

private IdentityProvider getIdPByResourceID(String resourceId, String tenantDomain) throws
SessionDataStorageOptimizationException {
FrameworkException {

if (StringUtils.isEmpty(resourceId) || StringUtils.isEmpty(tenantDomain)) {
throw new SessionDataStorageOptimizationClientException(
String.format("Null parameters passed while getting IDPs by the resource ID: %s " +
"tenant domain: %s", resourceId, tenantDomain));
}
IdentityProviderManager manager =
(IdentityProviderManager) FrameworkServiceDataHolder.getInstance().getIdentityProviderManager();
IdentityProvider idp;
try {
idp = manager.getIdPByResourceId(resourceId, tenantDomain, false);
idp = ApplicationAuthenticatorManager.getInstance().getSerializableIdPByResourceId(
resourceId, tenantDomain);
if (idp == null) {
throw new SessionDataStorageOptimizationClientException(
String.format("Cannot find the Identity Provider by the resource ID: %s " +
Expand Down
42 changes: 0 additions & 42 deletions ...2/carbon/identity/application/authentication/framework/context/AuthenticationContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,17 +22,12 @@
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.SerializationUtils;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorStateInfo;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedIdPData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.UserDefinedFederatedAuthenticatorConfig;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.bean.context.MessageContext;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
Expand Down Expand Up @@ -860,43 +855,6 @@ public void setExpiryTime(long expiryTimeNano) {
*/
public Object clone () {

removeNonSerializableObjects();
return SerializationUtils.clone(this);
}

private void removeNonSerializableObjects() {

/* Remove non-serializable UserDefinedAuthenticatorEndpointConfig objects from the
UserDefinedFederatedAuthenticatorConfig in the context. The UserDefinedAuthenticatorEndpointConfig contains
the endpoint URI and the authentication type of the corresponding action. However, this information is not
used in the authentication flow. Instead, the action ID in the authenticator property is used to resolve the
corresponding action. */
if (sequenceConfig == null || sequenceConfig.getStepMap() == null) {
return;
}

for (StepConfig stepConfig : sequenceConfig.getStepMap().values()) {
if (stepConfig == null || stepConfig.getAuthenticatorList() == null) {
continue;
}

for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
if (stepConfig.getAuthenticatorList() == null) {
continue;
}

for (IdentityProvider idp : authenticatorConfig.getIdps().values()) {
if (idp == null || idp.getFederatedAuthenticatorConfigs() == null) {
continue;
}

for (FederatedAuthenticatorConfig authConfig : idp.getFederatedAuthenticatorConfigs()) {
if (authConfig instanceof UserDefinedFederatedAuthenticatorConfig) {
((UserDefinedFederatedAuthenticatorConfig) authConfig).setEndpointConfig(null);
}
}
}
}
}
}
}
27 changes: 23 additions & 4 deletions ...y/application/authentication/framework/internal/core/ApplicationAuthenticatorManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.UserDefinedFederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig;
import org.wso2.carbon.identity.core.util.IdentityConfigParser;
Expand All @@ -33,6 +34,8 @@
import java.util.ArrayList;
import java.util.List;

import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils.createIdPClone;

/**
* This class is used to manage the ApplicationAuthenticator instances.
*/
Expand Down Expand Up @@ -117,8 +120,8 @@ public List<ApplicationAuthenticator> getAllAuthenticators(String tenantDomain)
.getUserDefinedLocalAuthenticator(localConfig));
}

FederatedAuthenticatorConfig[] fedConfig = IdentityProviderManager.getInstance()
.getAllFederatedAuthenticators(tenantDomain);
FederatedAuthenticatorConfig[] fedConfig = FrameworkServiceDataHolder.getInstance()
.getIdentityProviderManager().getAllFederatedAuthenticators(tenantDomain);
for (FederatedAuthenticatorConfig fedAuth : fedConfig) {
if (fedAuth instanceof UserDefinedFederatedAuthenticatorConfig) {
allAuthenticators.add(FrameworkServiceDataHolder.getInstance().getUserDefinedAuthenticatorService()
Expand Down Expand Up @@ -164,8 +167,8 @@ public ApplicationAuthenticator getApplicationAuthenticatorByName(String authent
}

// Check whether the authenticator config is the user defined fed authenticator config, if so resolve it.
FederatedAuthenticatorConfig[] fedConfig = IdentityProviderManager.getInstance()
.getAllFederatedAuthenticators(tenantDomain);
FederatedAuthenticatorConfig[] fedConfig = FrameworkServiceDataHolder.getInstance()
.getIdentityProviderManager().getAllFederatedAuthenticators(tenantDomain);
for (FederatedAuthenticatorConfig fedAuth : fedConfig) {
if (fedAuth instanceof UserDefinedFederatedAuthenticatorConfig &&
fedAuth.getName().equals(authenticatorName)) {
Expand All @@ -184,4 +187,20 @@ private boolean isAuthenticationActionEnabled() {
return Boolean.parseBoolean((String) IdentityConfigParser.getInstance()
.getConfiguration().get(AUTHENTICATION_ACTION_ENABLED_PROP));
}

public IdentityProvider getSerializableIdPByResourceId(String resourceId, String tenantDomain)
throws FrameworkException, IdentityProviderManagementException {

/* Remove non-serializable UserDefinedAuthenticatorEndpointConfig objects from the identityProviders in the
authentication context.
The UserDefinedAuthenticatorEndpointConfig contains the endpoint URI and authentication type for the
corresponding action. However, this information is not utilized in the authentication flow. Instead,
the action ID in the authenticator property is used to resolve the corresponding action.
Since the FederatedAuthenticatorConfig model is used in the IdentityProvider class, when creating a deep
clone of the Identity Provider, convert the UserDefinedFederatedAuthenticatorConfig object to
a FederatedAuthenticatorConfig instance. */
IdentityProviderManager manager =
(IdentityProviderManager) FrameworkServiceDataHolder.getInstance().getIdentityProviderManager();
return createIdPClone(manager.getIdPByResourceId(resourceId, tenantDomain, false));
}
}
3 changes: 3 additions & 0 deletions ...rg.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/IdentityProviderManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -881,6 +881,9 @@ public IdentityProvider getIdPById(String id, String tenantDomain,
return identityProvider;
}

/**
* Note that this
*/
@Override
public IdentityProvider getIdPByResourceId(String resourceId, String tenantDomain, boolean
ignoreFileBasedIdps) throws IdentityProviderManagementException {
Expand Down

0 comments on commit c4ff8db

Please sign in to comment.