/** * Convert RichUsers to Identity objects with obfuscated email address and limited set of ext * sources. Service users are removed from the list. * * @param list RichUsers to convert * @return list of Identities without service ones * @throws PerunException */ private List<Identity> convertToIdentities(List<RichUser> list) throws PerunException { List<Identity> result = new ArrayList<Identity>(); if (list != null && !list.isEmpty()) { for (RichUser u : list) { // skip service users if (u.isServiceUser()) continue; Identity identity = new Identity(); identity.setName(u.getDisplayName()); identity.setId(u.getId()); for (Attribute a : u.getUserAttributes()) { if (MailManagerImpl.URN_USER_PREFERRED_MAIL.equals(a.getName())) { if (a.getValue() != null && !((String) a.getValue()).isEmpty()) { String safeMail = ((String) a.getValue()).split("@")[0]; if (safeMail.length() > 2) { safeMail = safeMail.substring(0, 1) + "****" + safeMail.substring(safeMail.length() - 1, safeMail.length()); } safeMail += "@" + ((String) a.getValue()).split("@")[1]; identity.setEmail(safeMail); } } else if ("urn:perun:user:attribute-def:def:organization".equals(a.getName())) { if (a.getValue() != null) { identity.setOrganization((String) a.getValue()); } } } List<ExtSource> es = new ArrayList<ExtSource>(); for (UserExtSource ues : u.getUserExtSources()) { if (ues.getExtSource().getType().equals(ExtSourcesManagerEntry.EXTSOURCE_X509)) { es.add(ues.getExtSource()); } else if (ues.getExtSource().getType().equals(ExtSourcesManagerEntry.EXTSOURCE_IDP)) { if (ues.getExtSource().getName().equals("https://extidp.cesnet.cz/idp/shibboleth")) { // FIXME - hack Social IdP to let us know proper identity source String type = ues.getLogin().split("@")[1].split("\\.")[0]; ues.getExtSource() .setName( "https://extidp.cesnet.cz/idp/shibboleth&authnContextClassRef=urn:cesnet:extidp:authn:" + type); } else if (ues.getExtSource().getName().equals("https://login.elixir-czech.org/idp/")) { // FIXME - hack Elixir proxy IdP to let us know proper identity source String type = ues.getLogin().split("@")[1]; ues.getExtSource().setName("https://login.elixir-czech.org/idp/@" + type); } es.add(ues.getExtSource()); } else if (ues.getExtSource() .getType() .equals(ExtSourcesManagerEntry.EXTSOURCE_KERBEROS)) { es.add(ues.getExtSource()); } } identity.setIdentities(es); result.add(identity); } } return result; }