private Subject createSubject(PolicyManager pm) throws PolicyException {
   SubjectTypeManager mgr = pm.getSubjectTypeManager();
   Subject subject = mgr.getSubject("AMIdentitySubject");
   Set<String> set = new HashSet<String>();
   set.add(group1.getUniversalId());
   set.add(group2.getUniversalId());
   subject.setValues(set);
   return subject;
 }
示例#2
0
  public String execute(Locale locale, Map params) throws WorkflowException {
    final String realm = getString(params, REALM);
    final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());

    // replace service attributes
    final Map<String, Set<String>> attrValues = getDefaultOAuth2ProviderAttributes(token);
    attrValues.put(REFRESH_TOKEN_LIFETIME_NAME, Collections.singleton(getString(params, RTL)));
    attrValues.put(AUTHZ_CODE_LIFETIME_NAME, Collections.singleton(getString(params, ACL)));
    attrValues.put(ACCESS_TOKEN_LIFETIME_NAME, Collections.singleton(getString(params, ATL)));
    attrValues.put(ISSUE_REFRESH_TOKEN, Collections.singleton(getString(params, IRT)));
    attrValues.put(
        ISSUE_REFRESH_TOKEN_ON_REFRESHING_TOKEN, Collections.singleton(getString(params, IRTR)));
    attrValues.put(SCOPE_PLUGIN_CLASS, Collections.singleton(getString(params, SIC)));

    createOAuth2Provider(token, realm, attrValues);

    String policyURL = getRequestURL(params) + OAUTH2_AUTHORIZE_ENDPOINT;

    // check if policy exists
    PolicyManager mgr;
    boolean createPolicy = false;
    try {
      mgr = new PolicyManager(token, ROOT);
      if (mgr.getPolicy(POLICY_NAME) == null) {
        createPolicy = true;
      }
    } catch (Exception e) {
      createPolicy = true;
    }

    if (createPolicy) {

      try {
        Privilege toStore = Privilege.getNewInstance();

        Map<String, Boolean> actions = new HashMap<String, Boolean>();
        actions.put("POST", true);
        actions.put("GET", true);

        Entitlement entitlement = new Entitlement();
        entitlement.setActionValues(actions);
        entitlement.setResourceName(policyURL);

        toStore.setSubject(new AuthenticatedUsers());
        toStore.setName(POLICY_NAME);
        toStore.setEntitlement(entitlement);

        PolicyStore policyStore =
            storeProvider.getPolicyStore(SubjectUtils.createSuperAdminSubject(), ROOT);
        policyStore.create(toStore);

      } catch (EntitlementException e) {
        throw new WorkflowException("ConfigureOAuth2.execute() : Unable to create policy");
      }
    }

    String messageTemplate = getMessage(MESSAGE, locale);

    return MessageFormat.format(
        messageTemplate,
        realm,
        MessageFormat.format(
            getMessage(createPolicy ? POLICY_CREATED : POLICY_EXISTS, locale), POLICY_NAME));
  }