diff --git a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/ClaimMetadataManagementServiceImpl.java b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/ClaimMetadataManagementServiceImpl.java index 3cd3c6ba0349..4d73157d5138 100644 --- a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/ClaimMetadataManagementServiceImpl.java +++ b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/ClaimMetadataManagementServiceImpl.java @@ -52,6 +52,7 @@ import java.util.Set; import java.util.stream.Collectors; +import static org.wso2.carbon.identity.claim.metadata.mgt.util.ClaimConstants.ErrorMessage.ERROR_CODE_CANNOT_ADD_TO_EXTERNAL_DIALECT; import static org.wso2.carbon.identity.claim.metadata.mgt.util.ClaimConstants.ErrorMessage.ERROR_CODE_CLAIM_LENGTH_LIMIT; import static org.wso2.carbon.identity.claim.metadata.mgt.util.ClaimConstants.ErrorMessage.ERROR_CODE_CLAIM_PROPERTY_CHAR_LIMIT_EXCEED; import static org.wso2.carbon.identity.claim.metadata.mgt.util.ClaimConstants.ErrorMessage.ERROR_CODE_EMPTY_CLAIM_DIALECT; @@ -522,7 +523,16 @@ public void addExternalClaim(ExternalClaim externalClaim, String tenantDomain) t externalClaim.getMappedLocalClaim(), externalClaim.getClaimDialectURI())); } - // Add listener + ClaimMetadataEventPublisherProxy.getInstance().publishPreAddExternalClaim(tenantId, externalClaim); + if (MapUtils.isNotEmpty(IdentityUtil.threadLocalProperties.get()) && + Boolean.TRUE.equals(IdentityUtil.threadLocalProperties.get() + .get(ClaimConstants.EXTERNAL_CLAIM_ADDITION_NOT_ALLOWED_FOR_DIALECT))) { + IdentityUtil.threadLocalProperties.get() + .remove(ClaimConstants.EXTERNAL_CLAIM_ADDITION_NOT_ALLOWED_FOR_DIALECT); + throw new ClaimMetadataClientException(ERROR_CODE_CANNOT_ADD_TO_EXTERNAL_DIALECT.getCode(), + String.format(ERROR_CODE_CANNOT_ADD_TO_EXTERNAL_DIALECT.getMessage(), + externalClaim.getClaimDialectURI())); + } this.unifiedClaimMetadataManager.addExternalClaim(externalClaim, tenantId); diff --git a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/ClaimConstants.java b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/ClaimConstants.java index 1fefe33c2c1d..84f4c5fcd492 100644 --- a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/ClaimConstants.java +++ b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/ClaimConstants.java @@ -54,6 +54,8 @@ public class ClaimConstants { public static final String MAX_LENGTH = "maxLength"; public static final String IS_SYSTEM_CLAIM = "isSystemClaim"; public static final String SHARED_PROFILE_VALUE_RESOLVING_METHOD = "SharedProfileValueResolvingMethod"; + public static final String EXTERNAL_CLAIM_ADDITION_NOT_ALLOWED_FOR_DIALECT = + "ExternalClaimAdditionNotAllowedForDialect"; /** * Enum for error messages. @@ -112,6 +114,8 @@ public enum ErrorMessage { ERROR_CODE_INVALID_SHARED_PROFILE_VALUE_RESOLVING_METHOD("CMT-60014", "Invalid shared profile value resolving method: %s"), ERROR_CODE_INVALID_ATTRIBUTE_PROFILE("CMT-600015", "Invalid attribute profile name."), + ERROR_CODE_CANNOT_ADD_TO_EXTERNAL_DIALECT("CMT-60016", + "Adding claims to dialect %s is not allowed"), // Server Errors ERROR_CODE_DELETE_IDN_CLAIM_MAPPED_ATTRIBUTE("65001", "Error occurred while deleting claim " + diff --git a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/DialectConfigParser.java b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/DialectConfigParser.java index e289a4f8ddc2..e03df49e22ac 100644 --- a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/DialectConfigParser.java +++ b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/main/java/org/wso2/carbon/identity/claim/metadata/mgt/util/DialectConfigParser.java @@ -44,6 +44,7 @@ public class DialectConfigParser { private static final String SCHEMA_FILE_NAME = "schemas.xml"; private static final String SCHEMAS_NAMESPACE = "http://wso2.org/projects/carbon/carbon.xml"; + private static final String DEFAULT_SCHEMA_CONFIG = "DefaultSchema"; private static final String ADD_SCHEMA_CONFIG = "AddSchema"; private static final String REMOVE_SCHEMA_CONFIG = "RemoveSchema"; private static final String SCHEMAS_CONFIG = "Schemas"; @@ -54,6 +55,7 @@ public class DialectConfigParser { private static final Log log = LogFactory.getLog(DialectConfigParser.class); private final String schemasFilePath; + private Map claimsMap = Collections.emptyMap(); private Map additionsToDefaultDialects = Collections.emptyMap(); private Map removalsFromDefaultDialects = Collections.emptyMap(); @@ -86,9 +88,20 @@ private void buildConfiguration() { try (InputStream inputStream = Files.newInputStream(schemaPath)) { StAXOMBuilder builder = new StAXOMBuilder(inputStream); OMElement rootElement = builder.getDocumentElement(); + claimsMap = buildSchemasConfiguration(rootElement, DEFAULT_SCHEMA_CONFIG); additionsToDefaultDialects = buildSchemasConfiguration(rootElement, ADD_SCHEMA_CONFIG); removalsFromDefaultDialects = buildSchemasConfiguration(rootElement, REMOVE_SCHEMA_CONFIG); + if (additionsToDefaultDialects != null) { + additionsToDefaultDialects.forEach((key, value) -> { + if (!claimsMap.containsKey(key)) { + claimsMap.put(key, value); + } + }); + } + if (removalsFromDefaultDialects != null) { + removalsFromDefaultDialects.forEach((key, value) -> claimsMap.remove(key)); + } } catch (IOException | XMLStreamException e) { throw IdentityRuntimeException.error("Error occurred while reading schema configuration in path: " + schemasFilePath, e); @@ -129,6 +142,16 @@ private Map buildSchemasConfiguration(OMElement rootElement, Str return dataMap; } + /** + * Return claims supported by the server. + * + * @return Claim Map. + */ + public Map getClaimsMap() { + + return claimsMap; + } + /** * Get the additions to the default schema. * diff --git a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/test/resources/testSchemas/valid/schemas.xml b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/test/resources/testSchemas/valid/schemas.xml index ea54c22fe823..59df495ad23e 100644 --- a/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/test/resources/testSchemas/valid/schemas.xml +++ b/components/claim-mgt/org.wso2.carbon.identity.claim.metadata.mgt/src/test/resources/testSchemas/valid/schemas.xml @@ -1,4 +1,12 @@ + + + + urn:ietf:params:scim:schemas:core:2.0:User:id + urn:ietf:params:scim:schemas:core:2.0:User:meta.created + + + diff --git a/features/identity-event/org.wso2.carbon.identity.event.server.feature/resources/org.wso2.carbon.identity.event.server.feature.default.json b/features/identity-event/org.wso2.carbon.identity.event.server.feature/resources/org.wso2.carbon.identity.event.server.feature.default.json index 1030ae90d69f..45870eee531d 100644 --- a/features/identity-event/org.wso2.carbon.identity.event.server.feature/resources/org.wso2.carbon.identity.event.server.feature.default.json +++ b/features/identity-event/org.wso2.carbon.identity.event.server.feature/resources/org.wso2.carbon.identity.event.server.feature.default.json @@ -204,6 +204,7 @@ "POST_DELETE_LOCAL_CLAIM", "POST_UPDATE_EXTERNAL_CLAIM", "POST_DELETE_EXTERNAL_CLAIM", + "PRE_ADD_EXTERNAL_CLAIM", "POST_ADD_EXTERNAL_CLAIM", "POST_UPDATE_CLAIM_DIALECT", "POST_DELETE_CLAIM_DIALECT"