Hi , Please find the PR[1],
[1] https://github.com/wso2-extensions/identity-outbound-auth-pinterest/pull/1/ Thanks, Vivek Vivekananthan Sivanayagam Software Engineer | WSO2 E:[email protected] M:+94752786138 On Wed, Apr 19, 2017 at 2:53 PM, Ruwan Abeykoon <[email protected]> wrote: > Hi Vivek, > Yes, > I made a mistake, this is wrong. > subjectFromClaims = claimMappings.get(claimMapping); > > and > subjectFromClaims = claims.get(claimMapping); > is the correct one. > > Cheers, > Ruwan. > > > On Wed, Apr 19, 2017 at 2:36 PM, Vivekananthan Sivanayagam < > [email protected]> wrote: > >> Hi Ruwan, >> >> Thaks for the suggestion and I have made changes as you suggested and it >> is working when I changed as "subjectFromClaims = >> claims.get(claimMapping);" instead of " subjectFromClaims = >> claimMappings.get(claimMapping);". >> >> Thanks, >> Vivek. >> >> Vivekananthan Sivanayagam >> Software Engineer | WSO2 >> E:[email protected] >> M:+94752786138 <+94%2075%20278%206138> >> >> On Wed, Apr 19, 2017 at 11:44 AM, Vivekananthan Sivanayagam < >> [email protected]> wrote: >> >>> Noted. >>> >>> Vivekananthan Sivanayagam >>> Software Engineer | WSO2 >>> E:[email protected] >>> M:+94752786138 <+94%2075%20278%206138> >>> >>> On Wed, Apr 19, 2017 at 11:23 AM, Ruwan Abeykoon <[email protected]> >>> wrote: >>> >>>> Hi All, >>>> Thanks Vivekananthan to bring this up. >>>> >>>> Also any code resembling the following needs to be removed as it >>>> performs an unwanted action against IDP config. It sets a config on IDP >>>> within an authenticator, which is wrong practice in programming which >>>> breaks "Abstraction" principle. >>>> if (StringUtils.isBlank(context.getExternalIdP().getIdentityPro >>>> vider().getClaimConfig().getUserClaimURI())) { >>>> context.getExternalIdP().getId >>>> entityProvider().getClaimConfig().setUserClaimURI >>>> (FacebookAuthenticatorConstants.EMAIL); >>>> } >>>> >>>> Instead we should adopt something similar to >>>> ... >>>> //Find the subject from the IDP claim mapping, subject Claim URI. >>>> String subjectFromClaims = FrameworkUtils.getFederatedSub >>>> jectFromClaims( >>>> context.getExternalIdP().getIdentityProvider(), >>>> claims); >>>> >>>> //Use preset claim URI on the Authenticator if claim mapping is not >>>> defined by the admin >>>> if (StringUtils.isBlank(subjectFromClaims)) { >>>> ClaimMapping claimMapping = new ClaimMapping(); >>>> Claim claim = new Claim(); >>>> claim.setClaimUri(FacebookAuthenticatorConstants.EMAIL)); //Use >>>> the appropriate claim uri >>>> claimMapping.setRemoteClaim(claim); >>>> claimMapping.setLocalClaim(claim); >>>> subjectFromClaims = claimMappings.get(claimMapping); >>>> } >>>> >>>> And make the above code reusable across all connectors, either by >>>> adding them to base class or having a util method somewhere. >>>> >>>> Cheers, >>>> Ruwan >>>> >>>> >>>> On Wed, Apr 19, 2017 at 10:34 AM, Nuwandi Wickramasinghe < >>>> [email protected]> wrote: >>>> >>>>> Ideally any Federated authenticator should give the flexibility to >>>>> configure the subject claim from IS side. If admin selects a value as >>>>> *User >>>>> ID Claim URI *in the identity provider claim configuration, that >>>>> selected value needs to be treated as subject of that authenticated user >>>>> within the IS. >>>>> >>>>> By hard coding a subject without checking *User ID Claim URI * >>>>> configuration in the identity provider, that authenticator removes >>>>> that flexibility and totally neglects the configuration. >>>>> >>>>> Following method in FrameworkUtils is used to read the configured user >>>>> Id claim from Identity Provider configuration. >>>>> >>>>> FrameworkUtils.getFederatedSubjectFromClaims(IdentityProvider >>>>> identityProvider, Map<ClaimMapping, String> claimMappings); >>>>> >>>>> On Wed, Apr 19, 2017 at 9:43 AM, Malaka Silva <[email protected]> wrote: >>>>> >>>>>> IS Team, >>>>>> >>>>>> Can you please comment on this? >>>>>> >>>>>> On Wed, Apr 19, 2017 at 9:40 AM, Vivekananthan Sivanayagam < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi , >>>>>>> >>>>>>> I am working on the ticket[1] and analysed the existing >>>>>>> authenticators. As mentioned on the ticket, default subject identifier >>>>>>> claim is hard coded[2] and have to modify the existing authenticators as >>>>>>> implemented in Facebook authenticator >>>>>>> [3][4]. >>>>>>> >>>>>>> @Malaka, >>>>>>> If we have to improve the authenticator as mentioned above, it would >>>>>>> be better if we include this improvement in Pinterest Authenticator >>>>>>> before >>>>>>> getting released. can you confirm it? >>>>>>> >>>>>> IMHO better to add this any new federated authenticator before >>>>> releasing it. >>>>> >>>>>> >>>>>>> [1] https://wso2.org/jira/projects/ISCONNECT/issues/ISCONNEC >>>>>>> T-49?filter=allopenissues >>>>>>> [2] https://github.com/wso2-extensions/identity-outbound-aut >>>>>>> h-linkedIn/blob/master/component/src/main/java/org/wso2/carb >>>>>>> on/identity/authenticator/linkedIn/LinkedInAuthenticator.java#L281 >>>>>>> [3] https://github.com/wso2-extensions/identity-outbound-aut >>>>>>> h-facebook/blob/master/components/org.wso2.carbon.identity.a >>>>>>> pplication.authenticator.facebook/src/main/java/org/wso2/car >>>>>>> bon/identity/application/authenticator/facebook/FacebookAuth >>>>>>> enticator.java#L352 >>>>>>> [4] https://docs.wso2.com/display/IS530/Logging+in+to+the+Id >>>>>>> entity+Server+using+Facebook+Credentials#LoggingintotheIdent >>>>>>> ityServerusingFacebookCredentials-Configuringclaimmappingsfo >>>>>>> rFacebook >>>>>>> >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Vivekananthan Sivanayagam >>>>>>> Software Engineer | WSO2 >>>>>>> E:[email protected] >>>>>>> M:+94752786138 <075%20278%206138> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> Malaka Silva >>>>>> Associate Director / Architect >>>>>> M: +94 777 219 791 <+94%2077%20721%209791> >>>>>> Tel : 94 11 214 5345 >>>>>> Fax :94 11 2145300 >>>>>> Skype : malaka.sampath.silva >>>>>> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >>>>>> Blog : http://mrmalakasilva.blogspot.com/ >>>>>> >>>>>> WSO2, Inc. >>>>>> lean . enterprise . middleware >>>>>> https://wso2.com/signature >>>>>> http://www.wso2.com/about/team/malaka-silva/ >>>>>> <http://wso2.com/about/team/malaka-silva/> >>>>>> https://store.wso2.com/store/ >>>>>> >>>>>> Don't make Trees rare, we should keep them with care >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Best Regards, >>>>> >>>>> Nuwandi Wickramasinghe >>>>> >>>>> Software Engineer >>>>> >>>>> WSO2 Inc. >>>>> >>>>> Web : http://wso2.com >>>>> >>>>> Mobile : 0719214873 >>>>> >>>> >>>> >>>> >>>> -- >>>> >>>> *Ruwan Abeykoon* >>>> *Associate Director/Architect**,* >>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >>>> *lean.enterprise.middleware.* >>>> >>>> >>> >> > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
