WSO2 Identity Server Events

Originally published at http://everything1know.wordpress.com on August 1, 2019.

What’s up, folks?

Today I’m going to talk about the eventing framework of the WSO2 Identity Server. There are numerous operations you can do with the WSO2 Identity Server such as user operations, and the eventing framework is designed to trigger events when each of those operations are executed.

We can write Handlers that can be subscribed to these events and do whatever the use case we need to get done.

This is just one example, and we can do a lot using the WSO2 Identity Server eventing framework. Following are the supported events.

1. PRE_AUTHENTICATION — Triggered before authenticating a user.
2. POST_AUTHENTICATION — Triggered after authenticating a user.
3. PRE_ADD_USER — Triggered before adding a new user to the system.
4. POST_ADD_USER — Triggered after adding a new user to the system.
5. PRE_UPDATE_CREDENTIAL — Triggered before updating user credentials.
6. POST_UPDATE_CREDENTIAL — Triggered after updating user credentials.
7. PRE_UPDATE_CREDENTIAL_BY_ADMIN — Triggered before updating user credentials by an admin.
8. POST_UPDATE_CREDENTIAL_BY_ADMIN — Triggered after updating user credentials by an admin.
9. PRE_DELETE_USER — Triggered before deleting a user from the system.
10. POST_DELETE_USER — Triggered after deleting a user from the system.
11. PRE_SET_USER_CLAIM — Triggered before setting a single user attribute.
12. POST_SET_USER_CLAIM — Triggered after setting a single user attribute.
13. PRE_SET_USER_CLAIMS — Triggered before setting a set of user attributes as a batch.
14. POST_SET_USER_CLAIMS — Triggered after setting a set of user attributes as a batch.
15. PRE_GET_USER_CLAIM — Triggered before retrieving a user attribute.
16. POST_GET_USER_CLAIM — Triggered after retrieving a user attribute.
17. PRE_GET_USER_CLAIMS — Triggered before getting a set of user attributes as a batch.
18. POST_GET_USER_CLAIMS — Triggered after getting a set of user attributes as a batch.
19. PRE_DELETE_USER_CLAIM — Triggered before deleting a user attribute.
20. POST_DELETE_USER_CLAIM — Triggered after deleting a user attribute.
21. PRE_DELETE_USER_CLAIMS — Triggered before deleting a set of user attributes as a batch.
22. POST_DELETE_USER_CLAIMS — Triggered after deleting a set of user attributes as a batch.
23. PRE_ADD_ROLE — Triggered before adding a role.
24. POST_ADD_ROLE — Triggered after adding a role.
25. PRE_DELETE_ROLE — Triggered before deleting a role.
26. POST_DELETE_ROLE — Triggered after deleting a role.
27. PRE_UPDATE_ROLE — Triggered before updating a role.
28. POST_UPDATE_ROLE — Triggered after updating a role.
29. PRE_UPDATE_USER_LIST_OF_ROLE — Triggered before updating the user list of a role.
30. POST_UPDATE_USER_LIST_OF_ROLE — Triggered after updating the user list of a role.
31. PRE_UPDATE_ROLE_LIST_OF_USER — Triggered before updating the role list of a user.
32. POST_UPDATE_ROLE_LIST_OF_USER — Triggered after updating the role list of a user.
33. UPDATE_GOVERNANCE_CONFIGURATION — Triggered when updating the governance configurations.
34. PRE_ADD_NEW_PASSWORD — Triggered before adding a new password.
35. POST_ADD_NEW_PASSWORD — Triggered after adding a new password.
36. PRE_SEND_RECOVERY_NOTIFICATION — Triggered before sending recovery notification.
37. POST_SEND_RECOVERY_NOTIFICATION — Triggered after sending recovery notification.
38. TRIGGER_NOTIFICATION — Triggered when a notification is triggered.
39. TRIGGER_SMS_NOTIFICATION — Triggered when an SMS notification is triggered.

Writing a Simple Event Handler

To write an event handler, we need to extend the AbstractEventHandler class. There are three important methods we need to override.

1. getName() — This should return the name of the event handler.
2. getPriority() — This method should return a priority value for the handler. Registered handlers will be executed based on their priority.
3. handleEvent(Event event) —Whatever we need to get done should go inside the handleEvent method.

Following is an example event handler code that logs an info log when executed.

Event handlers should be written as OSGi components. Therefore, we need a service component class to activate the bundle.

You can find a completed project here. Build the project using maven ( mvn clean install) and copy the JAR file to <IS_HOME>/repository/components/dropins folder.

Subscribing to Events.

Open the file <IS_HOME>/repository/conf/identity/identity-event.properties and add the following.

module.name.19=customAddUserEventHandler customAddUserEventHandler.subscription.1=POST_ADD_USER customAddUserEventHandler.subscription.2=POST_AUTHENTICATION customAddUserEventHandler.enable=true

Name returned from the getName method should be added as the module.name. At this moment there were 18 modules already registered and therefore the number 19 has been added. After that, you can subscribe to events. In this example, we’ve subscribed to POST_ADD_USER event and POST_AUTHENTICATION event.

After running the server, logs will be printed accordingly.

There are several inbuilt sample Event handlers in WSO2 Identity Server.

1. UserEmailVerificationHandler
2. AccountConfirmationValidationHandler
3. AdminForcedPasswordResetHandler
4. UserSelfRegistrationHandler
5. PasswordHistoryValidationHandler
6. PasswordPolicyValidationHandler
7. AccountSuspensionNotificationHandler

Hope this is usefull. Let me know if you have any questions.

Cheers!

Categories: Customizations, Identity Management, IS Diaries, Tips and Tricks, Tutorials, Uncategorized | Tags: Event Handler, Eventing Framework, Events, Identity Server, WSO2, WSO2 IS | Permalink.

Originally published at http://everything1know.wordpress.com on August 1, 2019.