Support federation SSO login for sub organization applications #7677
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![wso2-engineering[bot]](https://avatars.githubusercontent.com/in/1856828?s=60&v=4){kind=small}
| + appResidentOrgId + " by using the primary organization"); | ||
| } | ||
| tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); | ||
| try { |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 1
Suggested change
| try { | |
| try { | |
| log.debug("Retrieving primary organization for app resident org: " + appResidentOrgId); |
| String primaryOrgId = FrameworkServiceDataHolder.getInstance().getOrganizationManager() | ||
| .getPrimaryOrganizationId(appResidentOrgId); | ||
| tenantDomain = FrameworkUtils.resolveTenantDomainFromOrganizationId(primaryOrgId); | ||
| } catch (OrganizationManagementException e) { |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 2
Suggested change
| } catch (OrganizationManagementException e) { | |
| } catch (OrganizationManagementException e) { | |
| log.error("Failed to retrieve primary organization for org: " + appResidentOrgId + ". Error: " + e.getMessage()); |
Comment on lines
+280
to
+284
| if (context.getProperty("appResidentOrgId") != null) { | ||
| // starting a tenant flow to set the required tenant id, tenant domain and the application | ||
| // resident organization in carbon context. | ||
| PrivilegedCarbonContext.startTenantFlow(); | ||
| isTenantFlowStarted = true; |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 3
Suggested change
| if (context.getProperty("appResidentOrgId") != null) { | |
| // starting a tenant flow to set the required tenant id, tenant domain and the application | |
| // resident organization in carbon context. | |
| PrivilegedCarbonContext.startTenantFlow(); | |
| isTenantFlowStarted = true; | |
| if (context.getProperty("appResidentOrgId") != null) { | |
| log.info("Starting tenant flow for application resident organization"); | |
| // starting a tenant flow to set the required tenant id, tenant domain and the application | |
| // resident organization in carbon context. | |
| PrivilegedCarbonContext.startTenantFlow(); |
Comment on lines
+295
to
+297
| carbonContext.setApplicationResidentOrganizationId( | ||
| (String) context.getProperty("appResidentOrgId")); | ||
| } |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 4
Suggested change
| carbonContext.setApplicationResidentOrganizationId( | |
| (String) context.getProperty("appResidentOrgId")); | |
| } | |
| carbonContext.setApplicationResidentOrganizationId( | |
| (String) context.getProperty("appResidentOrgId")); | |
| if (log.isDebugEnabled()) { | |
| log.debug("Set tenant context - Domain: " + tenantDomain + ", Org ID: " + | |
| context.getProperty("appResidentOrgId")); | |
| } | |
| } |
Comment on lines
1607
to
1608
| // We use the tenant domain set in context only in tenanted session is enabled. | ||
| if (IdentityTenantUtil.isTenantedSessionsEnabled()) { |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 5
Suggested change
| // We use the tenant domain set in context only in tenanted session is enabled. | |
| if (IdentityTenantUtil.isTenantedSessionsEnabled()) { | |
| // We use the tenant domain set in context only in tenanted session is enabled. | |
| if (IdentityTenantUtil.isTenantedSessionsEnabled()) { | |
| log.debug("Tenanted sessions enabled. Retrieving login tenant domain from context."); |
Comment on lines
+1611
to
+1613
| if (StringUtils.isNotBlank(appResidentOrganization)) { | ||
| try { | ||
| return FrameworkUtils.resolveTenantDomainFromOrganizationId(appResidentOrganization); |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 6
Suggested change
| if (StringUtils.isNotBlank(appResidentOrganization)) { | |
| try { | |
| return FrameworkUtils.resolveTenantDomainFromOrganizationId(appResidentOrganization); | |
| if (StringUtils.isNotBlank(appResidentOrganization)) { | |
| try { | |
| log.debug("Resolving tenant domain from organization id: " + appResidentOrganization); | |
| return FrameworkUtils.resolveTenantDomainFromOrganizationId(appResidentOrganization); |
Comment on lines
+554
to
+563
| String primaryTenantDomain; | ||
| try { | ||
| // Caching needed here to avoid multiple calls to organization management component. | ||
| String primaryOrgId = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | ||
| .getPrimaryOrganizationId(accessingOrganization); | ||
| primaryTenantDomain = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | ||
| .resolveTenantDomain(primaryOrgId); | ||
| } catch (OrganizationManagementException e) { | ||
| throw new IdentityRuntimeException(e.getMessage(), e); | ||
| } |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 7
Suggested change
| String primaryTenantDomain; | |
| try { | |
| // Caching needed here to avoid multiple calls to organization management component. | |
| String primaryOrgId = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | |
| .getPrimaryOrganizationId(accessingOrganization); | |
| primaryTenantDomain = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | |
| .resolveTenantDomain(primaryOrgId); | |
| } catch (OrganizationManagementException e) { | |
| throw new IdentityRuntimeException(e.getMessage(), e); | |
| } | |
| try { | |
| log.debug("Fetching primary organization details for organization: " + accessingOrganization); | |
| // Caching needed here to avoid multiple calls to organization management component. | |
| String primaryOrgId = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | |
| .getPrimaryOrganizationId(accessingOrganization); | |
| primaryTenantDomain = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() | |
| .resolveTenantDomain(primaryOrgId); | |
| log.debug("Resolved tenant domain: " + primaryTenantDomain + " for organization: " + accessingOrganization); | |
| } catch (OrganizationManagementException e) { | |
| log.error("Failed to resolve tenant domain for organization: " + accessingOrganization + ". Error: " + e.getMessage()); | |
| throw new IdentityRuntimeException(e.getMessage(), e); | |
| } |
Contributor
There was a problem hiding this comment.
AI Agent Log Improvement Checklist
- The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
- Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.
✅ Before merging this pull request:
- Review all AI-generated comments for accuracy and relevance.
- Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.
|
| String applicationResidentOrgId = PrivilegedCarbonContext.getThreadLocalCarbonContext() | ||
| .getApplicationResidentOrganizationId(); | ||
| if (applicationResidentOrgId != null && context.getCallerPath().contains(applicationResidentOrgId)) { | ||
| context.setProperty("appResidentOrgId", applicationResidentOrgId); |
Contributor
There was a problem hiding this comment.
Shall we use a context parameter to keep the request initiation path mode so that we can handle both supported paths vice versa
| String primaryTenantDomain; | ||
| try { | ||
| // Caching needed here to avoid multiple calls to organization management component. | ||
| String primaryOrgId = IdentityCoreServiceDataHolder.getInstance().getOrganizationManager() |
Contributor
There was a problem hiding this comment.
We will not need these changes if we start the tenant flows identical to how we initialize at valve level
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes in this pull request
$subject