/** * Validate requested grants in the oauth app. * * @param requestedGrants list of requested grants * @param validationMsg validation msg list */ private void validateGrants(String[] requestedGrants, List<String> validationMsg) { OAuthAdminService oAuthAdminService = new OAuthAdminService(); List<String> allowedGrants = new ArrayList<>(Arrays.asList(oAuthAdminService.getAllowedGrantTypes())); for (String requestedGrant : requestedGrants) { if (StringUtils.isBlank(requestedGrant)) { continue; } if (!allowedGrants.contains(requestedGrant)) { validationMsg.add(String.format("Grant type %s not allowed", requestedGrant)); } } }
/** * Registers an OAuth consumer application. * * @param application <code>OAuthConsumerAppDTO</code> with application information * @throws IdentityOAuthAdminException Error when persisting the application information to the persistence store. */ public void registerOAuthApplicationData(OAuthConsumerAppDTO application) throws IdentityOAuthAdminException { registerAndRetrieveOAuthApplicationData(application); }
/** * Validate scope validators in the oauth app. * * @param appScopeValidators list of scope validators * @param validationMsg validation msg list */ private void validateScopeValidators(String[] appScopeValidators, List<String> validationMsg) { OAuthAdminService oAuthAdminService = new OAuthAdminService(); List<String> scopeValidators = new ArrayList<>(Arrays.asList(oAuthAdminService.getAllowedScopeValidators())); Arrays.stream(appScopeValidators).forEach(validator -> { if (!scopeValidators.contains(validator)) { validationMsg.add(String.format("The scope validator %s is not available in the " + "server configuration. ", validator)); } }); }
OAuthAdminService oAuthAdminService = new OAuthAdminService(); OAuthConsumerAppDTO oAuthConsumerAppDTO = oAuthAdminService.getOAuthApplicationData(consumerKey); } else { String[] allowedGrantTypes = oAuthAdminService.getAllowedGrantTypes(); StringBuilder grantTypeString = new StringBuilder(); oAuthAdminService.updateConsumerApplication(oAuthConsumerAppDTO); log.debug("Updated the OAuthApplication..."); oAuthConsumerAppDTO = oAuthAdminService.getOAuthApplicationData(consumerKey); OAuthApplicationInfo oAuthApplicationInfo = createOAuthAppInfoFromDTO(oAuthConsumerAppDTO); return oAuthApplicationInfo;
OAuthAdminService oAuthAdminService = new OAuthAdminService(); OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO(); oAuthConsumerAppDTO.setApplicationName(applicationName); } else { allowedGrantTypes = oAuthAdminService.getAllowedGrantTypes(); allowedGrantTypes = oAuthAdminService.getAllowedGrantTypes(); boolean isHashingDiabled = OAuth2Util.isHashDisabled(); if (isHashingDiabled) { oAuthAdminService.registerOAuthApplicationData(oAuthConsumerAppDTO); createdApp = oAuthAdminService.getOAuthApplicationDataByAppName(oAuthConsumerAppDTO .getApplicationName()); } else { createdApp = oAuthAdminService.registerAndRetrieveOAuthApplicationData(oAuthConsumerAppDTO);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(userName); OAuthAdminService oAuthAdminService = new OAuthAdminService(); OAuthConsumerAppDTO oAuthConsumerApp = null; try { oAuthConsumerApp = oAuthAdminService.getOAuthApplicationData(consumerKey); } catch (Exception e) { oAuthAdminService.removeOAuthApplicationData(consumerKey); ApplicationManagementService appMgtService = DCRDataHolder.getInstance(). getApplicationManagementService();
OAuthAdminService oAuthAdminService = new OAuthAdminService(); oAuthAdminService.registerOAuthApplicationData(oAuthConsumerApp); oAuthAdminService.getOAuthApplicationDataByAppName(oAuthConsumerApp.getApplicationName()); if (log.isDebugEnabled()) { log.debug("Retrieved Details for OAuth App " + createdApp.getApplicationName());
AuthenticatedUser appOwner = getAppOwner(consumerAppDTO, tenantAwareLoggedInUserName, tenantDomain); oauthappdo.setAppOwner(appOwner); oauthappdo.setPkceSupportPlain(consumerAppDTO.getPkceSupportPlain()); validateTokenExpiryConfigurations(consumerAppDTO); oauthappdo.setUserAccessTokenExpiryTime(consumerAppDTO.getUserAccessTokenExpiryTime()); oauthappdo.setApplicationAccessTokenExpiryTime(consumerAppDTO.getApplicationAccessTokenExpiryTime()); oauthappdo.setBypassClientCredentials(consumerAppDTO.isBypassClientCredentials()); if (OAuthConstants.OAuthVersions.VERSION_2.equals(consumerAppDTO.getOAuthVersion())) { List<String> allowedGrantsTypes = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = consumerAppDTO.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) { oauthappdo.setScopeValidators(filterScopeValidators(consumerAppDTO)); oauthappdo.setRequestObjectSignatureValidationEnabled(consumerAppDTO .isRequestObjectSignatureValidationEnabled());
log.debug("Avoided removing the default app : " + spAppName); log.debug("However, OAuth details for the default app will be removed."); OAuthAdminService oAuthAdminService = new OAuthAdminService(); oAuthAdminService.removeOAuthApplicationData(consumerKey); } else { log.debug("Removing Service Provider with name : " + spAppName);
OAuthAdminService oAuthAdminService = new OAuthAdminService(); createdApp = oAuthAdminService.registerAndRetrieveOAuthApplicationData(oAuthConsumerApp); } catch (IdentityOAuthAdminException e) { throw IdentityException.error(DCRException.class,
OAuthRevocationRequestDTO revokeRequestDTO) throws IdentityOAuthAdminException { triggerPreRevokeListeners(revokeRequestDTO); if (revokeRequestDTO.getApps() != null && revokeRequestDTO.getApps().length > 0) { String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); String tenantAwareLoggedInUserName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); AuthenticatedUser user = buildAuthenticatedUser(tenantAwareLoggedInUserName, tenantDomain); OAuthConsumerAppDTO[] appDTOs = getAppsAuthorizedByUser(); for (String appName : revokeRequestDTO.getApps()) { for (OAuthConsumerAppDTO appDTO : appDTOs) { triggerPostRevokeListeners(revokeRequestDTO, new OAuthRevocationResponseDTO (), accessTokenDOs.toArray(new AccessTokenDO[accessTokenDOs.size()])); triggerPostRevokeListeners(revokeRequestDTO, revokeRespDTO, new AccessTokenDO[]{null}); return revokeRespDTO;
oAuthAdminService.registerOAuthApplicationData(oAuthConsumerApp); } catch (IdentityOAuthAdminException e) { throw DCRMUtils.generateServerException( createdApp = oAuthAdminService.getOAuthApplicationDataByAppName(oAuthConsumerApp.getApplicationName()); } catch (IdentityOAuthAdminException e) { throw DCRMUtils.generateServerException(
OAuthRevocationRequestDTO revokeRequestDTO) throws IdentityOAuthAdminException { triggerPreRevokeListeners(revokeRequestDTO); TokenMgtDAO tokenMgtDAO = new TokenMgtDAO(); if (revokeRequestDTO.getApps() != null && revokeRequestDTO.getApps().length > 0) { OAuthConsumerAppDTO[] appDTOs = getAppsAuthorizedByUser(); for (String appName : revokeRequestDTO.getApps()) { for (OAuthConsumerAppDTO appDTO : appDTOs) { triggerPostRevokeListeners(revokeRequestDTO, new OAuthRevocationResponseDTO (), accessTokenDOs.toArray(new AccessTokenDO[accessTokenDOs.size()])); triggerPostRevokeListeners(revokeRequestDTO, revokeRespDTO, new AccessTokenDO[]{null}); return revokeRespDTO;
oauthappdo.setPkceSupportPlain(consumerAppDTO.getPkceSupportPlain()); if (OAuthConstants.OAuthVersions.VERSION_2.equals(consumerAppDTO.getOAuthVersion())) { List<String> allowedGrants = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = consumerAppDTO.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) {
private OAuthConsumerAppDTO getApplicationById(String clientId) throws DCRMException { if (StringUtils.isEmpty(clientId)) { String errorMessage = "Invalid client_id"; throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.BAD_REQUEST_INVALID_INPUT, errorMessage); } try { OAuthConsumerAppDTO dto = oAuthAdminService.getOAuthApplicationData(clientId); if (dto == null || StringUtils.isEmpty(dto.getApplicationName())) { throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.NOT_FOUND_APPLICATION_WITH_ID, clientId); } else if (!isUserAuthorized(clientId)) { throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.FORBIDDEN_UNAUTHORIZED_USER, clientId); } return dto; } catch (IdentityOAuthAdminException e) { if (e.getCause() instanceof InvalidOAuthClientException) { throw DCRMUtils.generateClientException(DCRMConstants.ErrorMessages.NOT_FOUND_APPLICATION_WITH_ID, clientId); } throw DCRMUtils.generateServerException( DCRMConstants.ErrorMessages.FAILED_TO_GET_APPLICATION_BY_ID, clientId, e); } }
/** * Get OAuth2/OIDC application information with client name * * @param clientName * @return Application * @throws DCRMException */ public Application getApplicationByName(String clientName) throws DCRMException { if (StringUtils.isEmpty(clientName)) { throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.BAD_REQUEST_INSUFFICIENT_DATA, null); } String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); if (!isServiceProviderExist(clientName, tenantDomain)) { throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.NOT_FOUND_APPLICATION_WITH_NAME, clientName); } try { OAuthConsumerAppDTO oAuthConsumerAppDTO = oAuthAdminService.getOAuthApplicationDataByAppName(clientName); if (!isUserAuthorized(oAuthConsumerAppDTO.getOauthConsumerKey())) { throw DCRMUtils.generateClientException( DCRMConstants.ErrorMessages.FORBIDDEN_UNAUTHORIZED_USER, clientName); } return buildResponse(oAuthConsumerAppDTO); } catch (IdentityOAuthAdminException e) { throw DCRMUtils.generateServerException( DCRMConstants.ErrorMessages.FAILED_TO_GET_APPLICATION, clientName, e); } }
OAuthAdminService oAuthAdminService = new OAuthAdminService(); OAuthConsumerAppDTO oAuthConsumerAppDTO = oAuthAdminService.getOAuthApplicationData(consumerKey); if (oAuthConsumerAppDTO != null) { if (callbackUrl != null && !callbackUrl.isEmpty()) { } else { String[] allowedGrantTypes = oAuthAdminService.getAllowedGrantTypes(); StringBuilder grantTypeString = new StringBuilder(); oAuthAdminService.updateConsumerApplication(oAuthConsumerAppDTO); log.debug("Updated the OAuthApplication..."); oAuthConsumerAppDTO = oAuthAdminService.getOAuthApplicationData(consumerKey); OAuthApplicationInfo oAuthApplicationInfo = createOAuthAppInfoFromDTO(oAuthConsumerAppDTO); return oAuthApplicationInfo;
OAuthConsumerAppDTO oAuthConsumerApp; try { oAuthAdminService = new OAuthAdminService(); oAuthConsumerApp = oAuthAdminService.getOAuthApplicationData(consumerKey); } catch (Exception e) { oAuthAdminService.removeOAuthApplicationData(consumerKey); ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.getInstance(). getApplicationManagementService();
AuthenticatedUser appOwner = getAppOwner(application, tenantAwareLoggedInUser, tenantDomain); app.setAppOwner(appOwner); List<String> allowedGrantTypes = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = application.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) { app.setScopeValidators(filterScopeValidators(application)); app.setAudiences(application.getAudiences()); app.setPkceMandatory(application.getPkceMandatory()); app.setPkceSupportPlain(application.getPkceSupportPlain()); validateTokenExpiryConfigurations(application); app.setUserAccessTokenExpiryTime(application.getUserAccessTokenExpiryTime()); app.setApplicationAccessTokenExpiryTime(application.getApplicationAccessTokenExpiryTime()); return buildConsumerAppDTO(app);
List<String> allowedGrants = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = application.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) {