public String[] addOAuthConsumer(String username, int tenantId, String userDomain) throws IdentityOAuthAdminException { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; String sqlStmt = null; String consumerKey; String consumerSecret = OAuthUtil.getRandomNumber(); do { consumerKey = OAuthUtil.getRandomNumber(); } while (isDuplicateConsumer(consumerKey)); try { sqlStmt = SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_CONSUMER; prepStmt = connection.prepareStatement(sqlStmt); prepStmt.setString(1, consumerKey); prepStmt.setString(2, consumerSecret); prepStmt.setString(3, username); prepStmt.setInt(4, tenantId); prepStmt.setString(5, userDomain); // it is assumed that the OAuth version is 1.0a because this is required with OAuth 1.0a prepStmt.setString(6, OAuthConstants.OAuthVersions.VERSION_1A); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw new IdentityOAuthAdminException("Error when executing the SQL : " + sqlStmt, e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt); } return new String[]{consumerKey, consumerSecret}; }
public static void clearOAuthCache(String consumerKey, String authorizedUser, String scope) { boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser); if (!isUsernameCaseSensitive) { authorizedUser = authorizedUser.toLowerCase(); } clearOAuthCache(consumerKey + ":" + authorizedUser + ":" + scope); }
public String[] addOAuthConsumer(String username, int tenantId, String userDomain) throws IdentityOAuthAdminException { String consumerKey; String consumerSecret = OAuthUtil.getRandomNumber(); long userAccessTokenExpireTime = OAuthServerConfiguration.getInstance() .getUserAccessTokenValidityPeriodInSeconds(); consumerKey = OAuthUtil.getRandomNumber(); throw handleError("Error when executing the SQL : " + sqlStmt, e);
private void deleteRequestObjectReferenceforCode(String tokenId) throws IdentityOAuthAdminException { try (Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = connection.prepareStatement(SQLQueries.DELETE_REQ_OBJECT_TOKEN_FOR_CODE)) { prepStmt.setString(1, tokenId); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw handleError("Can not delete existing entry for the same token id" + tokenId, e); } }
userStoreDomain = OAuth2Util.getUserStoreForFederatedUser(user); } catch (IdentityOAuth2Exception e) { throw handleError("Error occurred while getting user store domain from User ID : " + user, e); String errorMsg = "Error occurred while retrieving access tokens issued for " + "Client ID : " + appDTO.getOauthConsumerKey() + ", User ID : " + userName; throw handleError(errorMsg, e); OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), authzUser, OAuth2Util.buildScopeString(accessTokenDO.getScope())); OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), authzUser); OAuthUtil.clearOAuthCache(accessTokenDO.getAccessToken()); AccessTokenDO scopedToken; try { appDTO.getOauthConsumerKey() + ", User ID : " + userName + " and Scope : " + OAuth2Util.buildScopeString(accessTokenDO.getScope()); throw handleError(errorMsg, e); String errorMsg = "Error occurred while revoking " + "Access Token : " + scopedToken.getAccessToken(); throw handleError(errorMsg, e); String errorMsg = "Error occurred while removing OAuth Consent of Application " + appName + " of user " + userName; throw handleError(errorMsg, e);
OAuthAppDO oAuthAppDO = OAuthUtil.getAppInformationByClientId(tokenReqDTO.getClientId()); tokenReqDTO.setTenantDomain(OAuthUtil.getTenantDomainOfOauthApp(oAuthAppDO));
public void deleteRequestObjectReferenceByTokenId(String tokenId) throws IdentityOAuthAdminException { try (Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = connection.prepareStatement(SQLQueries.DELETE_REQ_OBJECT_BY_TOKEN_ID)) { prepStmt.setString(1, tokenId); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw handleError("Error when executing the SQL : " + SQLQueries.DELETE_REQ_OBJECT_BY_TOKEN_ID, e); } }
+ "(CONSUMER_KEY, CONSUMER_SECRET, USERNAME, TENANT_ID, OAUTH_VERSION, APP_NAME, CALLBACK_URL) VALUES (?,?,?,?,?,?, ?) "; String consumerKey; String consumerSecret = OAuthUtil.getRandomNumber(); consumerKey = OAuthUtil.getRandomNumber(); } while (isDuplicateConsumer(consumerKey));
public static void clearOAuthCache(String consumerKey, String authorizedUser) { boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser); if (!isUsernameCaseSensitive) { authorizedUser = authorizedUser.toLowerCase(); } clearOAuthCache(consumerKey + ":" + authorizedUser); }
public void deleteRequestObjectReferenceByCode(String codeId) throws IdentityOAuthAdminException { try (Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = connection.prepareStatement(SQLQueries.DELETE_REQ_OBJECT_BY_CODE_ID)) { prepStmt.setString(1, codeId); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw handleError("Error when executing the SQL : " + SQLQueries.DELETE_REQ_OBJECT_BY_CODE_ID, e); } } }
/** * Regenerate consumer secret for the application and retrieve application details. * * @param consumerKey Consumer key for the application. * @return OAuthConsumerAppDTO OAuth application details. * @throws IdentityOAuthAdminException Error while regenerating the consumer secret. */ public OAuthConsumerAppDTO updateAndRetrieveOauthSecretKey(String consumerKey) throws IdentityOAuthAdminException { OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO(); String newSecretKey = OAuthUtil.getRandomNumber(); CacheEntry clientCredentialDO = new ClientCredentialDO(newSecretKey); oAuthConsumerAppDTO.setOauthConsumerKey(consumerKey); oAuthConsumerAppDTO.setOauthConsumerSecret(newSecretKey); Properties properties = new Properties(); properties.setProperty(OAuthConstants.OAUTH_APP_NEW_SECRET_KEY, newSecretKey); properties.setProperty(OAuthConstants.ACTION_PROPERTY_KEY, OAuthConstants.ACTION_REGENERATE); updateAppAndRevokeTokensAndAuthzCodes(consumerKey, properties); OAuthCache.getInstance().addToCache(new OAuthCacheKey(consumerKey), clientCredentialDO); if (log.isDebugEnabled()) { log.debug("Client Secret for OAuth app with consumerKey: " + consumerKey + " updated in OAuthCache."); } return oAuthConsumerAppDTO; }
public static void clearOAuthCache(String consumerKey, String authorizedUser) { boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser); if (!isUsernameCaseSensitive) { authorizedUser = authorizedUser.toLowerCase(); } clearOAuthCache(consumerKey + ":" + authorizedUser); }
public boolean isDuplicateConsumer(String consumerKey) throws IdentityOAuthAdminException { boolean isDuplicateConsumer = false; try (Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_CONSUMER)) { prepStmt.setString(1, persistenceProcessor.getProcessedClientId(consumerKey)); try (ResultSet rSet = prepStmt.executeQuery()) { if (rSet.next()) { isDuplicateConsumer = true; } connection.commit(); } } catch (IdentityOAuth2Exception e) { throw handleError("Error occurred while processing the client id by TokenPersistenceProcessor", null); } catch (SQLException e) { throw handleError("Error when executing the SQL: " + SQLQueries.OAuthAppDAOSQLQueries .CHECK_EXISTING_CONSUMER, e); } return isDuplicateConsumer; }
/** * @param oauthParams * @return * @throws RegistryException * @throws IdentityException */ private Parameters generateOauthToken(Parameters oauthParams) throws IdentityOAuthAdminException { OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthToken = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.createOAuthRequestToken(oauthParams.getOauthConsumerKey(), oauthToken, oauthSecret, oauthParams.getOauthCallback(), oauthParams.getScope()); Parameters params = new Parameters(); params.setOauthConsumerKey(oauthParams.getOauthConsumerKey()); params.setOauthToken(oauthToken); params.setOauthTokenSecret(oauthSecret); return params; }
public static void clearOAuthCache(String consumerKey, String authorizedUser, String scope) { boolean isUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authorizedUser); if (!isUsernameCaseSensitive) { authorizedUser = authorizedUser.toLowerCase(); } clearOAuthCache(consumerKey + ":" + authorizedUser + ":" + scope); }
public String getConsumerAppState(String consumerKey) throws IdentityOAuthAdminException { String consumerAppState = null; try (Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APPLICATION_STATE)) { prepStmt.setString(1, consumerKey); try (ResultSet rSet = prepStmt.executeQuery()) { if (rSet.next()) { consumerAppState = rSet.getString(APP_STATE); } else { if (log.isDebugEnabled()) { log.debug("No App found for the consumerKey: " + consumerKey); } } connection.commit(); } } catch (SQLException e) { throw handleError("Error while executing the SQL prepStmt.", e); } return consumerAppState; }
/** * @param oauthParams * @return * @throws RegistryException * @throws IdentityException */ private Parameters generateOauthToken(Parameters oauthParams) throws IdentityOAuthAdminException { OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthToken = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.createOAuthRequestToken(oauthParams.getOauthConsumerKey(), oauthToken, oauthSecret, oauthParams.getOauthCallback(), oauthParams.getScope()); Parameters params = new Parameters(); params.setOauthConsumerKey(oauthParams.getOauthConsumerKey()); params.setOauthToken(oauthToken); params.setOauthTokenSecret(oauthSecret); return params; }
public static void clearOAuthCache(String consumerKey, User authorizedUser, String scope) { String user = UserCoreUtil.addDomainToName(authorizedUser.getUserName(), authorizedUser.getUserStoreDomain()); user = UserCoreUtil.addTenantDomainToEntry(user, authorizedUser.getTenantDomain()); clearOAuthCache(consumerKey, user, scope); }
throw handleError("Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries .CHECK_EXISTING_APPLICATION, e);
String oauthToken = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber();