private OAuthAppDO getAppInformation(OAuth2AuthorizeReqDTO authzReqDTO) throws IdentityOAuth2Exception, InvalidOAuthClientException { OAuthAppDO oAuthAppDO = appInfoCache.getValueFromCache(authzReqDTO.getConsumerKey()); if (oAuthAppDO != null) { return oAuthAppDO; } else { oAuthAppDO = new OAuthAppDAO().getAppInformation(authzReqDTO.getConsumerKey()); appInfoCache.addToCache(authzReqDTO.getConsumerKey(), oAuthAppDO); return oAuthAppDO; } }
/** * Registers an consumer secret against the logged in user. A given user can only have a single * consumer secret at a time. Calling this method again and again will update the existing * consumer secret key. * * @return An array containing the consumer key and the consumer secret correspondingly. * @throws Exception Error when persisting the data in the persistence store. */ public String[] registerOAuthConsumer() throws IdentityOAuthAdminException { String loggedInUser = CarbonContext.getThreadLocalCarbonContext().getUsername(); if (log.isDebugEnabled()) { log.debug("Adding a consumer secret for the logged in user " + loggedInUser); } String tenantUser = MultitenantUtils.getTenantAwareUsername(loggedInUser); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); String userDomain = IdentityUtil.extractDomainFromName(loggedInUser); OAuthAppDAO dao = new OAuthAppDAO(); return dao.addOAuthConsumer(UserCoreUtil.removeDomainFromName(tenantUser), tenantId, userDomain); }
/** * Get OAuth application data by the application name. * * @param appName OAuth application name * @return <code>OAuthConsumerAppDTO</code> with application information * @throws IdentityOAuthAdminException Error when reading application information from persistence store. */ public OAuthConsumerAppDTO getOAuthApplicationDataByAppName(String appName) throws IdentityOAuthAdminException { OAuthConsumerAppDTO dto; OAuthAppDAO dao = new OAuthAppDAO(); try { OAuthAppDO app = dao.getAppInformationByAppName(appName); if (app != null) { dto = buildConsumerAppDTO(app); } else { dto = new OAuthConsumerAppDTO(); } return dto; } catch (InvalidOAuthClientException | IdentityOAuth2Exception e) { throw handleError("Error while retrieving the app information by app name: " + appName, e); } }
/** * @return * @throws IdentityOAuthAdminException */ public String getOauthApplicationState(String consumerKey) throws IdentityOAuthAdminException { OAuthAppDAO oAuthAppDAO = new OAuthAppDAO(); return oAuthAppDAO.getConsumerAppState(consumerKey); }
/** * Removes an OAuth consumer application. * * @param consumerKey Consumer Key * @throws IdentityOAuthAdminException Error when removing the consumer information from the database. */ public void removeOAuthApplicationData(String consumerKey) throws IdentityOAuthAdminException { OAuthAppDAO dao = new OAuthAppDAO(); dao.removeConsumerApplication(consumerKey); // remove client credentials from cache OAuthCache.getInstance().clearCacheEntry(new OAuthCacheKey(consumerKey)); AppInfoCache.getInstance().clearCacheEntry(consumerKey); if (log.isDebugEnabled()) { log.debug("Client credentials are removed from the cache for OAuth App with consumerKey: " + consumerKey); } }
OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO oAuthAppDO; if (dao.isDuplicateConsumer(inboundAuthKey)) { try { OAuthAppDO appInformation = dao.getAppInformation(inboundAuthKey); if (!appInformation.getApplicationName().equals( serviceProvider.getApplicationName())) { } else if (dao.isDuplicateApplication(userName, IdentityTenantUtil.getTenantId(tenantDomain), tenantDomain, oAuthAppDO)) { validationMsg.add(String.format("There is already an oauth application available with" +
oAuthAppDO.setOauthConsumerSecret(OAuthUtil.getRandomNumber()); OAuthAppDAO dao = new OAuthAppDAO(); if (dao.isDuplicateConsumer(oAuthAppDO.getOauthConsumerKey())) { dao.updateConsumerApplication(oAuthAppDO); } else { dao.addOAuthApplication(oAuthAppDO);
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO oauthappdo; try { oauthappdo = dao.getAppInformation(consumerAppDTO.getOauthConsumerKey()); if (oauthappdo == null) { if (log.isDebugEnabled()) { oauthappdo.setFrontchannelLogoutUrl(consumerAppDTO.getFrontchannelLogoutUrl()); dao.updateConsumerApplication(oauthappdo); AppInfoCache.getInstance().addToCache(oauthappdo.getOauthConsumerKey(), oauthappdo); if (log.isDebugEnabled()) {
if (!isDuplicateApplication(consumerAppDO.getUser().getUserName(), spTenantId, userStoreDomain, consumerAppDO)) { int appId = 0; consumerAppDO.getApplicationName() + ". So executing select operation to get the id"); appId = getAppIdByClientId(connection, consumerAppDO.getOauthConsumerKey()); addScopeValidators(connection, appId, consumerAppDO.getScopeValidators()); addServiceProviderOIDCProperties(connection, consumerAppDO, processedClientId, spTenantId); connection.commit();
/** * Update the application name if OAuth application presents. * * @param serviceProvider Service provider * @throws IdentityApplicationManagementException */ private void updateAuthApplication(ServiceProvider serviceProvider) throws IdentityApplicationManagementException { InboundAuthenticationRequestConfig authenticationRequestConfigConfig = null; if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider.getInboundAuthenticationConfig() .getInboundAuthenticationRequestConfigs() != null) { for (InboundAuthenticationRequestConfig authConfig : serviceProvider.getInboundAuthenticationConfig() .getInboundAuthenticationRequestConfigs()) { if (StringUtils.equals(authConfig.getInboundAuthType(), "oauth") || StringUtils.equals(authConfig.getInboundAuthType(), "oauth2")) { authenticationRequestConfigConfig = authConfig; break; } } } if (authenticationRequestConfigConfig == null) { return; } OAuthAppDAO dao = new OAuthAppDAO(); dao.updateOAuthConsumerApp(serviceProvider.getApplicationName(), authenticationRequestConfigConfig.getInboundAuthKey()); }
/** * Get all registered OAuth applications for the logged in user. * * @return An array of <code>OAuthConsumerAppDTO</code> objecting containing the application * information of the user * @throws IdentityOAuthAdminException Error when reading the data from the persistence store. */ public OAuthConsumerAppDTO[] getAllOAuthApplicationData() throws IdentityOAuthAdminException { String userName = CarbonContext.getThreadLocalCarbonContext().getUsername(); OAuthConsumerAppDTO[] dtos = new OAuthConsumerAppDTO[0]; if (userName == null) { if (log.isDebugEnabled()) { log.debug("User not logged in to get all registered OAuth Applications"); } throw new IdentityOAuthAdminException("User not logged in to get all registered OAuth Applications"); } int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO[] apps = dao.getOAuthConsumerAppsOfUser(userName, tenantId); if (apps != null && apps.length > 0) { dtos = new OAuthConsumerAppDTO[apps.length]; OAuthAppDO app; for (int i = 0; i < apps.length; i++) { app = apps[i]; dtos[i] = buildConsumerAppDTO(app); } } return dtos; }
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); OAuthAppDAO dao = new OAuthAppDAO(); if (application != null) { app.setApplicationName(application.getApplicationName()); app.setBypassClientCredentials(application.isBypassClientCredentials()); dao.addOAuthApplication(app); AppInfoCache.getInstance().addToCache(app.getOauthConsumerKey(), app); if (log.isDebugEnabled()) {
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO oauthappdo = new OAuthAppDO(); AuthenticatedUser user = new AuthenticatedUser(); dao.updateConsumerApplication(oauthappdo); if (OAuthServerConfiguration.getInstance().isCacheEnabled()) { appInfoCache.addToCache(oauthappdo.getOauthConsumerKey(), oauthappdo);
/** * Remove oauth consumer app related properties. * * @param serviceProvider Service provider * @param tenantDomain Application tenant domain * @throws IdentityApplicationManagementException */ private void removeOauthConsumerAppProperties(ServiceProvider serviceProvider, String tenantDomain) throws IdentityApplicationManagementException { try { InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig(); if (inboundAuthenticationConfig != null) { InboundAuthenticationRequestConfig[] inboundRequestConfigs = inboundAuthenticationConfig. getInboundAuthenticationRequestConfigs(); if (inboundRequestConfigs != null) { for (InboundAuthenticationRequestConfig inboundRequestConfig : inboundRequestConfigs) { if (StringUtils.equals(OAUTH2, inboundRequestConfig.getInboundAuthType()) || StringUtils .equals(inboundRequestConfig.getInboundAuthType(), OAUTH)) { String oauthKey = inboundRequestConfig.getInboundAuthKey(); OAuthAppDAO oAuthAppDAO = new OAuthAppDAO(); oAuthAppDAO.removeOIDCProperties(tenantDomain, oauthKey); } } } } } catch (IdentityOAuthAdminException ex) { throw new IdentityApplicationManagementException("Error occurred while removing OIDC properties " + "for application:" + serviceProvider.getApplicationName() + " in tenant domain: " + tenantDomain); } }
return audiences; } else { OAuthAppDAO oAuthAppDAO = new OAuthAppDAO(); try { audiences = oAuthAppDAO.getOIDCAudiences(tenantDomain, clientId); if (CollectionUtils.isNotEmpty(audiences)) { OIDCAudienceCacheEntry cacheEntry = new OIDCAudienceCacheEntry();
public String[] addOAuthConsumer(String username, int tenantId, String userDomain) throws IdentityOAuthAdminException { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; String sqlStmt = null; String consumerKey; String consumerSecret = OAuthUtil.getRandomNumber(); do { consumerKey = OAuthUtil.getRandomNumber(); } while (isDuplicateConsumer(consumerKey)); try { sqlStmt = SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_CONSUMER; prepStmt = connection.prepareStatement(sqlStmt); prepStmt.setString(1, consumerKey); prepStmt.setString(2, consumerSecret); prepStmt.setString(3, username); prepStmt.setInt(4, tenantId); prepStmt.setString(5, userDomain); // it is assumed that the OAuth version is 1.0a because this is required with OAuth 1.0a prepStmt.setString(6, OAuthConstants.OAuthVersions.VERSION_1A); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw new IdentityOAuthAdminException("Error when executing the SQL : " + sqlStmt, e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt); } return new String[]{consumerKey, consumerSecret}; }
PreparedStatement prepStmt = null; if (!isDuplicateApplication(consumerAppDO.getUser().getUserName(), IdentityTenantUtil.getTenantId(consumerAppDO .getUser().getTenantDomain()), consumerAppDO.getUser().getUserStoreDomain(), consumerAppDO)) {
/** * Removes an OAuth consumer application. * * @param consumerKey Consumer Key * @throws Exception Error when removing the consumer information from the database. */ public void removeOAuthApplicationData(String consumerKey) throws IdentityOAuthAdminException { OAuthAppDAO dao = new OAuthAppDAO(); dao.removeConsumerApplication(consumerKey); // remove client credentials from cache if (OAuthServerConfiguration.getInstance().isCacheEnabled()) { OAuthCache.getInstance().clearCacheEntry(new OAuthCacheKey(consumerKey)); appInfoCache.clearCacheEntry(consumerKey); if (log.isDebugEnabled()) { log.debug("Client credentials are removed from the cache."); } } }
/** * Update the application name if OAuth application presents. * * @param serviceProvider Service provider * @throws IdentityApplicationManagementException */ private void updateAuthApplication(ServiceProvider serviceProvider) throws IdentityApplicationManagementException { InboundAuthenticationRequestConfig authenticationRequestConfigConfig = null; if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider.getInboundAuthenticationConfig() .getInboundAuthenticationRequestConfigs() != null) { for (InboundAuthenticationRequestConfig authConfig : serviceProvider.getInboundAuthenticationConfig() .getInboundAuthenticationRequestConfigs()) { if (StringUtils.equals(authConfig.getInboundAuthType(), "oauth") || StringUtils.equals(authConfig.getInboundAuthType(), "oauth2")) { authenticationRequestConfigConfig = authConfig; break; } } } if (authenticationRequestConfigConfig == null) { return; } OAuthAppDAO dao = new OAuthAppDAO(); dao.updateOAuthConsumerApp(serviceProvider.getApplicationName(), authenticationRequestConfigConfig.getInboundAuthKey()); }
OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO[] apps = dao.getOAuthConsumerAppsOfUser(tenantUser, tenantId); if (apps != null && apps.length > 0) { dtos = new OAuthConsumerAppDTO[apps.length];