Examples with AccessTokenInfo org.wso2.carbon.apimgt.api.model.AccessTokenInfo used on opensource projects

Example 26 with AccessTokenInfo

use of org.wso2.carbon.apimgt.api.model.AccessTokenInfo in project carbon-apimgt by wso2.

the class AuthenticatorServiceTestCase method testSetAccessTokenData.

@Test
public void testSetAccessTokenData() throws Exception {
    // Happy Path
    APIMConfigurationService apimConfigurationService = Mockito.mock(APIMConfigurationService.class);
    EnvironmentConfigurations environmentConfigurations = new EnvironmentConfigurations();
    Mockito.when(apimConfigurationService.getEnvironmentConfigurations()).thenReturn(environmentConfigurations);
    APIMAppConfigurationService apimAppConfigurationService = Mockito.mock(APIMAppConfigurationService.class);
    APIMAppConfigurations apimAppConfigurations = new APIMAppConfigurations();
    Mockito.when(apimAppConfigurationService.getApimAppConfigurations()).thenReturn(apimAppConfigurations);
    // // AccessTokenInfo object
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    accessTokenInfo.setIdToken("eyJ4NXQiOiJObUptT0dVeE16WmxZak0yWkRSaE5UWmxZVEExWXpkaFpUUmlPV0UwTldJMk0ySm1PVGMxWkEiLCJraWQiOiJkMGVjNTE0YTMyYjZmODhjMGFiZDEyYTI4NDA2OTliZGQzZGViYTlkIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiWGg3bFZpSDZDS2pZLXRIT09JaWN5QSIsInN1YiI6ImFkbWluIiwiYXVkIjpbInR6NlJGQnhzdV93Z0RCd3FyUThvVmo3d25FTWEiXSwiYXpwIjoidHo2UkZCeHN1X3dnREJ3cXJROG9Wajd3bkVNYSIsImF1dGhfdGltZSI6MTUwMTczMzQ1NiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJcL3Rva2VuIiwiZXhwIjoxNTAxNzM3MDU3LCJpYXQiOjE1MDE3MzM0NTd9.XXX-XXX");
    accessTokenInfo.setValidityPeriod(-2L);
    accessTokenInfo.setScopes("apim:subscribe openid");
    // // Expected AuthResponseBean object
    AuthResponseBean expectedAuthResponseBean = new AuthResponseBean();
    expectedAuthResponseBean.setTokenValid(true);
    expectedAuthResponseBean.setAuthUser("admin");
    expectedAuthResponseBean.setScopes(accessTokenInfo.getScopes());
    expectedAuthResponseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    expectedAuthResponseBean.setValidityPeriod(accessTokenInfo.getValidityPeriod());
    expectedAuthResponseBean.setIdToken(accessTokenInfo.getIdToken());
    KeyManager keyManager = Mockito.mock(KeyManager.class);
    SystemApplicationDao systemApplicationDao = Mockito.mock(SystemApplicationDao.class);
    Mockito.when(systemApplicationDao.isConsumerKeyExistForApplication("store")).thenReturn(false);
    MultiEnvironmentOverview multiEnvironmentOverview = new MultiEnvironmentOverview();
    environmentConfigurations.setMultiEnvironmentOverview(multiEnvironmentOverview);
    AuthenticatorService authenticatorService = new AuthenticatorService(keyManager, systemApplicationDao, apimConfigurationService, apimAppConfigurationService);
    // // Actual response
    AuthResponseBean authResponseBean = authenticatorService.getResponseBeanFromTokenInfo(accessTokenInfo);
    Assert.assertTrue(EqualsBuilder.reflectionEquals(expectedAuthResponseBean, authResponseBean));
    // Happy Path - When id token is null
    // // AccessTokenInfo object with null id token
    AccessTokenInfo invalidTokenInfo = new AccessTokenInfo();
    invalidTokenInfo.setValidityPeriod(-2L);
    invalidTokenInfo.setScopes("apim:subscribe openid");
    // // Expected AuthResponseBean object when id token is null
    AuthResponseBean expectedResponseBean = new AuthResponseBean();
    expectedResponseBean.setTokenValid(true);
    expectedResponseBean.setScopes(invalidTokenInfo.getScopes());
    expectedResponseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    expectedResponseBean.setValidityPeriod(invalidTokenInfo.getValidityPeriod());
    expectedResponseBean.setIdToken(invalidTokenInfo.getIdToken());
    expectedResponseBean.setAuthUser("admin");
    // // Actual response when id token is null
    AuthResponseBean responseBean = authenticatorService.getResponseBeanFromTokenInfo(invalidTokenInfo);
    Assert.assertTrue(EqualsBuilder.reflectionEquals(expectedResponseBean, responseBean));
    // Error Path - When parsing JWT fails and throws KeyManagementException
    // // AccessTokenInfo object with invalid ID token format
    AccessTokenInfo invalidAccessTokenInfo = new AccessTokenInfo();
    invalidAccessTokenInfo.setIdToken("xxx-invalid-id-token-xxx");
    invalidAccessTokenInfo.setValidityPeriod(-2L);
    invalidAccessTokenInfo.setScopes("apim:subscribe openid");
    try {
        AuthResponseBean errorResponseBean = authenticatorService.getResponseBeanFromTokenInfo(invalidAccessTokenInfo);
    } catch (KeyManagementException e) {
        Assert.assertEquals(900986, e.getErrorHandler().getErrorCode());
    }
}

Example 27 with AccessTokenInfo

use of org.wso2.carbon.apimgt.api.model.AccessTokenInfo in project carbon-apimgt by wso2.

the class AuthenticatorService method getResponseBeanFromTokenInfo.

/**
 * This method sets access token data.
 *
 * @param accessTokenInfo Information of the access token
 * @return AuthResponseBean - An object with access token data
 * @throws KeyManagementException When parsing JWT fails
 */
public AuthResponseBean getResponseBeanFromTokenInfo(AccessTokenInfo accessTokenInfo) throws KeyManagementException {
    String authUser = null;
    if (accessTokenInfo.getIdToken() != null) {
        authUser = getUsernameFromJWT(accessTokenInfo.getIdToken());
    }
    if (authUser == null) {
        authUser = AuthenticatorConstants.ADMIN_USER;
    }
    AuthResponseBean responseBean = new AuthResponseBean();
    responseBean.setTokenValid(true);
    responseBean.setAuthUser(authUser);
    responseBean.setScopes(accessTokenInfo.getScopes());
    responseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    responseBean.setValidityPeriod(accessTokenInfo.getValidityPeriod());
    responseBean.setIdToken(accessTokenInfo.getIdToken());
    return responseBean;
}

Example 28 with AccessTokenInfo

use of org.wso2.carbon.apimgt.api.model.AccessTokenInfo in project product-iots by wso2.

the class DeviceTypeServiceImpl method createDownloadFile.

private ZipArchive createDownloadFile(String owner, String deviceName, String sketchType) throws DeviceManagementException, JWTClientException, APIManagerException, UserStoreException {
    // create new device id
    String deviceId = shortUUID();
    if (apiApplicationKey == null) {
        String applicationUsername = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName();
        applicationUsername = applicationUsername + "@" + APIUtil.getAuthenticatedUserTenantDomain();
        APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
        String[] tags = { DeviceTypeConstants.DEVICE_TYPE };
        apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(DeviceTypeConstants.DEVICE_TYPE, tags, KEY_TYPE, applicationUsername, true, "3600");
    }
    JWTClient jwtClient = APIUtil.getJWTClientManagerService().getJWTClient();
    String scopes = "device_type_" + DeviceTypeConstants.DEVICE_TYPE + " device_" + deviceId;
    AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(apiApplicationKey.getConsumerKey(), apiApplicationKey.getConsumerSecret(), owner + "@" + APIUtil.getAuthenticatedUserTenantDomain(), scopes);
    // create token
    String accessToken = accessTokenInfo.getAccessToken();
    String refreshToken = accessTokenInfo.getRefreshToken();
    boolean status = register(deviceId, deviceName);
    if (!status) {
        String msg = "Error occurred while registering the device with " + "id: " + deviceId + " owner:" + owner;
        throw new DeviceManagementException(msg);
    }
    ZipUtil ziputil = new ZipUtil();
    ZipArchive zipFile = ziputil.createZipFile(owner, APIUtil.getTenantDomainOftheUser(), sketchType, deviceId, deviceName, accessToken, refreshToken, apiApplicationKey.toString());
    return zipFile;
}

Example 29 with AccessTokenInfo

use of org.wso2.carbon.apimgt.api.model.AccessTokenInfo in project carbon-apimgt by wso2.

the class AccessTokenGenerator method generateNewAccessToken.

private AccessTokenInfo generateNewAccessToken(String[] scopes) {
    try {
        String tokenEndpoint;
        int serverPort;
        URL oauthURL;
        if (StringUtils.isNotEmpty(this.tokenEndpoint)) {
            tokenEndpoint = this.tokenEndpoint;
            oauthURL = new URL(tokenEndpoint);
            serverPort = oauthURL.getPort();
        } else {
            oauthURL = new URL(oauthUrl);
            serverPort = oauthURL.getPort();
            tokenEndpoint = oauthUrl.concat("/token");
        }
        String serverProtocol = oauthURL.getProtocol();
        HttpPost request = new HttpPost(tokenEndpoint);
        HttpClient httpClient = APIUtil.getHttpClient(serverPort, serverProtocol);
        byte[] credentials = org.apache.commons.codec.binary.Base64.encodeBase64((consumerKey + ":" + consumerSecret).getBytes(StandardCharsets.UTF_8));
        request.setHeader(APIConstants.AUTHORIZATION_HEADER_DEFAULT, APIConstants.AUTHORIZATION_BASIC + new String(credentials, StandardCharsets.UTF_8));
        request.setHeader(APIConstants.CONTENT_TYPE_HEADER, APIConstants.CONTENT_TYPE_APPLICATION_FORM);
        List<BasicNameValuePair> urlParameters = new ArrayList<>();
        urlParameters.add(new BasicNameValuePair(APIConstants.TOKEN_GRANT_TYPE_KEY, APIConstants.GRANT_TYPE_VALUE));
        if (scopes != null && scopes.length > 0) {
            urlParameters.add(new BasicNameValuePair(APIConstants.OAUTH_RESPONSE_TOKEN_SCOPE, String.join(" ", scopes)));
        }
        request.setEntity(new UrlEncodedFormEntity(urlParameters));
        HttpResponse httpResponse = httpClient.execute(request);
        if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
            String payload = EntityUtils.toString(httpResponse.getEntity());
            JSONObject response = new JSONObject(payload);
            String accessToken = (String) response.get(APIConstants.OAUTH_RESPONSE_ACCESSTOKEN);
            int validityPeriod = (Integer) response.get(APIConstants.OAUTH_RESPONSE_EXPIRY_TIME) * 1000;
            long expiryTime = System.currentTimeMillis() + validityPeriod;
            if (log.isDebugEnabled()) {
                log.debug("Successfully received an access token which expires in " + expiryTime);
            }
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            accessTokenInfo.setAccessToken(accessToken);
            accessTokenInfo.setIssuedTime(System.currentTimeMillis());
            accessTokenInfo.setValidityPeriod(validityPeriod);
            return accessTokenInfo;
        } else {
            log.error("Error occurred when generating a new Access token. Server responded with " + httpResponse.getStatusLine().getStatusCode());
        }
    } catch (IOException e) {
        log.error("Error occurred when generating a new Access token", e);
    }
    return null;
}

Example 30 with AccessTokenInfo

use of org.wso2.carbon.apimgt.api.model.AccessTokenInfo in project carbon-apimgt by wso2.

the class APIConsumerImplTest method testMapExistingOAuthClient.

@Test
public void testMapExistingOAuthClient() throws APIManagementException {
    APIConsumerImpl apiConsumer = new APIConsumerImplWrapper(apiMgtDAO);
    apiConsumer.tenantDomain = "carbon.super";
    OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
    OAuthAppRequest oAuthAppRequest = new OAuthAppRequest();
    oAuthAppRequest.setOAuthApplicationInfo(oAuthApplicationInfo);
    BDDMockito.when(ApplicationUtils.createOauthAppRequest(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString())).thenReturn(oAuthAppRequest);
    Mockito.when(apiMgtDAO.isKeyMappingExistsForConsumerKeyOrApplication(Mockito.anyInt(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString())).thenReturn(true, false);
    Mockito.when(keyManager.mapOAuthApplication((OAuthAppRequest) Mockito.any())).thenReturn(oAuthApplicationInfo);
    Mockito.doNothing().when(apiMgtDAO).createApplicationKeyTypeMappingForManualClients(Mockito.anyString(), Mockito.anyInt(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString());
    KeyManagerConfigurationDTO keyManagerConfigurationsDto = new KeyManagerConfigurationDTO();
    keyManagerConfigurationsDto.setUuid(UUID.randomUUID().toString());
    keyManagerConfigurationsDto.setEnabled(true);
    Mockito.when(apiMgtDAO.isKeyManagerConfigurationExistByName("default", "carbon.super")).thenReturn(true);
    Mockito.when(apiMgtDAO.getKeyManagerConfigurationByName("carbon.super", "default")).thenReturn(keyManagerConfigurationsDto);
    AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    KeyManagerConfiguration keyManagerConfiguration = new KeyManagerConfiguration();
    Mockito.when(keyManager.getKeyManagerConfiguration()).thenReturn(keyManagerConfiguration);
    BDDMockito.when(ApplicationUtils.createAccessTokenRequest(keyManager, oAuthApplicationInfo, null)).thenReturn(accessTokenRequest);
    Mockito.when(keyManager.getNewApplicationAccessToken(accessTokenRequest)).thenReturn(accessTokenInfo);
    try {
        apiConsumer.mapExistingOAuthClient("", "admin", "1", "app1", "refresh", "DEFAULT", "Resident Key Manager", "carbon.super");
        Assert.fail("Exception is not thrown when client id is already mapped to an application");
    } catch (APIManagementException e) {
        Assert.assertTrue(e.getMessage().contains("Key Mappings already exists for application"));
    }
    Assert.assertEquals(8, apiConsumer.mapExistingOAuthClient("", "admin", "1", "app1", "PRODUCTION", "DEFAULT", "Resident Key Manager", "carbon.super").size());
}