use of org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo in project carbon-apimgt by wso2.
the class AMDefaultKeyManagerImpl method createClientInfo.
/**
* Construct ClientInfo object for application create request
*
* @param info The OAuthApplicationInfo object
* @param oauthClientName The name of the OAuth application to be created
* @param isUpdate To determine whether the ClientInfo object is related to application update call
* @return constructed ClientInfo object
* @throws JSONException for errors in parsing the OAuthApplicationInfo json string
* @throws APIManagementException if an error occurs while constructing the ClientInfo object
*/
private ClientInfo createClientInfo(OAuthApplicationInfo info, String oauthClientName, boolean isUpdate) throws JSONException, APIManagementException {
ClientInfo clientInfo = new ClientInfo();
JSONObject infoJson = new JSONObject(info.getJsonString());
String applicationOwner = (String) info.getParameter(ApplicationConstants.OAUTH_CLIENT_USERNAME);
if (infoJson.has(ApplicationConstants.OAUTH_CLIENT_GRANT)) {
// this is done as there are instances where the grant string begins with a comma character.
String grantString = infoJson.getString(ApplicationConstants.OAUTH_CLIENT_GRANT);
if (grantString.startsWith(",")) {
grantString = grantString.substring(1);
}
String[] grantTypes = grantString.split(",");
clientInfo.setGrantTypes(Arrays.asList(grantTypes));
}
if (StringUtils.isNotEmpty(info.getCallBackURL())) {
String callBackURL = info.getCallBackURL();
String[] callbackURLs = callBackURL.trim().split("\\s*,\\s*");
clientInfo.setRedirectUris(Arrays.asList(callbackURLs));
}
clientInfo.setClientName(oauthClientName);
// todo: run tests by commenting the type
if (StringUtils.isEmpty(info.getTokenType())) {
clientInfo.setTokenType(APIConstants.TOKEN_TYPE_JWT);
} else {
clientInfo.setTokenType(info.getTokenType());
}
// being exposed in the JWT token.
if (APIUtil.isCrossTenantSubscriptionsEnabled() && !tenantDomain.equals(MultitenantUtils.getTenantDomain(applicationOwner))) {
clientInfo.setApplication_owner(APIUtil.retrieveDefaultReservedUsername());
} else {
clientInfo.setApplication_owner(MultitenantUtils.getTenantAwareUsername(applicationOwner));
}
if (StringUtils.isNotEmpty(info.getClientId())) {
if (isUpdate) {
clientInfo.setClientId(info.getClientId());
} else {
clientInfo.setPresetClientId(info.getClientId());
}
}
if (StringUtils.isNotEmpty(info.getClientSecret())) {
if (isUpdate) {
clientInfo.setClientId(info.getClientSecret());
} else {
clientInfo.setPresetClientSecret(info.getClientSecret());
}
}
Object parameter = info.getParameter(APIConstants.JSON_ADDITIONAL_PROPERTIES);
Map<String, Object> additionalProperties = new HashMap<>();
if (parameter instanceof String) {
additionalProperties = new Gson().fromJson((String) parameter, Map.class);
}
if (additionalProperties.containsKey(APIConstants.KeyManager.APPLICATION_ACCESS_TOKEN_EXPIRY_TIME)) {
Object expiryTimeObject = additionalProperties.get(APIConstants.KeyManager.APPLICATION_ACCESS_TOKEN_EXPIRY_TIME);
if (expiryTimeObject instanceof String) {
if (!APIConstants.KeyManager.NOT_APPLICABLE_VALUE.equals(expiryTimeObject)) {
try {
long expiry = Long.parseLong((String) expiryTimeObject);
if (expiry < 0) {
throw new APIManagementException("Invalid application access token expiry time given for " + oauthClientName, ExceptionCodes.INVALID_APPLICATION_PROPERTIES);
}
clientInfo.setApplicationAccessTokenLifeTime(expiry);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.USER_ACCESS_TOKEN_EXPIRY_TIME)) {
Object expiryTimeObject = additionalProperties.get(APIConstants.KeyManager.USER_ACCESS_TOKEN_EXPIRY_TIME);
if (expiryTimeObject instanceof String) {
if (!APIConstants.KeyManager.NOT_APPLICABLE_VALUE.equals(expiryTimeObject)) {
try {
long expiry = Long.parseLong((String) expiryTimeObject);
if (expiry < 0) {
throw new APIManagementException("Invalid user access token expiry time given for " + oauthClientName, ExceptionCodes.INVALID_APPLICATION_PROPERTIES);
}
clientInfo.setUserAccessTokenLifeTime(expiry);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.REFRESH_TOKEN_EXPIRY_TIME)) {
Object expiryTimeObject = additionalProperties.get(APIConstants.KeyManager.REFRESH_TOKEN_EXPIRY_TIME);
if (expiryTimeObject instanceof String) {
if (!APIConstants.KeyManager.NOT_APPLICABLE_VALUE.equals(expiryTimeObject)) {
try {
long expiry = Long.parseLong((String) expiryTimeObject);
clientInfo.setRefreshTokenLifeTime(expiry);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.ID_TOKEN_EXPIRY_TIME)) {
Object expiryTimeObject = additionalProperties.get(APIConstants.KeyManager.ID_TOKEN_EXPIRY_TIME);
if (expiryTimeObject instanceof String) {
if (!APIConstants.KeyManager.NOT_APPLICABLE_VALUE.equals(expiryTimeObject)) {
try {
long expiry = Long.parseLong((String) expiryTimeObject);
clientInfo.setIdTokenLifeTime(expiry);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.PKCE_MANDATORY)) {
Object pkceMandatoryValue = additionalProperties.get(APIConstants.KeyManager.PKCE_MANDATORY);
if (pkceMandatoryValue instanceof String) {
if (!APIConstants.KeyManager.PKCE_MANDATORY.equals(pkceMandatoryValue)) {
try {
Boolean pkceMandatory = Boolean.parseBoolean((String) pkceMandatoryValue);
clientInfo.setPkceMandatory(pkceMandatory);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.PKCE_SUPPORT_PLAIN)) {
Object pkceSupportPlainValue = additionalProperties.get(APIConstants.KeyManager.PKCE_SUPPORT_PLAIN);
if (pkceSupportPlainValue instanceof String) {
if (!APIConstants.KeyManager.PKCE_SUPPORT_PLAIN.equals(pkceSupportPlainValue)) {
try {
Boolean pkceSupportPlain = Boolean.parseBoolean((String) pkceSupportPlainValue);
clientInfo.setPkceSupportPlain(pkceSupportPlain);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
if (additionalProperties.containsKey(APIConstants.KeyManager.BYPASS_CLIENT_CREDENTIALS)) {
Object bypassClientCredentialsValue = additionalProperties.get(APIConstants.KeyManager.BYPASS_CLIENT_CREDENTIALS);
if (bypassClientCredentialsValue instanceof String) {
if (!APIConstants.KeyManager.BYPASS_CLIENT_CREDENTIALS.equals(bypassClientCredentialsValue)) {
try {
Boolean bypassClientCredentials = Boolean.parseBoolean((String) bypassClientCredentialsValue);
clientInfo.setBypassClientCredentials(bypassClientCredentials);
} catch (NumberFormatException e) {
// No need to throw as its due to not a number sent.
}
}
}
}
// Set the display name of the application. This name would appear in the consent page of the app.
clientInfo.setApplicationDisplayName(info.getClientName());
return clientInfo;
}
use of org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo in project carbon-apimgt by wso2.
the class ApplicationUtils method createOauthAppRequest.
/**
* This method will parse json String and set properties in OAuthApplicationInfo object.
* Further it will initiate new OauthAppRequest object and set applicationInfo object as its own property.
* @param clientName client Name.
* @param clientId The ID of the client
* @param callbackURL This is the call back URL of the application
* @param tokenScope The token scope
* @param clientDetails The client details
* @param tenantDomain
* @param keyManagerName
* @return appRequest object of OauthAppRequest.
* @throws APIManagementException
*/
public static OAuthAppRequest createOauthAppRequest(String clientName, String clientId, String callbackURL, String tokenScope, String clientDetails, String tokenType, String tenantDomain, String keyManagerName) throws APIManagementException {
// initiate OauthAppRequest object.
OAuthAppRequest appRequest = new OAuthAppRequest();
OAuthApplicationInfo authApplicationInfo = new OAuthApplicationInfo();
authApplicationInfo.setClientName(clientName);
authApplicationInfo.setCallBackURL(callbackURL);
authApplicationInfo.addParameter("tokenScope", tokenScope);
authApplicationInfo.setClientId(clientId);
authApplicationInfo.setTokenType(tokenType);
if (clientDetails != null) {
// parse json string and set applicationInfo parameters.
KeyManager keyManagerInstance = KeyManagerHolder.getKeyManagerInstance(tenantDomain, keyManagerName);
if (keyManagerInstance != null) {
authApplicationInfo = keyManagerInstance.buildFromJSON(authApplicationInfo, clientDetails);
}
if (log.isDebugEnabled()) {
log.debug("Additional json parameters when building OauthAppRequest = " + clientDetails);
}
} else {
if (log.isDebugEnabled()) {
log.debug("No additional json parameters when building OauthAppRequest");
}
}
// set applicationInfo object
appRequest.setOAuthApplicationInfo(authApplicationInfo);
return appRequest;
}
Aggregations