Example 6 with TokenIssuerDto
use of org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto in project carbon-apimgt by wso2.
the class KeyManagerHolder method getJWTValidator.
private static JWTValidator getJWTValidator(KeyManagerConfiguration keyManagerConfiguration, String jwtValidatorImplementation) throws APIManagementException {
Object selfValidateJWT = keyManagerConfiguration.getParameter(APIConstants.KeyManager.SELF_VALIDATE_JWT);
if (selfValidateJWT != null && (Boolean) selfValidateJWT) {
Object issuer = keyManagerConfiguration.getParameter(APIConstants.KeyManager.ISSUER);
if (issuer != null) {
TokenIssuerDto tokenIssuerDto = new TokenIssuerDto((String) issuer);
Object claimMappings = keyManagerConfiguration.getParameter(APIConstants.KeyManager.CLAIM_MAPPING);
if (claimMappings instanceof List) {
Gson gson = new Gson();
JsonElement jsonElement = gson.toJsonTree(claimMappings);
ClaimMappingDto[] claimMappingDto = gson.fromJson(jsonElement, ClaimMappingDto[].class);
tokenIssuerDto.addClaimMappings(claimMappingDto);
}
Object consumerKeyClaim = keyManagerConfiguration.getParameter(APIConstants.KeyManager.CONSUMER_KEY_CLAIM);
if (consumerKeyClaim instanceof String && StringUtils.isNotEmpty((String) consumerKeyClaim)) {
tokenIssuerDto.setConsumerKeyClaim((String) consumerKeyClaim);
}
Object scopeClaim = keyManagerConfiguration.getParameter(APIConstants.KeyManager.SCOPES_CLAIM);
if (scopeClaim instanceof String && StringUtils.isNotEmpty((String) scopeClaim)) {
tokenIssuerDto.setScopesClaim((String) scopeClaim);
}
Object jwksEndpoint = keyManagerConfiguration.getParameter(APIConstants.KeyManager.JWKS_ENDPOINT);
if (jwksEndpoint != null) {
if (StringUtils.isNotEmpty((String) jwksEndpoint)) {
JWKSConfigurationDTO jwksConfigurationDTO = new JWKSConfigurationDTO();
jwksConfigurationDTO.setEnabled(true);
jwksConfigurationDTO.setUrl((String) jwksEndpoint);
tokenIssuerDto.setJwksConfigurationDTO(jwksConfigurationDTO);
}
}
Object certificateType = keyManagerConfiguration.getParameter(APIConstants.KeyManager.CERTIFICATE_TYPE);
Object certificateValue = keyManagerConfiguration.getParameter(APIConstants.KeyManager.CERTIFICATE_VALUE);
if (certificateType != null && StringUtils.isNotEmpty((String) certificateType) && certificateValue != null && StringUtils.isNotEmpty((String) certificateValue)) {
if (APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT.equals(certificateType)) {
JWKSConfigurationDTO jwksConfigurationDTO = new JWKSConfigurationDTO();
jwksConfigurationDTO.setEnabled(true);
jwksConfigurationDTO.setUrl((String) certificateValue);
tokenIssuerDto.setJwksConfigurationDTO(jwksConfigurationDTO);
} else {
X509Certificate x509Certificate = APIUtil.retrieveCertificateFromContent((String) certificateValue);
if (x509Certificate != null) {
tokenIssuerDto.setCertificate(x509Certificate);
}
}
}
JWTValidator jwtValidator;
if (StringUtils.isEmpty(jwtValidatorImplementation)) {
jwtValidator = new JWTValidatorImpl();
} else {
try {
jwtValidator = (JWTValidator) Class.forName(jwtValidatorImplementation).newInstance();
} catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
log.error("Error while initializing JWT Validator", e);
throw new APIManagementException("Error while initializing JWT Validator", e);
}
}
jwtValidator.loadTokenIssuerConfiguration(tokenIssuerDto);
return jwtValidator;
}
}
return null;
}
Also used :
ClaimMappingDto(org.wso2.carbon.apimgt.common.gateway.dto.ClaimMappingDto)
JWKSConfigurationDTO(org.wso2.carbon.apimgt.common.gateway.dto.JWKSConfigurationDTO)
JWTValidatorImpl(org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl)
Gson(com.google.gson.Gson)
TokenIssuerDto(org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto)
X509Certificate(javax.security.cert.X509Certificate)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
JsonElement(com.google.gson.JsonElement)
List(java.util.List)
JWTValidator(org.wso2.carbon.apimgt.impl.jwt.JWTValidator)
Example 7 with TokenIssuerDto
use of org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto in project carbon-apimgt by wso2.
the class KeyManagerHolder method addGlobalJWTValidators.
public static void addGlobalJWTValidators(TokenIssuerDto tokenIssuerDto) {
KeyManagerDto keyManagerDto = new KeyManagerDto();
keyManagerDto.setIssuer(tokenIssuerDto.getIssuer());
keyManagerDto.setName(APIConstants.KeyManager.DEFAULT_KEY_MANAGER);
JWTValidator jwtValidator = new JWTValidatorImpl();
jwtValidator.loadTokenIssuerConfiguration(tokenIssuerDto);
keyManagerDto.setJwtValidator(jwtValidator);
globalJWTValidatorMap.put(tokenIssuerDto.getIssuer(), keyManagerDto);
}
Also used :
JWTValidatorImpl(org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl)
OrganizationKeyManagerDto(org.wso2.carbon.apimgt.impl.dto.OrganizationKeyManagerDto)
KeyManagerDto(org.wso2.carbon.apimgt.impl.dto.KeyManagerDto)
JWTValidator(org.wso2.carbon.apimgt.impl.jwt.JWTValidator)
Aggregations
TokenIssuerDto (org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto)5
JWKSConfigurationDTO (org.wso2.carbon.apimgt.common.gateway.dto.JWKSConfigurationDTO)3
JWTValidator (org.wso2.carbon.apimgt.impl.jwt.JWTValidator)3
JWTValidatorImpl (org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl)3
HashMap (java.util.HashMap)2
X509Certificate (javax.security.cert.X509Certificate)2
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)2
ClaimMappingDto (org.wso2.carbon.apimgt.common.gateway.dto.ClaimMappingDto)2
APIManagerConfiguration (org.wso2.carbon.apimgt.impl.APIManagerConfiguration)2
Gson (com.google.gson.Gson)1
JsonElement (com.google.gson.JsonElement)1
Base64URL (com.nimbusds.jose.util.Base64URL)1
Iterator (java.util.Iterator)1
List (java.util.List)1
QName (javax.xml.namespace.QName)1
OMAttribute (org.apache.axiom.om.OMAttribute)1
OMElement (org.apache.axiom.om.OMElement)1
MessageContext (org.apache.synapse.MessageContext)1
Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)1
Test (org.junit.Test)1
