Search in sources :

Example 1 with DCRClientInfo

use of org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo in project product-apim by wso2.

the class TestUtil method generateClient.

public static DCRClientInfo generateClient() throws APIManagementException {
    DCRClientInfo dcrClientInfo = new DCRClientInfo();
    dcrClientInfo.setClientName("apim-integration-test");
    dcrClientInfo.setGrantTypes(Arrays.asList(new String[] { "password", "client_credentials" }));
    try {
        Response response = DCRMServiceStubFactory.getDCRMServiceStub(DYNAMIC_CLIENT_REGISTRATION_ENDPOINT, username, password, "wso2carbon").registerApplication(dcrClientInfo);
        DCRClientInfo dcrClientInfoResponse = (DCRClientInfo) new GsonDecoder().decode(response, DCRClientInfo.class);
        clientId = dcrClientInfoResponse.getClientId();
        clientSecret = dcrClientInfoResponse.getClientSecret();
        return dcrClientInfoResponse;
    } catch (APIManagementException | IOException e) {
        logger.error("Couldn't create client", e);
        throw new APIManagementException("Couldn't create client", e);
    }
}
Also used : Response(feign.Response) APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) GsonDecoder(feign.gson.GsonDecoder) IOException(java.io.IOException) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo)

Example 2 with DCRClientInfo

use of org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImpl method getOAuthApplicationInfo.

private OAuthApplicationInfo getOAuthApplicationInfo(Response response) throws IOException {
    OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
    DCRClientInfo dcrClientInfoResponse = (DCRClientInfo) new GsonDecoder().decode(response, DCRClientInfo.class);
    oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
    oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
    oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
    oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
    oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
    return oAuthApplicationInfoResponse;
}
Also used : OAuthApplicationInfo(org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo) GsonDecoder(feign.gson.GsonDecoder) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo)

Example 3 with DCRClientInfo

use of org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImpl method updateApplication.

@Override
public OAuthApplicationInfo updateApplication(OAuthApplicationInfo oAuthApplicationInfo) throws KeyManagementException {
    if (log.isDebugEnabled()) {
        log.debug("Updating OAuth2 application with : " + oAuthApplicationInfo.toString());
    }
    String applicationName = oAuthApplicationInfo.getClientName();
    String keyType = (String) oAuthApplicationInfo.getParameter(KeyManagerConstants.APP_KEY_TYPE);
    if (keyType != null) {
        // Derive oauth2 app name based on key type and user input for app name
        applicationName = applicationName + '_' + keyType;
    }
    DCRClientInfo dcrClientInfo = new DCRClientInfo();
    dcrClientInfo.setClientName(applicationName);
    dcrClientInfo.setClientId(oAuthApplicationInfo.getClientId());
    dcrClientInfo.setClientSecret(oAuthApplicationInfo.getClientSecret());
    dcrClientInfo.addCallbackUrl(oAuthApplicationInfo.getCallBackURL());
    dcrClientInfo.setGrantTypes(oAuthApplicationInfo.getGrantTypes());
    Response response = dcrmServiceStub.updateApplication(dcrClientInfo, dcrClientInfo.getClientId());
    if (response == null) {
        throw new KeyManagementException("Error occurred while updating DCR application. Response is null", ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
    }
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_200_OK) {
        // 200 - Success
        try {
            OAuthApplicationInfo oAuthApplicationInfoResponse = getOAuthApplicationInfo(response);
            // setting original parameter list
            oAuthApplicationInfoResponse.setParameters(oAuthApplicationInfo.getParameters());
            if (log.isDebugEnabled()) {
                log.debug("OAuth2 application updated: " + oAuthApplicationInfoResponse.toString());
            }
            return oAuthApplicationInfoResponse;
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing the DCR application update response " + "message.", e, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
        }
    } else if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_400_BAD_REQUEST) {
        // 400 - Known Error
        try {
            DCRError error = (DCRError) new GsonDecoder().decode(response, DCRError.class);
            throw new KeyManagementException("Error occurred while updating DCR application. Error: " + error.getError() + ". Error Description: " + error.getErrorDescription() + ". Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing the DCR error message.", e, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
        }
    } else {
        // Unknown Error
        throw new KeyManagementException("Error occurred while updating DCR application. Error: " + response.body().toString() + " Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
    }
}
Also used : OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) Response(feign.Response) DCRError(org.wso2.carbon.apimgt.core.auth.dto.DCRError) OAuthApplicationInfo(org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo) GsonDecoder(feign.gson.GsonDecoder) IOException(java.io.IOException) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)

Example 4 with DCRClientInfo

use of org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImpl method createApplication.

@Override
public OAuthApplicationInfo createApplication(OAuthAppRequest oauthAppRequest) throws KeyManagementException {
    log.debug("Creating OAuth2 application:{}", oauthAppRequest.toString());
    String applicationName = oauthAppRequest.getClientName();
    String keyType = oauthAppRequest.getKeyType();
    if (keyType != null) {
        // Derive oauth2 app name based on key type and user input for app name
        applicationName = applicationName + '_' + keyType;
    }
    DCRClientInfo dcrClientInfo = new DCRClientInfo();
    dcrClientInfo.setClientName(applicationName);
    dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
    if (StringUtils.isNotEmpty(oauthAppRequest.getCallBackURL())) {
        dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
    }
    Response response = dcrmServiceStub.registerApplication(dcrClientInfo);
    if (response == null) {
        throw new KeyManagementException("Error occurred while DCR application creation. Response is null", ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
    }
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_201_CREATED) {
        // 201 - Success
        try {
            OAuthApplicationInfo oAuthApplicationInfoResponse = getOAuthApplicationInfo(response);
            // setting original parameter list
            oAuthApplicationInfoResponse.setParameters(oauthAppRequest.getParameters());
            log.debug("OAuth2 application created: {}", oAuthApplicationInfoResponse.toString());
            return oAuthApplicationInfoResponse;
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing the DCR application creation response " + "message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
        }
    } else if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_400_BAD_REQUEST) {
        // 400 - Known Error
        try {
            DCRError error = (DCRError) new GsonDecoder().decode(response, DCRError.class);
            throw new KeyManagementException("Error occurred while DCR application creation. Error: " + error.getError() + ". Error Description: " + error.getErrorDescription() + ". Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing the DCR error message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
        }
    } else {
        // Unknown Error
        throw new KeyManagementException("Error occurred while DCR application creation. Error: " + response.body().toString() + " Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
    }
}
Also used : OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) Response(feign.Response) DCRError(org.wso2.carbon.apimgt.core.auth.dto.DCRError) OAuthApplicationInfo(org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo) GsonDecoder(feign.gson.GsonDecoder) IOException(java.io.IOException) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)

Example 5 with DCRClientInfo

use of org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testCreateApplication.

@Test
public void testCreateApplication() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    // happy path - 201
    // //request object to key manager
    List<String> grantTypesList = new ArrayList<>();
    grantTypesList.add("password");
    grantTypesList.add("client-credentials");
    OAuthAppRequest oauthAppRequest = new OAuthAppRequest("app1", "https://sample.callback/url", "PRODUCTION", grantTypesList);
    // //request object to dcr api
    DCRClientInfo dcrClientInfo = new DCRClientInfo();
    dcrClientInfo.setClientName(oauthAppRequest.getClientName() + '_' + oauthAppRequest.getKeyType());
    dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
    dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
    /*
        dcrClientInfo.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
                .getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
    // //mocked response object from dcr api
    DCRClientInfo dcrClientInfoResponse = new DCRClientInfo();
    dcrClientInfoResponse.setClientName(oauthAppRequest.getClientName());
    dcrClientInfoResponse.setGrantTypes(oauthAppRequest.getGrantTypes());
    dcrClientInfoResponse.addCallbackUrl(oauthAppRequest.getCallBackURL());
    /*
        dcrClientInfoResponse.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
                .getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
    dcrClientInfoResponse.setClientId("xxx-xxx-xxx-xxx");
    dcrClientInfoResponse.setClientSecret("yyy-yyy-yyy-yyy");
    dcrClientInfoResponse.setClientIdIssuedAt("now");
    dcrClientInfoResponse.setClientSecretExpiresAt("future");
    dcrClientInfoResponse.setRegistrationClientUri("https://localhost:9443/oauth/xxx-xxx-xxx-xxx");
    // //expected response object from key manager
    OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
    oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
    oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
    oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
    oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
    oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
    Response dcrResponse = Response.builder().status(201).headers(new HashMap<>()).body(new Gson().toJson(dcrClientInfoResponse), feign.Util.UTF_8).build();
    Mockito.when(dcrmServiceStub.registerApplication(dcrClientInfo)).thenReturn(dcrResponse);
    try {
        OAuthApplicationInfo app = kmImpl.createApplication(oauthAppRequest);
        Assert.assertEquals(app, oAuthApplicationInfoResponse);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
    // error case - 400
    int errorSc = 400;
    String errorMsg = "{\"error\": \"invalid_redirect_uri\", \"error_description\": \"One or more " + "redirect_uri values are invalid\"}";
    Response errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
    Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
    try {
        kmImpl.createApplication(oauthAppRequest);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
    }
    // error case - non-400
    errorSc = 500;
    errorMsg = "unknown error occurred";
    errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
    Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
    try {
        kmImpl.createApplication(oauthAppRequest);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
    }
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Gson(com.google.gson.Gson) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) OAuthAppRequest(org.wso2.carbon.apimgt.core.models.OAuthAppRequest) OAuthApplicationInfo(org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo) Test(org.testng.annotations.Test)

Aggregations

DCRClientInfo (org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo)7 Response (feign.Response)6 OAuthApplicationInfo (org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo)6 OAuth2IntrospectionResponse (org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)5 KeyManagementException (org.wso2.carbon.apimgt.core.exception.KeyManagementException)5 GsonDecoder (feign.gson.GsonDecoder)4 Gson (com.google.gson.Gson)3 IOException (java.io.IOException)3 ArrayList (java.util.ArrayList)3 Test (org.testng.annotations.Test)3 DCRMServiceStub (org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)3 OAuth2ServiceStubs (org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)3 ScopeRegistration (org.wso2.carbon.apimgt.core.auth.ScopeRegistration)3 HashMap (java.util.HashMap)2 DCRError (org.wso2.carbon.apimgt.core.auth.dto.DCRError)2 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)1 OAuthAppRequest (org.wso2.carbon.apimgt.core.models.OAuthAppRequest)1