Search in sources :

Example 1 with OAuth2TokenInfo

use of org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo in project product-apim by wso2.

the class TestUtil method generateToken.

private static void generateToken(String username, String password, String scopes) throws APIManagementException {
    if (StringUtils.isEmpty(clientId) | StringUtils.isEmpty(clientSecret)) {
        generateClient();
    }
    OAuth2ServiceStubs.TokenServiceStub tokenServiceStub = getOauth2Client();
    Response response = tokenServiceStub.generatePasswordGrantAccessToken(username, password, scopes, -1, clientId, clientSecret);
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_200_OK) {
        // 200 - Success
        logger.debug("A new access token is successfully generated.");
        try {
            OAuth2TokenInfo oAuth2TokenInfo = (OAuth2TokenInfo) new GsonDecoder().decode(response, OAuth2TokenInfo.class);
            accessTokenInfo = new TokenInfo(oAuth2TokenInfo.getAccessToken(), System.currentTimeMillis() + oAuth2TokenInfo.getExpiresIn());
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing token response", e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
        }
    }
}
Also used : Response(feign.Response) GsonDecoder(feign.gson.GsonDecoder) OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo) IOException(java.io.IOException) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)

Example 2 with OAuth2TokenInfo

use of org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImpl method getNewAccessToken.

@Override
public AccessTokenInfo getNewAccessToken(AccessTokenRequest tokenRequest) throws KeyManagementException {
    if (tokenRequest == null) {
        throw new KeyManagementException("No information available to generate Token. AccessTokenRequest is null", ExceptionCodes.INVALID_TOKEN_REQUEST);
    }
    // Call the /revoke only if there's a token to be revoked.
    if (!StringUtils.isEmpty(tokenRequest.getTokenToRevoke())) {
        this.revokeAccessToken(tokenRequest.getTokenToRevoke(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
    }
    // When validity time set to a negative value, a token is considered never to expire.
    if (tokenRequest.getValidityPeriod() == -1L) {
        // Setting a different negative value if the set value is -1 (-1 will be ignored by TokenValidator)
        tokenRequest.setValidityPeriod(-2L);
    }
    Response response;
    try {
        if (KeyManagerConstants.CLIENT_CREDENTIALS_GRANT_TYPE.equals(tokenRequest.getGrantType())) {
            response = oAuth2ServiceStubs.getTokenServiceStub().generateClientCredentialsGrantAccessToken(tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
        } else if (KeyManagerConstants.PASSWORD_GRANT_TYPE.equals(tokenRequest.getGrantType())) {
            response = oAuth2ServiceStubs.getTokenServiceStub().generatePasswordGrantAccessToken(tokenRequest.getResourceOwnerUsername(), tokenRequest.getResourceOwnerPassword(), tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
        } else if (KeyManagerConstants.AUTHORIZATION_CODE_GRANT_TYPE.equals(tokenRequest.getGrantType())) {
            response = oAuth2ServiceStubs.getTokenServiceStub().generateAuthCodeGrantAccessToken(tokenRequest.getAuthorizationCode(), tokenRequest.getCallbackURI(), tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
        } else if (KeyManagerConstants.REFRESH_GRANT_TYPE.equals(tokenRequest.getGrantType())) {
            response = oAuth2ServiceStubs.getTokenServiceStub().generateRefreshGrantAccessToken(tokenRequest.getRefreshToken(), tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
        } else if (KeyManagerConstants.JWT_GRANT_TYPE.equals(tokenRequest.getGrantType())) {
            response = oAuth2ServiceStubs.getTokenServiceStub().generateJWTGrantAccessToken(tokenRequest.getAssertion(), KeyManagerConstants.JWT_GRANT_TYPE, tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret());
        } else {
            throw new KeyManagementException("Invalid access token request. Unsupported grant type: " + tokenRequest.getGrantType(), ExceptionCodes.INVALID_TOKEN_REQUEST);
        }
    } catch (APIManagementException ex) {
        throw new KeyManagementException("Token generation request failed. Error: " + ex.getMessage(), ex, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
    }
    if (response == null) {
        throw new KeyManagementException("Error occurred while generating an access token. " + "Response is null", ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
    }
    if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_200_OK) {
        // 200 - Success
        log.debug("A new access token is successfully generated.");
        try {
            OAuth2TokenInfo oAuth2TokenInfo = (OAuth2TokenInfo) new GsonDecoder().decode(response, OAuth2TokenInfo.class);
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            accessTokenInfo.setAccessToken(oAuth2TokenInfo.getAccessToken());
            accessTokenInfo.setScopes(oAuth2TokenInfo.getScope());
            accessTokenInfo.setRefreshToken(oAuth2TokenInfo.getRefreshToken());
            accessTokenInfo.setIdToken(oAuth2TokenInfo.getIdToken());
            accessTokenInfo.setValidityPeriod(oAuth2TokenInfo.getExpiresIn());
            return accessTokenInfo;
        } catch (IOException e) {
            throw new KeyManagementException("Error occurred while parsing token response", e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
        }
    } else {
        // Error case
        throw new KeyManagementException("Token generation request failed. HTTP error code: " + response.status() + " Error Response Body: " + response.body().toString(), ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
    }
}
Also used : OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) Response(feign.Response) AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo) APIManagementException(org.wso2.carbon.apimgt.core.exception.APIManagementException) GsonDecoder(feign.gson.GsonDecoder) IOException(java.io.IOException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)

Example 3 with OAuth2TokenInfo

use of org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method createExpectedKeyManagerResponse.

private AccessTokenInfo createExpectedKeyManagerResponse(OAuth2TokenInfo oAuth2TokenInfo) {
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    accessTokenInfo.setAccessToken(oAuth2TokenInfo.getAccessToken());
    accessTokenInfo.setScopes(oAuth2TokenInfo.getScope());
    accessTokenInfo.setRefreshToken(oAuth2TokenInfo.getRefreshToken());
    accessTokenInfo.setIdToken(oAuth2TokenInfo.getIdToken());
    accessTokenInfo.setValidityPeriod(oAuth2TokenInfo.getExpiresIn());
    return accessTokenInfo;
}
Also used : AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)

Example 4 with OAuth2TokenInfo

use of org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testGetNewAccessTokenByClientCredentialsGrant.

@Test
public void testGetNewAccessTokenByClientCredentialsGrant() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    OAuth2ServiceStubs.TokenServiceStub tokenStub = Mockito.mock(OAuth2ServiceStubs.TokenServiceStub.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    // happy path - 200 - client credentials grant type
    // //request to key manager
    AccessTokenRequest tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, KeyManagerConstants.CLIENT_CREDENTIALS_GRANT_TYPE, null, null, null, -2L, null, null, null, null);
    // //mocked response from /token service
    OAuth2TokenInfo oAuth2TokenInfo = createTokenServiceResponse(tokenRequest);
    // //expected response from key manager
    AccessTokenInfo accessTokenInfo = createExpectedKeyManagerResponse(oAuth2TokenInfo);
    Response newTokenResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(oAuth2TokenInfo), Util.UTF_8).build();
    Mockito.when(oAuth2ServiceStub.getTokenServiceStub()).thenReturn(tokenStub);
    Mockito.when(oAuth2ServiceStub.getTokenServiceStub().generateClientCredentialsGrantAccessToken(tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret())).thenReturn(newTokenResponse);
    try {
        AccessTokenInfo newToken = kmImpl.getNewAccessToken(tokenRequest);
        Assert.assertEquals(newToken, accessTokenInfo);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
}
Also used : Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo) Gson(com.google.gson.Gson) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) AccessTokenRequest(org.wso2.carbon.apimgt.core.models.AccessTokenRequest) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo) Test(org.testng.annotations.Test)

Example 5 with OAuth2TokenInfo

use of org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method createTokenServiceResponse.

private OAuth2TokenInfo createTokenServiceResponse(AccessTokenRequest tokenRequestForPasswordGrant) {
    OAuth2TokenInfo oAuth2TokenInfo = new OAuth2TokenInfo();
    oAuth2TokenInfo.setAccessToken("xxx-new-token-xxx");
    oAuth2TokenInfo.setRefreshToken("xxx-new-refresh-xxx");
    oAuth2TokenInfo.setIdToken("wdewedwedwedwedwedwedvcdvflkdnjlkjbkjhbvskjhbcdkjsabcdkjsavdcsacdascdsadcasdca");
    oAuth2TokenInfo.setTokenType("Bearer");
    oAuth2TokenInfo.setExpiresIn(tokenRequestForPasswordGrant.getValidityPeriod());
    oAuth2TokenInfo.setScope(tokenRequestForPasswordGrant.getScopes());
    return oAuth2TokenInfo;
}
Also used : OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)

Aggregations

OAuth2TokenInfo (org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)8 Response (feign.Response)7 KeyManagementException (org.wso2.carbon.apimgt.core.exception.KeyManagementException)7 AccessTokenInfo (org.wso2.carbon.apimgt.core.models.AccessTokenInfo)7 OAuth2ServiceStubs (org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)6 OAuth2IntrospectionResponse (org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)6 Gson (com.google.gson.Gson)5 Test (org.testng.annotations.Test)5 DCRMServiceStub (org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)5 ScopeRegistration (org.wso2.carbon.apimgt.core.auth.ScopeRegistration)5 AccessTokenRequest (org.wso2.carbon.apimgt.core.models.AccessTokenRequest)5 GsonDecoder (feign.gson.GsonDecoder)2 IOException (java.io.IOException)2 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)1