use of org.wso2.carbon.apimgt.core.exception.KeyManagementException in project carbon-apimgt by wso2.
the class DefaultKeyManagerImpl method createApplication.
@Override
public OAuthApplicationInfo createApplication(OAuthAppRequest oauthAppRequest) throws KeyManagementException {
log.debug("Creating OAuth2 application:{}", oauthAppRequest.toString());
String applicationName = oauthAppRequest.getClientName();
String keyType = oauthAppRequest.getKeyType();
if (keyType != null) {
// Derive oauth2 app name based on key type and user input for app name
applicationName = applicationName + '_' + keyType;
}
DCRClientInfo dcrClientInfo = new DCRClientInfo();
dcrClientInfo.setClientName(applicationName);
dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
if (StringUtils.isNotEmpty(oauthAppRequest.getCallBackURL())) {
dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
}
Response response = dcrmServiceStub.registerApplication(dcrClientInfo);
if (response == null) {
throw new KeyManagementException("Error occurred while DCR application creation. Response is null", ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_201_CREATED) {
// 201 - Success
try {
OAuthApplicationInfo oAuthApplicationInfoResponse = getOAuthApplicationInfo(response);
// setting original parameter list
oAuthApplicationInfoResponse.setParameters(oauthAppRequest.getParameters());
log.debug("OAuth2 application created: {}", oAuthApplicationInfoResponse.toString());
return oAuthApplicationInfoResponse;
} catch (IOException e) {
throw new KeyManagementException("Error occurred while parsing the DCR application creation response " + "message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
} else if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_400_BAD_REQUEST) {
// 400 - Known Error
try {
DCRError error = (DCRError) new GsonDecoder().decode(response, DCRError.class);
throw new KeyManagementException("Error occurred while DCR application creation. Error: " + error.getError() + ". Error Description: " + error.getErrorDescription() + ". Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
} catch (IOException e) {
throw new KeyManagementException("Error occurred while parsing the DCR error message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
} else {
// Unknown Error
throw new KeyManagementException("Error occurred while DCR application creation. Error: " + response.body().toString() + " Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
}
use of org.wso2.carbon.apimgt.core.exception.KeyManagementException in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testCreateApplication.
@Test
public void testCreateApplication() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
// happy path - 201
// //request object to key manager
List<String> grantTypesList = new ArrayList<>();
grantTypesList.add("password");
grantTypesList.add("client-credentials");
OAuthAppRequest oauthAppRequest = new OAuthAppRequest("app1", "https://sample.callback/url", "PRODUCTION", grantTypesList);
// //request object to dcr api
DCRClientInfo dcrClientInfo = new DCRClientInfo();
dcrClientInfo.setClientName(oauthAppRequest.getClientName() + '_' + oauthAppRequest.getKeyType());
dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
/*
dcrClientInfo.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
.getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
// //mocked response object from dcr api
DCRClientInfo dcrClientInfoResponse = new DCRClientInfo();
dcrClientInfoResponse.setClientName(oauthAppRequest.getClientName());
dcrClientInfoResponse.setGrantTypes(oauthAppRequest.getGrantTypes());
dcrClientInfoResponse.addCallbackUrl(oauthAppRequest.getCallBackURL());
/*
dcrClientInfoResponse.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
.getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
dcrClientInfoResponse.setClientId("xxx-xxx-xxx-xxx");
dcrClientInfoResponse.setClientSecret("yyy-yyy-yyy-yyy");
dcrClientInfoResponse.setClientIdIssuedAt("now");
dcrClientInfoResponse.setClientSecretExpiresAt("future");
dcrClientInfoResponse.setRegistrationClientUri("https://localhost:9443/oauth/xxx-xxx-xxx-xxx");
// //expected response object from key manager
OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
Response dcrResponse = Response.builder().status(201).headers(new HashMap<>()).body(new Gson().toJson(dcrClientInfoResponse), feign.Util.UTF_8).build();
Mockito.when(dcrmServiceStub.registerApplication(dcrClientInfo)).thenReturn(dcrResponse);
try {
OAuthApplicationInfo app = kmImpl.createApplication(oauthAppRequest);
Assert.assertEquals(app, oAuthApplicationInfoResponse);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// error case - 400
int errorSc = 400;
String errorMsg = "{\"error\": \"invalid_redirect_uri\", \"error_description\": \"One or more " + "redirect_uri values are invalid\"}";
Response errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
try {
kmImpl.createApplication(oauthAppRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
}
// error case - non-400
errorSc = 500;
errorMsg = "unknown error occurred";
errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
try {
kmImpl.createApplication(oauthAppRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
}
}
use of org.wso2.carbon.apimgt.core.exception.KeyManagementException in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testGetNewAccessTokenErrorCases.
@Test
public void testGetNewAccessTokenErrorCases() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
OAuth2ServiceStubs.TokenServiceStub tokenStub = Mockito.mock(OAuth2ServiceStubs.TokenServiceStub.class);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
// error case - tokenRequest is null
try {
kmImpl.getNewAccessToken(null);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().equals("No information available to generate Token. " + "AccessTokenRequest is null"));
}
// error case - invalid grant type
final String invalidGrantType = "invalid_grant";
AccessTokenRequest tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, invalidGrantType, null, null, null, -2L, null, null, null, null);
try {
kmImpl.getNewAccessToken(tokenRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().contains("Invalid access token request. Unsupported grant type: " + invalidGrantType));
}
// error case - response is null (mock condition (validity period) is different)
tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, KeyManagerConstants.REFRESH_GRANT_TYPE, null, null, null, -1L, null, null, "xxx-refresh-token-xxx", null);
Mockito.when(oAuth2ServiceStub.getTokenServiceStub()).thenReturn(tokenStub);
Mockito.when(oAuth2ServiceStub.getTokenServiceStub().generateRefreshGrantAccessToken(tokenRequest.getRefreshToken(), tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret())).thenReturn(null);
try {
kmImpl.getNewAccessToken(tokenRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().equals("Error occurred while generating an access token. " + "Response is null"));
}
// error case - token response non-200
// //request to key manager
tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, KeyManagerConstants.REFRESH_GRANT_TYPE, null, null, null, 7200L, null, null, "xxx-refresh-token-xxx", null);
final int errorCode = 500;
Response errorResponse = Response.builder().status(errorCode).headers(new HashMap<>()).body("backend error occurred", Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getTokenServiceStub()).thenReturn(tokenStub);
Mockito.when(oAuth2ServiceStub.getTokenServiceStub().generateRefreshGrantAccessToken(tokenRequest.getRefreshToken(), tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret())).thenReturn(errorResponse);
try {
kmImpl.getNewAccessToken(tokenRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Token generation request failed. HTTP error code: " + errorCode));
}
}
use of org.wso2.carbon.apimgt.core.exception.KeyManagementException in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testGetTokenMetaData.
@Test
public void testGetTokenMetaData() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
OAuth2ServiceStubs.IntrospectionServiceStub introspectionStub = Mockito.mock(OAuth2ServiceStubs.IntrospectionServiceStub.class);
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
final String accessToken = "aaa-aaa-aaa-aaa";
// happy path - 200 - token is active
// //mocked response from /introspect service
OAuth2IntrospectionResponse introspectionResponse = new OAuth2IntrospectionResponse();
introspectionResponse.setActive(true);
introspectionResponse.setClientId(consumerKey);
// //expected response from key manager
AccessTokenInfo expectedTokenInfo = new AccessTokenInfo();
expectedTokenInfo.setTokenValid(introspectionResponse.isActive());
expectedTokenInfo.setAccessToken(accessToken);
expectedTokenInfo.setConsumerKey(introspectionResponse.getClientId());
Response introspectResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(introspectionResponse), feign.Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
AccessTokenInfo tokenMetaData = kmImpl.getTokenMetaData(accessToken);
Assert.assertEquals(tokenMetaData, expectedTokenInfo);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// happy path - 200 - token is not active
// //mocked response from /introspect service
introspectionResponse = new OAuth2IntrospectionResponse();
introspectionResponse.setActive(false);
introspectionResponse.setClientId(consumerKey);
// //expected response from key manager
expectedTokenInfo = new AccessTokenInfo();
expectedTokenInfo.setTokenValid(introspectionResponse.isActive());
expectedTokenInfo.setErrorCode(KeyManagerConstants.KeyValidationStatus.API_AUTH_INVALID_CREDENTIALS);
introspectResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(introspectionResponse), feign.Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
AccessTokenInfo tokenMetaData = kmImpl.getTokenMetaData(accessToken);
Assert.assertEquals(tokenMetaData, expectedTokenInfo);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// error case - response is null
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(null);
try {
kmImpl.getTokenMetaData(accessToken);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while introspecting access token. " + "Response is null"));
}
// error case - token response non-200
// //request to key manager
final int errorCode = 500;
introspectResponse = Response.builder().status(errorCode).headers(new HashMap<>()).body("backend error occurred", Util.UTF_8).build();
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
kmImpl.getTokenMetaData(accessToken);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Token introspection request failed. HTTP error code: " + errorCode));
}
}
use of org.wso2.carbon.apimgt.core.exception.KeyManagementException in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testUpdateApplication.
@Test
public void testUpdateApplication() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
final String consumerKey = "xxx-xxx-xxx-xxx";
// happy path - 200
// //request object to key manager
OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
oAuthApplicationInfo.setClientName("app1");
List<String> grantTypesList = new ArrayList<>();
grantTypesList.add("password");
grantTypesList.add("client-credentials");
oAuthApplicationInfo.setGrantTypes(grantTypesList);
oAuthApplicationInfo.setCallBackURL("https://sample.callback/url");
oAuthApplicationInfo.setClientId(consumerKey);
oAuthApplicationInfo.setClientSecret("yyy-yyy-yyy-yyy");
// //request object to dcr api
DCRClientInfo dcrClientInfo = new DCRClientInfo();
dcrClientInfo.setClientName(oAuthApplicationInfo.getClientName());
dcrClientInfo.setGrantTypes(oAuthApplicationInfo.getGrantTypes());
dcrClientInfo.addCallbackUrl(oAuthApplicationInfo.getCallBackURL());
/*
dcrClientInfo.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
.getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
dcrClientInfo.setClientId(oAuthApplicationInfo.getClientId());
dcrClientInfo.setClientSecret(oAuthApplicationInfo.getClientSecret());
// //mocked response object from dcr api
DCRClientInfo dcrClientInfoResponse = new DCRClientInfo();
dcrClientInfoResponse.setClientName(oAuthApplicationInfo.getClientName());
dcrClientInfoResponse.setGrantTypes(oAuthApplicationInfo.getGrantTypes());
dcrClientInfoResponse.addCallbackUrl(oAuthApplicationInfo.getCallBackURL());
dcrClientInfoResponse.setClientId(consumerKey);
dcrClientInfoResponse.setClientSecret("yyy-yyy-yyy-yyy");
dcrClientInfoResponse.setClientIdIssuedAt("now");
dcrClientInfoResponse.setClientSecretExpiresAt("future");
dcrClientInfoResponse.setRegistrationClientUri("https://localhost:9443/oauth/xxx-xxx-xxx-xxx");
// //expected response object from key manager
OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
Response dcrResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(dcrClientInfoResponse), feign.Util.UTF_8).build();
Mockito.when(dcrmServiceStub.updateApplication(dcrClientInfo, consumerKey)).thenReturn(dcrResponse);
try {
OAuthApplicationInfo app = kmImpl.updateApplication(oAuthApplicationInfo);
Assert.assertEquals(app, oAuthApplicationInfoResponse);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// error case - 400
int errorSc = 400;
String errorMsg = "{\"error\": \"invalid_redirect_uri\", \"error_description\": \"One or more " + "redirect_uri values are invalid\"}";
Response errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.updateApplication(dcrClientInfo, consumerKey)).thenReturn(errorResponse);
try {
kmImpl.updateApplication(oAuthApplicationInfo);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while updating DCR application."));
}
// error case - non-400
errorSc = 500;
errorMsg = "unknown error occurred";
errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.updateApplication(dcrClientInfo, consumerKey)).thenReturn(errorResponse);
try {
kmImpl.updateApplication(oAuthApplicationInfo);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while updating DCR application."));
}
}
Aggregations