use of org.wso2.carbon.apimgt.core.models.OAuthAppRequest in project carbon-apimgt by wso2.
the class AuthenticatorService method createDCRApplication.
/**
* This method creates a DCR application.
*
* @param clientName Name of the application to be created
* @param callBackURL Call back URL of the application
* @param grantTypes List of grant types of the application
* @return OAUthApplicationInfo - An object with DCR Application information
* @throws APIManagementException When creating DCR application fails
*/
private OAuthApplicationInfo createDCRApplication(String clientName, String callBackURL, List<String> grantTypes) throws APIManagementException {
OAuthApplicationInfo oAuthApplicationInfo;
try {
// Here the keyType:"Application" will be passed as a default value
// for the oAuthAppRequest constructor argument.
// This value is not related to DCR application creation.
OAuthAppRequest oAuthAppRequest = new OAuthAppRequest(clientName, callBackURL, AuthenticatorConstants.APPLICATION_KEY_TYPE, grantTypes);
if (systemApplicationDao.isConsumerKeyExistForApplication(clientName)) {
String consumerKey = systemApplicationDao.getConsumerKeyForApplication(clientName);
oAuthApplicationInfo = getKeyManager().retrieveApplication(consumerKey);
} else {
oAuthApplicationInfo = getKeyManager().createApplication(oAuthAppRequest);
if (oAuthApplicationInfo != null) {
systemApplicationDao.addApplicationKey(clientName, oAuthApplicationInfo.getClientId());
}
}
} catch (KeyManagementException | APIMgtDAOException e) {
String errorMsg = "Error while creating the keys for OAuth application : " + clientName;
log.error(errorMsg, e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
throw new APIManagementException(errorMsg, e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
return oAuthApplicationInfo;
}
use of org.wso2.carbon.apimgt.core.models.OAuthAppRequest in project carbon-apimgt by wso2.
the class DefaultKeyManagerImpl method createApplication.
@Override
public OAuthApplicationInfo createApplication(OAuthAppRequest oauthAppRequest) throws KeyManagementException {
log.debug("Creating OAuth2 application:{}", oauthAppRequest.toString());
String applicationName = oauthAppRequest.getClientName();
String keyType = oauthAppRequest.getKeyType();
if (keyType != null) {
// Derive oauth2 app name based on key type and user input for app name
applicationName = applicationName + '_' + keyType;
}
DCRClientInfo dcrClientInfo = new DCRClientInfo();
dcrClientInfo.setClientName(applicationName);
dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
if (StringUtils.isNotEmpty(oauthAppRequest.getCallBackURL())) {
dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
}
Response response = dcrmServiceStub.registerApplication(dcrClientInfo);
if (response == null) {
throw new KeyManagementException("Error occurred while DCR application creation. Response is null", ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_201_CREATED) {
// 201 - Success
try {
OAuthApplicationInfo oAuthApplicationInfoResponse = getOAuthApplicationInfo(response);
// setting original parameter list
oAuthApplicationInfoResponse.setParameters(oauthAppRequest.getParameters());
log.debug("OAuth2 application created: {}", oAuthApplicationInfoResponse.toString());
return oAuthApplicationInfoResponse;
} catch (IOException e) {
throw new KeyManagementException("Error occurred while parsing the DCR application creation response " + "message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
} else if (response.status() == APIMgtConstants.HTTPStatusCodes.SC_400_BAD_REQUEST) {
// 400 - Known Error
try {
DCRError error = (DCRError) new GsonDecoder().decode(response, DCRError.class);
throw new KeyManagementException("Error occurred while DCR application creation. Error: " + error.getError() + ". Error Description: " + error.getErrorDescription() + ". Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
} catch (IOException e) {
throw new KeyManagementException("Error occurred while parsing the DCR error message.", e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
} else {
// Unknown Error
throw new KeyManagementException("Error occurred while DCR application creation. Error: " + response.body().toString() + " Status Code: " + response.status(), ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
}
}
use of org.wso2.carbon.apimgt.core.models.OAuthAppRequest in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testCreateApplication.
@Test
public void testCreateApplication() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
// happy path - 201
// //request object to key manager
List<String> grantTypesList = new ArrayList<>();
grantTypesList.add("password");
grantTypesList.add("client-credentials");
OAuthAppRequest oauthAppRequest = new OAuthAppRequest("app1", "https://sample.callback/url", "PRODUCTION", grantTypesList);
// //request object to dcr api
DCRClientInfo dcrClientInfo = new DCRClientInfo();
dcrClientInfo.setClientName(oauthAppRequest.getClientName() + '_' + oauthAppRequest.getKeyType());
dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
/*
dcrClientInfo.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
.getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
// //mocked response object from dcr api
DCRClientInfo dcrClientInfoResponse = new DCRClientInfo();
dcrClientInfoResponse.setClientName(oauthAppRequest.getClientName());
dcrClientInfoResponse.setGrantTypes(oauthAppRequest.getGrantTypes());
dcrClientInfoResponse.addCallbackUrl(oauthAppRequest.getCallBackURL());
/*
dcrClientInfoResponse.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
.getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
dcrClientInfoResponse.setClientId("xxx-xxx-xxx-xxx");
dcrClientInfoResponse.setClientSecret("yyy-yyy-yyy-yyy");
dcrClientInfoResponse.setClientIdIssuedAt("now");
dcrClientInfoResponse.setClientSecretExpiresAt("future");
dcrClientInfoResponse.setRegistrationClientUri("https://localhost:9443/oauth/xxx-xxx-xxx-xxx");
// //expected response object from key manager
OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
Response dcrResponse = Response.builder().status(201).headers(new HashMap<>()).body(new Gson().toJson(dcrClientInfoResponse), feign.Util.UTF_8).build();
Mockito.when(dcrmServiceStub.registerApplication(dcrClientInfo)).thenReturn(dcrResponse);
try {
OAuthApplicationInfo app = kmImpl.createApplication(oauthAppRequest);
Assert.assertEquals(app, oAuthApplicationInfoResponse);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// error case - 400
int errorSc = 400;
String errorMsg = "{\"error\": \"invalid_redirect_uri\", \"error_description\": \"One or more " + "redirect_uri values are invalid\"}";
Response errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
try {
kmImpl.createApplication(oauthAppRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
}
// error case - non-400
errorSc = 500;
errorMsg = "unknown error occurred";
errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
try {
kmImpl.createApplication(oauthAppRequest);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
}
}
use of org.wso2.carbon.apimgt.core.models.OAuthAppRequest in project carbon-apimgt by wso2.
the class APIStoreImpl method generateApplicationKeys.
@Override
public OAuthApplicationInfo generateApplicationKeys(String applicationId, String keyType, String callbackUrl, List<String> grantTypes) throws APIManagementException {
if (log.isDebugEnabled()) {
log.debug("Generating application keys for application: " + applicationId);
}
Application application = getApplicationByUuid(applicationId);
OAuthAppRequest oauthAppRequest = new OAuthAppRequest(application.getName(), callbackUrl, keyType, grantTypes);
OAuthApplicationInfo oauthAppInfo = getKeyManager().createApplication(oauthAppRequest);
if (log.isDebugEnabled()) {
log.debug("Application key generation was successful for application: " + application.getName() + " Client Id: " + oauthAppInfo.getClientId());
}
try {
getApplicationDAO().addApplicationKeys(applicationId, keyType, oauthAppInfo.getClientId());
} catch (APIMgtDAOException e) {
String errorMsg = "Error occurred while saving key data for application: " + application.getName();
log.error(errorMsg, e);
throw new APIManagementException(errorMsg, e, e.getErrorHandler());
}
if (log.isDebugEnabled()) {
log.debug("Application keys are successfully saved in the database for application: " + application.getName() + " Client Id: " + oauthAppInfo.getClientId());
}
List<SubscriptionValidationData> subscriptionValidationData = getApiSubscriptionDAO().getAPISubscriptionsOfAppForValidation(applicationId, keyType);
if (subscriptionValidationData != null && !subscriptionValidationData.isEmpty()) {
getApiGateway().addAPISubscription(subscriptionValidationData);
}
return oauthAppInfo;
}
Aggregations