use of org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.InboundFunctions.getInboundAuthKey in project identity-api-server by wso2.
the class OAuthInboundFunctions method putOAuthInbound.
public static InboundAuthenticationRequestConfig putOAuthInbound(ServiceProvider application, OpenIDConnectConfiguration oidcConfigModel) {
String tenantDomain = ContextLoader.getTenantDomainFromContext();
List<String> existingCORSOrigins = null;
// First we identify whether this is a insert or update.
try {
String currentClientId = InboundFunctions.getInboundAuthKey(application, StandardInboundProtocols.OAUTH2);
// Retrieve the existing CORS origins for the application.
existingCORSOrigins = ApplicationManagementServiceHolder.getCorsManagementService().getApplicationCORSOrigins(application.getApplicationResourceId(), tenantDomain).stream().map(CORSOrigin::getOrigin).collect(Collectors.toList());
// Update the CORS origins.
List<String> corsOrigins = oidcConfigModel.getAllowedOrigins();
ApplicationManagementServiceHolder.getCorsManagementService().setCORSOrigins(application.getApplicationResourceId(), corsOrigins, tenantDomain);
if (currentClientId != null) {
// Update an existing application.
OAuthConsumerAppDTO oauthApp = ApplicationManagementServiceHolder.getOAuthAdminService().getOAuthApplicationData(currentClientId);
if (!StringUtils.equals(oauthApp.getOauthConsumerKey(), oidcConfigModel.getClientId())) {
throw buildBadRequestError("Invalid ClientID provided for update.");
}
if (!StringUtils.equals(oauthApp.getOauthConsumerSecret(), oidcConfigModel.getClientSecret())) {
throw buildBadRequestError("Invalid ClientSecret provided for update.");
}
OAuthConsumerAppDTO appToUpdate = new ApiModelToOAuthConsumerApp().apply(application.getApplicationName(), oidcConfigModel);
ApplicationManagementServiceHolder.getOAuthAdminService().updateConsumerApplication(appToUpdate);
String updatedClientId = appToUpdate.getOauthConsumerKey();
return createInboundAuthRequestConfig(updatedClientId);
} else {
// Create a new application.
return createOAuthInbound(application.getApplicationName(), oidcConfigModel);
}
} catch (IdentityOAuthAdminException e) {
/*
If an IdentityOAuthAdminException exception is thrown after the CORS update, then the application
update has failed. Therefore rollback the update on CORS origins.
*/
try {
ApplicationManagementServiceHolder.getCorsManagementService().setCORSOrigins(application.getApplicationResourceId(), existingCORSOrigins, tenantDomain);
} catch (CORSManagementServiceException corsManagementServiceException) {
throw handleException(e);
}
throw handleException(e);
} catch (CORSManagementServiceException e) {
throw handleException(e);
}
}
use of org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.InboundFunctions.getInboundAuthKey in project identity-api-server by wso2.
the class SAMLInboundFunctions method putSAMLInbound.
public static InboundAuthenticationRequestConfig putSAMLInbound(ServiceProvider application, SAML2Configuration saml2Configuration) {
// First we identify whether this is a insert or update.
String currentIssuer = InboundFunctions.getInboundAuthKey(application, StandardInboundProtocols.SAML2);
SAMLSSOServiceProviderDTO oldSAMLSp = null;
try {
validateSingleSignOnProfileBindings(saml2Configuration);
if (currentIssuer != null) {
// Delete the current app.
oldSAMLSp = getSamlSsoConfigService().getServiceProvider(currentIssuer);
getSamlSsoConfigService().removeServiceProvider(currentIssuer);
}
} catch (IdentityException e) {
throw handleException(e);
}
try {
return createSAMLInbound(application, saml2Configuration);
} catch (APIError error) {
// Try to rollback by recreating the previous SAML SP.
rollbackSAMLSpRemoval(oldSAMLSp);
throw error;
}
}
Aggregations