Search in sources :

Example 1 with SSOConsentService

use of org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService in project carbon-identity-framework by wso2.

the class FrameworkServiceComponent method activate.

@SuppressWarnings("unchecked")
@Activate
protected void activate(ComponentContext ctxt) {
    FrameworkServiceDataHolder dataHolder = FrameworkServiceDataHolder.getInstance();
    dataHolder.setJsFunctionRegistry(new JsFunctionRegistryImpl());
    BundleContext bundleContext = ctxt.getBundleContext();
    bundleContext.registerService(JsFunctionRegistry.class, dataHolder.getJsFunctionRegistry(), null);
    bundleContext.registerService(UserSessionManagementService.class.getName(), new UserSessionManagementServiceImpl(), null);
    bundleContext.registerService(HttpIdentityRequestFactory.class.getName(), new SessionExtenderRequestFactory(), null);
    bundleContext.registerService(HttpIdentityResponseFactory.class.getName(), new SessionExtenderResponseFactory(), null);
    bundleContext.registerService(IdentityProcessor.class.getName(), new SessionExtenderProcessor(), null);
    ServerSessionManagementService serverSessionManagementService = new ServerSessionManagementServiceImpl();
    bundleContext.registerService(ServerSessionManagementService.class.getName(), serverSessionManagementService, null);
    dataHolder.setServerSessionManagementService(serverSessionManagementService);
    setAdaptiveAuthExecutionSupervisor();
    boolean tenantDropdownEnabled = ConfigurationFacade.getInstance().getTenantDropdownEnabled();
    if (tenantDropdownEnabled) {
        // Register the tenant management listener for tracking changes to tenants
        bundleContext.registerService(TenantMgtListener.class.getName(), new AuthenticationEndpointTenantActivityListener(), null);
        if (log.isDebugEnabled()) {
            log.debug("AuthenticationEndpointTenantActivityListener is registered. Tenant Domains Dropdown is " + "enabled.");
        }
    }
    AuthenticationMethodNameTranslatorImpl authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
    authenticationMethodNameTranslator.initializeConfigsWithServerConfig();
    bundleContext.registerService(AuthenticationMethodNameTranslator.class, authenticationMethodNameTranslator, null);
    dataHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
    // Register Common servlet
    Servlet commonAuthServlet = new ContextPathServletAdaptor(new CommonAuthenticationServlet(), COMMON_SERVLET_URL);
    Servlet identityServlet = new ContextPathServletAdaptor(new IdentityServlet(), IDENTITY_SERVLET_URL);
    Servlet loginContextServlet = new ContextPathServletAdaptor(new LoginContextServlet(), LOGIN_CONTEXT_SERVLET_URL);
    try {
        httpService.registerServlet(COMMON_SERVLET_URL, commonAuthServlet, null, null);
        httpService.registerServlet(IDENTITY_SERVLET_URL, identityServlet, null, null);
        httpService.registerServlet(LOGIN_CONTEXT_SERVLET_URL, loginContextServlet, null, null);
    } catch (Exception e) {
        String errMsg = "Error when registering servlets via the HttpService.";
        log.error(errMsg, e);
        throw new RuntimeException(errMsg, e);
    }
    if (promptOnLongWait()) {
        Servlet longWaitStatusServlet = new ContextPathServletAdaptor(new LongWaitStatusServlet(), LONGWAITSTATUS_SERVLET_URL);
        try {
            httpService.registerServlet(LONGWAITSTATUS_SERVLET_URL, longWaitStatusServlet, null, null);
        } catch (Exception e) {
            String errMsg = "Error when registering longwaitstatus servlet via the HttpService.";
            log.error(errMsg, e);
            throw new RuntimeException(errMsg, e);
        }
    }
    dataHolder.setBundleContext(bundleContext);
    dataHolder.getHttpIdentityRequestFactories().add(new HttpIdentityRequestFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLoginResponseFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLogoutResponseFactory());
    JsGraphBuilderFactory jsGraphBuilderFactory = new JsGraphBuilderFactory();
    jsGraphBuilderFactory.init();
    UIBasedConfigurationLoader uiBasedConfigurationLoader = new UIBasedConfigurationLoader();
    dataHolder.setSequenceLoader(uiBasedConfigurationLoader);
    dataHolder.setJsGraphBuilderFactory(jsGraphBuilderFactory);
    PostAuthenticationMgtService postAuthenticationMgtService = new PostAuthenticationMgtService();
    bundleContext.registerService(PostAuthenticationMgtService.class.getName(), postAuthenticationMgtService, null);
    dataHolder.setPostAuthenticationMgtService(postAuthenticationMgtService);
    // Registering missing mandatory claim handler as a post authn handler
    PostAuthenticationHandler postAuthnMissingClaimHandler = new PostAuthnMissingClaimHandler();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthnMissingClaimHandler, null);
    SSOConsentService ssoConsentService = new SSOConsentServiceImpl();
    bundleContext.registerService(SSOConsentService.class.getName(), ssoConsentService, null);
    dataHolder.setSSOConsentService(ssoConsentService);
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), consentMgtPostAuthnHandler, null);
    JITProvisioningIdentityProviderMgtListener jitProvisioningIDPMgtListener = new JITProvisioningIdentityProviderMgtListener();
    bundleContext.registerService(IdentityProviderMgtListener.class.getName(), jitProvisioningIDPMgtListener, null);
    bundleContext.registerService(ClaimFilter.class.getName(), new DefaultClaimFilter(), null);
    // this is done to load SessionDataStore class and start the cleanup tasks.
    SessionDataStore.getInstance();
    AsyncSequenceExecutor asyncSequenceExecutor = new AsyncSequenceExecutor();
    asyncSequenceExecutor.init();
    dataHolder.setAsyncSequenceExecutor(asyncSequenceExecutor);
    LongWaitStatusDAOImpl daoImpl = new LongWaitStatusDAOImpl();
    CacheBackedLongWaitStatusDAO cacheBackedDao = new CacheBackedLongWaitStatusDAO(daoImpl);
    String connectionTimeoutString = IdentityUtil.getProperty("AdaptiveAuth.HTTPConnectionTimeout");
    int connectionTimeout = 5000;
    if (connectionTimeoutString != null) {
        try {
            connectionTimeout = Integer.parseInt(connectionTimeoutString);
        } catch (NumberFormatException e) {
            log.error("Error while parsing connection timeout : " + connectionTimeoutString, e);
        }
    }
    LongWaitStatusStoreService longWaitStatusStoreService = new LongWaitStatusStoreService(cacheBackedDao, connectionTimeout);
    dataHolder.setLongWaitStatusStoreService(longWaitStatusStoreService);
    // Registering JIT, association and domain handler as post authentication handler
    PostAuthenticationHandler postJITProvisioningHandler = JITProvisioningPostAuthenticationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postJITProvisioningHandler, null);
    PostAuthenticationHandler postAuthAssociationHandler = PostAuthAssociationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthAssociationHandler, null);
    PostAuthenticationHandler postAuthenticatedUserDomainHandler = PostAuthenticatedSubjectIdentifierHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthenticatedUserDomainHandler, null);
    if (log.isDebugEnabled()) {
        log.debug("Application Authentication Framework bundle is activated");
    }
    /**
     * Load and reade the require.js file in resources.
     */
    this.loadCodeForRequire();
    // Set user session mapping enabled.
    FrameworkServiceDataHolder.getInstance().setUserSessionMappingEnabled(FrameworkUtils.isUserSessionMappingEnabled());
    if (FrameworkServiceDataHolder.getInstance().getSessionSerializer() == null) {
        FrameworkServiceDataHolder.getInstance().setSessionSerializer(new JavaSessionSerializer());
    }
    bundleContext.registerService(ApplicationAuthenticationService.class.getName(), new ApplicationAuthenticationService(), null);
// Note : DO NOT add any activation related code below this point,
// to make sure the server doesn't start up if any activation failures
}
Also used : JsGraphBuilderFactory(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilderFactory) SessionExtenderProcessor(org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor) JsFunctionRegistryImpl(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsFunctionRegistryImpl) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) AsyncSequenceExecutor(org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.AsyncSequenceExecutor) JavaSessionSerializer(org.wso2.carbon.identity.application.authentication.framework.store.JavaSessionSerializer) ServerSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.ServerSessionManagementServiceImpl) AuthenticationMethodNameTranslatorImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.AuthenticationMethodNameTranslatorImpl) ApplicationAuthenticationService(org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) UIBasedConfigurationLoader(org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) CacheBackedLongWaitStatusDAO(org.wso2.carbon.identity.application.authentication.framework.dao.impl.CacheBackedLongWaitStatusDAO) LongWaitStatusStoreService(org.wso2.carbon.identity.application.authentication.framework.store.LongWaitStatusStoreService) IdentityProcessor(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityProcessor) Servlet(javax.servlet.Servlet) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) UserSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.UserSessionManagementServiceImpl) HttpIdentityRequestFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityRequestFactory) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) ClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) PostAuthenticationMgtService(org.wso2.carbon.identity.application.authentication.framework.services.PostAuthenticationMgtService) SessionExtenderRequestFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequestFactory) FrameworkLogoutResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLogoutResponseFactory) UserSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService) FrameworkLoginResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLoginResponseFactory) SSOConsentService(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService) IdentityProviderMgtListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) SessionExtenderResponseFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponseFactory) PostAuthnMissingClaimHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.PostAuthnMissingClaimHandler) IOException(java.io.IOException) FrameworkException(org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException) ContextPathServletAdaptor(org.eclipse.equinox.http.helper.ContextPathServletAdaptor) LongWaitStatusDAOImpl(org.wso2.carbon.identity.application.authentication.framework.dao.impl.LongWaitStatusDAOImpl) AuthenticationEndpointTenantActivityListener(org.wso2.carbon.identity.application.authentication.framework.listener.AuthenticationEndpointTenantActivityListener) HttpIdentityResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityResponseFactory) ServerSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService) SSOConsentServiceImpl(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl) BundleContext(org.osgi.framework.BundleContext) JITProvisioningPostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.JITProvisioningPostAuthenticationHandler) PostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler) Activate(org.osgi.service.component.annotations.Activate)

Example 2 with SSOConsentService

use of org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService in project carbon-identity-framework by wso2.

the class SSOConsentServiceImplTest method setUp.

@BeforeMethod
public void setUp() throws Exception {
    initiateH2Base();
    DataSource dataSource = mock(DataSource.class);
    mockStatic(ConsentManagerComponentDataHolder.class);
    ConsentManagerComponentDataHolder componentDataHolder = mock(ConsentManagerComponentDataHolder.class);
    when(ConsentManagerComponentDataHolder.getInstance()).thenReturn(componentDataHolder);
    when(componentDataHolder.getDataSource()).thenReturn(dataSource);
    connection = getConnection();
    Connection spyConnection = spyConnection(connection);
    when(dataSource.getConnection()).thenReturn(spyConnection);
    mockStatic(IdentityConfigParser.class);
    mockStatic(OMElement.class);
    when(IdentityConfigParser.getInstance()).thenReturn(mockConfigParser);
    when(IdentityConfigParser.getInstance().getConfigElement(CONFIG_ELEM_CONSENT)).thenReturn(consentElement);
    ssoConsentService = new SSOConsentServiceImpl();
    String carbonHome = Paths.get(System.getProperty("user.dir"), "target", "test-classes").toString();
    System.setProperty(CarbonBaseConstants.CARBON_HOME, carbonHome);
    System.setProperty(CarbonBaseConstants.CARBON_CONFIG_DIR_PATH, Paths.get(carbonHome, "conf").toString());
}
Also used : Connection(java.sql.Connection) ConsentManagerComponentDataHolder(org.wso2.carbon.consent.mgt.core.internal.ConsentManagerComponentDataHolder) Matchers.anyString(org.mockito.Matchers.anyString) DataSource(javax.sql.DataSource) BasicDataSource(org.apache.commons.dbcp.BasicDataSource) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 3 with SSOConsentService

use of org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2AuthzEndpoint method handlePostConsent.

private void handlePostConsent(OAuthMessage oAuthMessage) throws ConsentHandlingFailedException {
    OAuth2Parameters oauth2Params = getOauth2Params(oAuthMessage);
    String tenantDomain = EndpointUtil.getSPTenantDomainFromClientId(oauth2Params.getClientId());
    setSPAttributeToRequest(oAuthMessage.getRequest(), oauth2Params.getApplicationName(), tenantDomain);
    String spTenantDomain = oauth2Params.getTenantDomain();
    AuthenticatedUser loggedInUser = getLoggedInUser(oAuthMessage);
    String clientId = oauth2Params.getClientId();
    ServiceProvider serviceProvider;
    if (log.isDebugEnabled()) {
        log.debug("Initiating post user consent handling for user: " + loggedInUser.toFullQualifiedUsername() + " for client_id: " + clientId + " of tenantDomain: " + spTenantDomain);
    }
    try {
        if (isConsentHandlingFromFrameworkSkipped(oauth2Params)) {
            if (log.isDebugEnabled()) {
                log.debug("Consent handling from framework skipped for client_id: " + clientId + " of tenantDomain: " + spTenantDomain + " for user: " + loggedInUser.toFullQualifiedUsername() + ". " + "Therefore handling post consent is not applicable.");
            }
            if (LoggerUtils.isDiagnosticLogsEnabled()) {
                Map<String, Object> params = new HashMap<>();
                params.put("clientId", clientId);
                Map<String, Object> configs = new HashMap<>();
                configs.put("skipConsent", "true");
                LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, "Consent is disabled for the OAuth client.", "handle-consent", configs);
            }
            return;
        }
        List<Integer> approvedClaimIds = getUserConsentClaimIds(oAuthMessage);
        serviceProvider = getServiceProvider(clientId);
        /*
                With the current implementation of the SSOConsentService we need to send back the original
                ConsentClaimsData object we got during pre consent stage. Currently we are repeating the API call
                during post consent handling to get the original ConsentClaimsData object (Assuming there is no
                change in SP during pre-consent and post-consent).

                The API on the SSO Consent Service will be improved to avoid having to send the original
                ConsentClaimsData object.
             */
        ConsentClaimsData value = getConsentRequiredClaims(loggedInUser, serviceProvider, oauth2Params);
        /*
                It is needed to pitch the consent required claims with the OIDC claims. otherwise the consent of the
                the claims which are not in the OIDC claims will be saved as consent denied.
            */
        if (value != null) {
            // Remove the claims which dont have values given by the user.
            value.setRequestedClaims(removeConsentRequestedNullUserAttributes(value.getRequestedClaims(), loggedInUser.getUserAttributes(), spTenantDomain));
            List<ClaimMetaData> requestedOidcClaimsList = getRequestedOidcClaimsList(value, oauth2Params, spTenantDomain);
            value.setRequestedClaims(requestedOidcClaimsList);
        }
        // Call framework and create the consent receipt.
        if (log.isDebugEnabled()) {
            log.debug("Creating user consent receipt for user: " + loggedInUser.toFullQualifiedUsername() + " for client_id: " + clientId + " of tenantDomain: " + spTenantDomain);
        }
        Map<String, Object> params;
        if (hasPromptContainsConsent(oauth2Params)) {
            if (LoggerUtils.isDiagnosticLogsEnabled()) {
                params = new HashMap<>();
                params.put("clientId", clientId);
                params.put("prompt", oauth2Params.getPrompt());
                LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, null, "hand-over-to-consent-service", null);
            }
            getSSOConsentService().processConsent(approvedClaimIds, serviceProvider, loggedInUser, value, true);
        } else {
            if (LoggerUtils.isDiagnosticLogsEnabled()) {
                params = new HashMap<>();
                params.put("clientId", clientId);
                params.put("prompt", oauth2Params.getPrompt());
                LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, null, "hand-over-to-consent-service", null);
            }
            getSSOConsentService().processConsent(approvedClaimIds, serviceProvider, loggedInUser, value, false);
        }
    } catch (OAuthSystemException | SSOConsentServiceException e) {
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, null, OAuthConstants.LogConstants.FAILED, "System error occurred.", "process-consent", null);
        }
        String msg = "Error while processing consent of user: " + loggedInUser.toFullQualifiedUsername() + " for " + "client_id: " + clientId + " of tenantDomain: " + spTenantDomain;
        throw new ConsentHandlingFailedException(msg, e);
    } catch (ClaimMetadataException e) {
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, null, OAuthConstants.LogConstants.FAILED, String.format("Error occurred while getting " + "claim mappings for %s.", OIDC_DIALECT), "process-consent", null);
        }
        throw new ConsentHandlingFailedException("Error while getting claim mappings for " + OIDC_DIALECT, e);
    } catch (RequestObjectException e) {
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, null, OAuthConstants.LogConstants.FAILED, String.format("Error occurred while getting essential claims for the session data key : %s.", oauth2Params.getSessionDataKey()), "process-consent", null);
        }
        throw new ConsentHandlingFailedException("Error while getting essential claims for the session data key " + ": " + oauth2Params.getSessionDataKey(), e);
    }
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) ClaimMetadataException(org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) ConsentClaimsData(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ConsentClaimsData) SSOConsentServiceException(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.exception.SSOConsentServiceException) ClaimMetaData(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ClaimMetaData) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) ConsentHandlingFailedException(org.wso2.carbon.identity.oauth.endpoint.exception.ConsentHandlingFailedException) OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject) JSONObject(org.json.JSONObject)

Example 4 with SSOConsentService

use of org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService in project identity-inbound-auth-oauth by wso2-extensions.

the class OpenIDConnectClaimFilterImplTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    openIDConnectClaimFilter = new OpenIDConnectClaimFilterImpl();
    scopeClaimMappingDAO = new ScopeClaimMappingDAOImpl();
    ServiceProvider serviceProvider = new ServiceProvider();
    ssoConsentService = mock(SSOConsentServiceImpl.class);
    ClaimMetadataManagementService claimMetadataManagementService = mock(ClaimMetadataManagementService.class);
    applicationMgtService = mock(ApplicationManagementService.class);
    OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService);
    when(applicationMgtService.getServiceProviderByClientId(CLIENT_ID, IdentityApplicationConstants.OAuth2.NAME, SP_TENANT_DOMAIN)).thenReturn(serviceProvider);
    OpenIDConnectServiceComponentHolder.getInstance().setClaimMetadataManagementService(claimMetadataManagementService);
    OpenIDConnectServiceComponentHolder.getInstance().setSsoConsentService(ssoConsentService);
    RegistryService registryService = mock(RegistryService.class);
    UserRegistry userRegistry = mock(UserRegistry.class);
    resource = new ResourceImpl();
    OAuth2ServiceComponentHolder.setRegistryService(registryService);
    when(registryService.getConfigSystemRegistry(anyInt())).thenReturn(userRegistry);
    when(userRegistry.get(anyString())).thenReturn(resource);
    List externalClaims = new ArrayList<>();
    ExternalClaim externalClaim = new ExternalClaim("testUserClaimURI", "testUserClaimURI", "testUserClaimURI");
    externalClaims.add(externalClaim);
    when(claimMetadataManagementService.getExternalClaims(anyString(), anyString())).thenReturn(externalClaims);
    List claimsWithConsent = getClaimsWithConsent();
    when(ssoConsentService.getClaimsWithConsents(any(), any())).thenReturn(claimsWithConsent);
}
Also used : ResourceImpl(org.wso2.carbon.registry.core.ResourceImpl) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) ExternalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim) ArrayList(java.util.ArrayList) UserRegistry(org.wso2.carbon.registry.core.session.UserRegistry) ArrayList(java.util.ArrayList) List(java.util.List) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) RegistryService(org.wso2.carbon.registry.core.service.RegistryService) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) SSOConsentServiceImpl(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl) ClaimMetadataManagementService(org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService) BeforeClass(org.testng.annotations.BeforeClass)

Example 5 with SSOConsentService

use of org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2AuthzEndpointTest method mockEndpointUtil.

private void mockEndpointUtil(boolean isConsentMgtEnabled) throws Exception {
    spy(EndpointUtil.class);
    doReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME).when(EndpointUtil.class, "getSPTenantDomainFromClientId", anyString());
    doReturn(oAuth2Service).when(EndpointUtil.class, "getOAuth2Service");
    doReturn(oAuthServerConfiguration).when(EndpointUtil.class, "getOAuthServerConfiguration");
    doReturn(USER_CONSENT_URL).when(EndpointUtil.class, "getUserConsentURL", any(OAuth2Parameters.class), anyString(), anyString(), anyBoolean(), any(OAuthMessage.class));
    doReturn(LOGIN_PAGE_URL).when(EndpointUtil.class, "getLoginPageURL", anyString(), anyString(), anyBoolean(), anyBoolean(), anySet(), anyMap(), any());
    doReturn(requestObjectService).when(EndpointUtil.class, "getRequestObjectService");
    EndpointUtil.setOAuthAdminService(oAuthAdminService);
    EndpointUtil.setOAuth2ScopeService(oAuth2ScopeService);
    // TODO: Remove mocking consentUtil and test the consent flow as well
    // https://github.com/wso2/product-is/issues/2679
    SSOConsentService ssoConsentService = mock(SSOConsentService.class);
    when(ssoConsentService.getConsentRequiredClaimsWithExistingConsents(any(ServiceProvider.class), any(AuthenticatedUser.class))).thenReturn(new ConsentClaimsData());
    when(ssoConsentService.getConsentRequiredClaimsWithoutExistingConsents(any(ServiceProvider.class), any(AuthenticatedUser.class))).thenReturn(new ConsentClaimsData());
    when(ssoConsentService.isSSOConsentManagementEnabled(any())).thenReturn(isConsentMgtEnabled);
    doReturn(ssoConsentService).when(EndpointUtil.class, "getSSOConsentService");
}
Also used : OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters) OAuthMessage(org.wso2.carbon.identity.oauth.endpoint.message.OAuthMessage) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) ConsentClaimsData(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ConsentClaimsData) SSOConsentService(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Aggregations

ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)3 ConsentClaimsData (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ConsentClaimsData)2 SSOConsentService (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService)2 SSOConsentServiceImpl (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl)2 IOException (java.io.IOException)1 Connection (java.sql.Connection)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 List (java.util.List)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 Servlet (javax.servlet.Servlet)1 DataSource (javax.sql.DataSource)1 BasicDataSource (org.apache.commons.dbcp.BasicDataSource)1 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)1 ContextPathServletAdaptor (org.eclipse.equinox.http.helper.ContextPathServletAdaptor)1 JSONObject (org.json.JSONObject)1 Matchers.anyString (org.mockito.Matchers.anyString)1 BundleContext (org.osgi.framework.BundleContext)1 Activate (org.osgi.service.component.annotations.Activate)1 BeforeClass (org.testng.annotations.BeforeClass)1