Examples with IdentityProvider org.wso2.carbon.identity.application.common.model.IdentityProvider used on opensource projects

Example 21 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIPublisherImplTestCase method testDeleteScopeToApi.

@Test(description = "Delete existing Scope of API")
public void testDeleteScopeToApi() throws APIManagementException, IOException {
    ApiDAO apiDAO = Mockito.mock(ApiDAO.class);
    API api = SampleTestObjectCreator.createDefaultAPI().build();
    String uuid = api.getId();
    Mockito.when(apiDAO.getAPI(uuid)).thenReturn(api);
    GatewaySourceGenerator gatewaySourceGenerator = Mockito.mock(GatewaySourceGenerator.class);
    APIGateway gateway = Mockito.mock(APIGateway.class);
    IdentityProvider identityProvider = Mockito.mock(IdentityProvider.class);
    KeyManager keyManager = Mockito.mock(KeyManager.class);
    APIPublisherImpl apiPublisher = getApiPublisherImpl(identityProvider, apiDAO, gatewaySourceGenerator, gateway, keyManager);
    String oldSwagger = IOUtils.toString(new FileInputStream("src" + File.separator + "test" + File.separator + "resources" + File.separator + "swagger" + File.separator + "swaggerWithAuthorization" + ".yaml"));
    Scope scope = new Scope("apim:api_create", "apim:api_create");
    Mockito.when(apiDAO.getApiSwaggerDefinition(uuid)).thenReturn(oldSwagger);
    Mockito.when(keyManager.deleteScope(scope.getName())).thenReturn(true);
    apiPublisher.deleteScopeFromApi(api.getId(), scope.getName());
}

Example 22 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIStoreImplTestCase method testCreateNewCompositeApiVersion.

@Test(description = "Create new Composite API version")
public void testCreateNewCompositeApiVersion() throws APIManagementException {
    // Add a new Composite API
    CompositeAPI.Builder apiBuilder = SampleTestObjectCreator.createUniqueCompositeAPI();
    ApiDAO apiDAO = Mockito.mock(ApiDAO.class);
    GatewaySourceGenerator gatewaySourceGenerator = Mockito.mock(GatewaySourceGenerator.class);
    APIGateway apiGateway = Mockito.mock(APIGateway.class);
    APISubscriptionDAO apiSubscriptionDAO = Mockito.mock(APISubscriptionDAO.class);
    IdentityProvider idp = Mockito.mock(IdentityProvider.class);
    APIStore apiStore = getApiStoreImpl(idp, null, apiDAO, apiSubscriptionDAO, gatewaySourceGenerator, apiGateway);
    apiStore.addCompositeApi(apiBuilder);
    CompositeAPI createdAPI = apiBuilder.build();
    // Create new API version
    String newVersion = java.util.UUID.randomUUID().toString();
    Mockito.when(apiDAO.getCompositeAPI(apiBuilder.getId())).thenReturn(createdAPI);
    apiStore.createNewCompositeApiVersion(createdAPI.getId(), newVersion);
    final ArgumentCaptor<CompositeAPI> captor = ArgumentCaptor.forClass(CompositeAPI.class);
    Mockito.verify(apiDAO, Mockito.times(2)).addApplicationAssociatedAPI(captor.capture());
    CompositeAPI newAPIVersion = captor.getValue();
    Assert.assertEquals(newAPIVersion.getVersion(), newVersion);
    Assert.assertNotEquals(newAPIVersion.getId(), createdAPI.getId());
    Assert.assertEquals(newAPIVersion.getCopiedFromApiId(), createdAPI.getId());
}

Example 23 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class AuthenticatorService method getTokens.

/**
 * This method returns the access tokens for a given application.
 *
 * @param appName           Name of the application which needs to get tokens
 * @param grantType         Grant type of the application
 * @param userName          User name of the user
 * @param password          Password of the user
 * @param refreshToken      Refresh token
 * @param validityPeriod    Validity period of tokens
 * @param authorizationCode Authorization Code
 * @return AccessTokenInfo - An object with the generated access token information
 * @throws APIManagementException When receiving access tokens fails
 */
public AccessTokenInfo getTokens(String appName, String grantType, String userName, String password, String refreshToken, long validityPeriod, String authorizationCode, String assertion, IdentityProvider identityProvider) throws APIManagementException {
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
    MultiEnvironmentOverview multiEnvironmentOverviewConfigs = apimConfigurationService.getEnvironmentConfigurations().getMultiEnvironmentOverview();
    boolean isMultiEnvironmentOverviewEnabled = multiEnvironmentOverviewConfigs.isEnabled();
    // Get scopes of the application
    String scopes = getApplicationScopes(appName);
    log.debug("Set scopes for {} application using swagger definition.", appName);
    // TODO: Get Consumer Key & Secret without creating a new app, from the IS side
    Map<String, String> consumerKeySecretMap = getConsumerKeySecret(appName);
    log.debug("Received consumer key & secret for {} application.", appName);
    try {
        if (KeyManagerConstants.AUTHORIZATION_CODE_GRANT_TYPE.equals(grantType)) {
            // Access token for authorization code grant type
            APIMAppConfigurations appConfigs = apimAppConfigurationService.getApimAppConfigurations();
            String callBackURL = appConfigs.getApimBaseUrl() + AuthenticatorConstants.AUTHORIZATION_CODE_CALLBACK_URL + appName;
            if (authorizationCode != null) {
                // Get Access & Refresh Tokens
                accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
                accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
                accessTokenRequest.setGrantType(grantType);
                accessTokenRequest.setAuthorizationCode(authorizationCode);
                accessTokenRequest.setScopes(scopes);
                accessTokenRequest.setValidityPeriod(validityPeriod);
                accessTokenRequest.setCallbackURI(callBackURL);
                accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
            } else {
                String errorMsg = "No Authorization Code available.";
                log.error(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
                throw new APIManagementException(errorMsg, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
            }
        } else if (KeyManagerConstants.PASSWORD_GRANT_TYPE.equals(grantType)) {
            // Access token for password code grant type
            accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
        } else if (KeyManagerConstants.REFRESH_GRANT_TYPE.equals(grantType)) {
            accessTokenRequest = AuthUtil.createAccessTokenRequest(userName, password, grantType, refreshToken, null, validityPeriod, scopes, consumerKeySecretMap.get("CONSUMER_KEY"), consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
        } else if (isMultiEnvironmentOverviewEnabled) {
            // JWT or Custom grant type
            accessTokenRequest.setClientId(consumerKeySecretMap.get("CONSUMER_KEY"));
            accessTokenRequest.setClientSecret(consumerKeySecretMap.get("CONSUMER_SECRET"));
            accessTokenRequest.setAssertion(assertion);
            // Pass grant type to extend a custom grant instead of JWT grant in the future
            accessTokenRequest.setGrantType(KeyManagerConstants.JWT_GRANT_TYPE);
            accessTokenRequest.setScopes(scopes);
            accessTokenRequest.setValidityPeriod(validityPeriod);
            accessTokenInfo = getKeyManager().getNewAccessToken(accessTokenRequest);
            String usernameFromJWT = getUsernameFromJWT(accessTokenInfo.getIdToken());
            try {
                identityProvider.getIdOfUser(usernameFromJWT);
            } catch (IdentityProviderException e) {
                String errorMsg = "User " + usernameFromJWT + " does not exists in this environment.";
                throw new APIManagementException(errorMsg, e, ExceptionCodes.USER_NOT_AUTHENTICATED);
            }
        }
    } catch (KeyManagementException e) {
        String errorMsg = "Error while receiving tokens for OAuth application : " + appName;
        log.error(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
        throw new APIManagementException(errorMsg, e, ExceptionCodes.ACCESS_TOKEN_GENERATION_FAILED);
    }
    log.debug("Received access token for {} application.", appName);
    return accessTokenInfo;
}

Example 24 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class AuthenticatorAPIFactory method getService.

/**
 * Get an instance of AuthenticatorService
 *
 * @return AuthenticatorService
 * @throws APIMgtDAOException     if failed to initialize SystemApplicationDao
 * @throws IdentityProviderException if failed to initialize IdentityProvider
 */
public synchronized AuthenticatorService getService() throws APIMgtDAOException, IdentityProviderException {
    if (service == null) {
        IdentityProvider identityProvider = APIManagerFactory.getInstance().getIdentityProvider();
        SystemApplicationDao systemApplicationDao = DAOFactory.getSystemApplicationDao();
        APIMConfigurationService apimConfigurationService = APIMConfigurationService.getInstance();
        APIMAppConfigurationService apimAppConfigurationService = APIMAppConfigurationService.getInstance();
        service = new AuthenticatorService(identityProvider, systemApplicationDao, apimConfigurationService, apimAppConfigurationService);
    }
    return service;
}

Example 25 with IdentityProvider

use of org.wso2.carbon.identity.application.common.model.IdentityProvider in project carbon-apimgt by wso2.

the class APIPublisherImplTestCase method testUpdateAPIWithContextAndVersionChange.

@Test(description = "Test UpdateAPI with both context and version changed", expectedExceptions = APIManagementException.class)
public void testUpdateAPIWithContextAndVersionChange() throws APIManagementException {
    ApiDAO apiDAO = Mockito.mock(ApiDAO.class);
    APILifecycleManager apiLifecycleManager = Mockito.mock(APILifecycleManager.class);
    APIGateway gateway = Mockito.mock(APIGateway.class);
    IdentityProvider identityProvider = Mockito.mock(IdentityProvider.class);
    APIPublisherImpl apiPublisher = getApiPublisherImpl(identityProvider, apiDAO, apiLifecycleManager, gateway);
    API.APIBuilder api = SampleTestObjectCreator.createDefaultAPI();
    String uuid = api.getId();
    Mockito.when(apiDAO.getAPI(uuid)).thenReturn(api.build());
    Mockito.when(identityProvider.getRoleName(SampleTestObjectCreator.DEVELOPER_ROLE_ID)).thenReturn(DEVELOPER_ROLE);
    Mockito.when(identityProvider.getRoleName(SampleTestObjectCreator.ADMIN_ROLE_ID)).thenReturn(ADMIN_ROLE);
    Mockito.when(apiDAO.getApiSwaggerDefinition(api.getId())).thenReturn(SampleTestObjectCreator.apiDefinition);
    apiPublisher.updateAPI(api.version("1.1.0").context("test"));
}