Examples with OIDProviderConfigResponse org.wso2.carbon.identity.discovery.OIDProviderConfigResponse used on opensource projects

Example 1 with OIDProviderConfigResponse

use of org.wso2.carbon.identity.discovery.OIDProviderConfigResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class OIDCDiscoveryEndpointTest method testGetOIDProviderConfigurationTokenEndpoint.

@Test(dataProvider = "provideDataForGetOIDProviderConfigurationTokenEndpoint")
public void testGetOIDProviderConfigurationTokenEndpoint(String tokenEp, Map<String, Object> configMap, int expectedResponse) throws Exception {
    ThreadLocal<Map<String, Object>> threadLocalProperties = new ThreadLocal() {

        protected Map<String, Object> initialValue() {
            return new HashMap();
        }
    };
    threadLocalProperties.get().put(OAuthConstants.TENANT_NAME_FROM_CONTEXT, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    Field threadLocalPropertiesField = identityUtilObj.getClass().getDeclaredField("threadLocalProperties");
    Field modifiersField = Field.class.getDeclaredField("modifiers");
    modifiersField.setAccessible(true);
    modifiersField.setInt(threadLocalPropertiesField, threadLocalPropertiesField.getModifiers() & ~Modifier.FINAL);
    threadLocalPropertiesField.setAccessible(true);
    threadLocalPropertiesField.set(identityUtilObj, threadLocalProperties);
    mockStatic(EndpointUtil.class);
    when(EndpointUtil.getOIDCService()).thenReturn(defaultOIDCProcessor);
    when(defaultOIDCProcessor.getResponse(any(HttpServletRequest.class), any(String.class))).thenReturn(oidProviderConfigResponse);
    when(oidProviderConfigResponse.getConfigMap()).thenReturn(configMap);
    when(defaultOIDCProcessor.handleError(any(OIDCDiscoveryEndPointException.class))).thenReturn(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    oidcDiscoveryEndpoint.setOidProviderResponseBuilder(new OIDProviderJSONResponseBuilder());
    Response response = oidcDiscoveryEndpoint.getOIDProviderConfiguration(tokenEp, httpServletRequest);
    Assert.assertEquals(expectedResponse, response.getStatus());
    threadLocalProperties.get().remove(OAuthConstants.TENANT_NAME_FROM_CONTEXT);
}

Example 2 with OIDProviderConfigResponse

use of org.wso2.carbon.identity.discovery.OIDProviderConfigResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCProcessor method getResponse.

public OIDProviderConfigResponse getResponse(HttpServletRequest request, String tenantDomain) throws OIDCDiscoveryEndPointException, ServerConfigurationException {
    OIDCProviderRequestBuilder requestBuilder = new DefaultOIDCProviderRequestBuilder();
    OIDProviderRequest requestObject = requestBuilder.buildRequest(request, tenantDomain);
    ProviderConfigBuilder responseBuilder = new ProviderConfigBuilder();
    return responseBuilder.buildOIDProviderConfig(requestObject);
}

Example 3 with OIDProviderConfigResponse

use of org.wso2.carbon.identity.discovery.OIDProviderConfigResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class ProviderConfigBuilderTest method testBuildOIDProviderConfig4.

@Test
public void testBuildOIDProviderConfig4() throws Exception {
    OAuthServerConfiguration mockOAuthServerConfiguration = mock(OAuthServerConfiguration.class);
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(mockOAuthServerConfiguration);
    OIDCDiscoveryDataHolder mockOidcDiscoveryDataHolder = spy(new OIDCDiscoveryDataHolder());
    mockStatic(OIDCDiscoveryDataHolder.class);
    mockOidcDiscoveryDataHolder.setClaimManagementService(mockClaimMetadataManagementService);
    when(OIDCDiscoveryDataHolder.getInstance()).thenReturn(mockOidcDiscoveryDataHolder);
    mockStatic(OAuth2Util.class);
    mockStatic(OAuth2Util.OAuthURL.class);
    when(OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(idTokenSignatureAlgorithm)).thenReturn(JWSAlgorithm.RS256);
    when(OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(anyString())).thenReturn(JWSAlgorithm.RS256);
    String dummyIdIssuer = "http://domain:0000/oauth2/token";
    when(OAuth2Util.getIDTokenIssuer()).thenReturn(dummyIdIssuer);
    List<ExternalClaim> claims = new ArrayList<>();
    ExternalClaim externalClaim = new ExternalClaim("aaa", "bbb", "ccc");
    claims.add(externalClaim);
    when(mockClaimMetadataManagementService.getExternalClaims(anyString(), anyString())).thenReturn(claims);
    when(mockOAuthServerConfiguration.getIdTokenSignatureAlgorithm()).thenReturn(idTokenSignatureAlgorithm);
    mockStatic(DiscoveryUtil.class);
    when(DiscoveryUtil.isUseEntityIdAsIssuerInOidcDiscovery()).thenReturn(Boolean.FALSE);
    OIDProviderConfigResponse response = providerConfigBuilder.buildOIDProviderConfig(mockOidProviderRequest);
    assertNotNull(response);
    assertEquals(response.getIssuer(), dummyIdIssuer);
}

Example 4 with OIDProviderConfigResponse

use of org.wso2.carbon.identity.discovery.OIDProviderConfigResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class ProviderConfigBuilder method buildOIDProviderConfig.

public OIDProviderConfigResponse buildOIDProviderConfig(OIDProviderRequest request) throws OIDCDiscoveryEndPointException, ServerConfigurationException {
    OIDProviderConfigResponse providerConfig = new OIDProviderConfigResponse();
    String tenantDomain = request.getTenantDomain();
    if (isUseEntityIdAsIssuerInOidcDiscovery()) {
        try {
            providerConfig.setIssuer(OAuth2Util.getIdTokenIssuer(tenantDomain));
        } catch (IdentityOAuth2Exception e) {
            throw new ServerConfigurationException(String.format("Error while retrieving OIDC Id token issuer " + "value for tenant domain: %s", tenantDomain), e);
        }
    } else {
        providerConfig.setIssuer(OAuth2Util.getIDTokenIssuer());
    }
    providerConfig.setAuthorizationEndpoint(OAuth2Util.OAuthURL.getOAuth2AuthzEPUrl());
    providerConfig.setTokenEndpoint(OAuth2Util.OAuthURL.getOAuth2TokenEPUrl());
    providerConfig.setUserinfoEndpoint(OAuth2Util.OAuthURL.getOAuth2UserInfoEPUrl());
    providerConfig.setRevocationEndpoint(OAuth2Util.OAuthURL.getOAuth2RevocationEPUrl());
    providerConfig.setRevocationEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().toArray(new String[0]));
    providerConfig.setResponseModesSupported(OAuth2Util.getSupportedResponseModes().toArray(new String[0]));
    providerConfig.setIntrospectionEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().toArray(new String[0]));
    providerConfig.setCodeChallengeMethodsSupported(OAuth2Util.getSupportedCodeChallengeMethods().toArray(new String[0]));
    try {
        providerConfig.setIntrospectionEndpoint(OAuth2Util.OAuthURL.getOAuth2IntrospectionEPUrl(tenantDomain));
        providerConfig.setRegistrationEndpoint(OAuth2Util.OAuthURL.getOAuth2DCREPUrl(tenantDomain));
        providerConfig.setJwksUri(OAuth2Util.OAuthURL.getOAuth2JWKSPageUrl(tenantDomain));
    } catch (URISyntaxException e) {
        throw new ServerConfigurationException("Error while building tenant specific url", e);
    }
    List<String> scopes = OAuth2Util.getOIDCScopes(tenantDomain);
    providerConfig.setScopesSupported(scopes.toArray(new String[scopes.size()]));
    try {
        List<ExternalClaim> claims = OIDCDiscoveryDataHolder.getInstance().getClaimManagementService().getExternalClaims(OIDC_CLAIM_DIALECT, tenantDomain);
        String[] claimArray = new String[claims.size() + 2];
        int i;
        for (i = 0; i < claims.size(); i++) {
            claimArray[i] = claims.get(i).getClaimURI();
        }
        claimArray[i++] = "iss";
        claimArray[i] = "acr";
        providerConfig.setClaimsSupported(claimArray);
    } catch (ClaimMetadataException e) {
        throw new ServerConfigurationException("Error while retrieving OIDC claim dialect", e);
    }
    try {
        providerConfig.setIdTokenSigningAlgValuesSupported(new String[] { OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(OAuthServerConfiguration.getInstance().getIdTokenSignatureAlgorithm()).getName() });
    } catch (IdentityOAuth2Exception e) {
        throw new ServerConfigurationException("Unsupported signature algorithm configured.", e);
    }
    Set<String> supportedResponseTypeNames = OAuthServerConfiguration.getInstance().getSupportedResponseTypeNames();
    providerConfig.setResponseTypesSupported(supportedResponseTypeNames.toArray(new String[supportedResponseTypeNames.size()]));
    providerConfig.setSubjectTypesSupported(new String[] { "public" });
    providerConfig.setCheckSessionIframe(buildServiceUrl(IdentityConstants.OAuth.CHECK_SESSION, IdentityUtil.getProperty(IdentityConstants.OAuth.OIDC_CHECK_SESSION_EP_URL)));
    providerConfig.setEndSessionEndpoint(buildServiceUrl(IdentityConstants.OAuth.LOGOUT, IdentityUtil.getProperty(IdentityConstants.OAuth.OIDC_LOGOUT_EP_URL)));
    try {
        providerConfig.setUserinfoSigningAlgValuesSupported(new String[] { OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(OAuthServerConfiguration.getInstance().getUserInfoJWTSignatureAlgorithm()).getName() });
    } catch (IdentityOAuth2Exception e) {
        throw new ServerConfigurationException("Unsupported signature algorithm configured.", e);
    }
    providerConfig.setTokenEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().stream().toArray(String[]::new));
    providerConfig.setGrantTypesSupported(OAuth2Util.getSupportedGrantTypes().stream().toArray(String[]::new));
    providerConfig.setRequestParameterSupported(Boolean.valueOf(OAuth2Util.isRequestParameterSupported()));
    providerConfig.setClaimsParameterSupported(Boolean.valueOf(OAuth2Util.isClaimsParameterSupported()));
    providerConfig.setRequestObjectSigningAlgValuesSupported(OAuth2Util.getRequestObjectSigningAlgValuesSupported().stream().toArray(String[]::new));
    providerConfig.setBackchannelLogoutSupported(Boolean.TRUE);
    providerConfig.setBackchannelLogoutSessionSupported(Boolean.TRUE);
    return providerConfig;
}