Examples with AccessTokenInfo org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo used on opensource projects

Example 26 with AccessTokenInfo

use of org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo in project carbon-apimgt by wso2.

the class AuthenticatorServiceTestCase method testSetAccessTokenData.

@Test
public void testSetAccessTokenData() throws Exception {
    // Happy Path
    APIMConfigurationService apimConfigurationService = Mockito.mock(APIMConfigurationService.class);
    EnvironmentConfigurations environmentConfigurations = new EnvironmentConfigurations();
    Mockito.when(apimConfigurationService.getEnvironmentConfigurations()).thenReturn(environmentConfigurations);
    APIMAppConfigurationService apimAppConfigurationService = Mockito.mock(APIMAppConfigurationService.class);
    APIMAppConfigurations apimAppConfigurations = new APIMAppConfigurations();
    Mockito.when(apimAppConfigurationService.getApimAppConfigurations()).thenReturn(apimAppConfigurations);
    // // AccessTokenInfo object
    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
    accessTokenInfo.setIdToken("eyJ4NXQiOiJObUptT0dVeE16WmxZak0yWkRSaE5UWmxZVEExWXpkaFpUUmlPV0UwTldJMk0ySm1PVGMxWkEiLCJraWQiOiJkMGVjNTE0YTMyYjZmODhjMGFiZDEyYTI4NDA2OTliZGQzZGViYTlkIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiWGg3bFZpSDZDS2pZLXRIT09JaWN5QSIsInN1YiI6ImFkbWluIiwiYXVkIjpbInR6NlJGQnhzdV93Z0RCd3FyUThvVmo3d25FTWEiXSwiYXpwIjoidHo2UkZCeHN1X3dnREJ3cXJROG9Wajd3bkVNYSIsImF1dGhfdGltZSI6MTUwMTczMzQ1NiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJcL3Rva2VuIiwiZXhwIjoxNTAxNzM3MDU3LCJpYXQiOjE1MDE3MzM0NTd9.XXX-XXX");
    accessTokenInfo.setValidityPeriod(-2L);
    accessTokenInfo.setScopes("apim:subscribe openid");
    // // Expected AuthResponseBean object
    AuthResponseBean expectedAuthResponseBean = new AuthResponseBean();
    expectedAuthResponseBean.setTokenValid(true);
    expectedAuthResponseBean.setAuthUser("admin");
    expectedAuthResponseBean.setScopes(accessTokenInfo.getScopes());
    expectedAuthResponseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    expectedAuthResponseBean.setValidityPeriod(accessTokenInfo.getValidityPeriod());
    expectedAuthResponseBean.setIdToken(accessTokenInfo.getIdToken());
    KeyManager keyManager = Mockito.mock(KeyManager.class);
    SystemApplicationDao systemApplicationDao = Mockito.mock(SystemApplicationDao.class);
    Mockito.when(systemApplicationDao.isConsumerKeyExistForApplication("store")).thenReturn(false);
    MultiEnvironmentOverview multiEnvironmentOverview = new MultiEnvironmentOverview();
    environmentConfigurations.setMultiEnvironmentOverview(multiEnvironmentOverview);
    AuthenticatorService authenticatorService = new AuthenticatorService(keyManager, systemApplicationDao, apimConfigurationService, apimAppConfigurationService);
    // // Actual response
    AuthResponseBean authResponseBean = authenticatorService.getResponseBeanFromTokenInfo(accessTokenInfo);
    Assert.assertTrue(EqualsBuilder.reflectionEquals(expectedAuthResponseBean, authResponseBean));
    // Happy Path - When id token is null
    // // AccessTokenInfo object with null id token
    AccessTokenInfo invalidTokenInfo = new AccessTokenInfo();
    invalidTokenInfo.setValidityPeriod(-2L);
    invalidTokenInfo.setScopes("apim:subscribe openid");
    // // Expected AuthResponseBean object when id token is null
    AuthResponseBean expectedResponseBean = new AuthResponseBean();
    expectedResponseBean.setTokenValid(true);
    expectedResponseBean.setScopes(invalidTokenInfo.getScopes());
    expectedResponseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    expectedResponseBean.setValidityPeriod(invalidTokenInfo.getValidityPeriod());
    expectedResponseBean.setIdToken(invalidTokenInfo.getIdToken());
    expectedResponseBean.setAuthUser("admin");
    // // Actual response when id token is null
    AuthResponseBean responseBean = authenticatorService.getResponseBeanFromTokenInfo(invalidTokenInfo);
    Assert.assertTrue(EqualsBuilder.reflectionEquals(expectedResponseBean, responseBean));
    // Error Path - When parsing JWT fails and throws KeyManagementException
    // // AccessTokenInfo object with invalid ID token format
    AccessTokenInfo invalidAccessTokenInfo = new AccessTokenInfo();
    invalidAccessTokenInfo.setIdToken("xxx-invalid-id-token-xxx");
    invalidAccessTokenInfo.setValidityPeriod(-2L);
    invalidAccessTokenInfo.setScopes("apim:subscribe openid");
    try {
        AuthResponseBean errorResponseBean = authenticatorService.getResponseBeanFromTokenInfo(invalidAccessTokenInfo);
    } catch (KeyManagementException e) {
        Assert.assertEquals(900986, e.getErrorHandler().getErrorCode());
    }
}

Example 27 with AccessTokenInfo

use of org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo in project carbon-apimgt by wso2.

the class AuthenticatorService method getResponseBeanFromTokenInfo.

/**
 * This method sets access token data.
 *
 * @param accessTokenInfo Information of the access token
 * @return AuthResponseBean - An object with access token data
 * @throws KeyManagementException When parsing JWT fails
 */
public AuthResponseBean getResponseBeanFromTokenInfo(AccessTokenInfo accessTokenInfo) throws KeyManagementException {
    String authUser = null;
    if (accessTokenInfo.getIdToken() != null) {
        authUser = getUsernameFromJWT(accessTokenInfo.getIdToken());
    }
    if (authUser == null) {
        authUser = AuthenticatorConstants.ADMIN_USER;
    }
    AuthResponseBean responseBean = new AuthResponseBean();
    responseBean.setTokenValid(true);
    responseBean.setAuthUser(authUser);
    responseBean.setScopes(accessTokenInfo.getScopes());
    responseBean.setType(AuthenticatorConstants.BEARER_PREFIX);
    responseBean.setValidityPeriod(accessTokenInfo.getValidityPeriod());
    responseBean.setIdToken(accessTokenInfo.getIdToken());
    return responseBean;
}

Example 28 with AccessTokenInfo

use of org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo in project product-iots by wso2.

the class DeviceTypeServiceImpl method createDownloadFile.

private ZipArchive createDownloadFile(String owner, String deviceName, String sketchType) throws DeviceManagementException, JWTClientException, APIManagerException, UserStoreException {
    // create new device id
    String deviceId = shortUUID();
    if (apiApplicationKey == null) {
        String applicationUsername = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName();
        applicationUsername = applicationUsername + "@" + APIUtil.getAuthenticatedUserTenantDomain();
        APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
        String[] tags = { DeviceTypeConstants.DEVICE_TYPE };
        apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(DeviceTypeConstants.DEVICE_TYPE, tags, KEY_TYPE, applicationUsername, true, "3600");
    }
    JWTClient jwtClient = APIUtil.getJWTClientManagerService().getJWTClient();
    String scopes = "device_type_" + DeviceTypeConstants.DEVICE_TYPE + " device_" + deviceId;
    AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(apiApplicationKey.getConsumerKey(), apiApplicationKey.getConsumerSecret(), owner + "@" + APIUtil.getAuthenticatedUserTenantDomain(), scopes);
    // create token
    String accessToken = accessTokenInfo.getAccessToken();
    String refreshToken = accessTokenInfo.getRefreshToken();
    boolean status = register(deviceId, deviceName);
    if (!status) {
        String msg = "Error occurred while registering the device with " + "id: " + deviceId + " owner:" + owner;
        throw new DeviceManagementException(msg);
    }
    ZipUtil ziputil = new ZipUtil();
    ZipArchive zipFile = ziputil.createZipFile(owner, APIUtil.getTenantDomainOftheUser(), sketchType, deviceId, deviceName, accessToken, refreshToken, apiApplicationKey.toString());
    return zipFile;
}

Example 29 with AccessTokenInfo

use of org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo in project carbon-apimgt by wso2.

the class AbstractApplicationRegistrationWorkflowExecutor method dogenerateKeysForApplication.

public static void dogenerateKeysForApplication(ApplicationRegistrationWorkflowDTO workflowDTO) throws APIManagementException {
    log.debug("Registering Application and creating an Access Token... ");
    Application application = workflowDTO.getApplication();
    Subscriber subscriber = application.getSubscriber();
    ApiMgtDAO dao = ApiMgtDAO.getInstance();
    if (subscriber == null || workflowDTO.getAllowedDomains() == null) {
        dao.populateAppRegistrationWorkflowDTO(workflowDTO);
    }
    try {
        // get new key manager
        // Here the default flow is set expecting an ID as the keymanager as this flow only involves new applications
        String keyManagerId = workflowDTO.getKeyManager();
        KeyManagerConfigurationDTO km = dao.getKeyManagerConfigurationByUUID(keyManagerId);
        String tenantDomain = km.getOrganization();
        String keyManagerName = km.getName();
        KeyManager keyManager = KeyManagerHolder.getKeyManagerInstance(tenantDomain, keyManagerName);
        if (keyManager == null) {
            throw new APIManagementException("Key Manager " + keyManagerName + " not configured");
        }
        workflowDTO.getAppInfoDTO().getOAuthApplicationInfo().setClientName(application.getName());
        // set applications attributes to the oAuthApplicationInfo
        workflowDTO.getAppInfoDTO().getOAuthApplicationInfo().putAllAppAttributes(application.getApplicationAttributes());
        // createApplication on oAuthorization server.
        OAuthApplicationInfo oAuthApplication = keyManager.createApplication(workflowDTO.getAppInfoDTO());
        // update associateApplication
        ApplicationUtils.updateOAuthAppAssociation(application, workflowDTO.getKeyType(), oAuthApplication, keyManagerId);
        // change create application status in to completed.
        dao.updateApplicationRegistration(APIConstants.AppRegistrationStatus.REGISTRATION_COMPLETED, workflowDTO.getKeyType(), workflowDTO.getApplication().getId(), keyManagerId);
        workflowDTO.setApplicationInfo(oAuthApplication);
        AccessTokenInfo tokenInfo;
        Object enableTokenGeneration = keyManager.getKeyManagerConfiguration().getParameter(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION);
        if (enableTokenGeneration != null && (Boolean) enableTokenGeneration && oAuthApplication.getJsonString().contains(APIConstants.GRANT_TYPE_CLIENT_CREDENTIALS)) {
            AccessTokenRequest tokenRequest = ApplicationUtils.createAccessTokenRequest(keyManager, oAuthApplication, null);
            tokenInfo = keyManager.getNewApplicationAccessToken(tokenRequest);
        } else {
            tokenInfo = new AccessTokenInfo();
            tokenInfo.setAccessToken("");
            tokenInfo.setValidityPeriod(0L);
            String[] noScopes = new String[] { "N/A" };
            tokenInfo.setScope(noScopes);
            oAuthApplication.addParameter("tokenScope", Arrays.toString(noScopes));
        }
        workflowDTO.setAccessTokenInfo(tokenInfo);
    } catch (Exception e) {
        APIUtil.handleException("Error occurred while executing SubscriberKeyMgtClient.", e);
    }
}

Example 30 with AccessTokenInfo

use of org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo in project carbon-apimgt by wso2.

the class SampleWorkFlowExecutor method execute.

@Override
public WorkflowResponse execute(WorkflowDTO workflowDTO) throws WorkflowException {
    workflowDTO.setStatus(WorkflowStatus.APPROVED);
    WorkflowResponse workflowResponse = complete(workflowDTO);
    if (workflowDTO instanceof ApplicationRegistrationWorkflowDTO) {
        OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        ((ApplicationRegistrationWorkflowDTO) workflowDTO).setApplicationInfo(oAuthApplicationInfo);
        ((ApplicationRegistrationWorkflowDTO) workflowDTO).setAccessTokenInfo(accessTokenInfo);
    }
    return workflowResponse;
}