use of org.wso2.carbon.identity.oauth.OAuthUtil in project identity-inbound-auth-oauth by wso2-extensions.
the class TenantCreationEventListener method revokeTokens.
private void revokeTokens(int tenantId) throws StratosException {
try {
Set<AccessTokenDO> accessTokenDOs = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getAccessTokensByTenant(tenantId);
Map<String, AccessTokenDO> latestAccessTokens = new HashMap<>();
for (AccessTokenDO accessTokenDO : accessTokenDOs) {
String keyString = accessTokenDO.getConsumerKey() + ":" + accessTokenDO.getAuthzUser() + ":" + OAuth2Util.buildScopeString(accessTokenDO.getScope()) + ":" + accessTokenDO.getAuthzUser().getFederatedIdPName();
AccessTokenDO accessTokenDOFromMap = latestAccessTokens.get(keyString);
if (accessTokenDOFromMap != null) {
if (accessTokenDOFromMap.getIssuedTime().before(accessTokenDO.getIssuedTime())) {
latestAccessTokens.put(keyString, accessTokenDO);
}
} else {
latestAccessTokens.put(keyString, accessTokenDO);
}
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser(), OAuth2Util.buildScopeString(accessTokenDO.getScope()));
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser());
OAuthUtil.clearOAuthCache(accessTokenDO);
}
OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().revokeAccessTokens(latestAccessTokens.values().stream().map(AccessTokenDO::getAccessToken).toArray(String[]::new), OAuth2Util.isHashEnabled());
List<AuthzCodeDO> latestAuthzCodes = OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().getLatestAuthorizationCodesByTenant(tenantId);
// Remove the authorization code from the cache.
latestAuthzCodes.stream().map(authzCodeDO -> authzCodeDO.getConsumerKey() + ":" + authzCodeDO.getAuthorizationCode()).forEach(OAuthUtil::clearOAuthCache);
OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().deactivateAuthorizationCodes(latestAuthzCodes);
} catch (IdentityOAuth2Exception e) {
throw new StratosException("Error occurred while revoking Access Token of tenant: " + tenantId, e);
}
}
Aggregations