Search in sources :

Example 1 with OAuthAppRevocationRequestDTO

use of org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuthAdminServiceImplTest method testRevokeIssuedTokensByApplication.

@Test
public void testRevokeIssuedTokensByApplication() throws Exception {
    String userId = UUID.randomUUID().toString();
    String consumerKey = UUID.randomUUID().toString();
    String accessToken = UUID.randomUUID().toString();
    String refreshToken = UUID.randomUUID().toString();
    OAuthAppDO oAuthAppDO = new OAuthAppDO();
    oAuthAppDO.setOauthConsumerKey(consumerKey);
    oAuthAppDO.setApplicationName("some-user-name");
    when(oAuthAppDAO.getAppInformation(consumerKey)).thenReturn(oAuthAppDO);
    PowerMockito.whenNew(OAuthAppDAO.class).withNoArguments().thenReturn(oAuthAppDAO);
    AuthenticatedUser user = buildUser("some-user-name");
    user.setUserId(userId);
    user.setFederatedIdPName(TestConstants.LOCAL_IDP);
    OAuthAppRevocationRequestDTO oAuthAppRevocationRequestDTO = new OAuthAppRevocationRequestDTO();
    oAuthAppRevocationRequestDTO.setConsumerKey(consumerKey);
    AccessTokenDO dummyToken = new AccessTokenDO();
    dummyToken.setAccessToken(accessToken);
    dummyToken.setRefreshToken(refreshToken);
    dummyToken.setAuthzUser(user);
    dummyToken.setScope(new String[] { "openid" });
    Set<AccessTokenDO> accessTokenDOSet = new HashSet<>();
    accessTokenDOSet.add(dummyToken);
    OAuthTokenPersistenceFactory tokenPersistenceFactory = OAuthTokenPersistenceFactory.getInstance();
    TokenManagementDAOImpl mockTokenManagementDAOImpl = mock(TokenManagementDAOImpl.class);
    Whitebox.setInternalState(tokenPersistenceFactory, "managementDAO", mockTokenManagementDAOImpl);
    AccessTokenDAO mockAccessTokenDAO = mock(AccessTokenDAO.class);
    Whitebox.setInternalState(tokenPersistenceFactory, "tokenDAO", mockAccessTokenDAO);
    when(mockAccessTokenDAO.getActiveAcessTokenDataByConsumerKey(anyString())).thenReturn(accessTokenDOSet);
    OAuthRevocationResponseDTO expectedOAuthRevocationResponseDTO = new OAuthRevocationResponseDTO();
    expectedOAuthRevocationResponseDTO.setError(false);
    ApplicationManagementService appMgtService = mock(ApplicationManagementService.class);
    when(appMgtService.getServiceProviderNameByClientId(consumerKey, INBOUND_AUTH2_TYPE, user.getTenantDomain())).thenReturn(oAuthAppDO.getApplicationName());
    OAuth2ServiceComponentHolder.setApplicationMgtService(appMgtService);
    OAuthAdminServiceImpl oAuthAdminServiceImpl = spy(new OAuthAdminServiceImpl());
    doNothing().when(oAuthAdminServiceImpl, "triggerPreApplicationTokenRevokeListeners", anyObject());
    doNothing().when(oAuthAdminServiceImpl, "triggerPostApplicationTokenRevokeListeners", anyObject(), anyObject(), anyObject());
    OAuthRevocationResponseDTO actualOAuthRevocationResponseDTO = oAuthAdminServiceImpl.revokeIssuedTokensByApplication(oAuthAppRevocationRequestDTO);
    Assert.assertEquals(actualOAuthRevocationResponseDTO.isError(), expectedOAuthRevocationResponseDTO.isError());
}
Also used : TokenManagementDAOImpl(org.wso2.carbon.identity.oauth2.dao.TokenManagementDAOImpl) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) AccessTokenDAO(org.wso2.carbon.identity.oauth2.dao.AccessTokenDAO) Matchers.anyString(org.mockito.Matchers.anyString) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) AccessTokenDO(org.wso2.carbon.identity.oauth2.model.AccessTokenDO) OAuthTokenPersistenceFactory(org.wso2.carbon.identity.oauth2.dao.OAuthTokenPersistenceFactory) OAuthAppDO(org.wso2.carbon.identity.oauth.dao.OAuthAppDO) OAuthAppRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) HashSet(java.util.HashSet) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 2 with OAuthAppRevocationRequestDTO

use of org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuthAdminServiceImplTest method testRevokeIssuedTokensByApplicationWithEmptyConsumerKey.

@Test
public void testRevokeIssuedTokensByApplicationWithEmptyConsumerKey() throws Exception {
    OAuthAppRevocationRequestDTO oAuthAppRevocationRequestDTO = new OAuthAppRevocationRequestDTO();
    oAuthAppRevocationRequestDTO.setConsumerKey("");
    OAuthAdminServiceImpl oAuthAdminServiceImpl = spy(new OAuthAdminServiceImpl());
    doNothing().when(oAuthAdminServiceImpl, "triggerPreApplicationTokenRevokeListeners", anyObject());
    OAuthRevocationResponseDTO actualOAuthRevocationResponseDTO = oAuthAdminServiceImpl.revokeIssuedTokensByApplication(oAuthAppRevocationRequestDTO);
    Assert.assertEquals(actualOAuthRevocationResponseDTO.getErrorCode(), OAuth2ErrorCodes.INVALID_REQUEST);
}
Also used : OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) OAuthAppRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 3 with OAuthAppRevocationRequestDTO

use of org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO in project identity-api-user by wso2.

the class AuthorizedAppsService method deleteIssuedTokensByAppId.

/**
 * Delete issued tokens for a given application ID.
 *
 * @param applicationId Application ID
 */
public void deleteIssuedTokensByAppId(String applicationId) {
    String tenantDomain = ContextLoader.getTenantDomainFromContext();
    ServiceProvider application = getServiceProvider(applicationId, tenantDomain);
    // Extract the inbound authentication request config for the given inbound type.
    InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = getInboundAuthenticationRequestConfig(application);
    if (inboundAuthenticationRequestConfig == null) {
        // This means the inbound is not configured for the particular app.
        throw handleError(Response.Status.NOT_FOUND, Constants.ErrorMessages.ERROR_CODE_INVALID_INBOUND_PROTOCOL, OAUTH2, applicationId, tenantDomain);
    }
    String clientId = inboundAuthenticationRequestConfig.getInboundAuthKey();
    OAuthAppRevocationRequestDTO oAuthAppRevocationRequestDTO = new OAuthAppRevocationRequestDTO();
    oAuthAppRevocationRequestDTO.setApplicationResourceId(applicationId);
    oAuthAppRevocationRequestDTO.setConsumerKey(clientId);
    try {
        oAuthAdminService.revokeIssuedTokensByApplication(oAuthAppRevocationRequestDTO);
    } catch (IdentityOAuthAdminException e) {
        throw handleError(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_TOKEN_BY_APP_ID, applicationId, tenantDomain);
    }
}
Also used : IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig) OAuthAppRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO)

Example 4 with OAuthAppRevocationRequestDTO

use of org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuthAdminServiceImpl method revokeIssuedTokensByApplication.

/**
 * Revoke issued tokens for the application.
 *
 * @param application {@link OAuthAppRevocationRequestDTO}
 * @return revokeRespDTO {@link OAuthAppRevocationRequestDTO}
 * @throws IdentityOAuthAdminException Error while revoking the issued tokens
 */
public OAuthRevocationResponseDTO revokeIssuedTokensByApplication(OAuthAppRevocationRequestDTO application) throws IdentityOAuthAdminException {
    triggerPreApplicationTokenRevokeListeners(application);
    OAuthRevocationResponseDTO revokeRespDTO = new OAuthRevocationResponseDTO();
    String consumerKey = application.getConsumerKey();
    if (StringUtils.isBlank(consumerKey)) {
        revokeRespDTO.setError(true);
        revokeRespDTO.setErrorCode(OAuth2ErrorCodes.INVALID_REQUEST);
        revokeRespDTO.setErrorMsg("Consumer key is null or empty.");
        triggerPostApplicationTokenRevokeListeners(application, revokeRespDTO, new ArrayList<>());
        return revokeRespDTO;
    }
    String tenantDomain = getTenantDomain(consumerKey);
    String applicationName = getApplicationName(consumerKey, tenantDomain);
    List<AccessTokenDO> accessTokenDOs = getActiveAccessTokensByConsumerKey(consumerKey);
    if (accessTokenDOs.size() > 0) {
        String[] accessTokens = new String[accessTokenDOs.size()];
        int count = 0;
        for (AccessTokenDO accessTokenDO : accessTokenDOs) {
            accessTokens[count++] = accessTokenDO.getAccessToken();
            clearCacheByAccessTokenAndConsumerKey(accessTokenDO, consumerKey);
        }
        if (LOG.isDebugEnabled()) {
            String message = String.format("Access tokens and token of users are removed from the cache for " + "OAuth app in tenant domain: %s with consumer key: %s.", tenantDomain, consumerKey);
            LOG.debug(message);
        }
        revokeAccessTokens(accessTokens, consumerKey, tenantDomain);
        revokeOAuthConsentsForApplication(applicationName, tenantDomain);
    }
    triggerPostApplicationTokenRevokeListeners(application, revokeRespDTO, accessTokenDOs);
    return revokeRespDTO;
}
Also used : AccessTokenDO(org.wso2.carbon.identity.oauth2.model.AccessTokenDO) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) OAuth2Util.buildScopeString(org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString)

Aggregations

OAuthAppRevocationRequestDTO (org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO)3 OAuthRevocationResponseDTO (org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO)3 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2 Test (org.testng.annotations.Test)2 AccessTokenDO (org.wso2.carbon.identity.oauth2.model.AccessTokenDO)2 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)2 HashSet (java.util.HashSet)1 Matchers.anyString (org.mockito.Matchers.anyString)1 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)1 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig)1 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)1 ApplicationManagementService (org.wso2.carbon.identity.application.mgt.ApplicationManagementService)1 IdentityOAuthAdminException (org.wso2.carbon.identity.oauth.IdentityOAuthAdminException)1 OAuthAppDO (org.wso2.carbon.identity.oauth.dao.OAuthAppDO)1 AccessTokenDAO (org.wso2.carbon.identity.oauth2.dao.AccessTokenDAO)1 OAuthTokenPersistenceFactory (org.wso2.carbon.identity.oauth2.dao.OAuthTokenPersistenceFactory)1 TokenManagementDAOImpl (org.wso2.carbon.identity.oauth2.dao.TokenManagementDAOImpl)1 OAuth2Util.buildScopeString (org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString)1