Examples with OAuthRequestWrapper org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper used on opensource projects

Example 1 with OAuthRequestWrapper

use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2CibaEndpoint method ciba.

@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response ciba(@Context HttpServletRequest request, @Context HttpServletResponse response, MultivaluedMap paramMap) {
    OAuthClientAuthnContext oAuthClientAuthnContext = getClientAuthnContext(request);
    if (!oAuthClientAuthnContext.isAuthenticated()) {
        return getErrorResponse(new CibaAuthFailureException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, "Client authentication required"));
    }
    request = new OAuthRequestWrapper(request, (Map<String, List<String>>) paramMap);
    if (log.isDebugEnabled()) {
        log.debug("Authentication request has hit Client Initiated Back-channel Authentication EndPoint.");
    }
    try {
        // Check whether request has the 'request' parameter.
        checkForRequestParam(request);
        // Capturing authentication request.
        String authRequest = request.getParameter(CibaConstants.REQUEST);
        // Validate authentication request.
        validateAuthenticationRequest(authRequest, oAuthClientAuthnContext.getClientId());
        // Prepare RequestDTO with validated parameters.
        cibaAuthCodeRequest = getCibaAuthCodeRequest(authRequest);
        // Obtain Response from service layer of CIBA.
        cibaAuthCodeResponse = getCibaAuthCodeResponse(cibaAuthCodeRequest);
        // Create an internal authorize call to the authorize endpoint.
        generateAuthorizeCall(request, response, cibaAuthCodeResponse);
        // Create and return Ciba Authentication Response.
        return getAuthResponse(response, cibaAuthCodeResponse);
    } catch (CibaAuthFailureException e) {
        // Returning error response.
        return getErrorResponse(e);
    }
}

Example 2 with OAuthRequestWrapper

use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuthRevocationEndpoint method revokeAccessToken.

@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
public Response revokeAccessToken(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap) throws OAuthSystemException, InvalidRequestParentException {
    try {
        startSuperTenantFlow();
        Map<String, Object> params = new HashMap<>();
        if (MapUtils.isNotEmpty(paramMap)) {
            paramMap.forEach((key, value) -> {
                if (TOKEN_PARAM.equals(key) && CollectionUtils.isNotEmpty(value)) {
                    params.put("token", value.get(0).replaceAll(".", "*"));
                } else {
                    params.put(key, value);
                }
            });
        }
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, "Successfully received token revocation request.", "receive-revoke-request", null);
        }
        validateRepeatedParams(request, paramMap);
        HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
        String token = getToken(paramMap, httpRequest);
        String callback = getCallback(paramMap, httpRequest);
        if (isEmpty(token)) {
            if (LoggerUtils.isDiagnosticLogsEnabled()) {
                LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.FAILED, "'token' parameter is missing in the revoke request.", "validate-input-parameters", null);
            }
            return handleClientFailure(callback);
        }
        String tokenType = getTokenType(paramMap, httpRequest);
        OAuthRevocationRequestDTO revokeRequest = buildOAuthRevocationRequest(httpRequest, paramMap, token, tokenType);
        OAuthRevocationResponseDTO oauthRevokeResp = revokeTokens(revokeRequest);
        if (oauthRevokeResp.getErrorMsg() != null) {
            return handleErrorResponse(callback, oauthRevokeResp);
        } else {
            return handleRevokeResponse(callback, oauthRevokeResp);
        }
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}

Example 3 with OAuthRequestWrapper

use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpoint method issueAccessToken.

protected Response issueAccessToken(HttpServletRequest request, Map<String, List<String>> paramMap) throws OAuthSystemException, InvalidRequestParentException {
    try {
        startSuperTenantFlow();
        validateRepeatedParams(request, paramMap);
        HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
        CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest);
        validateOAuthApplication(oauthRequest.getoAuthClientAuthnContext());
        OAuth2AccessTokenRespDTO oauth2AccessTokenResp = issueAccessToken(oauthRequest, httpRequest);
        if (oauth2AccessTokenResp.getErrorMsg() != null) {
            return handleErrorResponse(oauth2AccessTokenResp);
        } else {
            return buildTokenResponse(oauth2AccessTokenResp);
        }
    } catch (TokenEndpointBadRequestException | OAuthSystemException | InvalidApplicationClientException e) {
        triggerOnTokenExceptionListeners(e, request, paramMap);
        throw e;
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}