use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2CibaEndpoint method ciba.
@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response ciba(@Context HttpServletRequest request, @Context HttpServletResponse response, MultivaluedMap paramMap) {
OAuthClientAuthnContext oAuthClientAuthnContext = getClientAuthnContext(request);
if (!oAuthClientAuthnContext.isAuthenticated()) {
return getErrorResponse(new CibaAuthFailureException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, "Client authentication required"));
}
request = new OAuthRequestWrapper(request, (Map<String, List<String>>) paramMap);
if (log.isDebugEnabled()) {
log.debug("Authentication request has hit Client Initiated Back-channel Authentication EndPoint.");
}
try {
// Check whether request has the 'request' parameter.
checkForRequestParam(request);
// Capturing authentication request.
String authRequest = request.getParameter(CibaConstants.REQUEST);
// Validate authentication request.
validateAuthenticationRequest(authRequest, oAuthClientAuthnContext.getClientId());
// Prepare RequestDTO with validated parameters.
cibaAuthCodeRequest = getCibaAuthCodeRequest(authRequest);
// Obtain Response from service layer of CIBA.
cibaAuthCodeResponse = getCibaAuthCodeResponse(cibaAuthCodeRequest);
// Create an internal authorize call to the authorize endpoint.
generateAuthorizeCall(request, response, cibaAuthCodeResponse);
// Create and return Ciba Authentication Response.
return getAuthResponse(response, cibaAuthCodeResponse);
} catch (CibaAuthFailureException e) {
// Returning error response.
return getErrorResponse(e);
}
}
use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthRevocationEndpoint method revokeAccessToken.
@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
public Response revokeAccessToken(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap) throws OAuthSystemException, InvalidRequestParentException {
try {
startSuperTenantFlow();
Map<String, Object> params = new HashMap<>();
if (MapUtils.isNotEmpty(paramMap)) {
paramMap.forEach((key, value) -> {
if (TOKEN_PARAM.equals(key) && CollectionUtils.isNotEmpty(value)) {
params.put("token", value.get(0).replaceAll(".", "*"));
} else {
params.put(key, value);
}
});
}
if (LoggerUtils.isDiagnosticLogsEnabled()) {
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, "Successfully received token revocation request.", "receive-revoke-request", null);
}
validateRepeatedParams(request, paramMap);
HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
String token = getToken(paramMap, httpRequest);
String callback = getCallback(paramMap, httpRequest);
if (isEmpty(token)) {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.FAILED, "'token' parameter is missing in the revoke request.", "validate-input-parameters", null);
}
return handleClientFailure(callback);
}
String tokenType = getTokenType(paramMap, httpRequest);
OAuthRevocationRequestDTO revokeRequest = buildOAuthRevocationRequest(httpRequest, paramMap, token, tokenType);
OAuthRevocationResponseDTO oauthRevokeResp = revokeTokens(revokeRequest);
if (oauthRevokeResp.getErrorMsg() != null) {
return handleErrorResponse(callback, oauthRevokeResp);
} else {
return handleRevokeResponse(callback, oauthRevokeResp);
}
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
use of org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2TokenEndpoint method issueAccessToken.
protected Response issueAccessToken(HttpServletRequest request, Map<String, List<String>> paramMap) throws OAuthSystemException, InvalidRequestParentException {
try {
startSuperTenantFlow();
validateRepeatedParams(request, paramMap);
HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest);
validateOAuthApplication(oauthRequest.getoAuthClientAuthnContext());
OAuth2AccessTokenRespDTO oauth2AccessTokenResp = issueAccessToken(oauthRequest, httpRequest);
if (oauth2AccessTokenResp.getErrorMsg() != null) {
return handleErrorResponse(oauth2AccessTokenResp);
} else {
return buildTokenResponse(oauth2AccessTokenResp);
}
} catch (TokenEndpointBadRequestException | OAuthSystemException | InvalidApplicationClientException e) {
triggerOnTokenExceptionListeners(e, request, paramMap);
throw e;
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
Aggregations