use of org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception in project carbon-apimgt by wso2.
the class SessionDataPublisherImpl method getAppsAuthorizedByUser.
/**
* Method to retrieve applications authorized for user
* @param authenticatedUser authenticated user info
* @return array of authorized applications
* @throws IdentityOAuthAdminException exception
*/
private OAuthConsumerAppDTO[] getAppsAuthorizedByUser(AuthenticatedUser authenticatedUser) throws IdentityOAuthAdminException {
OAuthAppDAO appDAO = new OAuthAppDAO();
String tenantAwareusername = authenticatedUser.getUserName();
String tenantDomain = authenticatedUser.getTenantDomain();
String username = UserCoreUtil.addTenantDomainToEntry(tenantAwareusername, tenantDomain);
String userStoreDomain = authenticatedUser.getUserStoreDomain();
Set<String> clientIds;
SystemApplicationDTO[] systemApplicationDTOS;
SystemApplicationDAO systemApplicationDAO = new SystemApplicationDAO();
Set<String> systemAppClientIds = new HashSet<>();
try {
systemApplicationDTOS = systemApplicationDAO.getApplications(tenantDomain);
if (systemApplicationDTOS.length < 0) {
if (log.isDebugEnabled()) {
log.debug("The tenant: " + tenantDomain + " doesn't have any system apps");
}
} else {
for (SystemApplicationDTO applicationDTO : systemApplicationDTOS) {
try {
if (ApplicationMgtUtil.isUserAuthorized(applicationDTO.getName(), tenantAwareusername)) {
systemAppClientIds.add(applicationDTO.getConsumerKey());
}
} catch (IdentityApplicationManagementException e) {
log.error("Error occurred while checking the authorization of the application " + applicationDTO.getName(), e);
}
}
}
} catch (APIMgtDAOException e) {
log.error("Error thrown while retrieving system applications for the tenant domain " + tenantDomain, e);
}
clientIds = systemAppClientIds;
Set<OAuthConsumerAppDTO> appDTOs = new HashSet<>();
for (String clientId : clientIds) {
Set<AccessTokenDO> accessTokenDOs;
try {
accessTokenDOs = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getAccessTokens(clientId, authenticatedUser, userStoreDomain, true);
} catch (IdentityOAuth2Exception e) {
throw handleError("Error occurred while retrieving access tokens issued for " + "Client ID : " + clientId + ", User ID : " + username, e);
}
if (!accessTokenDOs.isEmpty()) {
Set<String> distinctClientUserScopeCombo = new HashSet<>();
for (AccessTokenDO accessTokenDO : accessTokenDOs) {
AccessTokenDO scopedToken;
String scopeString = OAuth2Util.buildScopeString(accessTokenDO.getScope());
try {
scopedToken = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getLatestAccessToken(clientId, authenticatedUser, userStoreDomain, scopeString, true);
if (scopedToken != null && !distinctClientUserScopeCombo.contains(clientId + ":" + username)) {
OAuthAppDO appDO;
try {
appDO = appDAO.getAppInformation(scopedToken.getConsumerKey());
appDTOs.add(buildConsumerAppDTO(appDO));
if (log.isDebugEnabled()) {
log.debug("Found App: " + appDO.getApplicationName() + " for user: " + username);
}
} catch (InvalidOAuthClientException e) {
String errorMsg = "Invalid Client ID : " + scopedToken.getConsumerKey();
log.error(errorMsg, e);
throw new IdentityOAuthAdminException(errorMsg);
} catch (IdentityOAuth2Exception e) {
String errorMsg = "Error occurred while retrieving app information " + "for Client ID : " + scopedToken.getConsumerKey();
log.error(errorMsg, e);
throw new IdentityOAuthAdminException(errorMsg);
}
distinctClientUserScopeCombo.add(clientId + ":" + username);
}
} catch (IdentityOAuth2Exception e) {
String errorMsg = "Error occurred while retrieving latest access token issued for Client ID :" + " " + clientId + ", User ID : " + username + " and Scope : " + scopeString;
throw handleError(errorMsg, e);
}
}
}
}
return appDTOs.toArray(new OAuthConsumerAppDTO[0]);
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception in project carbon-apimgt by wso2.
the class SessionDataPublisherImpl method buildAuthenticatedUser.
/**
* Method to build a AuthenticatedUser type object
* @param authenticatedUser required param
* @return AuthenticatedUser type object
* @throws IdentityOAuth2Exception exception
*/
private AuthenticatedUser buildAuthenticatedUser(AuthenticatedUser authenticatedUser) throws IdentityOAuth2Exception {
AuthenticatedUser user = new AuthenticatedUser();
String tenantAwareusername = authenticatedUser.getUserName();
String tenantDomain = authenticatedUser.getTenantDomain();
user.setUserName(UserCoreUtil.removeDomainFromName(tenantAwareusername));
user.setTenantDomain(tenantDomain);
user.setUserStoreDomain(IdentityUtil.extractDomainFromName(tenantAwareusername));
user.setFederatedUser(true);
user.setUserStoreDomain(OAuth2Util.getUserStoreForFederatedUser(authenticatedUser));
user.setFederatedIdPName(authenticatedUser.getFederatedIdPName());
return user;
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception in project carbon-apimgt by wso2.
the class SystemScopesIssuer method getResidentIDPForIssuer.
private IdentityProvider getResidentIDPForIssuer(String tenantDomain, String jwtIssuer) throws IdentityOAuth2Exception {
String issuer = "";
IdentityProvider residentIdentityProvider;
try {
residentIdentityProvider = IdentityProviderManager.getInstance().getResidentIdP(tenantDomain);
} catch (IdentityProviderManagementException var7) {
String errorMsg = String.format("Error while getting Resident Identity Provider of '%s' tenant.", tenantDomain);
throw new IdentityOAuth2Exception(errorMsg, var7);
}
FederatedAuthenticatorConfig[] fedAuthnConfigs = residentIdentityProvider.getFederatedAuthenticatorConfigs();
FederatedAuthenticatorConfig oauthAuthenticatorConfig = IdentityApplicationManagementUtil.getFederatedAuthenticator(fedAuthnConfigs, "openidconnect");
if (oauthAuthenticatorConfig != null) {
issuer = IdentityApplicationManagementUtil.getProperty(oauthAuthenticatorConfig.getProperties(), "IdPEntityId").getValue();
}
return jwtIssuer.equals(issuer) ? residentIdentityProvider : null;
}
Aggregations