use of org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method isUserHasAnExistingConsentForApp.
/**
* Check if the user already has an existing consent for the application.
*
* @param userId User id.
* @param appId Application id.
* @param userTenantId Tenant id.
* @return True if user already has an existing consent.
* @throws IdentityOAuth2ScopeException
*/
public boolean isUserHasAnExistingConsentForApp(String userId, String appId, int userTenantId) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
boolean consentExists = false;
UserApplicationScopeConsentDO existingConsents = OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().getUserConsentForApplication(userId, appId, userTenantId);
if (CollectionUtils.isNotEmpty(existingConsents.getApprovedScopes()) || CollectionUtils.isNotEmpty(existingConsents.getDeniedScopes())) {
consentExists = true;
}
if (log.isDebugEnabled()) {
log.debug("Existing consent status : " + consentExists + " for user : " + userId + ", app : " + appId + " in tenant with id : " + userTenantId);
}
return consentExists;
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_CHECK_EXISTING_CONSENTS_FOR_USER;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method hasUserProvidedConsentForAllRequestedScopes.
/**
* Check if user has already consented for requested scopes.
*
* @param userId User Id.
* @param appId Application Id.
* @param userTenantId Tenant Id.
* @param consentRequiredScopes List of consent required approved scopes.
* @return true if user has already provided the consent.
* @throws IdentityOAuth2ScopeException
*/
public boolean hasUserProvidedConsentForAllRequestedScopes(String userId, String appId, int userTenantId, List<String> consentRequiredScopes) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
if (CollectionUtils.isNotEmpty(consentRequiredScopes)) {
UserApplicationScopeConsentDO existingConsent = OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().getUserConsentForApplication(userId, appId, userTenantId);
consentRequiredScopes.removeAll(existingConsent.getApprovedScopes());
consentRequiredScopes.removeAll(existingConsent.getDeniedScopes());
return consentRequiredScopes.isEmpty();
}
return true;
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_CHECK_ALREADY_USER_CONSENTED;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method addUserConsentForApplication.
/**
* Add an OAuth scope consent given for an application by an user.
*
* @param userId User Id.
* @param appId Application Id.
* @param userTenantId Tenant Id.
* @param approvedScopes List of approved scopes.
* @param deniedScopes List of denied scopes.
* @throws IdentityOAuth2ScopeException
*/
public void addUserConsentForApplication(String userId, String appId, int userTenantId, List<String> approvedScopes, List<String> deniedScopes) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
UserApplicationScopeConsentDO userApplicationScopeConsents = new UserApplicationScopeConsentDO(appId, approvedScopes, deniedScopes);
OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().addUserConsentForApplication(userId, userTenantId, userApplicationScopeConsents);
if (log.isDebugEnabled()) {
log.debug("Successfully added the user consent for OAuth scopes for user : " + userId + " and application name : " + appId + " in tenant with id : " + userTenantId);
}
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_ADD_USER_CONSENT_FOR_APP;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method getUserConsentForApp.
/**
* Get OAuth scope consent given for an application by the user.
*
* @param userId User Id.
* @param appId Application Id.
* @param userTenantId Tenant Id.
* @return {@link OAuth2ScopeConsentResponse}.
* @throws IdentityOAuth2ScopeException
*/
public OAuth2ScopeConsentResponse getUserConsentForApp(String userId, String appId, int userTenantId) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
UserApplicationScopeConsentDO userConsent = OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().getUserConsentForApplication(userId, appId, userTenantId);
OAuth2ScopeConsentResponse consentResponse = new OAuth2ScopeConsentResponse(userId, appId, userTenantId, userConsent.getApprovedScopes(), userConsent.getDeniedScopes());
if (log.isDebugEnabled()) {
log.debug("Successfully retrieved the user consent for userId : " + userId + " and appId: " + appId + " as approved scopes : " + userConsent.getApprovedScopes().stream().collect(Collectors.joining(" ")) + " and denied scopes : " + userConsent.getDeniedScopes().stream().collect(Collectors.joining(" ")));
}
return consentResponse;
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_RETRIEVE_USER_CONSENTS_FOR_APP;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
use of org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthUserConsentedScopesDAOImpl method deleteUserConsents.
@Override
public void deleteUserConsents(String userId, int tenantId) throws IdentityOAuth2ScopeConsentException {
if (log.isDebugEnabled()) {
log.debug("Revoking all scope consents for user with userId : " + userId + " in tenantId : " + tenantId);
}
try (Connection conn = IdentityDatabaseUtil.getDBConnection(false)) {
try (PreparedStatement ps = conn.prepareStatement(SQLQueries.REMOVE_OAUTH2_USER_CONSENTS)) {
ps.setString(1, userId);
ps.setInt(2, tenantId);
ps.execute();
}
} catch (SQLException e) {
String msg = "Error occurred while deleting user scope consents for userId : " + userId + " and " + "tenantId : " + tenantId;
throw new IdentityOAuth2ScopeConsentException(msg, e);
}
}
Aggregations