use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2TokenEndpoint method buildAccessTokenReqDTO.
private OAuth2AccessTokenReqDTO buildAccessTokenReqDTO(CarbonOAuthTokenRequest oauthRequest, HttpServletRequestWrapper httpServletRequestWrapper) {
OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
OAuthClientAuthnContext oauthClientAuthnContext = oauthRequest.getoAuthClientAuthnContext();
tokenReqDTO.setoAuthClientAuthnContext(oauthClientAuthnContext);
String grantType = oauthRequest.getGrantType();
tokenReqDTO.setGrantType(grantType);
tokenReqDTO.setClientId(oauthClientAuthnContext.getClientId());
tokenReqDTO.setClientSecret(oauthRequest.getClientSecret());
tokenReqDTO.setCallbackURI(oauthRequest.getRedirectURI());
tokenReqDTO.setScope(oauthRequest.getScopes().toArray(new String[0]));
tokenReqDTO.setTenantDomain(oauthRequest.getTenantDomain());
tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
// Set all request parameters to the OAuth2AccessTokenReqDTO
tokenReqDTO.setRequestParameters(oauthRequest.getRequestParameters());
// Set all request headers to the OAuth2AccessTokenReqDTO
tokenReqDTO.setHttpRequestHeaders(oauthRequest.getHttpRequestHeaders());
// Set the request wrapper so we can get remote information later.
tokenReqDTO.setHttpServletRequestWrapper(httpServletRequestWrapper);
// Check the grant type and set the corresponding parameters
if (GrantType.AUTHORIZATION_CODE.toString().equals(grantType)) {
tokenReqDTO.setAuthorizationCode(oauthRequest.getCode());
tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
} else if (GrantType.PASSWORD.toString().equals(grantType)) {
tokenReqDTO.setResourceOwnerUsername(oauthRequest.getUsername());
tokenReqDTO.setResourceOwnerPassword(oauthRequest.getPassword());
} else if (GrantType.REFRESH_TOKEN.toString().equals(grantType)) {
tokenReqDTO.setRefreshToken(oauthRequest.getRefreshToken());
} else if (org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString().equals(grantType)) {
tokenReqDTO.setAssertion(oauthRequest.getAssertion());
} else if (org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString().equals(grantType)) {
tokenReqDTO.setWindowsToken(oauthRequest.getWindowsToken());
}
tokenReqDTO.addAuthenticationMethodReference(grantType);
return tokenReqDTO;
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class DeviceEndpoint method authorize.
@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response authorize(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap, @Context HttpServletResponse response) throws IdentityOAuth2Exception, OAuthSystemException {
OAuthClientAuthnContext oAuthClientAuthnContext = getValidationObject(request);
if (!oAuthClientAuthnContext.isAuthenticated()) {
return handleErrorResponse(oAuthClientAuthnContext);
}
try {
validateRepeatedParams(request, paramMap);
String deviceCode = UUID.randomUUID().toString();
String scopes = request.getParameter(Constants.SCOPE);
String userCode = getUniqueUserCode(deviceCode, oAuthClientAuthnContext.getClientId(), scopes);
String redirectionUri = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).build().getAbsolutePublicURL();
String redirectionUriComplete = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).addParameter("user_code", userCode).build().getAbsolutePublicURL();
return buildResponseObject(deviceCode, userCode, redirectionUri, redirectionUriComplete);
} catch (IdentityOAuth2Exception e) {
return handleIdentityOAuth2Exception(e);
} catch (TokenEndpointBadRequestException e) {
return handleTokenEndpointBadRequestException(e);
} catch (URLBuilderException e) {
return handleURLBuilderException(e);
}
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class DeviceEndpoint method getValidationObject.
private OAuthClientAuthnContext getValidationObject(HttpServletRequest request) throws OAuthSystemException {
OAuthClientAuthnContext oAuthClientAuthnContext;
Object oauthClientAuthnContextObj = request.getAttribute(OAuthConstants.CLIENT_AUTHN_CONTEXT);
if (oauthClientAuthnContextObj instanceof OAuthClientAuthnContext) {
oAuthClientAuthnContext = (OAuthClientAuthnContext) oauthClientAuthnContextObj;
} else {
oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setAuthenticated(false);
oAuthClientAuthnContext.setErrorMessage("Client Authentication Failed");
oAuthClientAuthnContext.setErrorCode(OAuthError.TokenResponse.INVALID_REQUEST);
}
return oAuthClientAuthnContext;
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ServiceTest method getOAuthRevocationRequestDTO.
private OAuthRevocationRequestDTO getOAuthRevocationRequestDTO() {
OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
revokeRequestDTO.setConsumerKey("testConsumerKey");
revokeRequestDTO.setToken("testToken");
revokeRequestDTO.setTokenType(GrantType.CLIENT_CREDENTIALS.toString());
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setAuthenticated(true);
oAuthClientAuthnContext.setErrorCode("dummyErrorCode");
revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
return revokeRequestDTO;
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ServiceTest method testRevokeTokenByOAuthClientWithRefreshToken.
@Test(dataProvider = "RefreshTokenWithDifferentFlows")
public void testRevokeTokenByOAuthClientWithRefreshToken(String grantType, String tokenState) throws Exception {
setUpRevokeToken();
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
RefreshTokenValidationDataDO refreshTokenValidationDataDO = new RefreshTokenValidationDataDO();
refreshTokenValidationDataDO.setGrantType(GrantType.REFRESH_TOKEN.toString());
refreshTokenValidationDataDO.setAccessToken("testAccessToken");
refreshTokenValidationDataDO.setAuthorizedUser(authenticatedUser);
refreshTokenValidationDataDO.setScope(new String[] { "test" });
refreshTokenValidationDataDO.setRefreshTokenState(tokenState);
refreshTokenValidationDataDO.setTokenBindingReference("dummyReference");
OAuthTokenPersistenceFactory oAuthTokenPersistenceFactory = OAuthTokenPersistenceFactory.getInstance();
TokenManagementDAOImpl mockTokenManagementDAOImpl = mock(TokenManagementDAOImpl.class);
Whitebox.setInternalState(oAuthTokenPersistenceFactory, "managementDAO", mockTokenManagementDAOImpl);
AccessTokenDAOImpl mockAccessTokenDAOImpl = mock(AccessTokenDAOImpl.class);
Whitebox.setInternalState(oAuthTokenPersistenceFactory, "tokenDAO", mockAccessTokenDAOImpl);
when(mockTokenManagementDAOImpl.validateRefreshToken(anyObject(), anyObject())).thenReturn(refreshTokenValidationDataDO);
OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
revokeRequestDTO.setConsumerKey("testConsumerKey");
revokeRequestDTO.setToken("testToken");
revokeRequestDTO.setTokenType(grantType);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setAuthenticated(true);
oAuthClientAuthnContext.setErrorCode("dummyErrorCode");
revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
assertFalse(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).isError());
}
Aggregations