Search in sources :

Example 6 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpoint method buildAccessTokenReqDTO.

private OAuth2AccessTokenReqDTO buildAccessTokenReqDTO(CarbonOAuthTokenRequest oauthRequest, HttpServletRequestWrapper httpServletRequestWrapper) {
    OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
    OAuthClientAuthnContext oauthClientAuthnContext = oauthRequest.getoAuthClientAuthnContext();
    tokenReqDTO.setoAuthClientAuthnContext(oauthClientAuthnContext);
    String grantType = oauthRequest.getGrantType();
    tokenReqDTO.setGrantType(grantType);
    tokenReqDTO.setClientId(oauthClientAuthnContext.getClientId());
    tokenReqDTO.setClientSecret(oauthRequest.getClientSecret());
    tokenReqDTO.setCallbackURI(oauthRequest.getRedirectURI());
    tokenReqDTO.setScope(oauthRequest.getScopes().toArray(new String[0]));
    tokenReqDTO.setTenantDomain(oauthRequest.getTenantDomain());
    tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
    // Set all request parameters to the OAuth2AccessTokenReqDTO
    tokenReqDTO.setRequestParameters(oauthRequest.getRequestParameters());
    // Set all request headers to the OAuth2AccessTokenReqDTO
    tokenReqDTO.setHttpRequestHeaders(oauthRequest.getHttpRequestHeaders());
    // Set the request wrapper so we can get remote information later.
    tokenReqDTO.setHttpServletRequestWrapper(httpServletRequestWrapper);
    // Check the grant type and set the corresponding parameters
    if (GrantType.AUTHORIZATION_CODE.toString().equals(grantType)) {
        tokenReqDTO.setAuthorizationCode(oauthRequest.getCode());
        tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
    } else if (GrantType.PASSWORD.toString().equals(grantType)) {
        tokenReqDTO.setResourceOwnerUsername(oauthRequest.getUsername());
        tokenReqDTO.setResourceOwnerPassword(oauthRequest.getPassword());
    } else if (GrantType.REFRESH_TOKEN.toString().equals(grantType)) {
        tokenReqDTO.setRefreshToken(oauthRequest.getRefreshToken());
    } else if (org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString().equals(grantType)) {
        tokenReqDTO.setAssertion(oauthRequest.getAssertion());
    } else if (org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString().equals(grantType)) {
        tokenReqDTO.setWindowsToken(oauthRequest.getWindowsToken());
    }
    tokenReqDTO.addAuthenticationMethodReference(grantType);
    return tokenReqDTO;
}
Also used : OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)

Example 7 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class DeviceEndpoint method authorize.

@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response authorize(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap, @Context HttpServletResponse response) throws IdentityOAuth2Exception, OAuthSystemException {
    OAuthClientAuthnContext oAuthClientAuthnContext = getValidationObject(request);
    if (!oAuthClientAuthnContext.isAuthenticated()) {
        return handleErrorResponse(oAuthClientAuthnContext);
    }
    try {
        validateRepeatedParams(request, paramMap);
        String deviceCode = UUID.randomUUID().toString();
        String scopes = request.getParameter(Constants.SCOPE);
        String userCode = getUniqueUserCode(deviceCode, oAuthClientAuthnContext.getClientId(), scopes);
        String redirectionUri = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).build().getAbsolutePublicURL();
        String redirectionUriComplete = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).addParameter("user_code", userCode).build().getAbsolutePublicURL();
        return buildResponseObject(deviceCode, userCode, redirectionUri, redirectionUriComplete);
    } catch (IdentityOAuth2Exception e) {
        return handleIdentityOAuth2Exception(e);
    } catch (TokenEndpointBadRequestException e) {
        return handleTokenEndpointBadRequestException(e);
    } catch (URLBuilderException e) {
        return handleURLBuilderException(e);
    }
}
Also used : URLBuilderException(org.wso2.carbon.identity.core.URLBuilderException) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 8 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class DeviceEndpoint method getValidationObject.

private OAuthClientAuthnContext getValidationObject(HttpServletRequest request) throws OAuthSystemException {
    OAuthClientAuthnContext oAuthClientAuthnContext;
    Object oauthClientAuthnContextObj = request.getAttribute(OAuthConstants.CLIENT_AUTHN_CONTEXT);
    if (oauthClientAuthnContextObj instanceof OAuthClientAuthnContext) {
        oAuthClientAuthnContext = (OAuthClientAuthnContext) oauthClientAuthnContextObj;
    } else {
        oAuthClientAuthnContext = new OAuthClientAuthnContext();
        oAuthClientAuthnContext.setAuthenticated(false);
        oAuthClientAuthnContext.setErrorMessage("Client Authentication Failed");
        oAuthClientAuthnContext.setErrorCode(OAuthError.TokenResponse.INVALID_REQUEST);
    }
    return oAuthClientAuthnContext;
}
Also used : JSONObject(org.json.JSONObject) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)

Example 9 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceTest method getOAuthRevocationRequestDTO.

private OAuthRevocationRequestDTO getOAuthRevocationRequestDTO() {
    OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
    revokeRequestDTO.setConsumerKey("testConsumerKey");
    revokeRequestDTO.setToken("testToken");
    revokeRequestDTO.setTokenType(GrantType.CLIENT_CREDENTIALS.toString());
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setAuthenticated(true);
    oAuthClientAuthnContext.setErrorCode("dummyErrorCode");
    revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
    return revokeRequestDTO;
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)

Example 10 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceTest method testRevokeTokenByOAuthClientWithRefreshToken.

@Test(dataProvider = "RefreshTokenWithDifferentFlows")
public void testRevokeTokenByOAuthClientWithRefreshToken(String grantType, String tokenState) throws Exception {
    setUpRevokeToken();
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
    RefreshTokenValidationDataDO refreshTokenValidationDataDO = new RefreshTokenValidationDataDO();
    refreshTokenValidationDataDO.setGrantType(GrantType.REFRESH_TOKEN.toString());
    refreshTokenValidationDataDO.setAccessToken("testAccessToken");
    refreshTokenValidationDataDO.setAuthorizedUser(authenticatedUser);
    refreshTokenValidationDataDO.setScope(new String[] { "test" });
    refreshTokenValidationDataDO.setRefreshTokenState(tokenState);
    refreshTokenValidationDataDO.setTokenBindingReference("dummyReference");
    OAuthTokenPersistenceFactory oAuthTokenPersistenceFactory = OAuthTokenPersistenceFactory.getInstance();
    TokenManagementDAOImpl mockTokenManagementDAOImpl = mock(TokenManagementDAOImpl.class);
    Whitebox.setInternalState(oAuthTokenPersistenceFactory, "managementDAO", mockTokenManagementDAOImpl);
    AccessTokenDAOImpl mockAccessTokenDAOImpl = mock(AccessTokenDAOImpl.class);
    Whitebox.setInternalState(oAuthTokenPersistenceFactory, "tokenDAO", mockAccessTokenDAOImpl);
    when(mockTokenManagementDAOImpl.validateRefreshToken(anyObject(), anyObject())).thenReturn(refreshTokenValidationDataDO);
    OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
    revokeRequestDTO.setConsumerKey("testConsumerKey");
    revokeRequestDTO.setToken("testToken");
    revokeRequestDTO.setTokenType(grantType);
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setAuthenticated(true);
    oAuthClientAuthnContext.setErrorCode("dummyErrorCode");
    revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
    assertFalse(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).isError());
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO) OAuthTokenPersistenceFactory(org.wso2.carbon.identity.oauth2.dao.OAuthTokenPersistenceFactory) TokenManagementDAOImpl(org.wso2.carbon.identity.oauth2.dao.TokenManagementDAOImpl) RefreshTokenValidationDataDO(org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO) AccessTokenDAOImpl(org.wso2.carbon.identity.oauth2.dao.AccessTokenDAOImpl) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Aggregations

OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)39 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)24 Test (org.testng.annotations.Test)24 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)21 OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)12 OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)10 Matchers.anyString (org.mockito.Matchers.anyString)9 HashMap (java.util.HashMap)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 OAuthRevocationRequestDTO (org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO)7 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)6 AuthorizationGrantHandler (org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)6 Map (java.util.Map)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)3 Response (javax.ws.rs.core.Response)3 BeforeTest (org.testng.annotations.BeforeTest)3 Consumes (javax.ws.rs.Consumes)2 POST (javax.ws.rs.POST)2 Path (javax.ws.rs.Path)2