Search in sources :

Example 11 with OAuthRevocationResponseDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO in project identity-api-user by wso2.

the class AuthorizedAppsService method deleteUserAuthorizedApps.

public void deleteUserAuthorizedApps(User user, String applicationId) {
    OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
    oAuthRevocationRequestDTO.setApps(new String[] { applicationId });
    try {
        startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
        OAuthConsumerAppDTO[] appsAuthorizedByUser = oAuthAdminService.getAppsAuthorizedByUser();
        Optional<OAuthConsumerAppDTO> first = Arrays.stream(appsAuthorizedByUser).filter(oAuthConsumerAppDTO -> oAuthConsumerAppDTO.getApplicationName().equals(applicationId)).findFirst();
        if (!first.isPresent()) {
            throw handleError(NOT_FOUND, Constants.ErrorMessages.ERROR_CODE_INVALID_APPLICATION_ID, applicationId, user.toFullQualifiedUsername());
        }
        OAuthRevocationResponseDTO oAuthRevocationResponseDTO = oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO);
        if (!oAuthRevocationResponseDTO.isError()) {
            // TODO: Handle
            log.warn("Given application: " + applicationId + " has been deleted by a PreRevokeListener.");
        }
    } catch (IdentityOAuthAdminException e) {
        throw handleError(Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_ID_BY_USER, applicationId, user.toFullQualifiedUsername());
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) User(org.wso2.carbon.identity.application.common.model.User) Arrays(java.util.Arrays) NOT_FOUND(javax.ws.rs.core.Response.Status.NOT_FOUND) AuthorizedAppDTO(org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.dto.AuthorizedAppDTO) OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) ErrorResponse(org.wso2.carbon.identity.api.user.common.error.ErrorResponse) UserCoreConstants(org.wso2.carbon.user.core.UserCoreConstants) Collectors(java.util.stream.Collectors) RealmService(org.wso2.carbon.user.core.service.RealmService) List(java.util.List) OAuthConsumerAppToExternal(org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.core.functions.OAuthConsumerAppToExternal) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthConsumerAppDTO(org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO) Optional(java.util.Optional) Log(org.apache.commons.logging.Log) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) LogFactory(org.apache.commons.logging.LogFactory) OAuthAdminServiceImpl(org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl) Status(javax.ws.rs.core.Response.Status) APIError(org.wso2.carbon.identity.api.user.common.error.APIError) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthConsumerAppDTO(org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO)

Example 12 with OAuthRevocationResponseDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO in project identity-api-user by wso2.

the class AuthorizedAppsService method deleteUserAuthorizedApps.

public void deleteUserAuthorizedApps(User user) {
    OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
    try {
        startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
        List<AuthorizedAppDTO> authorizedAppDTOS = listUserAuthorizedApps(user);
        List<String> allAuthorizedApps = authorizedAppDTOS.stream().map(AuthorizedAppDTO::getAppId).collect(Collectors.toList());
        oAuthRevocationRequestDTO.setApps(allAuthorizedApps.toArray(new String[0]));
        OAuthRevocationResponseDTO oAuthRevocationResponseDTO = oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO);
        if (!oAuthRevocationResponseDTO.isError()) {
            // TODO: Handle
            log.warn("No applications can be found for the user: " + user.getUserName());
        }
    } catch (IdentityOAuthAdminException e) {
        throw handleError(Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_USER, user.toFullQualifiedUsername());
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) AuthorizedAppDTO(org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.dto.AuthorizedAppDTO)

Example 13 with OAuthRevocationResponseDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO in project identity-api-user by wso2.

the class AuthorizedAppsService method deleteUserAuthorizedApps.

/**
 * Delete all the authorized application for the user.
 *
 * @param user User.
 */
public void deleteUserAuthorizedApps(User user) {
    OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
    try {
        startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
        List<AuthorizedAppDTO> authorizedAppDTOS = listUserAuthorizedApps(user);
        List<String> allAuthorizedApps = authorizedAppDTOS.stream().map(AuthorizedAppDTO::getName).collect(Collectors.toList());
        oAuthRevocationRequestDTO.setApps(allAuthorizedApps.toArray(new String[0]));
        OAuthRevocationResponseDTO oAuthRevocationResponseDTO = oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO);
        String userId = getUserIdFromUser(user);
        oAuth2ScopeService.revokeUserConsents(userId, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
        if (!oAuthRevocationResponseDTO.isError()) {
            // TODO: Handle
            log.warn("No applications can be found for the user: " + user.getUserName());
        }
    } catch (IdentityOAuthAdminException | IdentityOAuth2ScopeException e) {
        throw handleError(INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_USER, user.toFullQualifiedUsername());
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) IdentityOAuth2ScopeException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeException) AuthorizedAppDTO(org.wso2.carbon.identity.rest.api.user.authorized.apps.v2.dto.AuthorizedAppDTO)

Example 14 with OAuthRevocationResponseDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO in project identity-api-user by wso2.

the class AuthorizedAppsService method deleteUserAuthorizedApps.

/**
 * Delete the authorized application for the user by the given application id.
 *
 * @param user          User.
 * @param applicationId Application Id.
 */
public void deleteUserAuthorizedApps(User user, String applicationId) {
    String applicationName = getApplicationName(user, applicationId);
    OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
    oAuthRevocationRequestDTO.setApps(new String[] { applicationName });
    try {
        startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
        OAuthConsumerAppDTO[] appsAuthorizedByUser = oAuthAdminService.getAppsAuthorizedByUser();
        Optional<OAuthConsumerAppDTO> first = Arrays.stream(appsAuthorizedByUser).filter(oAuthConsumerAppDTO -> oAuthConsumerAppDTO.getApplicationName().equals(applicationName)).findFirst();
        String userId = getUserIdFromUser(user);
        oAuth2ScopeService.revokeUserConsentForApplication(userId, applicationId, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
        if (!first.isPresent()) {
            throw handleError(NOT_FOUND, Constants.ErrorMessages.ERROR_CODE_INVALID_APPLICATION_ID, applicationId, user.toFullQualifiedUsername());
        }
        OAuthRevocationResponseDTO oAuthRevocationResponseDTO = oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO);
        if (!oAuthRevocationResponseDTO.isError()) {
            // TODO: Handle
            log.warn("Given application: " + applicationId + " has been deleted by a PreRevokeListener.");
        }
    } catch (IdentityOAuthAdminException | IdentityOAuth2ScopeException e) {
        throw handleError(INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_ID_BY_USER, applicationId, user.toFullQualifiedUsername());
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) OAuth2ScopeService(org.wso2.carbon.identity.oauth2.OAuth2ScopeService) Arrays(java.util.Arrays) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) UserToUniqueId(org.wso2.carbon.identity.api.user.common.function.UserToUniqueId) IdentityOAuth2ScopeException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeException) OAuth2ScopeConsentResponse(org.wso2.carbon.identity.oauth2.model.OAuth2ScopeConsentResponse) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) InboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig) RealmService(org.wso2.carbon.user.core.service.RealmService) ArrayList(java.util.ArrayList) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthConsumerAppDTO(org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO) OAuthAdminServiceImpl(org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl) ContextLoader(org.wso2.carbon.identity.api.user.common.ContextLoader) OAuthAppRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO) IdentityTenantUtil(org.wso2.carbon.identity.core.util.IdentityTenantUtil) IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException) User(org.wso2.carbon.identity.application.common.model.User) OAuthConstants(org.wso2.carbon.identity.oauth.common.OAuthConstants) INTERNAL_SERVER_ERROR(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR) NOT_FOUND(javax.ws.rs.core.Response.Status.NOT_FOUND) OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO) ErrorResponse(org.wso2.carbon.identity.api.user.common.error.ErrorResponse) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) UserCoreConstants(org.wso2.carbon.user.core.UserCoreConstants) Collectors(java.util.stream.Collectors) AuthorizedAppDTO(org.wso2.carbon.identity.rest.api.user.authorized.apps.v2.dto.AuthorizedAppDTO) List(java.util.List) Response(javax.ws.rs.core.Response) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig) OAuth2ServiceComponentHolder(org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder) Optional(java.util.Optional) Log(org.apache.commons.logging.Log) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) LogFactory(org.apache.commons.logging.LogFactory) Collections(java.util.Collections) APIError(org.wso2.carbon.identity.api.user.common.error.APIError) ArrayUtils(org.apache.commons.lang.ArrayUtils) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) OAuthConsumerAppDTO(org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO) IdentityOAuth2ScopeException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeException)

Example 15 with OAuthRevocationResponseDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceTest method testIdentityExceptionForRevokeTokenByOAuthClient.

@Test
public void testIdentityExceptionForRevokeTokenByOAuthClient() throws Exception {
    setUpRevokeToken();
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
    AccessTokenDO accessTokenDO = getAccessToken();
    TokenBinding tokenBinding = new TokenBinding();
    tokenBinding.setBindingReference("dummyReference");
    accessTokenDO.setTokenBinding(tokenBinding);
    when(OAuth2Util.findAccessToken(anyString(), anyBoolean())).thenThrow(IdentityException.class);
    OAuthRevocationRequestDTO revokeRequestDTO = getOAuthRevocationRequestDTO();
    OAuthRevocationResponseDTO oAuthRevocationResponseDTO = oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO);
    assertEquals(oAuthRevocationResponseDTO.getErrorMsg(), "Error occurred while revoking authorization grant for applications");
}
Also used : AccessTokenDO(org.wso2.carbon.identity.oauth2.model.AccessTokenDO) TokenBinding(org.wso2.carbon.identity.oauth2.token.bindings.TokenBinding) OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO) OAuthRevocationResponseDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Aggregations

OAuthRevocationResponseDTO (org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO)9 AccessTokenDO (org.wso2.carbon.identity.oauth2.model.AccessTokenDO)7 OAuthRevocationResponseDTO (org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO)6 HashMap (java.util.HashMap)5 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)5 Test (org.testng.annotations.Test)5 OAuthRevocationRequestDTO (org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO)5 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)5 IdentityOAuthAdminException (org.wso2.carbon.identity.oauth.IdentityOAuthAdminException)4 OAuthRevocationRequestDTO (org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO)4 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)4 OAuth2Util.buildScopeString (org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString)4 OAuthAppRevocationRequestDTO (org.wso2.carbon.identity.oauth.dto.OAuthAppRevocationRequestDTO)3 OAuthConsumerAppDTO (org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO)3 OAuthEventInterceptor (org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor)3 Arrays (java.util.Arrays)2 List (java.util.List)2 Optional (java.util.Optional)2 Collectors (java.util.stream.Collectors)2 Response (javax.ws.rs.core.Response)2