use of org.wso2.carbon.identity.oauth2.model.AuthzCodeDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthApplicationMgtListener method removeEntriesFromCache.
private void removeEntriesFromCache(Set<String> consumerKeys) throws IdentityOAuth2Exception {
if (isNotEmpty(consumerKeys)) {
Set<AccessTokenDO> accessTokenDOSet = new HashSet<>();
Set<AuthzCodeDO> authzCodeDOSet = new HashSet<>();
AppInfoCache appInfoCache = AppInfoCache.getInstance();
for (String oauthKey : consumerKeys) {
accessTokenDOSet.addAll(OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getActiveTokenSetWithTokenIdByConsumerKeyForOpenidScope(oauthKey));
authzCodeDOSet.addAll(OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().getAuthorizationCodeDOSetByConsumerKeyForOpenidScope(oauthKey));
// Remove client credential from AppInfoCache
appInfoCache.clearCacheEntry(oauthKey);
OAuthCache.getInstance().clearCacheEntry(new OAuthCacheKey(oauthKey));
}
if (isNotEmpty(accessTokenDOSet)) {
clearCacheEntriesAgainstToken(accessTokenDOSet);
}
if (isNotEmpty(authzCodeDOSet)) {
clearCacheEntriesAgainstAuthzCode(authzCodeDOSet);
}
}
}
use of org.wso2.carbon.identity.oauth2.model.AuthzCodeDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthApplicationMgtListener method clearCacheEntriesAgainstAuthzCode.
private void clearCacheEntriesAgainstAuthzCode(Set<AuthzCodeDO> authzCodeDOSet) {
for (AuthzCodeDO authzCodeDO : authzCodeDOSet) {
// Remove authorization code from AuthorizationGrantCache
AuthorizationGrantCacheKey grantCacheKey = new AuthorizationGrantCacheKey(authzCodeDO.getAuthorizationCode());
AuthorizationGrantCache.getInstance().clearCacheEntryByCodeId(grantCacheKey, authzCodeDO.getAuthzCodeId());
// Remove authorization code from OAuthCache
OAuthCacheKey oauthCacheKey = new OAuthCacheKey(authzCodeDO.getAuthorizationCode());
CacheEntry oauthCacheEntry = OAuthCache.getInstance().getValueFromCache(oauthCacheKey);
if (oauthCacheEntry != null) {
OAuthCache.getInstance().clearCacheEntry(oauthCacheKey);
}
}
}
use of org.wso2.carbon.identity.oauth2.model.AuthzCodeDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthTenantMgtListenerImpl method clearTokenData.
private void clearTokenData(int tenantId) throws StratosException {
try {
Set<AccessTokenDO> accessTokenDOs = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getAccessTokensByTenant(tenantId);
Map<String, AccessTokenDO> latestAccessTokens = new HashMap<>();
for (AccessTokenDO accessTokenDO : accessTokenDOs) {
String keyString = accessTokenDO.getConsumerKey() + ":" + accessTokenDO.getAuthzUser() + ":" + OAuth2Util.buildScopeString(accessTokenDO.getScope()) + ":" + accessTokenDO.getAuthzUser().getFederatedIdPName();
AccessTokenDO accessTokenDOFromMap = latestAccessTokens.get(keyString);
if (accessTokenDOFromMap != null) {
if (accessTokenDOFromMap.getIssuedTime().before(accessTokenDO.getIssuedTime())) {
latestAccessTokens.put(keyString, accessTokenDO);
}
} else {
latestAccessTokens.put(keyString, accessTokenDO);
}
// Clear cache
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser(), OAuth2Util.buildScopeString(accessTokenDO.getScope()));
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser());
OAuthUtil.clearOAuthCache(accessTokenDO);
}
ArrayList<String> tokensToRevoke = new ArrayList<>();
for (Map.Entry entry : latestAccessTokens.entrySet()) {
tokensToRevoke.add(((AccessTokenDO) entry.getValue()).getAccessToken());
}
OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().revokeAccessTokens(tokensToRevoke.toArray(new String[tokensToRevoke.size()]), OAuth2Util.isHashEnabled());
List<AuthzCodeDO> latestAuthzCodes = OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().getLatestAuthorizationCodesByTenant(tenantId);
for (AuthzCodeDO authzCodeDO : latestAuthzCodes) {
// remove the authorization code from the cache
OAuthUtil.clearOAuthCache(authzCodeDO.getConsumerKey() + ":" + authzCodeDO.getAuthorizationCode());
}
OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().deactivateAuthorizationCodes(latestAuthzCodes);
} catch (IdentityOAuth2Exception e) {
throw new StratosException("Error occurred while revoking the access tokens in tenant " + tenantId, e);
}
}
use of org.wso2.carbon.identity.oauth2.model.AuthzCodeDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthUserStoreConfigListenerImpl method revokeTokens.
private void revokeTokens(int tenantId, String userStoreName) throws UserStoreException {
try {
Set<AccessTokenDO> accessTokenDOs = OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getAccessTokensOfUserStore(tenantId, userStoreName);
Map<String, AccessTokenDO> latestAccessTokens = new HashMap<>();
for (AccessTokenDO accessTokenDO : accessTokenDOs) {
String keyString = accessTokenDO.getConsumerKey() + ":" + accessTokenDO.getAuthzUser() + ":" + OAuth2Util.buildScopeString(accessTokenDO.getScope()) + ":" + accessTokenDO.getAuthzUser().getFederatedIdPName();
AccessTokenDO accessTokenDOFromMap = latestAccessTokens.get(keyString);
if (accessTokenDOFromMap != null) {
if (accessTokenDOFromMap.getIssuedTime().before(accessTokenDO.getIssuedTime())) {
latestAccessTokens.put(keyString, accessTokenDO);
}
} else {
latestAccessTokens.put(keyString, accessTokenDO);
}
// Clear cache
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser(), OAuth2Util.buildScopeString(accessTokenDO.getScope()));
OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser());
OAuthUtil.clearOAuthCache(accessTokenDO);
}
ArrayList<String> tokensToRevoke = new ArrayList<>();
for (Map.Entry entry : latestAccessTokens.entrySet()) {
tokensToRevoke.add(((AccessTokenDO) entry.getValue()).getAccessToken());
}
if (!tokensToRevoke.isEmpty()) {
OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().revokeAccessTokens(tokensToRevoke.toArray(new String[tokensToRevoke.size()]), OAuth2Util.isHashEnabled());
}
List<AuthzCodeDO> latestAuthzCodes = OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().getLatestAuthorizationCodesByUserStore(tenantId, userStoreName);
if (!latestAuthzCodes.isEmpty()) {
for (AuthzCodeDO authzCodeDO : latestAuthzCodes) {
// remove the authorization code from the cache
OAuthUtil.clearOAuthCache(authzCodeDO.getConsumerKey() + ":" + authzCodeDO.getAuthorizationCode());
}
OAuthTokenPersistenceFactory.getInstance().getAuthorizationCodeDAO().deactivateAuthorizationCodes(latestAuthzCodes);
}
} catch (IdentityOAuth2Exception e) {
throw new UserStoreException("Error occurred while revoking Access Token of user store : " + userStoreName + " in tenant :" + tenantId, e);
}
}
use of org.wso2.carbon.identity.oauth2.model.AuthzCodeDO in project identity-inbound-auth-oauth by wso2-extensions.
the class AuthorizationCodeDAOImplTest method testGetAuthorizationCodeDOSetByConsumerKeyForOpenidScope.
@Test
public void testGetAuthorizationCodeDOSetByConsumerKeyForOpenidScope() throws Exception {
String consumerKey1 = UUID.randomUUID().toString();
String authzCodeID1 = UUID.randomUUID().toString();
String authzCode1 = UUID.randomUUID().toString();
String consumerKey2 = UUID.randomUUID().toString();
String authzCodeID2 = UUID.randomUUID().toString();
String authzCode2 = UUID.randomUUID().toString();
mockStatic(OAuth2Util.class);
when(getTenantId(anyString())).thenReturn(DEFAULT_TENANT_ID);
persistAuthorizationCode(consumerKey1, authzCodeID1, authzCode1, OAuthConstants.AuthorizationCodeState.ACTIVE);
String[] tempScope = new String[] { "sms", "email" };
AuthzCodeDO authzCodeDO = persistAuthorizationCodeWithModifiedScope(consumerKey2, authzCodeID2, authzCode2, OAuthConstants.AuthorizationCodeState.ACTIVE, tempScope);
Assert.assertTrue(authorizationCodeDAO.getAuthorizationCodeDOSetByConsumerKeyForOpenidScope(authzCodeDO.getConsumerKey()).isEmpty());
}
Aggregations