Example 1 with UserApplicationScopeConsentDO
use of org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method isUserHasAnExistingConsentForApp.
/**
* Check if the user already has an existing consent for the application.
*
* @param userId User id.
* @param appId Application id.
* @param userTenantId Tenant id.
* @return True if user already has an existing consent.
* @throws IdentityOAuth2ScopeException
*/
public boolean isUserHasAnExistingConsentForApp(String userId, String appId, int userTenantId) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
boolean consentExists = false;
UserApplicationScopeConsentDO existingConsents = OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().getUserConsentForApplication(userId, appId, userTenantId);
if (CollectionUtils.isNotEmpty(existingConsents.getApprovedScopes()) || CollectionUtils.isNotEmpty(existingConsents.getDeniedScopes())) {
consentExists = true;
}
if (log.isDebugEnabled()) {
log.debug("Existing consent status : " + consentExists + " for user : " + userId + ", app : " + appId + " in tenant with id : " + userTenantId);
}
return consentExists;
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_CHECK_EXISTING_CONSENTS_FOR_USER;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
Also used :
UserApplicationScopeConsentDO(org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)
Example 2 with UserApplicationScopeConsentDO
use of org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method hasUserProvidedConsentForAllRequestedScopes.
/**
* Check if user has already consented for requested scopes.
*
* @param userId User Id.
* @param appId Application Id.
* @param userTenantId Tenant Id.
* @param consentRequiredScopes List of consent required approved scopes.
* @return true if user has already provided the consent.
* @throws IdentityOAuth2ScopeException
*/
public boolean hasUserProvidedConsentForAllRequestedScopes(String userId, String appId, int userTenantId, List<String> consentRequiredScopes) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
if (CollectionUtils.isNotEmpty(consentRequiredScopes)) {
UserApplicationScopeConsentDO existingConsent = OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().getUserConsentForApplication(userId, appId, userTenantId);
consentRequiredScopes.removeAll(existingConsent.getApprovedScopes());
consentRequiredScopes.removeAll(existingConsent.getDeniedScopes());
return consentRequiredScopes.isEmpty();
}
return true;
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_CHECK_ALREADY_USER_CONSENTED;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
Also used :
UserApplicationScopeConsentDO(org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)
Example 3 with UserApplicationScopeConsentDO
use of org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method getConsentsToBeAdded.
private UserApplicationScopeConsentDO getConsentsToBeAdded(UserApplicationScopeConsentDO consentToBeUpdated, UserApplicationScopeConsentDO updatedConsent) {
UserApplicationScopeConsentDO consentToBeAdded = new UserApplicationScopeConsentDO(updatedConsent.getAppId());
List<String> approvedScopes = new ArrayList<String>() {
{
addAll(updatedConsent.getApprovedScopes());
}
};
List<String> disapprovedScopes = new ArrayList<String>() {
{
addAll(updatedConsent.getDeniedScopes());
}
};
approvedScopes.removeAll(consentToBeUpdated.getApprovedScopes());
disapprovedScopes.removeAll(consentToBeUpdated.getDeniedScopes());
consentToBeAdded.setApprovedScopes(approvedScopes);
consentToBeAdded.setDeniedScopes(disapprovedScopes);
return consentToBeAdded;
}
Also used :
ArrayList(java.util.ArrayList)
UserApplicationScopeConsentDO(org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)
Example 4 with UserApplicationScopeConsentDO
use of org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method addUserConsentForApplication.
/**
* Add an OAuth scope consent given for an application by an user.
*
* @param userId User Id.
* @param appId Application Id.
* @param userTenantId Tenant Id.
* @param approvedScopes List of approved scopes.
* @param deniedScopes List of denied scopes.
* @throws IdentityOAuth2ScopeException
*/
public void addUserConsentForApplication(String userId, String appId, int userTenantId, List<String> approvedScopes, List<String> deniedScopes) throws IdentityOAuth2ScopeException {
validateUserId(userId);
validateAppId(appId);
try {
UserApplicationScopeConsentDO userApplicationScopeConsents = new UserApplicationScopeConsentDO(appId, approvedScopes, deniedScopes);
OAuthTokenPersistenceFactory.getInstance().getOAuthUserConsentedScopesDAO().addUserConsentForApplication(userId, userTenantId, userApplicationScopeConsents);
if (log.isDebugEnabled()) {
log.debug("Successfully added the user consent for OAuth scopes for user : " + userId + " and application name : " + appId + " in tenant with id : " + userTenantId);
}
} catch (IdentityOAuth2ScopeConsentException e) {
Oauth2ScopeConstants.ErrorMessages error = Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_FAILED_TO_ADD_USER_CONSENT_FOR_APP;
String msg = String.format(error.getMessage(), userId, appId, userTenantId);
throw new IdentityOAuth2ScopeServerException(error.getCode(), msg, e);
}
}
Also used :
UserApplicationScopeConsentDO(org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)
Example 5 with UserApplicationScopeConsentDO
use of org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ScopeService method getConsentsToBeUpdated.
private UserApplicationScopeConsentDO getConsentsToBeUpdated(UserApplicationScopeConsentDO existingConsent, UserApplicationScopeConsentDO updatedConsent) {
UserApplicationScopeConsentDO consentToBeUpdated = new UserApplicationScopeConsentDO(updatedConsent.getAppId());
List<String> approvedScopes = new ArrayList<>();
List<String> disapprovedScopes = new ArrayList<>();
approvedScopes.addAll(updatedConsent.getApprovedScopes().stream().filter(scope -> existingConsent.getDeniedScopes().contains(scope)).collect(Collectors.toSet()));
disapprovedScopes.addAll(updatedConsent.getDeniedScopes().stream().filter(scope -> existingConsent.getApprovedScopes().contains(scope)).collect(Collectors.toSet()));
consentToBeUpdated.setApprovedScopes(approvedScopes);
consentToBeUpdated.setDeniedScopes(disapprovedScopes);
return consentToBeUpdated;
}
Also used :
ArrayList(java.util.ArrayList)
UserApplicationScopeConsentDO(org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)
Aggregations
UserApplicationScopeConsentDO (org.wso2.carbon.identity.oauth2.model.UserApplicationScopeConsentDO)10
Connection (java.sql.Connection)4
SQLException (java.sql.SQLException)4
ArrayList (java.util.ArrayList)4
IdentityOAuth2ScopeConsentException (org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException)4
PreparedStatement (java.sql.PreparedStatement)2
ResultSet (java.sql.ResultSet)2
HashMap (java.util.HashMap)1
OAuthUserConsentedScopeCacheEntry (org.wso2.carbon.identity.oauth2.internal.cache.OAuthUserConsentedScopeCacheEntry)1
OAuth2ScopeConsentResponse (org.wso2.carbon.identity.oauth2.model.OAuth2ScopeConsentResponse)1
