Examples with OauthTokenIssuer org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer used on opensource projects

Example 6 with OauthTokenIssuer

use of org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer in project identity-inbound-auth-oauth by wso2-extensions.

the class ResponseTypeHandlerUtil method generateAuthorizationCode.

public static AuthzCodeDO generateAuthorizationCode(OAuthAuthzReqMessageContext oauthAuthzMsgCtx, boolean cacheEnabled) throws IdentityOAuth2Exception {
    OAuth2AuthorizeReqDTO authorizationReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
    String consumerKey = authorizationReqDTO.getConsumerKey();
    try {
        OauthTokenIssuer oauthTokenIssuer = OAuth2Util.getOAuthTokenIssuerForOAuthApp(consumerKey);
        return generateAuthorizationCode(oauthAuthzMsgCtx, cacheEnabled, oauthTokenIssuer);
    } catch (InvalidOAuthClientException e) {
        LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, null, OAuthConstants.LogConstants.FAILED, "System error occurred.", "issue-authz-code", null);
        throw new IdentityOAuth2Exception("Error while retrieving oauth issuer for the app with clientId: " + consumerKey, e);
    }
}

Example 7 with OauthTokenIssuer

use of org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer in project identity-inbound-auth-oauth by wso2-extensions.

the class ResponseTypeHandlerUtil method generateNewAccessToken.

private static AccessTokenDO generateNewAccessToken(OAuthAuthzReqMessageContext oauthAuthzMsgCtx, AccessTokenDO existingTokenBean, OauthTokenIssuer oauthIssuerImpl, String authorizedUserId, boolean cacheEnabled) throws IdentityOAuth2Exception {
    OAuth2AuthorizeReqDTO authorizationReqDTO = oauthAuthzMsgCtx.getAuthorizationReqDTO();
    String scope = OAuth2Util.buildScopeString(oauthAuthzMsgCtx.getApprovedScope());
    String consumerKey = authorizationReqDTO.getConsumerKey();
    String authenticatedIDP = OAuth2Util.getAuthenticatedIDP(authorizationReqDTO.getUser());
    OAuthAppDO oAuthAppBean = getOAuthApp(consumerKey);
    Timestamp timestamp = new Timestamp(new Date().getTime());
    long validityPeriodInMillis = getConfiguredAccessTokenValidityPeriodInMillis(oauthAuthzMsgCtx, oAuthAppBean);
    oauthAuthzMsgCtx.addProperty(OAuthConstants.UserType.USER_TYPE, OAuthConstants.UserType.APPLICATION_USER);
    AccessTokenDO newTokenBean = createNewTokenBean(oauthAuthzMsgCtx, oAuthAppBean, existingTokenBean, oauthIssuerImpl, timestamp, validityPeriodInMillis);
    setDetailsToMessageContext(oauthAuthzMsgCtx, newTokenBean);
    // Persist the access token in database
    persistAccessTokenInDB(oauthAuthzMsgCtx, existingTokenBean, newTokenBean);
    deactivateCurrentAuthorizationCode(newTokenBean.getAuthorizationCode(), newTokenBean.getTokenId());
    // update cache with newly added token
    if (isHashDisabled && cacheEnabled) {
        addTokenToCache(getOAuthCacheKey(consumerKey, scope, authorizedUserId, authenticatedIDP), newTokenBean);
    }
    return newTokenBean;
}

Example 8 with OauthTokenIssuer

use of org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2Util method addTokenDOtoCache.

/**
 * There are cases where we store an 'alias' of the token returned to the client as the token inside IS.
 * For example, in the case of JWT access tokens we store the 'jti' claim in the database instead of the
 * actual JWT. Therefore we need to cache an AccessTokenDO with the stored token identifier.
 *
 * @param newTokenBean token DO to be added to the cache.
 */
public static void addTokenDOtoCache(AccessTokenDO newTokenBean) throws IdentityOAuth2Exception {
    OauthTokenIssuer tokenIssuer = null;
    try {
        tokenIssuer = OAuth2Util.getOAuthTokenIssuerForOAuthApp(newTokenBean.getConsumerKey());
        String tokenAlias = tokenIssuer.getAccessTokenHash(newTokenBean.getAccessToken());
        OAuthCacheKey accessTokenCacheKey = new OAuthCacheKey(tokenAlias);
        AccessTokenDO tokenDO = AccessTokenDO.clone(newTokenBean);
        tokenDO.setAccessToken(tokenAlias);
        OAuthCache.getInstance().addToCache(accessTokenCacheKey, tokenDO);
        if (log.isDebugEnabled()) {
            if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
                log.debug("Access token DO was added to OAuthCache with cache key: " + accessTokenCacheKey.getCacheKeyString());
            } else {
                log.debug("Access token DO was added to OAuthCache");
            }
        }
    } catch (OAuthSystemException e) {
        if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
            throw new IdentityOAuth2Exception("Error while getting the token alias from token issuer: " + tokenIssuer.toString() + " for the token: " + newTokenBean.getAccessToken(), e);
        } else {
            throw new IdentityOAuth2Exception("Error while getting the token alias from token issuer: " + tokenIssuer.toString(), e);
        }
    } catch (InvalidOAuthClientException e) {
        if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
            throw new IdentityOAuth2Exception("Error while getting the token issuer for the token: " + newTokenBean.getAccessToken(), e);
        } else {
            throw new IdentityOAuth2Exception("Error while getting the token issuer", e);
        }
    }
}

Example 9 with OauthTokenIssuer

use of org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer in project identity-inbound-auth-oauth by wso2-extensions.

the class AuthorizationCodeGrantHandlerTest method testIssue.

@Test(dataProvider = "BuildTokenMsgCtxForIssue")
public void testIssue(Object tokenRequestMessageContext, boolean enableCache, boolean debugEnabled) throws IdentityOAuth2Exception, InvalidOAuthClientException, OAuthSystemException {
    oAuthServerConfiguration = mock(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(oAuthServerConfiguration);
    WhiteboxImpl.setInternalState(authorizationCodeGrantHandler, "cacheEnabled", enableCache);
    OAuthCache oAuthCache = mock(OAuthCache.class);
    when(OAuthCache.getInstance()).thenReturn(oAuthCache);
    if (enableCache) {
        WhiteboxImpl.setInternalState(authorizationCodeGrantHandler, "oauthCache", oAuthCache);
    }
    OAuthTokenReqMessageContext tokReqMsgCtx = (OAuthTokenReqMessageContext) tokenRequestMessageContext;
    oAuthServerConfiguration = mock(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(oAuthServerConfiguration);
    OauthTokenIssuer oauthTokenIssuer = mock(OauthTokenIssuer.class);
    WhiteboxImpl.setInternalState(authorizationCodeGrantHandler, "oauthIssuerImpl", oauthTokenIssuer);
    AccessTokenDO accessTokenDO = new AccessTokenDO();
    OAuthAppDO oAuthAppDO = mock(OAuthAppDO.class);
    when(OAuth2Util.getAppInformationByClientId(anyString())).thenReturn(oAuthAppDO);
    when(oauthTokenIssuer.accessToken(tokReqMsgCtx)).thenReturn(StringUtils.EMPTY);
    assertNotNull(authorizationCodeGrantHandler.issue(tokReqMsgCtx));
}

Example 10 with OauthTokenIssuer

use of org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer in project identity-inbound-auth-oauth by wso2-extensions.

the class TokenValidationHandlerTest method mockRequiredObjects.

protected void mockRequiredObjects() throws Exception {
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(oAuthServerConfiguration);
    when(OAuthServerConfiguration.getInstance().getOAuthTokenGenerator()).thenReturn(oAuthIssuer);
    when(OAuthServerConfiguration.getInstance().getSignatureAlgorithm()).thenReturn("SHA256withRSA");
    when(OAuthServerConfiguration.getInstance().getHashAlgorithm()).thenReturn("SHA-256");
    Map<String, OauthTokenIssuer> oauthTokenIssuerMap = new HashMap<>();
    oauthTokenIssuerMap.put(DEFAULT_TOKEN_TYPE, new OauthTokenIssuerImpl());
    oauthTokenIssuerMap.put(JWT_TOKEN_TYPE, new JWTTokenIssuer());
    when(OAuthServerConfiguration.getInstance().getOauthTokenIssuerMap()).thenReturn(oauthTokenIssuerMap);
    mockStatic(IdentityDatabaseUtil.class);
    when(IdentityDatabaseUtil.getDBConnection(false)).thenReturn(getDBConnection());
    when(IdentityDatabaseUtil.getDBConnection()).thenReturn(getDBConnection());
}