Search in sources :

Example 1 with RequestObjectService

use of org.wso2.carbon.identity.openidconnect.RequestObjectService in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoJWTResponseTest method setup.

@BeforeClass
public void setup() throws Exception {
    OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
    TestUtils.initiateH2Base();
    con = TestUtils.getConnection();
    userInfoJWTResponse = new UserInfoJWTResponse();
    RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
    List<RequestedClaim> requestedClaims = Collections.EMPTY_LIST;
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
}
Also used : OpenIDConnectClaimFilterImpl(org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) RequestObjectService(org.wso2.carbon.identity.openidconnect.RequestObjectService) BeforeClass(org.testng.annotations.BeforeClass)

Example 2 with RequestObjectService

use of org.wso2.carbon.identity.openidconnect.RequestObjectService in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoJSONResponseBuilderTest method setUpRequestObjectService.

private void setUpRequestObjectService() throws RequestObjectException {
    List<RequestedClaim> requestedClaims = Collections.emptyList();
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
}
Also used : OpenIDConnectClaimFilterImpl(org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim)

Example 3 with RequestObjectService

use of org.wso2.carbon.identity.openidconnect.RequestObjectService in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultIDTokenBuilderTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    user = getDefaultAuthenticatedLocalUser();
    messageContext = getTokenReqMessageContextForUser(user, CLIENT_ID);
    messageContext.addProperty(AUTHORIZATION_CODE, AUTHORIZATION_CODE_VALUE);
    tokenRespDTO = new OAuth2AccessTokenRespDTO();
    tokenRespDTO.setAccessToken(ACCESS_TOKEN);
    IdentityProvider idp = new IdentityProvider();
    idp.setIdentityProviderName("LOCAL");
    idp.setEnable(true);
    Map<String, Object> configuration = new HashMap<>();
    configuration.put("SSOService.EntityId", "LOCAL");
    configuration.put("SSOService.SAMLECPEndpoint", "https://localhost:9443/samlecp");
    configuration.put("SSOService.ArtifactResolutionEndpoint", "https://localhost:9443/samlartresolve");
    configuration.put("OAuth.OpenIDConnect.IDTokenIssuerID", "https://localhost:9443/oauth2/token");
    WhiteboxImpl.setInternalState(IdentityUtil.class, "configuration", configuration);
    IdentityProviderManager.getInstance().addResidentIdP(idp, SUPER_TENANT_DOMAIN_NAME);
    defaultIDTokenBuilder = new DefaultIDTokenBuilder();
    Map<ClaimMapping, String> userAttributes = new HashMap<>();
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("username"), "username");
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping("email"), "email");
    userAttributes.put(SAML2BearerGrantHandlerTest.buildClaimMapping(PHONE_NUMBER_VERIFIED), "phone");
    LinkedHashSet acrValuesHashSet = new LinkedHashSet<>();
    acrValuesHashSet.add(new Object());
    AuthorizationGrantCacheEntry authorizationGrantCacheEntry = new AuthorizationGrantCacheEntry(userAttributes);
    authorizationGrantCacheEntry.setSubjectClaim(messageContext.getAuthorizedUser().getUserName());
    authorizationGrantCacheEntry.setNonceValue("nonce");
    authorizationGrantCacheEntry.addAmr("amr");
    authorizationGrantCacheEntry.setSessionContextIdentifier("idp");
    authorizationGrantCacheEntry.setAuthTime(1000);
    authorizationGrantCacheEntry.setSelectedAcrValue("acr");
    authorizationGrantCacheEntry.setSubjectClaim("user@carbon.super");
    authorizationGrantCacheEntry.setEssentialClaims(getEssentialClaims());
    AuthorizationGrantCacheKey authorizationGrantCacheKey = new AuthorizationGrantCacheKey(AUTHORIZATION_CODE_VALUE);
    AuthorizationGrantCacheKey authorizationGrantCacheKeyForAccessToken = new AuthorizationGrantCacheKey("2sa9a678f890877856y66e75f605d456");
    AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKey, authorizationGrantCacheEntry);
    AuthorizationGrantCache.getInstance().addToCacheByToken(authorizationGrantCacheKeyForAccessToken, authorizationGrantCacheEntry);
    ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty();
    ServiceProviderProperty[] serviceProviders = new ServiceProviderProperty[] { serviceProviderProperty };
    ServiceProvider serviceProvider = new ServiceProvider();
    serviceProvider.setSpProperties(serviceProviders);
    serviceProvider.setCertificateContent("MIIDWTCCAkGgAwIBAgIEcZgeVDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJG\n" + "UjEMMAoGA1UECBMDTVBMMQwwCgYDVQQHEwNNUEwxDTALBgNVBAoTBHRlc3QxDTAL\n" + "BgNVBAsTBHRlc3QxEzARBgNVBAMMCioudGVzdC5jb20wIBcNMjEwNTEwMTcwODU4\n" + "WhgPMjA1MTA1MDMxNzA4NThaMFwxCzAJBgNVBAYTAkZSMQwwCgYDVQQIEwNNUEwx\n" + "DDAKBgNVBAcTA01QTDENMAsGA1UEChMEdGVzdDENMAsGA1UECxMEdGVzdDETMBEG\n" + "A1UEAwwKKi50ZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + "AIkuoEuR/or5oL4h6TZ7r90Qyb1xAK6qrAHGCGWz5k1dnmCdvM39zBZF5EDGVKKe\n" + "p+BQWNgG+FST19Z2l71YJllKxVsI0syw3r9PXcAfVLahs3fn8HEa5uJqIdHRsVzz\n" + "uO+rEWYn7kx4jmwwqtb8HBnhlVgn32OWQ6X4mLll/1n87cWGMsNouVP5TCySFNyD\n" + "BFPzC3+gYiVVy7Aj1NBw6Ft4i4r0UIOZ8BPGfHrd7zB4Zmnc9KwyRNj+S3bvJECm\n" + "D1/9hMiHcIj46qnvLJw69f/HmL3LTmp1oQJUnFlA0hykrUcwjVjUEptcBMu627j4\n" + "kfY2xsI613k5NLi6eHlwx7cCAwEAAaMhMB8wHQYDVR0OBBYEFIg+fWViskGrce5K\n" + "48Oy9x1Mh0GTMA0GCSqGSIb3DQEBCwUAA4IBAQB76yS+Wkt2RBh4XEihiMsrgn9L\n" + "2RkxAvDldfVEZTtQHm0uOkjT53AG8RSK5tedWdETJnEa0cq9SGLBjuTB5ojjP18g\n" + "R3fT2HXiP2QDfqnEhj7SYOEPp+QjcgW7rPBpMVOe9qKU6BWw0/ufEFq/SgSb9/xV\n" + "dZa4puEYDVEJ4pu6uJuh/oXgvwcIcL6xURDav1gqTDuMrLnJrKui+FsabnWeC+XB\n" + "1mRWtpZPay9xB5kVWAEVdMtGePP0/wz2zxQU9uCmjwvIsIfx307CpBI54sjomXPU\n" + "DldsCG6l8QRJ3NvijWa/0olA/7BpaOtbNS6S5dBSfPScpUvVQiBYFFvMXbmd\n");
    ApplicationManagementService applicationMgtService = mock(ApplicationManagementService.class);
    OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService);
    Map<String, ServiceProvider> fileBasedSPs = CommonTestUtils.getFileBasedSPs();
    setFinalStatic(ApplicationManagementServiceComponent.class.getDeclaredField("fileBasedSPs"), fileBasedSPs);
    when(applicationMgtService.getApplicationExcludingFileBasedSPs(TEST_APPLICATION_NAME, SUPER_TENANT_DOMAIN_NAME)).thenReturn(fileBasedSPs.get(TEST_APPLICATION_NAME));
    when(applicationMgtService.getServiceProviderNameByClientId(anyString(), anyString(), anyString())).thenReturn(TEST_APPLICATION_NAME);
    when(applicationMgtService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
    AuthenticationMethodNameTranslator authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
    OAuth2ServiceComponentHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
    RealmService realmService = IdentityTenantUtil.getRealmService();
    HashMap<String, String> claims = new HashMap<>();
    claims.put("http://wso2.org/claims/username", TestConstants.USER_NAME);
    realmService.getTenantUserRealm(SUPER_TENANT_ID).getUserStoreManager().addUser(TestConstants.USER_NAME, TestConstants.PASSWORD, new String[0], claims, TestConstants.DEFAULT_PROFILE);
    Map<Integer, Certificate> publicCerts = new ConcurrentHashMap<>();
    publicCerts.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getCertificate("wso2carbon"));
    setFinalStatic(OAuth2Util.class.getDeclaredField("publicCerts"), publicCerts);
    Map<Integer, Key> privateKeys = new ConcurrentHashMap<>();
    privateKeys.put(SUPER_TENANT_ID, ReadCertStoreSampleUtil.createKeyStore(getClass()).getKey("wso2carbon", "wso2carbon".toCharArray()));
    setFinalStatic(OAuth2Util.class.getDeclaredField("privateKeys"), privateKeys);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
    RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
    List<RequestedClaim> requestedClaims = Collections.EMPTY_LIST;
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
    OAuth2ServiceComponentHolder.setKeyIDProvider(new DefaultKeyIDProviderImpl());
    ClaimProvider claimProvider = new OpenIDConnectSystemClaimImpl();
    List claimProviders = new ArrayList();
    claimProviders.add(claimProvider);
    WhiteboxImpl.setInternalState(OpenIDConnectServiceComponentHolder.getInstance(), "claimProviders", claimProviders);
}
Also used : LinkedHashSet(java.util.LinkedHashSet) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) AuthenticationMethodNameTranslatorImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.AuthenticationMethodNameTranslatorImpl) ArrayList(java.util.ArrayList) ApplicationManagementServiceComponent(org.wso2.carbon.identity.application.mgt.internal.ApplicationManagementServiceComponent) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) AuthorizationGrantCacheKey(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey) List(java.util.List) ArrayList(java.util.ArrayList) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) ServiceProviderProperty(org.wso2.carbon.identity.application.common.model.ServiceProviderProperty) DefaultKeyIDProviderImpl(org.wso2.carbon.identity.oauth2.keyidprovider.DefaultKeyIDProviderImpl) AuthenticationMethodNameTranslator(org.wso2.carbon.identity.application.authentication.framework.AuthenticationMethodNameTranslator) IdentityProvider(org.wso2.carbon.identity.application.common.model.IdentityProvider) ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping) AuthorizationGrantCacheEntry(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry) RealmService(org.wso2.carbon.user.core.service.RealmService) WithRealmService(org.wso2.carbon.identity.common.testng.WithRealmService) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) JSONObject(org.json.JSONObject) OAuth2Util(org.wso2.carbon.identity.oauth2.util.OAuth2Util) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Key(java.security.Key) AuthorizationGrantCacheKey(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey) Certificate(java.security.cert.Certificate) BeforeClass(org.testng.annotations.BeforeClass)

Example 4 with RequestObjectService

use of org.wso2.carbon.identity.openidconnect.RequestObjectService in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    System.setProperty(CarbonBaseConstants.CARBON_HOME, CARBON_HOME);
    BasicDataSource dataSource1 = new BasicDataSource();
    dataSource1.setDriverClassName("org.h2.Driver");
    dataSource1.setUsername("username");
    dataSource1.setPassword("password");
    dataSource1.setUrl("jdbc:h2:mem:test" + DB_NAME);
    connection = dataSource1.getConnection();
    connection.createStatement().executeUpdate("RUNSCRIPT FROM '" + getFilePath(H2_SCRIPT_NAME) + "'");
    mockStatic(FrameworkUtils.class);
    when(FrameworkUtils.getMultiAttributeSeparator()).thenReturn(MULTI_ATTRIBUTE_SEPARATOR_DEFAULT);
    RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
    List<RequestedClaim> requestedClaims = Collections.emptyList();
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    // Skipping filtering with user consent.
    // TODO: Remove mocking claims filtering based on consent when fixing
    // https://github.com/wso2/product-is/issues/2676
    OpenIDConnectClaimFilterImpl openIDConnectClaimFilter = spy(new OpenIDConnectClaimFilterImpl());
    when(openIDConnectClaimFilter.getClaimsFilteredByUserConsent(anyMap(), any(AuthenticatedUser.class), anyString(), anyString())).thenAnswer(invocation -> invocation.getArguments()[0]);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(openIDConnectClaimFilter);
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
    defaultOIDCClaimsCallbackHandler = new DefaultOIDCClaimsCallbackHandler();
    OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
}
Also used : RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) BasicDataSource(org.apache.commons.dbcp.BasicDataSource) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) BeforeClass(org.testng.annotations.BeforeClass)

Example 5 with RequestObjectService

use of org.wso2.carbon.identity.openidconnect.RequestObjectService in project identity-inbound-auth-oauth by wso2-extensions.

the class OpenIDConnectServiceComponent method activate.

protected void activate(ComponentContext context) {
    try {
        bundleContext = context.getBundleContext();
        bundleContext.registerService(ClaimProvider.class.getName(), new OpenIDConnectSystemClaimImpl(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new RequestObjectHandler(), null);
        bundleContext.registerService(RequestObjectService.class.getName(), new RequestObjectService(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new OIDCClaimMetaDataOperationHandler(), null);
    } catch (Throwable e) {
        String errMsg = "Error while activating OpenIDConnectServiceComponent.";
        log.error(errMsg, e);
        throw new RuntimeException(errMsg, e);
    }
}
Also used : OIDCClaimMetaDataOperationHandler(org.wso2.carbon.identity.openidconnect.OIDCClaimMetaDataOperationHandler) AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler) ClaimProvider(org.wso2.carbon.identity.openidconnect.ClaimProvider) RequestObjectService(org.wso2.carbon.identity.openidconnect.RequestObjectService) OpenIDConnectSystemClaimImpl(org.wso2.carbon.identity.openidconnect.OpenIDConnectSystemClaimImpl) RequestObjectHandler(org.wso2.carbon.identity.openidconnect.handlers.RequestObjectHandler)

Aggregations

RequestedClaim (org.wso2.carbon.identity.openidconnect.model.RequestedClaim)4 BeforeClass (org.testng.annotations.BeforeClass)3 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)2 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)2 OpenIDConnectClaimFilterImpl (org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl)2 RequestObjectService (org.wso2.carbon.identity.openidconnect.RequestObjectService)2 ScopeClaimMappingDAOImpl (org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl)2 Key (java.security.Key)1 Certificate (java.security.cert.Certificate)1 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 LinkedHashSet (java.util.LinkedHashSet)1 List (java.util.List)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 BasicDataSource (org.apache.commons.dbcp.BasicDataSource)1 JSONObject (org.json.JSONObject)1 Matchers.anyString (org.mockito.Matchers.anyString)1 AuthenticationMethodNameTranslator (org.wso2.carbon.identity.application.authentication.framework.AuthenticationMethodNameTranslator)1 ConsentClaimsData (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ConsentClaimsData)1