Search in sources :

Example 1 with ScopeClaimMappingDAOImpl

use of org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoJWTResponseTest method setup.

@BeforeClass
public void setup() throws Exception {
    OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
    TestUtils.initiateH2Base();
    con = TestUtils.getConnection();
    userInfoJWTResponse = new UserInfoJWTResponse();
    RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
    List<RequestedClaim> requestedClaims = Collections.EMPTY_LIST;
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(new OpenIDConnectClaimFilterImpl());
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
}
Also used : OpenIDConnectClaimFilterImpl(org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl) RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) RequestObjectService(org.wso2.carbon.identity.openidconnect.RequestObjectService) BeforeClass(org.testng.annotations.BeforeClass)

Example 2 with ScopeClaimMappingDAOImpl

use of org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoJSONResponseBuilderTest method setUpTest.

@BeforeClass
public void setUpTest() throws Exception {
    OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
    userInfoJSONResponseBuilder = new UserInfoJSONResponseBuilder();
    TestUtils.initiateH2Base();
    con = TestUtils.getConnection();
}
Also used : ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) BeforeClass(org.testng.annotations.BeforeClass)

Example 3 with ScopeClaimMappingDAOImpl

use of org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl in project identity-inbound-auth-oauth by wso2-extensions.

the class OpenIDConnectClaimFilterImplTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    openIDConnectClaimFilter = new OpenIDConnectClaimFilterImpl();
    scopeClaimMappingDAO = new ScopeClaimMappingDAOImpl();
    ServiceProvider serviceProvider = new ServiceProvider();
    ssoConsentService = mock(SSOConsentServiceImpl.class);
    ClaimMetadataManagementService claimMetadataManagementService = mock(ClaimMetadataManagementService.class);
    applicationMgtService = mock(ApplicationManagementService.class);
    OAuth2ServiceComponentHolder.setApplicationMgtService(applicationMgtService);
    when(applicationMgtService.getServiceProviderByClientId(CLIENT_ID, IdentityApplicationConstants.OAuth2.NAME, SP_TENANT_DOMAIN)).thenReturn(serviceProvider);
    OpenIDConnectServiceComponentHolder.getInstance().setClaimMetadataManagementService(claimMetadataManagementService);
    OpenIDConnectServiceComponentHolder.getInstance().setSsoConsentService(ssoConsentService);
    RegistryService registryService = mock(RegistryService.class);
    UserRegistry userRegistry = mock(UserRegistry.class);
    resource = new ResourceImpl();
    OAuth2ServiceComponentHolder.setRegistryService(registryService);
    when(registryService.getConfigSystemRegistry(anyInt())).thenReturn(userRegistry);
    when(userRegistry.get(anyString())).thenReturn(resource);
    List externalClaims = new ArrayList<>();
    ExternalClaim externalClaim = new ExternalClaim("testUserClaimURI", "testUserClaimURI", "testUserClaimURI");
    externalClaims.add(externalClaim);
    when(claimMetadataManagementService.getExternalClaims(anyString(), anyString())).thenReturn(externalClaims);
    List claimsWithConsent = getClaimsWithConsent();
    when(ssoConsentService.getClaimsWithConsents(any(), any())).thenReturn(claimsWithConsent);
}
Also used : ResourceImpl(org.wso2.carbon.registry.core.ResourceImpl) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) ExternalClaim(org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim) ArrayList(java.util.ArrayList) UserRegistry(org.wso2.carbon.registry.core.session.UserRegistry) ArrayList(java.util.ArrayList) List(java.util.List) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) RegistryService(org.wso2.carbon.registry.core.service.RegistryService) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) SSOConsentServiceImpl(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl) ClaimMetadataManagementService(org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService) BeforeClass(org.testng.annotations.BeforeClass)

Example 4 with ScopeClaimMappingDAOImpl

use of org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceComponent method activate.

protected void activate(ComponentContext context) {
    try {
        if (OAuth2ServiceComponentHolder.getInstance().getScopeClaimMappingDAO() == null) {
            OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
        }
        loadScopeConfigFile();
        loadOauthScopeBinding();
        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
        boolean isRecordExist = OAuthTokenPersistenceFactory.getInstance().getScopeClaimMappingDAO().hasScopesPopulated(tenantId);
        if (!isRecordExist) {
            OAuth2Util.initiateOIDCScopes(tenantId);
        }
        TenantCreationEventListener scopeTenantMgtListener = new TenantCreationEventListener();
        bundleContext = context.getBundleContext();
        // Registering TenantCreationEventListener
        ServiceRegistration scopeTenantMgtListenerSR = bundleContext.registerService(TenantMgtListener.class.getName(), scopeTenantMgtListener, null);
        if (scopeTenantMgtListenerSR != null) {
            if (log.isDebugEnabled()) {
                log.debug(" TenantMgtListener is registered");
            }
        } else {
            log.error("TenantMgtListener could not be registered");
        }
        // iniating oauth scopes
        OAuth2Util.initiateOAuthScopePermissionsBindings(tenantId);
        // exposing server configuration as a service
        OAuthServerConfiguration oauthServerConfig = OAuthServerConfiguration.getInstance();
        bundleContext.registerService(OAuthServerConfiguration.class.getName(), oauthServerConfig, null);
        OAuth2TokenValidationService tokenValidationService = new OAuth2TokenValidationService();
        bundleContext.registerService(OAuth2TokenValidationService.class.getName(), tokenValidationService, null);
        OAuthClientAuthnService clientAuthnService = new OAuthClientAuthnService();
        bundleContext.registerService(OAuthClientAuthnService.class.getName(), clientAuthnService, null);
        BasicAuthClientAuthenticator basicAuthClientAuthenticator = new BasicAuthClientAuthenticator();
        bundleContext.registerService(OAuthClientAuthenticator.class.getName(), basicAuthClientAuthenticator, null);
        PublicClientAuthenticator publicClientAuthenticator = new PublicClientAuthenticator();
        bundleContext.registerService(OAuthClientAuthenticator.class.getName(), publicClientAuthenticator, null);
        // Register cookie based access token binder.
        CookieBasedTokenBinder cookieBasedTokenBinder = new CookieBasedTokenBinder();
        bundleContext.registerService(TokenBinderInfo.class.getName(), cookieBasedTokenBinder, null);
        // SSO session based access token binder.
        SSOSessionBasedTokenBinder ssoSessionBasedTokenBinder = new SSOSessionBasedTokenBinder();
        bundleContext.registerService(TokenBinderInfo.class.getName(), ssoSessionBasedTokenBinder, null);
        if (log.isDebugEnabled()) {
            log.debug("Identity OAuth bundle is activated");
        }
        if (OAuth2ServiceComponentHolder.getKeyIDProvider() == null) {
            KeyIDProvider defaultKeyIDProvider = new DefaultKeyIDProviderImpl();
            OAuth2ServiceComponentHolder.setKeyIDProvider(defaultKeyIDProvider);
            if (log.isDebugEnabled()) {
                log.debug("Key ID Provider " + DefaultKeyIDProviderImpl.class.getSimpleName() + " registered as the default Key ID Provider implementation.");
            }
        }
        ServiceRegistration tenantMgtListenerSR = bundleContext.registerService(TenantMgtListener.class.getName(), new OAuthTenantMgtListenerImpl(), null);
        if (tenantMgtListenerSR != null) {
            if (log.isDebugEnabled()) {
                log.debug("OAuth - TenantMgtListener registered.");
            }
        } else {
            log.error("OAuth - TenantMgtListener could not be registered.");
        }
        ServiceRegistration userStoreConfigEventSR = bundleContext.registerService(UserStoreConfigListener.class.getName(), new OAuthUserStoreConfigListenerImpl(), null);
        if (userStoreConfigEventSR != null) {
            if (log.isDebugEnabled()) {
                log.debug("OAuth - UserStoreConfigListener registered.");
            }
        } else {
            log.error("OAuth - UserStoreConfigListener could not be registered.");
        }
        ServiceRegistration oauthApplicationMgtListenerSR = bundleContext.registerService(ApplicationMgtListener.class.getName(), new OAuthApplicationMgtListener(), null);
        if (oauthApplicationMgtListenerSR != null) {
            if (log.isDebugEnabled()) {
                log.debug("OAuth - ApplicationMgtListener registered.");
            }
        } else {
            log.error("OAuth - ApplicationMgtListener could not be registered.");
        }
        // PKCE enabled by default.
        OAuth2ServiceComponentHolder.setPkceEnabled(true);
        // Register device auth service.
        ServiceRegistration deviceAuthService = bundleContext.registerService(DeviceAuthService.class.getName(), new DeviceAuthServiceImpl(), null);
        if (deviceAuthService != null) {
            if (log.isDebugEnabled()) {
                log.debug("DeviceAuthService registered.");
            }
        } else {
            log.error("DeviceAuthService could not be registered.");
        }
        // Register the default OpenIDConnect claim filter
        bundleContext.registerService(OpenIDConnectClaimFilter.class, new OpenIDConnectClaimFilterImpl(), null);
        if (log.isDebugEnabled()) {
            log.debug("Default OpenIDConnect Claim filter registered successfully.");
        }
        bundleContext.registerService(AbstractEventHandler.class.getName(), new TokenBindingExpiryEventHandler(), null);
        if (log.isDebugEnabled()) {
            log.debug("TokenBindingExpiryEventHandler is successfully registered.");
        }
        // Registering OAuth2Service as a OSGIService
        bundleContext.registerService(OAuth2Service.class.getName(), new OAuth2Service(), null);
        // Registering OAuth2ScopeService as a OSGIService
        bundleContext.registerService(OAuth2ScopeService.class.getName(), new OAuth2ScopeService(), null);
    // Note : DO NOT add any activation related code below this point,
    // to make sure the server doesn't start up if any activation failures occur
    } catch (Throwable e) {
        String errMsg = "Error while activating OAuth2ServiceComponent.";
        log.error(errMsg, e);
        throw new RuntimeException(errMsg, e);
    }
    if (checkAudienceEnabled()) {
        if (log.isDebugEnabled()) {
            log.debug("OAuth - OIDC audiences enabled.");
        }
        OAuth2ServiceComponentHolder.setAudienceEnabled(true);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("OAuth - OIDC audiences disabled.");
        }
        OAuth2ServiceComponentHolder.setAudienceEnabled(false);
    }
    if (checkIDPIdColumnAvailable()) {
        if (log.isDebugEnabled()) {
            log.debug("IDP_ID column is available in all relevant tables. " + "Setting isIDPIdColumnEnabled to true.");
        }
        OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(true);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("IDP_ID column is not available in all relevant tables. " + "Setting isIDPIdColumnEnabled to false.");
        }
        OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(false);
    }
}
Also used : TokenBindingExpiryEventHandler(org.wso2.carbon.identity.oauth2.token.bindings.handlers.TokenBindingExpiryEventHandler) KeyIDProvider(org.wso2.carbon.identity.oauth2.keyidprovider.KeyIDProvider) OAuthServerConfiguration(org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration) TokenBinderInfo(org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo) ApplicationMgtListener(org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener) OAuth2ScopeService(org.wso2.carbon.identity.oauth2.OAuth2ScopeService) TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener) CookieBasedTokenBinder(org.wso2.carbon.identity.oauth2.token.bindings.impl.CookieBasedTokenBinder) SSOSessionBasedTokenBinder(org.wso2.carbon.identity.oauth2.token.bindings.impl.SSOSessionBasedTokenBinder) ServiceRegistration(org.osgi.framework.ServiceRegistration) OAuthClientAuthenticator(org.wso2.carbon.identity.oauth2.client.authentication.OAuthClientAuthenticator) OAuth2Service(org.wso2.carbon.identity.oauth2.OAuth2Service) OAuthClientAuthnService(org.wso2.carbon.identity.oauth2.client.authentication.OAuthClientAuthnService) DefaultKeyIDProviderImpl(org.wso2.carbon.identity.oauth2.keyidprovider.DefaultKeyIDProviderImpl) UserStoreConfigListener(org.wso2.carbon.identity.user.store.configuration.listener.UserStoreConfigListener) TenantCreationEventListener(org.wso2.carbon.identity.oauth2.listener.TenantCreationEventListener) PublicClientAuthenticator(org.wso2.carbon.identity.oauth2.client.authentication.PublicClientAuthenticator) BasicAuthClientAuthenticator(org.wso2.carbon.identity.oauth2.client.authentication.BasicAuthClientAuthenticator) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) OpenIDConnectClaimFilterImpl(org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl) DeviceAuthService(org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService) AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler) OAuth2TokenValidationService(org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService) DeviceAuthServiceImpl(org.wso2.carbon.identity.oauth2.device.api.DeviceAuthServiceImpl)

Example 5 with ScopeClaimMappingDAOImpl

use of org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    System.setProperty(CarbonBaseConstants.CARBON_HOME, CARBON_HOME);
    BasicDataSource dataSource1 = new BasicDataSource();
    dataSource1.setDriverClassName("org.h2.Driver");
    dataSource1.setUsername("username");
    dataSource1.setPassword("password");
    dataSource1.setUrl("jdbc:h2:mem:test" + DB_NAME);
    connection = dataSource1.getConnection();
    connection.createStatement().executeUpdate("RUNSCRIPT FROM '" + getFilePath(H2_SCRIPT_NAME) + "'");
    mockStatic(FrameworkUtils.class);
    when(FrameworkUtils.getMultiAttributeSeparator()).thenReturn(MULTI_ATTRIBUTE_SEPARATOR_DEFAULT);
    RequestObjectService requestObjectService = Mockito.mock(RequestObjectService.class);
    List<RequestedClaim> requestedClaims = Collections.emptyList();
    when(requestObjectService.getRequestedClaimsForIDToken(anyString())).thenReturn(requestedClaims);
    when(requestObjectService.getRequestedClaimsForUserInfo(anyString())).thenReturn(requestedClaims);
    // Skipping filtering with user consent.
    // TODO: Remove mocking claims filtering based on consent when fixing
    // https://github.com/wso2/product-is/issues/2676
    OpenIDConnectClaimFilterImpl openIDConnectClaimFilter = spy(new OpenIDConnectClaimFilterImpl());
    when(openIDConnectClaimFilter.getClaimsFilteredByUserConsent(anyMap(), any(AuthenticatedUser.class), anyString(), anyString())).thenAnswer(invocation -> invocation.getArguments()[0]);
    OpenIDConnectServiceComponentHolder.getInstance().getOpenIDConnectClaimFilters().add(openIDConnectClaimFilter);
    OpenIDConnectServiceComponentHolder.setRequestObjectService(requestObjectService);
    defaultOIDCClaimsCallbackHandler = new DefaultOIDCClaimsCallbackHandler();
    OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
}
Also used : RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) BasicDataSource(org.apache.commons.dbcp.BasicDataSource) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) ScopeClaimMappingDAOImpl(org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl) BeforeClass(org.testng.annotations.BeforeClass)

Aggregations

ScopeClaimMappingDAOImpl (org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAOImpl)5 BeforeClass (org.testng.annotations.BeforeClass)4 OpenIDConnectClaimFilterImpl (org.wso2.carbon.identity.openidconnect.OpenIDConnectClaimFilterImpl)2 RequestedClaim (org.wso2.carbon.identity.openidconnect.model.RequestedClaim)2 ArrayList (java.util.ArrayList)1 List (java.util.List)1 BasicDataSource (org.apache.commons.dbcp.BasicDataSource)1 ServiceRegistration (org.osgi.framework.ServiceRegistration)1 SSOConsentServiceImpl (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl)1 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)1 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)1 ApplicationManagementService (org.wso2.carbon.identity.application.mgt.ApplicationManagementService)1 ApplicationMgtListener (org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener)1 ClaimMetadataManagementService (org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService)1 ExternalClaim (org.wso2.carbon.identity.claim.metadata.mgt.model.ExternalClaim)1 AbstractEventHandler (org.wso2.carbon.identity.event.handler.AbstractEventHandler)1 TokenBinderInfo (org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo)1 OAuthServerConfiguration (org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration)1 OAuth2ScopeService (org.wso2.carbon.identity.oauth2.OAuth2ScopeService)1 OAuth2Service (org.wso2.carbon.identity.oauth2.OAuth2Service)1