Java Code Examples for org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser#setUserName()
The following examples show how to use
org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser#setUserName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GraphBasedStepHandler.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
private AuthenticatedUser buildAuthenticatedUser(User user) { AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(user.getUserName()); authenticatedUser.setTenantDomain(user.getTenantDomain()); authenticatedUser.setUserStoreDomain(user.getUserStoreDomain()); return authenticatedUser; }
Example 2
Source File: JITProvisioningPostAuthenticationHandlerTest.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
/** * To get the authentication context and to call the handle method of the PostJitProvisioningHandler. * * @param sp1 Service Provider * @return relevant authentication context. * @throws FrameworkException Framwork Exception. */ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider sp1, boolean withAuthenticatedUser, boolean isFederated) throws FrameworkException { AuthenticationContext context = getAuthenticationContext(sp1); SequenceConfig sequenceConfig = configurationLoader .getSequenceConfig(context, Collections.emptyMap(), sp1); context.setSequenceConfig(sequenceConfig); context.setProperty(FrameworkConstants.STEP_BASED_SEQUENCE_HANDLER_TRIGGERED, true); ApplicationAuthenticator applicationAuthenticator = mock(ApplicationAuthenticator.class); if (isFederated) { applicationAuthenticator = mock(FederatedApplicationAuthenticator.class); } when(applicationAuthenticator.getName()).thenReturn("Authenticator1"); if (withAuthenticatedUser) { AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName("test"); authenticatedUser.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME); authenticatedUser.setAuthenticatedSubjectIdentifier("test"); sequenceConfig.setAuthenticatedUser(authenticatedUser); AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); authenticatorConfig.setApplicationAuthenticator(applicationAuthenticator); for (Map.Entry<Integer, StepConfig> entry : sequenceConfig.getStepMap().entrySet()) { StepConfig stepConfig = entry.getValue(); stepConfig.setAuthenticatedAutenticator(authenticatorConfig); stepConfig.setAuthenticatedUser(authenticatedUser); } context.setSequenceConfig(sequenceConfig); } UserCoreUtil.setDomainInThreadLocal("test_domain"); return context; }
Example 3
Source File: JsAuthenticationContextTest.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
@Test public void testGetLastLoginFailedUserFromWrappedContext() throws Exception { final String LAST_ATTEMPTED_USER_USERNAME = "lastAttemptedUsername"; final String LAST_ATTEMPTED_USER_TENANT_DOMAIN = "lastAttemptedTenantDomain"; final String LAST_ATTEMPTED_USER_USERSTORE_DOMAIN = "lastAttemptedUserstoreDomain"; AuthenticatedUser lastAttemptedUser = new AuthenticatedUser(); lastAttemptedUser.setUserName(LAST_ATTEMPTED_USER_USERNAME); lastAttemptedUser.setTenantDomain(LAST_ATTEMPTED_USER_TENANT_DOMAIN); lastAttemptedUser.setUserStoreDomain(LAST_ATTEMPTED_USER_USERSTORE_DOMAIN); AuthenticationContext authenticationContext = new AuthenticationContext(); authenticationContext.setProperty(FrameworkConstants.JSAttributes.JS_LAST_LOGIN_FAILED_USER, lastAttemptedUser); JsAuthenticationContext jsAuthenticationContext = new JsAuthenticationContext(authenticationContext); Bindings bindings = scriptEngine.getBindings(ScriptContext.GLOBAL_SCOPE); bindings.put("context", jsAuthenticationContext); Object result = scriptEngine.eval("context.lastLoginFailedUser"); assertNotNull(result); assertTrue(result instanceof JsAuthenticatedUser); String username = (String) scriptEngine.eval("context.lastLoginFailedUser.username"); assertEquals(username, LAST_ATTEMPTED_USER_USERNAME); String tenantDomain = (String) scriptEngine.eval("context.lastLoginFailedUser.tenantDomain"); assertEquals(tenantDomain, LAST_ATTEMPTED_USER_TENANT_DOMAIN); String userStoreDomain = (String) scriptEngine.eval("context.lastLoginFailedUser.userStoreDomain"); assertEquals(userStoreDomain, LAST_ATTEMPTED_USER_USERSTORE_DOMAIN.toUpperCase()); }
Example 4
Source File: ExtendedSAML2BearerGrantHandler.java From carbon-device-mgt with Apache License 2.0 | 5 votes |
@Override public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { if(!super.validateGrant(tokReqMsgCtx)){ return false; } AuthenticatedUser authenticatedUser = tokReqMsgCtx.getAuthorizedUser(); authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedUser.getUserName())); return true; }
Example 5
Source File: OAuthAdminService.java From carbon-identity with Apache License 2.0 | 5 votes |
/** * Update existing consumer application. * * @param consumerAppDTO <code>OAuthConsumerAppDTO</code> with updated application information * @throws IdentityOAuthAdminException Error when updating the underlying identity persistence store. */ public void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO) throws IdentityOAuthAdminException { String userName = CarbonContext.getThreadLocalCarbonContext().getUsername(); String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(userName); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO oauthappdo = new OAuthAppDO(); AuthenticatedUser user = new AuthenticatedUser(); user.setUserName(UserCoreUtil.removeDomainFromName(tenantAwareUsername)); user.setTenantDomain(tenantDomain); user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userName)); oauthappdo.setUser(user); oauthappdo.setOauthConsumerKey(consumerAppDTO.getOauthConsumerKey()); oauthappdo.setOauthConsumerSecret(consumerAppDTO.getOauthConsumerSecret()); oauthappdo.setCallbackUrl(consumerAppDTO.getCallbackUrl()); oauthappdo.setApplicationName(consumerAppDTO.getApplicationName()); if (OAuthConstants.OAuthVersions.VERSION_2.equals(consumerAppDTO.getOAuthVersion())) { List<String> allowedGrants = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = consumerAppDTO.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) { if (StringUtils.isBlank(requestedGrant)) { continue; } if (!allowedGrants.contains(requestedGrant)) { throw new IdentityOAuthAdminException(requestedGrant + " not allowed"); } } oauthappdo.setGrantTypes(consumerAppDTO.getGrantTypes()); } dao.updateConsumerApplication(oauthappdo); if (OAuthServerConfiguration.getInstance().isCacheEnabled()) { appInfoCache.addToCache(oauthappdo.getOauthConsumerKey(), oauthappdo); } }
Example 6
Source File: OAuth2Util.java From carbon-identity with Apache License 2.0 | 5 votes |
public static AuthenticatedUser getUserFromUserName(String username) throws IllegalArgumentException { if (StringUtils.isNotBlank(username)) { String tenantDomain = MultitenantUtils.getTenantDomain(username); String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username); String tenantAwareUsernameWithNoUserDomain = UserCoreUtil.removeDomainFromName(tenantAwareUsername); String userStoreDomain = IdentityUtil.extractDomainFromName(username).toUpperCase(); AuthenticatedUser user = new AuthenticatedUser(); user.setUserName(tenantAwareUsernameWithNoUserDomain); user.setTenantDomain(tenantDomain); user.setUserStoreDomain(userStoreDomain); return user; } throw new IllegalArgumentException("Cannot create user from empty user name"); }
Example 7
Source File: ExtendedClientCredentialsGrantHandler.java From carbon-apimgt with Apache License 2.0 | 5 votes |
@Override public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { boolean validateResult = super.validateGrant(tokReqMsgCtx); AuthenticatedUser user = tokReqMsgCtx.getAuthorizedUser(); String username = user.getUserName(); user.setUserName(username); tokReqMsgCtx.setAuthorizedUser(user); return validateResult; }
Example 8
Source File: SessionDataPublisherImpl.java From carbon-apimgt with Apache License 2.0 | 5 votes |
/** * Method to build a AuthenticatedUser type object * @param authenticatedUser required param * @return AuthenticatedUser type object * @throws IdentityOAuth2Exception exception */ private AuthenticatedUser buildAuthenticatedUser(AuthenticatedUser authenticatedUser) throws IdentityOAuth2Exception { AuthenticatedUser user = new AuthenticatedUser(); String tenantAwareusername = authenticatedUser.getUserName(); String tenantDomain = authenticatedUser.getTenantDomain(); user.setUserName(UserCoreUtil.removeDomainFromName(tenantAwareusername)); user.setTenantDomain(tenantDomain); user.setUserStoreDomain(IdentityUtil.extractDomainFromName(tenantAwareusername)); user.setFederatedUser(true); user.setUserStoreDomain(OAuth2Util.getUserStoreForFederatedUser(authenticatedUser)); return user; }
Example 9
Source File: PostAuthAssociationHandlerTest.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
/** * To get the authentication context and to call the handle method of the PostAuthAssociationHandler. * * @param sp1 Service Provider * @return relevant authentication context. * @throws FrameworkException Framework Exception. */ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider sp1, boolean withAuthenticatedUser, boolean isFederated, boolean withSpRoleMapping) throws FrameworkException { AuthenticationContext context = getAuthenticationContext(sp1); SequenceConfig sequenceConfig = configurationLoader .getSequenceConfig(context, Collections.emptyMap(), sp1); sequenceConfig.getApplicationConfig().setAlwaysSendMappedLocalSubjectId(true); context.setSequenceConfig(sequenceConfig); context.setProperty(FrameworkConstants.STEP_BASED_SEQUENCE_HANDLER_TRIGGERED, true); ApplicationAuthenticator applicationAuthenticator = mock(ApplicationAuthenticator.class); if (isFederated) { applicationAuthenticator = mock(FederatedApplicationAuthenticator.class); } when(applicationAuthenticator.getName()).thenReturn("Authenticator1"); if (withAuthenticatedUser) { AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName("federated"); authenticatedUser.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME); authenticatedUser.setAuthenticatedSubjectIdentifier("federated"); sequenceConfig.setAuthenticatedUser(authenticatedUser); AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); authenticatorConfig.setApplicationAuthenticator(applicationAuthenticator); for (Map.Entry<Integer, StepConfig> entry : sequenceConfig.getStepMap().entrySet()) { StepConfig stepConfig = entry.getValue(); stepConfig.setAuthenticatedAutenticator(authenticatorConfig); stepConfig.setAuthenticatedUser(authenticatedUser); } context.setSequenceConfig(sequenceConfig); } if (withSpRoleMapping) { sequenceConfig.getApplicationConfig().getClaimMappings().put(FrameworkConstants.LOCAL_ROLE_CLAIM_URI, FrameworkConstants.LOCAL_ROLE_CLAIM_URI); sequenceConfig.getApplicationConfig().getServiceProvider().getClaimConfig().setLocalClaimDialect(true); sequenceConfig.getApplicationConfig().getRoleMappings().put(ORI_ROLE_1, SP_MAPPED_ROLE_1); sequenceConfig.getApplicationConfig().getRoleMappings().put(ORI_ROLE_2, SP_MAPPED_ROLE_2); } return context; }
Example 10
Source File: DefaultRequestPathBasedSequenceHandlerTest.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Test(dataProvider = "getPostAuthenticationData") public void testHandlePostAuthentication(Map<String, String> unfilteredLocalClaims, Map<String, String> mappedAttributes, String subjectClaimUri, String expectedSubjectIdentifier) throws Exception { requestPathBasedSequenceHandler = spy(new DefaultRequestPathBasedSequenceHandler()); doReturn(mappedAttributes) .when(requestPathBasedSequenceHandler) .handleClaimMappings(any(AuthenticationContext.class)); doReturn("spRole1,spRole2") .when(requestPathBasedSequenceHandler) .getServiceProviderMappedUserRoles(any(SequenceConfig.class), anyList()); ServiceProvider serviceProvider = new ServiceProvider(); ApplicationConfig applicationConfig = spy(new ApplicationConfig(serviceProvider)); when(applicationConfig.getSubjectClaimUri()).thenReturn(subjectClaimUri); SequenceConfig sequenceConfig = new SequenceConfig(); sequenceConfig.setApplicationConfig(applicationConfig); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName("alice"); sequenceConfig.setAuthenticatedUser(new AuthenticatedUser()); AuthenticationContext context = new AuthenticationContext(); context.setProperty(FrameworkConstants.UNFILTERED_LOCAL_CLAIM_VALUES, unfilteredLocalClaims); context.setSequenceConfig(sequenceConfig); ApplicationAuthenticator applicationAuthenticator = mock(ApplicationAuthenticator.class); when(applicationAuthenticator.getName()).thenReturn("Authenticator1"); AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); authenticatorConfig.setApplicationAuthenticator(applicationAuthenticator); AuthenticatedIdPData idPData = new AuthenticatedIdPData(); idPData.setIdpName("LOCAL"); idPData.setAuthenticator(authenticatorConfig); mockStatic(FrameworkUtils.class); when(FrameworkUtils.getMultiAttributeSeparator()).thenReturn(","); requestPathBasedSequenceHandler.handlePostAuthentication(request, response, context, idPData); assertNotNull(context.getSequenceConfig().getAuthenticatedUser()); assertEquals(context.getSequenceConfig().getAuthenticatedUser().getAuthenticatedSubjectIdentifier(), expectedSubjectIdentifier); }
Example 11
Source File: DefaultStepBasedSequenceHandlerTest.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
@Test(dataProvider = "postAuthenticationDataProvider") public void testHandlePostUserName(String subjectClaimUriFromAppConfig, String spSubjectClaimValue, boolean appendTenantDomainToSubject, boolean appendUserStoreDomainToSubject, String authenticatedUserNameInSequence, String expectedSubjectIdentifier) throws Exception { stepBasedSequenceHandler = new DefaultStepBasedSequenceHandler(); ApplicationConfig applicationConfig = spy(new ApplicationConfig(new ServiceProvider())); when(applicationConfig.getSubjectClaimUri()).thenReturn(subjectClaimUriFromAppConfig); when(applicationConfig.isUseTenantDomainInLocalSubjectIdentifier()).thenReturn(appendTenantDomainToSubject); when(applicationConfig.isUseUserstoreDomainInLocalSubjectIdentifier()) .thenReturn(appendUserStoreDomainToSubject); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(authenticatedUserNameInSequence); authenticatedUser.setTenantDomain(FOO_TENANT); authenticatedUser.setUserStoreDomain(XY_USER_STORE_DOMAIN); SequenceConfig sequenceConfig = spy(new SequenceConfig()); Map<Integer, StepConfig> stepConfigMap = new HashMap<>(); StepConfig stepConfig = spy(new StepConfig()); when(stepConfig.getAuthenticatedUser()).thenReturn(authenticatedUser); when(stepConfig.isSubjectIdentifierStep()).thenReturn(false); when(stepConfig.isSubjectAttributeStep()).thenReturn(false); AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); authenticatorConfig.setApplicationAuthenticator(authenticator); when(stepConfig.getAuthenticatedAutenticator()).thenReturn(authenticatorConfig); stepConfigMap.put(1, stepConfig); sequenceConfig.setStepMap(stepConfigMap); sequenceConfig.setAuthenticatedUser(authenticatedUser); sequenceConfig.setApplicationConfig(applicationConfig); // SP subject claim value context.setProperty(FrameworkConstants.SERVICE_PROVIDER_SUBJECT_CLAIM_VALUE, spSubjectClaimValue); context.setSequenceConfig(sequenceConfig); stepBasedSequenceHandler.handlePostAuthentication(request, response, context); assertEquals(context.getSequenceConfig().getAuthenticatedUser().getUserName(), authenticatedUserNameInSequence); }
Example 12
Source File: OAuthAppDAO.java From carbon-identity with Apache License 2.0 | 4 votes |
public OAuthAppDO getAppInformation(String consumerKey) throws InvalidOAuthClientException, IdentityOAuth2Exception { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; ResultSet rSet = null; OAuthAppDO oauthApp = null; try { prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO); prepStmt.setString(1, persistenceProcessor.getProcessedClientId(consumerKey)); rSet = prepStmt.executeQuery(); List<OAuthAppDO> oauthApps = new ArrayList<>(); /** * We need to determine whether the result set has more than 1 row. Meaning, we found an application for * the given consumer key. There can be situations where a user passed a key which doesn't yet have an * associated application. We need to barf with a meaningful error message for this case */ boolean rSetHasRows = false; while (rSet.next()) { // There is at least one application associated with a given key rSetHasRows = true; if (rSet.getString(4) != null && rSet.getString(4).length() > 0) { oauthApp = new OAuthAppDO(); oauthApp.setOauthConsumerKey(consumerKey); oauthApp.setOauthConsumerSecret(persistenceProcessor.getPreprocessedClientSecret(rSet.getString(1))); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserName(rSet.getString(2)); oauthApp.setApplicationName(rSet.getString(3)); oauthApp.setOauthVersion(rSet.getString(4)); oauthApp.setCallbackUrl(rSet.getString(5)); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(6))); authenticatedUser.setUserStoreDomain(rSet.getString(7)); oauthApp.setUser(authenticatedUser); oauthApp.setGrantTypes(rSet.getString(8)); oauthApp.setId(rSet.getInt(9)); oauthApps.add(oauthApp); } } if (!rSetHasRows) { /** * We come here because user submitted a key that doesn't have any associated application with it. * We're throwing an error here because we cannot continue without this info. Otherwise it'll throw * a null values not supported error when it tries to cache this info */ throw new InvalidOAuthClientException("Cannot find an application associated with the given consumer key : " + consumerKey); } connection.commit(); } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt); } return oauthApp; }
Example 13
Source File: OAuthAppDAO.java From carbon-identity with Apache License 2.0 | 4 votes |
public OAuthAppDO getAppInformationByAppName(String appName) throws InvalidOAuthClientException, IdentityOAuth2Exception { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; ResultSet rSet = null; OAuthAppDO oauthApp = null; try { int tenantID = CarbonContext.getThreadLocalCarbonContext().getTenantId(); prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO_BY_APP_NAME); prepStmt.setString(1, appName); prepStmt.setInt(2, tenantID); rSet = prepStmt.executeQuery(); List<OAuthAppDO> oauthApps = new ArrayList<>(); oauthApp = new OAuthAppDO(); oauthApp.setApplicationName(appName); AuthenticatedUser user = new AuthenticatedUser(); user.setTenantDomain(IdentityTenantUtil.getTenantDomain(tenantID)); /** * We need to determine whether the result set has more than 1 row. Meaning, we found an application for * the given consumer key. There can be situations where a user passed a key which doesn't yet have an * associated application. We need to barf with a meaningful error message for this case */ boolean rSetHasRows = false; while (rSet.next()) { // There is at least one application associated with a given key rSetHasRows = true; if (rSet.getString(4) != null && rSet.getString(4).length() > 0) { oauthApp.setOauthConsumerSecret(persistenceProcessor.getPreprocessedClientSecret(rSet.getString(1))); user.setUserName(rSet.getString(2)); user.setUserStoreDomain(rSet.getString(3)); oauthApp.setUser(user); oauthApp.setOauthConsumerKey(persistenceProcessor.getPreprocessedClientId(rSet.getString(4))); oauthApp.setOauthVersion(rSet.getString(5)); oauthApp.setCallbackUrl(rSet.getString(6)); oauthApp.setGrantTypes(rSet.getString(7)); oauthApp.setId(rSet.getInt(8)); oauthApps.add(oauthApp); } } if (!rSetHasRows) { /** * We come here because user submitted a key that doesn't have any associated application with it. * We're throwing an error here because we cannot continue without this info. Otherwise it'll throw * a null values not supported error when it tries to cache this info */ String message = "Cannot find an application associated with the given consumer key : " + appName; if(log.isDebugEnabled()) { log.debug(message); } throw new InvalidOAuthClientException(message); } connection.commit(); } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt); } return oauthApp; }
Example 14
Source File: OAuthAdminService.java From carbon-identity with Apache License 2.0 | 4 votes |
/** * Registers an OAuth consumer application. * * @param application <code>OAuthConsumerAppDTO</code> with application information * @throws Exception Error when persisting the application information to the persistence store */ public void registerOAuthApplicationData(OAuthConsumerAppDTO application) throws IdentityOAuthAdminException{ String userName = CarbonContext.getThreadLocalCarbonContext().getUsername(); if (userName != null) { String tenantUser = MultitenantUtils.getTenantAwareUsername(userName); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); OAuthAppDAO dao = new OAuthAppDAO(); OAuthAppDO app = new OAuthAppDO(); if (application != null) { app.setApplicationName(application.getApplicationName()); if ((application.getGrantTypes().contains(AUTHORIZATION_CODE) || application.getGrantTypes() .contains(IMPLICIT)) && StringUtils.isEmpty(application.getCallbackUrl())) { throw new IdentityOAuthAdminException("Callback Url is required for Code or Implicit grant types"); } app.setCallbackUrl(application.getCallbackUrl()); if (application.getOauthConsumerKey() == null) { app.setOauthConsumerKey(OAuthUtil.getRandomNumber()); app.setOauthConsumerSecret(OAuthUtil.getRandomNumber()); } else { app.setOauthConsumerKey(application.getOauthConsumerKey()); app.setOauthConsumerSecret(application.getOauthConsumerSecret()); } String applicationUser = application.getUsername(); if (applicationUser != null && applicationUser.trim().length() > 0) { try { if (CarbonContext.getThreadLocalCarbonContext().getUserRealm(). getUserStoreManager().isExistingUser(application.getUsername())) { tenantUser = applicationUser; } else { log.warn("OAuth application registrant user name " + applicationUser + " does not exist in the user store. Using logged-in user name " + tenantUser + " as registrant name"); } } catch (UserStoreException e) { throw new IdentityOAuthAdminException("Error while retrieving the user store manager", e); } } AuthenticatedUser user = new AuthenticatedUser(); user.setUserName(UserCoreUtil.removeDomainFromName(tenantUser)); user.setTenantDomain(tenantDomain); user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userName)); app.setUser(user); if (application.getOAuthVersion() != null) { app.setOauthVersion(application.getOAuthVersion()); } else { // by default, assume OAuth 2.0, if it is not set. app.setOauthVersion(OAuthConstants.OAuthVersions.VERSION_2); } if (OAuthConstants.OAuthVersions.VERSION_2.equals(application.getOAuthVersion())) { List<String> allowedGrants = new ArrayList<>(Arrays.asList(getAllowedGrantTypes())); String[] requestGrants = application.getGrantTypes().split("\\s"); for (String requestedGrant : requestGrants) { if (StringUtils.isBlank(requestedGrant)){ continue; } if (!allowedGrants.contains(requestedGrant)) { throw new IdentityOAuthAdminException(requestedGrant + " not allowed"); } } app.setGrantTypes(application.getGrantTypes()); } dao.addOAuthApplication(app); if (OAuthServerConfiguration.getInstance().isCacheEnabled()) { appInfoCache.addToCache(app.getOauthConsumerKey(), app); } } } }
Example 15
Source File: TokenMgtDAO.java From carbon-identity with Apache License 2.0 | 4 votes |
public List<AuthzCodeDO> getLatestAuthorizationCodesOfTenant(int tenantId) throws IdentityOAuth2Exception { //we do not support access token partitioning here Connection connection = IdentityDatabaseUtil.getDBConnection();; PreparedStatement ps = null; ResultSet rs = null; List<AuthzCodeDO> latestAuthzCodes = new ArrayList<>(); try { String sqlQuery = SQLQueries.LIST_LATEST_AUTHZ_CODES_IN_TENANT; ps = connection.prepareStatement(sqlQuery); ps.setInt(1, tenantId); rs = ps.executeQuery(); while (rs.next()) { String authzCodeId = rs.getString(1); String authzCode = rs.getString(2); String consumerKey = rs.getString(3); String authzUser = rs.getString(4); String[] scope = OAuth2Util.buildScopeArray(rs.getString(5)); Timestamp issuedTime = rs.getTimestamp(6, Calendar.getInstance(TimeZone.getTimeZone(UTC))); long validityPeriodInMillis = rs.getLong(7); String callbackUrl = rs.getString(8); String userStoreDomain = rs.getString(9); AuthenticatedUser user = new AuthenticatedUser(); user.setUserName(authzUser); user.setUserStoreDomain(userStoreDomain); user.setTenantDomain(OAuth2Util.getTenantDomain(tenantId)); latestAuthzCodes.add(new AuthzCodeDO(user, scope, issuedTime, validityPeriodInMillis, callbackUrl, consumerKey, authzCode, authzCodeId)); } connection.commit(); } catch (SQLException e) { IdentityDatabaseUtil.rollBack(connection); throw new IdentityOAuth2Exception("Error occurred while retrieving latest authorization codes of tenant " + ":" + tenantId, e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, rs, ps); } return latestAuthzCodes; }
Example 16
Source File: TokenMgtDAO.java From carbon-identity with Apache License 2.0 | 4 votes |
public List<AuthzCodeDO> getLatestAuthorizationCodesOfUserStore(int tenantId, String userStorDomain) throws IdentityOAuth2Exception { //we do not support access token partitioning here Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement ps = null; ResultSet rs = null; List<AuthzCodeDO> latestAuthzCodes = new ArrayList<>(); try { String sqlQuery = SQLQueries.LIST_LATEST_AUTHZ_CODES_IN_USER_DOMAIN; ps = connection.prepareStatement(sqlQuery); ps.setInt(1, tenantId); ps.setString(2, userStorDomain.toUpperCase()); rs = ps.executeQuery(); while (rs.next()) { String authzCodeId = rs.getString(1); String authzCode = rs.getString(2); String consumerKey = rs.getString(3); String authzUser = rs.getString(4); String[] scope = OAuth2Util.buildScopeArray(rs.getString(5)); Timestamp issuedTime = rs.getTimestamp(6, Calendar.getInstance(TimeZone.getTimeZone(UTC))); long validityPeriodInMillis = rs.getLong(7); String callbackUrl = rs.getString(8); AuthenticatedUser user = new AuthenticatedUser(); user.setUserName(authzUser); user.setUserStoreDomain(userStorDomain); user.setTenantDomain(OAuth2Util.getTenantDomain(tenantId)); latestAuthzCodes.add(new AuthzCodeDO(user, scope, issuedTime, validityPeriodInMillis, callbackUrl, consumerKey, authzCode, authzCodeId)); } connection.commit(); } catch (SQLException e) { IdentityDatabaseUtil.rollBack(connection); throw new IdentityOAuth2Exception("Error occurred while retrieving latest authorization codes of user " + "store : " + userStorDomain + " in tenant :" + tenantId, e); } finally { IdentityDatabaseUtil.closeAllConnections(connection, rs, ps); } return latestAuthzCodes; }