From 88256979dd30efcfacd14ab0817efcd16f28d007 Mon Sep 17 00:00:00 2001 From: Ruwan Yatawara Date: Wed, 14 Mar 2018 13:17:23 +0530 Subject: [PATCH] Adding identity-consent mgt configs and changing login redirection page --- .../identity/application-authentication.xml | 4 +- .../src/core/conf/identity/identity.xml | 370 ++++++++++++++++-- .../web-xml/authenticationendpoint/web.xml | 64 ++- 3 files changed, 391 insertions(+), 47 deletions(-) diff --git a/modules/distribution/src/core/conf/identity/application-authentication.xml b/modules/distribution/src/core/conf/identity/application-authentication.xml index 6f8bcd22..37dc1140 100644 --- a/modules/distribution/src/core/conf/identity/application-authentication.xml +++ b/modules/distribution/src/core/conf/identity/application-authentication.xml @@ -29,7 +29,7 @@ AuthenticationEndpointURL is location of the web app containing the authentication related pages --> - /devicemgt/login + /authenticationendpoint/login.do /authenticationendpoint/retry.do - \ No newline at end of file + diff --git a/modules/distribution/src/core/conf/identity/identity.xml b/modules/distribution/src/core/conf/identity/identity.xml index 5529255b..b0417def 100644 --- a/modules/distribution/src/core/conf/identity/identity.xml +++ b/modules/distribution/src/core/conf/identity/identity.xml @@ -33,6 +33,12 @@ true 20160 1140 + + + 50000 + + + 50000 true @@ -217,13 +223,45 @@ org.wso2.carbon.device.mgt.oauth.extensions.validators.AccessTokenGrantValidator + + + + + authorization_code + + + implicit + + + - - + + + + + + + + + + + + + + false @@ -254,6 +292,26 @@ org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder SHA256withRSA + + + RSA-OAEP + + A128GCM + + + + RSA1_5 + RSA-OAEP + + + A128GCM + A192GCM + A256GCM + A128CBC-HS256 + A128CBC+HS256 + + + true ${carbon.protocol}://${carbon.host}:${carbon.management.port}/oauth2/token org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback + SHA256withRSA 3600 org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoUserStoreClaimRetriever org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInforRequestDefaultValidator org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoJSONResponseBuilder false + + false + + 120 + + + + + request_param_value_builder + org.wso2.carbon.identity.openidconnect.RequestParamRequestObjectBuilder + + + + + org.wso2.carbon.identity.openidconnect.RequestObjectValidatorImpl + + + true + 0 + 5 + @@ -315,6 +404,12 @@ http://www.w3.org/2000/09/xmldsig#sha1 true + + + + true + + + + + + + true + + true + true + + + true + + - - - - - + + + + + + + org.wso2.carbon.identity.governance.store.JDBCIdentityDataStore - - - + + + + + + + + + + + + + + + + + - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + - - - - + + + + + + /permission/admin/manage/identity/usermgt/view + + + /permission/admin/manage/identity/usermgt/view + + + + + + + /permission/admin/manage/identity/consentmgt/add + + + + /permission/admin/manage/identity/consentmgt/delete + + + + /permission/admin/manage/identity/consentmgt/add + + + + /permission/admin/manage/identity/consentmgt/delete + + + + /permission/admin/manage/identity/consentmgt/add + + + + /permission/admin/manage/identity/consentmgt/delete + + + + + + /permission/admin/manage/identity/applicationmgt/create + + /permission/admin/manage/identity/applicationmgt/delete - + + /permission/admin/manage/identity/applicationmgt/update + + + /permission/admin/manage/identity/applicationmgt/view + + + /permission/admin/manage/identity/applicationmgt/delete + + /permission/admin/manage/identity/applicationmgt/create - + /permission/admin/manage/identity/applicationmgt/view - + /permission/admin/manage/identity/pep + + /permission/admin/manage/identity/usermgt/create + + + /permission/admin/manage/identity/usermgt/list + + + /permission/admin/manage/identity/rolemgt/create + + + /permission/admin/manage/identity/rolemgt/view + + + /permission/admin/manage/identity/usermgt/view + + + /permission/admin/manage/identity/usermgt/update + + + /permission/admin/manage/identity/usermgt/update + + + /permission/admin/manage/identity/usermgt/delete + + + /permission/admin/manage/identity/rolemgt/view + + + /permission/admin/manage/identity/rolemgt/update + + + /permission/admin/manage/identity/rolemgt/update + + + /permission/admin/manage/identity/rolemgt/delete + + + /permission/admin/login + + + /permission/admin/manage/identity/usermgt/delete + + + /permission/admin/login + + + /permission/admin/login + + + /permission/admin/manage/identity/usermgt/create + + + + + + + + + /permission/admin/manage/identity/usermgt + + + /permission/admin/manage/identity/applicationmgt + + - + + - /api/identity/user/v0.9 - /api/identity/recovery/v0.9 - /oauth2 - /api/identity/entitlement + /api/identity/user/v1.0/ + /api/identity/consent-mgt/v1.0/ + /api/identity/recovery/v0.9/ + /oauth2/ + /scim2/ + /api/identity/entitlement/ + /api/identity/oauth2/dcr/v1.0/ /identity/(.*) + 300 diff --git a/modules/distribution/src/core/resources/web-apps/web-xml/authenticationendpoint/web.xml b/modules/distribution/src/core/resources/web-apps/web-xml/authenticationendpoint/web.xml index 466e8313..9b67df3f 100644 --- a/modules/distribution/src/core/resources/web-apps/web-xml/authenticationendpoint/web.xml +++ b/modules/distribution/src/core/resources/web-apps/web-xml/authenticationendpoint/web.xml @@ -53,9 +53,9 @@ https://localhost:9443/accountrecoveryendpoint - AccountRecoveryRESTEndpointURL - https://localhost:9443/t/tenant-domain/api/identity/user/v0.9/ - + AccountRecoveryRESTEndpointURL + https://localhost:9443/t/tenant-domain/api/identity/user/v1.0/ + @@ -90,6 +90,32 @@ /* + + ContentTypeBasedCachePreventionFilter + + org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter + + + patterns + "text/html" ,"application/json" ,"plain/text" + + + filterAction + enforce + + + httpHeaders + + Cache-Control: no-store, no-cache, must-revalidate, private + + + + + + ContentTypeBasedCachePreventionFilter + * + + org.wso2.carbon.identity.application.authentication.endpoint.util.listener.AuthenticationEndpointContextListener @@ -181,6 +207,21 @@ /registration.jsp + + consent.do + /consent.jsp + + + + cookie_policy.do + /cookie_policy.jsp + + + + privacy_policy.do + /privacy_policy.jsp + + retry.do /retry.do @@ -266,6 +307,21 @@ /claims.do + + consent.do + /consent.do + + + + cookie_policy.do + /cookie_policy.do + + + + privacy_policy.do + /privacy_policy.do + + java.lang.Throwable /generic-exception-response.jsp @@ -277,4 +333,4 @@ - + \ No newline at end of file