Merge pull request #779 from janakamarasena/oauth-token-grant-refractor

Access token grant handler
revert-70aa11f8
Ayyoob Hamza 8 years ago committed by GitHub
commit 0551598988

@ -34,10 +34,6 @@
<url>http://wso2.org</url> <url>http://wso2.org</url>
<dependencies> <dependencies>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.identity.authenticator.backend.oauth</artifactId>
</dependency>
<dependency> <dependency>
<groupId>commons-codec.wso2</groupId> <groupId>commons-codec.wso2</groupId>
<artifactId>commons-codec</artifactId> <artifactId>commons-codec</artifactId>
@ -91,7 +87,6 @@
org.wso2.carbon.device.mgt.oauth.extensions.* org.wso2.carbon.device.mgt.oauth.extensions.*
</Export-Package> </Export-Package>
<Import-Package> <Import-Package>
org.wso2.carbon.identity.authenticator.backend.oauth.*,
org.wso2.carbon.identity.oauth2.grant.jwt;version="${carbon.identity.jwt.grant.version.range}", org.wso2.carbon.identity.oauth2.grant.jwt;version="${carbon.identity.jwt.grant.version.range}",
org.apache.commons.lang, org.apache.commons.lang,
org.apache.commons.logging, org.apache.commons.logging,

@ -22,12 +22,11 @@ import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.keymgt.ScopesIssuer; import org.wso2.carbon.apimgt.keymgt.ScopesIssuer;
import org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator.LocalOAuthValidator;
import org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator.OAuthValidationResponse;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.authenticator.backend.oauth.validator.OAuth2TokenValidator;
import org.wso2.carbon.identity.authenticator.backend.oauth.validator.OAuthValidationResponse;
import org.wso2.carbon.identity.authenticator.backend.oauth.validator.OAuthValidatorFactory;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
@ -47,12 +46,12 @@ public class AccessTokenGrantHandler extends AbstractAuthorizationGrantHandler {
private static Log log = LogFactory.getLog(AccessTokenGrantHandler.class); private static Log log = LogFactory.getLog(AccessTokenGrantHandler.class);
private static final String TENANT_DOMAIN_KEY = "tenantDomain"; private static final String TENANT_DOMAIN_KEY = "tenantDomain";
private OAuth2TokenValidator tokenValidator; private LocalOAuthValidator tokenValidator;
public static final String TOKEN_GRANT_PARAM = "admin_access_token"; public static final String TOKEN_GRANT_PARAM = "admin_access_token";
public AccessTokenGrantHandler() { public AccessTokenGrantHandler() {
try { try {
tokenValidator = OAuthValidatorFactory.getValidator(); tokenValidator = new LocalOAuthValidator();
} catch (IllegalArgumentException e) { } catch (IllegalArgumentException e) {
log.error("Failed to initialise Authenticator", e); log.error("Failed to initialise Authenticator", e);
} }

@ -0,0 +1,60 @@
/*
* Copyright (c) 2015 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator;
import org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator.internal.OAuthAuthenticatorDataHolder;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import java.rmi.RemoteException;
/**
* Handles the authentication using the inbuilt IS features.
*/
public class LocalOAuthValidator {
private static final String BEARER_TOKEN_TYPE = "bearer";
/**
* This method gets a string accessToken and validates it and generate the OAuth2ClientApplicationDTO
* containing the validity and user details if valid.
*
* @param token which need to be validated.
* @return OAuthValidationResponse with the validated results.
*/
public OAuthValidationResponse validateToken(String token) throws RemoteException{
OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO();
OAuth2TokenValidationRequestDTO.OAuth2AccessToken accessToken =
validationRequest.new OAuth2AccessToken();
accessToken.setTokenType(BEARER_TOKEN_TYPE);
accessToken.setIdentifier(token);
validationRequest.setAccessToken(accessToken);
OAuth2TokenValidationResponseDTO tokenValidationResponse = OAuthAuthenticatorDataHolder.getInstance().
getOAuth2TokenValidationService().findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
boolean isValid = tokenValidationResponse.isValid();
String userName = null;
String tenantDomain = null;
if (isValid) {
userName = MultitenantUtils.getTenantAwareUsername(
tokenValidationResponse.getAuthorizedUser());
tenantDomain =
MultitenantUtils.getTenantDomain(tokenValidationResponse.getAuthorizedUser());
}
return new OAuthValidationResponse(userName, tenantDomain, isValid);
}
}

@ -0,0 +1,59 @@
/*
* Copyright (c) 2015 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator;
/**
* This class holds the authenticated user information after the OAuth2 token is validated.
*/
@SuppressWarnings("unused")
public class OAuthValidationResponse {
private String userName;
private String tenantDomain;
private boolean isValid;
public OAuthValidationResponse(String userName, String tenantDomain, boolean isValid) {
this.userName = userName;
this.tenantDomain = tenantDomain;
this.isValid = isValid;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getTenantDomain() {
return tenantDomain;
}
public void setTenantDomain(String tenantDomain) {
this.tenantDomain = tenantDomain;
}
public boolean isValid() {
return isValid;
}
public void setIsValid(boolean isValid) {
this.isValid = isValid;
}
}

@ -0,0 +1,49 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator.internal;
import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
/**
* DataHolder of Backend OAuth Authenticator component.
*/
public class OAuthAuthenticatorDataHolder {
private OAuth2TokenValidationService oAuth2TokenValidationService;
private static OAuthAuthenticatorDataHolder thisInstance = new OAuthAuthenticatorDataHolder();
private OAuthAuthenticatorDataHolder() {}
public static OAuthAuthenticatorDataHolder getInstance() {
return thisInstance;
}
public OAuth2TokenValidationService getOAuth2TokenValidationService() {
if (oAuth2TokenValidationService == null) {
throw new IllegalStateException("OAuth2TokenValidation service is not initialized properly");
}
return oAuth2TokenValidationService;
}
public void setOAuth2TokenValidationService(
OAuth2TokenValidationService oAuth2TokenValidationService) {
this.oAuth2TokenValidationService = oAuth2TokenValidationService;
}
}

@ -0,0 +1,76 @@
/*
* Copyright (c) 2015 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.oauth.validator.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
/**
* @scr.component name="org.wso2.carbon.device.mgt.oauth.extensions.authenticator" immediate="true"
* @scr.reference name="identity.oauth2.validation.service"
* interface="org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService"
* cardinality="1..1"
* policy="dynamic"
* bind="setOAuth2ValidationService"
* unbind="unsetOAuth2ValidationService"
*/
public class OAuthAuthenticatorServiceComponent {
private static final Log log = LogFactory.getLog(OAuthAuthenticatorServiceComponent.class);
@SuppressWarnings("unused")
protected void activate(ComponentContext componentContext) {
if (log.isDebugEnabled()) {
log.debug("Starting Backend OAuthAuthenticator Framework Bundle");
}
}
@SuppressWarnings("unused")
protected void deactivate(ComponentContext componentContext) {
//do nothing
}
/**
* Sets OAuth2TokenValidation Service.
*
* @param tokenValidationService An instance of OAuth2TokenValidationService.
*/
@SuppressWarnings("unused")
protected void setOAuth2ValidationService(OAuth2TokenValidationService tokenValidationService) {
if (log.isDebugEnabled()) {
log.debug("Setting OAuth2TokenValidationService Service");
}
OAuthAuthenticatorDataHolder.getInstance().setOAuth2TokenValidationService(tokenValidationService);
}
/**
* Unsets OAuth2TokenValidation Service.
*
* @param tokenValidationService An instance of OAuth2TokenValidationService
*/
@SuppressWarnings("unused")
protected void unsetOAuth2ValidationService(OAuth2TokenValidationService tokenValidationService) {
if (log.isDebugEnabled()) {
log.debug("Unsetting OAuth2TokenValidationService Service");
}
OAuthAuthenticatorDataHolder.getInstance().setOAuth2TokenValidationService(null);
}
}
Loading…
Cancel
Save