Improving performance of token validation service invocation

4.x.x
prabathabey 9 years ago
commit edf21ae5c8

@ -60,15 +60,7 @@ public class OAuthEndpointProxy {
int status = serverResponse.getStatusLine().getStatusCode(); int status = serverResponse.getStatusLine().getStatusCode();
String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8); String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8);
response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build(); response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build();
} catch (URISyntaxException e) { } catch (URISyntaxException | IOException e) {
String msg = "Service invoke error occurred while registering client";
log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (UnsupportedEncodingException e) {
String msg = "Service invoke error occurred while registering client";
log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (IOException e) {
String msg = "Service invoke error occurred while registering client"; String msg = "Service invoke error occurred while registering client";
log.error(msg, e); log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();

@ -110,9 +110,7 @@
org.apache.commons.httpclient.params, org.apache.commons.httpclient.params,
org.apache.commons.pool, org.apache.commons.pool,
org.apache.commons.pool.impl, org.apache.commons.pool.impl,
org.apache.http.client,
org.apache.http.conn, org.apache.http.conn,
org.apache.http.impl.client,
org.apache.http.impl.conn org.apache.http.impl.conn
</Import-Package> </Import-Package>
</instructions> </instructions>

@ -63,8 +63,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public String getProperty(String name) { public void setProperties(Properties properties) {
return null;
} }
@Override @Override
@ -73,8 +73,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public void setProperties(Properties properties) { public String getProperty(String name) {
return null;
} }
private Credentials getCredentials(Request request) { private Credentials getCredentials(Request request) {

@ -101,8 +101,8 @@ public class CertificateAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public String getProperty(String name) { public void setProperties(Properties properties) {
return null;
} }
@Override @Override
@ -111,8 +111,8 @@ public class CertificateAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public void setProperties(Properties properties) { public String getProperty(String name) {
return null;
} }
} }

@ -145,8 +145,8 @@ public class JWTAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public String getProperty(String name) { public void setProperties(Properties properties) {
return null;
} }
@Override @Override
@ -155,8 +155,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
} }
@Override @Override
public void setProperties(Properties properties) { public String getProperty(String name) {
return null;
} }
} }

@ -18,7 +18,6 @@
*/ */
package org.wso2.carbon.webapp.authenticator.framework.authenticator; package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response; import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@ -27,7 +26,6 @@ import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
@ -43,53 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator {
private static final String OAUTH_AUTHENTICATOR = "OAuth"; private static final String OAUTH_AUTHENTICATOR = "OAuth";
private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s"; private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s";
private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN); private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s");
private static final String BEARER_TOKEN_TYPE = "bearer"; private static final String BEARER_TOKEN_TYPE = "bearer";
private static final String RESOURCE_KEY = "resource"; private static final String RESOURCE_KEY = "resource";
private Properties properties; private Properties properties;
private OAuth2TokenValidator tokenValidator; private OAuth2TokenValidator tokenValidator;
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
@Override
public void init() { public void init() {
if (properties == null) { if (this.properties == null) {
throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator are " + throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " +
"not provided"); "are not provided");
} }
String url = properties.getProperty("TokenValidationEndpointUrl");
if (url == null || url.isEmpty()) { String url = this.properties.getProperty("TokenValidationEndpointUrl");
if ((url == null) || (url.isEmpty())) {
throw new IllegalArgumentException("OAuth token validation endpoint url is not provided"); throw new IllegalArgumentException("OAuth token validation endpoint url is not provided");
} }
String adminUsername = properties.getProperty("Username"); String adminUsername = this.properties.getProperty("Username");
if (adminUsername == null) { if (adminUsername == null) {
throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint is " + throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " +
"not provided"); "is not provided");
} }
String adminPassword = properties.getProperty("Password");
String adminPassword = this.properties.getProperty("Password");
if (adminPassword == null) { if (adminPassword == null) {
throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint is " + throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " +
"not provided"); "is not provided");
} }
boolean isRemote = Boolean.parseBoolean(properties.getProperty("IsRemote"));
boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote"));
Properties validatorProperties = new Properties(); Properties validatorProperties = new Properties();
validatorProperties.setProperty("MaxTotalConnections", properties.getProperty("MaxTotalConnections")); validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections"));
validatorProperties.setProperty("MaxConnectionsPerHost", properties.getProperty("MaxConnectionsPerHost")); validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost"));
this.tokenValidator = this.tokenValidator =
OAuthValidatorFactory.getNewValidator(url, adminUsername, adminPassword, isRemote, validatorProperties); OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties);
} }
@Override public boolean canHandle(org.apache.catalina.connector.Request request) {
public boolean canHandle(Request request) { MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue;
if (authorization != null) { if (authorization != null) {
authorization.toBytes(); authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk(); ByteChunk authBC = authorization.getByteChunk();
tokenValue = authBC.toString(); String tokenValue = authBC.toString();
Matcher matcher = PATTERN.matcher(tokenValue); Matcher matcher = PATTERN.matcher(tokenValue);
if (matcher.find()) { if (matcher.find()) {
return true; return true;
@ -98,49 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return false; return false;
} }
@Override public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
public AuthenticationInfo authenticate(Request request, Response response) {
String requestUri = request.getRequestURI(); String requestUri = request.getRequestURI();
String requestMethod = request.getMethod(); String requestMethod = request.getMethod();
AuthenticationInfo authenticationInfo = new AuthenticationInfo(); AuthenticationInfo authenticationInfo = new AuthenticationInfo();
if (requestUri == null || "".equals(requestUri)) { if ((requestUri == null) || ("".equals(requestUri))) {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
return authenticationInfo; return authenticationInfo;
} }
StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
String context = tokenizer.nextToken(); String context = tokenizer.nextToken();
if (context == null || "".equals(context)) { if ((context == null) || ("".equals(context))) {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} }
String apiVersion = tokenizer.nextToken(); String apiVersion = tokenizer.nextToken();
//String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
String authLevel = "any"; String authLevel = "any";
try { try {
if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) { if ("noMatchedAuthScheme".equals(authLevel)) {
AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion, AuthenticationFrameworkUtil.handleNoMatchAuthScheme(
context); request, response, requestMethod, apiVersion, context);
authenticationInfo.setStatus(Status.CONTINUE);
authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} else { } else {
String bearerToken = this.getBearerToken(request); String bearerToken = getBearerToken(request);
//Set the resource context param. This will be used in scope validation.
String resource = requestUri + ":" + requestMethod; String resource = requestUri + ":" + requestMethod;
OAuthValidationResponse oAuthValidationResponse = tokenValidator.validateToken(bearerToken, resource); OAuthValidationResponse oAuthValidationResponse =
this.tokenValidator.validateToken(bearerToken, resource);
if (oAuthValidationResponse.isValid()) { if (oAuthValidationResponse.isValid()) {
String username = oAuthValidationResponse.getUserName(); String username = oAuthValidationResponse.getUserName();
String tenantDomain = oAuthValidationResponse.getTenantDomain(); String tenantDomain = oAuthValidationResponse.getTenantDomain();
//Remove the userstore domain from username
/*if (username.contains("/")) {
username = username.substring(username.indexOf('/') + 1);
}*/
authenticationInfo.setUsername(username); authenticationInfo.setUsername(username);
authenticationInfo.setTenantDomain(tenantDomain); authenticationInfo.setTenantDomain(tenantDomain);
authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain)); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain));
if (oAuthValidationResponse.isValid()) { if (oAuthValidationResponse.isValid())
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
}
} else { } else {
authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg()); authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg());
} }
@ -153,33 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return authenticationInfo; return authenticationInfo;
} }
@Override
public String getName() { public String getName() {
return OAuthAuthenticator.OAUTH_AUTHENTICATOR; return "OAuth";
} }
@Override
public String getProperty(String name) { public String getProperty(String name) {
if (properties == null) { if (this.properties == null) {
return null; return null;
} }
return properties.getProperty(name); return this.properties.getProperty(name);
} }
@Override
public Properties getProperties() { public Properties getProperties() {
return properties; return this.properties;
} }
@Override
public void setProperties(Properties properties) { public void setProperties(Properties properties) {
this.properties = properties; this.properties = properties;
} }
private String getBearerToken(Request request) { private String getBearerToken(org.apache.catalina.connector.Request request) {
MessageBytes authorization = MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
request.getCoyoteRequest().getMimeHeaders().
getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue = null; String tokenValue = null;
if (authorization != null) { if (authorization != null) {
authorization.toBytes(); authorization.toBytes();

@ -38,10 +38,10 @@ public interface WebappAuthenticator {
String getName(); String getName();
String getProperty(String name); void setProperties(Properties properties);
Properties getProperties(); Properties getProperties();
void setProperties(Properties properties); String getProperty(String name);
} }

@ -31,5 +31,4 @@ public interface OAuth2TokenValidator {
* @return OAuthValidationResponse with the validated results. * @return OAuthValidationResponse with the validated results.
*/ */
OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException; OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException;
} }

@ -29,61 +29,18 @@ import java.util.Properties;
*/ */
public class OAuthValidatorFactory { public class OAuthValidatorFactory {
private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote"; public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword,
private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL"; boolean isRemote, Properties properties)
private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername"; throws IllegalArgumentException
private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword"; {
private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator";
private static final String OAUTH_ENDPOINT_POSTFIX =
"/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
/**
* This factory method checks the authenticators.xml configuration file and provides an appropriate implementation
* of OAuth2TokenValidator.
*
* @return OAuth2TokenValidator
*/
public static OAuth2TokenValidator getValidator() throws IllegalArgumentException {
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.
getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME);
boolean isRemote;
String hostUrl;
String adminUserName;
String adminPassword;
if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) {
isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get(
AUTHENTICATOR_CONFIG_IS_REMOTE));
hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL);
adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME);
adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD);
} else {
throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " +
"Authenticators.xml.");
}
if (isRemote) { if (isRemote) {
if (!(hostUrl == null || hostUrl.trim().isEmpty())) { if ((url != null) && (!url.trim().isEmpty())) {
hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX; url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword, null);
} else {
throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml.");
}
}
return new LocalOAuthValidator();
}
public static OAuth2TokenValidator getNewValidator(
String url, String adminUsername, String adminPassword, boolean isRemote,
Properties properties) throws IllegalArgumentException {
if (isRemote) {
if (!(url == null || url.trim().isEmpty())) {
url = url + OAUTH_ENDPOINT_POSTFIX;
return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties); return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties);
} else {
throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator " +
"configuration.");
} }
throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration.");
} }
return new LocalOAuthValidator(); return new LocalOAuthValidator();
} }

@ -17,15 +17,8 @@
*/ */
package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl; package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Header;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.apache.commons.pool.ObjectPool;
import org.apache.commons.pool.impl.GenericObjectPool; import org.apache.commons.pool.impl.GenericObjectPool;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO;
@ -35,13 +28,10 @@ import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO
import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory; import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
import java.rmi.RemoteException; import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties; import java.util.Properties;
/** /**
@ -50,39 +40,30 @@ import java.util.Properties;
public class RemoteOAuthValidator implements OAuth2TokenValidator { public class RemoteOAuthValidator implements OAuth2TokenValidator {
private GenericObjectPool stubs; private GenericObjectPool stubs;
private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class); private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class);
public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) { public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) {
this.stubs = new GenericObjectPool( this.stubs = new GenericObjectPool(new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties));
new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties));
} }
@Override public OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException {
public OAuthValidationResponse validateToken(String accessToken,
String resource) throws OAuthTokenValidationException {
OAuth2TokenValidationServiceStub stub = null; OAuth2TokenValidationServiceStub stub = null;
OAuth2TokenValidationResponseDTO validationResponse; OAuth2TokenValidationResponseDTO validationResponse;
try { try {
OAuth2TokenValidationRequestDTO validationRequest = this.createValidationRequest(accessToken, resource); OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject(); stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
validationResponse = stub. validationResponse = stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
} catch (RemoteException e) { } catch (RemoteException e) {
throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " + throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for OAuth2 token validation.", e);
"IS server for OAuth2 token validation.", e);
} catch (Exception e) { } catch (Exception e) {
/* In this particular instance, generic exceptions are caught as enforced by the pooling library throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation service stub from the pool", e);
used to pool stubs created to invoke OAuth token validation service */
throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " +
"service stub from the pool", e);
} finally { } finally {
try { try {
stubs.returnObject(stub); this.stubs.returnObject(stub);
} catch (Exception e) { } catch (Exception e) {
log.warn("Error occurred while returning the object back to the oauth token validation service " + log.warn("Error occurred while returning the object back to the oauth token validation service stub pool", e);
" stub pool", e);
} }
} }
if (validationResponse == null) { if (validationResponse == null) {
@ -92,41 +73,38 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator {
return null; return null;
} }
String userName;
String tenantDomain;
boolean isValid = validationResponse.getValid(); boolean isValid = validationResponse.getValid();
String tenantDomain;
String username;
if (isValid) { if (isValid) {
userName = MultitenantUtils.getTenantAwareUsername( username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
validationResponse.getAuthorizedUser());
tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser()); tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
} else { } else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg()); oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
return oAuthValidationResponse; return oAuthValidationResponse;
} }
return new OAuthValidationResponse(userName, tenantDomain, isValid); return new OAuthValidationResponse(username, tenantDomain, isValid);
} }
private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) { private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {
OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO(); OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO();
OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE); oauthToken.setTokenType("bearer");
oauthToken.setIdentifier(accessToken); oauthToken.setIdentifier(accessToken);
validationRequest.setAccessToken(oauthToken); validationRequest.setAccessToken(oauthToken);
//Set the resource context param. This will be used in scope validation. OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new
OAuth2TokenValidationRequestDTO_TokenValidationContextParam(); resourceContextParam.setKey("resource");
resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY);
resourceContextParam.setValue(resource); resourceContextParam.setValue(resource);
OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
tokenValidationContextParams[0] = resourceContextParam; tokenValidationContextParams[0] = resourceContextParam;
validationRequest.setContext(tokenValidationContextParams); validationRequest.setContext(tokenValidationContextParams);
return validationRequest; return validationRequest;
} }
} }

@ -46,24 +46,23 @@ public class AuthenticatorConfig {
this.className = className; this.className = className;
} }
@XmlElementWrapper(name = "Parameters", nillable = true) @XmlElementWrapper(name="Parameters", nillable=true)
@XmlElement(name = "Parameter", nillable = false) @XmlElement(name="Parameter", nillable=false)
public List<Parameter> getParams() { public List<Parameter> getParams() {
return params; return this.params;
} }
public void setParams(List<Parameter> params) { public void setParams(List<Parameter> params) {
this.params = params; this.params = params;
} }
@XmlRootElement(name="Parameter")
@XmlRootElement(name = "Parameter")
public static class Parameter { public static class Parameter {
private String name; private String name;
private String value; private String value;
@XmlAttribute(name = "Name") @XmlAttribute(name="Name")
public String getName() { public String getName() {
return name; return this.name;
} }
public void setName(String name) { public void setName(String name) {
@ -72,13 +71,12 @@ public class AuthenticatorConfig {
@XmlValue @XmlValue
public String getValue() { public String getValue() {
return value; return this.value;
} }
public void setValue(String value) { public void setValue(String value) {
this.value = value; this.value = value;
} }
} }
} }

@ -78,9 +78,9 @@ public class WebappAuthenticatorFrameworkServiceComponent {
WebappAuthenticatorConfig.init(); WebappAuthenticatorConfig.init();
WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository(); WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository();
for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) { for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) {
WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()). WebappAuthenticator authenticator = (WebappAuthenticator)Class.forName(config.getClassName()).newInstance();
newInstance();
if (config.getParams() != null && !config.getParams().isEmpty()) { if ((config.getParams() != null) && (!config.getParams().isEmpty())) {
Properties properties = new Properties(); Properties properties = new Properties();
for (AuthenticatorConfig.Parameter param : config.getParams()) { for (AuthenticatorConfig.Parameter param : config.getParams()) {
properties.setProperty(param.getName(), param.getValue()); properties.setProperty(param.getName(), param.getValue());
@ -100,7 +100,7 @@ public class WebappAuthenticatorFrameworkServiceComponent {
log.debug("Web Application Authenticator Framework Bundle has been started successfully"); log.debug("Web Application Authenticator Framework Bundle has been started successfully");
} }
} catch (Throwable e) { } catch (Throwable e) {
log.error("Error occurred while initializing the bundle", e); log.error("Error occurred while initializing the bundle", e);
} }
} }

@ -3,14 +3,6 @@
<Authenticator> <Authenticator>
<Name>OAuth</Name> <Name>OAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName> <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName>
<Parameters>
<Parameter Name="TokenValidationEndpointUrl">https://localhost:9443</Parameter>
<Parameter Name="Username">admin</Parameter>
<Parameter Name="Password">admin</Parameter>
<Parameter Name="IsRemote">true</Parameter>
<Parameter Name="MaxConnectionsPerHost">10000</Parameter>
<Parameter Name="MaxTotalConnections">10000</Parameter>
</Parameters>
</Authenticator> </Authenticator>
<Authenticator> <Authenticator>
<Name>BasicAuth</Name> <Name>BasicAuth</Name>

@ -1263,6 +1263,7 @@
<artifactId>neethi</artifactId> <artifactId>neethi</artifactId>
<version>${neethi.version}</version> <version>${neethi.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>commons-pool.wso2</groupId> <groupId>commons-pool.wso2</groupId>
<artifactId>commons-pool</artifactId> <artifactId>commons-pool</artifactId>
@ -1278,6 +1279,7 @@
<artifactId>commons-httpclient</artifactId> <artifactId>commons-httpclient</artifactId>
<version>${commons.httpclient.version}</version> <version>${commons.httpclient.version}</version>
</dependency> </dependency>
</dependencies> </dependencies>
</dependencyManagement> </dependencyManagement>
@ -1580,6 +1582,7 @@
<commons.pool.wso2.version>1.5.6.wso2v1</commons.pool.wso2.version> <commons.pool.wso2.version>1.5.6.wso2v1</commons.pool.wso2.version>
<httpcomponents.httpclient.version>4.2.3.wso2v1</httpcomponents.httpclient.version> <httpcomponents.httpclient.version>4.2.3.wso2v1</httpcomponents.httpclient.version>
<commons.httpclient.version>3.1.0.wso2v2</commons.httpclient.version> <commons.httpclient.version>3.1.0.wso2v2</commons.httpclient.version>
</properties> </properties>
</project> </project>

Loading…
Cancel
Save