From 8578ff60ca3058044548077a22fba75d76e847f6 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Tue, 22 Dec 2015 06:15:55 +0530 Subject: [PATCH] Fixing the issue where client type is not honoured in dynamic client registration service --- .../DynamicClientRegistrationServiceImpl.java | 71 ++++++++++--------- .../profile/RegistrationProfile.java | 7 +- 2 files changed, 41 insertions(+), 37 deletions(-) diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java index 5e361d00775..b46d5df5507 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java @@ -41,7 +41,9 @@ import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO; import org.wso2.carbon.registry.core.Registry; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; +import java.util.ArrayList; import java.util.Arrays; +import java.util.List; /** * Implementation of DynamicClientRegistrationService. @@ -60,9 +62,12 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist private static final int STEP_ORDER = 1; private static final String OAUTH_VERSION = "OAuth-2.0"; + private static final String APPLICATION_TYPE_WEBAPP = "webapp"; + private static final String APPLICATION_TYPE_DEVICE = "device"; + @Override - public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws - DynamicClientRegistrationException { + public OAuthApplicationInfo registerOAuthApplication( + RegistrationProfile profile) throws DynamicClientRegistrationException { OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo(); String applicationName = profile.getClientName(); @@ -78,9 +83,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist OAuthApplicationInfo info; try { info = this.createOAuthApplication(profile); - } catch (DynamicClientRegistrationException e) { - throw new DynamicClientRegistrationException("Can not create OAuth application : " + applicationName, e); - } catch (IdentityException e) { + } catch (DynamicClientRegistrationException | IdentityException e) { throw new DynamicClientRegistrationException("Can not create OAuth application : " + applicationName, e); } @@ -98,13 +101,13 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist JSONObject jsonObject = new JSONObject(info.getJsonString()); if (jsonObject.has(DCRConstants.ClientMetadata.OAUTH_REDIRECT_URIS)) { oAuthApplicationInfo.addParameter(DCRConstants.ClientMetadata.OAUTH_REDIRECT_URIS, - jsonObject - .get(DCRConstants.ClientMetadata.OAUTH_REDIRECT_URIS)); + jsonObject + .get(DCRConstants.ClientMetadata.OAUTH_REDIRECT_URIS)); } if (jsonObject.has(DCRConstants.ClientMetadata.OAUTH_CLIENT_GRANT)) { oAuthApplicationInfo.addParameter(DCRConstants.ClientMetadata.OAUTH_CLIENT_GRANT, jsonObject - .get(DCRConstants.ClientMetadata.OAUTH_CLIENT_GRANT)); + .get(DCRConstants.ClientMetadata.OAUTH_CLIENT_GRANT)); } } catch (JSONException e) { throw new DynamicClientRegistrationException( @@ -166,7 +169,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(applicationName, tenantDomain); if (createdServiceProvider == null) { throw new DynamicClientRegistrationException("Couldn't create Service Provider Application " + - applicationName); + applicationName); } //Set SaaS app option createdServiceProvider.setSaasApp(isSaaSApp); @@ -199,8 +202,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist // Set the OAuthApp in InboundAuthenticationConfig InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig(); - InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs = new - InboundAuthenticationRequestConfig[2]; + List inboundAuthenticationRequestConfigs = new ArrayList<>(); InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = new InboundAuthenticationRequestConfig(); @@ -211,19 +213,22 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist Property property = new Property(); property.setName(OAUTH_CONSUMER_SECRET); property.setValue(oauthConsumerSecret); - Property[] properties = { property }; + Property[] properties = {property}; inboundAuthenticationRequestConfig.setProperties(properties); } - SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO(); - samlssoServiceProviderDTO.setIssuer(MDM); + if (APPLICATION_TYPE_WEBAPP.equals(profile.getApplicationType())) { + SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO(); + samlssoServiceProviderDTO.setIssuer(applicationName); - SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry()); - configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO); + SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry()); + configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO); - InboundAuthenticationRequestConfig samlAuthenticationRequest = new InboundAuthenticationRequestConfig(); - samlAuthenticationRequest.setInboundAuthKey(MDM); - samlAuthenticationRequest.setInboundAuthType(SAML_SSO); + InboundAuthenticationRequestConfig samlAuthenticationRequest = new InboundAuthenticationRequestConfig(); + samlAuthenticationRequest.setInboundAuthKey(applicationName); + samlAuthenticationRequest.setInboundAuthType(SAML_SSO); + inboundAuthenticationRequestConfigs.add(samlAuthenticationRequest); + } LocalAuthenticatorConfig localAuth = new LocalAuthenticatorConfig(); localAuth.setName(BASIC_AUTHENTICATOR); @@ -235,18 +240,18 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist authStep.setSubjectStep(true); authStep.setAttributeStep(true); - authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuth }); + authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[]{localAuth}); LocalAndOutboundAuthenticationConfig localOutboundAuthConfig = new LocalAndOutboundAuthenticationConfig(); localOutboundAuthConfig.setAuthenticationType(LOCAL); - localOutboundAuthConfig.setAuthenticationSteps(new AuthenticationStep[] { authStep }); + localOutboundAuthConfig.setAuthenticationSteps(new AuthenticationStep[]{authStep}); + createdServiceProvider.setLocalAndOutBoundAuthenticationConfig(localOutboundAuthConfig); - inboundAuthenticationRequestConfigs[0] = inboundAuthenticationRequestConfig; - inboundAuthenticationRequestConfigs[1] = samlAuthenticationRequest; + inboundAuthenticationRequestConfigs.add(inboundAuthenticationRequestConfig); inboundAuthenticationConfig - .setInboundAuthenticationRequestConfigs(inboundAuthenticationRequestConfigs); + .setInboundAuthenticationRequestConfigs(inboundAuthenticationRequestConfigs.toArray( + new InboundAuthenticationRequestConfig[inboundAuthenticationRequestConfigs.size()])); createdServiceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig); - createdServiceProvider.setLocalAndOutBoundAuthenticationConfig(localOutboundAuthConfig); // Update the Service Provider app to add OAuthApp as an Inbound Authentication Config appMgtService.updateApplication(createdServiceProvider, tenantDomain, userName); @@ -277,12 +282,12 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist protected Registry getConfigSystemRegistry() { return (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType. - SYSTEM_CONFIGURATION); + SYSTEM_CONFIGURATION); } @Override public boolean unregisterOAuthApplication(String userId, String applicationName, String consumerKey) throws - DynamicClientRegistrationException { + DynamicClientRegistrationException { DynamicClientRegistrationUtil.validateUsername(userId); DynamicClientRegistrationUtil.validateApplicationName(applicationName); DynamicClientRegistrationUtil.validateConsumerKey(consumerKey); @@ -319,7 +324,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist if (appMgtService == null) { throw new IllegalStateException( "Error occurred while retrieving Application Management" + - "Service"); + "Service"); } ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(applicationName, tenantDomain); if (createdServiceProvider == null) { @@ -333,7 +338,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist "Error occurred while removing ServiceProvider for application '" + applicationName + "'", e); } catch (IdentityOAuthAdminException e) { throw new DynamicClientRegistrationException("Error occurred while removing application '" + - applicationName + "'", e); + applicationName + "'", e); } finally { PrivilegedCarbonContext.endTenantFlow(); } @@ -347,12 +352,12 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist if (appMgtService == null) { throw new IllegalStateException( "Error occurred while retrieving Application Management" + - "Service"); + "Service"); } try { return appMgtService.getServiceProvider(applicationName, - CarbonContext.getThreadLocalCarbonContext().getTenantDomain()) != - null; + CarbonContext.getThreadLocalCarbonContext().getTenantDomain()) != + null; } catch (IdentityApplicationManagementException e) { throw new DynamicClientRegistrationException( "Error occurred while retrieving information of OAuthApp " + applicationName, e); @@ -360,7 +365,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist } private String replaceInvalidChars(String username) { - return username.replaceAll("@","_AT_"); + return username.replaceAll("@", "_AT_"); } } diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java index 2cc1cce5a42..6022bd84907 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java @@ -23,7 +23,7 @@ package org.wso2.carbon.dynamic.client.registration.profile; * * */ public class RegistrationProfile { -//todo mark mandatory fields + private String applicationType; private String[] redirectUris; private String clientName; @@ -42,6 +42,8 @@ public class RegistrationProfile { private String grantType; private boolean saasApp; private String audience; + private String recepientValidationURL; + private String assertionConsumerURL; public String getRecepientValidationURL() { return recepientValidationURL; @@ -59,9 +61,6 @@ public class RegistrationProfile { this.assertionConsumerURL = assertionConsumerURL; } - private String recepientValidationURL; - private String assertionConsumerURL; - public String getAudience() { return audience; }