|
|
@ -25,6 +25,7 @@ import org.wso2.carbon.base.MultitenantConstants;
|
|
|
|
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
|
|
|
|
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
|
|
|
|
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
|
|
|
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
|
|
|
import org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler;
|
|
|
|
import org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler;
|
|
|
|
|
|
|
|
import org.wso2.carbon.identity.oauth2.model.RequestParameter;
|
|
|
|
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
|
|
|
|
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
|
|
|
|
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
|
|
|
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
|
|
|
|
|
|
|
|
|
|
@ -34,6 +35,7 @@ import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
|
|
|
@SuppressWarnings("unused")
|
|
|
|
@SuppressWarnings("unused")
|
|
|
|
public class ExtendedJWTGrantHandler extends JWTBearerGrantHandler {
|
|
|
|
public class ExtendedJWTGrantHandler extends JWTBearerGrantHandler {
|
|
|
|
private static Log log = LogFactory.getLog(ExtendedJWTGrantHandler.class);
|
|
|
|
private static Log log = LogFactory.getLog(ExtendedJWTGrantHandler.class);
|
|
|
|
|
|
|
|
private static final String TENANT_DOMAIN_KEY = "tenantDomain";
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) {
|
|
|
|
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) {
|
|
|
@ -42,10 +44,18 @@ public class ExtendedJWTGrantHandler extends JWTBearerGrantHandler {
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
|
|
|
|
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
|
|
|
|
/**
|
|
|
|
|
|
|
|
* This is added to skip per tenant IDP creation.
|
|
|
|
RequestParameter[] requestParameters = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters();
|
|
|
|
*/
|
|
|
|
for (RequestParameter requestParameter : requestParameters) {
|
|
|
|
tokReqMsgCtx.getOauth2AccessTokenReqDTO().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
|
|
|
|
if (TENANT_DOMAIN_KEY.equals(requestParameter.getKey())) {
|
|
|
|
|
|
|
|
String[] values = requestParameter.getValue();
|
|
|
|
|
|
|
|
if (values != null && values.length > 0) {
|
|
|
|
|
|
|
|
tokReqMsgCtx.getOauth2AccessTokenReqDTO()
|
|
|
|
|
|
|
|
.setTenantDomain(values[0]);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return super.validateGrant(tokReqMsgCtx);
|
|
|
|
return super.validateGrant(tokReqMsgCtx);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|