From cab888d3211b55ef2c321170aba0b4e6c62b9866 Mon Sep 17 00:00:00 2001 From: inosh-perera Date: Sun, 18 Oct 2015 17:26:32 +0530 Subject: [PATCH 1/2] fixing issues in oauth app creation, SAML. Moving service provider configuratiions to config files --- .../DynamicClientRegistrationServiceImpl.java | 15 +++++++--- .../profile/RegistrationProfile.java | 28 +++++++++++++++++ .../JaggeryOAuthConfigurationSettings.java | 30 +++++++++++++++++++ .../DynamicClientWebAppRegistrationUtil.java | 17 ++++++++++- 4 files changed, 85 insertions(+), 5 deletions(-) diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java index 31aa091c26..0679b5f1e2 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java @@ -52,12 +52,11 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator"; private static final String BASIC = "basic"; private static final String LOCAL = "local"; - private static final String ASSERTION_CONSUMER_URI = "https://localhost:9443/mdm/sso/acs"; - private static final String AUDIENCE = "https://null:9443/oauth2/token"; private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class); private static final String AUTH_TYPE_OAUTH_2 = "oauth2"; private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret"; private static final int STEP_ORDER = 1; + private static final String OAUTH_VERSION = "OAuth-2.0"; @Override public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws @@ -122,6 +121,9 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist String grantType = profile.getGrantType(); String callbackUrl = profile.getCallbackUrl(); boolean isSaaSApp = profile.isSaasApp(); + String audience = profile.getAudience(); + String assertionConsumerURL = profile.getAssertionConsumerURL(); + String recepientValidationURL = profile.getRecepientValidationURL(); if (userId == null || userId.isEmpty()) { return null; @@ -177,6 +179,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist oAuthConsumerApp.setApplicationName(applicationName); oAuthConsumerApp.setCallbackUrl(callbackUrl); oAuthConsumerApp.setGrantTypes(grantType); + oAuthConsumerApp.setOAuthVersion(OAUTH_VERSION); if (log.isDebugEnabled()) { log.debug("Creating OAuth App " + applicationName); } @@ -216,9 +219,13 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO(); samlssoServiceProviderDTO.setIssuer(MDM); - samlssoServiceProviderDTO.setAssertionConsumerUrl(ASSERTION_CONSUMER_URI); + samlssoServiceProviderDTO.setAssertionConsumerUrls(new String[] {assertionConsumerURL}); samlssoServiceProviderDTO.setDoSignResponse(true); - samlssoServiceProviderDTO.setRequestedAudiences(new String[] { AUDIENCE }); + samlssoServiceProviderDTO.setRequestedAudiences(new String[] { audience }); + samlssoServiceProviderDTO.setDefaultAssertionConsumerUrl(assertionConsumerURL); + samlssoServiceProviderDTO.setRequestedRecipients(new String[] {recepientValidationURL}); + samlssoServiceProviderDTO.setDoSignAssertions(true); + SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry()); configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO); diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java index f755e9ed23..2cc1cce5a4 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java @@ -41,6 +41,34 @@ public class RegistrationProfile { private String tokenScope; private String grantType; private boolean saasApp; + private String audience; + + public String getRecepientValidationURL() { + return recepientValidationURL; + } + + public void setRecepientValidationURL(String recepientValidationURL) { + this.recepientValidationURL = recepientValidationURL; + } + + public String getAssertionConsumerURL() { + return assertionConsumerURL; + } + + public void setAssertionConsumerURL(String assertionConsumerURL) { + this.assertionConsumerURL = assertionConsumerURL; + } + + private String recepientValidationURL; + private String assertionConsumerURL; + + public String getAudience() { + return audience; + } + + public void setAudience(String audience) { + this.audience = audience; + } public boolean isSaasApp() { return saasApp; diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/JaggeryOAuthConfigurationSettings.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/JaggeryOAuthConfigurationSettings.java index 32f8b9bcc9..c46e82e013 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/JaggeryOAuthConfigurationSettings.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/JaggeryOAuthConfigurationSettings.java @@ -32,6 +32,36 @@ public class JaggeryOAuthConfigurationSettings { private String callbackURL; private String tokenScope; private boolean requireDynamicClientRegistration; + private String audience; + private String assertionConsumerURL; + private String recepientValidationURL; + + @XmlElement(name = "assertionConsumerURL", required = true) + public String getAssertionConsumerURL() { + return assertionConsumerURL; + } + + public void setAssertionConsumerURL(String assertionConsumerURL) { + this.assertionConsumerURL = assertionConsumerURL; + } + + @XmlElement(name = "recepientValidationURL", required = true) + public String getRecepientValidationURL() { + return recepientValidationURL; + } + + public void setRecepientValidationURL(String recepientValidationURL) { + this.recepientValidationURL = recepientValidationURL; + } + + @XmlElement(name = "audience", required = true) + public String getAudience() { + return audience; + } + + public void setAudience(String audience) { + this.audience = audience; + } @XmlElement(name = "saasApp", required = true) public boolean isSaasApp() { diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java index 5c826b338b..9540d0e9e8 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java @@ -52,8 +52,11 @@ public class DynamicClientWebAppRegistrationUtil { private final static String OAUTH_PARAM_TOKEN_SCOPE = "tokenScope"; private final static String OAUTH_PARAM_SAAS_APP = "saasApp"; private final static String OAUTH_PARAM_CALLBACK_URL = "callbackURL"; + private final static String AUDIENCE = "audience"; + private final static String ASSERTION_CONSUMER_URL = "assertionConsumerURL"; + private final static String RECEPIENT_VALIDATION_URL = "recepientValidationURL"; private static final String JAGGERY_APP_OAUTH_CONFIG_PATH = - "config" + File.separator + "oauth.json"; + "config" + File.separator + "service-provider.json"; private static final Log log = LogFactory.getLog(DynamicClientWebAppRegistrationUtil.class); @@ -192,6 +195,9 @@ public class DynamicClientWebAppRegistrationUtil { registrationProfile.setClientName(webAppName); registrationProfile.setSaasApp(jaggeryOAuthConfigurationSettings.isSaasApp()); registrationProfile.setOwner(DynamicClientWebAppRegistrationUtil.getUserName()); + registrationProfile.setAudience(jaggeryOAuthConfigurationSettings.getAudience()); + registrationProfile.setAssertionConsumerURL(jaggeryOAuthConfigurationSettings.getAssertionConsumerURL()); + registrationProfile.setRecepientValidationURL(jaggeryOAuthConfigurationSettings.getRecepientValidationURL()); if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) { registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL()); } else { @@ -244,6 +250,15 @@ public class DynamicClientWebAppRegistrationUtil { case DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_CALLBACK_URL: jaggeryOAuthConfigurationSettings.setCallbackURL(reader.nextString()); break; + case DynamicClientWebAppRegistrationUtil.AUDIENCE: + jaggeryOAuthConfigurationSettings.setAudience(reader.nextString()); + break; + case DynamicClientWebAppRegistrationUtil.ASSERTION_CONSUMER_URL: + jaggeryOAuthConfigurationSettings.setAssertionConsumerURL(reader.nextString()); + break; + case DynamicClientWebAppRegistrationUtil.RECEPIENT_VALIDATION_URL: + jaggeryOAuthConfigurationSettings.setRecepientValidationURL(reader.nextString()); + break; } } return jaggeryOAuthConfigurationSettings; From c74e27102f90ea979cde2238ca0cdbdf572ccdb2 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Sun, 18 Oct 2015 18:16:52 +0530 Subject: [PATCH 2/2] Fixing issues in adding license configs --- .../mgt/registry/RegistryBasedLicenseManager.java | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/license/mgt/registry/RegistryBasedLicenseManager.java b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/license/mgt/registry/RegistryBasedLicenseManager.java index 7eb9f200a1..a70f62d79e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/license/mgt/registry/RegistryBasedLicenseManager.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/license/mgt/registry/RegistryBasedLicenseManager.java @@ -107,15 +107,8 @@ public class RegistryBasedLicenseManager implements LicenseManager { @Override public void addLicense(final String deviceType, final License license) throws LicenseManagementException { try { - GenericArtifact artifact = this.getGenericArtifact(deviceType, license.getLanguage()); - if (artifact != null) { - if (log.isDebugEnabled()) { - log.debug("Generic artifact is null for '" + deviceType + "' device type. Hence license does not " + - "have content"); - } - return; - } - artifact = artifactManager.newGovernanceArtifact(new QName("http://www.wso2.com", deviceType)); + GenericArtifact artifact = + artifactManager.newGovernanceArtifact(new QName("http://www.wso2.com", deviceType)); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.NAME, license.getName()); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.VERSION, license.getVersion()); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.PROVIDER, license.getProvider());