From 5af6f314d0b7fb46e89f3075f8c6fad9b1267bf9 Mon Sep 17 00:00:00 2001 From: harshanl Date: Wed, 11 Nov 2015 20:58:47 +0530 Subject: [PATCH] Fixed EMM-939 --- .../extensions/validators/PermissionBasedScopeValidator.java | 3 ++- .../framework/authenticator/OAuthAuthenticator.java | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java index c741abc99a..cb8d59fb5c 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java @@ -81,11 +81,12 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator { User authzUser = accessTokenDO.getAuthzUser(); if ((permission != null) && (authzUser != null)) { String username = authzUser.getUserName(); + String userStore = authzUser.getUserStoreDomain(); int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain()); UserRealm userRealm = OAuthExtensionsDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId); if (userRealm != null && userRealm.getAuthorizationManager() != null) { status = userRealm.getAuthorizationManager() - .isUserAuthorized(username, permission.getPath(), + .isUserAuthorized(userStore +"/"+ username, permission.getPath(), PermissionMethod.UI_EXECUTE); } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 72e6134fa6..adc31a9c14 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -111,6 +111,10 @@ public class OAuthAuthenticator implements WebappAuthenticator { AuthenticatorFrameworkDataHolder.getInstance().getoAuth2TokenValidationService().validate(dto); if (oAuth2TokenValidationResponseDTO.isValid()) { String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser(); + //Remove the userstore domain from username + if (username.contains("/")) { + username = username.substring(username.indexOf('/') + 1); + } authenticationInfo.setUsername(username); authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username)); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username));