From b5b4e50b25767d1453b70e9c0e77c3c0397a4d35 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Sat, 19 Dec 2015 13:28:24 +0530 Subject: [PATCH] Revert "Improving performance of webapp authenticator valve implementation" This reverts commit 36462e2e4e1ede4166e128e3d89e49dd3965182c. --- .../pom.xml | 10 +- .../OAuthTokenValidationStubFactory.java | 119 ------------------ .../authenticator/BasicAuthAuthenticator.java | 17 --- .../CertificateAuthenticator.java | 17 --- .../authenticator/JWTAuthenticator.java | 17 --- .../authenticator/OAuthAuthenticator.java | 46 ++----- .../authenticator/WebappAuthenticator.java | 8 -- .../oauth/OAuth2TokenValidator.java | 1 - .../oauth/OAuthValidatorFactory.java | 29 +---- .../oauth/impl/RemoteOAuthValidator.java | 63 +++++----- .../framework/config/AuthenticatorConfig.java | 35 ------ ...uthenticatorFrameworkServiceComponent.java | 8 -- pom.xml | 12 +- 13 files changed, 49 insertions(+), 333 deletions(-) delete mode 100644 components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index 7684fb68e98..3dad448cc68 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -105,15 +105,9 @@ org.apache.axis2.client, org.apache.commons.codec.binary, org.apache.commons.httpclient, - org.wso2.carbon.core.security, - org.apache.axis2.context, - org.apache.commons.httpclient.params, - org.apache.commons.pool, - org.apache.commons.pool.impl, - org.apache.http.client, - org.apache.http.conn, - org.apache.http.impl.client + org.wso2.carbon.core.security + diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java deleted file mode 100644 index 85e22d45190..00000000000 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java +++ /dev/null @@ -1,119 +0,0 @@ -/* - * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.wso2.carbon.webapp.authenticator.framework.Utils; - -import org.apache.axis2.AxisFault; -import org.apache.axis2.client.Options; -import org.apache.axis2.client.ServiceClient; -import org.apache.axis2.transport.http.HTTPConstants; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.httpclient.Header; -import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.commons.pool.PoolableObjectFactory; -import org.apache.http.client.HttpClient; -import org.apache.http.conn.ClientConnectionManager; -import org.apache.http.impl.client.DefaultHttpClient; -import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; -import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants; -import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; - -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; - -public class OAuthTokenValidationStubFactory implements PoolableObjectFactory { - - private String url; - private String basicAuthHeader; - private static final Log log = LogFactory.getLog(OAuthTokenValidationStubFactory.class); - - private HttpClient httpClient; - - public OAuthTokenValidationStubFactory(String url, String adminUsername, String adminPassword, - Properties properties) { - this.url = url; - this.basicAuthHeader = new String(Base64.encodeBase64((adminUsername + ":" + adminPassword).getBytes())); - - MultiThreadedHttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager(); - connectionManager.getParams().setDefaultMaxConnectionsPerHost( - Integer.parseInt(properties.getProperty("MaxConnectionsPerHost"))); - connectionManager.getParams().setMaxTotalConnections( - Integer.parseInt(properties.getProperty("MaxTotalConnections"))); - this.httpClient = new DefaultHttpClient((ClientConnectionManager) connectionManager); - } - - @Override - public Object makeObject() throws Exception { - return this.createStub(); - } - - @Override - public void destroyObject(Object o) throws Exception { - - } - - @Override - public boolean validateObject(Object o) { - return true; - } - - @Override - public void activateObject(Object o) throws Exception { - if (log.isDebugEnabled()) { - log.debug("OAuth token validate stub instance is activated"); - } - } - - @Override - public void passivateObject(Object o) throws Exception { - if (o instanceof OAuth2TokenValidationServiceStub) { - OAuth2TokenValidationServiceStub stub = (OAuth2TokenValidationServiceStub) o; - stub._getServiceClient().cleanupTransport(); - stub._getServiceClient().setOptions(null); - } - } - - private OAuth2TokenValidationServiceStub createStub() throws OAuthTokenValidationException { - OAuth2TokenValidationServiceStub stub; - try { - stub = new OAuth2TokenValidationServiceStub(url); - ServiceClient client = stub._getServiceClient(); - client.getServiceContext().getConfigurationContext().setProperty( - HTTPConstants.CACHED_HTTP_CLIENT, httpClient); - - List
headerList = new ArrayList<>(); - Header header = new Header(); - header.setName(HTTPConstants.HEADER_AUTHORIZATION); - header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + basicAuthHeader); - headerList.add(header); - - Options options = client.getOptions(); - options.setProperty(HTTPConstants.HTTP_HEADERS, headerList); - options.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, "true"); - client.setOptions(options); - } catch (AxisFault axisFault) { - throw new OAuthTokenValidationException("Exception occurred while creating the " + - "OAuth2TokenValidationServiceStub.", axisFault); - } - return stub; - } - -} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java index 7b83a909234..902c796b557 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java @@ -27,8 +27,6 @@ import org.apache.tomcat.util.buf.MessageBytes; import org.wso2.carbon.webapp.authenticator.framework.Constants; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; -import java.util.Properties; - public class BasicAuthAuthenticator implements WebappAuthenticator { private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth"; @@ -57,21 +55,6 @@ public class BasicAuthAuthenticator implements WebappAuthenticator { return BasicAuthAuthenticator.BASIC_AUTH_AUTHENTICATOR; } - @Override - public String getProperty(String name) { - return null; - } - - @Override - public Properties getProperties() { - return null; - } - - @Override - public void setProperties(Properties properties) { - - } - private Credentials getCredentials(Request request) { Credentials credentials = null; MessageBytes authorization = diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java index cb59559ad55..2dd530c16f2 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java @@ -15,7 +15,6 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import java.security.cert.X509Certificate; -import java.util.Properties; /** * This authenticator authenticates HTTP requests using certificates. @@ -94,20 +93,4 @@ public class CertificateAuthenticator implements WebappAuthenticator { public String getName() { return CERTIFICATE_AUTHENTICATOR; } - - @Override - public String getProperty(String name) { - return null; - } - - @Override - public Properties getProperties() { - return null; - } - - @Override - public void setProperties(Properties properties) { - - } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java index 0f4cb51015e..16aeabc848e 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java @@ -39,7 +39,6 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData import java.security.interfaces.RSAPublicKey; import java.text.ParseException; -import java.util.Properties; import java.util.StringTokenizer; /** @@ -138,20 +137,4 @@ public class JWTAuthenticator implements WebappAuthenticator { public String getName() { return JWTAuthenticator.JWT_AUTHENTICATOR; } - - @Override - public String getProperty(String name) { - return null; - } - - @Override - public Properties getProperties() { - return null; - } - - @Override - public void setProperties(Properties properties) { - - } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 83838b87e1e..06bfe4f99d9 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -24,17 +24,16 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.MessageBytes; -import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException; -import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil; -import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; -import org.wso2.carbon.webapp.authenticator.framework.Constants; +import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO; +import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO; +import org.wso2.carbon.utils.multitenancy.MultitenantUtils; +import org.wso2.carbon.webapp.authenticator.framework.*; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidatorFactory; -import java.util.Properties; import java.util.StringTokenizer; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -47,23 +46,9 @@ public class OAuthAuthenticator implements WebappAuthenticator { private static final String BEARER_TOKEN_TYPE = "bearer"; private static final String RESOURCE_KEY = "resource"; - private Properties properties; - private OAuth2TokenValidator tokenValidator; private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); - public OAuthAuthenticator() { - String url = properties.getProperty("TokenValidationEndpointUrl"); - String adminUsername = properties.getProperty("Username"); - String adminPassword = properties.getProperty("Password"); - boolean isRemote = Boolean.parseBoolean(properties.getProperty("IsRemote")); - - Properties validatorProperties = new Properties(); - validatorProperties.setProperty("MaxTotalConnections", properties.getProperty("MaxTotalConnections")); - validatorProperties.setProperty("MaxConnectionsPerHost", properties.getProperty("MaxTotalConnectionsPerHost")); - this.tokenValidator = OAuthValidatorFactory.getNewValidator(url, adminUsername, adminPassword, isRemote, validatorProperties); - } - @Override public boolean canHandle(Request request) { MessageBytes authorization = @@ -108,8 +93,9 @@ public class OAuthAuthenticator implements WebappAuthenticator { String bearerToken = this.getBearerToken(request); //Set the resource context param. This will be used in scope validation. String resource = requestUri + ":" + requestMethod; - - OAuthValidationResponse oAuthValidationResponse = tokenValidator.validateToken(bearerToken, resource); + //Get the appropriate OAuth validator from OAuthValidatorFactory. + OAuth2TokenValidator oAuth2TokenValidator = OAuthValidatorFactory.getValidator(); + OAuthValidationResponse oAuthValidationResponse = oAuth2TokenValidator.validateToken(bearerToken, resource); if (oAuthValidationResponse.isValid()) { String username = oAuthValidationResponse.getUserName(); @@ -141,24 +127,6 @@ public class OAuthAuthenticator implements WebappAuthenticator { return OAuthAuthenticator.OAUTH_AUTHENTICATOR; } - @Override - public String getProperty(String name) { - if (properties == null) { - return null; - } - return properties.getProperty(name); - } - - @Override - public Properties getProperties() { - return properties; - } - - @Override - public void setProperties(Properties properties) { - this.properties = properties; - } - private String getBearerToken(Request request) { MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders(). diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java index 7817ba10d33..d3493e329d5 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java @@ -22,8 +22,6 @@ import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; -import java.util.Properties; - public interface WebappAuthenticator { enum Status { @@ -36,10 +34,4 @@ public interface WebappAuthenticator { String getName(); - String getProperty(String name); - - Properties getProperties(); - - void setProperties(Properties properties); - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java index 760058dbe3b..50ef34081c7 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java @@ -31,5 +31,4 @@ public interface OAuth2TokenValidator { * @return OAuthValidationResponse with the validated results. */ OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException; - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java index 7bc293bbb35..44fefdf9bcd 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java @@ -21,8 +21,6 @@ import org.wso2.carbon.core.security.AuthenticatorsConfiguration; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.RemoteOAuthValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.LocalOAuthValidator; -import java.util.Properties; - /** * The class validate the configurations and provide the most suitable implementation according to the configuration. * Factory class for OAuthValidator. @@ -34,19 +32,18 @@ public class OAuthValidatorFactory { private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername"; private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword"; private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator"; - private static final String OAUTH_ENDPOINT_POSTFIX = + private static String OAUTH_ENDPOINT_POSTFIX = "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; /** * This factory method checks the authenticators.xml configuration file and provides an appropriate implementation * of OAuth2TokenValidator. - * * @return OAuth2TokenValidator */ public static OAuth2TokenValidator getValidator() throws IllegalArgumentException { AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance(); AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration. - getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME); + getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME); boolean isRemote; String hostUrl; String adminUserName; @@ -57,34 +54,18 @@ public class OAuthValidatorFactory { hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL); adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME); adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD); - } else { + }else{ throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " + - "Authenticators.xml."); + "Authenticators.xml."); } if (isRemote) { if (!(hostUrl == null || hostUrl.trim().isEmpty())) { hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX; - return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword, null); + return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword); } else { throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml."); } } return new LocalOAuthValidator(); } - - public static OAuth2TokenValidator getNewValidator( - String url, String adminUsername, String adminPassword, boolean isRemote, - Properties properties) throws IllegalArgumentException { - if (isRemote) { - if (!(url == null || url.trim().isEmpty())) { - url = url + OAUTH_ENDPOINT_POSTFIX; - return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties); - } else { - throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator " + - "configuration."); - } - } - return new LocalOAuthValidator(); - } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java index 58eb3a06118..1a6142f3907 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java @@ -23,17 +23,12 @@ import org.apache.axis2.client.ServiceClient; import org.apache.axis2.transport.http.HTTPConstants; import org.apache.commons.codec.binary.Base64; import org.apache.commons.httpclient.Header; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.commons.pool.ObjectPool; -import org.apache.commons.pool.impl.GenericObjectPool; import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_TokenValidationContextParam; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; -import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; @@ -42,25 +37,30 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthV import java.rmi.RemoteException; import java.util.ArrayList; import java.util.List; -import java.util.Properties; /** * Handles the OAuth2 token validation from remote IS servers using remote OAuthValidation service-stub. */ public class RemoteOAuthValidator implements OAuth2TokenValidator { - private GenericObjectPool stubs; + private String hostURL; + private String adminUserName; + private String adminPassword; - private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class); + public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword) { + this.hostURL = hostURL; + this.adminUserName = adminUserName; + this.adminPassword = adminPassword; + } - public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) { - this.stubs = new GenericObjectPool( - new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties)); + private String getBasicAuthCredentials() { + byte[] bytesEncoded = Base64.encodeBase64((adminUserName + ":" + adminPassword).getBytes()); + return new String(bytesEncoded); } @Override public OAuthValidationResponse validateToken(String accessToken, String resource) throws - OAuthTokenValidationException { + OAuthTokenValidationException { OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO(); OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = new OAuth2TokenValidationRequestDTO_OAuth2AccessToken(); @@ -79,25 +79,29 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator { tokenValidationContextParams[0] = resourceContextParam; validationRequest.setContext(tokenValidationContextParams); + OAuth2TokenValidationServiceStub tokenValidationService; + try { + tokenValidationService = new OAuth2TokenValidationServiceStub(hostURL); + } catch (AxisFault axisFault) { + throw new OAuthTokenValidationException("Exception occurred while obtaining the " + + "OAuth2TokenValidationServiceStub.", axisFault); + } + ServiceClient client = tokenValidationService._getServiceClient(); + Options options = client.getOptions(); + List
headerList = new ArrayList<>(); + Header header = new Header(); + header.setName(HTTPConstants.HEADER_AUTHORIZATION); + header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + getBasicAuthCredentials()); + headerList.add(header); + options.setProperty(HTTPConstants.HTTP_HEADERS, headerList); + client.setOptions(options); OAuth2TokenValidationResponseDTO tokenValidationResponse; - OAuth2TokenValidationServiceStub stub = null; try { - stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject(); - tokenValidationResponse = stub. - findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); + tokenValidationResponse = tokenValidationService. + findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); } catch (RemoteException e) { - throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " + - "IS server for OAuth2 token validation.", e); - } catch (Exception e) { - throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " + - "service stub from the pool", e); - } finally { - try { - stubs.returnObject(stub); - } catch (Exception e) { - log.warn("Error occurred while returning the object back to the oauth token validation service " + - " stub pool", e); - } + throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for " + + "OAuth2 token validation.", e); } boolean isValid = tokenValidationResponse.getValid(); String userName; @@ -111,7 +115,6 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator { oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg()); return oAuthValidationResponse; } - return new OAuthValidationResponse(userName, tenantDomain, isValid); + return new OAuthValidationResponse(userName,tenantDomain,isValid); } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java index d1669bed883..6db4b46b03e 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java @@ -18,18 +18,14 @@ */ package org.wso2.carbon.webapp.authenticator.framework.config; -import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlElementWrapper; import javax.xml.bind.annotation.XmlRootElement; -import java.util.List; @XmlRootElement(name = "Authenticator") public class AuthenticatorConfig { private String name; private String className; - private List params; @XmlElement(name = "Name", required = true) public String getName() { @@ -49,35 +45,4 @@ public class AuthenticatorConfig { this.className = className; } - @XmlElementWrapper(name = "Parameters", nillable = true) - @XmlElement(name = "Parameter", nillable = false) - public List getParams() { - return params; - } - - @XmlRootElement(name = "Parameter") - public static class Parameter { - private String name; - private String value; - - @XmlAttribute(name = "Name") - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - @XmlElement(name = "Value") - public String getValue() { - return value; - } - - public void setValue(String value) { - this.value = value; - } - - } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index eef67ebaf7b..1fcb7a58c83 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -36,7 +36,6 @@ import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticator import java.util.ArrayList; import java.util.List; -import java.util.Properties; /** * @scr.component name="org.wso2.carbon.webapp.authenticator" immediate="true" @@ -80,13 +79,6 @@ public class WebappAuthenticatorFrameworkServiceComponent { for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) { WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()). newInstance(); - if (config.getParams() != null || !config.getParams().isEmpty()) { - Properties properties = new Properties(); - for (AuthenticatorConfig.Parameter param : config.getParams()) { - properties.setProperty(param.getName(), param.getValue()); - } - authenticator.setProperties(properties); - } repository.addAuthenticator(authenticator); } AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository); diff --git a/pom.xml b/pom.xml index 238e9a596de..15c69fe23db 100644 --- a/pom.xml +++ b/pom.xml @@ -1263,12 +1263,6 @@ neethi ${neethi.version} - - - commons-pool.wso2 - commons-pool - ${commons.pool.wso2.version} - @@ -1560,10 +1554,8 @@ 2.0.4 2.0.4.wso2v4 - - github-scm - - 1.5.6.wso2v1 + + github-scm