diff --git a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java index c738d8aec12..0594491121a 100644 --- a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java +++ b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java @@ -60,15 +60,7 @@ public class OAuthEndpointProxy { int status = serverResponse.getStatusLine().getStatusCode(); String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8); response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build(); - } catch (URISyntaxException e) { - String msg = "Service invoke error occurred while registering client"; - log.error(msg, e); - response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (UnsupportedEncodingException e) { - String msg = "Service invoke error occurred while registering client"; - log.error(msg, e); - response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (IOException e) { + } catch (URISyntaxException | IOException e) { String msg = "Service invoke error occurred while registering client"; log.error(msg, e); response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index 3dad448cc68..204806ea0ca 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -105,12 +105,29 @@ org.apache.axis2.client, org.apache.commons.codec.binary, org.apache.commons.httpclient, - org.wso2.carbon.core.security + org.wso2.carbon.core.security, + org.apache.axis2.context, + org.apache.commons.httpclient.params, + org.apache.commons.pool, + org.apache.commons.pool.impl, + org.apache.http.conn, + org.apache.http.impl.conn - + + org.apache.maven.plugins + maven-surefire-plugin + + + file:src/test/resources/log4j.properties + + + src/test/resources/testng.xml + + + @@ -175,6 +192,22 @@ org.wso2.carbon.devicemgt org.wso2.carbon.device.mgt.common + + org.apache.httpcomponents.wso2 + httpclient + + + commons-httpclient.wso2 + commons-httpclient + + + org.testng + testng + + + commons-pool.wso2 + commons-pool + diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java new file mode 100644 index 00000000000..95fbc86a446 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java @@ -0,0 +1,211 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.webapp.authenticator.framework.Utils; + +import org.apache.axis2.AxisFault; +import org.apache.axis2.client.Options; +import org.apache.axis2.client.ServiceClient; +import org.apache.axis2.transport.http.HTTPConstants; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.httpclient.Header; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpConnectionManager; +import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager; +import org.apache.commons.httpclient.params.HttpConnectionManagerParams; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.commons.pool.PoolableObjectFactory; +import org.apache.http.conn.HttpClientConnectionManager; +import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; +import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; +import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants; +import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; + +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; + +public class OAuthTokenValidationStubFactory implements PoolableObjectFactory { + + private String url; + private String basicAuthHeader; + private HttpClient httpClient; + + private static final Log log = LogFactory.getLog(OAuthTokenValidationStubFactory.class); + + public OAuthTokenValidationStubFactory(String url, String adminUsername, String adminPassword, + Properties properties) { + this.validateUrl(url); + this.url = url; + + this.validateCredentials(adminUsername, adminPassword); + this.basicAuthHeader = new String(Base64.encodeBase64((adminUsername + ":" + adminPassword).getBytes())); + + HttpConnectionManager connectionManager = this.createConnectionManager(properties); + this.httpClient = new HttpClient(connectionManager); + } + + /** + * Creates an instance of MultiThreadedHttpConnectionManager using HttpClient 3.x APIs + * + * @param properties Properties to configure MultiThreadedHttpConnectionManager + * @return An instance of properly configured MultiThreadedHttpConnectionManager + */ + private HttpConnectionManager createConnectionManager(Properties properties) { + HttpConnectionManagerParams params = new HttpConnectionManagerParams(); + if (properties == null || properties.isEmpty()) { + throw new IllegalArgumentException("Parameters required to initialize HttpClient instances " + + "associated with OAuth token validation service stub are not provided"); + } + String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost"); + if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) { + if (log.isDebugEnabled()) { + log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " + + "which is 2, will be used"); + } + } else { + params.setDefaultMaxConnectionsPerHost(Integer.parseInt(maxConnectionsPerHostParam)); + } + + String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections"); + if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) { + if (log.isDebugEnabled()) { + log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " + + "which is 10, will be used"); + } + } else { + params.setMaxTotalConnections(Integer.parseInt(maxTotalConnectionsParam)); + } + HttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager(); + connectionManager.setParams(params); + return connectionManager; + } + + /** + * Creates an instance of PoolingHttpClientConnectionManager using HttpClient 4.x APIs + * + * @param properties Properties to configure PoolingHttpClientConnectionManager + * @return An instance of properly configured PoolingHttpClientConnectionManager + */ + private HttpClientConnectionManager createClientConnectionManager(Properties properties) { + PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(); + if (properties != null) { + String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost"); + if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) { + if (log.isDebugEnabled()) { + log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " + + "which is 2, will be used"); + } + } else { + connectionManager.setDefaultMaxPerRoute(Integer.parseInt(maxConnectionsPerHostParam)); + } + + String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections"); + if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) { + if (log.isDebugEnabled()) { + log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " + + "which is 10, will be used"); + } + } else { + connectionManager.setMaxTotal(Integer.parseInt(maxTotalConnectionsParam)); + } + } else { + if (log.isDebugEnabled()) { + log.debug("Properties, i.e. MaxTotalConnections/MaxConnectionsPerHost, required to tune the " + + "HttpClient used in OAuth token validation service stub instances are not provided. " + + "Therefore, the defaults, 2/10 respectively, will be used"); + } + } + return connectionManager; + } + + @Override + public Object makeObject() throws Exception { + return this.createStub(); + } + + @Override + public void destroyObject(Object o) throws Exception { + + } + + @Override + public boolean validateObject(Object o) { + return true; + } + + @Override + public void activateObject(Object o) throws Exception { + if (log.isDebugEnabled()) { + log.debug("OAuth token validate stub instance is activated"); + } + } + + @Override + public void passivateObject(Object o) throws Exception { + if (o instanceof OAuth2TokenValidationServiceStub) { + OAuth2TokenValidationServiceStub stub = (OAuth2TokenValidationServiceStub) o; + stub._getServiceClient().cleanupTransport(); + } + } + + private OAuth2TokenValidationServiceStub createStub() throws OAuthTokenValidationException { + OAuth2TokenValidationServiceStub stub; + try { + stub = new OAuth2TokenValidationServiceStub(url); + ServiceClient client = stub._getServiceClient(); + client.getServiceContext().getConfigurationContext().setProperty( + HTTPConstants.CACHED_HTTP_CLIENT, httpClient); + + List
headerList = new ArrayList<>(); + Header header = new Header(); + header.setName(HTTPConstants.HEADER_AUTHORIZATION); + header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + basicAuthHeader); + headerList.add(header); + + Options options = client.getOptions(); + options.setProperty(HTTPConstants.HTTP_HEADERS, headerList); + options.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, "true"); + client.setOptions(options); + } catch (AxisFault axisFault) { + throw new OAuthTokenValidationException("Error occurred while creating the " + + "OAuth2TokenValidationServiceStub.", axisFault); + } + return stub; + } + + private void validateUrl(String url) { + if (url == null || url.isEmpty()) { + throw new IllegalArgumentException("Url provided as the endpoint of the OAuth token validation service " + + "is null"); + } + } + + private void validateCredentials(String adminUsername, String adminPassword) { + if (adminUsername == null || adminUsername.isEmpty()) { + throw new IllegalArgumentException("An appropriate username required to initialize OAuth token " + + "validation service stub factory hasn't been provided"); + } + if (adminPassword == null || adminPassword.isEmpty()) { + throw new IllegalArgumentException("An appropriate password required to initialize OAuth token " + + "validation service stub factory hasn't been provided"); + } + } + +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java index 9613b18c00e..c211e74e9be 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java @@ -26,7 +26,8 @@ import java.util.Map; public class WebappAuthenticatorFactory { public static WebappAuthenticator getAuthenticator(String authScheme) { - return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme); + return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository(). + getAuthenticator(authScheme); } public static WebappAuthenticator getAuthenticator(Request request) { diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java index 902c796b557..7b752ce77a0 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java @@ -27,10 +27,17 @@ import org.apache.tomcat.util.buf.MessageBytes; import org.wso2.carbon.webapp.authenticator.framework.Constants; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; +import java.util.Properties; + public class BasicAuthAuthenticator implements WebappAuthenticator { private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth"; + @Override + public void init() { + + } + @Override public boolean canHandle(Request request) { MessageBytes authorization = @@ -55,6 +62,21 @@ public class BasicAuthAuthenticator implements WebappAuthenticator { return BasicAuthAuthenticator.BASIC_AUTH_AUTHENTICATOR; } + @Override + public void setProperties(Properties properties) { + + } + + @Override + public Properties getProperties() { + return null; + } + + @Override + public String getProperty(String name) { + return null; + } + private Credentials getCredentials(Request request) { Credentials credentials = null; MessageBytes authorization = diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java index 2dd530c16f2..f747c6d30b9 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java @@ -15,6 +15,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import java.security.cert.X509Certificate; +import java.util.Properties; /** * This authenticator authenticates HTTP requests using certificates. @@ -25,6 +26,11 @@ public class CertificateAuthenticator implements WebappAuthenticator { private static final String CERTIFICATE_AUTHENTICATOR = "CertificateAuth"; private static final String CERTIFICATE_VERIFICATION_HEADER = "certificate-verification-header"; + @Override + public void init() { + + } + @Override public boolean canHandle(Request request) { String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER); @@ -93,4 +99,20 @@ public class CertificateAuthenticator implements WebappAuthenticator { public String getName() { return CERTIFICATE_AUTHENTICATOR; } + + @Override + public void setProperties(Properties properties) { + + } + + @Override + public Properties getProperties() { + return null; + } + + @Override + public String getProperty(String name) { + return null; + } + } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java index 16aeabc848e..cb1d11d34fa 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java @@ -39,6 +39,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData import java.security.interfaces.RSAPublicKey; import java.text.ParseException; +import java.util.Properties; import java.util.StringTokenizer; /** @@ -51,6 +52,11 @@ public class JWTAuthenticator implements WebappAuthenticator { private static final String JWT_AUTHENTICATOR = "JWT"; private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion"; + @Override + public void init() { + + } + @Override public boolean canHandle(Request request) { String authorizationHeader = request.getHeader(JWTAuthenticator.JWT_ASSERTION_HEADER); @@ -137,4 +143,19 @@ public class JWTAuthenticator implements WebappAuthenticator { public String getName() { return JWTAuthenticator.JWT_AUTHENTICATOR; } + + @Override + public void setProperties(Properties properties) { + + } + + @Override + public Properties getProperties() { + return null; + } + + @Override + public String getProperty(String name) { + return null; + } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 06bfe4f99d9..bbeab152a3f 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -18,22 +18,21 @@ */ package org.wso2.carbon.webapp.authenticator.framework.authenticator; -import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.MessageBytes; -import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO; -import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO; -import org.wso2.carbon.utils.multitenancy.MultitenantUtils; -import org.wso2.carbon.webapp.authenticator.framework.*; +import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException; +import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil; +import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidatorFactory; +import java.util.Properties; import java.util.StringTokenizer; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -42,22 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator { private static final String OAUTH_AUTHENTICATOR = "OAuth"; private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s"; - private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN); + private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s"); private static final String BEARER_TOKEN_TYPE = "bearer"; private static final String RESOURCE_KEY = "resource"; + private Properties properties; + private OAuth2TokenValidator tokenValidator; + private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); + public void init() { + if (this.properties == null) { + throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " + + "are not provided"); + } - private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); + String url = this.properties.getProperty("TokenValidationEndpointUrl"); + if ((url == null) || (url.isEmpty())) { + throw new IllegalArgumentException("OAuth token validation endpoint url is not provided"); + } + String adminUsername = this.properties.getProperty("Username"); + if (adminUsername == null) { + throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " + + "is not provided"); + } + + String adminPassword = this.properties.getProperty("Password"); + if (adminPassword == null) { + throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " + + "is not provided"); + } + + boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote")); + + Properties validatorProperties = new Properties(); + validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections")); + validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost")); + this.tokenValidator = + OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties); + } + + public boolean canHandle(org.apache.catalina.connector.Request request) { + MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization"); - @Override - public boolean canHandle(Request request) { - MessageBytes authorization = - request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); - String tokenValue; if (authorization != null) { authorization.toBytes(); ByteChunk authBC = authorization.getByteChunk(); - tokenValue = authBC.toString(); + String tokenValue = authBC.toString(); Matcher matcher = PATTERN.matcher(tokenValue); if (matcher.find()) { return true; @@ -66,50 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator { return false; } - @Override - public AuthenticationInfo authenticate(Request request, Response response) { + public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) { String requestUri = request.getRequestURI(); String requestMethod = request.getMethod(); AuthenticationInfo authenticationInfo = new AuthenticationInfo(); - if (requestUri == null || "".equals(requestUri)) { - authenticationInfo.setStatus(Status.CONTINUE); + if ((requestUri == null) || ("".equals(requestUri))) { + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); return authenticationInfo; } StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); String context = tokenizer.nextToken(); - if (context == null || "".equals(context)) { - authenticationInfo.setStatus(Status.CONTINUE); + if ((context == null) || ("".equals(context))) { + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } String apiVersion = tokenizer.nextToken(); - //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod); + String authLevel = "any"; try { - if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) { - AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion, - context); - authenticationInfo.setStatus(Status.CONTINUE); + if ("noMatchedAuthScheme".equals(authLevel)) { + AuthenticationFrameworkUtil.handleNoMatchAuthScheme( + request, response, requestMethod, apiVersion, context); + + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } else { - String bearerToken = this.getBearerToken(request); - //Set the resource context param. This will be used in scope validation. + String bearerToken = getBearerToken(request); + String resource = requestUri + ":" + requestMethod; - //Get the appropriate OAuth validator from OAuthValidatorFactory. - OAuth2TokenValidator oAuth2TokenValidator = OAuthValidatorFactory.getValidator(); - OAuthValidationResponse oAuthValidationResponse = oAuth2TokenValidator.validateToken(bearerToken, resource); + + OAuthValidationResponse oAuthValidationResponse = + this.tokenValidator.validateToken(bearerToken, resource); if (oAuthValidationResponse.isValid()) { String username = oAuthValidationResponse.getUserName(); String tenantDomain = oAuthValidationResponse.getTenantDomain(); - //Remove the userstore domain from username - /*if (username.contains("/")) { - username = username.substring(username.indexOf('/') + 1); - }*/ + authenticationInfo.setUsername(username); authenticationInfo.setTenantDomain(tenantDomain); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain)); - if (oAuthValidationResponse.isValid()) { - authenticationInfo.setStatus(Status.CONTINUE); - } + if (oAuthValidationResponse.isValid()) + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } else { authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg()); } @@ -122,15 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator { return authenticationInfo; } - @Override public String getName() { - return OAuthAuthenticator.OAUTH_AUTHENTICATOR; + return "OAuth"; + } + + public String getProperty(String name) { + if (this.properties == null) { + return null; + } + return this.properties.getProperty(name); + } + + public Properties getProperties() { + return this.properties; } - private String getBearerToken(Request request) { - MessageBytes authorization = - request.getCoyoteRequest().getMimeHeaders(). - getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); + public void setProperties(Properties properties) { + this.properties = properties; + } + + private String getBearerToken(org.apache.catalina.connector.Request request) { + MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization"); + String tokenValue = null; if (authorization != null) { authorization.toBytes(); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java index d3493e329d5..1f76ac4d2f4 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java @@ -22,16 +22,26 @@ import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; +import java.util.Properties; + public interface WebappAuthenticator { enum Status { SUCCESS, FAILURE, CONTINUE } + void init(); + boolean canHandle(Request request); AuthenticationInfo authenticate(Request request, Response response); String getName(); + void setProperties(Properties properties); + + Properties getProperties(); + + String getProperty(String name); + } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java index 44fefdf9bcd..a5bbf2cbdb9 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java @@ -21,51 +21,27 @@ import org.wso2.carbon.core.security.AuthenticatorsConfiguration; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.RemoteOAuthValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.LocalOAuthValidator; +import java.util.Properties; + /** * The class validate the configurations and provide the most suitable implementation according to the configuration. * Factory class for OAuthValidator. */ public class OAuthValidatorFactory { - private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote"; - private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL"; - private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername"; - private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword"; - private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator"; - private static String OAUTH_ENDPOINT_POSTFIX = - "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; - - /** - * This factory method checks the authenticators.xml configuration file and provides an appropriate implementation - * of OAuth2TokenValidator. - * @return OAuth2TokenValidator - */ - public static OAuth2TokenValidator getValidator() throws IllegalArgumentException { - AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance(); - AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration. - getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME); - boolean isRemote; - String hostUrl; - String adminUserName; - String adminPassword; - if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) { - isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get( - AUTHENTICATOR_CONFIG_IS_REMOTE)); - hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL); - adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME); - adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD); - }else{ - throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " + - "Authenticators.xml."); - } + public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword, + boolean isRemote, Properties properties) + throws IllegalArgumentException + { if (isRemote) { - if (!(hostUrl == null || hostUrl.trim().isEmpty())) { - hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX; - return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword); - } else { - throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml."); + if ((url != null) && (!url.trim().isEmpty())) { + url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; + return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties); } + throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration."); } + return new LocalOAuthValidator(); } + } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java index 1a6142f3907..77009413828 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java @@ -17,104 +17,103 @@ */ package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl; -import org.apache.axis2.AxisFault; -import org.apache.axis2.client.Options; -import org.apache.axis2.client.ServiceClient; -import org.apache.axis2.transport.http.HTTPConstants; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.httpclient.Header; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.commons.pool.impl.GenericObjectPool; import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_TokenValidationContextParam; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; +import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; -import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import java.rmi.RemoteException; -import java.util.ArrayList; -import java.util.List; +import java.util.Properties; /** * Handles the OAuth2 token validation from remote IS servers using remote OAuthValidation service-stub. */ public class RemoteOAuthValidator implements OAuth2TokenValidator { - private String hostURL; - private String adminUserName; - private String adminPassword; + private GenericObjectPool stubs; + private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class); - public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword) { - this.hostURL = hostURL; - this.adminUserName = adminUserName; - this.adminPassword = adminPassword; + public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) { + this.stubs = + new GenericObjectPool(new OAuthTokenValidationStubFactory( + hostURL, adminUserName, adminPassword, properties)); } - private String getBasicAuthCredentials() { - byte[] bytesEncoded = Base64.encodeBase64((adminUserName + ":" + adminPassword).getBytes()); - return new String(bytesEncoded); + public OAuthValidationResponse validateToken(String accessToken, + String resource) throws OAuthTokenValidationException { + OAuth2TokenValidationServiceStub stub = null; + OAuth2TokenValidationResponseDTO validationResponse; + try { + OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource); + stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject(); + validationResponse = + stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); + } catch (RemoteException e) { + throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " + + "IS server for OAuth2 token validation.", e); + } catch (Exception e) { + throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " + + "service stub from the pool", e); + } finally { + try { + this.stubs.returnObject(stub); + } catch (Exception e) { + log.warn("Error occurred while returning the object back to the oauth token validation service " + + "stub pool", e); + } + } + + if (validationResponse == null) { + if (log.isDebugEnabled()) { + log.debug("Response returned by the OAuth token validation service is null"); + } + return null; + } + + boolean isValid = validationResponse.getValid(); + String tenantDomain; + String username; + if (isValid) { + username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser()); + tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser()); + } else { + OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); + oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg()); + return oAuthValidationResponse; + } + return new OAuthValidationResponse(username, tenantDomain, isValid); } - @Override - public OAuthValidationResponse validateToken(String accessToken, String resource) throws - OAuthTokenValidationException { + private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) { OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO(); OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = new OAuth2TokenValidationRequestDTO_OAuth2AccessToken(); - oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE); + + oauthToken.setTokenType("bearer"); oauthToken.setIdentifier(accessToken); validationRequest.setAccessToken(oauthToken); - //Set the resource context param. This will be used in scope validation. - OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new - OAuth2TokenValidationRequestDTO_TokenValidationContextParam(); - resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY); + OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = + new OAuth2TokenValidationRequestDTO_TokenValidationContextParam(); + + resourceContextParam.setKey("resource"); resourceContextParam.setValue(resource); OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1]; + tokenValidationContextParams[0] = resourceContextParam; validationRequest.setContext(tokenValidationContextParams); - OAuth2TokenValidationServiceStub tokenValidationService; - try { - tokenValidationService = new OAuth2TokenValidationServiceStub(hostURL); - } catch (AxisFault axisFault) { - throw new OAuthTokenValidationException("Exception occurred while obtaining the " + - "OAuth2TokenValidationServiceStub.", axisFault); - } - ServiceClient client = tokenValidationService._getServiceClient(); - Options options = client.getOptions(); - List
headerList = new ArrayList<>(); - Header header = new Header(); - header.setName(HTTPConstants.HEADER_AUTHORIZATION); - header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + getBasicAuthCredentials()); - headerList.add(header); - options.setProperty(HTTPConstants.HTTP_HEADERS, headerList); - client.setOptions(options); - OAuth2TokenValidationResponseDTO tokenValidationResponse; - try { - tokenValidationResponse = tokenValidationService. - findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); - } catch (RemoteException e) { - throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for " + - "OAuth2 token validation.", e); - } - boolean isValid = tokenValidationResponse.getValid(); - String userName; - String tenantDomain; - if (isValid) { - userName = MultitenantUtils.getTenantAwareUsername( - tokenValidationResponse.getAuthorizedUser()); - tenantDomain = MultitenantUtils.getTenantDomain(tokenValidationResponse.getAuthorizedUser()); - } else { - OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); - oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg()); - return oAuthValidationResponse; - } - return new OAuthValidationResponse(userName,tenantDomain,isValid); + return validationRequest; } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java index 6db4b46b03e..a5aab6319f5 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java @@ -18,14 +18,15 @@ */ package org.wso2.carbon.webapp.authenticator.framework.config; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.*; +import java.util.List; @XmlRootElement(name = "Authenticator") public class AuthenticatorConfig { private String name; private String className; + private List params; @XmlElement(name = "Name", required = true) public String getName() { @@ -45,4 +46,38 @@ public class AuthenticatorConfig { this.className = className; } + @XmlElementWrapper(name = "Parameters", nillable = true) + @XmlElement(name = "Parameter", nillable = false) + public List getParams() { + return this.params; + } + + public void setParams(List params) { + this.params = params; + } + + @XmlRootElement(name = "Parameter") + public static class Parameter { + private String name; + private String value; + + @XmlAttribute(name = "Name") + public String getName() { + return this.name; + } + + public void setName(String name) { + this.name = name; + } + + @XmlValue + public String getValue() { + return this.value; + } + + public void setValue(String value) { + this.value = value; + } + } + } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index 1fcb7a58c83..c81ae13f4b2 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -36,6 +36,7 @@ import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticator import java.util.ArrayList; import java.util.List; +import java.util.Properties; /** * @scr.component name="org.wso2.carbon.webapp.authenticator" immediate="true" @@ -77,8 +78,17 @@ public class WebappAuthenticatorFrameworkServiceComponent { WebappAuthenticatorConfig.init(); WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository(); for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) { - WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()). - newInstance(); + WebappAuthenticator authenticator = + (WebappAuthenticator) Class.forName(config.getClassName()).newInstance(); + + if ((config.getParams() != null) && (!config.getParams().isEmpty())) { + Properties properties = new Properties(); + for (AuthenticatorConfig.Parameter param : config.getParams()) { + properties.setProperty(param.getName(), param.getValue()); + } + authenticator.setProperties(properties); + } + authenticator.init(); repository.addAuthenticator(authenticator); } AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java new file mode 100644 index 00000000000..8ea931a8ebe --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.webapp.authenticator.framework.test; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.testng.Assert; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.Test; +import org.wso2.carbon.utils.ServerConstants; +import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkException; +import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig; +import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig; + +import java.util.List; + +public class WebappAuthenticatorConfigTest { + + @BeforeClass + public void init() { + System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, "src/test/resources/config"); + } + + @Test + public void testConfigInitialization() { + try { + WebappAuthenticatorConfig.init(); + + WebappAuthenticatorConfig config = WebappAuthenticatorConfig.getInstance(); + Assert.assertNotNull(config); + + List authConfigs = config.getAuthenticators(); + Assert.assertNotNull(authConfigs); + } catch (AuthenticatorFrameworkException e) { + Assert.fail("Error occurred while testing webapp authenticator config initialization", e); + } catch (Throwable e) { + Assert.fail("Unexpected error has been encountered while testing webapp authenticator config " + + "initialization", e); + } + } + + @AfterClass + public void cleanup() { + System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, ""); + } + +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java new file mode 100644 index 00000000000..1ad1975b086 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java @@ -0,0 +1,106 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.webapp.authenticator.framework.test; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.commons.pool.ObjectPool; +import org.apache.commons.pool.impl.GenericObjectPool; +import org.testng.Assert; +import org.testng.annotations.Test; +import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; +import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory; + +import java.util.Properties; + +public class WebappAuthenticatorFrameworkUtilTest { + + private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkUtilTest.class); + + private static final String TOKEN_VALIDATION_SERVICE_URL = "https://localhost:9443"; + private static final String ADMIN_USERNAME = "admin"; + private static final String ADMIN_PASSWORD = "admin"; + private static final Properties PROPERTIES = new Properties(); + + static { + PROPERTIES.setProperty("MaxTotalConnections", "100"); + PROPERTIES.setProperty("MaxConnectionsPerHost", "100"); + } + + @Test + public void testOAuthTokenValidatorStubPool() { + ObjectPool stubs = null; + OAuth2TokenValidationServiceStub stub = null; + + try { + stubs = new GenericObjectPool( + new OAuthTokenValidationStubFactory( + TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES)); + + stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject(); + Assert.assertNotNull(stub); + } catch (Exception e) { + String msg = "Error occurred while borrowing an oauth validator service stub instance from the pool"; + log.error(msg, e); + Assert.fail(msg, e); + } finally { + if (stubs != null) { + try { + if (stub != null) { + stubs.returnObject(stub); + } + } catch (Exception e) { + log.warn("Error occurred while returning oauth validator service stub instance to the pool", e); + } + + /* Checks if the stub instance used above has been properly returned to the pool */ + Assert.assertEquals(stubs.getNumIdle(), 1); + /* Verifies that there's no hanging connections after the operation performed above */ + Assert.assertEquals(stubs.getNumActive(), 0); + + try { + stubs.close(); + } catch (Exception e) { + log.warn("Error occurred while closing the object pool", e); + } + } + } + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testStubFactoryInitWithInvalidHttpClientProperties() { + new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testStubFactoryInitWithInvalidUsername() { + new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testStubFactoryInitWithInvalidPassword() { + new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, null, PROPERTIES); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testStubFactoryInitWithInvalidUrl() { + new OAuthTokenValidationStubFactory(null, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES); + } + +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml new file mode 100644 index 00000000000..5099328df7f --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml @@ -0,0 +1,28 @@ + + + + OAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator + + https://localhost:9443 + admin + admin + true + 10000 + 10000 + + + + BasicAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.BasicAuthAuthenticator + + + JWT + org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator + + + CertificateAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator + + + diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties new file mode 100644 index 00000000000..a625c80cd50 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties @@ -0,0 +1,32 @@ +# +# Copyright 2009 WSO2, Inc. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# +# This is the log4j configuration file used by WSO2 Carbon +# +# IMPORTANT : Please do not remove or change the names of any +# of the Appenders defined here. The layout pattern & log file +# can be changed using the WSO2 Carbon Management Console, and those +# settings will override the settings in this file. +# + +log4j.rootLogger=ERROR, STD_OUT + +# Redirect log messages to console +log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender +log4j.appender.STD_OUT.Target=System.out +log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout +log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml new file mode 100644 index 00000000000..8b9832e2e6e --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml @@ -0,0 +1,37 @@ + + + + + + + + + + + + + + + + + + + + + diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml index 067d8cd3cea..a9e0c9d8326 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml @@ -3,6 +3,14 @@ OAuth org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator + + true + https://localhost:9443 + admin + admin + 100 + 100 + BasicAuth diff --git a/pom.xml b/pom.xml index 15c69fe23db..37865f8aa5e 100644 --- a/pom.xml +++ b/pom.xml @@ -1263,6 +1263,23 @@ neethi ${neethi.version} + + + commons-pool.wso2 + commons-pool + ${commons.pool.wso2.version} + + + org.apache.httpcomponents.wso2 + httpclient + ${httpcomponents.httpclient.version} + + + commons-httpclient.wso2 + commons-httpclient + ${commons.httpclient.version} + + @@ -1374,6 +1391,11 @@ build-helper-maven-plugin 1.8 + + org.apache.maven.plugins + maven-surefire-plugin + 2.18 + @@ -1554,8 +1576,13 @@ 2.0.4 2.0.4.wso2v4 - - github-scm + + github-scm + + 1.5.6.wso2v1 + 4.2.3.wso2v1 + 3.1.0.wso2v2 +