diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java index 67b944dc165..e8e27b1263c 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java @@ -65,6 +65,11 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator { int idx = resource.lastIndexOf(':'); String url = resource.substring(0, idx); String method = resource.substring(++idx, resource.length()); + //This is to remove the url params for request path. + int urlParamIndex = url.indexOf('?'); + if(urlParamIndex > 0) { + url = url.substring(0, urlParamIndex); + } Properties properties = new Properties(); properties.put(PermissionBasedScopeValidator.URL_PROPERTY, url); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationFrameworkUtil.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationFrameworkUtil.java index 6ca33feb7ac..72fe8c958d3 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationFrameworkUtil.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationFrameworkUtil.java @@ -27,9 +27,7 @@ import org.wso2.carbon.apimgt.core.authenticate.APITokenValidator; import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.identity.base.IdentityException; -import org.wso2.carbon.identity.core.util.IdentityUtil; -import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO; +import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.DocumentBuilder; @@ -61,13 +59,12 @@ public class AuthenticationFrameworkUtil { if (apiKeyValidationDTO.isAuthorized()) { String username = apiKeyValidationDTO.getEndUserName(); PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username); - try { - PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(IdentityUtil. - getTenantIdOFUser(username)); - } catch (IdentityException e) { - throw new AuthenticationException("Error occurred while retrieving the tenant ID of user '" + - username + "'", e); - } +// try { + PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(Utils.getTenantIdOFUser(username)); +// } catch (IdentityException e) { +// throw new AuthenticationException("Error occurred while retrieving the tenant ID of user '" + +// username + "'", e); +// } return true; } else { throw new AuthenticationException(apiKeyValidationDTO.getValidationStatus(), diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java new file mode 100644 index 00000000000..92dcaee3aa6 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.webapp.authenticator.framework.Utils; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.user.api.TenantManager; +import org.wso2.carbon.user.api.UserStoreException; +import org.wso2.carbon.utils.multitenancy.MultitenantUtils; +import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException; + +public class Utils { + + private static final Log log = LogFactory.getLog(Utils.class); + + public static int getTenantIdOFUser(String username) throws AuthenticationException { + int tenantId = 0; + String domainName = MultitenantUtils.getTenantDomain(username); + if (domainName != null) { + try { + TenantManager tenantManager = IdentityTenantUtil.getRealmService().getTenantManager(); + tenantId = tenantManager.getTenantId(domainName); + } catch (UserStoreException e) { + String errorMsg = "Error when getting the tenant id from the tenant domain : " + + domainName; + log.error(errorMsg, e); + throw new AuthenticationException(errorMsg, e); + } + } + return tenantId; + } +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 1119f3ac601..da7734a0467 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -25,12 +25,11 @@ import org.apache.commons.logging.LogFactory; import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.MessageBytes; import org.wso2.carbon.apimgt.core.gateway.APITokenAuthenticator; -import org.wso2.carbon.identity.base.IdentityException; -import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.webapp.authenticator.framework.*; +import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import java.util.StringTokenizer; import java.util.regex.Matcher; @@ -111,14 +110,14 @@ public class OAuthAuthenticator implements WebappAuthenticator { AuthenticatorFrameworkDataHolder.getInstance().getoAuth2TokenValidationService().validate(dto); if (oAuth2TokenValidationResponseDTO.isValid()) { String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser(); - try { + // try { authenticationInfo.setUsername(username); authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username)); - authenticationInfo.setTenantId(IdentityUtil.getTenantIdOFUser(username)); - } catch (IdentityException e) { - throw new AuthenticationException( - "Error occurred while retrieving the tenant ID of user '" + username + "'", e); - } + authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username)); +// } catch (AuthenticationException e) { +// throw new AuthenticationException( +// "Error occurred while retrieving the tenant ID of user '" + username + "'", e); +// } if (oAuth2TokenValidationResponseDTO.isValid()) { authenticationInfo.setStatus(Status.CONTINUE); } @@ -149,6 +148,9 @@ public class OAuthAuthenticator implements WebappAuthenticator { tokenValue = tokenValue.substring(matcher.end()); } } + if(log.isDebugEnabled()) { + log.debug("Oauth Token : " + tokenValue); + } return tokenValue; } diff --git a/pom.xml b/pom.xml index ccf063dbdb0..316508d24c5 100644 --- a/pom.xml +++ b/pom.xml @@ -1468,7 +1468,7 @@ 4.5.2 - 4.6.0-M2 + 4.6.0-SNAPSHOT 4.5.0-m1