Update token introspection endpoint inside user handler

pull/3/head
Vigneshan Seshamany 2 years ago
parent 1ac460a4fe
commit 96b07648ca

@ -229,7 +229,7 @@ public class LoginHandler extends HttpServlet {
* @throws IOException IO exception throws if an error occurred when invoking token endpoint * @throws IOException IO exception throws if an error occurred when invoking token endpoint
*/ */
private ProxyResponse getTokenResult(String encodedClientApp, JsonArray scopes) throws IOException { private ProxyResponse getTokenResult(String encodedClientApp, JsonArray scopes) throws IOException {
HttpPost tokenEndpoint = new HttpPost(kmManagerUrl+ HandlerConstants.TOKEN_ENDPOINT); HttpPost tokenEndpoint = new HttpPost(gatewayUrl + HandlerConstants.INTERNAL_TOKEN_ENDPOINT);
tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp); tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp);
tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());
String scopeString = HandlerUtil.getScopeString(scopes); String scopeString = HandlerUtil.getScopeString(scopes);

@ -68,7 +68,7 @@ public class SsoLoginCallbackHandler extends HttpServlet {
String scope = session.getAttribute("scope").toString(); String scope = session.getAttribute("scope").toString();
HttpPost tokenEndpoint = new HttpPost(keyManagerUrl + HandlerConstants.TOKEN_ENDPOINT); HttpPost tokenEndpoint = new HttpPost(keyManagerUrl + HandlerConstants.OAUTH2_TOKEN_ENDPOINT);
tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + session.getAttribute("encodedClientApp")); tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + session.getAttribute("encodedClientApp"));
tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());

@ -325,7 +325,7 @@ public class SsoLoginHandler extends HttpServlet {
* @throws IOException IO exception throws if an error occurred when invoking token endpoint * @throws IOException IO exception throws if an error occurred when invoking token endpoint
*/ */
private ProxyResponse getTokenResult(String encodedClientApp) throws IOException { private ProxyResponse getTokenResult(String encodedClientApp) throws IOException {
HttpPost tokenEndpoint = new HttpPost(keyManagerUrl + HandlerConstants.TOKEN_ENDPOINT); HttpPost tokenEndpoint = new HttpPost(keyManagerUrl + HandlerConstants.OAUTH2_TOKEN_ENDPOINT);
tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp); tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp);
tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());

@ -71,6 +71,7 @@ public class UserHandler extends HttpServlet {
} }
String accessToken = authData.getAccessToken(); String accessToken = authData.getAccessToken();
String accessTokenWithoutPrefix = accessToken.substring(accessToken.indexOf("_") + 1);
HttpPost tokenEndpoint = new HttpPost(keymanagerUrl + HandlerConstants.INTROSPECT_ENDPOINT); HttpPost tokenEndpoint = new HttpPost(keymanagerUrl + HandlerConstants.INTROSPECT_ENDPOINT);
tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());
@ -79,7 +80,7 @@ public class UserHandler extends HttpServlet {
String adminPassword = dmc.getKeyManagerConfigurations().getAdminPassword(); String adminPassword = dmc.getKeyManagerConfigurations().getAdminPassword();
tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder() tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder()
.encodeToString((adminUsername + HandlerConstants.COLON + adminPassword).getBytes())); .encodeToString((adminUsername + HandlerConstants.COLON + adminPassword).getBytes()));
StringEntity tokenEPPayload = new StringEntity("token=" + accessToken, StringEntity tokenEPPayload = new StringEntity("token=" + accessTokenWithoutPrefix,
ContentType.APPLICATION_FORM_URLENCODED); ContentType.APPLICATION_FORM_URLENCODED);
tokenEndpoint.setEntity(tokenEPPayload); tokenEndpoint.setEntity(tokenEPPayload);
ProxyResponse tokenStatus = HandlerUtil.execute(tokenEndpoint); ProxyResponse tokenStatus = HandlerUtil.execute(tokenEndpoint);

@ -22,7 +22,8 @@ public class HandlerConstants {
public static final String PUBLISHER_APPLICATION_NAME = "application-mgt-publisher"; public static final String PUBLISHER_APPLICATION_NAME = "application-mgt-publisher";
public static final String APP_REG_ENDPOINT = "/api-application-registration/register"; public static final String APP_REG_ENDPOINT = "/api-application-registration/register";
public static final String UI_CONFIG_ENDPOINT = "/api/device-mgt-config/v1.0/configurations/ui-config"; public static final String UI_CONFIG_ENDPOINT = "/api/device-mgt-config/v1.0/configurations/ui-config";
public static final String TOKEN_ENDPOINT = "/oauth2/token"; public static final String OAUTH2_TOKEN_ENDPOINT = "/oauth2/token";
public static final String INTERNAL_TOKEN_ENDPOINT = "/token";
public static final String INTROSPECT_ENDPOINT = "/oauth2/introspect"; public static final String INTROSPECT_ENDPOINT = "/oauth2/introspect";
public static final String AUTHORIZATION_ENDPOINT = "/oauth2/authorize"; public static final String AUTHORIZATION_ENDPOINT = "/oauth2/authorize";
public static final String APIM_APPLICATIONS_ENDPOINT = "/api/am/devportal/v2/applications/"; public static final String APIM_APPLICATIONS_ENDPOINT = "/api/am/devportal/v2/applications/";

@ -55,7 +55,6 @@ import org.json.JSONException;
import org.json.JSONObject; import org.json.JSONObject;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import io.entgra.ui.request.interceptor.beans.ProxyResponse; import io.entgra.ui.request.interceptor.beans.ProxyResponse;
import org.wso2.carbon.device.mgt.core.common.util.HttpUtil;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -654,7 +653,7 @@ public class HandlerUtil {
return tokenResultResponse; return tokenResultResponse;
} }
public static ProxyResponse getTokenResult(AuthData authData, String keymanagerUrl) throws IOException { public static ProxyResponse getTokenResult(AuthData authData, String keymanagerUrl) throws IOException {
HttpPost tokenEndpoint = new HttpPost(keymanagerUrl + HandlerConstants.TOKEN_ENDPOINT); HttpPost tokenEndpoint = new HttpPost(keymanagerUrl + HandlerConstants.OAUTH2_TOKEN_ENDPOINT);
StringEntity tokenEndpointPayload = new StringEntity( StringEntity tokenEndpointPayload = new StringEntity(
"grant_type=refresh_token&refresh_token=" + authData.getRefreshToken(), "grant_type=refresh_token&refresh_token=" + authData.getRefreshToken(),
ContentType.APPLICATION_FORM_URLENCODED); ContentType.APPLICATION_FORM_URLENCODED);
@ -735,4 +734,4 @@ public class HandlerUtil {
public static boolean isPropertyDefined(String property) { public static boolean isPropertyDefined(String property) {
return StringUtils.isEmpty(System.getProperty(property)); return StringUtils.isEmpty(System.getProperty(property));
} }
} }

Loading…
Cancel
Save