revert-70aa11f8
pasinduj 9 years ago
commit c7b53f7110

@ -60,15 +60,7 @@ public class OAuthEndpointProxy {
int status = serverResponse.getStatusLine().getStatusCode(); int status = serverResponse.getStatusLine().getStatusCode();
String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8); String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8);
response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build(); response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build();
} catch (URISyntaxException e) { } catch (URISyntaxException | IOException e) {
String msg = "Service invoke error occurred while registering client";
log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (UnsupportedEncodingException e) {
String msg = "Service invoke error occurred while registering client";
log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (IOException e) {
String msg = "Service invoke error occurred while registering client"; String msg = "Service invoke error occurred while registering client";
log.error(msg, e); log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();

@ -105,12 +105,29 @@
org.apache.axis2.client, org.apache.axis2.client,
org.apache.commons.codec.binary, org.apache.commons.codec.binary,
org.apache.commons.httpclient, org.apache.commons.httpclient,
org.wso2.carbon.core.security org.wso2.carbon.core.security,
org.apache.axis2.context,
org.apache.commons.httpclient.params,
org.apache.commons.pool,
org.apache.commons.pool.impl,
org.apache.http.conn,
org.apache.http.impl.conn
</Import-Package> </Import-Package>
<!--<Fragment-Host>tomcat</Fragment-Host>-->
</instructions> </instructions>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<systemPropertyVariables>
<log4j.configuration>file:src/test/resources/log4j.properties</log4j.configuration>
</systemPropertyVariables>
<suiteXmlFiles>
<suiteXmlFile>src/test/resources/testng.xml</suiteXmlFile>
</suiteXmlFiles>
</configuration>
</plugin>
</plugins> </plugins>
</build> </build>
@ -175,6 +192,22 @@
<groupId>org.wso2.carbon.devicemgt</groupId> <groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId> <artifactId>org.wso2.carbon.device.mgt.common</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.apache.httpcomponents.wso2</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency>
<groupId>commons-httpclient.wso2</groupId>
<artifactId>commons-httpclient</artifactId>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
</dependency>
<dependency>
<groupId>commons-pool.wso2</groupId>
<artifactId>commons-pool</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>

@ -0,0 +1,211 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework.Utils;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpConnectionManager;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.params.HttpConnectionManagerParams;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.pool.PoolableObjectFactory;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
public class OAuthTokenValidationStubFactory implements PoolableObjectFactory {
private String url;
private String basicAuthHeader;
private HttpClient httpClient;
private static final Log log = LogFactory.getLog(OAuthTokenValidationStubFactory.class);
public OAuthTokenValidationStubFactory(String url, String adminUsername, String adminPassword,
Properties properties) {
this.validateUrl(url);
this.url = url;
this.validateCredentials(adminUsername, adminPassword);
this.basicAuthHeader = new String(Base64.encodeBase64((adminUsername + ":" + adminPassword).getBytes()));
HttpConnectionManager connectionManager = this.createConnectionManager(properties);
this.httpClient = new HttpClient(connectionManager);
}
/**
* Creates an instance of MultiThreadedHttpConnectionManager using HttpClient 3.x APIs
*
* @param properties Properties to configure MultiThreadedHttpConnectionManager
* @return An instance of properly configured MultiThreadedHttpConnectionManager
*/
private HttpConnectionManager createConnectionManager(Properties properties) {
HttpConnectionManagerParams params = new HttpConnectionManagerParams();
if (properties == null || properties.isEmpty()) {
throw new IllegalArgumentException("Parameters required to initialize HttpClient instances " +
"associated with OAuth token validation service stub are not provided");
}
String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost");
if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " +
"which is 2, will be used");
}
} else {
params.setDefaultMaxConnectionsPerHost(Integer.parseInt(maxConnectionsPerHostParam));
}
String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections");
if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " +
"which is 10, will be used");
}
} else {
params.setMaxTotalConnections(Integer.parseInt(maxTotalConnectionsParam));
}
HttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager();
connectionManager.setParams(params);
return connectionManager;
}
/**
* Creates an instance of PoolingHttpClientConnectionManager using HttpClient 4.x APIs
*
* @param properties Properties to configure PoolingHttpClientConnectionManager
* @return An instance of properly configured PoolingHttpClientConnectionManager
*/
private HttpClientConnectionManager createClientConnectionManager(Properties properties) {
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
if (properties != null) {
String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost");
if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " +
"which is 2, will be used");
}
} else {
connectionManager.setDefaultMaxPerRoute(Integer.parseInt(maxConnectionsPerHostParam));
}
String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections");
if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " +
"which is 10, will be used");
}
} else {
connectionManager.setMaxTotal(Integer.parseInt(maxTotalConnectionsParam));
}
} else {
if (log.isDebugEnabled()) {
log.debug("Properties, i.e. MaxTotalConnections/MaxConnectionsPerHost, required to tune the " +
"HttpClient used in OAuth token validation service stub instances are not provided. " +
"Therefore, the defaults, 2/10 respectively, will be used");
}
}
return connectionManager;
}
@Override
public Object makeObject() throws Exception {
return this.createStub();
}
@Override
public void destroyObject(Object o) throws Exception {
}
@Override
public boolean validateObject(Object o) {
return true;
}
@Override
public void activateObject(Object o) throws Exception {
if (log.isDebugEnabled()) {
log.debug("OAuth token validate stub instance is activated");
}
}
@Override
public void passivateObject(Object o) throws Exception {
if (o instanceof OAuth2TokenValidationServiceStub) {
OAuth2TokenValidationServiceStub stub = (OAuth2TokenValidationServiceStub) o;
stub._getServiceClient().cleanupTransport();
}
}
private OAuth2TokenValidationServiceStub createStub() throws OAuthTokenValidationException {
OAuth2TokenValidationServiceStub stub;
try {
stub = new OAuth2TokenValidationServiceStub(url);
ServiceClient client = stub._getServiceClient();
client.getServiceContext().getConfigurationContext().setProperty(
HTTPConstants.CACHED_HTTP_CLIENT, httpClient);
List<Header> headerList = new ArrayList<>();
Header header = new Header();
header.setName(HTTPConstants.HEADER_AUTHORIZATION);
header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + basicAuthHeader);
headerList.add(header);
Options options = client.getOptions();
options.setProperty(HTTPConstants.HTTP_HEADERS, headerList);
options.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, "true");
client.setOptions(options);
} catch (AxisFault axisFault) {
throw new OAuthTokenValidationException("Error occurred while creating the " +
"OAuth2TokenValidationServiceStub.", axisFault);
}
return stub;
}
private void validateUrl(String url) {
if (url == null || url.isEmpty()) {
throw new IllegalArgumentException("Url provided as the endpoint of the OAuth token validation service " +
"is null");
}
}
private void validateCredentials(String adminUsername, String adminPassword) {
if (adminUsername == null || adminUsername.isEmpty()) {
throw new IllegalArgumentException("An appropriate username required to initialize OAuth token " +
"validation service stub factory hasn't been provided");
}
if (adminPassword == null || adminPassword.isEmpty()) {
throw new IllegalArgumentException("An appropriate password required to initialize OAuth token " +
"validation service stub factory hasn't been provided");
}
}
}

@ -26,7 +26,8 @@ import java.util.Map;
public class WebappAuthenticatorFactory { public class WebappAuthenticatorFactory {
public static WebappAuthenticator getAuthenticator(String authScheme) { public static WebappAuthenticator getAuthenticator(String authScheme) {
return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme); return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().
getAuthenticator(authScheme);
} }
public static WebappAuthenticator getAuthenticator(Request request) { public static WebappAuthenticator getAuthenticator(Request request) {

@ -27,10 +27,17 @@ import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.webapp.authenticator.framework.Constants; import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import java.util.Properties;
public class BasicAuthAuthenticator implements WebappAuthenticator { public class BasicAuthAuthenticator implements WebappAuthenticator {
private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth"; private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth";
@Override
public void init() {
}
@Override @Override
public boolean canHandle(Request request) { public boolean canHandle(Request request) {
MessageBytes authorization = MessageBytes authorization =
@ -55,6 +62,21 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
return BasicAuthAuthenticator.BASIC_AUTH_AUTHENTICATOR; return BasicAuthAuthenticator.BASIC_AUTH_AUTHENTICATOR;
} }
@Override
public void setProperties(Properties properties) {
}
@Override
public Properties getProperties() {
return null;
}
@Override
public String getProperty(String name) {
return null;
}
private Credentials getCredentials(Request request) { private Credentials getCredentials(Request request) {
Credentials credentials = null; Credentials credentials = null;
MessageBytes authorization = MessageBytes authorization =

@ -15,6 +15,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.Properties;
/** /**
* This authenticator authenticates HTTP requests using certificates. * This authenticator authenticates HTTP requests using certificates.
@ -25,6 +26,11 @@ public class CertificateAuthenticator implements WebappAuthenticator {
private static final String CERTIFICATE_AUTHENTICATOR = "CertificateAuth"; private static final String CERTIFICATE_AUTHENTICATOR = "CertificateAuth";
private static final String CERTIFICATE_VERIFICATION_HEADER = "certificate-verification-header"; private static final String CERTIFICATE_VERIFICATION_HEADER = "certificate-verification-header";
@Override
public void init() {
}
@Override @Override
public boolean canHandle(Request request) { public boolean canHandle(Request request) {
String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER); String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER);
@ -93,4 +99,20 @@ public class CertificateAuthenticator implements WebappAuthenticator {
public String getName() { public String getName() {
return CERTIFICATE_AUTHENTICATOR; return CERTIFICATE_AUTHENTICATOR;
} }
@Override
public void setProperties(Properties properties) {
}
@Override
public Properties getProperties() {
return null;
}
@Override
public String getProperty(String name) {
return null;
}
} }

@ -39,6 +39,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData
import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
import java.text.ParseException; import java.text.ParseException;
import java.util.Properties;
import java.util.StringTokenizer; import java.util.StringTokenizer;
/** /**
@ -51,6 +52,11 @@ public class JWTAuthenticator implements WebappAuthenticator {
private static final String JWT_AUTHENTICATOR = "JWT"; private static final String JWT_AUTHENTICATOR = "JWT";
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion"; private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
@Override
public void init() {
}
@Override @Override
public boolean canHandle(Request request) { public boolean canHandle(Request request) {
String authorizationHeader = request.getHeader(JWTAuthenticator.JWT_ASSERTION_HEADER); String authorizationHeader = request.getHeader(JWTAuthenticator.JWT_ASSERTION_HEADER);
@ -137,4 +143,19 @@ public class JWTAuthenticator implements WebappAuthenticator {
public String getName() { public String getName() {
return JWTAuthenticator.JWT_AUTHENTICATOR; return JWTAuthenticator.JWT_AUTHENTICATOR;
} }
@Override
public void setProperties(Properties properties) {
}
@Override
public Properties getProperties() {
return null;
}
@Override
public String getProperty(String name) {
return null;
}
} }

@ -18,22 +18,21 @@
*/ */
package org.wso2.carbon.webapp.authenticator.framework.authenticator; package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response; import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes; import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.*;
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidatorFactory; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidatorFactory;
import java.util.Properties;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
@ -42,22 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator {
private static final String OAUTH_AUTHENTICATOR = "OAuth"; private static final String OAUTH_AUTHENTICATOR = "OAuth";
private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s"; private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s";
private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN); private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s");
private static final String BEARER_TOKEN_TYPE = "bearer"; private static final String BEARER_TOKEN_TYPE = "bearer";
private static final String RESOURCE_KEY = "resource"; private static final String RESOURCE_KEY = "resource";
private Properties properties;
private OAuth2TokenValidator tokenValidator;
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
public void init() {
if (this.properties == null) {
throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " +
"are not provided");
}
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); String url = this.properties.getProperty("TokenValidationEndpointUrl");
if ((url == null) || (url.isEmpty())) {
throw new IllegalArgumentException("OAuth token validation endpoint url is not provided");
}
String adminUsername = this.properties.getProperty("Username");
if (adminUsername == null) {
throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " +
"is not provided");
}
String adminPassword = this.properties.getProperty("Password");
if (adminPassword == null) {
throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " +
"is not provided");
}
boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote"));
Properties validatorProperties = new Properties();
validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections"));
validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost"));
this.tokenValidator =
OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties);
}
public boolean canHandle(org.apache.catalina.connector.Request request) {
MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
@Override
public boolean canHandle(Request request) {
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue;
if (authorization != null) { if (authorization != null) {
authorization.toBytes(); authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk(); ByteChunk authBC = authorization.getByteChunk();
tokenValue = authBC.toString(); String tokenValue = authBC.toString();
Matcher matcher = PATTERN.matcher(tokenValue); Matcher matcher = PATTERN.matcher(tokenValue);
if (matcher.find()) { if (matcher.find()) {
return true; return true;
@ -66,50 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return false; return false;
} }
@Override public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
public AuthenticationInfo authenticate(Request request, Response response) {
String requestUri = request.getRequestURI(); String requestUri = request.getRequestURI();
String requestMethod = request.getMethod(); String requestMethod = request.getMethod();
AuthenticationInfo authenticationInfo = new AuthenticationInfo(); AuthenticationInfo authenticationInfo = new AuthenticationInfo();
if (requestUri == null || "".equals(requestUri)) { if ((requestUri == null) || ("".equals(requestUri))) {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
return authenticationInfo; return authenticationInfo;
} }
StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
String context = tokenizer.nextToken(); String context = tokenizer.nextToken();
if (context == null || "".equals(context)) { if ((context == null) || ("".equals(context))) {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} }
String apiVersion = tokenizer.nextToken(); String apiVersion = tokenizer.nextToken();
//String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
String authLevel = "any"; String authLevel = "any";
try { try {
if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) { if ("noMatchedAuthScheme".equals(authLevel)) {
AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion, AuthenticationFrameworkUtil.handleNoMatchAuthScheme(
context); request, response, requestMethod, apiVersion, context);
authenticationInfo.setStatus(Status.CONTINUE);
authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} else { } else {
String bearerToken = this.getBearerToken(request); String bearerToken = getBearerToken(request);
//Set the resource context param. This will be used in scope validation.
String resource = requestUri + ":" + requestMethod; String resource = requestUri + ":" + requestMethod;
//Get the appropriate OAuth validator from OAuthValidatorFactory.
OAuth2TokenValidator oAuth2TokenValidator = OAuthValidatorFactory.getValidator(); OAuthValidationResponse oAuthValidationResponse =
OAuthValidationResponse oAuthValidationResponse = oAuth2TokenValidator.validateToken(bearerToken, resource); this.tokenValidator.validateToken(bearerToken, resource);
if (oAuthValidationResponse.isValid()) { if (oAuthValidationResponse.isValid()) {
String username = oAuthValidationResponse.getUserName(); String username = oAuthValidationResponse.getUserName();
String tenantDomain = oAuthValidationResponse.getTenantDomain(); String tenantDomain = oAuthValidationResponse.getTenantDomain();
//Remove the userstore domain from username
/*if (username.contains("/")) {
username = username.substring(username.indexOf('/') + 1);
}*/
authenticationInfo.setUsername(username); authenticationInfo.setUsername(username);
authenticationInfo.setTenantDomain(tenantDomain); authenticationInfo.setTenantDomain(tenantDomain);
authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain)); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain));
if (oAuthValidationResponse.isValid()) { if (oAuthValidationResponse.isValid())
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
}
} else { } else {
authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg()); authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg());
} }
@ -122,15 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return authenticationInfo; return authenticationInfo;
} }
@Override
public String getName() { public String getName() {
return OAuthAuthenticator.OAUTH_AUTHENTICATOR; return "OAuth";
}
public String getProperty(String name) {
if (this.properties == null) {
return null;
}
return this.properties.getProperty(name);
}
public Properties getProperties() {
return this.properties;
} }
private String getBearerToken(Request request) { public void setProperties(Properties properties) {
MessageBytes authorization = this.properties = properties;
request.getCoyoteRequest().getMimeHeaders(). }
getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
private String getBearerToken(org.apache.catalina.connector.Request request) {
MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
String tokenValue = null; String tokenValue = null;
if (authorization != null) { if (authorization != null) {
authorization.toBytes(); authorization.toBytes();

@ -22,16 +22,26 @@ import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response; import org.apache.catalina.connector.Response;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import java.util.Properties;
public interface WebappAuthenticator { public interface WebappAuthenticator {
enum Status { enum Status {
SUCCESS, FAILURE, CONTINUE SUCCESS, FAILURE, CONTINUE
} }
void init();
boolean canHandle(Request request); boolean canHandle(Request request);
AuthenticationInfo authenticate(Request request, Response response); AuthenticationInfo authenticate(Request request, Response response);
String getName(); String getName();
void setProperties(Properties properties);
Properties getProperties();
String getProperty(String name);
} }

@ -21,51 +21,27 @@ import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.RemoteOAuthValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.RemoteOAuthValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.LocalOAuthValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.LocalOAuthValidator;
import java.util.Properties;
/** /**
* The class validate the configurations and provide the most suitable implementation according to the configuration. * The class validate the configurations and provide the most suitable implementation according to the configuration.
* Factory class for OAuthValidator. * Factory class for OAuthValidator.
*/ */
public class OAuthValidatorFactory { public class OAuthValidatorFactory {
private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote"; public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword,
private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL"; boolean isRemote, Properties properties)
private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername"; throws IllegalArgumentException
private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword"; {
private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator";
private static String OAUTH_ENDPOINT_POSTFIX =
"/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
/**
* This factory method checks the authenticators.xml configuration file and provides an appropriate implementation
* of OAuth2TokenValidator.
* @return OAuth2TokenValidator
*/
public static OAuth2TokenValidator getValidator() throws IllegalArgumentException {
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.
getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME);
boolean isRemote;
String hostUrl;
String adminUserName;
String adminPassword;
if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) {
isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get(
AUTHENTICATOR_CONFIG_IS_REMOTE));
hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL);
adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME);
adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD);
}else{
throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " +
"Authenticators.xml.");
}
if (isRemote) { if (isRemote) {
if (!(hostUrl == null || hostUrl.trim().isEmpty())) { if ((url != null) && (!url.trim().isEmpty())) {
hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX; url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword); return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties);
} else {
throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml.");
} }
throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration.");
} }
return new LocalOAuthValidator(); return new LocalOAuthValidator();
} }
} }

@ -17,104 +17,103 @@
*/ */
package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl; package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl;
import org.apache.axis2.AxisFault; import org.apache.commons.logging.Log;
import org.apache.axis2.client.Options; import org.apache.commons.logging.LogFactory;
import org.apache.axis2.client.ServiceClient; import org.apache.commons.pool.impl.GenericObjectPool;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Header;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_TokenValidationContextParam; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_TokenValidationContextParam;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
import java.rmi.RemoteException; import java.rmi.RemoteException;
import java.util.ArrayList; import java.util.Properties;
import java.util.List;
/** /**
* Handles the OAuth2 token validation from remote IS servers using remote OAuthValidation service-stub. * Handles the OAuth2 token validation from remote IS servers using remote OAuthValidation service-stub.
*/ */
public class RemoteOAuthValidator implements OAuth2TokenValidator { public class RemoteOAuthValidator implements OAuth2TokenValidator {
private String hostURL; private GenericObjectPool stubs;
private String adminUserName; private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class);
private String adminPassword;
public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword) { public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) {
this.hostURL = hostURL; this.stubs =
this.adminUserName = adminUserName; new GenericObjectPool(new OAuthTokenValidationStubFactory(
this.adminPassword = adminPassword; hostURL, adminUserName, adminPassword, properties));
} }
private String getBasicAuthCredentials() { public OAuthValidationResponse validateToken(String accessToken,
byte[] bytesEncoded = Base64.encodeBase64((adminUserName + ":" + adminPassword).getBytes()); String resource) throws OAuthTokenValidationException {
return new String(bytesEncoded); OAuth2TokenValidationServiceStub stub = null;
OAuth2TokenValidationResponseDTO validationResponse;
try {
OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
validationResponse =
stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
} catch (RemoteException e) {
throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " +
"IS server for OAuth2 token validation.", e);
} catch (Exception e) {
throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " +
"service stub from the pool", e);
} finally {
try {
this.stubs.returnObject(stub);
} catch (Exception e) {
log.warn("Error occurred while returning the object back to the oauth token validation service " +
"stub pool", e);
}
}
if (validationResponse == null) {
if (log.isDebugEnabled()) {
log.debug("Response returned by the OAuth token validation service is null");
}
return null;
}
boolean isValid = validationResponse.getValid();
String tenantDomain;
String username;
if (isValid) {
username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
} else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
return oAuthValidationResponse;
}
return new OAuthValidationResponse(username, tenantDomain, isValid);
} }
@Override private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {
public OAuthValidationResponse validateToken(String accessToken, String resource) throws
OAuthTokenValidationException {
OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO(); OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO();
OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken =
new OAuth2TokenValidationRequestDTO_OAuth2AccessToken(); new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE);
oauthToken.setTokenType("bearer");
oauthToken.setIdentifier(accessToken); oauthToken.setIdentifier(accessToken);
validationRequest.setAccessToken(oauthToken); validationRequest.setAccessToken(oauthToken);
//Set the resource context param. This will be used in scope validation. OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam =
OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new new OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY); resourceContextParam.setKey("resource");
resourceContextParam.setValue(resource); resourceContextParam.setValue(resource);
OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams =
new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1]; new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
tokenValidationContextParams[0] = resourceContextParam; tokenValidationContextParams[0] = resourceContextParam;
validationRequest.setContext(tokenValidationContextParams); validationRequest.setContext(tokenValidationContextParams);
OAuth2TokenValidationServiceStub tokenValidationService; return validationRequest;
try {
tokenValidationService = new OAuth2TokenValidationServiceStub(hostURL);
} catch (AxisFault axisFault) {
throw new OAuthTokenValidationException("Exception occurred while obtaining the " +
"OAuth2TokenValidationServiceStub.", axisFault);
}
ServiceClient client = tokenValidationService._getServiceClient();
Options options = client.getOptions();
List<Header> headerList = new ArrayList<>();
Header header = new Header();
header.setName(HTTPConstants.HEADER_AUTHORIZATION);
header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + getBasicAuthCredentials());
headerList.add(header);
options.setProperty(HTTPConstants.HTTP_HEADERS, headerList);
client.setOptions(options);
OAuth2TokenValidationResponseDTO tokenValidationResponse;
try {
tokenValidationResponse = tokenValidationService.
findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
} catch (RemoteException e) {
throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for " +
"OAuth2 token validation.", e);
}
boolean isValid = tokenValidationResponse.getValid();
String userName;
String tenantDomain;
if (isValid) {
userName = MultitenantUtils.getTenantAwareUsername(
tokenValidationResponse.getAuthorizedUser());
tenantDomain = MultitenantUtils.getTenantDomain(tokenValidationResponse.getAuthorizedUser());
} else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg());
return oAuthValidationResponse;
}
return new OAuthValidationResponse(userName,tenantDomain,isValid);
} }
} }

@ -18,14 +18,15 @@
*/ */
package org.wso2.carbon.webapp.authenticator.framework.config; package org.wso2.carbon.webapp.authenticator.framework.config;
import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.*;
import javax.xml.bind.annotation.XmlRootElement; import java.util.List;
@XmlRootElement(name = "Authenticator") @XmlRootElement(name = "Authenticator")
public class AuthenticatorConfig { public class AuthenticatorConfig {
private String name; private String name;
private String className; private String className;
private List<Parameter> params;
@XmlElement(name = "Name", required = true) @XmlElement(name = "Name", required = true)
public String getName() { public String getName() {
@ -45,4 +46,38 @@ public class AuthenticatorConfig {
this.className = className; this.className = className;
} }
@XmlElementWrapper(name = "Parameters", nillable = true)
@XmlElement(name = "Parameter", nillable = false)
public List<Parameter> getParams() {
return this.params;
}
public void setParams(List<Parameter> params) {
this.params = params;
}
@XmlRootElement(name = "Parameter")
public static class Parameter {
private String name;
private String value;
@XmlAttribute(name = "Name")
public String getName() {
return this.name;
}
public void setName(String name) {
this.name = name;
}
@XmlValue
public String getValue() {
return this.value;
}
public void setValue(String value) {
this.value = value;
}
}
} }

@ -36,6 +36,7 @@ import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticator
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Properties;
/** /**
* @scr.component name="org.wso2.carbon.webapp.authenticator" immediate="true" * @scr.component name="org.wso2.carbon.webapp.authenticator" immediate="true"
@ -77,8 +78,17 @@ public class WebappAuthenticatorFrameworkServiceComponent {
WebappAuthenticatorConfig.init(); WebappAuthenticatorConfig.init();
WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository(); WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository();
for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) { for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) {
WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()). WebappAuthenticator authenticator =
newInstance(); (WebappAuthenticator) Class.forName(config.getClassName()).newInstance();
if ((config.getParams() != null) && (!config.getParams().isEmpty())) {
Properties properties = new Properties();
for (AuthenticatorConfig.Parameter param : config.getParams()) {
properties.setProperty(param.getName(), param.getValue());
}
authenticator.setProperties(properties);
}
authenticator.init();
repository.addAuthenticator(authenticator); repository.addAuthenticator(authenticator);
} }
AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository); AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository);

@ -0,0 +1,64 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework.test;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.utils.ServerConstants;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkException;
import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig;
import java.util.List;
public class WebappAuthenticatorConfigTest {
@BeforeClass
public void init() {
System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, "src/test/resources/config");
}
@Test
public void testConfigInitialization() {
try {
WebappAuthenticatorConfig.init();
WebappAuthenticatorConfig config = WebappAuthenticatorConfig.getInstance();
Assert.assertNotNull(config);
List<AuthenticatorConfig> authConfigs = config.getAuthenticators();
Assert.assertNotNull(authConfigs);
} catch (AuthenticatorFrameworkException e) {
Assert.fail("Error occurred while testing webapp authenticator config initialization", e);
} catch (Throwable e) {
Assert.fail("Unexpected error has been encountered while testing webapp authenticator config " +
"initialization", e);
}
}
@AfterClass
public void cleanup() {
System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, "");
}
}

@ -0,0 +1,106 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework.test;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.pool.ObjectPool;
import org.apache.commons.pool.impl.GenericObjectPool;
import org.testng.Assert;
import org.testng.annotations.Test;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
import java.util.Properties;
public class WebappAuthenticatorFrameworkUtilTest {
private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkUtilTest.class);
private static final String TOKEN_VALIDATION_SERVICE_URL = "https://localhost:9443";
private static final String ADMIN_USERNAME = "admin";
private static final String ADMIN_PASSWORD = "admin";
private static final Properties PROPERTIES = new Properties();
static {
PROPERTIES.setProperty("MaxTotalConnections", "100");
PROPERTIES.setProperty("MaxConnectionsPerHost", "100");
}
@Test
public void testOAuthTokenValidatorStubPool() {
ObjectPool stubs = null;
OAuth2TokenValidationServiceStub stub = null;
try {
stubs = new GenericObjectPool(
new OAuthTokenValidationStubFactory(
TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES));
stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject();
Assert.assertNotNull(stub);
} catch (Exception e) {
String msg = "Error occurred while borrowing an oauth validator service stub instance from the pool";
log.error(msg, e);
Assert.fail(msg, e);
} finally {
if (stubs != null) {
try {
if (stub != null) {
stubs.returnObject(stub);
}
} catch (Exception e) {
log.warn("Error occurred while returning oauth validator service stub instance to the pool", e);
}
/* Checks if the stub instance used above has been properly returned to the pool */
Assert.assertEquals(stubs.getNumIdle(), 1);
/* Verifies that there's no hanging connections after the operation performed above */
Assert.assertEquals(stubs.getNumActive(), 0);
try {
stubs.close();
} catch (Exception e) {
log.warn("Error occurred while closing the object pool", e);
}
}
}
}
@Test(expectedExceptions = IllegalArgumentException.class)
public void testStubFactoryInitWithInvalidHttpClientProperties() {
new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES);
}
@Test(expectedExceptions = IllegalArgumentException.class)
public void testStubFactoryInitWithInvalidUsername() {
new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES);
}
@Test(expectedExceptions = IllegalArgumentException.class)
public void testStubFactoryInitWithInvalidPassword() {
new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, null, PROPERTIES);
}
@Test(expectedExceptions = IllegalArgumentException.class)
public void testStubFactoryInitWithInvalidUrl() {
new OAuthTokenValidationStubFactory(null, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES);
}
}

@ -0,0 +1,28 @@
<WebappAuthenticatorConfig>
<Authenticators>
<Authenticator>
<Name>OAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName>
<Parameters>
<Parameter Name="TokenValidationEndpointUrl">https://localhost:9443</Parameter>
<Parameter Name="Username">admin</Parameter>
<Parameter Name="Password">admin</Parameter>
<Parameter Name="IsRemote">true</Parameter>
<Parameter Name="MaxConnectionsPerHost">10000</Parameter>
<Parameter Name="MaxTotalConnections">10000</Parameter>
</Parameters>
</Authenticator>
<Authenticator>
<Name>BasicAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.BasicAuthAuthenticator</ClassName>
</Authenticator>
<Authenticator>
<Name>JWT</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
</Authenticator>
<Authenticator>
<Name>CertificateAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator</ClassName>
</Authenticator>
</Authenticators>
</WebappAuthenticatorConfig>

@ -0,0 +1,32 @@
#
# Copyright 2009 WSO2, Inc. (http://wso2.com)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# This is the log4j configuration file used by WSO2 Carbon
#
# IMPORTANT : Please do not remove or change the names of any
# of the Appenders defined here. The layout pattern & log file
# can be changed using the WSO2 Carbon Management Console, and those
# settings will override the settings in this file.
#
log4j.rootLogger=ERROR, STD_OUT
# Redirect log messages to console
log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
log4j.appender.STD_OUT.Target=System.out
log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n

@ -0,0 +1,37 @@
<!--
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
<suite name="WebappAuthenticatorFramework">
<parameter name="useDefaultListeners" value="false"/>
<test name="WebappAuthenticatorConfigTests" preserve-order="true">
<classes>
<class name="org.wso2.carbon.webapp.authenticator.framework.test.WebappAuthenticatorConfigTest"/>
</classes>
</test>
<test name="WebappAuthenticatorUtilTests" preserve-order="true">
<classes>
<class name="org.wso2.carbon.webapp.authenticator.framework.test.WebappAuthenticatorFrameworkUtilTest"/>
</classes>
</test>
</suite>

@ -3,6 +3,14 @@
<Authenticator> <Authenticator>
<Name>OAuth</Name> <Name>OAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName> <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName>
<Parameters>
<Parameter Name="IsRemote">true</Parameter>
<Parameter Name="TokenValidationEndpointUrl">https://localhost:9443</Parameter>
<Parameter Name="Username">admin</Parameter>
<Parameter Name="Password">admin</Parameter>
<Parameter Name="MaxTotalConnections">100</Parameter>
<Parameter Name="MaxConnectionsPerHost">100</Parameter>
</Parameters>
</Authenticator> </Authenticator>
<Authenticator> <Authenticator>
<Name>BasicAuth</Name> <Name>BasicAuth</Name>

@ -1263,6 +1263,23 @@
<artifactId>neethi</artifactId> <artifactId>neethi</artifactId>
<version>${neethi.version}</version> <version>${neethi.version}</version>
</dependency> </dependency>
<dependency>
<groupId>commons-pool.wso2</groupId>
<artifactId>commons-pool</artifactId>
<version>${commons.pool.wso2.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents.wso2</groupId>
<artifactId>httpclient</artifactId>
<version>${httpcomponents.httpclient.version}</version>
</dependency>
<dependency>
<groupId>commons-httpclient.wso2</groupId>
<artifactId>commons-httpclient</artifactId>
<version>${commons.httpclient.version}</version>
</dependency>
</dependencies> </dependencies>
</dependencyManagement> </dependencyManagement>
@ -1374,6 +1391,11 @@
<artifactId>build-helper-maven-plugin</artifactId> <artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version> <version>1.8</version>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.18</version>
</plugin>
</plugins> </plugins>
</pluginManagement> </pluginManagement>
</build> </build>
@ -1554,8 +1576,13 @@
<neethi.version>2.0.4</neethi.version> <neethi.version>2.0.4</neethi.version>
<neethi.wso2.version>2.0.4.wso2v4</neethi.wso2.version> <neethi.wso2.version>2.0.4.wso2v4</neethi.wso2.version>
<!-- Release plugin ID for github--> <!-- Release plugin ID for github-->
<project.scm.id>github-scm</project.scm.id> <project.scm.id>github-scm</project.scm.id>
<commons.pool.wso2.version>1.5.6.wso2v1</commons.pool.wso2.version>
<httpcomponents.httpclient.version>4.2.3.wso2v1</httpcomponents.httpclient.version>
<commons.httpclient.version>3.1.0.wso2v2</commons.httpclient.version>
</properties> </properties>
</project> </project>

Loading…
Cancel
Save