diff --git a/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml b/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml
index f9f1d342062..51bce89c192 100644
--- a/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml
+++ b/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml
@@ -84,6 +84,10 @@
org.wso2.carbon.identity
org.wso2.carbon.identity.oauth
+
+ org.wso2.carbon.identity
+ org.wso2.carbon.identity.sso.saml
+
com.googlecode.json-simple.wso2
json-simple
diff --git a/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java b/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java
index 599619cfc1b..94cc4bf81cf 100644
--- a/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java
+++ b/components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java
@@ -24,20 +24,27 @@ import org.json.JSONException;
import org.json.JSONObject;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.dynamic.client.registration.ApplicationConstants;
import org.wso2.carbon.dynamic.client.registration.DynamicClientRegistrationException;
import org.wso2.carbon.dynamic.client.registration.DynamicClientRegistrationService;
import org.wso2.carbon.dynamic.client.registration.OAuthApplicationInfo;
import org.wso2.carbon.dynamic.client.registration.profile.RegistrationProfile;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
+import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
+import org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig;
+import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.oauth.OAuthAdminService;
import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO;
+import org.wso2.carbon.identity.sso.saml.admin.SAMLSSOConfigAdmin;
+import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
+import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import java.util.Arrays;
@@ -48,6 +55,13 @@ import java.util.Arrays;
public class DynamicClientRegistrationImpl implements DynamicClientRegistrationService {
private static final String TOKEN_SCOPE = "tokenScope";
+ private static final String MDM = "mdm";
+ private static final String SAML_SSO = "samlsso";
+ private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator";
+ private static final String BASIC = "basic";
+ private static final String LOCAL = "local";
+ private static final String ASSERTION_CONSUMER_URI = "https://localhost:9443/mdm/sso/acs";
+ private static final String AUDIENCE = "https://null:9443/oauth2/token";
private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class);
@Override
@@ -89,16 +103,16 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (jsonObject.has(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS)) {
oAuthApplicationInfo
.addParameter(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS,
- jsonObject
- .get(ApplicationConstants.ClientMetadata.
- OAUTH_REDIRECT_URIS));
+ jsonObject
+ .get(ApplicationConstants.ClientMetadata.
+ OAUTH_REDIRECT_URIS));
}
if (jsonObject.has(ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT)) {
oAuthApplicationInfo.addParameter(ApplicationConstants.ClientMetadata.
- OAUTH_CLIENT_GRANT, jsonObject
- .get(ApplicationConstants.ClientMetadata.
- OAUTH_CLIENT_GRANT));
+ OAUTH_CLIENT_GRANT, jsonObject
+ .get(ApplicationConstants.ClientMetadata.
+ OAUTH_CLIENT_GRANT));
}
} catch (JSONException e) {
throw new DynamicClientRegistrationException(
@@ -148,9 +162,14 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (appMgtService == null) {
throw new IllegalStateException(
"Error occurred while retrieving Application Management" +
- "Service");
+ "Service");
+ }
+
+ ServiceProvider existingServiceProvider = appMgtService.getApplication(applicationName);
+
+ if(existingServiceProvider == null) {
+ appMgtService.createApplication(serviceProvider);
}
- appMgtService.createApplication(serviceProvider);
ServiceProvider createdServiceProvider = appMgtService.getApplication(applicationName);
if (createdServiceProvider == null) {
@@ -170,14 +189,17 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
log.debug("Creating OAuth App " + applicationName);
}
- oAuthAdminService.registerOAuthApplicationData(oAuthConsumerAppDTO);
+ if(existingServiceProvider == null) {
+ oAuthAdminService.registerOAuthApplicationData(oAuthConsumerAppDTO);
+ }
+
if (log.isDebugEnabled()) {
log.debug("Created OAuth App " + applicationName);
}
OAuthConsumerAppDTO createdApp =
oAuthAdminService.getOAuthApplicationDataByAppName(oAuthConsumerAppDTO
- .getApplicationName());
+ .getApplicationName());
if (log.isDebugEnabled()) {
log.debug("Retrieved Details for OAuth App " + createdApp.getApplicationName());
}
@@ -185,15 +207,15 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
InboundAuthenticationConfig inboundAuthenticationConfig =
new InboundAuthenticationConfig();
InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs = new
- InboundAuthenticationRequestConfig[1];
+ InboundAuthenticationRequestConfig[2];
+
InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = new
InboundAuthenticationRequestConfig();
-
inboundAuthenticationRequestConfig.setInboundAuthKey(createdApp.getOauthConsumerKey());
inboundAuthenticationRequestConfig.setInboundAuthType("oauth2");
if (createdApp.getOauthConsumerSecret() != null && !createdApp.
- getOauthConsumerSecret()
- .isEmpty()) {
+ getOauthConsumerSecret()
+ .isEmpty()) {
Property property = new Property();
property.setName("oauthConsumerSecret");
property.setValue(createdApp.getOauthConsumerSecret());
@@ -201,10 +223,41 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
inboundAuthenticationRequestConfig.setProperties(properties);
}
+ SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO();
+ samlssoServiceProviderDTO.setIssuer(MDM);
+ samlssoServiceProviderDTO.setAssertionConsumerUrl(ASSERTION_CONSUMER_URI);
+ samlssoServiceProviderDTO.setDoSignResponse(true);
+ samlssoServiceProviderDTO.setRequestedAudiences(new String[]{AUDIENCE});
+
+ SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
+ configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO);
+
+ InboundAuthenticationRequestConfig samlAuthenticationRequest = new InboundAuthenticationRequestConfig();
+ samlAuthenticationRequest.setInboundAuthKey(MDM);
+ samlAuthenticationRequest.setInboundAuthType(SAML_SSO);
+
+ LocalAuthenticatorConfig localAuth = new LocalAuthenticatorConfig();
+ localAuth.setName(BASIC_AUTHENTICATOR);
+ localAuth.setDisplayName(BASIC);
+ localAuth.setEnabled(true);
+
+ AuthenticationStep authStep = new AuthenticationStep();
+ authStep.setStepOrder(1);
+ authStep.setSubjectStep(true);
+ authStep.setAttributeStep(true);
+
+ authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[]{localAuth});
+
+ LocalAndOutboundAuthenticationConfig localOutboundAuthConfig = new LocalAndOutboundAuthenticationConfig();
+ localOutboundAuthConfig.setAuthenticationType(LOCAL);
+ localOutboundAuthConfig.setAuthenticationSteps(new AuthenticationStep[]{authStep});
+
inboundAuthenticationRequestConfigs[0] = inboundAuthenticationRequestConfig;
+ inboundAuthenticationRequestConfigs[1] = samlAuthenticationRequest;
inboundAuthenticationConfig
.setInboundAuthenticationRequestConfigs(inboundAuthenticationRequestConfigs);
createdServiceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
+ createdServiceProvider.setLocalAndOutBoundAuthenticationConfig(localOutboundAuthConfig);
// Update the Service Provider app to add OAuthApp as an Inbound Authentication Config
appMgtService.updateApplication(createdServiceProvider);
@@ -221,6 +274,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
oAuthApplicationInfo.addParameter(
ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT,
createdApp.getGrantTypes());
+
return oAuthApplicationInfo;
} catch (IdentityApplicationManagementException e) {
throw new DynamicClientRegistrationException(
@@ -234,6 +288,11 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
}
}
+ protected Registry getConfigSystemRegistry() {
+ return (Registry)PrivilegedCarbonContext.getThreadLocalCarbonContext().
+ getRegistry(RegistryType.SYSTEM_CONFIGURATION);
+ }
+
@Override
public boolean unregisterOAuthApplication(String userId, String applicationName,
String consumerKey)
@@ -250,7 +309,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (userId == null || userId.isEmpty()) {
throw new DynamicClientRegistrationException(
"Error occurred while unregistering Application: userId cannot " +
- "be null/empty");
+ "be null/empty");
}
try {
OAuthAdminService oAuthAdminService = new OAuthAdminService();
@@ -260,7 +319,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (oAuthConsumerAppDTO == null) {
throw new DynamicClientRegistrationException(
"Couldn't retrieve OAuth Consumer Application associated with the " +
- "given consumer key: " + consumerKey);
+ "given consumer key: " + consumerKey);
}
oAuthAdminService.removeOAuthApplicationData(consumerKey);
@@ -269,7 +328,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (appMgtService == null) {
throw new IllegalStateException(
"Error occurred while retrieving Application Management" +
- "Service");
+ "Service");
}
ServiceProvider createdServiceProvider = appMgtService.getApplication(applicationName);
@@ -299,7 +358,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
if (appMgtService == null) {
throw new IllegalStateException(
"Error occurred while retrieving Application Management" +
- "Service");
+ "Service");
}
try {
if (appMgtService.getApplication(applicationName) != null) {
diff --git a/pom.xml b/pom.xml
index ce2f4a193fb..af165f29196 100644
--- a/pom.xml
+++ b/pom.xml
@@ -935,6 +935,11 @@
org.wso2.carbon.identity.oauth
${carbon.identity.version}
+
+ org.wso2.carbon.identity
+ org.wso2.carbon.identity.sso.saml
+ ${carbon.identity.version}
+
com.googlecode.json-simple.wso2
json-simple