diff --git a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java
index c738d8aec12..0594491121a 100644
--- a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java
+++ b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java
@@ -60,15 +60,7 @@ public class OAuthEndpointProxy {
int status = serverResponse.getStatusLine().getStatusCode();
String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8);
response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build();
- } catch (URISyntaxException e) {
- String msg = "Service invoke error occurred while registering client";
- log.error(msg, e);
- response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
- } catch (UnsupportedEncodingException e) {
- String msg = "Service invoke error occurred while registering client";
- log.error(msg, e);
- response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
- } catch (IOException e) {
+ } catch (URISyntaxException | IOException e) {
String msg = "Service invoke error occurred while registering client";
log.error(msg, e);
response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
index 3dad448cc68..204806ea0ca 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
@@ -105,12 +105,29 @@
org.apache.axis2.client,
org.apache.commons.codec.binary,
org.apache.commons.httpclient,
- org.wso2.carbon.core.security
+ org.wso2.carbon.core.security,
+ org.apache.axis2.context,
+ org.apache.commons.httpclient.params,
+ org.apache.commons.pool,
+ org.apache.commons.pool.impl,
+ org.apache.http.conn,
+ org.apache.http.impl.conn
-
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+
+ file:src/test/resources/log4j.properties
+
+
+ src/test/resources/testng.xml
+
+
+
@@ -175,6 +192,22 @@
org.wso2.carbon.devicemgt
org.wso2.carbon.device.mgt.common
+
+ org.apache.httpcomponents.wso2
+ httpclient
+
+
+ commons-httpclient.wso2
+ commons-httpclient
+
+
+ org.testng
+ testng
+
+
+ commons-pool.wso2
+ commons-pool
+
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java
new file mode 100644
index 00000000000..95fbc86a446
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/OAuthTokenValidationStubFactory.java
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.wso2.carbon.webapp.authenticator.framework.Utils;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.transport.http.HTTPConstants;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpConnectionManager;
+import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
+import org.apache.commons.httpclient.params.HttpConnectionManagerParams;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.commons.pool.PoolableObjectFactory;
+import org.apache.http.conn.HttpClientConnectionManager;
+import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
+import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+public class OAuthTokenValidationStubFactory implements PoolableObjectFactory {
+
+ private String url;
+ private String basicAuthHeader;
+ private HttpClient httpClient;
+
+ private static final Log log = LogFactory.getLog(OAuthTokenValidationStubFactory.class);
+
+ public OAuthTokenValidationStubFactory(String url, String adminUsername, String adminPassword,
+ Properties properties) {
+ this.validateUrl(url);
+ this.url = url;
+
+ this.validateCredentials(adminUsername, adminPassword);
+ this.basicAuthHeader = new String(Base64.encodeBase64((adminUsername + ":" + adminPassword).getBytes()));
+
+ HttpConnectionManager connectionManager = this.createConnectionManager(properties);
+ this.httpClient = new HttpClient(connectionManager);
+ }
+
+ /**
+ * Creates an instance of MultiThreadedHttpConnectionManager using HttpClient 3.x APIs
+ *
+ * @param properties Properties to configure MultiThreadedHttpConnectionManager
+ * @return An instance of properly configured MultiThreadedHttpConnectionManager
+ */
+ private HttpConnectionManager createConnectionManager(Properties properties) {
+ HttpConnectionManagerParams params = new HttpConnectionManagerParams();
+ if (properties == null || properties.isEmpty()) {
+ throw new IllegalArgumentException("Parameters required to initialize HttpClient instances " +
+ "associated with OAuth token validation service stub are not provided");
+ }
+ String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost");
+ if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) {
+ if (log.isDebugEnabled()) {
+ log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " +
+ "which is 2, will be used");
+ }
+ } else {
+ params.setDefaultMaxConnectionsPerHost(Integer.parseInt(maxConnectionsPerHostParam));
+ }
+
+ String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections");
+ if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) {
+ if (log.isDebugEnabled()) {
+ log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " +
+ "which is 10, will be used");
+ }
+ } else {
+ params.setMaxTotalConnections(Integer.parseInt(maxTotalConnectionsParam));
+ }
+ HttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager();
+ connectionManager.setParams(params);
+ return connectionManager;
+ }
+
+ /**
+ * Creates an instance of PoolingHttpClientConnectionManager using HttpClient 4.x APIs
+ *
+ * @param properties Properties to configure PoolingHttpClientConnectionManager
+ * @return An instance of properly configured PoolingHttpClientConnectionManager
+ */
+ private HttpClientConnectionManager createClientConnectionManager(Properties properties) {
+ PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
+ if (properties != null) {
+ String maxConnectionsPerHostParam = properties.getProperty("MaxConnectionsPerHost");
+ if (maxConnectionsPerHostParam == null || maxConnectionsPerHostParam.isEmpty()) {
+ if (log.isDebugEnabled()) {
+ log.debug("MaxConnectionsPerHost parameter is not explicitly defined. Therefore, the default, " +
+ "which is 2, will be used");
+ }
+ } else {
+ connectionManager.setDefaultMaxPerRoute(Integer.parseInt(maxConnectionsPerHostParam));
+ }
+
+ String maxTotalConnectionsParam = properties.getProperty("MaxTotalConnections");
+ if (maxTotalConnectionsParam == null || maxTotalConnectionsParam.isEmpty()) {
+ if (log.isDebugEnabled()) {
+ log.debug("MaxTotalConnections parameter is not explicitly defined. Therefore, the default, " +
+ "which is 10, will be used");
+ }
+ } else {
+ connectionManager.setMaxTotal(Integer.parseInt(maxTotalConnectionsParam));
+ }
+ } else {
+ if (log.isDebugEnabled()) {
+ log.debug("Properties, i.e. MaxTotalConnections/MaxConnectionsPerHost, required to tune the " +
+ "HttpClient used in OAuth token validation service stub instances are not provided. " +
+ "Therefore, the defaults, 2/10 respectively, will be used");
+ }
+ }
+ return connectionManager;
+ }
+
+ @Override
+ public Object makeObject() throws Exception {
+ return this.createStub();
+ }
+
+ @Override
+ public void destroyObject(Object o) throws Exception {
+
+ }
+
+ @Override
+ public boolean validateObject(Object o) {
+ return true;
+ }
+
+ @Override
+ public void activateObject(Object o) throws Exception {
+ if (log.isDebugEnabled()) {
+ log.debug("OAuth token validate stub instance is activated");
+ }
+ }
+
+ @Override
+ public void passivateObject(Object o) throws Exception {
+ if (o instanceof OAuth2TokenValidationServiceStub) {
+ OAuth2TokenValidationServiceStub stub = (OAuth2TokenValidationServiceStub) o;
+ stub._getServiceClient().cleanupTransport();
+ }
+ }
+
+ private OAuth2TokenValidationServiceStub createStub() throws OAuthTokenValidationException {
+ OAuth2TokenValidationServiceStub stub;
+ try {
+ stub = new OAuth2TokenValidationServiceStub(url);
+ ServiceClient client = stub._getServiceClient();
+ client.getServiceContext().getConfigurationContext().setProperty(
+ HTTPConstants.CACHED_HTTP_CLIENT, httpClient);
+
+ List headerList = new ArrayList<>();
+ Header header = new Header();
+ header.setName(HTTPConstants.HEADER_AUTHORIZATION);
+ header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + basicAuthHeader);
+ headerList.add(header);
+
+ Options options = client.getOptions();
+ options.setProperty(HTTPConstants.HTTP_HEADERS, headerList);
+ options.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, "true");
+ client.setOptions(options);
+ } catch (AxisFault axisFault) {
+ throw new OAuthTokenValidationException("Error occurred while creating the " +
+ "OAuth2TokenValidationServiceStub.", axisFault);
+ }
+ return stub;
+ }
+
+ private void validateUrl(String url) {
+ if (url == null || url.isEmpty()) {
+ throw new IllegalArgumentException("Url provided as the endpoint of the OAuth token validation service " +
+ "is null");
+ }
+ }
+
+ private void validateCredentials(String adminUsername, String adminPassword) {
+ if (adminUsername == null || adminUsername.isEmpty()) {
+ throw new IllegalArgumentException("An appropriate username required to initialize OAuth token " +
+ "validation service stub factory hasn't been provided");
+ }
+ if (adminPassword == null || adminPassword.isEmpty()) {
+ throw new IllegalArgumentException("An appropriate password required to initialize OAuth token " +
+ "validation service stub factory hasn't been provided");
+ }
+ }
+
+}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java
index 9613b18c00e..c211e74e9be 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java
@@ -26,7 +26,8 @@ import java.util.Map;
public class WebappAuthenticatorFactory {
public static WebappAuthenticator getAuthenticator(String authScheme) {
- return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme);
+ return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().
+ getAuthenticator(authScheme);
}
public static WebappAuthenticator getAuthenticator(Request request) {
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
index 902c796b557..7b752ce77a0 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
@@ -27,10 +27,17 @@ import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
+import java.util.Properties;
+
public class BasicAuthAuthenticator implements WebappAuthenticator {
private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth";
+ @Override
+ public void init() {
+
+ }
+
@Override
public boolean canHandle(Request request) {
MessageBytes authorization =
@@ -55,6 +62,21 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
return BasicAuthAuthenticator.BASIC_AUTH_AUTHENTICATOR;
}
+ @Override
+ public void setProperties(Properties properties) {
+
+ }
+
+ @Override
+ public Properties getProperties() {
+ return null;
+ }
+
+ @Override
+ public String getProperty(String name) {
+ return null;
+ }
+
private Credentials getCredentials(Request request) {
Credentials credentials = null;
MessageBytes authorization =
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
index 2dd530c16f2..f747c6d30b9 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
@@ -15,6 +15,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import java.security.cert.X509Certificate;
+import java.util.Properties;
/**
* This authenticator authenticates HTTP requests using certificates.
@@ -25,6 +26,11 @@ public class CertificateAuthenticator implements WebappAuthenticator {
private static final String CERTIFICATE_AUTHENTICATOR = "CertificateAuth";
private static final String CERTIFICATE_VERIFICATION_HEADER = "certificate-verification-header";
+ @Override
+ public void init() {
+
+ }
+
@Override
public boolean canHandle(Request request) {
String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER);
@@ -93,4 +99,20 @@ public class CertificateAuthenticator implements WebappAuthenticator {
public String getName() {
return CERTIFICATE_AUTHENTICATOR;
}
+
+ @Override
+ public void setProperties(Properties properties) {
+
+ }
+
+ @Override
+ public Properties getProperties() {
+ return null;
+ }
+
+ @Override
+ public String getProperty(String name) {
+ return null;
+ }
+
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
index 16aeabc848e..cb1d11d34fa 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
@@ -39,6 +39,7 @@ import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkData
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
+import java.util.Properties;
import java.util.StringTokenizer;
/**
@@ -51,6 +52,11 @@ public class JWTAuthenticator implements WebappAuthenticator {
private static final String JWT_AUTHENTICATOR = "JWT";
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
+ @Override
+ public void init() {
+
+ }
+
@Override
public boolean canHandle(Request request) {
String authorizationHeader = request.getHeader(JWTAuthenticator.JWT_ASSERTION_HEADER);
@@ -137,4 +143,19 @@ public class JWTAuthenticator implements WebappAuthenticator {
public String getName() {
return JWTAuthenticator.JWT_AUTHENTICATOR;
}
+
+ @Override
+ public void setProperties(Properties properties) {
+
+ }
+
+ @Override
+ public Properties getProperties() {
+ return null;
+ }
+
+ @Override
+ public String getProperty(String name) {
+ return null;
+ }
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
index 06bfe4f99d9..bbeab152a3f 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
@@ -18,22 +18,21 @@
*/
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
-import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
-import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO;
-import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
-import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
-import org.wso2.carbon.webapp.authenticator.framework.*;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidatorFactory;
+import java.util.Properties;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -42,22 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator {
private static final String OAUTH_AUTHENTICATOR = "OAuth";
private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s";
- private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN);
+ private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s");
private static final String BEARER_TOKEN_TYPE = "bearer";
private static final String RESOURCE_KEY = "resource";
+ private Properties properties;
+ private OAuth2TokenValidator tokenValidator;
+ private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
+ public void init() {
+ if (this.properties == null) {
+ throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " +
+ "are not provided");
+ }
- private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
+ String url = this.properties.getProperty("TokenValidationEndpointUrl");
+ if ((url == null) || (url.isEmpty())) {
+ throw new IllegalArgumentException("OAuth token validation endpoint url is not provided");
+ }
+ String adminUsername = this.properties.getProperty("Username");
+ if (adminUsername == null) {
+ throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " +
+ "is not provided");
+ }
+
+ String adminPassword = this.properties.getProperty("Password");
+ if (adminPassword == null) {
+ throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " +
+ "is not provided");
+ }
+
+ boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote"));
+
+ Properties validatorProperties = new Properties();
+ validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections"));
+ validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost"));
+ this.tokenValidator =
+ OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties);
+ }
+
+ public boolean canHandle(org.apache.catalina.connector.Request request) {
+ MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
- @Override
- public boolean canHandle(Request request) {
- MessageBytes authorization =
- request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
- String tokenValue;
if (authorization != null) {
authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk();
- tokenValue = authBC.toString();
+ String tokenValue = authBC.toString();
Matcher matcher = PATTERN.matcher(tokenValue);
if (matcher.find()) {
return true;
@@ -66,50 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return false;
}
- @Override
- public AuthenticationInfo authenticate(Request request, Response response) {
+ public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
String requestUri = request.getRequestURI();
String requestMethod = request.getMethod();
AuthenticationInfo authenticationInfo = new AuthenticationInfo();
- if (requestUri == null || "".equals(requestUri)) {
- authenticationInfo.setStatus(Status.CONTINUE);
+ if ((requestUri == null) || ("".equals(requestUri))) {
+ authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
return authenticationInfo;
}
StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
String context = tokenizer.nextToken();
- if (context == null || "".equals(context)) {
- authenticationInfo.setStatus(Status.CONTINUE);
+ if ((context == null) || ("".equals(context))) {
+ authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
}
String apiVersion = tokenizer.nextToken();
- //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
+
String authLevel = "any";
try {
- if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
- AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,
- context);
- authenticationInfo.setStatus(Status.CONTINUE);
+ if ("noMatchedAuthScheme".equals(authLevel)) {
+ AuthenticationFrameworkUtil.handleNoMatchAuthScheme(
+ request, response, requestMethod, apiVersion, context);
+
+ authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} else {
- String bearerToken = this.getBearerToken(request);
- //Set the resource context param. This will be used in scope validation.
+ String bearerToken = getBearerToken(request);
+
String resource = requestUri + ":" + requestMethod;
- //Get the appropriate OAuth validator from OAuthValidatorFactory.
- OAuth2TokenValidator oAuth2TokenValidator = OAuthValidatorFactory.getValidator();
- OAuthValidationResponse oAuthValidationResponse = oAuth2TokenValidator.validateToken(bearerToken, resource);
+
+ OAuthValidationResponse oAuthValidationResponse =
+ this.tokenValidator.validateToken(bearerToken, resource);
if (oAuthValidationResponse.isValid()) {
String username = oAuthValidationResponse.getUserName();
String tenantDomain = oAuthValidationResponse.getTenantDomain();
- //Remove the userstore domain from username
- /*if (username.contains("/")) {
- username = username.substring(username.indexOf('/') + 1);
- }*/
+
authenticationInfo.setUsername(username);
authenticationInfo.setTenantDomain(tenantDomain);
authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain));
- if (oAuthValidationResponse.isValid()) {
- authenticationInfo.setStatus(Status.CONTINUE);
- }
+ if (oAuthValidationResponse.isValid())
+ authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
} else {
authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg());
}
@@ -122,15 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator {
return authenticationInfo;
}
- @Override
public String getName() {
- return OAuthAuthenticator.OAUTH_AUTHENTICATOR;
+ return "OAuth";
+ }
+
+ public String getProperty(String name) {
+ if (this.properties == null) {
+ return null;
+ }
+ return this.properties.getProperty(name);
+ }
+
+ public Properties getProperties() {
+ return this.properties;
}
- private String getBearerToken(Request request) {
- MessageBytes authorization =
- request.getCoyoteRequest().getMimeHeaders().
- getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
+ public void setProperties(Properties properties) {
+ this.properties = properties;
+ }
+
+ private String getBearerToken(org.apache.catalina.connector.Request request) {
+ MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
+
String tokenValue = null;
if (authorization != null) {
authorization.toBytes();
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java
index d3493e329d5..1f76ac4d2f4 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java
@@ -22,16 +22,26 @@ import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
+import java.util.Properties;
+
public interface WebappAuthenticator {
enum Status {
SUCCESS, FAILURE, CONTINUE
}
+ void init();
+
boolean canHandle(Request request);
AuthenticationInfo authenticate(Request request, Response response);
String getName();
+ void setProperties(Properties properties);
+
+ Properties getProperties();
+
+ String getProperty(String name);
+
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java
index 44fefdf9bcd..a5bbf2cbdb9 100755
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java
@@ -21,51 +21,27 @@ import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.RemoteOAuthValidator;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl.LocalOAuthValidator;
+import java.util.Properties;
+
/**
* The class validate the configurations and provide the most suitable implementation according to the configuration.
* Factory class for OAuthValidator.
*/
public class OAuthValidatorFactory {
- private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote";
- private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL";
- private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername";
- private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword";
- private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator";
- private static String OAUTH_ENDPOINT_POSTFIX =
- "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
-
- /**
- * This factory method checks the authenticators.xml configuration file and provides an appropriate implementation
- * of OAuth2TokenValidator.
- * @return OAuth2TokenValidator
- */
- public static OAuth2TokenValidator getValidator() throws IllegalArgumentException {
- AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
- AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.
- getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME);
- boolean isRemote;
- String hostUrl;
- String adminUserName;
- String adminPassword;
- if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) {
- isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get(
- AUTHENTICATOR_CONFIG_IS_REMOTE));
- hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL);
- adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME);
- adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD);
- }else{
- throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " +
- "Authenticators.xml.");
- }
+ public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword,
+ boolean isRemote, Properties properties)
+ throws IllegalArgumentException
+ {
if (isRemote) {
- if (!(hostUrl == null || hostUrl.trim().isEmpty())) {
- hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX;
- return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword);
- } else {
- throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml.");
+ if ((url != null) && (!url.trim().isEmpty())) {
+ url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
+ return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties);
}
+ throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration.");
}
+
return new LocalOAuthValidator();
}
+
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
index 1a6142f3907..77009413828 100755
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
@@ -17,104 +17,103 @@
*/
package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl;
-import org.apache.axis2.AxisFault;
-import org.apache.axis2.client.Options;
-import org.apache.axis2.client.ServiceClient;
-import org.apache.axis2.transport.http.HTTPConstants;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.httpclient.Header;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.commons.pool.impl.GenericObjectPool;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_TokenValidationContextParam;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
+import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
import java.rmi.RemoteException;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Properties;
/**
* Handles the OAuth2 token validation from remote IS servers using remote OAuthValidation service-stub.
*/
public class RemoteOAuthValidator implements OAuth2TokenValidator {
- private String hostURL;
- private String adminUserName;
- private String adminPassword;
+ private GenericObjectPool stubs;
+ private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class);
- public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword) {
- this.hostURL = hostURL;
- this.adminUserName = adminUserName;
- this.adminPassword = adminPassword;
+ public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) {
+ this.stubs =
+ new GenericObjectPool(new OAuthTokenValidationStubFactory(
+ hostURL, adminUserName, adminPassword, properties));
}
- private String getBasicAuthCredentials() {
- byte[] bytesEncoded = Base64.encodeBase64((adminUserName + ":" + adminPassword).getBytes());
- return new String(bytesEncoded);
+ public OAuthValidationResponse validateToken(String accessToken,
+ String resource) throws OAuthTokenValidationException {
+ OAuth2TokenValidationServiceStub stub = null;
+ OAuth2TokenValidationResponseDTO validationResponse;
+ try {
+ OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
+ stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
+ validationResponse =
+ stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
+ } catch (RemoteException e) {
+ throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " +
+ "IS server for OAuth2 token validation.", e);
+ } catch (Exception e) {
+ throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " +
+ "service stub from the pool", e);
+ } finally {
+ try {
+ this.stubs.returnObject(stub);
+ } catch (Exception e) {
+ log.warn("Error occurred while returning the object back to the oauth token validation service " +
+ "stub pool", e);
+ }
+ }
+
+ if (validationResponse == null) {
+ if (log.isDebugEnabled()) {
+ log.debug("Response returned by the OAuth token validation service is null");
+ }
+ return null;
+ }
+
+ boolean isValid = validationResponse.getValid();
+ String tenantDomain;
+ String username;
+ if (isValid) {
+ username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
+ tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
+ } else {
+ OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
+ oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
+ return oAuthValidationResponse;
+ }
+ return new OAuthValidationResponse(username, tenantDomain, isValid);
}
- @Override
- public OAuthValidationResponse validateToken(String accessToken, String resource) throws
- OAuthTokenValidationException {
+ private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {
OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO();
OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken =
new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
- oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE);
+
+ oauthToken.setTokenType("bearer");
oauthToken.setIdentifier(accessToken);
validationRequest.setAccessToken(oauthToken);
- //Set the resource context param. This will be used in scope validation.
- OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new
- OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
- resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY);
+ OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam =
+ new OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
+
+ resourceContextParam.setKey("resource");
resourceContextParam.setValue(resource);
OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams =
new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
+
tokenValidationContextParams[0] = resourceContextParam;
validationRequest.setContext(tokenValidationContextParams);
- OAuth2TokenValidationServiceStub tokenValidationService;
- try {
- tokenValidationService = new OAuth2TokenValidationServiceStub(hostURL);
- } catch (AxisFault axisFault) {
- throw new OAuthTokenValidationException("Exception occurred while obtaining the " +
- "OAuth2TokenValidationServiceStub.", axisFault);
- }
- ServiceClient client = tokenValidationService._getServiceClient();
- Options options = client.getOptions();
- List headerList = new ArrayList<>();
- Header header = new Header();
- header.setName(HTTPConstants.HEADER_AUTHORIZATION);
- header.setValue(OAuthConstants.AUTHORIZATION_HEADER_PREFIX_BASIC + " " + getBasicAuthCredentials());
- headerList.add(header);
- options.setProperty(HTTPConstants.HTTP_HEADERS, headerList);
- client.setOptions(options);
- OAuth2TokenValidationResponseDTO tokenValidationResponse;
- try {
- tokenValidationResponse = tokenValidationService.
- findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
- } catch (RemoteException e) {
- throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for " +
- "OAuth2 token validation.", e);
- }
- boolean isValid = tokenValidationResponse.getValid();
- String userName;
- String tenantDomain;
- if (isValid) {
- userName = MultitenantUtils.getTenantAwareUsername(
- tokenValidationResponse.getAuthorizedUser());
- tenantDomain = MultitenantUtils.getTenantDomain(tokenValidationResponse.getAuthorizedUser());
- } else {
- OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
- oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg());
- return oAuthValidationResponse;
- }
- return new OAuthValidationResponse(userName,tenantDomain,isValid);
+ return validationRequest;
}
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java
index 6db4b46b03e..0fed4f50e2b 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java
@@ -18,14 +18,15 @@
*/
package org.wso2.carbon.webapp.authenticator.framework.config;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.*;
+import java.util.List;
@XmlRootElement(name = "Authenticator")
public class AuthenticatorConfig {
private String name;
private String className;
+ private List params;
@XmlElement(name = "Name", required = true)
public String getName() {
@@ -45,4 +46,37 @@ public class AuthenticatorConfig {
this.className = className;
}
+ @XmlElementWrapper(name="Parameters", nillable=true)
+ @XmlElement(name="Parameter", nillable=false)
+ public List getParams() {
+ return this.params;
+ }
+
+ public void setParams(List params) {
+ this.params = params;
+ }
+ @XmlRootElement(name="Parameter")
+ public static class Parameter {
+ private String name;
+ private String value;
+
+ @XmlAttribute(name="Name")
+ public String getName() {
+ return this.name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ @XmlValue
+ public String getValue() {
+ return this.value;
+ }
+
+ public void setValue(String value) {
+ this.value = value;
+ }
+ }
+
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
index 1fcb7a58c83..926a6eed51e 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
@@ -36,6 +36,7 @@ import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticator
import java.util.ArrayList;
import java.util.List;
+import java.util.Properties;
/**
* @scr.component name="org.wso2.carbon.webapp.authenticator" immediate="true"
@@ -77,8 +78,16 @@ public class WebappAuthenticatorFrameworkServiceComponent {
WebappAuthenticatorConfig.init();
WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository();
for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) {
- WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()).
- newInstance();
+ WebappAuthenticator authenticator = (WebappAuthenticator)Class.forName(config.getClassName()).newInstance();
+
+ if ((config.getParams() != null) && (!config.getParams().isEmpty())) {
+ Properties properties = new Properties();
+ for (AuthenticatorConfig.Parameter param : config.getParams()) {
+ properties.setProperty(param.getName(), param.getValue());
+ }
+ authenticator.setProperties(properties);
+ }
+ authenticator.init();
repository.addAuthenticator(authenticator);
}
AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository);
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java
new file mode 100644
index 00000000000..8ea931a8ebe
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorConfigTest.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.wso2.carbon.webapp.authenticator.framework.test;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.testng.Assert;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+import org.wso2.carbon.utils.ServerConstants;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkException;
+import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
+import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig;
+
+import java.util.List;
+
+public class WebappAuthenticatorConfigTest {
+
+ @BeforeClass
+ public void init() {
+ System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, "src/test/resources/config");
+ }
+
+ @Test
+ public void testConfigInitialization() {
+ try {
+ WebappAuthenticatorConfig.init();
+
+ WebappAuthenticatorConfig config = WebappAuthenticatorConfig.getInstance();
+ Assert.assertNotNull(config);
+
+ List authConfigs = config.getAuthenticators();
+ Assert.assertNotNull(authConfigs);
+ } catch (AuthenticatorFrameworkException e) {
+ Assert.fail("Error occurred while testing webapp authenticator config initialization", e);
+ } catch (Throwable e) {
+ Assert.fail("Unexpected error has been encountered while testing webapp authenticator config " +
+ "initialization", e);
+ }
+ }
+
+ @AfterClass
+ public void cleanup() {
+ System.setProperty(ServerConstants.CARBON_CONFIG_DIR_PATH, "");
+ }
+
+}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java
new file mode 100644
index 00000000000..1ad1975b086
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/test/WebappAuthenticatorFrameworkUtilTest.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.wso2.carbon.webapp.authenticator.framework.test;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.commons.pool.ObjectPool;
+import org.apache.commons.pool.impl.GenericObjectPool;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
+import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
+
+import java.util.Properties;
+
+public class WebappAuthenticatorFrameworkUtilTest {
+
+ private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkUtilTest.class);
+
+ private static final String TOKEN_VALIDATION_SERVICE_URL = "https://localhost:9443";
+ private static final String ADMIN_USERNAME = "admin";
+ private static final String ADMIN_PASSWORD = "admin";
+ private static final Properties PROPERTIES = new Properties();
+
+ static {
+ PROPERTIES.setProperty("MaxTotalConnections", "100");
+ PROPERTIES.setProperty("MaxConnectionsPerHost", "100");
+ }
+
+ @Test
+ public void testOAuthTokenValidatorStubPool() {
+ ObjectPool stubs = null;
+ OAuth2TokenValidationServiceStub stub = null;
+
+ try {
+ stubs = new GenericObjectPool(
+ new OAuthTokenValidationStubFactory(
+ TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES));
+
+ stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject();
+ Assert.assertNotNull(stub);
+ } catch (Exception e) {
+ String msg = "Error occurred while borrowing an oauth validator service stub instance from the pool";
+ log.error(msg, e);
+ Assert.fail(msg, e);
+ } finally {
+ if (stubs != null) {
+ try {
+ if (stub != null) {
+ stubs.returnObject(stub);
+ }
+ } catch (Exception e) {
+ log.warn("Error occurred while returning oauth validator service stub instance to the pool", e);
+ }
+
+ /* Checks if the stub instance used above has been properly returned to the pool */
+ Assert.assertEquals(stubs.getNumIdle(), 1);
+ /* Verifies that there's no hanging connections after the operation performed above */
+ Assert.assertEquals(stubs.getNumActive(), 0);
+
+ try {
+ stubs.close();
+ } catch (Exception e) {
+ log.warn("Error occurred while closing the object pool", e);
+ }
+ }
+ }
+ }
+
+ @Test(expectedExceptions = IllegalArgumentException.class)
+ public void testStubFactoryInitWithInvalidHttpClientProperties() {
+ new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES);
+ }
+
+ @Test(expectedExceptions = IllegalArgumentException.class)
+ public void testStubFactoryInitWithInvalidUsername() {
+ new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, null, ADMIN_PASSWORD, PROPERTIES);
+ }
+
+ @Test(expectedExceptions = IllegalArgumentException.class)
+ public void testStubFactoryInitWithInvalidPassword() {
+ new OAuthTokenValidationStubFactory(TOKEN_VALIDATION_SERVICE_URL, ADMIN_USERNAME, null, PROPERTIES);
+ }
+
+ @Test(expectedExceptions = IllegalArgumentException.class)
+ public void testStubFactoryInitWithInvalidUrl() {
+ new OAuthTokenValidationStubFactory(null, ADMIN_USERNAME, ADMIN_PASSWORD, PROPERTIES);
+ }
+
+}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml
new file mode 100644
index 00000000000..5099328df7f
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml
@@ -0,0 +1,28 @@
+
+
+
+ OAuth
+ org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator
+
+ https://localhost:9443
+ admin
+ admin
+ true
+ 10000
+ 10000
+
+
+
+ BasicAuth
+ org.wso2.carbon.webapp.authenticator.framework.authenticator.BasicAuthAuthenticator
+
+
+ JWT
+ org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator
+
+
+ CertificateAuth
+ org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator
+
+
+
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties
new file mode 100644
index 00000000000..a625c80cd50
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/log4j.properties
@@ -0,0 +1,32 @@
+#
+# Copyright 2009 WSO2, Inc. (http://wso2.com)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# This is the log4j configuration file used by WSO2 Carbon
+#
+# IMPORTANT : Please do not remove or change the names of any
+# of the Appenders defined here. The layout pattern & log file
+# can be changed using the WSO2 Carbon Management Console, and those
+# settings will override the settings in this file.
+#
+
+log4j.rootLogger=ERROR, STD_OUT
+
+# Redirect log messages to console
+log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
+log4j.appender.STD_OUT.Target=System.out
+log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
+log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml
new file mode 100644
index 00000000000..8b9832e2e6e
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/testng.xml
@@ -0,0 +1,37 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
index 067d8cd3cea..5507b059e14 100644
--- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
+++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
@@ -3,6 +3,14 @@
OAuth
org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator
+
+ true
+ https://localhost:9443
+ admin
+ admin
+ 100
+ 100
+
BasicAuth
diff --git a/pom.xml b/pom.xml
index 15c69fe23db..37865f8aa5e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1263,6 +1263,23 @@
neethi
${neethi.version}
+
+
+ commons-pool.wso2
+ commons-pool
+ ${commons.pool.wso2.version}
+
+
+ org.apache.httpcomponents.wso2
+ httpclient
+ ${httpcomponents.httpclient.version}
+
+
+ commons-httpclient.wso2
+ commons-httpclient
+ ${commons.httpclient.version}
+
+
@@ -1374,6 +1391,11 @@
build-helper-maven-plugin
1.8
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+ 2.18
+
@@ -1554,8 +1576,13 @@
2.0.4
2.0.4.wso2v4
-
- github-scm
+
+ github-scm
+
+ 1.5.6.wso2v1
+ 4.2.3.wso2v1
+ 3.1.0.wso2v2
+