diff --git a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java index c738d8aec12..0594491121a 100644 --- a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java +++ b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java @@ -60,15 +60,7 @@ public class OAuthEndpointProxy { int status = serverResponse.getStatusLine().getStatusCode(); String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8); response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build(); - } catch (URISyntaxException e) { - String msg = "Service invoke error occurred while registering client"; - log.error(msg, e); - response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (UnsupportedEncodingException e) { - String msg = "Service invoke error occurred while registering client"; - log.error(msg, e); - response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (IOException e) { + } catch (URISyntaxException | IOException e) { String msg = "Service invoke error occurred while registering client"; log.error(msg, e); response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index 84a78d27d49..204806ea0ca 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -110,9 +110,7 @@ org.apache.commons.httpclient.params, org.apache.commons.pool, org.apache.commons.pool.impl, - org.apache.http.client, org.apache.http.conn, - org.apache.http.impl.client, org.apache.http.impl.conn diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java index 06878d8ef8a..7b752ce77a0 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java @@ -63,8 +63,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator { } @Override - public String getProperty(String name) { - return null; + public void setProperties(Properties properties) { + } @Override @@ -73,8 +73,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator { } @Override - public void setProperties(Properties properties) { - + public String getProperty(String name) { + return null; } private Credentials getCredentials(Request request) { diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java index ec2880d5398..f747c6d30b9 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java @@ -101,8 +101,8 @@ public class CertificateAuthenticator implements WebappAuthenticator { } @Override - public String getProperty(String name) { - return null; + public void setProperties(Properties properties) { + } @Override @@ -111,8 +111,8 @@ public class CertificateAuthenticator implements WebappAuthenticator { } @Override - public void setProperties(Properties properties) { - + public String getProperty(String name) { + return null; } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java index d48e4d0a294..cb1d11d34fa 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java @@ -145,8 +145,8 @@ public class JWTAuthenticator implements WebappAuthenticator { } @Override - public String getProperty(String name) { - return null; + public void setProperties(Properties properties) { + } @Override @@ -155,8 +155,7 @@ public class JWTAuthenticator implements WebappAuthenticator { } @Override - public void setProperties(Properties properties) { - + public String getProperty(String name) { + return null; } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 1b29c9b3893..bbeab152a3f 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -18,7 +18,6 @@ */ package org.wso2.carbon.webapp.authenticator.framework.authenticator; -import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -27,7 +26,6 @@ import org.apache.tomcat.util.buf.MessageBytes; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; -import org.wso2.carbon.webapp.authenticator.framework.Constants; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; @@ -43,53 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator { private static final String OAUTH_AUTHENTICATOR = "OAuth"; private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s"; - private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN); + private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s"); private static final String BEARER_TOKEN_TYPE = "bearer"; private static final String RESOURCE_KEY = "resource"; - private Properties properties; private OAuth2TokenValidator tokenValidator; - private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); - @Override public void init() { - if (properties == null) { - throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator are " + - "not provided"); + if (this.properties == null) { + throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " + + "are not provided"); } - String url = properties.getProperty("TokenValidationEndpointUrl"); - if (url == null || url.isEmpty()) { + + String url = this.properties.getProperty("TokenValidationEndpointUrl"); + if ((url == null) || (url.isEmpty())) { throw new IllegalArgumentException("OAuth token validation endpoint url is not provided"); } - String adminUsername = properties.getProperty("Username"); + String adminUsername = this.properties.getProperty("Username"); if (adminUsername == null) { - throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint is " + - "not provided"); + throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " + + "is not provided"); } - String adminPassword = properties.getProperty("Password"); + + String adminPassword = this.properties.getProperty("Password"); if (adminPassword == null) { - throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint is " + - "not provided"); + throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " + + "is not provided"); } - boolean isRemote = Boolean.parseBoolean(properties.getProperty("IsRemote")); + + boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote")); Properties validatorProperties = new Properties(); - validatorProperties.setProperty("MaxTotalConnections", properties.getProperty("MaxTotalConnections")); - validatorProperties.setProperty("MaxConnectionsPerHost", properties.getProperty("MaxConnectionsPerHost")); + validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections")); + validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost")); this.tokenValidator = - OAuthValidatorFactory.getNewValidator(url, adminUsername, adminPassword, isRemote, validatorProperties); + OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties); } - @Override - public boolean canHandle(Request request) { - MessageBytes authorization = - request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); - String tokenValue; + public boolean canHandle(org.apache.catalina.connector.Request request) { + MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization"); + if (authorization != null) { authorization.toBytes(); ByteChunk authBC = authorization.getByteChunk(); - tokenValue = authBC.toString(); + String tokenValue = authBC.toString(); Matcher matcher = PATTERN.matcher(tokenValue); if (matcher.find()) { return true; @@ -98,49 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator { return false; } - @Override - public AuthenticationInfo authenticate(Request request, Response response) { + public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) { String requestUri = request.getRequestURI(); String requestMethod = request.getMethod(); AuthenticationInfo authenticationInfo = new AuthenticationInfo(); - if (requestUri == null || "".equals(requestUri)) { - authenticationInfo.setStatus(Status.CONTINUE); + if ((requestUri == null) || ("".equals(requestUri))) { + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); return authenticationInfo; } StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); String context = tokenizer.nextToken(); - if (context == null || "".equals(context)) { - authenticationInfo.setStatus(Status.CONTINUE); + if ((context == null) || ("".equals(context))) { + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } String apiVersion = tokenizer.nextToken(); - //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod); + String authLevel = "any"; try { - if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) { - AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion, - context); - authenticationInfo.setStatus(Status.CONTINUE); + if ("noMatchedAuthScheme".equals(authLevel)) { + AuthenticationFrameworkUtil.handleNoMatchAuthScheme( + request, response, requestMethod, apiVersion, context); + + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } else { - String bearerToken = this.getBearerToken(request); - //Set the resource context param. This will be used in scope validation. + String bearerToken = getBearerToken(request); + String resource = requestUri + ":" + requestMethod; - OAuthValidationResponse oAuthValidationResponse = tokenValidator.validateToken(bearerToken, resource); + OAuthValidationResponse oAuthValidationResponse = + this.tokenValidator.validateToken(bearerToken, resource); if (oAuthValidationResponse.isValid()) { String username = oAuthValidationResponse.getUserName(); String tenantDomain = oAuthValidationResponse.getTenantDomain(); - //Remove the userstore domain from username - /*if (username.contains("/")) { - username = username.substring(username.indexOf('/') + 1); - }*/ + authenticationInfo.setUsername(username); authenticationInfo.setTenantDomain(tenantDomain); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain)); - if (oAuthValidationResponse.isValid()) { - authenticationInfo.setStatus(Status.CONTINUE); - } + if (oAuthValidationResponse.isValid()) + authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE); } else { authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg()); } @@ -153,33 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator { return authenticationInfo; } - @Override public String getName() { - return OAuthAuthenticator.OAUTH_AUTHENTICATOR; + return "OAuth"; } - @Override public String getProperty(String name) { - if (properties == null) { + if (this.properties == null) { return null; } - return properties.getProperty(name); + return this.properties.getProperty(name); } - @Override public Properties getProperties() { - return properties; + return this.properties; } - @Override public void setProperties(Properties properties) { this.properties = properties; } - private String getBearerToken(Request request) { - MessageBytes authorization = - request.getCoyoteRequest().getMimeHeaders(). - getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); + private String getBearerToken(org.apache.catalina.connector.Request request) { + MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization"); + String tokenValue = null; if (authorization != null) { authorization.toBytes(); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java index 5090920624d..1f76ac4d2f4 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java @@ -38,10 +38,10 @@ public interface WebappAuthenticator { String getName(); - String getProperty(String name); + void setProperties(Properties properties); Properties getProperties(); - void setProperties(Properties properties); + String getProperty(String name); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java index 760058dbe3b..50ef34081c7 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java @@ -31,5 +31,4 @@ public interface OAuth2TokenValidator { * @return OAuthValidationResponse with the validated results. */ OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException; - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java index 7bc293bbb35..a5bbf2cbdb9 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java @@ -29,61 +29,18 @@ import java.util.Properties; */ public class OAuthValidatorFactory { - private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote"; - private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL"; - private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername"; - private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword"; - private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator"; - private static final String OAUTH_ENDPOINT_POSTFIX = - "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; - - /** - * This factory method checks the authenticators.xml configuration file and provides an appropriate implementation - * of OAuth2TokenValidator. - * - * @return OAuth2TokenValidator - */ - public static OAuth2TokenValidator getValidator() throws IllegalArgumentException { - AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance(); - AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration. - getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME); - boolean isRemote; - String hostUrl; - String adminUserName; - String adminPassword; - if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) { - isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get( - AUTHENTICATOR_CONFIG_IS_REMOTE)); - hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL); - adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME); - adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD); - } else { - throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " + - "Authenticators.xml."); - } + public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword, + boolean isRemote, Properties properties) + throws IllegalArgumentException + { if (isRemote) { - if (!(hostUrl == null || hostUrl.trim().isEmpty())) { - hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX; - return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword, null); - } else { - throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml."); - } - } - return new LocalOAuthValidator(); - } - - public static OAuth2TokenValidator getNewValidator( - String url, String adminUsername, String adminPassword, boolean isRemote, - Properties properties) throws IllegalArgumentException { - if (isRemote) { - if (!(url == null || url.trim().isEmpty())) { - url = url + OAUTH_ENDPOINT_POSTFIX; + if ((url != null) && (!url.trim().isEmpty())) { + url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties); - } else { - throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator " + - "configuration."); } + throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration."); } + return new LocalOAuthValidator(); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java index 3811d64807b..51758993974 100755 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java @@ -17,15 +17,8 @@ */ package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl; -import org.apache.axis2.AxisFault; -import org.apache.axis2.client.Options; -import org.apache.axis2.client.ServiceClient; -import org.apache.axis2.transport.http.HTTPConstants; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.httpclient.Header; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.commons.pool.ObjectPool; import org.apache.commons.pool.impl.GenericObjectPool; import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub; import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO; @@ -35,13 +28,10 @@ import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; -import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse; import java.rmi.RemoteException; -import java.util.ArrayList; -import java.util.List; import java.util.Properties; /** @@ -50,39 +40,30 @@ import java.util.Properties; public class RemoteOAuthValidator implements OAuth2TokenValidator { private GenericObjectPool stubs; - private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class); public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) { - this.stubs = new GenericObjectPool( - new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties)); + this.stubs = new GenericObjectPool(new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties)); } - @Override - public OAuthValidationResponse validateToken(String accessToken, - String resource) throws OAuthTokenValidationException { + public OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException { OAuth2TokenValidationServiceStub stub = null; OAuth2TokenValidationResponseDTO validationResponse; try { - OAuth2TokenValidationRequestDTO validationRequest = this.createValidationRequest(accessToken, resource); - stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject(); - validationResponse = stub. - findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); + OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource); + stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject(); + validationResponse = stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); } catch (RemoteException e) { - throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " + - "IS server for OAuth2 token validation.", e); + throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for OAuth2 token validation.", e); } catch (Exception e) { - /* In this particular instance, generic exceptions are caught as enforced by the pooling library - used to pool stubs created to invoke OAuth token validation service */ - throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " + - "service stub from the pool", e); + throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation service stub from the pool", e); } finally { try { - stubs.returnObject(stub); + this.stubs.returnObject(stub); } catch (Exception e) { - log.warn("Error occurred while returning the object back to the oauth token validation service " + - " stub pool", e); + log.warn("Error occurred while returning the object back to the oauth token validation service stub pool", e); } + } if (validationResponse == null) { @@ -92,41 +73,38 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator { return null; } - String userName; - String tenantDomain; boolean isValid = validationResponse.getValid(); + String tenantDomain; + String username; if (isValid) { - userName = MultitenantUtils.getTenantAwareUsername( - validationResponse.getAuthorizedUser()); + username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser()); tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser()); } else { OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg()); return oAuthValidationResponse; } - return new OAuthValidationResponse(userName, tenantDomain, isValid); + return new OAuthValidationResponse(username, tenantDomain, isValid); } private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) { OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO(); - OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = - new OAuth2TokenValidationRequestDTO_OAuth2AccessToken(); - oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE); + OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = new OAuth2TokenValidationRequestDTO_OAuth2AccessToken(); + + oauthToken.setTokenType("bearer"); oauthToken.setIdentifier(accessToken); validationRequest.setAccessToken(oauthToken); - //Set the resource context param. This will be used in scope validation. - OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new - OAuth2TokenValidationRequestDTO_TokenValidationContextParam(); - resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY); + OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam(); + + resourceContextParam.setKey("resource"); resourceContextParam.setValue(resource); - OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = - new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1]; + OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1]; + tokenValidationContextParams[0] = resourceContextParam; validationRequest.setContext(tokenValidationContextParams); return validationRequest; } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java index 6a36ba24985..0fed4f50e2b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java @@ -46,24 +46,23 @@ public class AuthenticatorConfig { this.className = className; } - @XmlElementWrapper(name = "Parameters", nillable = true) - @XmlElement(name = "Parameter", nillable = false) + @XmlElementWrapper(name="Parameters", nillable=true) + @XmlElement(name="Parameter", nillable=false) public List getParams() { - return params; + return this.params; } public void setParams(List params) { this.params = params; } - - @XmlRootElement(name = "Parameter") + @XmlRootElement(name="Parameter") public static class Parameter { private String name; private String value; - @XmlAttribute(name = "Name") + @XmlAttribute(name="Name") public String getName() { - return name; + return this.name; } public void setName(String name) { @@ -72,13 +71,12 @@ public class AuthenticatorConfig { @XmlValue public String getValue() { - return value; + return this.value; } public void setValue(String value) { this.value = value; } - } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index c2684f9c974..926a6eed51e 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -78,9 +78,9 @@ public class WebappAuthenticatorFrameworkServiceComponent { WebappAuthenticatorConfig.init(); WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository(); for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) { - WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()). - newInstance(); - if (config.getParams() != null && !config.getParams().isEmpty()) { + WebappAuthenticator authenticator = (WebappAuthenticator)Class.forName(config.getClassName()).newInstance(); + + if ((config.getParams() != null) && (!config.getParams().isEmpty())) { Properties properties = new Properties(); for (AuthenticatorConfig.Parameter param : config.getParams()) { properties.setProperty(param.getName(), param.getValue()); @@ -100,7 +100,7 @@ public class WebappAuthenticatorFrameworkServiceComponent { log.debug("Web Application Authenticator Framework Bundle has been started successfully"); } } catch (Throwable e) { - log.error("Error occurred while initializing the bundle", e); + log.error("Error occurred while initializing the bundle", e); } } diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml index 5099328df7f..067d8cd3cea 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml @@ -3,14 +3,6 @@ OAuth org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator - - https://localhost:9443 - admin - admin - true - 10000 - 10000 - BasicAuth diff --git a/pom.xml b/pom.xml index 5e9edd5c3b6..37865f8aa5e 100644 --- a/pom.xml +++ b/pom.xml @@ -1263,6 +1263,7 @@ neethi ${neethi.version} + commons-pool.wso2 commons-pool @@ -1278,6 +1279,7 @@ commons-httpclient ${commons.httpclient.version} + @@ -1580,6 +1582,7 @@ 1.5.6.wso2v1 4.2.3.wso2v1 3.1.0.wso2v2 +