diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java index b1fc4d1c218..7f9760ced7f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -29,6 +29,10 @@ import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.ServiceProvider; import org.wso2.carbon.identity.application.common.model.User; +import org.wso2.carbon.identity.application.mgt.ApplicationMgtUtil; +import org.wso2.carbon.identity.core.ServiceURL; +import org.wso2.carbon.identity.core.ServiceURLBuilder; +import org.wso2.carbon.identity.core.URLBuilderException; import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; @@ -66,6 +70,8 @@ import java.util.Optional; import java.util.Set; +import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Application.CONSOLE_APP_PATH; +import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Application.MY_ACCOUNT_APP_PATH; import static org.wso2.carbon.identity.oauth.OAuthUtil.handleError; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.BACK_CHANNEL_LOGOUT_URL; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.BYPASS_CLIENT_CREDENTIALS; @@ -118,6 +124,7 @@ public class OAuthAppDAO { private static final String APP_ACCESS_TOKEN_EXPIRE_TIME = "APP_ACCESS_TOKEN_EXPIRE_TIME"; private static final String REFRESH_TOKEN_EXPIRE_TIME = "REFRESH_TOKEN_EXPIRE_TIME"; private static final String ID_TOKEN_EXPIRE_TIME = "ID_TOKEN_EXPIRE_TIME"; + private static final String ORIGIN_PLACEHOLDER = ":"; private TokenPersistenceProcessor persistenceProcessor; private boolean isHashDisabled = OAuth2Util.isHashDisabled(); @@ -160,7 +167,8 @@ public void addOAuthApplication(OAuthAppDO consumerAppDO) throws IdentityOAuthAd prepStmt.setString(5, userStoreDomain); prepStmt.setString(6, consumerAppDO.getApplicationName()); prepStmt.setString(7, consumerAppDO.getOauthVersion()); - prepStmt.setString(8, consumerAppDO.getCallbackUrl()); + prepStmt.setString(8, + ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(consumerAppDO.getCallbackUrl())); prepStmt.setString(9, consumerAppDO.getGrantTypes()); prepStmt.setString(10, consumerAppDO.isPkceMandatory() ? "1" : "0"); prepStmt.setString(11, consumerAppDO.isPkceSupportPlain() ? "1" : "0"); @@ -206,6 +214,9 @@ public void addOAuthApplication(OAuthAppDO consumerAppDO) throws IdentityOAuthAd "TokenPersistenceProcessor", null); } catch (InvalidOAuthClientException e) { throw handleError("Error occurred while processing client id", e); + } catch (URLBuilderException e) { + throw handleError( + "Error occurred when replacing origin of the access URL with placeholders", e); } } else { String msg = "An application with the same name already exists."; @@ -309,7 +320,8 @@ public OAuthAppDO[] getOAuthConsumerAppsOfUser(String username, int tenantId) th } oauthApp.setApplicationName(rSet.getString(3)); oauthApp.setOauthVersion(rSet.getString(4)); - oauthApp.setCallbackUrl(rSet.getString(5)); + oauthApp.setCallbackUrl( + ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(5))); oauthApp.setGrantTypes(rSet.getString(6)); oauthApp.setId(rSet.getInt(7)); AuthenticatedUser authenticatedUser = new AuthenticatedUser(); @@ -340,6 +352,9 @@ public OAuthAppDO[] getOAuthConsumerAppsOfUser(String username, int tenantId) th } catch (IdentityOAuth2Exception e) { throw handleError("Error occurred while processing client id and client secret by " + "TokenPersistenceProcessor", e); + } catch (URLBuilderException e) { + throw handleError( + "Error occurred when replacing origin of the access URL with placeholders", e); } return oauthAppsOfUser; } @@ -408,7 +423,8 @@ public OAuthAppDO getAppInformation(String consumerKey, int tenantId) throws authenticatedUser.setUserName(rSet.getString(2)); oauthApp.setApplicationName(rSet.getString(3)); oauthApp.setOauthVersion(rSet.getString(4)); - oauthApp.setCallbackUrl(rSet.getString(5)); + oauthApp.setCallbackUrl( + ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(5))); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(6))); authenticatedUser.setUserStoreDomain(rSet.getString(7)); oauthApp.setUser(authenticatedUser); @@ -436,6 +452,9 @@ public OAuthAppDO getAppInformation(String consumerKey, int tenantId) throws } } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); + } catch (URLBuilderException e) { + throw new IdentityOAuth2Exception( + "Error occurred when replacing origin of the access URL with placeholders", e); } return oauthApp; } @@ -487,7 +506,8 @@ public OAuthAppDO getAppInformation(String consumerKey, AccessTokenDO accessToke authenticatedUser.setUserName(rSet.getString(USERNAME)); oauthApp.setApplicationName(rSet.getString(APP_NAME)); oauthApp.setOauthVersion(rSet.getString(OAUTH_VERSION)); - oauthApp.setCallbackUrl(rSet.getString(CALLBACK_URL)); + oauthApp.setCallbackUrl( + ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(CALLBACK_URL))); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID))); authenticatedUser.setUserStoreDomain(rSet.getString(USER_DOMAIN)); oauthApp.setAppOwner(authenticatedUser); @@ -515,6 +535,9 @@ public OAuthAppDO getAppInformation(String consumerKey, AccessTokenDO accessToke } } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); + } catch (URLBuilderException e) { + throw new IdentityOAuth2Exception( + "Error occurred when replacing origin of the access URL with placeholders", e); } return oauthApp; } @@ -553,7 +576,8 @@ public OAuthAppDO[] getAppsForConsumerKey(String consumerKey) authenticatedUser.setUserName(rSet.getString(USERNAME)); oauthApp.setApplicationName(rSet.getString(APP_NAME)); oauthApp.setOauthVersion(rSet.getString(OAUTH_VERSION)); - oauthApp.setCallbackUrl(rSet.getString(CALLBACK_URL)); + oauthApp.setCallbackUrl( + ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(CALLBACK_URL))); authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID))); authenticatedUser.setUserStoreDomain(rSet.getString(USER_DOMAIN)); oauthApp.setAppOwner(authenticatedUser); @@ -570,7 +594,6 @@ public OAuthAppDO[] getAppsForConsumerKey(String consumerKey) String spTenantDomain = authenticatedUser.getTenantDomain(); handleSpOIDCProperties(connection, preprocessedClientId, spTenantDomain, oauthApp); oauthApp.setScopeValidators(getScopeValidators(connection, oauthApp.getId())); - oauthAppList.add(oauthApp); } } @@ -582,6 +605,9 @@ public OAuthAppDO[] getAppsForConsumerKey(String consumerKey) } } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); + } catch (URLBuilderException e) { + throw new IdentityOAuth2Exception( + "Error occurred when replacing origin of the access URL with placeholders", e); } return oauthAppList.toArray(new OAuthAppDO[oauthAppList.size()]); @@ -629,7 +655,8 @@ public OAuthAppDO getAppInformationByAppName(String appName) throws (4)); oauthApp.setOauthConsumerKey(preprocessedClientId); oauthApp.setOauthVersion(rSet.getString(5)); - oauthApp.setCallbackUrl(rSet.getString(6)); + oauthApp.setCallbackUrl( + ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(6))); oauthApp.setGrantTypes(rSet.getString(7)); oauthApp.setId(rSet.getInt(8)); oauthApp.setPkceMandatory(!"0".equals(rSet.getString(9))); @@ -652,17 +679,22 @@ public OAuthAppDO getAppInformationByAppName(String appName) throws } } catch (SQLException e) { throw new IdentityOAuth2Exception("Error while retrieving the app information", e); + } catch (URLBuilderException e) { + throw new IdentityOAuth2Exception( + "Error occurred when replacing origin of the access URL with placeholders", e); } return oauthApp; } public void updateConsumerApplication(OAuthAppDO oauthAppDO) throws IdentityOAuthAdminException { + boolean isUserValidForOwnerUpdate = validateUserForOwnerUpdate(oauthAppDO); try (Connection connection = IdentityDatabaseUtil.getDBConnection()) { String sqlQuery = getSqlQuery(isUserValidForOwnerUpdate); try (PreparedStatement prepStmt = connection.prepareStatement(sqlQuery)) { prepStmt.setString(1, oauthAppDO.getApplicationName()); - prepStmt.setString(2, oauthAppDO.getCallbackUrl()); + prepStmt.setString(2, + ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(oauthAppDO.getCallbackUrl())); prepStmt.setString(3, oauthAppDO.getGrantTypes()); if (isUserValidForOwnerUpdate) { @@ -687,6 +719,9 @@ public void updateConsumerApplication(OAuthAppDO oauthAppDO) throws IdentityOAut } catch (IdentityOAuth2Exception e) { throw handleError("Error occurred while processing client id and client secret by " + "TokenPersistenceProcessor", e); + } catch (URLBuilderException e) { + throw handleError( + "Error occurred when replacing origin of the access URL with placeholders", e); } } diff --git a/pom.xml b/pom.xml index f2f99eff4fb..f0c9553afb0 100644 --- a/pom.xml +++ b/pom.xml @@ -878,7 +878,7 @@ [1.0.1, 2.0.0) - 5.25.459 + 5.25.478 [5.25.234, 7.0.0)