Skip to content

Commit

Permalink
Add logic to check RAR is enabled
Browse files Browse the repository at this point in the history
  • Loading branch information
@VimukthiRajapaksha
VimukthiRajapaksha committed Jan 17, 2025
1 parent f523061 commit 2ec1fbf
Show file tree
Hide file tree
Showing 5 changed files with 88 additions and 83 deletions.
44 changes: 3 additions & 41 deletions ...ar/src/main/java/org/wso2/carbon/identity/oauth2/rar/dao/AuthorizationDetailsDAOImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,6 @@
import java.util.HashSet;
import java.util.Set;

import static org.wso2.carbon.identity.api.resource.mgt.util.AuthorizationDetailsTypesUtil.isRichAuthorizationRequestsDisabled;

/**
* Implements the {@link AuthorizationDetailsDAO} interface to manage rich authorization requests.
*
Expand All @@ -47,10 +45,6 @@ public class AuthorizationDetailsDAOImpl implements AuthorizationDetailsDAO {
public int[] addUserConsentedAuthorizationDetails(final Set<AuthorizationDetailsConsentDTO> consentDTOs)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return new int[0];
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
PreparedStatement ps =
connection.prepareStatement(SQLQueries.ADD_OAUTH2_USER_CONSENTED_AUTHORIZATION_DETAILS)) {
Expand All @@ -75,10 +69,6 @@ public int[] addUserConsentedAuthorizationDetails(final Set<AuthorizationDetails
public int[] updateUserConsentedAuthorizationDetails(final Set<AuthorizationDetailsConsentDTO> consentDTOs)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return new int[0];
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
PreparedStatement ps =
connection.prepareStatement(SQLQueries.UPDATE_OAUTH2_USER_CONSENTED_AUTHORIZATION_DETAILS)) {
Expand All @@ -104,11 +94,6 @@ public Set<AuthorizationDetailsConsentDTO> getUserConsentedAuthorizationDetails(
final int tenantId)
throws SQLException {

final Set<AuthorizationDetailsConsentDTO> authorizationDetailsConsentDTOs = new HashSet<>();
if (isRichAuthorizationRequestsDisabled()) {
return authorizationDetailsConsentDTOs;
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.GET_OAUTH2_USER_CONSENTED_AUTHORIZATION_DETAILS)) {
Expand All @@ -117,6 +102,7 @@ public Set<AuthorizationDetailsConsentDTO> getUserConsentedAuthorizationDetails(
ps.setInt(2, tenantId);
try (ResultSet rs = ps.executeQuery()) {

final Set<AuthorizationDetailsConsentDTO> authorizationDetailsConsentDTOs = new HashSet<>();
while (rs.next()) {
final String id = rs.getString(1);
final String typeId = rs.getString(2);
Expand All @@ -138,10 +124,6 @@ public Set<AuthorizationDetailsConsentDTO> getUserConsentedAuthorizationDetails(
public int deleteUserConsentedAuthorizationDetails(final String consentId, final int tenantId)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return -1;
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.DELETE_OAUTH2_USER_CONSENTED_AUTHORIZATION_DETAILS)) {
Expand All @@ -159,10 +141,6 @@ public int deleteUserConsentedAuthorizationDetails(final String consentId, final
public int[] addAccessTokenAuthorizationDetails(final Set<AuthorizationDetailsTokenDTO> tokenDTOs)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return new int[0];
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.ADD_OAUTH2_ACCESS_TOKEN_AUTHORIZATION_DETAILS)) {
Expand All @@ -187,11 +165,6 @@ public Set<AuthorizationDetailsTokenDTO> getAccessTokenAuthorizationDetails(fina
final int tenantId)
throws SQLException {

final Set<AuthorizationDetailsTokenDTO> authorizationDetailsTokenDTO = new HashSet<>();
if (isRichAuthorizationRequestsDisabled()) {
return authorizationDetailsTokenDTO;
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.GET_OAUTH2_ACCESS_TOKEN_AUTHORIZATION_DETAILS)) {
Expand All @@ -200,6 +173,7 @@ public Set<AuthorizationDetailsTokenDTO> getAccessTokenAuthorizationDetails(fina
ps.setInt(2, tenantId);
try (ResultSet rs = ps.executeQuery()) {

final Set<AuthorizationDetailsTokenDTO> authorizationDetailsTokenDTO = new HashSet<>();
while (rs.next()) {
final String id = rs.getString(1);
final String typeId = rs.getString(2);
Expand All @@ -220,10 +194,6 @@ public Set<AuthorizationDetailsTokenDTO> getAccessTokenAuthorizationDetails(fina
public int deleteAccessTokenAuthorizationDetails(final String accessTokenId, final int tenantId)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return -1;
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.DELETE_OAUTH2_ACCESS_TOKEN_AUTHORIZATION_DETAILS)) {
Expand All @@ -241,10 +211,6 @@ public int deleteAccessTokenAuthorizationDetails(final String accessTokenId, fin
public int[] addOAuth2CodeAuthorizationDetails(final Set<AuthorizationDetailsCodeDTO> authorizationDetailsCodeDTOs)
throws SQLException {

if (isRichAuthorizationRequestsDisabled()) {
return new int[0];
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.ADD_OAUTH2_CODE_AUTHORIZATION_DETAILS)) {
Expand All @@ -268,11 +234,6 @@ public int[] addOAuth2CodeAuthorizationDetails(final Set<AuthorizationDetailsCod
public Set<AuthorizationDetailsCodeDTO> getOAuth2CodeAuthorizationDetails(final String authorizationCode,
final int tenantId) throws SQLException {

final Set<AuthorizationDetailsCodeDTO> authorizationDetailsCodeDTOs = new HashSet<>();
if (isRichAuthorizationRequestsDisabled()) {
return authorizationDetailsCodeDTOs;
}

try (final Connection connection = IdentityDatabaseUtil.getDBConnection(false);
final PreparedStatement ps =
connection.prepareStatement(SQLQueries.GET_OAUTH2_CODE_AUTHORIZATION_DETAILS_BY_CODE)) {
Expand All @@ -281,6 +242,7 @@ public Set<AuthorizationDetailsCodeDTO> getOAuth2CodeAuthorizationDetails(final
ps.setInt(2, tenantId);
try (ResultSet rs = ps.executeQuery()) {

final Set<AuthorizationDetailsCodeDTO> authorizationDetailsCodeDTOs = new HashSet<>();
while (rs.next()) {
final String codeId = rs.getString(1);
final String typeId = rs.getString(2);
Expand Down
30 changes: 0 additions & 30 deletions ...rc/test/java/org/wso2/carbon/identity/oauth2/rar/dao/AuthorizationDetailsDAOImplTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,36 +265,6 @@ public void shouldReturnNull_whenUserIdOrAppIdInvalid() throws SQLException {
assertNull(this.uut.getConsentIdByUserIdAndAppId("invalid_user_id", "invalid_app_id", TEST_TENANT_ID));
}

@Test
public void testUserConsentedAuthorizationDetailsWhenFeatureIsDisabled() throws SQLException {

this.mockAuthorizationDetailsTypesUtil(false);

assertEquals(0, this.uut.addUserConsentedAuthorizationDetails(Collections.emptySet()).length);
assertEquals(0, this.uut.updateUserConsentedAuthorizationDetails(Collections.emptySet()).length);
assertEquals(0, this.uut.getUserConsentedAuthorizationDetails(TEST_CONSENT_ID, TEST_TENANT_ID).size());
assertEquals(-1, this.uut.deleteUserConsentedAuthorizationDetails(TEST_CONSENT_ID, TEST_TENANT_ID));
}

@Test
public void testAccessTokenAuthorizationDetailsWhenFeatureIsDisabled() throws SQLException {

this.mockAuthorizationDetailsTypesUtil(false);

assertEquals(0, uut.addAccessTokenAuthorizationDetails(Collections.emptySet()).length);
assertEquals(0, this.uut.getAccessTokenAuthorizationDetails(TEST_TOKEN_ID, TEST_TENANT_ID).size());
assertEquals(-1, this.uut.deleteAccessTokenAuthorizationDetails(TEST_TOKEN_ID, TEST_TENANT_ID));
}

@Test
public void testOAuth2CodeAuthorizationDetailsWhenFeatureIsDisabled() throws SQLException {

this.mockAuthorizationDetailsTypesUtil(false);

assertEquals(0, uut.addOAuth2CodeAuthorizationDetails(Collections.emptySet()).length);
assertEquals(0, this.uut.getOAuth2CodeAuthorizationDetails(TEST_AUTHORIZATION_CODE, TEST_TENANT_ID).size());
}

private void mockAuthorizationDetailsTypesUtil(boolean isRichAuthorizationRequestsEnabled) {

this.authorizationDetailsTypesUtilMock
Expand Down
2 changes: 1 addition & 1 deletion ...oauth/src/main/java/org/wso2/carbon/identity/oauth2/dao/OAuthTokenPersistenceFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ public OAuthUserConsentedScopesDAO getOAuthUserConsentedScopesDAO() {
* Retrieves the DAO for authorization details.
* <p>
* This method returns an {@link AuthorizationDetailsDAO} singleton instance that provides access to the
* {@link org.wso2.carbon.identity.oauth2.rar.common.model.AuthorizationDetails} data. This DAO is used to interact
* {@link org.wso2.carbon.identity.oauth2.rar.model.AuthorizationDetails} data. This DAO is used to interact
* with the underlying data store to fetch and manipulate authorization information.
*</p>
* @return the {@link AuthorizationDetailsDAO} instance that provides access to authorization details data.
Expand Down
44 changes: 35 additions & 9 deletions ....oauth/src/main/java/org/wso2/carbon/identity/oauth2/rar/AuthorizationDetailsService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.wso2.carbon.identity.api.resource.mgt.util.AuthorizationDetailsTypesUtil;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
Expand Down Expand Up @@ -68,6 +69,7 @@ public class AuthorizationDetailsService {
private static final Log log = LogFactory.getLog(AuthorizationDetailsService.class);
private final AuthorizationDetailsDAO authorizationDetailsDAO;
private final AuthorizationDetailsProcessorFactory authorizationDetailsProcessorFactory;
private final boolean isRichAuthorizationRequestsDisabled;

/**
* Default constructor that initializes the service with the default {@link AuthorizationDetailsDAO} and
Expand All @@ -81,7 +83,8 @@ public AuthorizationDetailsService() {

this(
AuthorizationDetailsProcessorFactory.getInstance(),
OAuthTokenPersistenceFactory.getInstance().getAuthorizationDetailsDAO()
OAuthTokenPersistenceFactory.getInstance().getAuthorizationDetailsDAO(),
AuthorizationDetailsTypesUtil.isRichAuthorizationRequestsEnabled()
);
}

Expand All @@ -93,12 +96,14 @@ public AuthorizationDetailsService() {
* handling authorization details persistence. Must not be {@code null}.
*/
public AuthorizationDetailsService(final AuthorizationDetailsProcessorFactory authorizationDetailsProcessorFactory,
final AuthorizationDetailsDAO authorizationDetailsDAO) {
final AuthorizationDetailsDAO authorizationDetailsDAO,
final boolean isRichAuthorizationRequestsEnabled) {

this.authorizationDetailsDAO =
Objects.requireNonNull(authorizationDetailsDAO, "AuthorizationDetailsDAO must not be null");
this.authorizationDetailsProcessorFactory = Objects.requireNonNull(authorizationDetailsProcessorFactory,
"AuthorizationDetailsProviderFactory must not be null");
this.isRichAuthorizationRequestsDisabled = !isRichAuthorizationRequestsEnabled;
}

/**
Expand All @@ -116,7 +121,7 @@ public void storeOrUpdateUserConsentedAuthorizationDetails(
final AuthorizationDetails userConsentedAuthorizationDetails)
throws OAuthSystemException {

if (!isRichAuthorizationRequest(oAuth2Parameters)) {
if (this.isRichAuthorizationRequestsDisabled || !isRichAuthorizationRequest(oAuth2Parameters)) {
log.debug("Request is not a rich authorization request. Skipping storage of authorization details.");
return;
}
Expand Down Expand Up @@ -185,7 +190,7 @@ public void deleteUserConsentedAuthorizationDetails(final AuthenticatedUser auth
final String clientId, final OAuth2Parameters oAuth2Parameters)
throws OAuthSystemException {

if (!isRichAuthorizationRequest(oAuth2Parameters)) {
if (this.isRichAuthorizationRequestsDisabled || !isRichAuthorizationRequest(oAuth2Parameters)) {
log.debug("Request is not a rich authorization request. Skipping deletion of authorization details.");
return;
}
Expand Down Expand Up @@ -239,7 +244,7 @@ public boolean isUserAlreadyConsentedForAuthorizationDetails(final Authenticated
final OAuth2Parameters oAuth2Parameters)
throws IdentityOAuth2Exception {

if (!isRichAuthorizationRequest(oAuth2Parameters)) {
if (this.isRichAuthorizationRequestsDisabled || !isRichAuthorizationRequest(oAuth2Parameters)) {
return true;
}

Expand All @@ -250,7 +255,7 @@ public AuthorizationDetails getConsentRequiredAuthorizationDetails(final Authent
final OAuth2Parameters oAuth2Parameters)
throws IdentityOAuth2Exception {

if (!isRichAuthorizationRequest(oAuth2Parameters)) {
if (this.isRichAuthorizationRequestsDisabled || !isRichAuthorizationRequest(oAuth2Parameters)) {
log.debug("Request is not a rich authorization request. Skipping the authorization details retrieval.");
return new AuthorizationDetails();
}
Expand Down Expand Up @@ -368,6 +373,11 @@ public AuthorizationDetails getUserConsentedAuthorizationDetails(
public AuthorizationDetails getUserConsentedAuthorizationDetails(final String consentId, final int tenantId)
throws IdentityOAuth2Exception {

if (this.isRichAuthorizationRequestsDisabled) {
log.debug("Rich authorization requests is disabled. Skip retrieving consented authorization details.");
return new AuthorizationDetails();
}

try {
final Set<AuthorizationDetail> consentedAuthorizationDetails = new HashSet<>();
this.authorizationDetailsDAO.getUserConsentedAuthorizationDetails(consentId, tenantId)
Expand Down Expand Up @@ -413,6 +423,10 @@ private Optional<String> getConsentId(final AuthenticatedUser authenticatedUser,
public Optional<String> getConsentIdByUserIdAndAppId(final String userId, final String appId, final int tenantId)
throws IdentityOAuth2Exception {

if (this.isRichAuthorizationRequestsDisabled) {
log.debug("Rich authorization requests is disabled. Skip retrieving consents.");
return Optional.empty();
}
try {
return Optional
.ofNullable(this.authorizationDetailsDAO.getConsentIdByUserIdAndAppId(userId, appId, tenantId));
Expand All @@ -434,6 +448,10 @@ public Optional<String> getConsentIdByUserIdAndAppId(final String userId, final
public AuthorizationDetails getAccessTokenAuthorizationDetails(final String accessTokenId, final int tenantId)
throws IdentityOAuth2Exception {

if (this.isRichAuthorizationRequestsDisabled) {
log.debug("Rich authorization requests is disabled. Skip retrieving token authorization details.");
return new AuthorizationDetails();
}
try {
final Set<AuthorizationDetailsTokenDTO> authorizationDetailsTokenDTOs =
this.authorizationDetailsDAO.getAccessTokenAuthorizationDetails(accessTokenId, tenantId);
Expand Down Expand Up @@ -482,10 +500,10 @@ public void storeAccessTokenAuthorizationDetails(final AccessTokenDO accessToken
final AuthorizationDetails authorizationDetails)
throws IdentityOAuth2Exception {

if (AuthorizationDetailsUtils.isEmpty(authorizationDetails)) {
if (this.isRichAuthorizationRequestsDisabled || AuthorizationDetailsUtils.isEmpty(authorizationDetails)) {
log.debug("Request is not a rich authorization request. Skipping storage of token authorization details.");
return;
}

try {
final AuthorizationDetails trimmedAuthorizationDetails = AuthorizationDetailsUtils
.getTrimmedAuthorizationDetails(authorizationDetails);
Expand Down Expand Up @@ -542,6 +560,10 @@ public void storeOrReplaceAccessTokenAuthorizationDetails(
public void deleteAccessTokenAuthorizationDetails(final String accessTokenId, final int tenantId)
throws IdentityOAuth2Exception {

if (this.isRichAuthorizationRequestsDisabled) {
log.debug("Rich authorization requests is disabled. Skip persisting token authorization details.");
return;
}
try {
int result = this.authorizationDetailsDAO.deleteAccessTokenAuthorizationDetails(accessTokenId, tenantId);
if (result > 0 && log.isDebugEnabled()) {
Expand Down Expand Up @@ -604,7 +626,7 @@ public void storeAuthorizationCodeAuthorizationDetails(
final AuthzCodeDO authzCodeDO, final OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext)
throws IdentityOAuth2Exception {

if (!isRichAuthorizationRequest(oAuthAuthzReqMessageContext)) {
if (this.isRichAuthorizationRequestsDisabled || !isRichAuthorizationRequest(oAuthAuthzReqMessageContext)) {
log.debug("Request is not a rich authorization request. Skipping storage of code authorization details.");
return;
}
Expand Down Expand Up @@ -641,6 +663,10 @@ public void storeAuthorizationCodeAuthorizationDetails(
public AuthorizationDetails getAuthorizationCodeAuthorizationDetails(final String code, final int tenantId)
throws IdentityOAuth2Exception {

if (this.isRichAuthorizationRequestsDisabled) {
log.debug("Rich authorization requests is disabled. Skip retrieving code authorization details.");
return new AuthorizationDetails();
}
try {
final Set<AuthorizationDetailsCodeDTO> authorizationDetailsCodeDTOs =
this.authorizationDetailsDAO.getOAuth2CodeAuthorizationDetails(code, tenantId);
Expand Down
Loading

0 comments on commit 2ec1fbf

Please sign in to comment.