From c5be1f943b3d5c5d5e1f9097ee982bf447e0cfa4 Mon Sep 17 00:00:00 2001 From: Hasini Samarathunga Date: Mon, 27 May 2024 23:25:09 +0530 Subject: [PATCH 01/90] Updated correct error code for IdentityOAuth2ClientException in getUserIdOfAssociatedUser --- .../org/wso2/carbon/identity/oauth2/util/AuthzUtil.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java index 5811e251c0..aa0d83fe30 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java @@ -30,6 +30,7 @@ import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.ClaimMapping; import org.wso2.carbon.identity.application.common.model.Scope; +import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; @@ -208,10 +209,10 @@ public static String getUserIdOfAssociatedUser(AuthenticatedUser authenticatedUs try { Optional optionalOrganizationUserId = OrganizationSharedUserUtil .getUserIdOfAssociatedUserByOrgId(associatedUserId, authenticatedUser.getAccessingOrganization()); - return optionalOrganizationUserId.orElseThrow(() -> - new IdentityOAuth2ClientException("User is not allowed to access the organization")); + return optionalOrganizationUserId.orElseThrow(() -> new IdentityOAuth2ClientException( + OAuth2ErrorCodes.ACCESS_DENIED, "User is not allowed to access the organization")); } catch (OrganizationManagementException e) { - throw new IdentityOAuth2Exception("Error while resolving shared user ID" , e); + throw new IdentityOAuth2Exception("Error while resolving shared user ID", e); } } From 11df9f3efe39af2a31a55a399d0bdb2568488c5f Mon Sep 17 00:00:00 2001 From: Thumimku Date: Thu, 13 Jun 2024 11:25:38 +0530 Subject: [PATCH 02/90] improve error message for invalid user id --- .../impersonation/validators/SubjectScopeValidator.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java index ceeb81a115..c3e45cbef7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java @@ -24,6 +24,7 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationContext; @@ -100,7 +101,13 @@ private AuthenticatedUser getAuthenticatedSubjectUser(String subjectUserId, Stri throw new IdentityOAuth2Exception(OAuth2ErrorCodes.INVALID_REQUEST, "Use mapped local subject is mandatory but a local user couldn't be found"); } - authenticatedUser = OAuth2Util.getUserFromUserName(username); + try { + authenticatedUser = OAuth2Util.getUserFromUserName(username); + } catch (IllegalArgumentException e) { + throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.INVALID_REQUEST, + "Invalid User Id provided for Impersonation request. Unable to find the user for given user id : " + + subjectUserId + " tenant Domain : " + tenantDomain); + } authenticatedUser.setUserId(subjectUserId); authenticatedUser.setAuthenticatedSubjectIdentifier(subjectUserId); return authenticatedUser; From 2737088ec177ed0709a4264aed7774a2c87c5d21 Mon Sep 17 00:00:00 2001 From: Hasini Samarathunga Date: Mon, 24 Jun 2024 14:46:50 +0530 Subject: [PATCH 03/90] Handled IdentityOAuth2ClientException for switching tokens with suborg --- .../DefaultOAuth2ScopeValidator.java | 7 +++ ...ScopeValidationHandlerClientException.java | 46 +++++++++++++++++++ .../impl/RoleBasedScopeValidationHandler.java | 11 +++-- 3 files changed, 61 insertions(+), 3 deletions(-) create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java index 4e1a014b80..d1f683933c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java @@ -33,9 +33,11 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; +import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.dao.SharedAppResolveDAO; @@ -44,6 +46,7 @@ import org.wso2.carbon.identity.oauth2.util.AuthzUtil; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationContext; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandler; +import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandlerClientException; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandlerException; import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; @@ -206,6 +209,10 @@ private List getAuthorizedScopes(List requestedScopes, Authentic validatedScopes = scopeValidationHandler.validateScopes(requestedScopes, authorizedScopes.getScopes(), scopeValidationContext); } catch (ScopeValidationHandlerException e) { + if (e instanceof ScopeValidationHandlerClientException) { + throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.ACCESS_DENIED, + "User is not allowed to access the organization", e); + } throw new IdentityOAuth2Exception("Error while validating policies roles from " + "authorization service.", e); } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java new file mode 100644 index 0000000000..1cc26afa84 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth2.validators.validationhandler; + +/** + * ScopeValidatorPolicyHandlerClientException + */ +public class ScopeValidationHandlerClientException extends ScopeValidationHandlerException{ + + /** + * Constructs a new exception with an error message. + * + * @param message The detail message. + */ + public ScopeValidationHandlerClientException(String message) { + + super(message); + } + + /** + * Constructs a new exception with the message and cause. + * + * @param message The detail message. + * @param cause The cause. + */ + public ScopeValidationHandlerClientException(String message, Throwable cause) { + + super(message, cause); + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java index 37d771c6c9..9db2a6cb62 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2024, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -28,12 +28,14 @@ import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.Oauth2ScopeConstants; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.util.AuthzUtil; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationContext; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandler; +import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandlerClientException; import org.wso2.carbon.identity.oauth2.validators.validationhandler.ScopeValidationHandlerException; import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; import org.wso2.carbon.identity.role.v2.mgt.core.RoleConstants; @@ -99,9 +101,12 @@ public List validateScopes(List requestedScopes, List ap List filteredScopes = appAuthorizedScopes.stream().filter(associatedScopes::contains) .collect(Collectors.toList()); return requestedScopes.stream().filter(filteredScopes::contains).collect(Collectors.toList()); + } catch (IdentityOAuth2ClientException e){ + throw new ScopeValidationHandlerClientException("Error while validating scope with RBAC Scope " + + "Validation handler", e); } catch (IdentityOAuth2Exception | IdentityRoleManagementException e) { - throw new ScopeValidationHandlerException("Error while validation scope with RBAC Scope Validation " + - "handler", e); + throw new ScopeValidationHandlerException("Error while validating scope with RBAC Scope Validation " + + "handler", e); } } From a179f9620ff50bad59ed0aba7d76e53f37187260 Mon Sep 17 00:00:00 2001 From: Hasini Samarathunga Date: Mon, 24 Jun 2024 17:11:13 +0530 Subject: [PATCH 04/90] Added unit tests for IdentityOAuth2ClientException for unauthorized user --- .../identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java | 2 ++ .../java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java | 2 +- .../ScopeValidationHandlerClientException.java | 2 +- .../validationhandler/impl/RoleBasedScopeValidationHandler.java | 2 +- .../java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java | 1 + 5 files changed, 6 insertions(+), 3 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java index c3478d22d6..eb0fbb681b 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java +++ b/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java @@ -366,6 +366,8 @@ public Object[][] testTokenErrorResponseDataProvider() { OAuth2ErrorCodes.INVALID_CLIENT}, {OAuth2ErrorCodes.SERVER_ERROR, null, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, OAuth2ErrorCodes.SERVER_ERROR}, + {OAuth2ErrorCodes.ACCESS_DENIED, null, HttpServletResponse.SC_BAD_REQUEST, + OAuth2ErrorCodes.ACCESS_DENIED}, {SQL_ERROR, null, HttpServletResponse.SC_BAD_GATEWAY, OAuth2ErrorCodes.SERVER_ERROR}, {TOKEN_ERROR, null, HttpServletResponse.SC_BAD_REQUEST, TOKEN_ERROR}, {TOKEN_ERROR, headers1, HttpServletResponse.SC_BAD_REQUEST, TOKEN_ERROR}, diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java index aa0d83fe30..7531a93bb5 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2024, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java index 1cc26afa84..518ac004f7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/ScopeValidationHandlerClientException.java @@ -21,7 +21,7 @@ /** * ScopeValidatorPolicyHandlerClientException */ -public class ScopeValidationHandlerClientException extends ScopeValidationHandlerException{ +public class ScopeValidationHandlerClientException extends ScopeValidationHandlerException { /** * Constructs a new exception with an error message. diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java index 9db2a6cb62..bfd4d42feb 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java @@ -101,7 +101,7 @@ public List validateScopes(List requestedScopes, List ap List filteredScopes = appAuthorizedScopes.stream().filter(associatedScopes::contains) .collect(Collectors.toList()); return requestedScopes.stream().filter(filteredScopes::contains).collect(Collectors.toList()); - } catch (IdentityOAuth2ClientException e){ + } catch (IdentityOAuth2ClientException e) { throw new ScopeValidationHandlerClientException("Error while validating scope with RBAC Scope " + "Validation handler", e); } catch (IdentityOAuth2Exception | IdentityRoleManagementException e) { diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java index a8656db259..3a7b0e9eec 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java @@ -498,6 +498,7 @@ public Object[][] createExceptions() { return new Object[][]{ {new IdentityOAuth2Exception(""), "server_error"}, {new InvalidOAuthClientException(""), "invalid_client"}, + {new IdentityOAuth2ClientException("access_denied", ""), "access_denied"} }; } From bb39aae12cdabb0cedd36346d189a0d8b528f4fa Mon Sep 17 00:00:00 2001 From: bhagyasakalanka Date: Wed, 26 Jun 2024 11:26:43 +0530 Subject: [PATCH 05/90] Fix jdbc scope validator invalid scope issue --- .../identity/oauth2/validators/JDBCScopeValidator.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java index f099945bf6..53fe794577 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java @@ -93,6 +93,11 @@ public class JDBCScopeValidator extends OAuth2ScopeValidator { private static final String SCOPE_VALIDATOR_NAME = "Role based scope validator"; private static final String OPENID = "openid"; private static final String PRESERVE_CASE_SENSITIVITY = "preservedCaseSensitive"; + private static final String SCOPE_VALIDATOR_PRESERVE_CASE_SENSITIVITY_CONFIG = + "OAuth.ScopeValidationPreserveCaseSensitivity"; + + private static final boolean SCOPE_VALIDATOR_PRESERVE_CASE_SENSITIVITY = + Boolean.parseBoolean(IdentityUtil.getProperty(SCOPE_VALIDATOR_PRESERVE_CASE_SENSITIVITY_CONFIG)); private static final Log log = LogFactory.getLog(JDBCScopeValidator.class); @@ -411,7 +416,7 @@ private boolean isUserAuthorizedForScope(String scopeName, String[] userRoles, i //Check if the user still has a valid role for this scope. Set scopeRoles = new HashSet<>(rolesOfScope); - if (preservedCaseSensitive) { + if (preservedCaseSensitive || SCOPE_VALIDATOR_PRESERVE_CASE_SENSITIVITY) { rolesOfScope.retainAll(Arrays.asList(userRoles)); } else { Set rolesOfScopeLowerCase = new HashSet<>(); From b651c12a0dff652a59ef6af6c8cb2c0be1cc501b Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Tue, 18 Jun 2024 17:32:40 +0530 Subject: [PATCH 06/90] Add Util method to read pvt key jwt tenant config. --- .../identity/oauth/common/OAuthConstants.java | 10 ++- .../wso2/carbon/identity/oauth/OAuthUtil.java | 81 +++++++++++++++++++ .../internal/OAuthComponentServiceHolder.java | 22 +++++ .../oauth/internal/OAuthServiceComponent.java | 35 ++++++++ 4 files changed, 147 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 3688762c6c..0203e83b09 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -621,6 +621,7 @@ public static class OIDCConfigProperties { public static final String TOKEN_BINDING_VALIDATION = "tokenBindingValidation"; public static final String TOKEN_BINDING_TYPE_NONE = "None"; public static final String TOKEN_AUTH_METHOD = "tokenEndpointAuthMethod"; + public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT = "tokenEndpointAllowReusePvtKeyJwt"; public static final String TOKEN_AUTH_SIGNATURE_ALGORITHM = "tokenEndpointAuthSigningAlg"; public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri"; public static final String ID_TOKEN_SIGNATURE_ALGORITHM = "idTokenSignedResponseAlg"; @@ -635,7 +636,14 @@ public static class OIDCConfigProperties { public static final String IS_SUBJECT_TOKEN_ENABLED = "isSubjectTokenEnabled"; public static final String SUBJECT_TOKEN_EXPIRY_TIME = "subjectTokenExpiryTime"; public static final int SUBJECT_TOKEN_EXPIRY_TIME_VALUE = 180; - + public static final String PREVENT_TOKEN_REUSE = "PreventTokenReuse"; + public static final boolean DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE = true; + // Name of the {@code JWTClientAuthenticatorConfig} resource type in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_TYPE_NAME = "PK_JWT_CONFIGURATION"; + // Name of the {@code JWTClientAuthenticatorConfig} resource (per tenant) in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_NAME = "TENANT_PK_JWT_CONFIGURATION"; + public static final String PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME = "PrivateKeyJWTClientAuthenticator"; + public static final String ENABLE_TOKEN_REUSE = "EnableTokenReuse"; private OIDCConfigProperties() { } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java index 08e38ee969..87b3592980 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -37,6 +37,11 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; +import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException; +import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute; +import org.wso2.carbon.identity.configuration.mgt.core.model.Resource; +import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler; +import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.OAuthCache; @@ -77,6 +82,7 @@ import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -89,6 +95,12 @@ import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CURRENT_TOKEN_IDENTIFIER; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.PRESERVE_LOGGED_IN_SESSION_AT_PASSWORD_UPDATE; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ORGANIZATION_LOGIN_HOME_REALM_IDENTIFIER; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.ENABLE_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_TYPE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.UserType.FEDERATED_USER_DOMAIN_PREFIX; @@ -544,6 +556,7 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) { .isTokenRevocationWithIDPSessionTerminationEnabled()); dto.setTokenBindingValidationEnabled(appDO.isTokenBindingValidationEnabled()); dto.setTokenEndpointAuthMethod(appDO.getTokenEndpointAuthMethod()); + dto.setTokenEndpointAllowReusePvtKeyJwt(appDO.isTokenEndpointAllowReusePvtKeyJwt()); dto.setTokenEndpointAuthSignatureAlgorithm(appDO.getTokenEndpointAuthSignatureAlgorithm()); dto.setSectorIdentifierURI(appDO.getSectorIdentifierURI()); dto.setIdTokenSignatureAlgorithm(appDO.getIdTokenSignatureAlgorithm()); @@ -1231,4 +1244,72 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate authenticatedUser.setFederatedIdPName(orgSsoIdp.getIdentityProviderName()); } } + + /** + * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. + * + * @param tokenEPAllowReusePvtKeyJWTValue Value of the tokenEPAllowReusePvtKeyJWT configuration. + * @param tokenAuthMethod Token authentication method. + * @return Value of the tokenEPAllowReusePvtKeyJWT configuration. + * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. + */ + public static String getValueOfTokenEPAllowReusePvtKeyJWT(String tokenEPAllowReusePvtKeyJWTValue, + String tokenAuthMethod) + throws IdentityOAuth2ServerException { + + if (tokenEPAllowReusePvtKeyJWTValue == null && tokenAuthMethod != null) { + try { + tokenEPAllowReusePvtKeyJWTValue = readTenantConfigurationPvtKeyJWTReuse(); + } catch (ConfigurationManagementException e) { + throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", + e); + } + if (tokenEPAllowReusePvtKeyJWTValue == null) { + tokenEPAllowReusePvtKeyJWTValue = readServerConfigurationPvtKeyJWTReuse(); + if (tokenEPAllowReusePvtKeyJWTValue == null) { + tokenEPAllowReusePvtKeyJWTValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); + } + } + } + return tokenEPAllowReusePvtKeyJWTValue; + } + + private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { + + String tokenEPAllowReusePvtKeyJWTTenantConfig = null; + Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() + .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); + + if (resource != null) { + tokenEPAllowReusePvtKeyJWTTenantConfig = resource.getAttributes().stream() + .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) + .map(Attribute::getValue) + .findFirst() + .orElse(null); + } + return tokenEPAllowReusePvtKeyJWTTenantConfig; + } + + private static String readServerConfigurationPvtKeyJWTReuse() { + + String tokenEPAllowReusePvtKeyJWTTenantConfig = null; + IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( + AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); + + if (identityEventListenerConfig != null + && Boolean.parseBoolean(identityEventListenerConfig.getEnable())) { + if (identityEventListenerConfig.getProperties() != null) { + for (Map.Entry property : identityEventListenerConfig.getProperties().entrySet()) { + String key = (String) property.getKey(); + String value = (String) property.getValue(); + if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { + boolean preventTokenReuse = Boolean.parseBoolean(value); + tokenEPAllowReusePvtKeyJWTTenantConfig = String.valueOf(!preventTokenReuse); + break; + } + } + } + } + return tokenEPAllowReusePvtKeyJWTTenantConfig; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 5a91f8a515..419c09ac80 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -22,6 +22,7 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; @@ -80,6 +81,7 @@ public class OAuthComponentServiceHolder { private AuthorizedAPIManagementService authorizedAPIManagementService; private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; + private ConfigurationManager configurationManager; /** * Get the list of scope validator implementations available. @@ -511,4 +513,24 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } + + /** + * Get the ConfigurationManager instance. + * + * @return ConfigurationManager The ConfigurationManager instance. + */ + public ConfigurationManager getConfigurationManager() { + + return configurationManager; + } + + /** + * Set the ConfigurationManager instance. + * + * @param configurationManager ConfigurationManager The ConfigurationManager instance. + */ + public void setConfigurationManager(ConfigurationManager configurationManager) { + + this.configurationManager = configurationManager; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index a253d8836d..c0981a6a1c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -30,6 +30,7 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; @@ -521,4 +522,38 @@ protected void unsetOrganizationUserSharingService(OrganizationUserSharingServic } OAuthComponentServiceHolder.getInstance().setOrganizationUserSharingService(null); } + + /** + * Set the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + @Reference( + name = "resource.configuration.manager", + service = ConfigurationManager.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unregisterConfigurationManager" + ) + protected void registerConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Registering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); + } + + + /** + * Unset the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + protected void unregisterConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Unregistering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); + } } From da10fc3ba64cfd6c2b1a0580973098f622655625 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Tue, 18 Jun 2024 17:35:58 +0530 Subject: [PATCH 07/90] Add pvtKeyJWTReuse config changes to app service and dao layers. --- .../identity/oauth/OAuthAdminServiceImpl.java | 16 ++++++++++++++++ .../carbon/identity/oauth/dao/OAuthAppDAO.java | 18 +++++++++++++++++- .../carbon/identity/oauth/dao/OAuthAppDO.java | 11 +++++++++++ .../oauth/dto/OAuthConsumerAppDTO.java | 11 +++++++++++ 4 files changed, 55 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java index 068ac62c57..ed7185d0f2 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -107,6 +107,7 @@ import static org.wso2.carbon.identity.oauth.OAuthUtil.handleErrorWithExceptionType; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_DELETED; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.PRIVATE_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getTenantId; @@ -429,6 +430,13 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } + Boolean tokenEndpointReusePvtKeyJWT = application.isTokenEndpointAllowReusePvtKeyJwt(); + if (tokenEndpointAuthMethod != null && !tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT) + && tokenEndpointReusePvtKeyJWT != null) { + throw handleClientError(INVALID_REQUEST, + "Invalid token endpoint authentication method requested."); + } + application.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointReusePvtKeyJWT); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -855,6 +863,14 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); + // Todo: Do we really need to throw an error. Though the auth mechanism is not pvt ket jwt there's no harm + // in storing this either. + boolean tokenEndpointReusePvtKeyJWT = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); + if (!tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT) && tokenEndpointReusePvtKeyJWT) { + throw handleClientError(INVALID_REQUEST, "Invalid token endpoint authentication method requested."); + } + oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointReusePvtKeyJWT); + String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { if (isFAPIConformanceEnabled) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java index 0608a7a8c9..2faea550c4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -47,6 +47,7 @@ import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor; import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -102,6 +103,7 @@ import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE_NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_VALIDATION; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE; @@ -982,6 +984,10 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO, TOKEN_AUTH_METHOD, oauthAppDO.getTokenEndpointAuthMethod(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, String.valueOf(oauthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), + prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM, oauthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); @@ -1636,6 +1642,10 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, + String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1732,7 +1742,8 @@ private Map> getSpOIDCProperties(Connection connection, return spOIDCProperties; } - private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) { + private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) + throws IdentityOAuth2ServerException { // Handle OIDC audience values if (isOIDCAudienceEnabled() && @@ -1795,6 +1806,11 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } + String tokenEPAllowReusePvtKeyJWT = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJWT( + getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); + if (tokenEPAllowReusePvtKeyJWT != null) { + oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJWT)); + } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { oauthApp.setTokenEndpointAuthSignatureAlgorithm(tokenSignatureAlgorithm); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java index b48b74bae7..50a1f48db4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java @@ -81,6 +81,7 @@ public class OAuthAppDO extends InboundConfigurationProtocol implements Serializ private boolean tokenRevocationWithIDPSessionTerminationEnabled; private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -383,6 +384,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java index f93e9acc4f..fba94088c1 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java @@ -67,6 +67,7 @@ public class OAuthConsumerAppDTO implements InboundProtocolConfigurationDTO { private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; private String tokenEndpointAuthSignatureAlgorithm; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; private String requestObjectSignatureAlgorithm; @@ -384,6 +385,16 @@ public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSigna this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getSectorIdentifierURI() { return sectorIdentifierURI; From ab599eb11de4035318f78cb4e42eb76ac32851f9 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Tue, 18 Jun 2024 17:37:14 +0530 Subject: [PATCH 08/90] Add pvtKeyJWTReuse config changes to DCRM endpoint. --- .../oauth2/dcr/endpoint/dto/ApplicationDTO.java | 12 ++++++++++++ .../dcr/endpoint/dto/RegistrationRequestDTO.java | 13 +++++++++++++ .../oauth2/dcr/endpoint/dto/UpdateRequestDTO.java | 13 +++++++++++++ .../oauth2/dcr/endpoint/util/DCRMUtils.java | 5 +++++ .../carbon/identity/oauth/dcr/bean/Application.java | 11 +++++++++++ .../dcr/bean/ApplicationRegistrationRequest.java | 11 +++++++++++ .../oauth/dcr/bean/ApplicationUpdateRequest.java | 11 +++++++++++ .../identity/oauth/dcr/service/DCRMService.java | 3 +++ 8 files changed, 79 insertions(+) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java index c238905c03..15e80cfe6b 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java @@ -62,6 +62,7 @@ public class ApplicationDTO { private String jwksUri = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt = null; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -289,6 +290,17 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java index f62e7c3275..bd50b234de 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java @@ -44,6 +44,7 @@ public class RegistrationRequestDTO { private String extTokenType = null; private String tokenEndpointAuthMethod = null; private String tokenEndpointAuthSigningAlg = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; private String idTokenEncryptedResponseAlg = null; @@ -326,6 +327,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java index e913e17765..39bd9bfdbd 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java @@ -33,6 +33,7 @@ public class UpdateRequestDTO { private boolean extPublicClient; private String extTokenType = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -237,6 +238,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") public String getTokenEndpointAuthSigningAlg() { diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java index e3f6da4751..c1f5137114 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java @@ -81,6 +81,8 @@ public static ApplicationRegistrationRequest getApplicationRegistrationRequest( appRegistrationRequest.setExtTokenType(registrationRequestDTO.getExtTokenType()); appRegistrationRequest.setJwksURI(registrationRequestDTO.getJwksUri()); appRegistrationRequest.setTokenEndpointAuthMethod(registrationRequestDTO.getTokenEndpointAuthMethod()); + appRegistrationRequest.setTokenEndpointAllowReusePvtKeyJwt(registrationRequestDTO + .isTokenEndpointAllowReusePvtKeyJwt()); appRegistrationRequest.setTokenEndpointAuthSignatureAlgorithm (registrationRequestDTO.getTokenEndpointAuthSigningAlg()); appRegistrationRequest.setSectorIdentifierURI(registrationRequestDTO.getSectorIdentifierUri()); @@ -124,6 +126,8 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(UpdateRequest applicationUpdateRequest.setExtTokenType(updateRequestDTO.getExtTokenType()); applicationUpdateRequest.setJwksURI(updateRequestDTO.getJwksUri()); applicationUpdateRequest.setTokenEndpointAuthMethod(updateRequestDTO.getTokenEndpointAuthMethod()); + applicationUpdateRequest.setTokenEndpointAllowReusePvtKeyJwt( + updateRequestDTO.isTokenEndpointAllowReusePvtKeyJwt()); applicationUpdateRequest.setTokenEndpointAuthSignatureAlgorithm (updateRequestDTO.getTokenEndpointAuthSigningAlg()); applicationUpdateRequest.setSectorIdentifierURI(updateRequestDTO.getSectorIdentifierUri()); @@ -233,6 +237,7 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic applicationDTO.setExtTokenType(application.getExtTokenType()); applicationDTO.setJwksUri(application.getJwksURI()); applicationDTO.setTokenEndpointAuthMethod(application.getTokenEndpointAuthMethod()); + applicationDTO.setTokenEndpointAllowReusePvtKeyJwt(application.isTokenEndpointAllowReusePvtKeyJwt()); applicationDTO.setTokenEndpointAuthSigningAlg(application.getTokenEndpointAuthSignatureAlgorithm()); applicationDTO.setSectorIdentifierUri(application.getSectorIdentifierURI()); applicationDTO.setIdTokenSignedResponseAlg(application.getIdTokenSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java index 71eb3b97ac..eb314900f4 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java @@ -45,6 +45,7 @@ public class Application implements Serializable { private String extTokenType = null; private String jwksURI = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm = null; private String sectorIdentifierURI = null; private String idTokenSignatureAlgorithm = null; @@ -240,6 +241,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java index 81b465986a..8d15762a63 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java @@ -51,6 +51,7 @@ public class ApplicationRegistrationRequest implements Serializable { private String jwksURI; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -368,6 +369,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java index 665af719e0..39ee2babef 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java @@ -47,6 +47,7 @@ public class ApplicationUpdateRequest implements Serializable { private String jwksURI = null; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -293,6 +294,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java index e145cb3054..88050a4707 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java @@ -302,6 +302,7 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str if (updateRequest.getTokenEndpointAuthMethod() != null) { appDTO.setTokenEndpointAuthMethod(updateRequest.getTokenEndpointAuthMethod()); } + appDTO.setTokenEndpointAllowReusePvtKeyJwt(updateRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (updateRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { appDTO.setTokenEndpointAuthSignatureAlgorithm (updateRequest.getTokenEndpointAuthSignatureAlgorithm()); @@ -584,6 +585,7 @@ private Application buildResponse(OAuthConsumerAppDTO createdApp, String tenantD application.setExtTokenType(createdApp.getTokenType()); application.setJwksURI(createdApp.getJwksURI()); application.setTokenEndpointAuthMethod(createdApp.getTokenEndpointAuthMethod()); + application.setTokenEndpointAllowReusePvtKeyJwt(createdApp.isTokenEndpointAllowReusePvtKeyJwt()); application.setTokenEndpointAuthSignatureAlgorithm(createdApp.getTokenEndpointAuthSignatureAlgorithm()); application.setSectorIdentifierURI(createdApp.getSectorIdentifierURI()); application.setIdTokenSignatureAlgorithm(createdApp.getIdTokenSignatureAlgorithm()); @@ -678,6 +680,7 @@ private OAuthConsumerAppDTO createOAuthApp(ApplicationRegistrationRequest regist if (registrationRequest.getTokenEndpointAuthMethod() != null) { oAuthConsumerApp.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod()); } + oAuthConsumerApp.setTokenEndpointAllowReusePvtKeyJwt(registrationRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (registrationRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { oAuthConsumerApp.setTokenEndpointAuthSignatureAlgorithm (registrationRequest.getTokenEndpointAuthSignatureAlgorithm()); From c873d6308371a6b8527b1bff152e760c31b234cf Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Wed, 26 Jun 2024 08:51:36 +0530 Subject: [PATCH 09/90] Improve reuse JWT validation logic. --- .../identity/oauth/OAuthAdminServiceImpl.java | 34 +++++++++++++++---- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java index ed7185d0f2..1effae7386 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -431,8 +431,8 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } Boolean tokenEndpointReusePvtKeyJWT = application.isTokenEndpointAllowReusePvtKeyJwt(); - if (tokenEndpointAuthMethod != null && !tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT) - && tokenEndpointReusePvtKeyJWT != null) { + if (isInvalidTokenEPReusePvtKeyJWTRequest(tokenEndpointAuthMethod, + tokenEndpointReusePvtKeyJWT)) { throw handleClientError(INVALID_REQUEST, "Invalid token endpoint authentication method requested."); } @@ -863,11 +863,10 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - // Todo: Do we really need to throw an error. Though the auth mechanism is not pvt ket jwt there's no harm - // in storing this either. - boolean tokenEndpointReusePvtKeyJWT = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); - if (!tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT) && tokenEndpointReusePvtKeyJWT) { - throw handleClientError(INVALID_REQUEST, "Invalid token endpoint authentication method requested."); + Boolean tokenEndpointReusePvtKeyJWT = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJWTRequest(tokenEndpointAuthMethod, tokenEndpointReusePvtKeyJWT)) { + throw handleClientError(INVALID_REQUEST, + "Invalid token endpoint authentication method requested."); } oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointReusePvtKeyJWT); @@ -2508,6 +2507,27 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } } + /** + * Return whether the request of updating the tokenEndpointReusePvtKeyJWT is valid. + * + * @param tokenEndpointAuthMethod token endpoint client authentication method. + * @param tokenEndpointReusePvtKeyJWT During client authentication whether to reuse private key JWT. + * @return True if tokenEndpointAuthMethod and tokenEndpointReusePvtKeyJWT is NOT in the correct format. + */ + private boolean isInvalidTokenEPReusePvtKeyJWTRequest(String tokenEndpointAuthMethod, + Boolean tokenEndpointReusePvtKeyJWT) { + + if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { + if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { + return tokenEndpointReusePvtKeyJWT == null; + } else { + return tokenEndpointReusePvtKeyJWT != null; + } + } else { + return tokenEndpointReusePvtKeyJWT != null; + } + } + /** * FAPI validation to restrict the token endpoint authentication methods. * Link - https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server (5.2.2 - 14) From ebc65d7dd69c25767ef791072b1b1a38fad4de21 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Wed, 26 Jun 2024 08:51:48 +0530 Subject: [PATCH 10/90] Add unit tests for the validations. --- .../oauth/OAuthAdminServiceImplTest.java | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java index d295a00267..f879be7bc1 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -850,6 +850,34 @@ private void testValidateTokenAuthenticationWithInvalidAuthentication() throws E } } + @DataProvider(name = "getTokenAuthMethodAndTokenReuseConfigData") + public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { + + return new Object[][]{ + // Client auth method, Expected result. + {"private_key_jwt", null, true}, + {null, true, true}, + {"", true, true}, + {" ", true, true}, + {"dummy_method", true, true}, + {"private_key_jwt", true, false}, + {null, null, false}, + {"dummy_method", null, false}}; + } + + @Test(description = "Test invalid reuse token config & client auth method combination.", + dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") + private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, + Boolean tokenEndpointReusePvtKeyJWT, + boolean expectedResult) throws Exception { + + OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); + + Assert.assertEquals(invokePrivateMethod(oAuthAdminService, + "isInvalidTokenEPReusePvtKeyJWTRequest", new Class[]{String.class, Boolean.class}, + tokenEndpointAuthMethod, tokenEndpointReusePvtKeyJWT), expectedResult); + } + @Test(description = "Test validating signature algorithm") private void testValidateSignatureAlgorithm() throws Exception { @@ -1059,4 +1087,12 @@ private Object invokePrivateMethod(Object object, String methodName, Object... p method.setAccessible(true); return method.invoke(object, params); } + + private Object invokePrivateMethod(Object object, String methodName, Class[] paramTypes, Object... params) + throws Exception { + + Method method = object.getClass().getDeclaredMethod(methodName, paramTypes); + method.setAccessible(true); + return method.invoke(object, params); + } } From 90778ba6d4a3b9b3e5bad0c071d7c2a5fd649b71 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Mon, 1 Jul 2024 20:52:19 +0530 Subject: [PATCH 11/90] Fix variable incompatibilities. --- .../src/main/resources/OAuthAdminService.wsdl | 2 ++ .../identity/oauth/OAuthAdminServiceImpl.java | 30 ++++++++--------- .../wso2/carbon/identity/oauth/OAuthUtil.java | 33 ++++++++++--------- .../identity/oauth/dao/OAuthAppDAO.java | 14 ++++---- .../oauth/OAuthAdminServiceImplTest.java | 6 ++-- 5 files changed, 45 insertions(+), 40 deletions(-) mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl old mode 100644 new mode 100755 index 8b9539eddc..22a9a1b414 --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -433,6 +433,8 @@ + diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java old mode 100644 new mode 100755 index 1effae7386..593fd6927d --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -430,13 +430,13 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } - Boolean tokenEndpointReusePvtKeyJWT = application.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJWTRequest(tokenEndpointAuthMethod, - tokenEndpointReusePvtKeyJWT)) { + Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, + tokenEndpointAllowReusePvtKeyJwt)) { throw handleClientError(INVALID_REQUEST, "Invalid token endpoint authentication method requested."); } - application.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointReusePvtKeyJWT); + app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -863,12 +863,12 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - Boolean tokenEndpointReusePvtKeyJWT = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJWTRequest(tokenEndpointAuthMethod, tokenEndpointReusePvtKeyJWT)) { + Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { throw handleClientError(INVALID_REQUEST, "Invalid token endpoint authentication method requested."); } - oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointReusePvtKeyJWT); + oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { @@ -2508,23 +2508,23 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } /** - * Return whether the request of updating the tokenEndpointReusePvtKeyJWT is valid. + * Return whether the request of updating the tokenEndpointAllowReusePvtKeyJwt is valid. * * @param tokenEndpointAuthMethod token endpoint client authentication method. - * @param tokenEndpointReusePvtKeyJWT During client authentication whether to reuse private key JWT. - * @return True if tokenEndpointAuthMethod and tokenEndpointReusePvtKeyJWT is NOT in the correct format. + * @param tokenEndpointAllowReusePvtKeyJwt During client authentication whether to reuse private key JWT. + * @return True if tokenEndpointAuthMethod and tokenEndpointAllowReusePvtKeyJwt is NOT in the correct format. */ - private boolean isInvalidTokenEPReusePvtKeyJWTRequest(String tokenEndpointAuthMethod, - Boolean tokenEndpointReusePvtKeyJWT) { + private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMethod, + Boolean tokenEndpointAllowReusePvtKeyJwt) { if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { - return tokenEndpointReusePvtKeyJWT == null; + return tokenEndpointAllowReusePvtKeyJwt == null; } else { - return tokenEndpointReusePvtKeyJWT != null; + return tokenEndpointAllowReusePvtKeyJwt != null; } } else { - return tokenEndpointReusePvtKeyJWT != null; + return tokenEndpointAllowReusePvtKeyJwt != null; } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java old mode 100644 new mode 100755 index 87b3592980..c55cc7f765 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -1248,51 +1248,52 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate /** * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. * - * @param tokenEPAllowReusePvtKeyJWTValue Value of the tokenEPAllowReusePvtKeyJWT configuration. + * @param tokenEPAllowReusePvtKeyJwtValue Value of the tokenEPAllowReusePvtKeyJwt configuration. * @param tokenAuthMethod Token authentication method. - * @return Value of the tokenEPAllowReusePvtKeyJWT configuration. + * @return Value of the tokenEPAllowReusePvtKeyJwt configuration. * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. */ - public static String getValueOfTokenEPAllowReusePvtKeyJWT(String tokenEPAllowReusePvtKeyJWTValue, + public static String getValueOfTokenEPAllowReusePvtKeyJwt(String tokenEPAllowReusePvtKeyJwtValue, String tokenAuthMethod) throws IdentityOAuth2ServerException { - if (tokenEPAllowReusePvtKeyJWTValue == null && tokenAuthMethod != null) { + if (tokenEPAllowReusePvtKeyJwtValue == null && StringUtils.isNotBlank(tokenAuthMethod) + && OAuthConstants.PRIVATE_KEY_JWT.equals(tokenAuthMethod)) { try { - tokenEPAllowReusePvtKeyJWTValue = readTenantConfigurationPvtKeyJWTReuse(); + tokenEPAllowReusePvtKeyJwtValue = readTenantConfigurationPvtKeyJWTReuse(); } catch (ConfigurationManagementException e) { throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", e); } - if (tokenEPAllowReusePvtKeyJWTValue == null) { - tokenEPAllowReusePvtKeyJWTValue = readServerConfigurationPvtKeyJWTReuse(); - if (tokenEPAllowReusePvtKeyJWTValue == null) { - tokenEPAllowReusePvtKeyJWTValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = readServerConfigurationPvtKeyJWTReuse(); + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); } } } - return tokenEPAllowReusePvtKeyJWTValue; + return tokenEPAllowReusePvtKeyJwtValue; } private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { - String tokenEPAllowReusePvtKeyJWTTenantConfig = null; + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); if (resource != null) { - tokenEPAllowReusePvtKeyJWTTenantConfig = resource.getAttributes().stream() + tokenEPAllowReusePvtKeyJwtTenantConfig = resource.getAttributes().stream() .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) .map(Attribute::getValue) .findFirst() .orElse(null); } - return tokenEPAllowReusePvtKeyJWTTenantConfig; + return tokenEPAllowReusePvtKeyJwtTenantConfig; } private static String readServerConfigurationPvtKeyJWTReuse() { - String tokenEPAllowReusePvtKeyJWTTenantConfig = null; + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); @@ -1304,12 +1305,12 @@ private static String readServerConfigurationPvtKeyJWTReuse() { String value = (String) property.getValue(); if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { boolean preventTokenReuse = Boolean.parseBoolean(value); - tokenEPAllowReusePvtKeyJWTTenantConfig = String.valueOf(!preventTokenReuse); + tokenEPAllowReusePvtKeyJwtTenantConfig = String.valueOf(!preventTokenReuse); break; } } } } - return tokenEPAllowReusePvtKeyJWTTenantConfig; + return tokenEPAllowReusePvtKeyJwtTenantConfig; } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java old mode 100644 new mode 100755 index 2faea550c4..dfb0bc88f2 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -1642,9 +1642,11 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); - addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, - TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, - String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); + if (consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) { + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, + String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); + } addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1806,10 +1808,10 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } - String tokenEPAllowReusePvtKeyJWT = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJWT( + String tokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt( getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); - if (tokenEPAllowReusePvtKeyJWT != null) { - oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJWT)); + if (tokenEPAllowReusePvtKeyJwt != null) { + oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJwt)); } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java old mode 100644 new mode 100755 index f879be7bc1..643bad39f0 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -868,14 +868,14 @@ public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { @Test(description = "Test invalid reuse token config & client auth method combination.", dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, - Boolean tokenEndpointReusePvtKeyJWT, + Boolean tokenEndpointAllowReusePvtKeyJwt, boolean expectedResult) throws Exception { OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); Assert.assertEquals(invokePrivateMethod(oAuthAdminService, - "isInvalidTokenEPReusePvtKeyJWTRequest", new Class[]{String.class, Boolean.class}, - tokenEndpointAuthMethod, tokenEndpointReusePvtKeyJWT), expectedResult); + "isInvalidTokenEPReusePvtKeyJwtRequest", new Class[]{String.class, Boolean.class}, + tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt), expectedResult); } @Test(description = "Test validating signature algorithm") From b621674404a49416d99b1fb56d16c434394acaf2 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Mon, 1 Jul 2024 22:12:04 +0530 Subject: [PATCH 12/90] Change wsdl element order. --- .../src/main/resources/OAuthAdminService.wsdl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl index 22a9a1b414..a1b5a18871 100755 --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -432,9 +432,8 @@ + - From e860e531580e16a36ed1e0e1705b37f8d33d1c3b Mon Sep 17 00:00:00 2001 From: Amanda Ariyaratne Date: Tue, 2 Jul 2024 13:33:07 +0530 Subject: [PATCH 13/90] add url validations --- .../identity/oauth/common/OAuthConstants.java | 3 +++ .../endpoint/token/OAuth2TokenEndpoint.java | 22 +++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 57e7feac1e..8fc392aea9 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -363,6 +363,9 @@ public static class OAuth20Params { public static final String RESPONSE_TYPE = "response_type"; public static final String RESPONSE_MODE = "response_mode"; public static final String REQUEST = "request"; + public static final String USERNAME = "username"; + public static final String PASSWORD = "password"; + public static final String CLIENT_SECRET = "client_secret"; public static final String REQUESTED_SUBJECT = "requested_subject"; private OAuth20Params() { diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java index 54403f9d35..4a328e8626 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java +++ b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java @@ -50,8 +50,11 @@ import org.wso2.carbon.user.core.util.UserCoreUtil; import org.wso2.carbon.utils.DiagnosticLog; +import java.util.Arrays; +import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; @@ -67,6 +70,9 @@ import javax.ws.rs.core.Response.ResponseBuilder; import static org.apache.commons.lang.StringUtils.isNotBlank; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.CLIENT_SECRET; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.PASSWORD; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.USERNAME; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.PROP_CLIENT_ID; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.getHttpServletResponseWrapper; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.parseJsonTokenRequest; @@ -156,6 +162,7 @@ protected Response issueAccessToken(HttpServletRequest request, HttpServletRespo startSuperTenantFlow(); } validateRepeatedParams(request, paramMap); + validateSensitiveDataInQueryParams(request); HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap); CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest); OAuthClientAuthnContext oauthClientAuthnContext = oauthRequest.getoAuthClientAuthnContext(); @@ -228,6 +235,21 @@ private void validateRepeatedParams(HttpServletRequest request, Map sensitiveKeys = new HashSet<>(Arrays.asList(USERNAME, PASSWORD, CLIENT_SECRET)); + boolean containsSensitiveData = Arrays.stream(queryString.split("&")) + .map(param -> param.split("=")[0]) + .anyMatch(sensitiveKeys::contains); + if (containsSensitiveData) { + throw new TokenEndpointBadRequestException("Invalid request with sensitive data in the URL."); + } + } + } + private void validateOAuthApplication(OAuthClientAuthnContext oAuthClientAuthnContext) throws InvalidApplicationClientException { From 1346c762ac6987102496807d3d874923edeb3003 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri Date: Tue, 2 Jul 2024 15:12:35 +0530 Subject: [PATCH 14/90] Address PR comments. --- .../identity/oauth/OAuthAdminServiceImpl.java | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java index 593fd6927d..3129f55459 100755 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -433,8 +433,8 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, - "Invalid token endpoint authentication method requested."); + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); } app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); @@ -865,8 +865,8 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, - "Invalid token endpoint authentication method requested."); + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); } oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); @@ -2520,12 +2520,9 @@ private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMe if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { return tokenEndpointAllowReusePvtKeyJwt == null; - } else { - return tokenEndpointAllowReusePvtKeyJwt != null; } - } else { - return tokenEndpointAllowReusePvtKeyJwt != null; } + return tokenEndpointAllowReusePvtKeyJwt != null; } /** From bbcd91132f5cea28bf3dc295ac26f3b431dc7b20 Mon Sep 17 00:00:00 2001 From: Amanda Ariyaratne Date: Tue, 2 Jul 2024 16:44:27 +0530 Subject: [PATCH 15/90] Add configuration for restricted query parameters --- .../endpoint/token/OAuth2TokenEndpoint.java | 9 ++----- .../config/OAuthServerConfiguration.java | 25 +++++++++++++++++++ 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java index 4a328e8626..acff55c6e8 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java +++ b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java @@ -36,6 +36,7 @@ import org.wso2.carbon.identity.oauth.client.authn.filter.OAuthClientAuthenticatorProxy; import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.common.OAuthConstants; +import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper; import org.wso2.carbon.identity.oauth.endpoint.exception.InvalidApplicationClientException; import org.wso2.carbon.identity.oauth.endpoint.exception.InvalidRequestParentException; @@ -51,10 +52,8 @@ import org.wso2.carbon.utils.DiagnosticLog; import java.util.Arrays; -import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; @@ -70,9 +69,6 @@ import javax.ws.rs.core.Response.ResponseBuilder; import static org.apache.commons.lang.StringUtils.isNotBlank; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.CLIENT_SECRET; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.PASSWORD; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.USERNAME; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.PROP_CLIENT_ID; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.getHttpServletResponseWrapper; import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.parseJsonTokenRequest; @@ -240,10 +236,9 @@ private void validateSensitiveDataInQueryParams(HttpServletRequest request) String queryString = request.getQueryString(); if (StringUtils.isNotBlank(queryString)) { - Set sensitiveKeys = new HashSet<>(Arrays.asList(USERNAME, PASSWORD, CLIENT_SECRET)); boolean containsSensitiveData = Arrays.stream(queryString.split("&")) .map(param -> param.split("=")[0]) - .anyMatch(sensitiveKeys::contains); + .anyMatch(OAuthServerConfiguration.getInstance().getRestrictedQueryParameters()::contains); if (containsSensitiveData) { throw new TokenEndpointBadRequestException("Invalid request with sensitive data in the URL."); } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java index f02fb82bd1..4fdf963e09 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java @@ -322,6 +322,8 @@ public class OAuthServerConfiguration { private Boolean roleBasedScopeIssuerEnabledConfig = false; private String scopeMetadataExtensionImpl = null; + private final List restrictedQueryParameters = new ArrayList<>(); + private OAuthServerConfiguration() { buildOAuthServerConfiguration(); } @@ -529,6 +531,9 @@ private void buildOAuthServerConfiguration() { // Read config for scope metadata extension implementation. parseScopeMetadataExtensionImpl(oauthElem); + + // Read config for restricted query parameters in oauth requests + parseRestrictedQueryParameters(oauthElem); } /** @@ -1453,6 +1458,10 @@ public boolean isUseMultiValueSeparatorForAuthContextToken() { return useMultiValueSeparatorForAuthContextToken; } + public List getRestrictedQueryParameters() { + return restrictedQueryParameters; + } + public TokenPersistenceProcessor getPersistenceProcessor() throws IdentityOAuth2Exception { if (persistenceProcessor == null) { synchronized (this) { @@ -3741,6 +3750,20 @@ private void parseScopeMetadataExtensionImpl(OMElement oauthConfigElem) { } } + private void parseRestrictedQueryParameters(OMElement oauthConfigElem) { + + OMElement restrictedQueryParametersElem = oauthConfigElem.getFirstChildWithName( + getQNameWithIdentityNS(ConfigElements.RESTRICTED_QUERY_PARAMETERS_ELEMENT)); + if (restrictedQueryParametersElem != null) { + Iterator paramIterator = restrictedQueryParametersElem.getChildrenWithName(getQNameWithIdentityNS( + ConfigElements.RESTRICTED_QUERY_PARAMETER_ELEMENT)); + while (paramIterator.hasNext()) { + OMElement paramElement = (OMElement) paramIterator.next(); + restrictedQueryParameters.add(paramElement.getText()); + } + } + } + /** * Get scope metadata service extension impl class. * @@ -4016,6 +4039,8 @@ private class ConfigElements { private static final String USE_LEGACY_PERMISSION_ACCESS_FOR_USER_BASED_AUTH = "UseLegacyPermissionAccessForUserBasedAuth"; private static final String SCOPE_METADATA_EXTENSION_IMPL = "ScopeMetadataService"; + private static final String RESTRICTED_QUERY_PARAMETERS_ELEMENT = "RestrictedQueryParameters"; + private static final String RESTRICTED_QUERY_PARAMETER_ELEMENT = "RestrictedQueryParameter"; } } From f72b8aa073f8a15d74131956db0aa9fcdbe1ff98 Mon Sep 17 00:00:00 2001 From: Amanda Ariyaratne Date: Tue, 2 Jul 2024 16:46:09 +0530 Subject: [PATCH 16/90] remove unused constants --- .../org/wso2/carbon/identity/oauth/common/OAuthConstants.java | 3 --- 1 file changed, 3 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 8fc392aea9..57e7feac1e 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -363,9 +363,6 @@ public static class OAuth20Params { public static final String RESPONSE_TYPE = "response_type"; public static final String RESPONSE_MODE = "response_mode"; public static final String REQUEST = "request"; - public static final String USERNAME = "username"; - public static final String PASSWORD = "password"; - public static final String CLIENT_SECRET = "client_secret"; public static final String REQUESTED_SUBJECT = "requested_subject"; private OAuth20Params() { From 494d6ec1e7e49d172f949b9256f0833777586b31 Mon Sep 17 00:00:00 2001 From: Amanda Ariyaratne Date: Tue, 2 Jul 2024 17:26:34 +0530 Subject: [PATCH 17/90] simplify child element name --- .../carbon/identity/oauth/config/OAuthServerConfiguration.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java index 4fdf963e09..d9fd4e6557 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java @@ -4040,7 +4040,7 @@ private class ConfigElements { "UseLegacyPermissionAccessForUserBasedAuth"; private static final String SCOPE_METADATA_EXTENSION_IMPL = "ScopeMetadataService"; private static final String RESTRICTED_QUERY_PARAMETERS_ELEMENT = "RestrictedQueryParameters"; - private static final String RESTRICTED_QUERY_PARAMETER_ELEMENT = "RestrictedQueryParameter"; + private static final String RESTRICTED_QUERY_PARAMETER_ELEMENT = "Parameter"; } } From 5494b9bcf52f25d298cd50ac79d7cc02a250f95e Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 2 Jul 2024 15:10:15 +0000 Subject: [PATCH 18/90] [WSO2 Release] [Jenkins #4946] [Release 7.0.107] prepare release v7.0.107 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index e606a8e69c..a3a0b9e87c 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107-SNAPSHOT + 7.0.107 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.107-SNAPSHOT + 7.0.107 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 87610eaab6..bdf8e08808 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107-SNAPSHOT + 7.0.107 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.107-SNAPSHOT + 7.0.107 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 932607d123..a3f26e2d39 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107-SNAPSHOT + 7.0.107 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 7efbf85bd8..8265603b93 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 3ac3e3dee5..a8d1c60d6d 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.107-SNAPSHOT + 7.0.107 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index aa83a622f6..3c4c5af815 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index adcab23ad9..7a74ac1acd 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 52232a9ced..520e90d0fb 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 8db5f9b176..87e7e419cd 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 82b7cdb973..5e96c07f59 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index c724c16dc3..21b281c4e8 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.107-SNAPSHOT + 7.0.107 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index e4faa8da7b..82fc5e377e 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 87e3ed30b9..0bc243e2a0 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index e63467eaba..26c5139ba6 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 29f20f0fb6..290ce0316b 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 68e661c2aa..7faa719a72 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index b71936cda1..3802d01064 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index b43c0e9667..540aa7d60d 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index f70925f339..13f827cb7f 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 60e8a9e73a..3e5685d814 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 5d56846969..7f5f1d6f9f 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index ea0d568eaa..6d6aa5923c 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 9430b32e83..d76045a5a9 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index c142836a98..8cdbb21bfa 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 diff --git a/pom.xml b/pom.xml index 93aaedf6c6..9a58ab371a 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107-SNAPSHOT + 7.0.107 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.107 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index a26791f060..dac2bf60de 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107-SNAPSHOT + 7.0.107 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 391555ea62..5146598b6c 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107-SNAPSHOT + 7.0.107 4.0.0 From a794480576ab2d60ba5644c17f582d6423d499e2 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 2 Jul 2024 15:10:18 +0000 Subject: [PATCH 19/90] [WSO2 Release] [Jenkins #4946] [Release 7.0.107] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index a3a0b9e87c..1aca5529fb 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107 + 7.0.108-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.107 + 7.0.108-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index bdf8e08808..b10158a5a6 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107 + 7.0.108-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.107 + 7.0.108-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index a3f26e2d39..5a3554cfdc 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107 + 7.0.108-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 8265603b93..3494caf96a 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index a8d1c60d6d..64ccdba104 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.107 + 7.0.108-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 3c4c5af815..9f446969a3 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 7a74ac1acd..40b37841d8 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 520e90d0fb..9e45f79487 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 87e7e419cd..32d08248b3 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 5e96c07f59..71920aead7 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 21b281c4e8..7c6e8c2144 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.107 + 7.0.108-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 82fc5e377e..4b83e1a054 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 0bc243e2a0..87e764f3de 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 26c5139ba6..034cdab595 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 290ce0316b..95d1243df3 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 7faa719a72..c46d9d5c74 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 3802d01064..f14b53c042 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 540aa7d60d..851596a2c9 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 13f827cb7f..0935432cae 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 3e5685d814..f1a44dbd09 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 7f5f1d6f9f..f7c33c8c57 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 6d6aa5923c..6f0ca24dd9 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index d76045a5a9..76b612e3d2 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 8cdbb21bfa..0d66e639b2 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 9a58ab371a..2f1945fac8 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107 + 7.0.108-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.107 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index dac2bf60de..223e4d3b72 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.107 + 7.0.108-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 5146598b6c..0dfe6113f9 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.107 + 7.0.108-SNAPSHOT 4.0.0 From b58938ee052110eb6f8e3f7447b6ffa27fd8b49b Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri <47152272+mpmadhavig@users.noreply.github.com> Date: Tue, 2 Jul 2024 21:49:30 +0530 Subject: [PATCH 20/90] Revert "Onboard app level pvtkeyjwt reuse config" --- .../dcr/endpoint/dto/ApplicationDTO.java | 12 --- .../endpoint/dto/RegistrationRequestDTO.java | 13 --- .../dcr/endpoint/dto/UpdateRequestDTO.java | 13 --- .../oauth2/dcr/endpoint/util/DCRMUtils.java | 5 -- .../identity/oauth/common/OAuthConstants.java | 10 +-- .../identity/oauth/dcr/bean/Application.java | 11 --- .../bean/ApplicationRegistrationRequest.java | 11 --- .../dcr/bean/ApplicationUpdateRequest.java | 11 --- .../oauth/dcr/service/DCRMService.java | 3 - .../src/main/resources/OAuthAdminService.wsdl | 1 - .../identity/oauth/OAuthAdminServiceImpl.java | 33 -------- .../wso2/carbon/identity/oauth/OAuthUtil.java | 82 ------------------- .../identity/oauth/dao/OAuthAppDAO.java | 20 +---- .../carbon/identity/oauth/dao/OAuthAppDO.java | 11 --- .../oauth/dto/OAuthConsumerAppDTO.java | 11 --- .../internal/OAuthComponentServiceHolder.java | 22 ----- .../oauth/internal/OAuthServiceComponent.java | 35 -------- .../oauth/OAuthAdminServiceImplTest.java | 36 -------- 18 files changed, 2 insertions(+), 338 deletions(-) mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java index f7d980a4e1..a66d1be779 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java @@ -65,7 +65,6 @@ public class ApplicationDTO { private String jwksUri = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt = null; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -293,17 +292,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java index e42227c3b0..92e34409e4 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java @@ -49,7 +49,6 @@ public class RegistrationRequestDTO { private String extTokenType = null; private String tokenEndpointAuthMethod = null; private String tokenEndpointAuthSigningAlg = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; private String idTokenEncryptedResponseAlg = null; @@ -333,18 +332,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java index 085eb32d26..81471cc237 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java @@ -36,7 +36,6 @@ public class UpdateRequestDTO { private boolean extPublicClient; private String extTokenType = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -242,18 +241,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") public String getTokenEndpointAuthSigningAlg() { diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java index 23e87ffa55..8e46d6c25f 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java @@ -81,8 +81,6 @@ public static ApplicationRegistrationRequest getApplicationRegistrationRequest( appRegistrationRequest.setExtTokenType(registrationRequestDTO.getExtTokenType()); appRegistrationRequest.setJwksURI(registrationRequestDTO.getJwksUri()); appRegistrationRequest.setTokenEndpointAuthMethod(registrationRequestDTO.getTokenEndpointAuthMethod()); - appRegistrationRequest.setTokenEndpointAllowReusePvtKeyJwt(registrationRequestDTO - .isTokenEndpointAllowReusePvtKeyJwt()); appRegistrationRequest.setTokenEndpointAuthSignatureAlgorithm (registrationRequestDTO.getTokenEndpointAuthSigningAlg()); appRegistrationRequest.setSectorIdentifierURI(registrationRequestDTO.getSectorIdentifierUri()); @@ -127,8 +125,6 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(UpdateRequest applicationUpdateRequest.setExtTokenType(updateRequestDTO.getExtTokenType()); applicationUpdateRequest.setJwksURI(updateRequestDTO.getJwksUri()); applicationUpdateRequest.setTokenEndpointAuthMethod(updateRequestDTO.getTokenEndpointAuthMethod()); - applicationUpdateRequest.setTokenEndpointAllowReusePvtKeyJwt( - updateRequestDTO.isTokenEndpointAllowReusePvtKeyJwt()); applicationUpdateRequest.setTokenEndpointAuthSignatureAlgorithm (updateRequestDTO.getTokenEndpointAuthSigningAlg()); applicationUpdateRequest.setSectorIdentifierURI(updateRequestDTO.getSectorIdentifierUri()); @@ -239,7 +235,6 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic applicationDTO.setExtTokenType(application.getExtTokenType()); applicationDTO.setJwksUri(application.getJwksURI()); applicationDTO.setTokenEndpointAuthMethod(application.getTokenEndpointAuthMethod()); - applicationDTO.setTokenEndpointAllowReusePvtKeyJwt(application.isTokenEndpointAllowReusePvtKeyJwt()); applicationDTO.setTokenEndpointAuthSigningAlg(application.getTokenEndpointAuthSignatureAlgorithm()); applicationDTO.setSectorIdentifierUri(application.getSectorIdentifierURI()); applicationDTO.setIdTokenSignedResponseAlg(application.getIdTokenSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 94b888cec6..57e7feac1e 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -622,7 +622,6 @@ public static class OIDCConfigProperties { public static final String TOKEN_BINDING_VALIDATION = "tokenBindingValidation"; public static final String TOKEN_BINDING_TYPE_NONE = "None"; public static final String TOKEN_AUTH_METHOD = "tokenEndpointAuthMethod"; - public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT = "tokenEndpointAllowReusePvtKeyJwt"; public static final String TOKEN_AUTH_SIGNATURE_ALGORITHM = "tokenEndpointAuthSigningAlg"; public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri"; public static final String ID_TOKEN_SIGNATURE_ALGORITHM = "idTokenSignedResponseAlg"; @@ -637,14 +636,7 @@ public static class OIDCConfigProperties { public static final String IS_SUBJECT_TOKEN_ENABLED = "isSubjectTokenEnabled"; public static final String SUBJECT_TOKEN_EXPIRY_TIME = "subjectTokenExpiryTime"; public static final int SUBJECT_TOKEN_EXPIRY_TIME_VALUE = 180; - public static final String PREVENT_TOKEN_REUSE = "PreventTokenReuse"; - public static final boolean DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE = true; - // Name of the {@code JWTClientAuthenticatorConfig} resource type in the Configuration Management API. - public static final String JWT_CONFIGURATION_RESOURCE_TYPE_NAME = "PK_JWT_CONFIGURATION"; - // Name of the {@code JWTClientAuthenticatorConfig} resource (per tenant) in the Configuration Management API. - public static final String JWT_CONFIGURATION_RESOURCE_NAME = "TENANT_PK_JWT_CONFIGURATION"; - public static final String PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME = "PrivateKeyJWTClientAuthenticator"; - public static final String ENABLE_TOKEN_REUSE = "EnableTokenReuse"; + private OIDCConfigProperties() { } diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java index 7f0d3907f2..bb555c1f16 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java @@ -46,7 +46,6 @@ public class Application implements Serializable { private String extTokenType = null; private String jwksURI = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm = null; private String sectorIdentifierURI = null; private String idTokenSignatureAlgorithm = null; @@ -254,16 +253,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java index 068fa18637..af1666e651 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java @@ -52,7 +52,6 @@ public class ApplicationRegistrationRequest implements Serializable { private String jwksURI; private String softwareStatement; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -381,16 +380,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java index 443821cd55..b98772d5dd 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java @@ -48,7 +48,6 @@ public class ApplicationUpdateRequest implements Serializable { private String jwksURI = null; private String softwareStatement; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -306,16 +305,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java index 994bd068fa..6aa00ca66a 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java @@ -351,7 +351,6 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str if (updateRequest.getTokenEndpointAuthMethod() != null) { appDTO.setTokenEndpointAuthMethod(updateRequest.getTokenEndpointAuthMethod()); } - appDTO.setTokenEndpointAllowReusePvtKeyJwt(updateRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (updateRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { appDTO.setTokenEndpointAuthSignatureAlgorithm (updateRequest.getTokenEndpointAuthSignatureAlgorithm()); @@ -671,7 +670,6 @@ private Application buildResponse(OAuthConsumerAppDTO createdApp, String tenantD application.setExtTokenType(createdApp.getTokenType()); application.setJwksURI(createdApp.getJwksURI()); application.setTokenEndpointAuthMethod(createdApp.getTokenEndpointAuthMethod()); - application.setTokenEndpointAllowReusePvtKeyJwt(createdApp.isTokenEndpointAllowReusePvtKeyJwt()); application.setTokenEndpointAuthSignatureAlgorithm(createdApp.getTokenEndpointAuthSignatureAlgorithm()); application.setSectorIdentifierURI(createdApp.getSectorIdentifierURI()); application.setIdTokenSignatureAlgorithm(createdApp.getIdTokenSignatureAlgorithm()); @@ -766,7 +764,6 @@ private OAuthConsumerAppDTO createOAuthApp(ApplicationRegistrationRequest regist if (registrationRequest.getTokenEndpointAuthMethod() != null) { oAuthConsumerApp.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod()); } - oAuthConsumerApp.setTokenEndpointAllowReusePvtKeyJwt(registrationRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (registrationRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { oAuthConsumerApp.setTokenEndpointAuthSignatureAlgorithm (registrationRequest.getTokenEndpointAuthSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl old mode 100755 new mode 100644 index a1b5a18871..8b9539eddc --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -432,7 +432,6 @@ - diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java old mode 100755 new mode 100644 index 3129f55459..068ac62c57 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -107,7 +107,6 @@ import static org.wso2.carbon.identity.oauth.OAuthUtil.handleErrorWithExceptionType; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_DELETED; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.PRIVATE_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getTenantId; @@ -430,13 +429,6 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } - Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, - tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + - "incompatible with the Private Key JWT Reuse config value."); - } - app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -863,13 +855,6 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + - "incompatible with the Private Key JWT Reuse config value."); - } - oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); - String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -2507,24 +2492,6 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } } - /** - * Return whether the request of updating the tokenEndpointAllowReusePvtKeyJwt is valid. - * - * @param tokenEndpointAuthMethod token endpoint client authentication method. - * @param tokenEndpointAllowReusePvtKeyJwt During client authentication whether to reuse private key JWT. - * @return True if tokenEndpointAuthMethod and tokenEndpointAllowReusePvtKeyJwt is NOT in the correct format. - */ - private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMethod, - Boolean tokenEndpointAllowReusePvtKeyJwt) { - - if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { - if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { - return tokenEndpointAllowReusePvtKeyJwt == null; - } - } - return tokenEndpointAllowReusePvtKeyJwt != null; - } - /** * FAPI validation to restrict the token endpoint authentication methods. * Link - https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server (5.2.2 - 14) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java old mode 100755 new mode 100644 index 2ca4524208..2fe5e743a0 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -37,11 +37,6 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; -import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException; -import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute; -import org.wso2.carbon.identity.configuration.mgt.core.model.Resource; -import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler; -import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.OAuthCache; @@ -82,7 +77,6 @@ import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -95,12 +89,6 @@ import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CURRENT_TOKEN_IDENTIFIER; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.PRESERVE_LOGGED_IN_SESSION_AT_PASSWORD_UPDATE; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ORGANIZATION_LOGIN_HOME_REALM_IDENTIFIER; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.ENABLE_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_NAME; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_TYPE_NAME; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PREVENT_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.UserType.FEDERATED_USER_DOMAIN_PREFIX; @@ -548,7 +536,6 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) { .isTokenRevocationWithIDPSessionTerminationEnabled()); dto.setTokenBindingValidationEnabled(appDO.isTokenBindingValidationEnabled()); dto.setTokenEndpointAuthMethod(appDO.getTokenEndpointAuthMethod()); - dto.setTokenEndpointAllowReusePvtKeyJwt(appDO.isTokenEndpointAllowReusePvtKeyJwt()); dto.setTokenEndpointAuthSignatureAlgorithm(appDO.getTokenEndpointAuthSignatureAlgorithm()); dto.setSectorIdentifierURI(appDO.getSectorIdentifierURI()); dto.setIdTokenSignatureAlgorithm(appDO.getIdTokenSignatureAlgorithm()); @@ -1210,73 +1197,4 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate authenticatedUser.setFederatedIdPName(orgSsoIdp.getIdentityProviderName()); } } - - /** - * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. - * - * @param tokenEPAllowReusePvtKeyJwtValue Value of the tokenEPAllowReusePvtKeyJwt configuration. - * @param tokenAuthMethod Token authentication method. - * @return Value of the tokenEPAllowReusePvtKeyJwt configuration. - * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. - */ - public static String getValueOfTokenEPAllowReusePvtKeyJwt(String tokenEPAllowReusePvtKeyJwtValue, - String tokenAuthMethod) - throws IdentityOAuth2ServerException { - - if (tokenEPAllowReusePvtKeyJwtValue == null && StringUtils.isNotBlank(tokenAuthMethod) - && OAuthConstants.PRIVATE_KEY_JWT.equals(tokenAuthMethod)) { - try { - tokenEPAllowReusePvtKeyJwtValue = readTenantConfigurationPvtKeyJWTReuse(); - } catch (ConfigurationManagementException e) { - throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", - e); - } - if (tokenEPAllowReusePvtKeyJwtValue == null) { - tokenEPAllowReusePvtKeyJwtValue = readServerConfigurationPvtKeyJWTReuse(); - if (tokenEPAllowReusePvtKeyJwtValue == null) { - tokenEPAllowReusePvtKeyJwtValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); - } - } - } - return tokenEPAllowReusePvtKeyJwtValue; - } - - private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { - - String tokenEPAllowReusePvtKeyJwtTenantConfig = null; - Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() - .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); - - if (resource != null) { - tokenEPAllowReusePvtKeyJwtTenantConfig = resource.getAttributes().stream() - .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) - .map(Attribute::getValue) - .findFirst() - .orElse(null); - } - return tokenEPAllowReusePvtKeyJwtTenantConfig; - } - - private static String readServerConfigurationPvtKeyJWTReuse() { - - String tokenEPAllowReusePvtKeyJwtTenantConfig = null; - IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( - AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); - - if (identityEventListenerConfig != null - && Boolean.parseBoolean(identityEventListenerConfig.getEnable())) { - if (identityEventListenerConfig.getProperties() != null) { - for (Map.Entry property : identityEventListenerConfig.getProperties().entrySet()) { - String key = (String) property.getKey(); - String value = (String) property.getValue(); - if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { - boolean preventTokenReuse = Boolean.parseBoolean(value); - tokenEPAllowReusePvtKeyJwtTenantConfig = String.valueOf(!preventTokenReuse); - break; - } - } - } - } - return tokenEPAllowReusePvtKeyJwtTenantConfig; - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java old mode 100755 new mode 100644 index dfb0bc88f2..0608a7a8c9 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -47,7 +47,6 @@ import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor; import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; -import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -103,7 +102,6 @@ import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE_NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_VALIDATION; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE; @@ -984,10 +982,6 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO, TOKEN_AUTH_METHOD, oauthAppDO.getTokenEndpointAuthMethod(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); - addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, - TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, String.valueOf(oauthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), - prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); - addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM, oauthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); @@ -1642,12 +1636,6 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); - if (consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) { - addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, - TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, - String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); - } - addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1744,8 +1732,7 @@ private Map> getSpOIDCProperties(Connection connection, return spOIDCProperties; } - private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) - throws IdentityOAuth2ServerException { + private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) { // Handle OIDC audience values if (isOIDCAudienceEnabled() && @@ -1808,11 +1795,6 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } - String tokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt( - getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); - if (tokenEPAllowReusePvtKeyJwt != null) { - oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJwt)); - } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { oauthApp.setTokenEndpointAuthSignatureAlgorithm(tokenSignatureAlgorithm); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java index 50a1f48db4..b48b74bae7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java @@ -81,7 +81,6 @@ public class OAuthAppDO extends InboundConfigurationProtocol implements Serializ private boolean tokenRevocationWithIDPSessionTerminationEnabled; private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -384,16 +383,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java index fba94088c1..f93e9acc4f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java @@ -67,7 +67,6 @@ public class OAuthConsumerAppDTO implements InboundProtocolConfigurationDTO { private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; private String tokenEndpointAuthSignatureAlgorithm; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; private String requestObjectSignatureAlgorithm; @@ -385,16 +384,6 @@ public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSigna this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getSectorIdentifierURI() { return sectorIdentifierURI; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 419c09ac80..5a91f8a515 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -22,7 +22,6 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; -import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; @@ -81,7 +80,6 @@ public class OAuthComponentServiceHolder { private AuthorizedAPIManagementService authorizedAPIManagementService; private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; - private ConfigurationManager configurationManager; /** * Get the list of scope validator implementations available. @@ -513,24 +511,4 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } - - /** - * Get the ConfigurationManager instance. - * - * @return ConfigurationManager The ConfigurationManager instance. - */ - public ConfigurationManager getConfigurationManager() { - - return configurationManager; - } - - /** - * Set the ConfigurationManager instance. - * - * @param configurationManager ConfigurationManager The ConfigurationManager instance. - */ - public void setConfigurationManager(ConfigurationManager configurationManager) { - - this.configurationManager = configurationManager; - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index c0981a6a1c..a253d8836d 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -30,7 +30,6 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler; -import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; @@ -522,38 +521,4 @@ protected void unsetOrganizationUserSharingService(OrganizationUserSharingServic } OAuthComponentServiceHolder.getInstance().setOrganizationUserSharingService(null); } - - /** - * Set the ConfigurationManager. - * - * @param configurationManager The {@code ConfigurationManager} instance. - */ - @Reference( - name = "resource.configuration.manager", - service = ConfigurationManager.class, - cardinality = ReferenceCardinality.MANDATORY, - policy = ReferencePolicy.DYNAMIC, - unbind = "unregisterConfigurationManager" - ) - protected void registerConfigurationManager(ConfigurationManager configurationManager) { - - if (log.isDebugEnabled()) { - log.debug("Registering the ConfigurationManager in JWT Client Authenticator ManagementService."); - } - OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); - } - - - /** - * Unset the ConfigurationManager. - * - * @param configurationManager The {@code ConfigurationManager} instance. - */ - protected void unregisterConfigurationManager(ConfigurationManager configurationManager) { - - if (log.isDebugEnabled()) { - log.debug("Unregistering the ConfigurationManager in JWT Client Authenticator ManagementService."); - } - OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java old mode 100755 new mode 100644 index 643bad39f0..d295a00267 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -850,34 +850,6 @@ private void testValidateTokenAuthenticationWithInvalidAuthentication() throws E } } - @DataProvider(name = "getTokenAuthMethodAndTokenReuseConfigData") - public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { - - return new Object[][]{ - // Client auth method, Expected result. - {"private_key_jwt", null, true}, - {null, true, true}, - {"", true, true}, - {" ", true, true}, - {"dummy_method", true, true}, - {"private_key_jwt", true, false}, - {null, null, false}, - {"dummy_method", null, false}}; - } - - @Test(description = "Test invalid reuse token config & client auth method combination.", - dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") - private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, - Boolean tokenEndpointAllowReusePvtKeyJwt, - boolean expectedResult) throws Exception { - - OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); - - Assert.assertEquals(invokePrivateMethod(oAuthAdminService, - "isInvalidTokenEPReusePvtKeyJwtRequest", new Class[]{String.class, Boolean.class}, - tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt), expectedResult); - } - @Test(description = "Test validating signature algorithm") private void testValidateSignatureAlgorithm() throws Exception { @@ -1087,12 +1059,4 @@ private Object invokePrivateMethod(Object object, String methodName, Object... p method.setAccessible(true); return method.invoke(object, params); } - - private Object invokePrivateMethod(Object object, String methodName, Class[] paramTypes, Object... params) - throws Exception { - - Method method = object.getClass().getDeclaredMethod(methodName, paramTypes); - method.setAccessible(true); - return method.invoke(object, params); - } } From 70d3befa0e10c0f1208582d9f80ab87361e8c811 Mon Sep 17 00:00:00 2001 From: Amanda Ariyaratne Date: Tue, 2 Jul 2024 22:14:53 +0530 Subject: [PATCH 21/90] bump framework version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 93aaedf6c6..8be828aa77 100644 --- a/pom.xml +++ b/pom.xml @@ -904,7 +904,7 @@ [1.0.1, 2.0.0) - 7.2.37 + 7.3.22 [5.25.234, 8.0.0) From f90387914f897784cb63752616476e0562325e7d Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 2 Jul 2024 20:55:18 +0000 Subject: [PATCH 22/90] [WSO2 Release] [Jenkins #4948] [Release 7.0.108] prepare release v7.0.108 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 1aca5529fb..e6dacec880 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108-SNAPSHOT + 7.0.108 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.108-SNAPSHOT + 7.0.108 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index b10158a5a6..237063f2ac 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108-SNAPSHOT + 7.0.108 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.108-SNAPSHOT + 7.0.108 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 5a3554cfdc..8d5b7a0023 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108-SNAPSHOT + 7.0.108 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 3494caf96a..57c48d26d7 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 64ccdba104..013c00c2e4 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.108-SNAPSHOT + 7.0.108 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 9f446969a3..8c6ef24c35 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 40b37841d8..636a67e063 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 9e45f79487..08a686b3bd 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 32d08248b3..835496d560 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 71920aead7..2044594693 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 7c6e8c2144..4c6bda440f 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.108-SNAPSHOT + 7.0.108 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 4b83e1a054..b7a20139ac 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 87e764f3de..1ada837698 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 034cdab595..282757bd84 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 95d1243df3..f90ae2f243 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index c46d9d5c74..163be5d3b9 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index f14b53c042..1d942e42cf 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 851596a2c9..e3c868632c 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 0935432cae..a3bbe6c1b5 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index f1a44dbd09..952d0ec3f7 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index f7c33c8c57..e327d1c136 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 6f0ca24dd9..20604e2aff 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 76b612e3d2..b8c530f6ff 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 0d66e639b2..cd9750f050 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 diff --git a/pom.xml b/pom.xml index 2f1945fac8..765856ef08 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108-SNAPSHOT + 7.0.108 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.108 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 223e4d3b72..e534c4ebd7 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108-SNAPSHOT + 7.0.108 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 0dfe6113f9..3b6121b3e8 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108-SNAPSHOT + 7.0.108 4.0.0 From 1253c172f6ccaa474d04980c59e45dbfb77c89a6 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 2 Jul 2024 20:55:20 +0000 Subject: [PATCH 23/90] [WSO2 Release] [Jenkins #4948] [Release 7.0.108] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index e6dacec880..282d0b8267 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108 + 7.0.109-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.108 + 7.0.109-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 237063f2ac..44d44c43c0 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108 + 7.0.109-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.108 + 7.0.109-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 8d5b7a0023..c2df0fe256 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108 + 7.0.109-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 57c48d26d7..cf1df7e56e 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 013c00c2e4..96763496f6 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.108 + 7.0.109-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 8c6ef24c35..af2f691811 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 636a67e063..5a37e9bac1 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 08a686b3bd..94e0510913 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 835496d560..73b08d95c5 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 2044594693..900e14579c 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 4c6bda440f..32f7ba95a0 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.108 + 7.0.109-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index b7a20139ac..0b75f4ceb9 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 1ada837698..5367e9b38e 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 282757bd84..0f9d720b98 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index f90ae2f243..183c28bc13 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 163be5d3b9..9a0c04b5bf 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 1d942e42cf..a7b0fde03f 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index e3c868632c..481c283447 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index a3bbe6c1b5..eedae60104 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 952d0ec3f7..fc25ed2955 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index e327d1c136..45f5183546 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 20604e2aff..3fee8e9e84 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index b8c530f6ff..2b8b1e6d4b 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index cd9750f050..e9c12e50ec 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 765856ef08..f12bb9828a 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108 + 7.0.109-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.108 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index e534c4ebd7..426e4a3e4f 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.108 + 7.0.109-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 3b6121b3e8..abc2fee6f2 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.108 + 7.0.109-SNAPSHOT 4.0.0 From 84d4f64e84e96a00a00a576fffa5cc6e51a66f3e Mon Sep 17 00:00:00 2001 From: Hasini Samarathunga Date: Wed, 3 Jul 2024 22:10:11 +0530 Subject: [PATCH 24/90] Added review suggestions --- .../oauth/endpoint/token/OAuth2TokenEndpointTest.java | 5 +++-- .../org/wso2/carbon/identity/oauth2/util/AuthzUtil.java | 9 ++++----- .../oauth2/validators/DefaultOAuth2ScopeValidator.java | 7 ++----- .../impl/RoleBasedScopeValidationHandler.java | 7 +++---- .../wso2/carbon/identity/oauth2/OAuth2ServiceTest.java | 7 ++++--- 5 files changed, 16 insertions(+), 19 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java index eb0fbb681b..e2833a9ce9 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java +++ b/components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpointTest.java @@ -1,7 +1,7 @@ /* - * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2017-2024, WSO2 LLC. (http://www.wso2.com). * - * WSO2 Inc. licenses this file to you under the Apache License, + * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at @@ -15,6 +15,7 @@ * specific language governing permissions and limitations * under the License. */ + package org.wso2.carbon.identity.oauth.endpoint.token; import org.apache.axiom.util.base64.Base64Utils; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java index 7531a93bb5..5811e251c0 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023-2024, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -30,7 +30,6 @@ import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.ClaimMapping; import org.wso2.carbon.identity.application.common.model.Scope; -import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; @@ -209,10 +208,10 @@ public static String getUserIdOfAssociatedUser(AuthenticatedUser authenticatedUs try { Optional optionalOrganizationUserId = OrganizationSharedUserUtil .getUserIdOfAssociatedUserByOrgId(associatedUserId, authenticatedUser.getAccessingOrganization()); - return optionalOrganizationUserId.orElseThrow(() -> new IdentityOAuth2ClientException( - OAuth2ErrorCodes.ACCESS_DENIED, "User is not allowed to access the organization")); + return optionalOrganizationUserId.orElseThrow(() -> + new IdentityOAuth2ClientException("User is not allowed to access the organization")); } catch (OrganizationManagementException e) { - throw new IdentityOAuth2Exception("Error while resolving shared user ID", e); + throw new IdentityOAuth2Exception("Error while resolving shared user ID" , e); } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java index d1f683933c..1025c723f3 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java @@ -33,7 +33,6 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; -import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; @@ -208,11 +207,9 @@ private List getAuthorizedScopes(List requestedScopes, Authentic try { validatedScopes = scopeValidationHandler.validateScopes(requestedScopes, authorizedScopes.getScopes(), scopeValidationContext); + } catch (ScopeValidationHandlerClientException e) { + throw new IdentityOAuth2ClientException(e.getMessage(), e); } catch (ScopeValidationHandlerException e) { - if (e instanceof ScopeValidationHandlerClientException) { - throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.ACCESS_DENIED, - "User is not allowed to access the organization", e); - } throw new IdentityOAuth2Exception("Error while validating policies roles from " + "authorization service.", e); } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java index bfd4d42feb..499d441f1f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/validationhandler/impl/RoleBasedScopeValidationHandler.java @@ -102,11 +102,10 @@ public List validateScopes(List requestedScopes, List ap .collect(Collectors.toList()); return requestedScopes.stream().filter(filteredScopes::contains).collect(Collectors.toList()); } catch (IdentityOAuth2ClientException e) { - throw new ScopeValidationHandlerClientException("Error while validating scope with RBAC Scope " + - "Validation handler", e); + throw new ScopeValidationHandlerClientException(e.getMessage(), e); } catch (IdentityOAuth2Exception | IdentityRoleManagementException e) { - throw new ScopeValidationHandlerException("Error while validating scope with RBAC Scope Validation " + - "handler", e); + throw new ScopeValidationHandlerException("Error while validation scope with RBAC Scope Validation " + + "handler", e); } } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java index 3a7b0e9eec..d34109de07 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/OAuth2ServiceTest.java @@ -1,7 +1,7 @@ /* - * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2017-2024, WSO2 LLC. (http://www.wso2.com). * - * WSO2 Inc. licenses this file to you under the Apache License, + * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at @@ -11,10 +11,11 @@ * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the + * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ + package org.wso2.carbon.identity.oauth2; import org.apache.oltu.oauth2.common.message.types.GrantType; From 25651c44431f11069c98e428f5dfecbd1fc988be Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 4 Jul 2024 07:13:00 +0000 Subject: [PATCH 25/90] [WSO2 Release] [Jenkins #4950] [Release 7.0.109] prepare release v7.0.109 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 282d0b8267..5948e5ed7d 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109-SNAPSHOT + 7.0.109 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.109-SNAPSHOT + 7.0.109 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 44d44c43c0..a5dd5ca2fd 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109-SNAPSHOT + 7.0.109 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.109-SNAPSHOT + 7.0.109 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index c2df0fe256..8c073945a2 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109-SNAPSHOT + 7.0.109 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index cf1df7e56e..9bccbc6b30 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 96763496f6..e06eaf5ce0 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.109-SNAPSHOT + 7.0.109 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index af2f691811..38720b119c 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 5a37e9bac1..702ea8282b 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 94e0510913..cf2a131958 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 73b08d95c5..b7c86f6d61 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 900e14579c..308ed33dbc 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 32f7ba95a0..683c077887 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.109-SNAPSHOT + 7.0.109 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 0b75f4ceb9..990e069eb8 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 5367e9b38e..f48c2b6675 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 0f9d720b98..e58fc9fccd 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 183c28bc13..d802b75450 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 9a0c04b5bf..8875880b45 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index a7b0fde03f..4804c6d54d 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 481c283447..fd4588342a 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index eedae60104..d642fab426 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index fc25ed2955..e0dec65d91 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 45f5183546..bdeae2b989 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 3fee8e9e84..d7223d0de3 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 2b8b1e6d4b..91b0ede401 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index e9c12e50ec..84a0834ed0 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 diff --git a/pom.xml b/pom.xml index f12bb9828a..f6bb1b8989 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109-SNAPSHOT + 7.0.109 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.109 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 426e4a3e4f..27977a587d 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109-SNAPSHOT + 7.0.109 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index abc2fee6f2..3d168c59ba 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109-SNAPSHOT + 7.0.109 4.0.0 From d329fcb6846133d4497b1a12060439937dd0d961 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 4 Jul 2024 07:13:03 +0000 Subject: [PATCH 26/90] [WSO2 Release] [Jenkins #4950] [Release 7.0.109] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 5948e5ed7d..69cc4f0a17 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109 + 7.0.110-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.109 + 7.0.110-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index a5dd5ca2fd..cf0f5ec5d1 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109 + 7.0.110-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.109 + 7.0.110-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 8c073945a2..84c8d21930 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109 + 7.0.110-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 9bccbc6b30..d14850920a 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index e06eaf5ce0..37e31936a3 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.109 + 7.0.110-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 38720b119c..bec7e1070a 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 702ea8282b..110aead214 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index cf2a131958..4f19f30ea4 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index b7c86f6d61..a2abca4e37 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 308ed33dbc..3338dc19b2 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 683c077887..d81655a108 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.109 + 7.0.110-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 990e069eb8..34acb820a1 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index f48c2b6675..fdc016f19d 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index e58fc9fccd..b74b1f90fc 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index d802b75450..3d62e05f07 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 8875880b45..f5366e9538 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 4804c6d54d..75c08369c4 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index fd4588342a..405808a6f2 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index d642fab426..2e13aac76a 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index e0dec65d91..392eab61c5 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index bdeae2b989..5072aa9d40 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index d7223d0de3..be3e12be3f 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 91b0ede401..831a307d3e 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 84a0834ed0..6b4d86fb38 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index f6bb1b8989..70e63febf9 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109 + 7.0.110-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.109 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 27977a587d..a9ace60a47 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.109 + 7.0.110-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 3d168c59ba..478ff7d16a 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.109 + 7.0.110-SNAPSHOT 4.0.0 From 75a1ef5d6bd076b0b95eb76d9c84114da58d626d Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 5 Jul 2024 11:53:11 +0000 Subject: [PATCH 27/90] [WSO2 Release] [Jenkins #4952] [Release 7.0.110] prepare release v7.0.110 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 69cc4f0a17..33e24d0c5a 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110-SNAPSHOT + 7.0.110 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.110-SNAPSHOT + 7.0.110 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index cf0f5ec5d1..301a3feceb 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110-SNAPSHOT + 7.0.110 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.110-SNAPSHOT + 7.0.110 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 84c8d21930..8b1014a7fc 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110-SNAPSHOT + 7.0.110 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index d14850920a..cfaa3c320b 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 37e31936a3..1dd49a757a 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.110-SNAPSHOT + 7.0.110 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index bec7e1070a..bc60fb7739 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 110aead214..06691e3338 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 4f19f30ea4..90617ad25e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index a2abca4e37..2cef5583aa 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 3338dc19b2..6cfd1201f1 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index d81655a108..b26a7cf2b9 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.110-SNAPSHOT + 7.0.110 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 34acb820a1..778b679e4b 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index fdc016f19d..c2113f06f6 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index b74b1f90fc..7f6dffd016 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 3d62e05f07..2cb86fad5e 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index f5366e9538..698634874f 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 75c08369c4..e0dba635d4 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 405808a6f2..cb53904ad0 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 2e13aac76a..42da75226d 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 392eab61c5..2e4782ab11 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 5072aa9d40..e5ee4ca082 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index be3e12be3f..7c44fde52c 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 831a307d3e..1b04d4dc13 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 6b4d86fb38..a67dacd4b6 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 diff --git a/pom.xml b/pom.xml index 2055d91646..b81f4cf686 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110-SNAPSHOT + 7.0.110 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.110 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index a9ace60a47..c97b2fcc17 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110-SNAPSHOT + 7.0.110 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 478ff7d16a..ff288d54f2 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110-SNAPSHOT + 7.0.110 4.0.0 From 2da66f56d12e665a0af0a3580065983e39d8ce6b Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 5 Jul 2024 11:53:14 +0000 Subject: [PATCH 28/90] [WSO2 Release] [Jenkins #4952] [Release 7.0.110] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 33e24d0c5a..11182fcca4 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110 + 7.0.111-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.110 + 7.0.111-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 301a3feceb..d4db187c5e 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110 + 7.0.111-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.110 + 7.0.111-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 8b1014a7fc..a87342aec8 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110 + 7.0.111-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index cfaa3c320b..f4de63a8fd 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 1dd49a757a..c08f60defe 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.110 + 7.0.111-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index bc60fb7739..a29a8d4fe0 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 06691e3338..371063ce5f 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 90617ad25e..4c4bf40871 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 2cef5583aa..8b5f5121d9 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 6cfd1201f1..23a024cef2 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index b26a7cf2b9..16ef0c28f0 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.110 + 7.0.111-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 778b679e4b..9282159b1e 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index c2113f06f6..8eb1c885b4 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 7f6dffd016..eb551cb3e7 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 2cb86fad5e..73d2fdaadb 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 698634874f..5f3215fe33 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index e0dba635d4..c49e678e78 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index cb53904ad0..b931e7a0de 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 42da75226d..b6a11025fe 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 2e4782ab11..06e0c4e120 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index e5ee4ca082..cf1372f6c6 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 7c44fde52c..c81413b123 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 1b04d4dc13..2267f4c6e2 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index a67dacd4b6..3c9104c47d 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index b81f4cf686..74e8a555e1 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110 + 7.0.111-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.110 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index c97b2fcc17..dc97679727 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.110 + 7.0.111-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index ff288d54f2..dbafbba264 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.110 + 7.0.111-SNAPSHOT 4.0.0 From 0b77177103a9447146557a2abf54cb19a6862bf5 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 8 Jul 2024 11:06:01 +0000 Subject: [PATCH 29/90] [WSO2 Release] [Jenkins #4954] [Release 7.0.111] prepare release v7.0.111 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 11182fcca4..370c941663 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111-SNAPSHOT + 7.0.111 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.111-SNAPSHOT + 7.0.111 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index d4db187c5e..52e486b81f 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111-SNAPSHOT + 7.0.111 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.111-SNAPSHOT + 7.0.111 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index a87342aec8..93ecd585cc 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111-SNAPSHOT + 7.0.111 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index f4de63a8fd..025bad75ca 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index c08f60defe..92640a53c0 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.111-SNAPSHOT + 7.0.111 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index a29a8d4fe0..847c554f0e 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 371063ce5f..794a7312d7 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 4c4bf40871..5aa46eb3de 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 8b5f5121d9..f25ee1775e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 23a024cef2..627db15dad 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 16ef0c28f0..48e4d8f712 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.111-SNAPSHOT + 7.0.111 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 9282159b1e..a8dfc715d7 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 8eb1c885b4..426eef75ce 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index eb551cb3e7..a7c1284e68 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 73d2fdaadb..9a6b251747 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 5f3215fe33..782a61a9e0 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index c49e678e78..e8bb16679d 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index b931e7a0de..306555616e 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index b6a11025fe..6c02cae21c 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 06e0c4e120..c79aebf239 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index cf1372f6c6..597abcfd12 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index c81413b123..026c818e8d 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 2267f4c6e2..21c03bd4d8 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 3c9104c47d..56b4dc17a3 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 diff --git a/pom.xml b/pom.xml index 74e8a555e1..eba3015012 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111-SNAPSHOT + 7.0.111 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.111 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index dc97679727..4f7a656790 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111-SNAPSHOT + 7.0.111 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index dbafbba264..74d00dec0e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111-SNAPSHOT + 7.0.111 4.0.0 From c7a50ed30ef59bd5f498871262954a126831b457 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 8 Jul 2024 11:06:04 +0000 Subject: [PATCH 30/90] [WSO2 Release] [Jenkins #4954] [Release 7.0.111] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 370c941663..e54bec7ce9 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111 + 7.0.112-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.111 + 7.0.112-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 52e486b81f..4c00f0c2cd 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111 + 7.0.112-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.111 + 7.0.112-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 93ecd585cc..cf56f8d2a0 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111 + 7.0.112-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 025bad75ca..d230a73f5d 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 92640a53c0..f84c6bfa8c 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.111 + 7.0.112-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 847c554f0e..3f3f910d83 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 794a7312d7..9dc33ddfd3 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 5aa46eb3de..fe331e8cae 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index f25ee1775e..88a647a472 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 627db15dad..4996f90012 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 48e4d8f712..cdad0b7c25 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.111 + 7.0.112-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index a8dfc715d7..dd81e2c372 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 426eef75ce..0ab7cff9b5 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index a7c1284e68..fc483a180c 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 9a6b251747..e831fd521e 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 782a61a9e0..ebe7edd51a 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index e8bb16679d..f7f491a71e 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 306555616e..75075b2fde 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 6c02cae21c..429767e687 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index c79aebf239..9e3b1bf56e 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 597abcfd12..8c66c8588c 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 026c818e8d..c63350880a 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 21c03bd4d8..54c5d30971 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 56b4dc17a3..5507561b25 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index eba3015012..54499b9397 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111 + 7.0.112-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.111 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 4f7a656790..836d87d677 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.111 + 7.0.112-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 74d00dec0e..0215ce6f9e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.111 + 7.0.112-SNAPSHOT 4.0.0 From 8783b71f23fdf39961cf318d5e1e47785c250934 Mon Sep 17 00:00:00 2001 From: ZiyamSanthosh Date: Mon, 8 Jul 2024 18:01:54 +0530 Subject: [PATCH 31/90] Add validation while retrieving claimsets from encrypted JWT tokens --- .../wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java index b0ff6a1ba1..794318c6d4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java @@ -244,8 +244,12 @@ public String getAccessTokenHash(String accessToken) throws OAuthSystemException try { JWT parsedJwtToken = JWTParser.parse(accessToken); + // JWT ClaimsSet can be null if the ID token is encrypted. + if (parsedJwtToken.getJWTClaimsSet() == null) { + throw new OAuthSystemException("JWT claims set is null in the JWT token."); + } String jwtId = parsedJwtToken.getJWTClaimsSet().getJWTID(); - if (jwtId == null) { + if (StringUtils.isBlank(jwtId)) { throw new OAuthSystemException("JTI could not be retrieved from the JWT token."); } return jwtId; From 25375acfa42675a8c77b15ad6b055c72137675b4 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 8 Jul 2024 15:33:43 +0000 Subject: [PATCH 32/90] [WSO2 Release] [Jenkins #4956] [Release 7.0.112] prepare release v7.0.112 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index e54bec7ce9..2295cf13c8 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112-SNAPSHOT + 7.0.112 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.112-SNAPSHOT + 7.0.112 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 4c00f0c2cd..89bc7b4d4e 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112-SNAPSHOT + 7.0.112 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.112-SNAPSHOT + 7.0.112 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index cf56f8d2a0..c57eff28eb 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112-SNAPSHOT + 7.0.112 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index d230a73f5d..84e0644fe3 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index f84c6bfa8c..fe3cf58ac0 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.112-SNAPSHOT + 7.0.112 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 3f3f910d83..ccd0dcc94f 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 9dc33ddfd3..be8bdec821 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index fe331e8cae..82765ac2cc 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 88a647a472..4ab97d9a20 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 4996f90012..b08df8c155 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index cdad0b7c25..c7f3c8217a 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.112-SNAPSHOT + 7.0.112 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index dd81e2c372..504daa4ad0 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 0ab7cff9b5..dc11461362 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index fc483a180c..eb718c7249 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index e831fd521e..cfca080ec8 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index ebe7edd51a..7373ada3b9 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index f7f491a71e..dd1d44e64f 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 75075b2fde..dbd3a93c5e 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 429767e687..b7fbd50c99 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 9e3b1bf56e..ef2004b7f5 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 8c66c8588c..d1aa1ddb53 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index c63350880a..b00e7bc417 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 54c5d30971..80ae3fcdad 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 5507561b25..5f7fa0093b 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 diff --git a/pom.xml b/pom.xml index 54499b9397..8c3460eafc 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112-SNAPSHOT + 7.0.112 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.112 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 836d87d677..33768212f0 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112-SNAPSHOT + 7.0.112 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 0215ce6f9e..2b36809b04 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112-SNAPSHOT + 7.0.112 4.0.0 From 17d66f4f71d9a7e089f535c551c95ddfdf4c4a0e Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 8 Jul 2024 15:33:45 +0000 Subject: [PATCH 33/90] [WSO2 Release] [Jenkins #4956] [Release 7.0.112] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 2295cf13c8..655a3ba528 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112 + 7.0.113-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.112 + 7.0.113-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 89bc7b4d4e..9f7fca05fc 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112 + 7.0.113-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.112 + 7.0.113-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index c57eff28eb..590a0f58d8 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112 + 7.0.113-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 84e0644fe3..c7de4985b7 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index fe3cf58ac0..1743c0b5ce 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.112 + 7.0.113-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index ccd0dcc94f..379a477630 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index be8bdec821..0dac429252 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 82765ac2cc..e5bf4e24d8 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 4ab97d9a20..3b50569d61 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index b08df8c155..ea7991bcae 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index c7f3c8217a..19f366d092 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.112 + 7.0.113-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 504daa4ad0..63ffc91083 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index dc11461362..60811b37aa 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index eb718c7249..60b69413fa 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index cfca080ec8..b3602064c6 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 7373ada3b9..f13fc54f32 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index dd1d44e64f..7c78756f27 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index dbd3a93c5e..6658585bf1 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index b7fbd50c99..b4a56b553f 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index ef2004b7f5..aadec88c1e 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index d1aa1ddb53..3d5f7334d9 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index b00e7bc417..300b6cac2e 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 80ae3fcdad..7e8e1f0901 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 5f7fa0093b..fd1144ea80 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 8c3460eafc..4dc522c571 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112 + 7.0.113-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.112 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 33768212f0..0a2c713e9f 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.112 + 7.0.113-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 2b36809b04..0bd6f06d4f 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.112 + 7.0.113-SNAPSHOT 4.0.0 From 7382d78d782a4b757f029e3dbd0e71f4e6914ec6 Mon Sep 17 00:00:00 2001 From: sadilchamishka Date: Tue, 9 Jul 2024 01:45:04 +0530 Subject: [PATCH 34/90] Skip token binding validation for the request binding type --- .../java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java index 6021417057..5c2dfde1c0 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java @@ -4738,7 +4738,8 @@ private static boolean hasScopesAlreadyAdded(int tenantId) throws IdentityOAuth2 public static boolean isValidTokenBinding(TokenBinding tokenBinding, HttpServletRequest request) { if (request == null || tokenBinding == null || StringUtils.isBlank(tokenBinding.getBindingReference()) - || StringUtils.isBlank(tokenBinding.getBindingType())) { + || StringUtils.isBlank(tokenBinding.getBindingType()) + || OAuthConstants.REQUEST_BINDING_TYPE.equals(tokenBinding.getBindingType())) { return true; } From 268664ab87aa6bced0675e43fc1b5fcf6b1aedae Mon Sep 17 00:00:00 2001 From: sadilchamishka Date: Tue, 9 Jul 2024 07:52:53 +0530 Subject: [PATCH 35/90] code refactoring --- .../org/wso2/carbon/identity/oauth2/util/OAuth2Util.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java index 5c2dfde1c0..4cf61afb47 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java @@ -4738,8 +4738,13 @@ private static boolean hasScopesAlreadyAdded(int tenantId) throws IdentityOAuth2 public static boolean isValidTokenBinding(TokenBinding tokenBinding, HttpServletRequest request) { if (request == null || tokenBinding == null || StringUtils.isBlank(tokenBinding.getBindingReference()) - || StringUtils.isBlank(tokenBinding.getBindingType()) - || OAuthConstants.REQUEST_BINDING_TYPE.equals(tokenBinding.getBindingType())) { + || StringUtils.isBlank(tokenBinding.getBindingType())) { + return true; + } + + /* The request token binding type can't be validated, as it is an auto generated UUID to issue unique JWT tokens + by avoiding revocation of already issued JWT tokens. */ + if (OAuthConstants.REQUEST_BINDING_TYPE.equals(tokenBinding.getBindingType())) { return true; } From d0f36fa03a18bd2e6dc7f642882cddff6f996f6a Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 9 Jul 2024 06:25:56 +0000 Subject: [PATCH 36/90] [WSO2 Release] [Jenkins #4958] [Release 7.0.113] prepare release v7.0.113 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 655a3ba528..36f3617f43 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113-SNAPSHOT + 7.0.113 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.113-SNAPSHOT + 7.0.113 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 9f7fca05fc..42e44ee830 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113-SNAPSHOT + 7.0.113 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.113-SNAPSHOT + 7.0.113 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 590a0f58d8..a90644197d 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113-SNAPSHOT + 7.0.113 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index c7de4985b7..623061fe74 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 1743c0b5ce..55efdf62ca 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.113-SNAPSHOT + 7.0.113 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 379a477630..7cd9cc221a 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 0dac429252..111a247859 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index e5bf4e24d8..b30b5c9220 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 3b50569d61..1ebf376054 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index ea7991bcae..a736ac8014 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 19f366d092..1c4218641e 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.113-SNAPSHOT + 7.0.113 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 63ffc91083..fe4f43f7be 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 60811b37aa..82046b669a 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 60b69413fa..c05ecdc36d 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index b3602064c6..e59cfd34a0 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index f13fc54f32..238cc14ff4 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 7c78756f27..101ec8ab71 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 6658585bf1..87fefbbe98 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index b4a56b553f..f16167c551 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index aadec88c1e..fa375bda96 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 3d5f7334d9..8b711181e9 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 300b6cac2e..7fcdd3f341 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 7e8e1f0901..4e3d91a692 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index fd1144ea80..1bc614614d 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 diff --git a/pom.xml b/pom.xml index 4dc522c571..92ef7a8788 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113-SNAPSHOT + 7.0.113 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.113 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 0a2c713e9f..233b8289d4 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113-SNAPSHOT + 7.0.113 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 0bd6f06d4f..a3b82c1ed6 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113-SNAPSHOT + 7.0.113 4.0.0 From 957314f1b9c873c1799cbf4e35a3138256a4ab8d Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 9 Jul 2024 06:25:58 +0000 Subject: [PATCH 37/90] [WSO2 Release] [Jenkins #4958] [Release 7.0.113] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 36f3617f43..be5a682566 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113 + 7.0.114-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.113 + 7.0.114-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 42e44ee830..fe014bc5f9 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113 + 7.0.114-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.113 + 7.0.114-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index a90644197d..0fcab8a36d 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113 + 7.0.114-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 623061fe74..590c92cd40 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 55efdf62ca..5a814ad87c 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.113 + 7.0.114-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 7cd9cc221a..366be48fe6 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 111a247859..b662966044 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index b30b5c9220..7c756d1fd7 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 1ebf376054..8c3f101602 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index a736ac8014..fecabb94ff 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 1c4218641e..52fce299be 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.113 + 7.0.114-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index fe4f43f7be..9e6e5f03e3 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 82046b669a..877c3ccdef 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index c05ecdc36d..1558126b81 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index e59cfd34a0..2ccc082712 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 238cc14ff4..876795d320 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 101ec8ab71..a1822c5b8e 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 87fefbbe98..fc45c7373d 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index f16167c551..f30a7cc9c8 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index fa375bda96..78367c7a5e 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 8b711181e9..22ebdeec37 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 7fcdd3f341..576760f322 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 4e3d91a692..82884ad3cd 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 1bc614614d..ae8dfe3f67 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 92ef7a8788..a331943b7f 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113 + 7.0.114-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.113 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 233b8289d4..747e044180 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.113 + 7.0.114-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index a3b82c1ed6..9b852afc86 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.113 + 7.0.114-SNAPSHOT 4.0.0 From c9b175e2dad2d6054dce24961f7a5ef1c3e65977 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri <47152272+mpmadhavig@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:10:41 +0530 Subject: [PATCH 38/90] Revert "Revert "Onboard app level pvtkeyjwt reuse config"" --- .../dcr/endpoint/dto/ApplicationDTO.java | 12 +++ .../endpoint/dto/RegistrationRequestDTO.java | 13 +++ .../dcr/endpoint/dto/UpdateRequestDTO.java | 13 +++ .../oauth2/dcr/endpoint/util/DCRMUtils.java | 5 ++ .../identity/oauth/common/OAuthConstants.java | 10 ++- .../identity/oauth/dcr/bean/Application.java | 11 +++ .../bean/ApplicationRegistrationRequest.java | 11 +++ .../dcr/bean/ApplicationUpdateRequest.java | 11 +++ .../oauth/dcr/service/DCRMService.java | 3 + .../src/main/resources/OAuthAdminService.wsdl | 1 + .../identity/oauth/OAuthAdminServiceImpl.java | 33 ++++++++ .../wso2/carbon/identity/oauth/OAuthUtil.java | 82 +++++++++++++++++++ .../identity/oauth/dao/OAuthAppDAO.java | 20 ++++- .../carbon/identity/oauth/dao/OAuthAppDO.java | 11 +++ .../oauth/dto/OAuthConsumerAppDTO.java | 11 +++ .../internal/OAuthComponentServiceHolder.java | 22 +++++ .../oauth/internal/OAuthServiceComponent.java | 35 ++++++++ .../oauth/OAuthAdminServiceImplTest.java | 36 ++++++++ 18 files changed, 338 insertions(+), 2 deletions(-) mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java index a66d1be779..f7d980a4e1 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java @@ -65,6 +65,7 @@ public class ApplicationDTO { private String jwksUri = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt = null; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -292,6 +293,17 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java index 92e34409e4..e42227c3b0 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java @@ -49,6 +49,7 @@ public class RegistrationRequestDTO { private String extTokenType = null; private String tokenEndpointAuthMethod = null; private String tokenEndpointAuthSigningAlg = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; private String idTokenEncryptedResponseAlg = null; @@ -332,6 +333,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java index 81471cc237..085eb32d26 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java @@ -36,6 +36,7 @@ public class UpdateRequestDTO { private boolean extPublicClient; private String extTokenType = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -241,6 +242,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") public String getTokenEndpointAuthSigningAlg() { diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java index 8e46d6c25f..23e87ffa55 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java @@ -81,6 +81,8 @@ public static ApplicationRegistrationRequest getApplicationRegistrationRequest( appRegistrationRequest.setExtTokenType(registrationRequestDTO.getExtTokenType()); appRegistrationRequest.setJwksURI(registrationRequestDTO.getJwksUri()); appRegistrationRequest.setTokenEndpointAuthMethod(registrationRequestDTO.getTokenEndpointAuthMethod()); + appRegistrationRequest.setTokenEndpointAllowReusePvtKeyJwt(registrationRequestDTO + .isTokenEndpointAllowReusePvtKeyJwt()); appRegistrationRequest.setTokenEndpointAuthSignatureAlgorithm (registrationRequestDTO.getTokenEndpointAuthSigningAlg()); appRegistrationRequest.setSectorIdentifierURI(registrationRequestDTO.getSectorIdentifierUri()); @@ -125,6 +127,8 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(UpdateRequest applicationUpdateRequest.setExtTokenType(updateRequestDTO.getExtTokenType()); applicationUpdateRequest.setJwksURI(updateRequestDTO.getJwksUri()); applicationUpdateRequest.setTokenEndpointAuthMethod(updateRequestDTO.getTokenEndpointAuthMethod()); + applicationUpdateRequest.setTokenEndpointAllowReusePvtKeyJwt( + updateRequestDTO.isTokenEndpointAllowReusePvtKeyJwt()); applicationUpdateRequest.setTokenEndpointAuthSignatureAlgorithm (updateRequestDTO.getTokenEndpointAuthSigningAlg()); applicationUpdateRequest.setSectorIdentifierURI(updateRequestDTO.getSectorIdentifierUri()); @@ -235,6 +239,7 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic applicationDTO.setExtTokenType(application.getExtTokenType()); applicationDTO.setJwksUri(application.getJwksURI()); applicationDTO.setTokenEndpointAuthMethod(application.getTokenEndpointAuthMethod()); + applicationDTO.setTokenEndpointAllowReusePvtKeyJwt(application.isTokenEndpointAllowReusePvtKeyJwt()); applicationDTO.setTokenEndpointAuthSigningAlg(application.getTokenEndpointAuthSignatureAlgorithm()); applicationDTO.setSectorIdentifierUri(application.getSectorIdentifierURI()); applicationDTO.setIdTokenSignedResponseAlg(application.getIdTokenSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 57e7feac1e..94b888cec6 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -622,6 +622,7 @@ public static class OIDCConfigProperties { public static final String TOKEN_BINDING_VALIDATION = "tokenBindingValidation"; public static final String TOKEN_BINDING_TYPE_NONE = "None"; public static final String TOKEN_AUTH_METHOD = "tokenEndpointAuthMethod"; + public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT = "tokenEndpointAllowReusePvtKeyJwt"; public static final String TOKEN_AUTH_SIGNATURE_ALGORITHM = "tokenEndpointAuthSigningAlg"; public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri"; public static final String ID_TOKEN_SIGNATURE_ALGORITHM = "idTokenSignedResponseAlg"; @@ -636,7 +637,14 @@ public static class OIDCConfigProperties { public static final String IS_SUBJECT_TOKEN_ENABLED = "isSubjectTokenEnabled"; public static final String SUBJECT_TOKEN_EXPIRY_TIME = "subjectTokenExpiryTime"; public static final int SUBJECT_TOKEN_EXPIRY_TIME_VALUE = 180; - + public static final String PREVENT_TOKEN_REUSE = "PreventTokenReuse"; + public static final boolean DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE = true; + // Name of the {@code JWTClientAuthenticatorConfig} resource type in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_TYPE_NAME = "PK_JWT_CONFIGURATION"; + // Name of the {@code JWTClientAuthenticatorConfig} resource (per tenant) in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_NAME = "TENANT_PK_JWT_CONFIGURATION"; + public static final String PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME = "PrivateKeyJWTClientAuthenticator"; + public static final String ENABLE_TOKEN_REUSE = "EnableTokenReuse"; private OIDCConfigProperties() { } diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java index bb555c1f16..7f0d3907f2 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java @@ -46,6 +46,7 @@ public class Application implements Serializable { private String extTokenType = null; private String jwksURI = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm = null; private String sectorIdentifierURI = null; private String idTokenSignatureAlgorithm = null; @@ -253,6 +254,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java index af1666e651..068fa18637 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java @@ -52,6 +52,7 @@ public class ApplicationRegistrationRequest implements Serializable { private String jwksURI; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -380,6 +381,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java index b98772d5dd..443821cd55 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java @@ -48,6 +48,7 @@ public class ApplicationUpdateRequest implements Serializable { private String jwksURI = null; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -305,6 +306,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java index 6aa00ca66a..994bd068fa 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java @@ -351,6 +351,7 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str if (updateRequest.getTokenEndpointAuthMethod() != null) { appDTO.setTokenEndpointAuthMethod(updateRequest.getTokenEndpointAuthMethod()); } + appDTO.setTokenEndpointAllowReusePvtKeyJwt(updateRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (updateRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { appDTO.setTokenEndpointAuthSignatureAlgorithm (updateRequest.getTokenEndpointAuthSignatureAlgorithm()); @@ -670,6 +671,7 @@ private Application buildResponse(OAuthConsumerAppDTO createdApp, String tenantD application.setExtTokenType(createdApp.getTokenType()); application.setJwksURI(createdApp.getJwksURI()); application.setTokenEndpointAuthMethod(createdApp.getTokenEndpointAuthMethod()); + application.setTokenEndpointAllowReusePvtKeyJwt(createdApp.isTokenEndpointAllowReusePvtKeyJwt()); application.setTokenEndpointAuthSignatureAlgorithm(createdApp.getTokenEndpointAuthSignatureAlgorithm()); application.setSectorIdentifierURI(createdApp.getSectorIdentifierURI()); application.setIdTokenSignatureAlgorithm(createdApp.getIdTokenSignatureAlgorithm()); @@ -764,6 +766,7 @@ private OAuthConsumerAppDTO createOAuthApp(ApplicationRegistrationRequest regist if (registrationRequest.getTokenEndpointAuthMethod() != null) { oAuthConsumerApp.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod()); } + oAuthConsumerApp.setTokenEndpointAllowReusePvtKeyJwt(registrationRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (registrationRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { oAuthConsumerApp.setTokenEndpointAuthSignatureAlgorithm (registrationRequest.getTokenEndpointAuthSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl old mode 100644 new mode 100755 index 8b9539eddc..a1b5a18871 --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -432,6 +432,7 @@ + diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java old mode 100644 new mode 100755 index 068ac62c57..3129f55459 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -107,6 +107,7 @@ import static org.wso2.carbon.identity.oauth.OAuthUtil.handleErrorWithExceptionType; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_DELETED; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.PRIVATE_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getTenantId; @@ -429,6 +430,13 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } + Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, + tokenEndpointAllowReusePvtKeyJwt)) { + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); + } + app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -855,6 +863,13 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); + Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); + } + oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); + String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -2492,6 +2507,24 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } } + /** + * Return whether the request of updating the tokenEndpointAllowReusePvtKeyJwt is valid. + * + * @param tokenEndpointAuthMethod token endpoint client authentication method. + * @param tokenEndpointAllowReusePvtKeyJwt During client authentication whether to reuse private key JWT. + * @return True if tokenEndpointAuthMethod and tokenEndpointAllowReusePvtKeyJwt is NOT in the correct format. + */ + private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMethod, + Boolean tokenEndpointAllowReusePvtKeyJwt) { + + if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { + if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { + return tokenEndpointAllowReusePvtKeyJwt == null; + } + } + return tokenEndpointAllowReusePvtKeyJwt != null; + } + /** * FAPI validation to restrict the token endpoint authentication methods. * Link - https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server (5.2.2 - 14) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java old mode 100644 new mode 100755 index 2fe5e743a0..2ca4524208 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -37,6 +37,11 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; +import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException; +import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute; +import org.wso2.carbon.identity.configuration.mgt.core.model.Resource; +import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler; +import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.OAuthCache; @@ -77,6 +82,7 @@ import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -89,6 +95,12 @@ import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CURRENT_TOKEN_IDENTIFIER; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.PRESERVE_LOGGED_IN_SESSION_AT_PASSWORD_UPDATE; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ORGANIZATION_LOGIN_HOME_REALM_IDENTIFIER; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.ENABLE_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_TYPE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.UserType.FEDERATED_USER_DOMAIN_PREFIX; @@ -536,6 +548,7 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) { .isTokenRevocationWithIDPSessionTerminationEnabled()); dto.setTokenBindingValidationEnabled(appDO.isTokenBindingValidationEnabled()); dto.setTokenEndpointAuthMethod(appDO.getTokenEndpointAuthMethod()); + dto.setTokenEndpointAllowReusePvtKeyJwt(appDO.isTokenEndpointAllowReusePvtKeyJwt()); dto.setTokenEndpointAuthSignatureAlgorithm(appDO.getTokenEndpointAuthSignatureAlgorithm()); dto.setSectorIdentifierURI(appDO.getSectorIdentifierURI()); dto.setIdTokenSignatureAlgorithm(appDO.getIdTokenSignatureAlgorithm()); @@ -1197,4 +1210,73 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate authenticatedUser.setFederatedIdPName(orgSsoIdp.getIdentityProviderName()); } } + + /** + * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. + * + * @param tokenEPAllowReusePvtKeyJwtValue Value of the tokenEPAllowReusePvtKeyJwt configuration. + * @param tokenAuthMethod Token authentication method. + * @return Value of the tokenEPAllowReusePvtKeyJwt configuration. + * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. + */ + public static String getValueOfTokenEPAllowReusePvtKeyJwt(String tokenEPAllowReusePvtKeyJwtValue, + String tokenAuthMethod) + throws IdentityOAuth2ServerException { + + if (tokenEPAllowReusePvtKeyJwtValue == null && StringUtils.isNotBlank(tokenAuthMethod) + && OAuthConstants.PRIVATE_KEY_JWT.equals(tokenAuthMethod)) { + try { + tokenEPAllowReusePvtKeyJwtValue = readTenantConfigurationPvtKeyJWTReuse(); + } catch (ConfigurationManagementException e) { + throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", + e); + } + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = readServerConfigurationPvtKeyJWTReuse(); + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); + } + } + } + return tokenEPAllowReusePvtKeyJwtValue; + } + + private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { + + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; + Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() + .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); + + if (resource != null) { + tokenEPAllowReusePvtKeyJwtTenantConfig = resource.getAttributes().stream() + .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) + .map(Attribute::getValue) + .findFirst() + .orElse(null); + } + return tokenEPAllowReusePvtKeyJwtTenantConfig; + } + + private static String readServerConfigurationPvtKeyJWTReuse() { + + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; + IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( + AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); + + if (identityEventListenerConfig != null + && Boolean.parseBoolean(identityEventListenerConfig.getEnable())) { + if (identityEventListenerConfig.getProperties() != null) { + for (Map.Entry property : identityEventListenerConfig.getProperties().entrySet()) { + String key = (String) property.getKey(); + String value = (String) property.getValue(); + if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { + boolean preventTokenReuse = Boolean.parseBoolean(value); + tokenEPAllowReusePvtKeyJwtTenantConfig = String.valueOf(!preventTokenReuse); + break; + } + } + } + } + return tokenEPAllowReusePvtKeyJwtTenantConfig; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java old mode 100644 new mode 100755 index 0608a7a8c9..dfb0bc88f2 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -47,6 +47,7 @@ import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor; import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -102,6 +103,7 @@ import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE_NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_VALIDATION; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE; @@ -982,6 +984,10 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO, TOKEN_AUTH_METHOD, oauthAppDO.getTokenEndpointAuthMethod(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, String.valueOf(oauthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), + prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM, oauthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); @@ -1636,6 +1642,12 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); + if (consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) { + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, + String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); + } + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1732,7 +1744,8 @@ private Map> getSpOIDCProperties(Connection connection, return spOIDCProperties; } - private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) { + private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) + throws IdentityOAuth2ServerException { // Handle OIDC audience values if (isOIDCAudienceEnabled() && @@ -1795,6 +1808,11 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } + String tokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt( + getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); + if (tokenEPAllowReusePvtKeyJwt != null) { + oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJwt)); + } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { oauthApp.setTokenEndpointAuthSignatureAlgorithm(tokenSignatureAlgorithm); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java index b48b74bae7..50a1f48db4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java @@ -81,6 +81,7 @@ public class OAuthAppDO extends InboundConfigurationProtocol implements Serializ private boolean tokenRevocationWithIDPSessionTerminationEnabled; private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -383,6 +384,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java index f93e9acc4f..fba94088c1 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java @@ -67,6 +67,7 @@ public class OAuthConsumerAppDTO implements InboundProtocolConfigurationDTO { private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; private String tokenEndpointAuthSignatureAlgorithm; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; private String requestObjectSignatureAlgorithm; @@ -384,6 +385,16 @@ public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSigna this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getSectorIdentifierURI() { return sectorIdentifierURI; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 5a91f8a515..419c09ac80 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -22,6 +22,7 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; @@ -80,6 +81,7 @@ public class OAuthComponentServiceHolder { private AuthorizedAPIManagementService authorizedAPIManagementService; private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; + private ConfigurationManager configurationManager; /** * Get the list of scope validator implementations available. @@ -511,4 +513,24 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } + + /** + * Get the ConfigurationManager instance. + * + * @return ConfigurationManager The ConfigurationManager instance. + */ + public ConfigurationManager getConfigurationManager() { + + return configurationManager; + } + + /** + * Set the ConfigurationManager instance. + * + * @param configurationManager ConfigurationManager The ConfigurationManager instance. + */ + public void setConfigurationManager(ConfigurationManager configurationManager) { + + this.configurationManager = configurationManager; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index a253d8836d..c0981a6a1c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -30,6 +30,7 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; @@ -521,4 +522,38 @@ protected void unsetOrganizationUserSharingService(OrganizationUserSharingServic } OAuthComponentServiceHolder.getInstance().setOrganizationUserSharingService(null); } + + /** + * Set the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + @Reference( + name = "resource.configuration.manager", + service = ConfigurationManager.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unregisterConfigurationManager" + ) + protected void registerConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Registering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); + } + + + /** + * Unset the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + protected void unregisterConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Unregistering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java old mode 100644 new mode 100755 index d295a00267..643bad39f0 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -850,6 +850,34 @@ private void testValidateTokenAuthenticationWithInvalidAuthentication() throws E } } + @DataProvider(name = "getTokenAuthMethodAndTokenReuseConfigData") + public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { + + return new Object[][]{ + // Client auth method, Expected result. + {"private_key_jwt", null, true}, + {null, true, true}, + {"", true, true}, + {" ", true, true}, + {"dummy_method", true, true}, + {"private_key_jwt", true, false}, + {null, null, false}, + {"dummy_method", null, false}}; + } + + @Test(description = "Test invalid reuse token config & client auth method combination.", + dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") + private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, + Boolean tokenEndpointAllowReusePvtKeyJwt, + boolean expectedResult) throws Exception { + + OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); + + Assert.assertEquals(invokePrivateMethod(oAuthAdminService, + "isInvalidTokenEPReusePvtKeyJwtRequest", new Class[]{String.class, Boolean.class}, + tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt), expectedResult); + } + @Test(description = "Test validating signature algorithm") private void testValidateSignatureAlgorithm() throws Exception { @@ -1059,4 +1087,12 @@ private Object invokePrivateMethod(Object object, String methodName, Object... p method.setAccessible(true); return method.invoke(object, params); } + + private Object invokePrivateMethod(Object object, String methodName, Class[] paramTypes, Object... params) + throws Exception { + + Method method = object.getClass().getDeclaredMethod(methodName, paramTypes); + method.setAccessible(true); + return method.invoke(object, params); + } } From 26906b9cbe4579e300fdfdd0ab652ca2a9083e4a Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 9 Jul 2024 16:41:01 +0000 Subject: [PATCH 39/90] [WSO2 Release] [Jenkins #4960] [Release 7.0.114] prepare release v7.0.114 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index be5a682566..234df5390e 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114-SNAPSHOT + 7.0.114 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.114-SNAPSHOT + 7.0.114 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index fe014bc5f9..f194624bec 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114-SNAPSHOT + 7.0.114 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.114-SNAPSHOT + 7.0.114 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 0fcab8a36d..1b7c87e835 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114-SNAPSHOT + 7.0.114 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 590c92cd40..bf9809887f 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 5a814ad87c..40e3b12528 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.114-SNAPSHOT + 7.0.114 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 366be48fe6..4b69759776 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index b662966044..6dad48d82d 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 7c756d1fd7..5593de408a 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 8c3f101602..a7a89e5226 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index fecabb94ff..cce23162dd 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 52fce299be..cb0a1d09e7 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.114-SNAPSHOT + 7.0.114 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 9e6e5f03e3..9e9c703dbc 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 877c3ccdef..c9c9a2b2ec 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 1558126b81..44505af15b 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 2ccc082712..66757bfb68 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 876795d320..81ae6651ea 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index a1822c5b8e..ce0b6b0931 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index fc45c7373d..0e46e7c618 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index f30a7cc9c8..7e36b14037 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 78367c7a5e..ba2bb897cf 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 22ebdeec37..9ef1c94a0c 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 576760f322..8d3a1254b5 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 82884ad3cd..636558c088 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index ae8dfe3f67..03e9ad8522 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 diff --git a/pom.xml b/pom.xml index a331943b7f..5cc676a687 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114-SNAPSHOT + 7.0.114 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.114 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 747e044180..649caa49e4 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114-SNAPSHOT + 7.0.114 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 9b852afc86..0c0d6e749e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114-SNAPSHOT + 7.0.114 4.0.0 From afec4bcf8826424d2e94971f9688d97ab1ead1de Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 9 Jul 2024 16:41:04 +0000 Subject: [PATCH 40/90] [WSO2 Release] [Jenkins #4960] [Release 7.0.114] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 234df5390e..9754790b48 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114 + 7.0.115-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.114 + 7.0.115-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index f194624bec..5e5cabe22d 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114 + 7.0.115-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.114 + 7.0.115-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 1b7c87e835..dc1f78abbf 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114 + 7.0.115-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index bf9809887f..2d684bb97a 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 40e3b12528..0d96653f3a 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.114 + 7.0.115-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 4b69759776..7a7fd19123 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 6dad48d82d..ea78e7d82a 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 5593de408a..a5156c96f4 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index a7a89e5226..15bd96740b 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index cce23162dd..c2b2b455c4 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index cb0a1d09e7..e64c693a80 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.114 + 7.0.115-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 9e9c703dbc..40f0bbc2ee 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index c9c9a2b2ec..eae23febea 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 44505af15b..837fc024b5 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 66757bfb68..cbc8b50006 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 81ae6651ea..62df91f12a 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index ce0b6b0931..a6d4e6deb9 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 0e46e7c618..634905ad1d 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 7e36b14037..6e9c03cd0b 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index ba2bb897cf..3943f44974 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 9ef1c94a0c..a3f0bacf79 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 8d3a1254b5..7b4d37851f 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 636558c088..a5dd845ed8 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 03e9ad8522..2b2936a470 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 5cc676a687..751f17a1af 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114 + 7.0.115-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.114 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 649caa49e4..ea0f5913ab 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.114 + 7.0.115-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 0c0d6e749e..fa371ece4c 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.114 + 7.0.115-SNAPSHOT 4.0.0 From 59c05217768410d59aaec6f47b6527f0a345a8ee Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 11 Jul 2024 09:07:07 +0000 Subject: [PATCH 41/90] [WSO2 Release] [Jenkins #4962] [Release 7.0.115] prepare release v7.0.115 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 9754790b48..113fce5a0c 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115-SNAPSHOT + 7.0.115 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.115-SNAPSHOT + 7.0.115 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 5e5cabe22d..a558613f61 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115-SNAPSHOT + 7.0.115 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.115-SNAPSHOT + 7.0.115 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index dc1f78abbf..33a9714d6a 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115-SNAPSHOT + 7.0.115 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 2d684bb97a..d54cb30381 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 0d96653f3a..9abf21a0e0 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.115-SNAPSHOT + 7.0.115 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 7a7fd19123..cc1692c600 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index ea78e7d82a..797d1facc5 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index a5156c96f4..046a57e068 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 15bd96740b..5965dffa62 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index c2b2b455c4..6c047cf10e 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index e64c693a80..7187c3f51f 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.115-SNAPSHOT + 7.0.115 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 40f0bbc2ee..08db8f007f 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index eae23febea..d861f9b7fa 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 837fc024b5..eb8c976d9b 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index cbc8b50006..f41c63b366 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 62df91f12a..d2f9213635 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index a6d4e6deb9..4d51e4c127 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 634905ad1d..c211f6e79c 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 6e9c03cd0b..f9b0d06c83 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 3943f44974..daa9488d4a 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index a3f0bacf79..4ee3393705 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 7b4d37851f..f48747735c 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index a5dd845ed8..286b92d1b8 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 2b2936a470..0f93d30dde 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 diff --git a/pom.xml b/pom.xml index 751f17a1af..1a01b94395 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115-SNAPSHOT + 7.0.115 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.115 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index ea0f5913ab..be525479ec 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115-SNAPSHOT + 7.0.115 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index fa371ece4c..ec37742a4b 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115-SNAPSHOT + 7.0.115 4.0.0 From 94626ba424687bd7ca5c058d53be9f714a009e5f Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 11 Jul 2024 09:07:10 +0000 Subject: [PATCH 42/90] [WSO2 Release] [Jenkins #4962] [Release 7.0.115] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 113fce5a0c..ee30ca692f 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115 + 7.0.116-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.115 + 7.0.116-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index a558613f61..c8471af7b6 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115 + 7.0.116-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.115 + 7.0.116-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 33a9714d6a..b1c9ec9cb3 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115 + 7.0.116-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index d54cb30381..f58fc4fbe4 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 9abf21a0e0..10466fd30c 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.115 + 7.0.116-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index cc1692c600..1f59cd1dad 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 797d1facc5..6566ae66df 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 046a57e068..a6e029717f 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 5965dffa62..7a65f99422 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 6c047cf10e..3d9ef08fb6 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 7187c3f51f..4846c92e29 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.115 + 7.0.116-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 08db8f007f..43b1b887d0 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index d861f9b7fa..1cd397eb29 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index eb8c976d9b..eee6bdd47d 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index f41c63b366..cd164bd544 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index d2f9213635..08b36acf28 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 4d51e4c127..7934f688ec 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index c211f6e79c..3257555e49 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index f9b0d06c83..e8fb4c1bda 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index daa9488d4a..25b4f8c231 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 4ee3393705..0d748cdffa 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index f48747735c..23b9bb5703 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 286b92d1b8..022697beec 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 0f93d30dde..b92a10ec8b 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 1a01b94395..047e71ffbe 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115 + 7.0.116-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.115 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index be525479ec..b7c1654532 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.115 + 7.0.116-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index ec37742a4b..365c051777 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.115 + 7.0.116-SNAPSHOT 4.0.0 From e45ef620850da9d30fe9d9be9882a5e4cecd1bf8 Mon Sep 17 00:00:00 2001 From: Thumilan Mikunthan Date: Fri, 12 Jul 2024 10:28:03 +0530 Subject: [PATCH 43/90] Revert "Revert "Revert "Onboard app level pvtkeyjwt reuse config""" --- .../dcr/endpoint/dto/ApplicationDTO.java | 12 --- .../endpoint/dto/RegistrationRequestDTO.java | 13 --- .../dcr/endpoint/dto/UpdateRequestDTO.java | 13 --- .../oauth2/dcr/endpoint/util/DCRMUtils.java | 5 -- .../identity/oauth/common/OAuthConstants.java | 10 +-- .../identity/oauth/dcr/bean/Application.java | 11 --- .../bean/ApplicationRegistrationRequest.java | 11 --- .../dcr/bean/ApplicationUpdateRequest.java | 11 --- .../oauth/dcr/service/DCRMService.java | 3 - .../src/main/resources/OAuthAdminService.wsdl | 1 - .../identity/oauth/OAuthAdminServiceImpl.java | 33 -------- .../wso2/carbon/identity/oauth/OAuthUtil.java | 82 ------------------- .../identity/oauth/dao/OAuthAppDAO.java | 20 +---- .../carbon/identity/oauth/dao/OAuthAppDO.java | 11 --- .../oauth/dto/OAuthConsumerAppDTO.java | 11 --- .../internal/OAuthComponentServiceHolder.java | 22 ----- .../oauth/internal/OAuthServiceComponent.java | 35 -------- .../oauth/OAuthAdminServiceImplTest.java | 36 -------- 18 files changed, 2 insertions(+), 338 deletions(-) mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java mode change 100755 => 100644 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java index f7d980a4e1..a66d1be779 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java @@ -65,7 +65,6 @@ public class ApplicationDTO { private String jwksUri = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt = null; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -293,17 +292,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java index e42227c3b0..92e34409e4 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java @@ -49,7 +49,6 @@ public class RegistrationRequestDTO { private String extTokenType = null; private String tokenEndpointAuthMethod = null; private String tokenEndpointAuthSigningAlg = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; private String idTokenEncryptedResponseAlg = null; @@ -333,18 +332,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java index 085eb32d26..81471cc237 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java @@ -36,7 +36,6 @@ public class UpdateRequestDTO { private boolean extPublicClient; private String extTokenType = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -242,18 +241,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - @ApiModelProperty(value = "") - @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") public String getTokenEndpointAuthSigningAlg() { diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java index 23e87ffa55..8e46d6c25f 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java @@ -81,8 +81,6 @@ public static ApplicationRegistrationRequest getApplicationRegistrationRequest( appRegistrationRequest.setExtTokenType(registrationRequestDTO.getExtTokenType()); appRegistrationRequest.setJwksURI(registrationRequestDTO.getJwksUri()); appRegistrationRequest.setTokenEndpointAuthMethod(registrationRequestDTO.getTokenEndpointAuthMethod()); - appRegistrationRequest.setTokenEndpointAllowReusePvtKeyJwt(registrationRequestDTO - .isTokenEndpointAllowReusePvtKeyJwt()); appRegistrationRequest.setTokenEndpointAuthSignatureAlgorithm (registrationRequestDTO.getTokenEndpointAuthSigningAlg()); appRegistrationRequest.setSectorIdentifierURI(registrationRequestDTO.getSectorIdentifierUri()); @@ -127,8 +125,6 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(UpdateRequest applicationUpdateRequest.setExtTokenType(updateRequestDTO.getExtTokenType()); applicationUpdateRequest.setJwksURI(updateRequestDTO.getJwksUri()); applicationUpdateRequest.setTokenEndpointAuthMethod(updateRequestDTO.getTokenEndpointAuthMethod()); - applicationUpdateRequest.setTokenEndpointAllowReusePvtKeyJwt( - updateRequestDTO.isTokenEndpointAllowReusePvtKeyJwt()); applicationUpdateRequest.setTokenEndpointAuthSignatureAlgorithm (updateRequestDTO.getTokenEndpointAuthSigningAlg()); applicationUpdateRequest.setSectorIdentifierURI(updateRequestDTO.getSectorIdentifierUri()); @@ -239,7 +235,6 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic applicationDTO.setExtTokenType(application.getExtTokenType()); applicationDTO.setJwksUri(application.getJwksURI()); applicationDTO.setTokenEndpointAuthMethod(application.getTokenEndpointAuthMethod()); - applicationDTO.setTokenEndpointAllowReusePvtKeyJwt(application.isTokenEndpointAllowReusePvtKeyJwt()); applicationDTO.setTokenEndpointAuthSigningAlg(application.getTokenEndpointAuthSignatureAlgorithm()); applicationDTO.setSectorIdentifierUri(application.getSectorIdentifierURI()); applicationDTO.setIdTokenSignedResponseAlg(application.getIdTokenSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 94b888cec6..57e7feac1e 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -622,7 +622,6 @@ public static class OIDCConfigProperties { public static final String TOKEN_BINDING_VALIDATION = "tokenBindingValidation"; public static final String TOKEN_BINDING_TYPE_NONE = "None"; public static final String TOKEN_AUTH_METHOD = "tokenEndpointAuthMethod"; - public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT = "tokenEndpointAllowReusePvtKeyJwt"; public static final String TOKEN_AUTH_SIGNATURE_ALGORITHM = "tokenEndpointAuthSigningAlg"; public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri"; public static final String ID_TOKEN_SIGNATURE_ALGORITHM = "idTokenSignedResponseAlg"; @@ -637,14 +636,7 @@ public static class OIDCConfigProperties { public static final String IS_SUBJECT_TOKEN_ENABLED = "isSubjectTokenEnabled"; public static final String SUBJECT_TOKEN_EXPIRY_TIME = "subjectTokenExpiryTime"; public static final int SUBJECT_TOKEN_EXPIRY_TIME_VALUE = 180; - public static final String PREVENT_TOKEN_REUSE = "PreventTokenReuse"; - public static final boolean DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE = true; - // Name of the {@code JWTClientAuthenticatorConfig} resource type in the Configuration Management API. - public static final String JWT_CONFIGURATION_RESOURCE_TYPE_NAME = "PK_JWT_CONFIGURATION"; - // Name of the {@code JWTClientAuthenticatorConfig} resource (per tenant) in the Configuration Management API. - public static final String JWT_CONFIGURATION_RESOURCE_NAME = "TENANT_PK_JWT_CONFIGURATION"; - public static final String PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME = "PrivateKeyJWTClientAuthenticator"; - public static final String ENABLE_TOKEN_REUSE = "EnableTokenReuse"; + private OIDCConfigProperties() { } diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java index 7f0d3907f2..bb555c1f16 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java @@ -46,7 +46,6 @@ public class Application implements Serializable { private String extTokenType = null; private String jwksURI = null; private String tokenEndpointAuthMethod = null; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm = null; private String sectorIdentifierURI = null; private String idTokenSignatureAlgorithm = null; @@ -254,16 +253,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java index 068fa18637..af1666e651 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java @@ -52,7 +52,6 @@ public class ApplicationRegistrationRequest implements Serializable { private String jwksURI; private String softwareStatement; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -381,16 +380,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java index 443821cd55..b98772d5dd 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java @@ -48,7 +48,6 @@ public class ApplicationUpdateRequest implements Serializable { private String jwksURI = null; private String softwareStatement; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -306,16 +305,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java index 994bd068fa..6aa00ca66a 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java @@ -351,7 +351,6 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str if (updateRequest.getTokenEndpointAuthMethod() != null) { appDTO.setTokenEndpointAuthMethod(updateRequest.getTokenEndpointAuthMethod()); } - appDTO.setTokenEndpointAllowReusePvtKeyJwt(updateRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (updateRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { appDTO.setTokenEndpointAuthSignatureAlgorithm (updateRequest.getTokenEndpointAuthSignatureAlgorithm()); @@ -671,7 +670,6 @@ private Application buildResponse(OAuthConsumerAppDTO createdApp, String tenantD application.setExtTokenType(createdApp.getTokenType()); application.setJwksURI(createdApp.getJwksURI()); application.setTokenEndpointAuthMethod(createdApp.getTokenEndpointAuthMethod()); - application.setTokenEndpointAllowReusePvtKeyJwt(createdApp.isTokenEndpointAllowReusePvtKeyJwt()); application.setTokenEndpointAuthSignatureAlgorithm(createdApp.getTokenEndpointAuthSignatureAlgorithm()); application.setSectorIdentifierURI(createdApp.getSectorIdentifierURI()); application.setIdTokenSignatureAlgorithm(createdApp.getIdTokenSignatureAlgorithm()); @@ -766,7 +764,6 @@ private OAuthConsumerAppDTO createOAuthApp(ApplicationRegistrationRequest regist if (registrationRequest.getTokenEndpointAuthMethod() != null) { oAuthConsumerApp.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod()); } - oAuthConsumerApp.setTokenEndpointAllowReusePvtKeyJwt(registrationRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (registrationRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { oAuthConsumerApp.setTokenEndpointAuthSignatureAlgorithm (registrationRequest.getTokenEndpointAuthSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl old mode 100755 new mode 100644 index a1b5a18871..8b9539eddc --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -432,7 +432,6 @@ - diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java old mode 100755 new mode 100644 index 3129f55459..068ac62c57 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -107,7 +107,6 @@ import static org.wso2.carbon.identity.oauth.OAuthUtil.handleErrorWithExceptionType; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_DELETED; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.PRIVATE_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getTenantId; @@ -430,13 +429,6 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } - Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, - tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + - "incompatible with the Private Key JWT Reuse config value."); - } - app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -863,13 +855,6 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); - if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { - throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + - "incompatible with the Private Key JWT Reuse config value."); - } - oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); - String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -2507,24 +2492,6 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } } - /** - * Return whether the request of updating the tokenEndpointAllowReusePvtKeyJwt is valid. - * - * @param tokenEndpointAuthMethod token endpoint client authentication method. - * @param tokenEndpointAllowReusePvtKeyJwt During client authentication whether to reuse private key JWT. - * @return True if tokenEndpointAuthMethod and tokenEndpointAllowReusePvtKeyJwt is NOT in the correct format. - */ - private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMethod, - Boolean tokenEndpointAllowReusePvtKeyJwt) { - - if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { - if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { - return tokenEndpointAllowReusePvtKeyJwt == null; - } - } - return tokenEndpointAllowReusePvtKeyJwt != null; - } - /** * FAPI validation to restrict the token endpoint authentication methods. * Link - https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server (5.2.2 - 14) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java old mode 100755 new mode 100644 index 2ca4524208..2fe5e743a0 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -37,11 +37,6 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; -import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException; -import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute; -import org.wso2.carbon.identity.configuration.mgt.core.model.Resource; -import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler; -import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.OAuthCache; @@ -82,7 +77,6 @@ import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -95,12 +89,6 @@ import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CURRENT_TOKEN_IDENTIFIER; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.PRESERVE_LOGGED_IN_SESSION_AT_PASSWORD_UPDATE; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ORGANIZATION_LOGIN_HOME_REALM_IDENTIFIER; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.ENABLE_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_NAME; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_TYPE_NAME; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PREVENT_TOKEN_REUSE; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.UserType.FEDERATED_USER_DOMAIN_PREFIX; @@ -548,7 +536,6 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) { .isTokenRevocationWithIDPSessionTerminationEnabled()); dto.setTokenBindingValidationEnabled(appDO.isTokenBindingValidationEnabled()); dto.setTokenEndpointAuthMethod(appDO.getTokenEndpointAuthMethod()); - dto.setTokenEndpointAllowReusePvtKeyJwt(appDO.isTokenEndpointAllowReusePvtKeyJwt()); dto.setTokenEndpointAuthSignatureAlgorithm(appDO.getTokenEndpointAuthSignatureAlgorithm()); dto.setSectorIdentifierURI(appDO.getSectorIdentifierURI()); dto.setIdTokenSignatureAlgorithm(appDO.getIdTokenSignatureAlgorithm()); @@ -1210,73 +1197,4 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate authenticatedUser.setFederatedIdPName(orgSsoIdp.getIdentityProviderName()); } } - - /** - * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. - * - * @param tokenEPAllowReusePvtKeyJwtValue Value of the tokenEPAllowReusePvtKeyJwt configuration. - * @param tokenAuthMethod Token authentication method. - * @return Value of the tokenEPAllowReusePvtKeyJwt configuration. - * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. - */ - public static String getValueOfTokenEPAllowReusePvtKeyJwt(String tokenEPAllowReusePvtKeyJwtValue, - String tokenAuthMethod) - throws IdentityOAuth2ServerException { - - if (tokenEPAllowReusePvtKeyJwtValue == null && StringUtils.isNotBlank(tokenAuthMethod) - && OAuthConstants.PRIVATE_KEY_JWT.equals(tokenAuthMethod)) { - try { - tokenEPAllowReusePvtKeyJwtValue = readTenantConfigurationPvtKeyJWTReuse(); - } catch (ConfigurationManagementException e) { - throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", - e); - } - if (tokenEPAllowReusePvtKeyJwtValue == null) { - tokenEPAllowReusePvtKeyJwtValue = readServerConfigurationPvtKeyJWTReuse(); - if (tokenEPAllowReusePvtKeyJwtValue == null) { - tokenEPAllowReusePvtKeyJwtValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); - } - } - } - return tokenEPAllowReusePvtKeyJwtValue; - } - - private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { - - String tokenEPAllowReusePvtKeyJwtTenantConfig = null; - Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() - .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); - - if (resource != null) { - tokenEPAllowReusePvtKeyJwtTenantConfig = resource.getAttributes().stream() - .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) - .map(Attribute::getValue) - .findFirst() - .orElse(null); - } - return tokenEPAllowReusePvtKeyJwtTenantConfig; - } - - private static String readServerConfigurationPvtKeyJWTReuse() { - - String tokenEPAllowReusePvtKeyJwtTenantConfig = null; - IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( - AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); - - if (identityEventListenerConfig != null - && Boolean.parseBoolean(identityEventListenerConfig.getEnable())) { - if (identityEventListenerConfig.getProperties() != null) { - for (Map.Entry property : identityEventListenerConfig.getProperties().entrySet()) { - String key = (String) property.getKey(); - String value = (String) property.getValue(); - if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { - boolean preventTokenReuse = Boolean.parseBoolean(value); - tokenEPAllowReusePvtKeyJwtTenantConfig = String.valueOf(!preventTokenReuse); - break; - } - } - } - } - return tokenEPAllowReusePvtKeyJwtTenantConfig; - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java old mode 100755 new mode 100644 index dfb0bc88f2..0608a7a8c9 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -47,7 +47,6 @@ import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor; import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; -import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -103,7 +102,6 @@ import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE_NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_VALIDATION; -import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE; @@ -984,10 +982,6 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO, TOKEN_AUTH_METHOD, oauthAppDO.getTokenEndpointAuthMethod(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); - addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, - TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, String.valueOf(oauthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), - prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); - addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM, oauthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); @@ -1642,12 +1636,6 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); - if (consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) { - addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, - TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, - String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); - } - addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1744,8 +1732,7 @@ private Map> getSpOIDCProperties(Connection connection, return spOIDCProperties; } - private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) - throws IdentityOAuth2ServerException { + private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) { // Handle OIDC audience values if (isOIDCAudienceEnabled() && @@ -1808,11 +1795,6 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } - String tokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt( - getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); - if (tokenEPAllowReusePvtKeyJwt != null) { - oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJwt)); - } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { oauthApp.setTokenEndpointAuthSignatureAlgorithm(tokenSignatureAlgorithm); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java index 50a1f48db4..b48b74bae7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java @@ -81,7 +81,6 @@ public class OAuthAppDO extends InboundConfigurationProtocol implements Serializ private boolean tokenRevocationWithIDPSessionTerminationEnabled; private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -384,16 +383,6 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java index fba94088c1..f93e9acc4f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java @@ -67,7 +67,6 @@ public class OAuthConsumerAppDTO implements InboundProtocolConfigurationDTO { private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; private String tokenEndpointAuthSignatureAlgorithm; - private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; private String requestObjectSignatureAlgorithm; @@ -385,16 +384,6 @@ public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSigna this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; } - public Boolean isTokenEndpointAllowReusePvtKeyJwt() { - - return tokenEndpointAllowReusePvtKeyJwt; - } - - public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { - - this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; - } - public String getSectorIdentifierURI() { return sectorIdentifierURI; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 419c09ac80..5a91f8a515 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -22,7 +22,6 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; -import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; @@ -81,7 +80,6 @@ public class OAuthComponentServiceHolder { private AuthorizedAPIManagementService authorizedAPIManagementService; private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; - private ConfigurationManager configurationManager; /** * Get the list of scope validator implementations available. @@ -513,24 +511,4 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } - - /** - * Get the ConfigurationManager instance. - * - * @return ConfigurationManager The ConfigurationManager instance. - */ - public ConfigurationManager getConfigurationManager() { - - return configurationManager; - } - - /** - * Set the ConfigurationManager instance. - * - * @param configurationManager ConfigurationManager The ConfigurationManager instance. - */ - public void setConfigurationManager(ConfigurationManager configurationManager) { - - this.configurationManager = configurationManager; - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index c0981a6a1c..a253d8836d 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -30,7 +30,6 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler; -import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; @@ -522,38 +521,4 @@ protected void unsetOrganizationUserSharingService(OrganizationUserSharingServic } OAuthComponentServiceHolder.getInstance().setOrganizationUserSharingService(null); } - - /** - * Set the ConfigurationManager. - * - * @param configurationManager The {@code ConfigurationManager} instance. - */ - @Reference( - name = "resource.configuration.manager", - service = ConfigurationManager.class, - cardinality = ReferenceCardinality.MANDATORY, - policy = ReferencePolicy.DYNAMIC, - unbind = "unregisterConfigurationManager" - ) - protected void registerConfigurationManager(ConfigurationManager configurationManager) { - - if (log.isDebugEnabled()) { - log.debug("Registering the ConfigurationManager in JWT Client Authenticator ManagementService."); - } - OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); - } - - - /** - * Unset the ConfigurationManager. - * - * @param configurationManager The {@code ConfigurationManager} instance. - */ - protected void unregisterConfigurationManager(ConfigurationManager configurationManager) { - - if (log.isDebugEnabled()) { - log.debug("Unregistering the ConfigurationManager in JWT Client Authenticator ManagementService."); - } - OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java old mode 100755 new mode 100644 index 643bad39f0..d295a00267 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -850,34 +850,6 @@ private void testValidateTokenAuthenticationWithInvalidAuthentication() throws E } } - @DataProvider(name = "getTokenAuthMethodAndTokenReuseConfigData") - public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { - - return new Object[][]{ - // Client auth method, Expected result. - {"private_key_jwt", null, true}, - {null, true, true}, - {"", true, true}, - {" ", true, true}, - {"dummy_method", true, true}, - {"private_key_jwt", true, false}, - {null, null, false}, - {"dummy_method", null, false}}; - } - - @Test(description = "Test invalid reuse token config & client auth method combination.", - dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") - private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, - Boolean tokenEndpointAllowReusePvtKeyJwt, - boolean expectedResult) throws Exception { - - OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); - - Assert.assertEquals(invokePrivateMethod(oAuthAdminService, - "isInvalidTokenEPReusePvtKeyJwtRequest", new Class[]{String.class, Boolean.class}, - tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt), expectedResult); - } - @Test(description = "Test validating signature algorithm") private void testValidateSignatureAlgorithm() throws Exception { @@ -1087,12 +1059,4 @@ private Object invokePrivateMethod(Object object, String methodName, Object... p method.setAccessible(true); return method.invoke(object, params); } - - private Object invokePrivateMethod(Object object, String methodName, Class[] paramTypes, Object... params) - throws Exception { - - Method method = object.getClass().getDeclaredMethod(methodName, paramTypes); - method.setAccessible(true); - return method.invoke(object, params); - } } From d2a91d8880567e15a2895d426051b6672ee64f70 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 12 Jul 2024 05:21:39 +0000 Subject: [PATCH 44/90] [WSO2 Release] [Jenkins #4964] [Release 7.0.116] prepare release v7.0.116 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index ee30ca692f..e078074d18 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116-SNAPSHOT + 7.0.116 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.116-SNAPSHOT + 7.0.116 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index c8471af7b6..85ff33818c 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116-SNAPSHOT + 7.0.116 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.116-SNAPSHOT + 7.0.116 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index b1c9ec9cb3..89f27a99cc 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116-SNAPSHOT + 7.0.116 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index f58fc4fbe4..01845c44ae 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 10466fd30c..d630277697 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.116-SNAPSHOT + 7.0.116 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 1f59cd1dad..c913ec894c 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 6566ae66df..9583e6f3a2 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index a6e029717f..57b0ebe55c 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 7a65f99422..a9e45223f1 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 3d9ef08fb6..44f6f8212b 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 4846c92e29..0d61f5faa5 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.116-SNAPSHOT + 7.0.116 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 43b1b887d0..47a084c641 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 1cd397eb29..09672ef46b 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index eee6bdd47d..6177a070b8 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index cd164bd544..97d88e0e41 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 08b36acf28..35495d9808 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 7934f688ec..521666db52 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 3257555e49..7d79a75b29 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index e8fb4c1bda..594184019b 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 25b4f8c231..fde091c18d 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 0d748cdffa..84300ae57e 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 23b9bb5703..55e9247d66 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 022697beec..239598904e 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index b92a10ec8b..9a2d9c8920 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 diff --git a/pom.xml b/pom.xml index 047e71ffbe..483c3a715c 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116-SNAPSHOT + 7.0.116 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.116 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index b7c1654532..869cfa30c3 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116-SNAPSHOT + 7.0.116 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 365c051777..2d69e4bb5a 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116-SNAPSHOT + 7.0.116 4.0.0 From e088f00033373569f4071e2f07b21f84b6d1f963 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 12 Jul 2024 05:21:42 +0000 Subject: [PATCH 45/90] [WSO2 Release] [Jenkins #4964] [Release 7.0.116] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index e078074d18..511c136091 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116 + 7.0.117-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.116 + 7.0.117-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 85ff33818c..46aa6e1256 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116 + 7.0.117-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.116 + 7.0.117-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 89f27a99cc..b5a74e0b35 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116 + 7.0.117-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 01845c44ae..dbcb5a72f8 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index d630277697..2a8eb293e6 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.116 + 7.0.117-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index c913ec894c..9463679ea9 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 9583e6f3a2..8ff8d87b24 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 57b0ebe55c..6b52902b01 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index a9e45223f1..297df35936 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 44f6f8212b..23004d6b87 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 0d61f5faa5..85ab60403b 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.116 + 7.0.117-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 47a084c641..b3f0c1d763 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 09672ef46b..f9978035d7 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 6177a070b8..095f8e4ea0 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 97d88e0e41..39bd6ad33e 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 35495d9808..d54206eae4 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 521666db52..9f5aa762df 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 7d79a75b29..a979f7d082 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 594184019b..3e3711fb75 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index fde091c18d..9165c920c5 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 84300ae57e..9cc3617558 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 55e9247d66..d335511ebe 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 239598904e..ba986129f0 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 9a2d9c8920..a853bced56 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 483c3a715c..0116dac19e 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116 + 7.0.117-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.116 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 869cfa30c3..54f1ace749 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.116 + 7.0.117-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 2d69e4bb5a..b24c2afd08 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.116 + 7.0.117-SNAPSHOT 4.0.0 From bf67e2dd5c7aea9e5432875cc5f37e3e2604a8ef Mon Sep 17 00:00:00 2001 From: Thumimku Date: Mon, 15 Jul 2024 00:15:02 +0530 Subject: [PATCH 46/90] add impersonation authroization validator add impersonation authroization validator --- .../wso2/carbon/identity/oauth/OAuthUtil.java | 25 ++++ .../oauth2/impersonation/utils/Constants.java | 1 + .../ImpersonatorPermissionValidator.java | 87 +++++++++++++ .../validators/SubjectScopeValidator.java | 40 +++--- .../internal/OAuth2ServiceComponent.java | 2 + .../ImpersonatorPermissionValidatorTest.java | 122 ++++++++++++++++++ .../SubjectScopeValidatorTest.java | 47 ++++--- .../src/test/resources/testng.xml | 2 + 8 files changed, 293 insertions(+), 33 deletions(-) create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/ImpersonatorPermissionValidator.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/ImpersonatorPermissionValidatorTest.java diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java index 2fe5e743a0..f50cec5e53 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -1158,6 +1158,31 @@ private static User getUserFromTenant(String username, String userId, int tenant return user; } + /** + * Get user from tenant by user id. + * + * @param userId The user id. + * @param tenantId The tenant id where user resides. + * @return User object from tenant userStoreManager. + * @throws IdentityApplicationManagementException Error when user cannot be resolved. + */ + public static User getUserFromTenant(String userId, int tenantId) + throws IdentityApplicationManagementException { + + User user = null; + try { + AbstractUserStoreManager userStoreManager = + (AbstractUserStoreManager) OAuthComponentServiceHolder.getInstance() + .getRealmService().getTenantUserRealm(tenantId).getUserStoreManager(); + if (StringUtils.isNotEmpty(userId) && userStoreManager.isExistingUserWithID(userId)) { + user = getApplicationUser(userStoreManager.getUser(userId, null)); + } + } catch (org.wso2.carbon.user.api.UserStoreException e) { + throw new IdentityApplicationManagementException("Error finding user in tenant.", e); + } + return user; + } + private static User getApplicationUser(org.wso2.carbon.user.core.common.User coreUser) { User user = new User(); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/utils/Constants.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/utils/Constants.java index abbc5e19a0..019943244e 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/utils/Constants.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/utils/Constants.java @@ -24,6 +24,7 @@ */ public class Constants { + public static final String IMPERSONATION_SCOPE_NAME = "internal_user_impersonate"; public static final String OAUTH_2 = "oauth2"; public static final String ENABLE_EMAIL_NOTIFICATION = "EnableEmailNotification"; public static final String IMPERSONATION_RESOURCE_TYPE_NAME = "IMPERSONATION_CONFIGURATION"; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/ImpersonatorPermissionValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/ImpersonatorPermissionValidator.java new file mode 100644 index 0000000000..cacdbfa144 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/ImpersonatorPermissionValidator.java @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.wso2.carbon.identity.oauth2.impersonation.validators; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; +import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationContext; +import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationRequestDTO; +import org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2ScopeValidator; + +import java.util.List; + +import static org.wso2.carbon.identity.oauth2.impersonation.utils.Constants.IMPERSONATION_SCOPE_NAME; + +/** + * The ImpersonatorPermissionValidator class is responsible for validating whether an authenticated user + * has the necessary impersonation permissions within a given tenant and for a specified client. + * The validation process involves checking if the authenticated user has the "internal_user_impersonate" + * in their authorized scopes. If the scope is present, the impersonation context is marked as validated. + */ +public class ImpersonatorPermissionValidator implements ImpersonationValidator { + + private static final String NAME = "ImpersonatorPermissionValidator"; + private static final Log LOG = LogFactory.getLog(ImpersonatorPermissionValidator.class); + private DefaultOAuth2ScopeValidator scopeValidator; + + public ImpersonatorPermissionValidator() { + + this.scopeValidator = new DefaultOAuth2ScopeValidator(); + } + + @Override + public int getPriority() { + + return 100; + } + + @Override + public String getImpersonationValidatorName() { + + return NAME; + } + + @Override + public ImpersonationContext validateImpersonation(ImpersonationContext impersonationContext) + throws IdentityOAuth2Exception { + + ImpersonationRequestDTO impersonationRequestDTO = impersonationContext.getImpersonationRequestDTO(); + OAuthAuthzReqMessageContext authzReqMessageContext = impersonationRequestDTO.getoAuthAuthzReqMessageContext(); + + String tenantDomain = authzReqMessageContext.getAuthorizationReqDTO().getTenantDomain(); + String clientId = authzReqMessageContext.getAuthorizationReqDTO().getConsumerKey(); + authzReqMessageContext.getAuthorizationReqDTO().setScopes(authzReqMessageContext.getRequestedScopes()); + List authorizedScopes = scopeValidator.validateScope(authzReqMessageContext); + if (authorizedScopes.contains(IMPERSONATION_SCOPE_NAME)) { + impersonationContext.setValidated(true); + } else { + impersonationContext.setValidated(false); + impersonationContext.setValidationFailureErrorMessage("Authenticated user : " + authzReqMessageContext + .getAuthorizationReqDTO().getUser().getLoggableMaskedUserId() + " doesn't have impersonation " + + "permission for client : " + clientId + " in the tenant : " + tenantDomain); + LOG.error("Authenticated user : " + authzReqMessageContext + .getAuthorizationReqDTO().getUser().getLoggableMaskedUserId() + "doesn't have impersonation " + + "permission for client : " + clientId + " in the tenant : " + tenantDomain); + } + return impersonationContext; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java index c3e45cbef7..225ce14071 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java @@ -19,22 +19,26 @@ package org.wso2.carbon.identity.oauth2.impersonation.validators; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; +import org.wso2.carbon.identity.application.common.model.User; import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; +import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationContext; import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationRequestDTO; -import org.wso2.carbon.identity.oauth2.util.OAuth2Util; import org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2ScopeValidator; import org.wso2.carbon.user.api.UserStoreException; +import org.wso2.carbon.user.core.service.RealmService; import java.util.List; +import static org.wso2.carbon.identity.oauth.OAuthUtil.getUserFromTenant; + /** * The {@code SubjectScopeValidator} class implements the {@link ImpersonationValidator} interface * to validate impersonation requests based on subject scopes. @@ -92,24 +96,26 @@ public ImpersonationContext validateImpersonation(ImpersonationContext impersona private AuthenticatedUser getAuthenticatedSubjectUser(String subjectUserId, String tenantDomain) throws IdentityOAuth2Exception { - AuthenticatedUser authenticatedUser; - - String username; try { - username = OAuth2Util.resolveUsernameFromUserId(tenantDomain, subjectUserId); - } catch (UserStoreException e) { + RealmService realmService = OAuthComponentServiceHolder.getInstance().getRealmService(); + + int tenantId = realmService.getTenantManager().getTenantId(tenantDomain); + User user = getUserFromTenant(subjectUserId, tenantId); + if (user == null) { + throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.INVALID_REQUEST, + "Invalid User Id provided for Impersonation request. Unable to find the user for given " + + "user id : " + subjectUserId + " tenant Domain : " + tenantDomain); + } + AuthenticatedUser authenticatedUser = new AuthenticatedUser(); + authenticatedUser.setUserId(subjectUserId); + authenticatedUser.setAuthenticatedSubjectIdentifier(subjectUserId); + authenticatedUser.setUserName(user.getUserName()); + authenticatedUser.setUserStoreDomain(user.getUserStoreDomain()); + authenticatedUser.setTenantDomain(tenantDomain); + return authenticatedUser; + } catch (UserStoreException | IdentityApplicationManagementException e) { throw new IdentityOAuth2Exception(OAuth2ErrorCodes.INVALID_REQUEST, "Use mapped local subject is mandatory but a local user couldn't be found"); } - try { - authenticatedUser = OAuth2Util.getUserFromUserName(username); - } catch (IllegalArgumentException e) { - throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.INVALID_REQUEST, - "Invalid User Id provided for Impersonation request. Unable to find the user for given user id : " - + subjectUserId + " tenant Domain : " + tenantDomain); - } - authenticatedUser.setUserId(subjectUserId); - authenticatedUser.setAuthenticatedSubjectIdentifier(subjectUserId); - return authenticatedUser; } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java index 2c4e41025b..7e4db0f45f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java @@ -77,6 +77,7 @@ import org.wso2.carbon.identity.oauth2.impersonation.services.ImpersonationConfigMgtServiceImpl; import org.wso2.carbon.identity.oauth2.impersonation.services.ImpersonationMgtServiceImpl; import org.wso2.carbon.identity.oauth2.impersonation.validators.ImpersonationValidator; +import org.wso2.carbon.identity.oauth2.impersonation.validators.ImpersonatorPermissionValidator; import org.wso2.carbon.identity.oauth2.impersonation.validators.SubjectScopeValidator; import org.wso2.carbon.identity.oauth2.keyidprovider.DefaultKeyIDProviderImpl; import org.wso2.carbon.identity.oauth2.keyidprovider.KeyIDProvider; @@ -398,6 +399,7 @@ protected void activate(ComponentContext context) { OAuth2ServiceComponentHolder.getInstance().setImpersonationMgtService(new ImpersonationMgtServiceImpl()); bundleContext.registerService(ImpersonationValidator.class, new SubjectScopeValidator(), null); + bundleContext.registerService(ImpersonationValidator.class, new ImpersonatorPermissionValidator(), null); bundleContext.registerService(ImpersonationConfigMgtService.class, new ImpersonationConfigMgtServiceImpl(), null); diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/ImpersonatorPermissionValidatorTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/ImpersonatorPermissionValidatorTest.java new file mode 100644 index 0000000000..c2139bad9f --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/ImpersonatorPermissionValidatorTest.java @@ -0,0 +1,122 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.wso2.carbon.identity.oauth2.impersonation; + +import org.mockito.Mock; +import org.mockito.testng.MockitoTestNGListener; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Listeners; +import org.testng.annotations.Test; +import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; +import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO; +import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationContext; +import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationRequestDTO; +import org.wso2.carbon.identity.oauth2.impersonation.validators.ImpersonatorPermissionValidator; +import org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2ScopeValidator; + +import java.lang.reflect.Field; +import java.util.Arrays; + +import static org.mockito.Mockito.lenient; +import static org.mockito.Mockito.when; +import static org.testng.Assert.assertFalse; +import static org.testng.Assert.assertNotNull; +import static org.testng.Assert.assertNull; +import static org.testng.Assert.assertTrue; +import static org.wso2.carbon.identity.oauth2.impersonation.utils.Constants.IMPERSONATION_SCOPE_NAME; + +/** + * Unit test cases for {@link ImpersonatorPermissionValidatorTest} + */ +@Listeners(MockitoTestNGListener.class) +public class ImpersonatorPermissionValidatorTest { + + @Mock + private AuthenticatedUser impersonator; + @Mock + private OAuth2AuthorizeReqDTO oAuth2AuthorizeReqDTO; + @Mock + private OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext; + @Mock + private DefaultOAuth2ScopeValidator defaultOAuth2ScopeValidator; + private ImpersonationRequestDTO impersonationRequestDTO; + private static final String[] SCOPES_WITHOUT_OPENID = new String[]{"scope1", "scope2"}; + + @BeforeMethod + public void setUp() throws Exception { + + lenient().when(impersonator.getLoggableMaskedUserId()).thenReturn("123456789"); + lenient().when(oAuth2AuthorizeReqDTO.getRequestedSubjectId()).thenReturn("dummySubjectId"); + lenient().when(oAuth2AuthorizeReqDTO.getUser()).thenReturn(impersonator); + lenient().when(oAuth2AuthorizeReqDTO.getConsumerKey()).thenReturn("dummyConsumerKey"); + lenient().when(oAuth2AuthorizeReqDTO.getScopes()).thenReturn(SCOPES_WITHOUT_OPENID); + lenient().when(oAuth2AuthorizeReqDTO.getTenantDomain()).thenReturn("carbon.super"); + lenient().when(oAuthAuthzReqMessageContext.getAuthorizationReqDTO()).thenReturn(oAuth2AuthorizeReqDTO); + impersonationRequestDTO = new ImpersonationRequestDTO(); + impersonationRequestDTO.setoAuthAuthzReqMessageContext(oAuthAuthzReqMessageContext); + } + + @Test + public void testValidateImpersonation() throws IdentityException, NoSuchFieldException, IllegalAccessException { + + when(defaultOAuth2ScopeValidator.validateScope(oAuthAuthzReqMessageContext)).thenReturn(Arrays.asList("scope1", + "scope2", IMPERSONATION_SCOPE_NAME)); + + ImpersonationContext impersonationContext = new ImpersonationContext(); + impersonationContext.setImpersonationRequestDTO(impersonationRequestDTO); + ImpersonatorPermissionValidator impersonatorPermissionValidator = new ImpersonatorPermissionValidator(); + Field field = ImpersonatorPermissionValidator.class.getDeclaredField("scopeValidator"); + field.setAccessible(true); + field.set(impersonatorPermissionValidator, defaultOAuth2ScopeValidator); + + impersonationContext = + impersonatorPermissionValidator.validateImpersonation(impersonationContext); + + assertTrue(impersonationContext.isValidated(), + "Impersonation context's validated attribute should be true"); + assertNull(impersonationContext.getValidationFailureErrorMessage(), + "Validation error message should be null"); + } + + @Test + public void testValidateImpersonationNegativeCase() throws IdentityException, NoSuchFieldException, + IllegalAccessException { + + when(defaultOAuth2ScopeValidator.validateScope(oAuthAuthzReqMessageContext)).thenReturn(Arrays.asList("scope1", + "scope2")); + + ImpersonationContext impersonationContext = new ImpersonationContext(); + impersonationContext.setImpersonationRequestDTO(impersonationRequestDTO); + ImpersonatorPermissionValidator impersonatorPermissionValidator = new ImpersonatorPermissionValidator(); + Field field = ImpersonatorPermissionValidator.class.getDeclaredField("scopeValidator"); + field.setAccessible(true); + field.set(impersonatorPermissionValidator, defaultOAuth2ScopeValidator); + + impersonationContext = + impersonatorPermissionValidator.validateImpersonation(impersonationContext); + + assertFalse(impersonationContext.isValidated(), + "Impersonation context's validated attribute should be false"); + assertNotNull(impersonationContext.getValidationFailureErrorMessage(), + "Validation error message shouldn't be null"); + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/SubjectScopeValidatorTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/SubjectScopeValidatorTest.java index 182d54e3d3..cd2a5e9481 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/SubjectScopeValidatorTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/impersonation/SubjectScopeValidatorTest.java @@ -26,9 +26,11 @@ import org.testng.annotations.Listeners; import org.testng.annotations.Test; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.application.common.model.User; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityException; -import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; +import org.wso2.carbon.identity.oauth.OAuthUtil; +import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO; @@ -36,8 +38,9 @@ import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationRequestDTO; import org.wso2.carbon.identity.oauth2.impersonation.validators.SubjectScopeValidator; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; -import org.wso2.carbon.identity.oauth2.util.OAuth2Util; import org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2ScopeValidator; +import org.wso2.carbon.user.core.service.RealmService; +import org.wso2.carbon.user.core.tenant.TenantManager; import java.lang.reflect.Field; import java.util.Arrays; @@ -67,23 +70,27 @@ public class SubjectScopeValidatorTest { @Mock private ApplicationManagementService applicationManagementService; @Mock - private AuthenticatedUser endUser; + private OAuthComponentServiceHolder mockOAuthComponentServiceHolder; @Mock - private OAuthServerConfiguration mockOAuthServerConfiguration; - + private RealmService mockRealmService; + @Mock + private TenantManager mockTenantManager; private ImpersonationRequestDTO impersonationRequestDTO; private static final String[] SCOPES_WITHOUT_OPENID = new String[]{"scope1", "scope2"}; - - private MockedStatic oAuthServerConfiguration; - private MockedStatic oAuth2Util; + private MockedStatic oAuthComponentServiceHolder; + private MockedStatic oAuthUtil; private MockedStatic oAuth2ServiceComponentHolder; @BeforeMethod public void setUp() throws Exception { - oAuthServerConfiguration = mockStatic(OAuthServerConfiguration.class); - oAuthServerConfiguration.when(OAuthServerConfiguration::getInstance).thenReturn(mockOAuthServerConfiguration); - oAuth2Util = mockStatic(OAuth2Util.class); + oAuthComponentServiceHolder = mockStatic(OAuthComponentServiceHolder.class); + oAuthComponentServiceHolder.when(OAuthComponentServiceHolder::getInstance) + .thenReturn(mockOAuthComponentServiceHolder); + when(mockOAuthComponentServiceHolder.getRealmService()).thenReturn(mockRealmService); + when(mockRealmService.getTenantManager()).thenReturn(mockTenantManager); + when(mockTenantManager.getTenantId("carbon.super")).thenReturn(-1234); + oAuthUtil = mockStatic(OAuthUtil.class); oAuth2ServiceComponentHolder = mockStatic(OAuth2ServiceComponentHolder.class); oAuth2ServiceComponentHolder.when( OAuth2ServiceComponentHolder::getApplicationMgtService).thenReturn(applicationManagementService); @@ -100,16 +107,24 @@ public void setUp() throws Exception { impersonationRequestDTO = new ImpersonationRequestDTO(); impersonationRequestDTO.setoAuthAuthzReqMessageContext(oAuthAuthzReqMessageContext); - oAuth2Util.when(() -> OAuth2Util.resolveUsernameFromUserId("carbon.super", "dummySubjectId")) - .thenReturn("dummyUserName"); - oAuth2Util.when(() -> OAuth2Util.getUserFromUserName("dummyUserName")).thenReturn(endUser); + oAuthUtil.when(() -> OAuthUtil.getUserFromTenant("dummySubjectId", -1234)) + .thenReturn(getDummyUser()); + } + + private User getDummyUser() { + + User user = new User(); + user.setUserName("dummmyUserName"); + user.setUserStoreDomain("dummyUserStore"); + user.setTenantDomain("carbon.super"); + return user; } @AfterMethod public void tearDown() { - oAuthServerConfiguration.close(); - oAuth2Util.close(); + oAuthUtil.close(); oAuth2ServiceComponentHolder.close(); + oAuthComponentServiceHolder.close();; } @Test diff --git a/components/org.wso2.carbon.identity.oauth/src/test/resources/testng.xml b/components/org.wso2.carbon.identity.oauth/src/test/resources/testng.xml index 33feab5562..990c264e74 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/resources/testng.xml +++ b/components/org.wso2.carbon.identity.oauth/src/test/resources/testng.xml @@ -41,6 +41,7 @@ + @@ -185,6 +186,7 @@ + From ea98e098def241283e0c701bc5291084efad2ba5 Mon Sep 17 00:00:00 2001 From: Thumimku Date: Mon, 15 Jul 2024 08:05:50 +0530 Subject: [PATCH 47/90] add impersonation authroization validator --- .../src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java index f50cec5e53..fdef96656c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -1177,10 +1177,10 @@ public static User getUserFromTenant(String userId, int tenantId) if (StringUtils.isNotEmpty(userId) && userStoreManager.isExistingUserWithID(userId)) { user = getApplicationUser(userStoreManager.getUser(userId, null)); } + return user; } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new IdentityApplicationManagementException("Error finding user in tenant.", e); } - return user; } private static User getApplicationUser(org.wso2.carbon.user.core.common.User coreUser) { From 3ae4cb6d9543e32888e2ccbece4a011a46d29423 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 15 Jul 2024 03:57:21 +0000 Subject: [PATCH 48/90] [WSO2 Release] [Jenkins #4967] [Release 7.0.117] prepare release v7.0.117 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 511c136091..d80d030db5 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117-SNAPSHOT + 7.0.117 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.117-SNAPSHOT + 7.0.117 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 46aa6e1256..47d11a302c 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117-SNAPSHOT + 7.0.117 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.117-SNAPSHOT + 7.0.117 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index b5a74e0b35..e64d82cd8f 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117-SNAPSHOT + 7.0.117 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index dbcb5a72f8..59038aade5 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 2a8eb293e6..c6c05d0a1f 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.117-SNAPSHOT + 7.0.117 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 9463679ea9..a77f923ca9 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 8ff8d87b24..d1d532bed6 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 6b52902b01..7c35494247 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 297df35936..1106e85260 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 23004d6b87..c2c9b807a5 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 85ab60403b..5f55ec6770 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.117-SNAPSHOT + 7.0.117 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index b3f0c1d763..ca9518f1b1 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index f9978035d7..584b26bf28 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 095f8e4ea0..c5868e578c 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 39bd6ad33e..b90a35da9a 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index d54206eae4..95d2c48e6e 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 9f5aa762df..146b4ccfdd 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index a979f7d082..83a1ea52a5 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 3e3711fb75..d74ec97259 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 9165c920c5..b46e3ce2d0 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 9cc3617558..959b39572d 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index d335511ebe..8a4f5e5d1b 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index ba986129f0..599a9bdd31 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index a853bced56..026b9e9d9d 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 diff --git a/pom.xml b/pom.xml index 0116dac19e..9120d0782c 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117-SNAPSHOT + 7.0.117 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.117 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 54f1ace749..a842b92e1a 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117-SNAPSHOT + 7.0.117 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index b24c2afd08..04cb4458f7 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117-SNAPSHOT + 7.0.117 4.0.0 From 82b52afbc3ce35b4ced91eef72366940486e1024 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 15 Jul 2024 03:57:23 +0000 Subject: [PATCH 49/90] [WSO2 Release] [Jenkins #4967] [Release 7.0.117] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index d80d030db5..2c588b4e1b 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117 + 7.0.118-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.117 + 7.0.118-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 47d11a302c..f767e6dce7 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117 + 7.0.118-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.117 + 7.0.118-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index e64d82cd8f..765957587a 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117 + 7.0.118-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 59038aade5..65c707863f 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index c6c05d0a1f..01b835970f 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.117 + 7.0.118-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index a77f923ca9..495d24773a 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index d1d532bed6..8278701698 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 7c35494247..08e196e1f9 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 1106e85260..55e75f282c 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index c2c9b807a5..0dc37159c5 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 5f55ec6770..0b4b860cf2 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.117 + 7.0.118-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index ca9518f1b1..8c01b01d32 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 584b26bf28..bba8521b49 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index c5868e578c..83f5c96b46 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index b90a35da9a..6235e6b398 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 95d2c48e6e..9a9d534346 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 146b4ccfdd..cc55d6fc09 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 83a1ea52a5..24005694f9 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index d74ec97259..6aebe32044 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index b46e3ce2d0..e87452e73f 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 959b39572d..b1426d4d08 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 8a4f5e5d1b..01f7ac34ad 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 599a9bdd31..a8909c3fad 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 026b9e9d9d..0efa51cf0e 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 9120d0782c..2eb5032d32 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117 + 7.0.118-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.117 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index a842b92e1a..7e529e7031 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.117 + 7.0.118-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 04cb4458f7..f5b4e28f4a 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.117 + 7.0.118-SNAPSHOT 4.0.0 From f6ed371f7b5f7422954cb8e5707b87b6875fc297 Mon Sep 17 00:00:00 2001 From: Thumimku Date: Mon, 15 Jul 2024 13:12:45 +0530 Subject: [PATCH 50/90] improve throwing exception --- .../main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java | 6 +++--- .../impersonation/validators/SubjectScopeValidator.java | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java index fdef96656c..d509a01bbd 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -1164,10 +1164,10 @@ private static User getUserFromTenant(String username, String userId, int tenant * @param userId The user id. * @param tenantId The tenant id where user resides. * @return User object from tenant userStoreManager. - * @throws IdentityApplicationManagementException Error when user cannot be resolved. + * @throws IdentityOAuth2Exception Error when user cannot be resolved. */ public static User getUserFromTenant(String userId, int tenantId) - throws IdentityApplicationManagementException { + throws IdentityOAuth2Exception { User user = null; try { @@ -1179,7 +1179,7 @@ public static User getUserFromTenant(String userId, int tenantId) } return user; } catch (org.wso2.carbon.user.api.UserStoreException e) { - throw new IdentityApplicationManagementException("Error finding user in tenant.", e); + throw new IdentityOAuth2Exception("Error finding user in tenant.", e); } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java index 225ce14071..670e755e62 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/impersonation/validators/SubjectScopeValidator.java @@ -22,7 +22,6 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; -import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.model.User; import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes; import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; @@ -113,7 +112,7 @@ private AuthenticatedUser getAuthenticatedSubjectUser(String subjectUserId, Stri authenticatedUser.setUserStoreDomain(user.getUserStoreDomain()); authenticatedUser.setTenantDomain(tenantDomain); return authenticatedUser; - } catch (UserStoreException | IdentityApplicationManagementException e) { + } catch (UserStoreException | IdentityOAuth2Exception e) { throw new IdentityOAuth2Exception(OAuth2ErrorCodes.INVALID_REQUEST, "Use mapped local subject is mandatory but a local user couldn't be found"); } From afb5508f0cc20f36ce74c84e435efc8415e9a760 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 15 Jul 2024 08:15:51 +0000 Subject: [PATCH 51/90] [WSO2 Release] [Jenkins #4969] [Release 7.0.118] prepare release v7.0.118 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 2c588b4e1b..fb1de88103 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118-SNAPSHOT + 7.0.118 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.118-SNAPSHOT + 7.0.118 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index f767e6dce7..ac3536c379 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118-SNAPSHOT + 7.0.118 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.118-SNAPSHOT + 7.0.118 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 765957587a..ad7a8ee9a4 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118-SNAPSHOT + 7.0.118 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 65c707863f..1440daba61 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 01b835970f..e503cb6bff 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.118-SNAPSHOT + 7.0.118 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 495d24773a..dd677bfbaa 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 8278701698..ba7779b841 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 08e196e1f9..4209906e21 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 55e75f282c..b4a230d550 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 0dc37159c5..0563450745 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 0b4b860cf2..15618a9f54 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.118-SNAPSHOT + 7.0.118 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 8c01b01d32..33d7a16ee4 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index bba8521b49..58360f6e2c 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 83f5c96b46..ee6eeea654 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 6235e6b398..09cf8eec67 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 9a9d534346..864e4dd3a2 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index cc55d6fc09..802ef13a2b 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 24005694f9..5b3e92ac84 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 6aebe32044..5aa9f55d6b 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index e87452e73f..43b44ed305 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index b1426d4d08..77ad503882 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 01f7ac34ad..f5e228d175 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index a8909c3fad..515b63e332 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 0efa51cf0e..5f331580f7 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 diff --git a/pom.xml b/pom.xml index 2eb5032d32..f7d6905781 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118-SNAPSHOT + 7.0.118 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.118 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 7e529e7031..610634762f 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118-SNAPSHOT + 7.0.118 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index f5b4e28f4a..c531b90ea9 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118-SNAPSHOT + 7.0.118 4.0.0 From 430d91f05e93a0a115a76e993a4cdb94afdb63f9 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Mon, 15 Jul 2024 08:15:53 +0000 Subject: [PATCH 52/90] [WSO2 Release] [Jenkins #4969] [Release 7.0.118] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index fb1de88103..ef2386ac93 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118 + 7.0.119-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.118 + 7.0.119-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index ac3536c379..a7a6a791e8 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118 + 7.0.119-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.118 + 7.0.119-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index ad7a8ee9a4..b103d26eae 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118 + 7.0.119-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 1440daba61..bd6cc7a7c1 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index e503cb6bff..c147a3e1e5 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.118 + 7.0.119-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index dd677bfbaa..fffc870a09 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index ba7779b841..b1069b6a21 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 4209906e21..1505f48828 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index b4a230d550..fd99854aac 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 0563450745..62ccb9f51c 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 15618a9f54..bd80b00af5 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.118 + 7.0.119-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 33d7a16ee4..605f41e4f5 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 58360f6e2c..bd74115e96 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index ee6eeea654..61b4f6ca2b 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 09cf8eec67..50e9e74106 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 864e4dd3a2..1cf32c4b0d 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 802ef13a2b..b8ad435be0 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 5b3e92ac84..a9e6a6cd26 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 5aa9f55d6b..b4f56868f3 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 43b44ed305..300c242101 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 77ad503882..679b44d669 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index f5e228d175..f47875724d 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 515b63e332..c618a6cbac 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 5f331580f7..86bd79cf56 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index f7d6905781..eff49e7321 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118 + 7.0.119-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.118 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 610634762f..e12190a6b3 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.118 + 7.0.119-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index c531b90ea9..0f411a074e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.118 + 7.0.119-SNAPSHOT 4.0.0 From 03c7abbf4f321d01a22eb0044ffa6cfc7b27c410 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri <47152272+mpmadhavig@users.noreply.github.com> Date: Wed, 17 Jul 2024 10:56:33 +0530 Subject: [PATCH 53/90] Revert "Revert "Revert "Revert "Onboard app level pvtkeyjwt reuse config"""" --- .../dcr/endpoint/dto/ApplicationDTO.java | 12 +++ .../endpoint/dto/RegistrationRequestDTO.java | 13 +++ .../dcr/endpoint/dto/UpdateRequestDTO.java | 13 +++ .../oauth2/dcr/endpoint/util/DCRMUtils.java | 5 ++ .../identity/oauth/common/OAuthConstants.java | 10 ++- .../identity/oauth/dcr/bean/Application.java | 11 +++ .../bean/ApplicationRegistrationRequest.java | 11 +++ .../dcr/bean/ApplicationUpdateRequest.java | 11 +++ .../oauth/dcr/service/DCRMService.java | 3 + .../src/main/resources/OAuthAdminService.wsdl | 1 + .../identity/oauth/OAuthAdminServiceImpl.java | 33 ++++++++ .../wso2/carbon/identity/oauth/OAuthUtil.java | 82 +++++++++++++++++++ .../identity/oauth/dao/OAuthAppDAO.java | 20 ++++- .../carbon/identity/oauth/dao/OAuthAppDO.java | 11 +++ .../oauth/dto/OAuthConsumerAppDTO.java | 11 +++ .../internal/OAuthComponentServiceHolder.java | 22 +++++ .../oauth/internal/OAuthServiceComponent.java | 35 ++++++++ .../oauth/OAuthAdminServiceImplTest.java | 36 ++++++++ 18 files changed, 338 insertions(+), 2 deletions(-) mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java mode change 100644 => 100755 components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java index a66d1be779..f7d980a4e1 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java @@ -65,6 +65,7 @@ public class ApplicationDTO { private String jwksUri = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt = null; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -292,6 +293,17 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java index 92e34409e4..e42227c3b0 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/RegistrationRequestDTO.java @@ -49,6 +49,7 @@ public class RegistrationRequestDTO { private String extTokenType = null; private String tokenEndpointAuthMethod = null; private String tokenEndpointAuthSigningAlg = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; private String idTokenEncryptedResponseAlg = null; @@ -332,6 +333,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java index 81471cc237..085eb32d26 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/UpdateRequestDTO.java @@ -36,6 +36,7 @@ public class UpdateRequestDTO { private boolean extPublicClient; private String extTokenType = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSigningAlg = null; private String sectorIdentifierUri = null; private String idTokenSignedResponseAlg = null; @@ -241,6 +242,18 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + @ApiModelProperty(value = "") + @JsonProperty("token_endpoint_allow_reuse_pvt_key_jwt") + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + @ApiModelProperty(value = "") @JsonProperty("token_endpoint_auth_signing_alg") public String getTokenEndpointAuthSigningAlg() { diff --git a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java index 8e46d6c25f..23e87ffa55 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java +++ b/components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java @@ -81,6 +81,8 @@ public static ApplicationRegistrationRequest getApplicationRegistrationRequest( appRegistrationRequest.setExtTokenType(registrationRequestDTO.getExtTokenType()); appRegistrationRequest.setJwksURI(registrationRequestDTO.getJwksUri()); appRegistrationRequest.setTokenEndpointAuthMethod(registrationRequestDTO.getTokenEndpointAuthMethod()); + appRegistrationRequest.setTokenEndpointAllowReusePvtKeyJwt(registrationRequestDTO + .isTokenEndpointAllowReusePvtKeyJwt()); appRegistrationRequest.setTokenEndpointAuthSignatureAlgorithm (registrationRequestDTO.getTokenEndpointAuthSigningAlg()); appRegistrationRequest.setSectorIdentifierURI(registrationRequestDTO.getSectorIdentifierUri()); @@ -125,6 +127,8 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(UpdateRequest applicationUpdateRequest.setExtTokenType(updateRequestDTO.getExtTokenType()); applicationUpdateRequest.setJwksURI(updateRequestDTO.getJwksUri()); applicationUpdateRequest.setTokenEndpointAuthMethod(updateRequestDTO.getTokenEndpointAuthMethod()); + applicationUpdateRequest.setTokenEndpointAllowReusePvtKeyJwt( + updateRequestDTO.isTokenEndpointAllowReusePvtKeyJwt()); applicationUpdateRequest.setTokenEndpointAuthSignatureAlgorithm (updateRequestDTO.getTokenEndpointAuthSigningAlg()); applicationUpdateRequest.setSectorIdentifierURI(updateRequestDTO.getSectorIdentifierUri()); @@ -235,6 +239,7 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic applicationDTO.setExtTokenType(application.getExtTokenType()); applicationDTO.setJwksUri(application.getJwksURI()); applicationDTO.setTokenEndpointAuthMethod(application.getTokenEndpointAuthMethod()); + applicationDTO.setTokenEndpointAllowReusePvtKeyJwt(application.isTokenEndpointAllowReusePvtKeyJwt()); applicationDTO.setTokenEndpointAuthSigningAlg(application.getTokenEndpointAuthSignatureAlgorithm()); applicationDTO.setSectorIdentifierUri(application.getSectorIdentifierURI()); applicationDTO.setIdTokenSignedResponseAlg(application.getIdTokenSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 57e7feac1e..94b888cec6 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -622,6 +622,7 @@ public static class OIDCConfigProperties { public static final String TOKEN_BINDING_VALIDATION = "tokenBindingValidation"; public static final String TOKEN_BINDING_TYPE_NONE = "None"; public static final String TOKEN_AUTH_METHOD = "tokenEndpointAuthMethod"; + public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT = "tokenEndpointAllowReusePvtKeyJwt"; public static final String TOKEN_AUTH_SIGNATURE_ALGORITHM = "tokenEndpointAuthSigningAlg"; public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri"; public static final String ID_TOKEN_SIGNATURE_ALGORITHM = "idTokenSignedResponseAlg"; @@ -636,7 +637,14 @@ public static class OIDCConfigProperties { public static final String IS_SUBJECT_TOKEN_ENABLED = "isSubjectTokenEnabled"; public static final String SUBJECT_TOKEN_EXPIRY_TIME = "subjectTokenExpiryTime"; public static final int SUBJECT_TOKEN_EXPIRY_TIME_VALUE = 180; - + public static final String PREVENT_TOKEN_REUSE = "PreventTokenReuse"; + public static final boolean DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE = true; + // Name of the {@code JWTClientAuthenticatorConfig} resource type in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_TYPE_NAME = "PK_JWT_CONFIGURATION"; + // Name of the {@code JWTClientAuthenticatorConfig} resource (per tenant) in the Configuration Management API. + public static final String JWT_CONFIGURATION_RESOURCE_NAME = "TENANT_PK_JWT_CONFIGURATION"; + public static final String PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME = "PrivateKeyJWTClientAuthenticator"; + public static final String ENABLE_TOKEN_REUSE = "EnableTokenReuse"; private OIDCConfigProperties() { } diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java index bb555c1f16..7f0d3907f2 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/Application.java @@ -46,6 +46,7 @@ public class Application implements Serializable { private String extTokenType = null; private String jwksURI = null; private String tokenEndpointAuthMethod = null; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm = null; private String sectorIdentifierURI = null; private String idTokenSignatureAlgorithm = null; @@ -253,6 +254,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java index af1666e651..068fa18637 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationRegistrationRequest.java @@ -52,6 +52,7 @@ public class ApplicationRegistrationRequest implements Serializable { private String jwksURI; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -380,6 +381,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java index b98772d5dd..443821cd55 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/bean/ApplicationUpdateRequest.java @@ -48,6 +48,7 @@ public class ApplicationUpdateRequest implements Serializable { private String jwksURI = null; private String softwareStatement; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -305,6 +306,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java index 6aa00ca66a..994bd068fa 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java +++ b/components/org.wso2.carbon.identity.oauth.dcr/src/main/java/org/wso2/carbon/identity/oauth/dcr/service/DCRMService.java @@ -351,6 +351,7 @@ public Application updateApplication(ApplicationUpdateRequest updateRequest, Str if (updateRequest.getTokenEndpointAuthMethod() != null) { appDTO.setTokenEndpointAuthMethod(updateRequest.getTokenEndpointAuthMethod()); } + appDTO.setTokenEndpointAllowReusePvtKeyJwt(updateRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (updateRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { appDTO.setTokenEndpointAuthSignatureAlgorithm (updateRequest.getTokenEndpointAuthSignatureAlgorithm()); @@ -670,6 +671,7 @@ private Application buildResponse(OAuthConsumerAppDTO createdApp, String tenantD application.setExtTokenType(createdApp.getTokenType()); application.setJwksURI(createdApp.getJwksURI()); application.setTokenEndpointAuthMethod(createdApp.getTokenEndpointAuthMethod()); + application.setTokenEndpointAllowReusePvtKeyJwt(createdApp.isTokenEndpointAllowReusePvtKeyJwt()); application.setTokenEndpointAuthSignatureAlgorithm(createdApp.getTokenEndpointAuthSignatureAlgorithm()); application.setSectorIdentifierURI(createdApp.getSectorIdentifierURI()); application.setIdTokenSignatureAlgorithm(createdApp.getIdTokenSignatureAlgorithm()); @@ -764,6 +766,7 @@ private OAuthConsumerAppDTO createOAuthApp(ApplicationRegistrationRequest regist if (registrationRequest.getTokenEndpointAuthMethod() != null) { oAuthConsumerApp.setTokenEndpointAuthMethod(registrationRequest.getTokenEndpointAuthMethod()); } + oAuthConsumerApp.setTokenEndpointAllowReusePvtKeyJwt(registrationRequest.isTokenEndpointAllowReusePvtKeyJwt()); if (registrationRequest.getTokenEndpointAuthSignatureAlgorithm() != null) { oAuthConsumerApp.setTokenEndpointAuthSignatureAlgorithm (registrationRequest.getTokenEndpointAuthSignatureAlgorithm()); diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl old mode 100644 new mode 100755 index 8b9539eddc..a1b5a18871 --- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl +++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl @@ -432,6 +432,7 @@ + diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java old mode 100644 new mode 100755 index 068ac62c57..3129f55459 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java @@ -107,6 +107,7 @@ import static org.wso2.carbon.identity.oauth.OAuthUtil.handleErrorWithExceptionType; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_DELETED; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.PRIVATE_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.buildScopeString; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getTenantId; @@ -429,6 +430,13 @@ OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumerAppDTO } app.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); } + Boolean tokenEndpointAllowReusePvtKeyJwt = application.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, + tokenEndpointAllowReusePvtKeyJwt)) { + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); + } + app.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); String tokenEndpointAuthSigningAlgorithm = application.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSigningAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -855,6 +863,13 @@ void updateConsumerApplication(OAuthConsumerAppDTO consumerAppDTO, boolean enabl } oAuthAppDO.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); + Boolean tokenEndpointAllowReusePvtKeyJwt = consumerAppDTO.isTokenEndpointAllowReusePvtKeyJwt(); + if (isInvalidTokenEPReusePvtKeyJwtRequest(tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt)) { + throw handleClientError(INVALID_REQUEST, "Requested client authentication method " + + "incompatible with the Private Key JWT Reuse config value."); + } + oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(tokenEndpointAllowReusePvtKeyJwt); + String tokenEndpointAuthSignatureAlgorithm = consumerAppDTO.getTokenEndpointAuthSignatureAlgorithm(); if (StringUtils.isNotEmpty(tokenEndpointAuthSignatureAlgorithm)) { if (isFAPIConformanceEnabled) { @@ -2492,6 +2507,24 @@ private void handleInternalTokenRevocation(String consumerKey, Properties proper } } + /** + * Return whether the request of updating the tokenEndpointAllowReusePvtKeyJwt is valid. + * + * @param tokenEndpointAuthMethod token endpoint client authentication method. + * @param tokenEndpointAllowReusePvtKeyJwt During client authentication whether to reuse private key JWT. + * @return True if tokenEndpointAuthMethod and tokenEndpointAllowReusePvtKeyJwt is NOT in the correct format. + */ + private boolean isInvalidTokenEPReusePvtKeyJwtRequest(String tokenEndpointAuthMethod, + Boolean tokenEndpointAllowReusePvtKeyJwt) { + + if (StringUtils.isNotBlank(tokenEndpointAuthMethod)) { + if (tokenEndpointAuthMethod.equals(PRIVATE_KEY_JWT)) { + return tokenEndpointAllowReusePvtKeyJwt == null; + } + } + return tokenEndpointAllowReusePvtKeyJwt != null; + } + /** * FAPI validation to restrict the token endpoint authentication methods. * Link - https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server (5.2.2 - 14) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java old mode 100644 new mode 100755 index d509a01bbd..ccda080191 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -37,6 +37,11 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; +import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException; +import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute; +import org.wso2.carbon.identity.configuration.mgt.core.model.Resource; +import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler; +import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.OAuthCache; @@ -77,6 +82,7 @@ import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -89,6 +95,12 @@ import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CURRENT_TOKEN_IDENTIFIER; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.PRESERVE_LOGGED_IN_SESSION_AT_PASSWORD_UPDATE; import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ORGANIZATION_LOGIN_HOME_REALM_IDENTIFIER; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.ENABLE_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.JWT_CONFIGURATION_RESOURCE_TYPE_NAME; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PREVENT_TOKEN_REUSE; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.UserType.FEDERATED_USER_DOMAIN_PREFIX; @@ -536,6 +548,7 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) { .isTokenRevocationWithIDPSessionTerminationEnabled()); dto.setTokenBindingValidationEnabled(appDO.isTokenBindingValidationEnabled()); dto.setTokenEndpointAuthMethod(appDO.getTokenEndpointAuthMethod()); + dto.setTokenEndpointAllowReusePvtKeyJwt(appDO.isTokenEndpointAllowReusePvtKeyJwt()); dto.setTokenEndpointAuthSignatureAlgorithm(appDO.getTokenEndpointAuthSignatureAlgorithm()); dto.setSectorIdentifierURI(appDO.getSectorIdentifierURI()); dto.setIdTokenSignatureAlgorithm(appDO.getIdTokenSignatureAlgorithm()); @@ -1222,4 +1235,73 @@ private static void setOrganizationSSOUserDetails(AuthenticatedUser authenticate authenticatedUser.setFederatedIdPName(orgSsoIdp.getIdentityProviderName()); } } + + /** + * Get the value of the Tenant configuration of Reuse Private key JWT from the tenant configuration. + * + * @param tokenEPAllowReusePvtKeyJwtValue Value of the tokenEPAllowReusePvtKeyJwt configuration. + * @param tokenAuthMethod Token authentication method. + * @return Value of the tokenEPAllowReusePvtKeyJwt configuration. + * @throws IdentityOAuth2ServerException IdentityOAuth2ServerException exception. + */ + public static String getValueOfTokenEPAllowReusePvtKeyJwt(String tokenEPAllowReusePvtKeyJwtValue, + String tokenAuthMethod) + throws IdentityOAuth2ServerException { + + if (tokenEPAllowReusePvtKeyJwtValue == null && StringUtils.isNotBlank(tokenAuthMethod) + && OAuthConstants.PRIVATE_KEY_JWT.equals(tokenAuthMethod)) { + try { + tokenEPAllowReusePvtKeyJwtValue = readTenantConfigurationPvtKeyJWTReuse(); + } catch (ConfigurationManagementException e) { + throw new IdentityOAuth2ServerException("Unable to retrieve JWT Authenticator tenant configuration.", + e); + } + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = readServerConfigurationPvtKeyJWTReuse(); + if (tokenEPAllowReusePvtKeyJwtValue == null) { + tokenEPAllowReusePvtKeyJwtValue = String.valueOf(DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE); + } + } + } + return tokenEPAllowReusePvtKeyJwtValue; + } + + private static String readTenantConfigurationPvtKeyJWTReuse() throws ConfigurationManagementException { + + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; + Resource resource = OAuthComponentServiceHolder.getInstance().getConfigurationManager() + .getResource(JWT_CONFIGURATION_RESOURCE_TYPE_NAME, JWT_CONFIGURATION_RESOURCE_NAME); + + if (resource != null) { + tokenEPAllowReusePvtKeyJwtTenantConfig = resource.getAttributes().stream() + .filter(attribute -> ENABLE_TOKEN_REUSE.equals(attribute.getKey())) + .map(Attribute::getValue) + .findFirst() + .orElse(null); + } + return tokenEPAllowReusePvtKeyJwtTenantConfig; + } + + private static String readServerConfigurationPvtKeyJWTReuse() { + + String tokenEPAllowReusePvtKeyJwtTenantConfig = null; + IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty( + AbstractIdentityHandler.class.getName(), PVT_KEY_JWT_CLIENT_AUTHENTICATOR_CLASS_NAME); + + if (identityEventListenerConfig != null + && Boolean.parseBoolean(identityEventListenerConfig.getEnable())) { + if (identityEventListenerConfig.getProperties() != null) { + for (Map.Entry property : identityEventListenerConfig.getProperties().entrySet()) { + String key = (String) property.getKey(); + String value = (String) property.getValue(); + if (Objects.equals(key, PREVENT_TOKEN_REUSE)) { + boolean preventTokenReuse = Boolean.parseBoolean(value); + tokenEPAllowReusePvtKeyJwtTenantConfig = String.valueOf(!preventTokenReuse); + break; + } + } + } + } + return tokenEPAllowReusePvtKeyJwtTenantConfig; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java old mode 100644 new mode 100755 index 0608a7a8c9..dfb0bc88f2 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java @@ -47,6 +47,7 @@ import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor; import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -102,6 +103,7 @@ import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_TYPE_NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_BINDING_VALIDATION; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE; import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE; @@ -982,6 +984,10 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO, TOKEN_AUTH_METHOD, oauthAppDO.getTokenEndpointAuthMethod(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, String.valueOf(oauthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), + prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); + addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM, oauthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate); @@ -1636,6 +1642,12 @@ private void addServiceProviderOIDCProperties(Connection connection, addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_METHOD, consumerAppDO.getTokenEndpointAuthMethod()); + if (consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) { + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, + TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT, + String.valueOf(consumerAppDO.isTokenEndpointAllowReusePvtKeyJwt())); + } + addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_AUTH_SIGNATURE_ALGORITHM, consumerAppDO.getTokenEndpointAuthSignatureAlgorithm()); @@ -1732,7 +1744,8 @@ private Map> getSpOIDCProperties(Connection connection, return spOIDCProperties; } - private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) { + private void setSpOIDCProperties(Map> spOIDCProperties, OAuthAppDO oauthApp) + throws IdentityOAuth2ServerException { // Handle OIDC audience values if (isOIDCAudienceEnabled() && @@ -1795,6 +1808,11 @@ private void setSpOIDCProperties(Map> spOIDCProperties, OAu if (tokenAuthMethod != null) { oauthApp.setTokenEndpointAuthMethod(tokenAuthMethod); } + String tokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt( + getFirstPropertyValue(spOIDCProperties, TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT), tokenAuthMethod); + if (tokenEPAllowReusePvtKeyJwt != null) { + oauthApp.setTokenEndpointAllowReusePvtKeyJwt(Boolean.parseBoolean(tokenEPAllowReusePvtKeyJwt)); + } String tokenSignatureAlgorithm = getFirstPropertyValue(spOIDCProperties, TOKEN_AUTH_SIGNATURE_ALGORITHM); if (tokenSignatureAlgorithm != null) { oauthApp.setTokenEndpointAuthSignatureAlgorithm(tokenSignatureAlgorithm); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java index b48b74bae7..50a1f48db4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java @@ -81,6 +81,7 @@ public class OAuthAppDO extends InboundConfigurationProtocol implements Serializ private boolean tokenRevocationWithIDPSessionTerminationEnabled; private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String tokenEndpointAuthSignatureAlgorithm; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; @@ -383,6 +384,16 @@ public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getTokenEndpointAuthSignatureAlgorithm() { return tokenEndpointAuthSignatureAlgorithm; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java index f93e9acc4f..fba94088c1 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java @@ -67,6 +67,7 @@ public class OAuthConsumerAppDTO implements InboundProtocolConfigurationDTO { private boolean tokenBindingValidationEnabled; private String tokenEndpointAuthMethod; private String tokenEndpointAuthSignatureAlgorithm; + private Boolean tokenEndpointAllowReusePvtKeyJwt; private String sectorIdentifierURI; private String idTokenSignatureAlgorithm; private String requestObjectSignatureAlgorithm; @@ -384,6 +385,16 @@ public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSigna this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; } + public Boolean isTokenEndpointAllowReusePvtKeyJwt() { + + return tokenEndpointAllowReusePvtKeyJwt; + } + + public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) { + + this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt; + } + public String getSectorIdentifierURI() { return sectorIdentifierURI; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 5a91f8a515..419c09ac80 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -22,6 +22,7 @@ import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; @@ -80,6 +81,7 @@ public class OAuthComponentServiceHolder { private AuthorizedAPIManagementService authorizedAPIManagementService; private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; + private ConfigurationManager configurationManager; /** * Get the list of scope validator implementations available. @@ -511,4 +513,24 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } + + /** + * Get the ConfigurationManager instance. + * + * @return ConfigurationManager The ConfigurationManager instance. + */ + public ConfigurationManager getConfigurationManager() { + + return configurationManager; + } + + /** + * Set the ConfigurationManager instance. + * + * @param configurationManager ConfigurationManager The ConfigurationManager instance. + */ + public void setConfigurationManager(ConfigurationManager configurationManager) { + + this.configurationManager = configurationManager; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index a253d8836d..c0981a6a1c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -30,6 +30,7 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler; +import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; @@ -521,4 +522,38 @@ protected void unsetOrganizationUserSharingService(OrganizationUserSharingServic } OAuthComponentServiceHolder.getInstance().setOrganizationUserSharingService(null); } + + /** + * Set the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + @Reference( + name = "resource.configuration.manager", + service = ConfigurationManager.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unregisterConfigurationManager" + ) + protected void registerConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Registering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); + } + + + /** + * Unset the ConfigurationManager. + * + * @param configurationManager The {@code ConfigurationManager} instance. + */ + protected void unregisterConfigurationManager(ConfigurationManager configurationManager) { + + if (log.isDebugEnabled()) { + log.debug("Unregistering the ConfigurationManager in JWT Client Authenticator ManagementService."); + } + OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java old mode 100644 new mode 100755 index d295a00267..643bad39f0 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImplTest.java @@ -850,6 +850,34 @@ private void testValidateTokenAuthenticationWithInvalidAuthentication() throws E } } + @DataProvider(name = "getTokenAuthMethodAndTokenReuseConfigData") + public Object[][] getTokenAuthMethodAndTokenReuseConfigData() { + + return new Object[][]{ + // Client auth method, Expected result. + {"private_key_jwt", null, true}, + {null, true, true}, + {"", true, true}, + {" ", true, true}, + {"dummy_method", true, true}, + {"private_key_jwt", true, false}, + {null, null, false}, + {"dummy_method", null, false}}; + } + + @Test(description = "Test invalid reuse token config & client auth method combination.", + dataProvider = "getTokenAuthMethodAndTokenReuseConfigData") + private void testInvalidReuseTokenRequestAndClientAuthMethod(String tokenEndpointAuthMethod, + Boolean tokenEndpointAllowReusePvtKeyJwt, + boolean expectedResult) throws Exception { + + OAuthAdminServiceImpl oAuthAdminService = new OAuthAdminServiceImpl(); + + Assert.assertEquals(invokePrivateMethod(oAuthAdminService, + "isInvalidTokenEPReusePvtKeyJwtRequest", new Class[]{String.class, Boolean.class}, + tokenEndpointAuthMethod, tokenEndpointAllowReusePvtKeyJwt), expectedResult); + } + @Test(description = "Test validating signature algorithm") private void testValidateSignatureAlgorithm() throws Exception { @@ -1059,4 +1087,12 @@ private Object invokePrivateMethod(Object object, String methodName, Object... p method.setAccessible(true); return method.invoke(object, params); } + + private Object invokePrivateMethod(Object object, String methodName, Class[] paramTypes, Object... params) + throws Exception { + + Method method = object.getClass().getDeclaredMethod(methodName, paramTypes); + method.setAccessible(true); + return method.invoke(object, params); + } } From 1700db93c47e391a6b80e40d55a6548ed659f907 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 17 Jul 2024 10:21:49 +0000 Subject: [PATCH 54/90] [maven-release-plugin] prepare release v7.0.120 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index ef2386ac93..f44df4088e 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.119-SNAPSHOT + 7.0.120 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.119-SNAPSHOT + 7.0.120 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index a7a6a791e8..9ee9ec5885 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.119-SNAPSHOT + 7.0.120 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.119-SNAPSHOT + 7.0.120 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index b103d26eae..383ca380d2 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.119-SNAPSHOT + 7.0.120 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index bd6cc7a7c1..1069166bad 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index c147a3e1e5..f860ed1923 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.119-SNAPSHOT + 7.0.120 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index fffc870a09..e024708024 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index b1069b6a21..8620292e82 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 1505f48828..77d4106765 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index fd99854aac..e29eb7a993 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 62ccb9f51c..00e9610384 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index bd80b00af5..2818faa2b3 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.119-SNAPSHOT + 7.0.120 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 605f41e4f5..5e74da684f 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index bd74115e96..e75f239db3 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 61b4f6ca2b..80dffe41e6 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 50e9e74106..ccb4d1eadf 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 1cf32c4b0d..f823f70256 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index b8ad435be0..8cc6a1ffb7 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index a9e6a6cd26..f60510efc1 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index b4f56868f3..df80cc8eeb 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 300c242101..8513140751 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 679b44d669..9946ef53e7 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index f47875724d..071cd80a73 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index c618a6cbac..a9ea628131 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 86bd79cf56..2e0ba9427d 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 diff --git a/pom.xml b/pom.xml index eff49e7321..0678e1f220 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.119-SNAPSHOT + 7.0.120 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.120 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index e12190a6b3..037c729dce 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.119-SNAPSHOT + 7.0.120 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 0f411a074e..bbff7aa7dc 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.119-SNAPSHOT + 7.0.120 4.0.0 From c5260236e5f7bb8114e1323d7ac036fb16b1a62f Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 17 Jul 2024 10:21:51 +0000 Subject: [PATCH 55/90] [maven-release-plugin] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index f44df4088e..0a7297facb 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.120 + 7.0.121-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.120 + 7.0.121-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 9ee9ec5885..e9375a88da 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.120 + 7.0.121-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.120 + 7.0.121-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 383ca380d2..eb9008f822 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.120 + 7.0.121-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 1069166bad..9bcc5e57fe 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index f860ed1923..874d7c2b31 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.120 + 7.0.121-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index e024708024..d7d1352072 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 8620292e82..70f3ff40df 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 77d4106765..b83666a53e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index e29eb7a993..573f5e0d2e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 00e9610384..df6acefd4b 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 2818faa2b3..6a1486ba54 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.120 + 7.0.121-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 5e74da684f..0ef698c9c1 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index e75f239db3..46ab1e61fa 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 80dffe41e6..d5c1f0192a 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index ccb4d1eadf..2713086fc0 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index f823f70256..1e88799f2e 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 8cc6a1ffb7..76fe708fd3 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index f60510efc1..24bfa92649 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index df80cc8eeb..cc8154c743 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 8513140751..e3134c1a4c 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 9946ef53e7..ebfa3d314f 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 071cd80a73..2209a7cd6d 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index a9ea628131..300ddbcbb1 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 2e0ba9427d..16646f9d3d 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 0678e1f220..9f99fbe518 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.120 + 7.0.121-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.120 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 037c729dce..f96102a646 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.120 + 7.0.121-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index bbff7aa7dc..daba382b4e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.120 + 7.0.121-SNAPSHOT 4.0.0 From 09de598155b8054e1b7432c76bab6331ba81cf61 Mon Sep 17 00:00:00 2001 From: malithie Date: Sat, 20 Jul 2024 14:18:37 +0530 Subject: [PATCH 56/90] Add base for pre issue access token extension. --- .../carbon/identity/actions/APIClient.java | 99 ++ .../ActionExecutionRequestBuilder.java | 34 + .../ActionExecutionRequestBuilderFactory.java | 47 + .../ActionExecutionResponseProcessor.java | 34 + ...tionExecutionResponseProcessorFactory.java | 45 + .../actions/ActionExecutorService.java | 31 + .../actions/ActionExecutorServiceImpl.java | 107 ++ .../carbon/identity/actions/ActionType.java | 27 + .../exception/ActionExecutionException.java | 33 + .../actions/model/ActionExecutionRequest.java | 129 +++ .../model/ActionExecutionResponse.java | 50 + .../actions/model/ActionExecutionStatus.java | 41 + .../actions/model/AllowedOperation.java | 52 + .../identity/actions/model/Application.java | 45 + .../carbon/identity/actions/model/Event.java | 52 + .../identity/actions/model/Operation.java | 23 + .../identity/actions/model/Organization.java | 45 + .../actions/model/PerformableOperation.java | 56 + .../identity/actions/model/Request.java | 41 + .../carbon/identity/actions/model/Tenant.java | 42 + .../carbon/identity/actions/model/User.java | 39 + .../identity/actions/model/UserStore.java | 52 + .../actions/util/OperationComparator.java | 45 + .../action/PreIssueAccessTokenProcessor.java | 542 ++++++++++ .../PreIssueAccessTokenRequestBuilder.java | 313 ++++++ .../oauth/action/model/AccessToken.java | 247 +++++ .../oauth/action/model/ClaimPathInfo.java | 42 + .../model/PreIssueAccessTokenEvent.java | 101 ++ .../oauth/action/model/TokenRequest.java | 144 +++ .../cache/AuthorizationGrantCacheEntry.java | 41 + .../internal/OAuthComponentServiceHolder.java | 13 + .../oauth/internal/OAuthServiceComponent.java | 3 + .../internal/OAuth2ServiceComponent.java | 980 +++++++++--------- .../oauth2/token/AccessTokenIssuer.java | 41 + .../identity/oauth2/token/JWTTokenIssuer.java | 57 +- .../token/OAuthTokenReqMessageContext.java | 58 +- .../AbstractAuthorizationGrantHandler.java | 146 +-- .../handlers/grant/RefreshGrantHandler.java | 60 +- .../identity/oauth2/util/OAuth2Util.java | 7 + .../identity/openidconnect/OIDCClaimUtil.java | 2 +- .../oauth2/token/JWTTokenIssuerTest.java | 4 +- ...AbstractAuthorizationGrantHandlerTest.java | 20 +- 42 files changed, 3424 insertions(+), 566 deletions(-) create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java new file mode 100644 index 0000000000..f46006f9c0 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpEntity; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.util.EntityUtils; +import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; + +/** + * APIClient. + */ +public class APIClient { + + private static final Log log = LogFactory.getLog(APIClient.class); + private final CloseableHttpClient httpClient; + private final int connectionTimeout = 2000; + private final int connectionRequestTimeout = 2000; + private final int readTimeout = 5000; + + public APIClient() { + // Initialize the http client. Set connection time out to 2s and read time out to 5s. + RequestConfig config = RequestConfig.custom() + .setConnectTimeout(connectionTimeout) + .setConnectionRequestTimeout(connectionRequestTimeout) + .setSocketTimeout(readTimeout) + .setRedirectsEnabled(false) + .setRelativeRedirectsAllowed(false) + .build(); + httpClient = HttpClientBuilder.create().setDefaultRequestConfig(config).build(); + } + + public ActionExecutionResponse callAPI(String url, ActionExecutionRequest request) { + + try { + // Create a HttpPost request + HttpPost httpPost = new HttpPost(url); + + // Convert the ActionInvocationRequest object to JSON string + ObjectMapper requestObjectmapper = new ObjectMapper(); + requestObjectmapper.setSerializationInclusion(JsonInclude.Include.NON_NULL); + requestObjectmapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY); + + String jsonRequest = requestObjectmapper.writeValueAsString(request); + + log.info("=== Action Request: \n" + jsonRequest); + + // Set the JSON string as the request body + StringEntity entity = new StringEntity(jsonRequest); + httpPost.setEntity(entity); + httpPost.setHeader("Accept", "application/json"); + httpPost.setHeader("Content-type", "application/json"); + + // Execute the request and get the response + CloseableHttpResponse response = httpClient.execute(httpPost); + + // Extract the JSON string from the response + HttpEntity responseEntity = response.getEntity(); + String jsonResponse = EntityUtils.toString(responseEntity); + + ObjectMapper objectMapper = new ObjectMapper(); + ActionExecutionResponse actionExecutionResponse = + objectMapper.readValue(jsonResponse, ActionExecutionResponse.class); + + return actionExecutionResponse; + } catch (Exception e) { + log.error("Failed to invoke the http endpoint: " + url, e); + + return null; + } + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java new file mode 100644 index 0000000000..19654c9de2 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; + +import java.util.Map; + +/** + * ActionInvocationRequestBuilder. + */ +public interface ActionExecutionRequestBuilder { + + ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, Map eventContext) throws + ActionExecutionException; + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java new file mode 100644 index 0000000000..05fa080eb6 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; + +import java.util.HashMap; +import java.util.Map; + +/** + * ActionInvocationRequestBuilderFactory. + */ +public class ActionExecutionRequestBuilderFactory { + + private static final Map actionInvocationRequestBuilders = new HashMap<>(); + + public static ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, + Map eventContext) + throws ActionExecutionException { + + return actionInvocationRequestBuilders.get(actionType).buildActionInvocationRequest(actionType, eventContext); + } + + public static void registerActionInvocationRequestBuilder(ActionType actionType, + ActionExecutionRequestBuilder actionExecutionRequestBuilder) { + + actionInvocationRequestBuilders.put(actionType, actionExecutionRequestBuilder); + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java new file mode 100644 index 0000000000..bbe7b0001d --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionStatus; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; +import org.wso2.carbon.identity.actions.model.Event; + +import java.util.Map; + +public interface ActionExecutionResponseProcessor { + + ActionExecutionStatus processResponse(ActionType actionType, Map eventContext, Event actionEvent, + ActionExecutionResponse actionExecutionResponse) throws + ActionExecutionException; + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java new file mode 100644 index 0000000000..3123584172 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import java.util.HashMap; +import java.util.Map; + +public class ActionExecutionResponseProcessorFactory { + + private static final Map actionInvocationResponseProcessors = + new HashMap<>(); + + public static ActionExecutionResponseProcessor getActionInvocationResponseProcessor(ActionType actionType) { + + switch (actionType) { + case PRE_ISSUE_ACCESS_TOKEN: + return actionInvocationResponseProcessors.get(ActionType.PRE_ISSUE_ACCESS_TOKEN); + default: + return null; + } + } + + public static void registerActionInvocationResponseProcessor(ActionType actionType, + ActionExecutionResponseProcessor actionExecutionResponseProcessor) { + + actionInvocationResponseProcessors.put(actionType, actionExecutionResponseProcessor); + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java new file mode 100644 index 0000000000..2ddc405aa7 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; + +import java.util.Map; + +public interface ActionExecutorService { + + ActionExecutionResponse execute(ActionType actionType, Map eventContext) throws + ActionExecutionException; + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java new file mode 100644 index 0000000000..db9c12bb69 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; +import org.wso2.carbon.identity.actions.model.AllowedOperation; +import org.wso2.carbon.identity.actions.model.PerformableOperation; +import org.wso2.carbon.identity.actions.util.OperationComparator; +import org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer; + +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +/** + * ActionInvocationService. + */ + +public class ActionExecutorServiceImpl implements ActionExecutorService { + + private static final Log log = LogFactory.getLog(ActionExecutorServiceImpl.class); + + private static final ActionExecutorServiceImpl instance = new ActionExecutorServiceImpl(); + private final APIClient apiClient; + + private ActionExecutorServiceImpl() { + + apiClient = new APIClient(); + } + + public static ActionExecutorServiceImpl getInstance() { + + return instance; + } + + public ActionExecutionResponse execute(ActionType actionType, Map eventContext) throws + ActionExecutionException { + + ActionExecutionRequest request = + ActionExecutionRequestBuilderFactory.buildActionInvocationRequest(actionType, eventContext); + + ActionExecutionResponse response = + apiClient.callAPI("https://mpd07d9c71841be2961c.free.beeceptor.com/anymock/pre-issue-access-token", request); + + ObjectMapper objectMapper = new ObjectMapper(); + try { + String jsonResponse = objectMapper.writeValueAsString(response); + log.info("=== Action Response: \n" + jsonResponse); + } catch (JsonProcessingException e) { + throw new RuntimeException(e); + } + + List allowedPerformableOperations = validatePerformableOperations(request, response); + response.setOperations(allowedPerformableOperations); + + ActionExecutionResponseProcessorFactory.getActionInvocationResponseProcessor(actionType) + .processResponse(actionType, eventContext, request.getEvent(), response); + + return response; + } + + // implement a method to validate if the paths of PerformableOperations in ActionInvocationResponse matches with paths of allowedOperations on ActionInvocationRequest. + private List validatePerformableOperations(ActionExecutionRequest request, + ActionExecutionResponse response) { + + List allowedOperations = request.getAllowedOperations(); + + List allowedPerformableOperations = response.getOperations().stream() + .filter(performableOperation -> allowedOperations.stream() + .anyMatch(allowedOperation -> OperationComparator.compare(allowedOperation, + performableOperation))) + .collect(Collectors.toList()); + + response.getOperations().forEach(operation -> { + if (allowedPerformableOperations.contains(operation)) { + log.info("==== Operation " + operation.getOp() + " with path " + operation.getPath() + " is allowed."); + } else { + log.info("==== Operation " + operation.getOp() + " with path " + operation.getPath() + + " is not allowed."); + } + }); + + return allowedPerformableOperations; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java new file mode 100644 index 0000000000..bdf7285481 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions; + +/** + * Action Type. + */ +public enum ActionType { + PRE_ISSUE_ACCESS_TOKEN, + POST_ISSUE_ACCESS_TOKEN, +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java new file mode 100644 index 0000000000..32443f4a4a --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.exception; + +public class ActionExecutionException extends Exception { + + public ActionExecutionException(String message) { + + super(message); + } + + public ActionExecutionException(String message, Throwable cause) { + + super(message, cause); + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java new file mode 100644 index 0000000000..eb44512af8 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java @@ -0,0 +1,129 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import org.apache.commons.lang.StringUtils; +import org.slf4j.MDC; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; + +import java.util.List; + +/** + * Action Invocation Request. + */ +public class ActionExecutionRequest { + + private final ActionType actionType; + private final String flowId; + private final Event event; + private final List allowedOperations; + + public ActionExecutionRequest(Builder builder) { + + this.actionType = builder.actionType; + this.flowId = builder.flowId; + this.event = builder.event; + this.allowedOperations = builder.allowedOperations; + } + + // todo: read from a util class + private static String getCorrelationId() { + + String ref; + if (isCorrelationIDPresent()) { + ref = MDC.get(FrameworkUtils.CORRELATION_ID_MDC); + } else { +// if (log.isDebugEnabled()) { +// log.debug("Correlation id is not present in the log MDC."); +// } + ref = StringUtils.EMPTY; + } + return ref; + } + + // todo: read from a util class + private static boolean isCorrelationIDPresent() { + + return MDC.get(FrameworkUtils.CORRELATION_ID_MDC) != null; + } + + public ActionType getActionType() { + + return actionType; + } + + public String getFlowId() { + + return flowId; + } + + public String getRequestId() { + + return getCorrelationId(); + } + + public Event getEvent() { + + return event; + } + + public List getAllowedOperations() { + + return allowedOperations; + } + + public static class Builder { + + private ActionType actionType; + private String flowId; + private Event event; + private List allowedOperations; + + public Builder actionType(ActionType actionType) { + + this.actionType = actionType; + return this; + } + + public Builder flowId(String flowId) { + + this.flowId = flowId; + return this; + } + + public Builder event(Event event) { + + this.event = event; + return this; + } + + public Builder allowedOperations(List allowedOperations) { + + this.allowedOperations = allowedOperations; + return this; + } + + public ActionExecutionRequest build() { + + return new ActionExecutionRequest(this); + } + } +} + diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java new file mode 100644 index 0000000000..88a8ba4b2d --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import java.util.List; + +/** + * Action Invocation Response. + */ +public class ActionExecutionResponse { + + private String actionStatus; + private List operations; + + public String getActionStatus() { + + return actionStatus; + } + + public void setActionStatus(String actionStatus) { + + this.actionStatus = actionStatus; + } + + public List getOperations() { + + return operations; + } + + public void setOperations(List operations) { + + this.operations = operations; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java new file mode 100644 index 0000000000..be1a647d73 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import java.util.Map; + +public class ActionExecutionStatus { + + public enum Status { + SUCCESS, + FAILURE, + INCOMPLETE, + ERROR + } + + private Status status; + + private Map responseContext; + + public ActionExecutionStatus(Status status, Map responseContext) { + + this.status = status; + this.responseContext = responseContext; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java new file mode 100644 index 0000000000..6276bc8c78 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import java.util.List; + +/** + * Operation. + */ + +public class AllowedOperation { + + String op; + + List paths; + + public void setOp(String op) { + + this.op = op; + } + + public String getOp() { + + return op; + } + + public List getPaths() { + + return paths; + } + + public void setPaths(List paths) { + + this.paths = paths; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java new file mode 100644 index 0000000000..df0637b495 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +public class Application { + + String id; + String name; + + public String getId() { + + return id; + } + + public void setId(String id) { + + this.id = id; + } + + public String getName() { + + return name; + } + + public void setName(String name) { + + this.name = name; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java new file mode 100644 index 0000000000..f9f54a6e12 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +/** + * Action Invocation Response. + */ +public abstract class Event { + + protected Request request; + protected Tenant tenant; + protected Organization organization; + protected User user; + protected UserStore userStore; + public Tenant getTenant() { + + return tenant; + } + public Organization getOrganization() { + + return organization; + } + public Request getRequest() { + + return request; + } + public User getUser() { + + return user; + } + + public UserStore getUserStore() { + + return userStore; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java new file mode 100644 index 0000000000..6302874a4f --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +public interface Operation { + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java new file mode 100644 index 0000000000..607c04737a --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +/** + * Organization. + */ +public class Organization { + + private String id; + + private String name; + + public Organization(String id, String name) { + + this.id = id; + this.name = name; + } + + public String getId() { + + return id; + } + + public String getName() { + + return name; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java new file mode 100644 index 0000000000..c46ae7bb16 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +public class PerformableOperation { + + private String op; + private String path; + private Object value; + + public String getOp() { + + return op; + } + + public void setOp(String op) { + + this.op = op; + } + + public String getPath() { + + return path; + } + + public void setPath(String path) { + + this.path = path; + } + + public Object getValue() { + + return value; + } + + public void setValue(Object value) { + + this.value = value; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java new file mode 100644 index 0000000000..ec9f3b2a80 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import java.util.Collections; +import java.util.Map; + +public class Request { + + protected Map additionalHeaders; + protected Map additionalParams; + + // implement a method to get additional headers + public Map getAdditionalHeaders() { + + return additionalHeaders != null ? additionalHeaders : Collections.emptyMap(); + } + + // implement a method to get additional params + public Map getAdditionalParams() { + + return additionalParams != null ? additionalParams : Collections.emptyMap(); + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java new file mode 100644 index 0000000000..ecafe880df --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +/** + * Tenant. + */ +public class Tenant { + + private String id; + private String name; + public Tenant(String id, String name) { + this.id = id; + this.name = name; + } + + public String getId() { + + return id; + } + + public String getName() { + + return name; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java new file mode 100644 index 0000000000..69507f2df4 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +public class User { + + String id; + + public User(String id) { + + this.id = id; + } + + public String getId() { + + return id; + } + public void setId(String id) { + + this.id = id; + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java new file mode 100644 index 0000000000..91c0ee4ac3 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.model; + +import java.nio.charset.StandardCharsets; +import java.util.Base64; + +public class UserStore { + + String id; + String name; + + public UserStore(String name) { + + setName(name); + } + + public String getId() { + + return id; + } + + public String getName() { + + return name; + } + + public void setName(String name) { + + /** + * As of now user store id is generated by encoding the user store name. + */ + this.id = name != null ? Base64.getEncoder().encodeToString(name.getBytes(StandardCharsets.UTF_8)) : null; + this.name = name; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java new file mode 100644 index 0000000000..74793445ec --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.actions.util; + +import org.wso2.carbon.identity.actions.model.AllowedOperation; +import org.wso2.carbon.identity.actions.model.PerformableOperation; + +public class OperationComparator { + + public static boolean compare(AllowedOperation allowedOp, PerformableOperation performableOp) { + + if (!allowedOp.getOp().equals(performableOp.getOp())) { + return false; + } + + String performableOperationBasePath = performableOp.getPath().contains("/") + ? performableOp.getPath().substring(0, performableOp.getPath().lastIndexOf('/') + 1) + : ""; + + for (String allowedPath : allowedOp.getPaths()) { + if (performableOp.getPath().equals(allowedPath) || + performableOperationBasePath.equals(allowedPath)) { + return true; + } + } + + return false; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java new file mode 100644 index 0000000000..c5d5b3f876 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java @@ -0,0 +1,542 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action; + +import com.fasterxml.jackson.databind.ObjectMapper; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.actions.ActionExecutionResponseProcessor; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; +import org.wso2.carbon.identity.actions.model.ActionExecutionStatus; +import org.wso2.carbon.identity.actions.model.Event; +import org.wso2.carbon.identity.actions.model.PerformableOperation; +import org.wso2.carbon.identity.oauth.action.model.AccessToken; +import org.wso2.carbon.identity.oauth.action.model.ClaimPathInfo; +import org.wso2.carbon.identity.oauth.action.model.PreIssueAccessTokenEvent; +import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +@SuppressWarnings("unchecked") +public class PreIssueAccessTokenProcessor implements ActionExecutionResponseProcessor { + + private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenProcessor.class); + + private static final String OPERATION_ADD = "add"; + private static final String OPERATION_REMOVE = "remove"; + private static final String OPERATION_REPLACE = "replace"; + private static final String SCOPE_PATH_PREFIX = "/accessToken/scopes/"; + private static final String CLAIMS_PATH_PREFIX = "/accessToken/claims/"; + + private static final PreIssueAccessTokenProcessor instance = new PreIssueAccessTokenProcessor(); + private static final Pattern NQCHAR_PATTERN = Pattern.compile("^[\\x21\\x23-\\x5B\\x5D-\\x7E]+$"); + private static final Pattern STRING_OR_URI_PATTERN = + Pattern.compile("^([a-zA-Z][a-zA-Z0-9+.-]*://[^\\s/$.?#].[^\\s]*)|(^[a-zA-Z0-9.-]+$)"); + + // Validate if the input is a valid StringOrURI + + public static PreIssueAccessTokenProcessor getInstance() { + + return instance; + } + + private boolean validateNQChar(String input) { + + Matcher matcher = NQCHAR_PATTERN.matcher(input); + return matcher.matches(); + } + + private boolean isValidStringOrURI(String input) { + + Matcher matcher = STRING_OR_URI_PATTERN.matcher(input); + return matcher.matches(); + } + + @Override + public ActionExecutionStatus processResponse(ActionType actionType, Map eventContext, + Event actionEvent, ActionExecutionResponse actionExecutionResponse) { + + OAuthTokenReqMessageContext tokenMessageContext = + (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); + PreIssueAccessTokenEvent preIssueAccessTokenEvent = (PreIssueAccessTokenEvent) actionEvent; + List operationsToPerform = actionExecutionResponse.getOperations(); + + AccessToken requestAccessToken = preIssueAccessTokenEvent.getAccessToken(); + AccessToken.Builder responseAccessTokenBuilder = preIssueAccessTokenEvent.getAccessToken().copy(); + + if (operationsToPerform != null) { + for (PerformableOperation operation : operationsToPerform) { + switch (operation.getOp()) { + case OPERATION_ADD: + handleAddOperation(operation, requestAccessToken, responseAccessTokenBuilder); + break; + case OPERATION_REMOVE: + handleRemoveOperation(operation, requestAccessToken, responseAccessTokenBuilder); + break; + case OPERATION_REPLACE: + handleReplaceOperation(operation, requestAccessToken, responseAccessTokenBuilder); + break; + default: + // todo: add a diagnostic log indicating the operation is not supported + LOG.info("Operation is not supported: " + operation.getOp()); + } + } + } + + AccessToken responseAccessToken = responseAccessTokenBuilder.build(); + updateTokenMessageContext(tokenMessageContext, responseAccessToken); + + return new ActionExecutionStatus(ActionExecutionStatus.Status.SUCCESS, null); + } + + private void updateTokenMessageContext(OAuthTokenReqMessageContext tokenMessageContext, + AccessToken responseAccessToken) { + + tokenMessageContext.setScope(responseAccessToken.getScopes().toArray(new String[0])); + + String expires_in_claim_name = CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(); + responseAccessToken.getClaims().stream() + .filter(claim -> expires_in_claim_name.equals(claim.getName())) + .findFirst() + .map(claim -> Long.parseLong(claim.getValue().toString()) * 1000) + .ifPresent(tokenMessageContext::setValidityPeriod); + + Optional.ofNullable(responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName())) + .map(AccessToken.Claim::getValue) + .ifPresent(value -> { + List audienceList; + if (value instanceof List) { + audienceList = (List) value; + } else { + audienceList = Collections.emptyList(); + } + tokenMessageContext.setAudiences(audienceList); + }); + + Map customClaims = new HashMap<>(); + for (AccessToken.Claim claim : responseAccessToken.getClaims()) { + if (!AccessToken.ClaimNames.contains(claim.getName())) { + customClaims.put(claim.getName(), claim.getValue()); + } + } + tokenMessageContext.setAdditionalAccessTokenClaims(customClaims); + + tokenMessageContext.setPreIssueAccessTokenActionsExecuted(true); + } + + private void handleAddOperation(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { + List authorizedScopes = + responseAccessToken.getScopes() != null ? responseAccessToken.getScopes() : new ArrayList<>(); + + int index = validateIndex(operation.getPath(), authorizedScopes.size()); + if (index == -1) { + return; + } + + String scopeToAdd = operation.getValue().toString(); + if (validateNQChar(scopeToAdd) && !authorizedScopes.contains(scopeToAdd)) { + authorizedScopes.add(scopeToAdd); + LOG.info("Scope added. Scope : " + scopeToAdd); + } else { + //todo: add a diagnostic log indicating this is null + LOG.info("Scope exists or is null: " + scopeToAdd); + } + + responseAccessToken.scopes(authorizedScopes); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { + addClaim(operation, requestAccessToken, responseAccessToken); + } + } + + private void addClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + List claims = requestAccessToken.getClaims(); + + if (claims == null || claims.isEmpty()) { + // todo: add a diagnostic log indicating there are no claims to replace + LOG.warn("No claims to replace"); + return; + } + + if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); + + int index = validateIndex(operation.getPath(), audienceList.size()); + if (index == -1) { + return; + } + + String audienceToAdd = operation.getValue().toString(); + if (!isValidStringOrURI(audienceToAdd)) { + LOG.warn("Audience is invalid: " + audienceToAdd); + return; + } + + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + if (!responseAudienceList.contains(audienceToAdd)) { + responseAudienceList.add(audienceToAdd); + LOG.info("Audience added: " + audienceToAdd); + } else { + LOG.warn("Audience already exists: " + audienceToAdd); + } + } + } else { + + int index = validateIndex(operation.getPath(), requestAccessToken.getClaims().size()); + if (index == -1) { + return; + } + + Object claimToAdd = operation.getValue(); + + ObjectMapper objectMapper = new ObjectMapper(); + try { + AccessToken.Claim claim = objectMapper.convertValue(claimToAdd, AccessToken.Claim.class); + if (requestAccessToken.getClaim(claim.getName()) != null) { + LOG.warn("An access token claim with the same name already exists: " + claim.getName()); + return; + } + + Object claimValue = claim.getValue(); + if (!isValidClaimValue(claimValue, true)) { + LOG.warn("Claim value is of an invalid type: " + claimValue.getClass().getSimpleName()); + return; + } + + responseAccessToken.addClaim(claim.getName(), claimValue); + LOG.info("Claim added: " + claim.getName() + " with value: " + claimValue); + } catch (IllegalArgumentException e) { + LOG.warn("Failed to convert the claim value to a primitive type: " + claimToAdd.getClass().getName(), + e); + } + } + } + + private boolean isValidClaimValue(Object value, boolean isList) { + + if (value instanceof String || value instanceof Number || value instanceof Boolean) { + return true; + } else if (isList && value instanceof List) { + List list = (List) value; + return list.stream().allMatch(item -> item instanceof String); + } + return false; + } + + private void handleRemoveOperation(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { + + if (requestAccessToken.getScopes() == null || requestAccessToken.getScopes().isEmpty()) { + // todo: add a diagnostic log indicating there are no scopes to remove + LOG.info("No scopes to remove"); + return; + } + + int index = validateIndex(operation.getPath(), requestAccessToken.getScopes().size()); + if (index == -1) { + return; + } + + String scopeToRemove = requestAccessToken.getScopes().get(index); + boolean removed = responseAccessToken.getScopes().remove(scopeToRemove); + if (removed) { + // todo: add a diagnostic log to indicate scope is removed. + LOG.info("Scope is removed: " + scopeToRemove); + } + + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { + removeClaim(operation, requestAccessToken, responseAccessToken); + } + } + + private void removeClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + List claims = requestAccessToken.getClaims(); + + if (claims == null || claims.isEmpty()) { + // todo: add a diagnostic log indicating there are no claims to replace + LOG.warn("No claims to remove"); + return; + } + + if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); + + int index = validateIndex(operation.getPath(), audienceList.size()); + if (index == -1) { + return; + } + + String audienceToRemove = audienceList.get(index); + + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + boolean removed = responseAudienceList.remove(audienceToRemove); + if (removed) { + LOG.info("Audience removed: " + audienceToRemove); + } + } + } else { + + String operationPath = operation.getPath(); + ClaimPathInfo claimPathInfo = parseOperationPath(operationPath); + + if (requestAccessToken.getClaim(claimPathInfo.getClaimName()) != null) { + if (claimPathInfo.getIndex() != -1) { + AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueList = (List) claim.getValue(); + if (claimPathInfo.getIndex() >= 0 && claimPathInfo.getIndex() < claimValueList.size()) { + String claimValueToRemove = claimValueList.get(claimPathInfo.getIndex()); + + AccessToken.Claim claimInResponse = responseAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueListInResponse = (List) claimInResponse.getValue(); + boolean removed = claimValueListInResponse.remove(claimValueToRemove); + if (removed) { + LOG.info("Claim value from claim removed. Claim: " + claimPathInfo.getClaimName() + + " Claim value: " + claimValueToRemove); + } + } else { + LOG.warn("Index is out of bounds for claim. Claim: " + claimPathInfo.getClaimName() + + " Index: " + claimPathInfo.getIndex()); + } + } else { + boolean claimRemoved = responseAccessToken.getClaims() + .removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); + if (claimRemoved) { + LOG.info("Claim removed: " + claimPathInfo.getClaimName()); + } + } + } + } + } + + public ClaimPathInfo parseOperationPath(String operationPath) { + + String[] pathSegments = operationPath.split("/"); + String lastSegment = pathSegments[pathSegments.length - 1]; + String claimName; + int index = -1; + + try { + // Attempt to parse the last segment as an integer to check if it's an index + index = Integer.parseInt(lastSegment); + // If parsing succeeds, the last segment is an index, so the claim name is the second last segment + claimName = pathSegments[pathSegments.length - 2]; + } catch (NumberFormatException e) { + // If parsing fails, the last segment is not an index, so it's the claim name itself + claimName = lastSegment; + } + + return new ClaimPathInfo(claimName, index); + } + + private void handleReplaceOperation(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { + replaceScope(operation, requestAccessToken, responseAccessToken); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { + replaceClaim(operation, requestAccessToken, responseAccessToken); + } + } + + private void replaceScope(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + List scopes = requestAccessToken.getScopes(); + if (scopes == null || scopes.isEmpty()) { + LOG.warn("Attempted to replace a scope, but no scopes are available."); + return; + } + + int index = validateIndex(operation.getPath(), scopes.size()); + if (index == -1) { + return; + } + + String scopeToAdd = operation.getValue().toString(); + if (!validateNQChar(scopeToAdd)) { + LOG.warn("Scope is invalid: " + scopeToAdd); + return; + } + + if (scopes.contains(scopeToAdd)) { + LOG.warn("Scope already exists: " + scopeToAdd); + return; + } + + String scopeToReplace = scopes.get(index); + responseAccessToken.getScopes().remove(scopeToReplace); + responseAccessToken.getScopes().add(scopeToAdd); + LOG.info("Scope replaced: " + scopeToReplace + " with " + scopeToAdd); + } + + private void replaceClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + List claims = requestAccessToken.getClaims(); + + if (claims == null || claims.isEmpty()) { + // todo: add a diagnostic log indicating there are no claims to replace + LOG.warn("No claims to replace"); + return; + } + + if (operation.getPath().equals(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName())) { + long expiresIn; + try { + expiresIn = Long.parseLong(operation.getValue().toString()); + } catch (NumberFormatException e) { + LOG.warn("Invalid expiry time format: " + operation.getValue().toString(), e); + return; + } + + if (expiresIn <= 0) { + LOG.warn("Invalid expiry time: must be positive, but was " + expiresIn); + return; + } + + responseAccessToken.getClaims().removeIf( + claim -> claim.getName().equals(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName())); + responseAccessToken.addClaim(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(), expiresIn); + LOG.info("Expiry time claim replaced with: " + expiresIn); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); + + int index = validateIndex(operation.getPath(), audienceList.size()); + if (index == -1) { + return; + } + + String audienceToAdd = operation.getValue().toString(); + if (!isValidStringOrURI(audienceToAdd)) { + LOG.warn("Audience is invalid: " + audienceToAdd); + return; + } + + if (audienceList.contains(audienceToAdd)) { + LOG.warn("Audience already exists: " + audienceToAdd); + return; + } + + String audienceToReplace = audienceList.get(index); + + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + responseAudienceList.remove(audienceToReplace); + responseAudienceList.add(audienceToAdd); + + LOG.info("Audience replaced: " + audienceToReplace + " with " + audienceToAdd); + } + } else { + String operationPath = operation.getPath(); + ClaimPathInfo claimPathInfo = parseOperationPath(operationPath); + + if (requestAccessToken.getClaim(claimPathInfo.getClaimName()) != null) { + if (claimPathInfo.getIndex() != -1) { + AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueList = (List) claim.getValue(); + if (claimPathInfo.getIndex() >= 0 && claimPathInfo.getIndex() < claimValueList.size()) { + String claimToReplace = claimValueList.get(claimPathInfo.getIndex()); + + Object claimValue = operation.getValue(); + if (!isValidClaimValue(claimValue, false)) { + LOG.warn("Claim value is of an invalid type: " + claimValue.getClass().getSimpleName()); + return; + } + + AccessToken.Claim claimInResponse = responseAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueListInResponse = (List) claimInResponse.getValue(); + + if (claimValueListInResponse.contains(claimValue.toString())) { + LOG.warn("Claim value already exists: " + claimValue); + return; + } + + claimValueListInResponse.remove(claimToReplace); + claimValueListInResponse.add(claimValue.toString()); + LOG.info("Claim value from claim replaced. Claim: " + claimPathInfo.getClaimName() + + " Replaced: " + claimToReplace + " with: " + claimValue); + } else { + LOG.warn("Index is out of bounds for claim. Claim: " + claimPathInfo.getClaimName() + + " Index: " + claimPathInfo.getIndex()); + } + } else { + boolean claimRemoved = responseAccessToken.getClaims() + .removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); + if (claimRemoved) { + responseAccessToken.addClaim(claimPathInfo.getClaimName(), + operation.getValue()); + LOG.info("Claim removed: " + claimPathInfo.getClaimName()); + } + } + } + } + } + + private int validateIndex(String operationPath, int listSize) { + + String indexPart = operationPath.substring(operationPath.lastIndexOf('/') + 1); + if ("-".equals(indexPart)) { + return listSize > 0 ? listSize - 1 : 0; + } + try { + int index = Integer.parseInt(indexPart); + if (index >= 0 && index < listSize) { + return index; + } else { + LOG.info("Index is out of bounds: " + indexPart); + return -1; + } + } catch (NumberFormatException ignored) { + LOG.info("Extracted index is not a valid integer. Index: " + indexPart); + } + + LOG.info("Invalid index: " + indexPart); + return -1; + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java new file mode 100644 index 0000000000..1cca00db9f --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -0,0 +1,313 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action; + +import com.nimbusds.jwt.JWTClaimsSet; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.actions.ActionExecutionRequestBuilder; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; +import org.wso2.carbon.identity.actions.model.AllowedOperation; +import org.wso2.carbon.identity.actions.model.Event; +import org.wso2.carbon.identity.actions.model.Organization; +import org.wso2.carbon.identity.actions.model.Request; +import org.wso2.carbon.identity.actions.model.Tenant; +import org.wso2.carbon.identity.actions.model.User; +import org.wso2.carbon.identity.actions.model.UserStore; +import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; +import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.identity.oauth.action.model.AccessToken; +import org.wso2.carbon.identity.oauth.action.model.PreIssueAccessTokenEvent; +import org.wso2.carbon.identity.oauth.action.model.TokenRequest; +import org.wso2.carbon.identity.oauth.common.OAuthConstants; +import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException; +import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; +import org.wso2.carbon.identity.oauth.dao.OAuthAppDO; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; +import org.wso2.carbon.identity.oauth2.model.HttpRequestHeader; +import org.wso2.carbon.identity.oauth2.model.RequestParameter; +import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; +import org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler; +import org.wso2.carbon.identity.oauth2.util.OAuth2Util; +import org.wso2.carbon.identity.openidconnect.CustomClaimsCallbackHandler; +import org.wso2.carbon.identity.openidconnect.OIDCClaimUtil; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.stream.Collectors; + +/** + * Event builder for PreIssueATEvent. + */ +public class PreIssueAccessTokenRequestBuilder implements ActionExecutionRequestBuilder { + + private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenRequestBuilder.class); + private static final PreIssueAccessTokenRequestBuilder instance = new PreIssueAccessTokenRequestBuilder(); + + public static PreIssueAccessTokenRequestBuilder getInstance() { + + return instance; + } + + @Override + public ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, Map eventContext) + throws ActionExecutionException { + + OAuthTokenReqMessageContext tokenMessageContext = + (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); + + Map additionalClaimsToAddToToken = getAdditionalClaimsToAddToToken(tokenMessageContext); + + ActionExecutionRequest.Builder actionRequestBuilder = new ActionExecutionRequest.Builder(); + actionRequestBuilder.actionType(actionType); + actionRequestBuilder.event(getEvent(tokenMessageContext, additionalClaimsToAddToToken)); + actionRequestBuilder.allowedOperations(getAllowedOperations(additionalClaimsToAddToToken)); + + return actionRequestBuilder.build(); + } + + private Event getEvent(OAuthTokenReqMessageContext tokenMessageContext, Map claimsToAdd) + throws ActionExecutionException { + + OAuth2AccessTokenReqDTO tokenReqDTO = tokenMessageContext.getOauth2AccessTokenReqDTO(); + AuthenticatedUser authorizedUser = tokenMessageContext.getAuthorizedUser(); + + PreIssueAccessTokenEvent.Builder eventBuilder = new PreIssueAccessTokenEvent.Builder(); + + eventBuilder.tenant(new Tenant(String.valueOf(IdentityTenantUtil.getTenantId(tokenReqDTO.getTenantDomain())), + tokenReqDTO.getTenantDomain())); + + boolean isAuthorizedForUser = isAccessTokenAuthorizedForUser(tokenReqDTO.getGrantType(), tokenMessageContext); + if (isAuthorizedForUser) { + + eventBuilder.organization(new Organization(authorizedUser.getUserResidentOrganization(), + authorizedUser.getUserResidentOrganization())); + + try { + eventBuilder.user(new User(authorizedUser.getUserId())); + } catch (UserIdNotFoundException e) { + if (LOG.isDebugEnabled()) { + LOG.debug(String.format( + "Error occurred while retrieving user id of the authorized user for application: %s, grantType: %s.", + tokenReqDTO.getClientId(), tokenReqDTO.getGrantType()), e); + } + } + + eventBuilder.userStore(new UserStore(authorizedUser.getUserStoreDomain())); + } + + eventBuilder.accessToken(getAccessToken(tokenMessageContext, claimsToAdd)); + eventBuilder.request(getRequest(tokenReqDTO)); + + return eventBuilder.build(); + } + + private Request getRequest(OAuth2AccessTokenReqDTO tokenRequestDTO) { + + TokenRequest.Builder tokenRequestBuilder = new TokenRequest.Builder(); + tokenRequestBuilder.clientId(tokenRequestDTO.getClientId()); + tokenRequestBuilder.grantType(tokenRequestDTO.getGrantType()); + tokenRequestBuilder.scopes(Arrays.asList(tokenRequestDTO.getScope())); + + HttpRequestHeader[] httpHeaders = tokenRequestDTO.getHttpRequestHeaders(); + if (httpHeaders != null) { + for (HttpRequestHeader header : httpHeaders) { + tokenRequestBuilder.addAdditionalHeader(header.getName(), header.getValue()); + } + } + + RequestParameter[] requestParameters = tokenRequestDTO.getRequestParameters(); + if (requestParameters != null) { + for (RequestParameter parameter : requestParameters) { + tokenRequestBuilder.addAdditionalParam(parameter.getKey(), parameter.getValue()); + } + } + + return tokenRequestBuilder.build(); + } + + private AccessToken getAccessToken(OAuthTokenReqMessageContext tokenMessageContext, Map claimsToAdd) + throws ActionExecutionException { + + try { + OAuthAppDO oAuthAppDO = getAppInformation(tokenMessageContext); + String issuer = getIssuer(tokenMessageContext); + List audience = getAudience(tokenMessageContext, oAuthAppDO); + String tokenType = oAuthAppDO.getTokenType(); + + AccessToken.Builder accessTokenBuilder = new AccessToken.Builder() + .tokenType(tokenType) + .addClaim(AccessToken.ClaimNames.ISS.getName(), issuer) + .addClaim(AccessToken.ClaimNames.CLIENT_ID.getName(), + tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId()) + .addClaim(AccessToken.ClaimNames.AUTHORIZED_USER_TYPE.getName(), + String.valueOf(tokenMessageContext.getProperty(OAuthConstants.UserType.USER_TYPE))) + .addClaim(AccessToken.ClaimNames.EXPIRES_IN.getName(), + tokenMessageContext.getValidityPeriod() / 1000) + .addClaim(AccessToken.ClaimNames.AUD.getName(), audience) + .scopes(Arrays.asList(tokenMessageContext.getScope())); + + handleSubjectClaim(tokenMessageContext.getAuthorizedUser(), oAuthAppDO, accessTokenBuilder); + handleTokenBindingClaims(tokenMessageContext, accessTokenBuilder); + claimsToAdd.forEach(accessTokenBuilder::addClaim); + + return accessTokenBuilder.build(); + } catch (IdentityOAuth2Exception | InvalidOAuthClientException e) { + String errorMessage = String.format( + "Failed to generate pre issue access token action request. Application: %s. Grant type: %s. Error: %s.", + tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId(), + tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); + throw new ActionExecutionException(errorMessage, e); + } + } + + private OAuthAppDO getAppInformation(OAuthTokenReqMessageContext tokenMessageContext) + throws InvalidOAuthClientException, IdentityOAuth2Exception { + + return OAuth2Util.getAppInformationByClientId( + tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId(), + tokenMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain()); + } + + private String getIssuer(OAuthTokenReqMessageContext tokenMessageContext) throws IdentityOAuth2Exception { + + return OAuth2Util.getIdTokenIssuer(tokenMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain()); + } + + private List getAudience(OAuthTokenReqMessageContext tokenMessageContext, OAuthAppDO oAuthAppDO) { + + if (tokenMessageContext.isPreIssueAccessTokenActionsExecuted()) { + return tokenMessageContext.getAudiences(); + } else { + return OAuth2Util.getOIDCAudience(oAuthAppDO.getOauthConsumerKey(), oAuthAppDO); + } + } + + private void handleSubjectClaim(AuthenticatedUser authorizedUser, OAuthAppDO oAuthAppDO, + AccessToken.Builder accessTokenBuilder) throws IdentityOAuth2Exception { + + String sub = authorizedUser.getAuthenticatedSubjectIdentifier(); + if (OAuth2Util.isPairwiseSubEnabledForAccessTokens()) { + sub = OIDCClaimUtil.getSubjectClaim(sub, oAuthAppDO); + accessTokenBuilder.addClaim(AccessToken.ClaimNames.SUBJECT_TYPE.getName(), + OIDCClaimUtil.getSubjectType(oAuthAppDO).getValue()); + } + accessTokenBuilder.addClaim(AccessToken.ClaimNames.SUB.getName(), sub); + } + + private Map getAdditionalClaimsToAddToToken(OAuthTokenReqMessageContext tokenMessageContext) + throws ActionExecutionException { + /* + Directly return custom claims if pre-issue access token actions have been executed. + This is to ensure that the custom claims added are incorporated in the refresh token flow. + Moreover, this execution expects that the claim handlers executed at the token issuance flow + does not incorporate any additional custom rules based on refresh grant. + */ + if (tokenMessageContext.isPreIssueAccessTokenActionsExecuted()) { + return tokenMessageContext.getAdditionalAccessTokenClaims(); + } + + try { + CustomClaimsCallbackHandler claimsCallBackHandler = + OAuthServerConfiguration.getInstance().getOpenIDConnectCustomClaimsCallbackHandler(); + JWTClaimsSet claimsSet = + claimsCallBackHandler.handleCustomClaims(new JWTClaimsSet.Builder(), tokenMessageContext); + return Optional.ofNullable(claimsSet).map(JWTClaimsSet::getClaims).orElseGet(HashMap::new); + } catch (IdentityOAuth2Exception e) { + String errorMessage = + String.format("Failed to retrieve OIDC claim set for the access token. Grant type: %s Error: %s", + tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); + throw new ActionExecutionException(errorMessage, e); + } + } + + private void handleTokenBindingClaims(OAuthTokenReqMessageContext tokenMessageContext, + AccessToken.Builder accessTokenBuilder) { + + if (tokenMessageContext.getTokenBinding() != null) { + accessTokenBuilder.addClaim(AccessToken.ClaimNames.TOKEN_BINDING_REF.getName(), + tokenMessageContext.getTokenBinding().getBindingReference()) + .addClaim(AccessToken.ClaimNames.TOKEN_BINDING_TYPE.getName(), + tokenMessageContext.getTokenBinding().getBindingType()); + } + } + + //todo: revalidate further + private List getAllowedOperations(Map oidcClaims) { + + List removeOrReplacePaths = oidcClaims.entrySet().stream() + .filter(entry -> entry.getValue() instanceof String || entry.getValue() instanceof Number || + entry.getValue() instanceof Boolean || entry.getValue() instanceof List || + entry.getValue() instanceof String[]) + .map(entry -> { + String path = "/accessToken/claims/" + entry.getKey(); + if (entry.getValue() instanceof List || entry.getValue() instanceof String[]) { + path += "/"; + } + return path; + }) + .collect(Collectors.toList()); + + removeOrReplacePaths.add("/accessToken/scopes/"); + removeOrReplacePaths.add("/accessToken/claims/" + AccessToken.ClaimNames.AUD.getName() + "/"); + + List replacePaths = new ArrayList<>(removeOrReplacePaths); + replacePaths.add("/accessToken/claims/" + AccessToken.ClaimNames.EXPIRES_IN.getName()); + + AllowedOperation addOperation = + createAllowedOperation("add", Arrays.asList("/accessToken/claims/", "/accessToken/scopes/", + "/accessToken/claims/" + AccessToken.ClaimNames.AUD.getName() + "/")); + AllowedOperation removeOperation = createAllowedOperation("remove", removeOrReplacePaths); + AllowedOperation replaceOperation = createAllowedOperation("replace", replacePaths); + + return Arrays.asList(addOperation, removeOperation, replaceOperation); + } + + private AllowedOperation createAllowedOperation(String op, List paths) { + + AllowedOperation operation = new AllowedOperation(); + operation.setOp(op); + operation.setPaths(new ArrayList<>(paths)); + return operation; + } + + private boolean isAccessTokenAuthorizedForUser(String grantType, OAuthTokenReqMessageContext tokReqMsgCtx) + throws ActionExecutionException { + + AuthorizationGrantHandler grantHandler = + OAuthServerConfiguration.getInstance().getSupportedGrantTypes().get(grantType); + + try { + return grantHandler.isOfTypeApplicationUser(tokReqMsgCtx); + } catch (IdentityOAuth2Exception e) { + String errorMessage = + String.format("Failed to determine the authorized entity of the token. Grant type: %s Error: %s", + grantType, e.getMessage()); + throw new ActionExecutionException(errorMessage, e.getCause()); + } + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java new file mode 100644 index 0000000000..d3b5f80f24 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java @@ -0,0 +1,247 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action.model; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +/** + * AccessToken. + */ +public class AccessToken { + + private final String tokenType; + List scopes; + List claims; + + private AccessToken(Builder builder) { + + this.tokenType = builder.tokenType; + this.scopes = builder.scopes; + this.claims = builder.claims; + } + + public String getTokenType() { + + return tokenType; + } + + public List getScopes() { + + return scopes; + } + + public List getClaims() { + + return claims; + } + + public Claim getClaim(String name) { + + if (claims != null) { + for (Claim claim : claims) { + if (claim.getName().equals(name)) { + return claim; + } + } + } + + return null; + } + + public AccessToken.Builder copy() { + + return new Builder() + .tokenType(this.tokenType) + .scopes(new ArrayList<>(this.scopes)) + .claims(this.claims.stream().map(Claim::copy).collect(Collectors.toList())); + } + + public enum ClaimNames { + + SUB("sub"), + ISS("iss"), + AUD("aud"), + CLIENT_ID("client_id"), + AUTHORIZED_USER_TYPE("aut"), + EXPIRES_IN("expires_in"), + + TOKEN_BINDING_REF("binding_ref"), + TOKEN_BINDING_TYPE("binding_type"), + SUBJECT_TYPE("subject_type"); + + private final String name; + + ClaimNames(String name) { + + this.name = name; + } + + public static boolean contains(String name) { + + return Arrays.stream(ClaimNames.values()) + .anyMatch(claimName -> claimName.name.equals(name)); + } + + public String getName() { + + return name; + } + } + + public static class Claim { + + private String name; + private Object value; + + public Claim() { + + } + + public Claim(String name, Object value) { + + this.name = name; + this.value = value; + } + + public String getName() { + + return name; + } + + public void setName(String name) { + + this.name = name; + } + + public Object getValue() { + + return value; + } + + public void setValue(Object value) { + + this.value = value; + } + + public Claim copy() { + + return new Claim(this.name, deepCopyValue(this.value)); + } + + private Object deepCopyValue(Object value) { + + if (value instanceof List) { + List originalList = (List) value; + List copiedList = new ArrayList<>(); + for (Object item : originalList) { + copiedList.add(deepCopyValue(item)); // Recursive for nested lists + } + return copiedList; + } else if (value instanceof Map) { + Map originalMap = (Map) value; + Map copiedMap = new HashMap<>(); + for (Map.Entry entry : originalMap.entrySet()) { + copiedMap.put(entry.getKey(), deepCopyValue(entry.getValue())); // Recursive for nested maps + } + return copiedMap; + } else if (value.getClass().isArray()) { + return Arrays.copyOf((Object[]) value, ((Object[]) value).length); + } else { + // For immutable types or types not requiring deep copy + return value; + } + } + + } + + public static class Builder { + + private String tokenType; + private List scopes = new ArrayList<>(); + private List claims = new ArrayList<>(); + + public Builder tokenType(String tokenType) { + + this.tokenType = tokenType; + return this; + } + + public Builder scopes(List scopes) { + + this.scopes = scopes; + return this; + } + + public Builder claims(List claims) { + + this.claims = claims; + return this; + } + + public Builder addClaim(String name, Object value) { + + this.claims.add(new Claim(name, value)); + return this; + } + + public Builder addScope(String scope) { + + this.scopes.add(scope); + return this; + } + + public String getTokenType() { + + return tokenType; + } + + public List getScopes() { + + return scopes; + } + + public List getClaims() { + + return claims; + } + + public Claim getClaim(String name) { + + if (claims != null) { + for (Claim claim : claims) { + if (claim.getName().equals(name)) { + return claim; + } + } + } + + return null; + } + + public AccessToken build() { + + return new AccessToken(this); + } + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java new file mode 100644 index 0000000000..df44678dfe --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action.model; + +public class ClaimPathInfo { + + private final String claimName; + private final int index; + + public ClaimPathInfo(String claimName, int index) { + + this.claimName = claimName; + this.index = index; + } + + public String getClaimName() { + + return claimName; + } + + public int getIndex() { + + return index; + } + +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java new file mode 100644 index 0000000000..70784a5119 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java @@ -0,0 +1,101 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action.model; + +import org.wso2.carbon.identity.actions.model.Event; +import org.wso2.carbon.identity.actions.model.Organization; +import org.wso2.carbon.identity.actions.model.Request; +import org.wso2.carbon.identity.actions.model.Tenant; +import org.wso2.carbon.identity.actions.model.User; +import org.wso2.carbon.identity.actions.model.UserStore; + +/** + * PreIssueATEvent. + */ +public class PreIssueAccessTokenEvent extends Event { + + private final AccessToken accessToken; + + private PreIssueAccessTokenEvent(Builder builder) { + + this.accessToken = builder.accessToken; + this.request = builder.request; + this.organization = builder.organization; + this.tenant = builder.tenant; + this.user = builder.user; + this.userStore = builder.userStore; + } + + public AccessToken getAccessToken() { + + return accessToken; + } + + public static class Builder { + + private AccessToken accessToken; + private Request request; + private Organization organization; + private Tenant tenant; + private User user; + + private UserStore userStore; + + public Builder accessToken(AccessToken accessToken) { + + this.accessToken = accessToken; + return this; + } + + public Builder request(Request request) { + + this.request = request; + return this; + } + + public Builder organization(Organization organization) { + + this.organization = organization; + return this; + } + + public Builder tenant(Tenant tenant) { + + this.tenant = tenant; + return this; + } + + public Builder user(User user) { + + this.user = user; + return this; + } + + public Builder userStore(UserStore userStore) { + + this.userStore = userStore; + return this; + } + + public PreIssueAccessTokenEvent build() { + + return new PreIssueAccessTokenEvent(this); + } + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java new file mode 100644 index 0000000000..7c03b1a8cb --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java @@ -0,0 +1,144 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.oauth.action.model; + +import org.wso2.carbon.identity.actions.model.Request; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class TokenRequest extends Request { + + private static final List headersToAvoid = new ArrayList<>(); + private static final List paramsToAvoid = new ArrayList<>(); + + static { + headersToAvoid.add("authorization"); + headersToAvoid.add("cookie"); + headersToAvoid.add("set-cookie"); + headersToAvoid.add("accept-encoding"); + headersToAvoid.add("accept-language"); + headersToAvoid.add("content-length"); + headersToAvoid.add("content-type"); + // parameters from authorization code grant + paramsToAvoid.add("code"); + paramsToAvoid.add("client_id"); + paramsToAvoid.add("client_secret"); + paramsToAvoid.add("redirect_uri"); + paramsToAvoid.add("grant_type"); + paramsToAvoid.add("scope"); + // parameters from password grant + paramsToAvoid.add("username"); + paramsToAvoid.add("password"); + // parameters from refresh token grant + paramsToAvoid.add("refresh_token"); + } + + private final String clientId; + private final String grantType; + private final String redirectUri; + private final List scopes; + + private TokenRequest(Builder builder) { + + this.clientId = builder.clientId; + this.grantType = builder.grantType; + this.redirectUri = builder.redirectUri; + this.scopes = builder.scopes; + this.additionalHeaders = builder.additionalHeaders; + this.additionalParams = builder.additionalParams; + } + + public String getClientId() { + + return clientId; + } + + public String getGrantType() { + + return grantType; + } + + public String getRedirectUri() { + + return redirectUri; + } + + public List getScopes() { + + return scopes; + } + + public static class Builder { + + private String clientId; + private String grantType; + private String redirectUri; + private List scopes = new ArrayList<>(); + private final Map additionalHeaders = new HashMap<>(); + private final Map additionalParams = new HashMap<>(); + + public Builder clientId(String clientId) { + + this.clientId = clientId; + return this; + } + + public Builder grantType(String grantType) { + + this.grantType = grantType; + return this; + } + + public Builder redirectUri(String redirectUri) { + + this.redirectUri = redirectUri; + return this; + } + + public Builder scopes(List scopes) { + + this.scopes = scopes; + return this; + } + + public Builder addAdditionalHeader(String key, String[] value) { + + if (!headersToAvoid.contains(key.toLowerCase())) { + this.additionalHeaders.put(key, value); + } + return this; + } + + public Builder addAdditionalParam(String key, String[] value) { + + if (!paramsToAvoid.contains(key)) { + this.additionalParams.put(key, value); + } + return this; + } + + public TokenRequest build() { + + return new TokenRequest(this); + } + } +} \ No newline at end of file diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java index 5f562c565f..6a44fe84a2 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java @@ -28,6 +28,7 @@ import java.util.LinkedHashSet; import java.util.List; import java.util.Map; +import java.util.Objects; /** * Contains authenticated user attributes and nonce value. @@ -84,6 +85,12 @@ public class AuthorizationGrantCacheEntry extends CacheEntry { private List federatedTokens; + private List audiences; + + private Map customClaims; + + private boolean isPreIssueAccessTokenActionsExecuted; + public String getSubjectClaim() { return subjectClaim; } @@ -144,6 +151,10 @@ public AuthorizationGrantCacheEntry(Map userAttributes) { this.userAttributes = userAttributes; } + public AuthorizationGrantCacheEntry() { + + } + public String getNonceValue() { return nonceValue; } @@ -350,4 +361,34 @@ public void setApiBasedAuthRequest(boolean apiBasedAuthRequest) { isApiBasedAuthRequest = apiBasedAuthRequest; } + + public List getAudiences() { + + return audiences; + } + + public void setAudiences(List audiences) { + + this.audiences = audiences; + } + + public Map getCustomClaims() { + + return customClaims; + } + + public void setCustomClaims(Map customClaims) { + + this.customClaims = customClaims; + } + + public boolean isPreIssueAccessTokenActionsExecuted() { + + return isPreIssueAccessTokenActionsExecuted; + } + + public void setPreIssueAccessTokenActionsExecuted(boolean preIssueAccessTokenActionsExecuted) { + + isPreIssueAccessTokenActionsExecuted = preIssueAccessTokenActionsExecuted; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 5a91f8a515..f4902400a4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -20,6 +20,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.actions.ActionExecutorService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; @@ -81,6 +82,8 @@ public class OAuthComponentServiceHolder { private IdpManager idpManager; private OrganizationUserSharingService organizationUserSharingService; + private ActionExecutorService actionExecutorService; + /** * Get the list of scope validator implementations available. * @@ -511,4 +514,14 @@ public void setOrganizationUserSharingService(OrganizationUserSharingService org this.organizationUserSharingService = organizationUserSharingService; } + + public ActionExecutorService getActionExecutorService() { + + return actionExecutorService; + } + + public void setActionExecutorService(ActionExecutorService actionExecutorService) { + + this.actionExecutorService = actionExecutorService; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index a253d8836d..2183677044 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -26,6 +26,7 @@ import org.osgi.service.component.annotations.Reference; import org.osgi.service.component.annotations.ReferenceCardinality; import org.osgi.service.component.annotations.ReferencePolicy; +import org.wso2.carbon.identity.actions.ActionExecutorServiceImpl; import org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; @@ -112,6 +113,8 @@ protected void activate(ComponentContext context) { // Note : DO NOT add any activation related code below this point, // to make sure the server doesn't start up if any activation failures occur + OAuthComponentServiceHolder.getInstance().setActionExecutorService(ActionExecutorServiceImpl.getInstance()); + if (log.isDebugEnabled()) { log.debug("Identity OAuth bundle is activated"); } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java index 2c4e41025b..156b68030c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java @@ -32,6 +32,9 @@ import org.osgi.service.component.annotations.ReferenceCardinality; import org.osgi.service.component.annotations.ReferencePolicy; import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.identity.actions.ActionExecutionRequestBuilderFactory; +import org.wso2.carbon.identity.actions.ActionExecutionResponseProcessorFactory; +import org.wso2.carbon.identity.actions.ActionType; import org.wso2.carbon.identity.api.resource.mgt.APIResourceManager; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher; @@ -48,6 +51,8 @@ import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; import org.wso2.carbon.identity.event.services.IdentityEventService; +import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenRequestBuilder; +import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenProcessor; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; @@ -155,10 +160,10 @@ ) public class OAuth2ServiceComponent { - private static final Log log = LogFactory.getLog(OAuth2ServiceComponent.class); - private static final String IDENTITY_PATH = "identity"; public static final String NAME = "name"; public static final String ID = "id"; + private static final Log log = LogFactory.getLog(OAuth2ServiceComponent.class); + private static final String IDENTITY_PATH = "identity"; private static final String DISPLAY_NAME = "displayName"; private static final String DESCRIPTION = "description"; private static final String PERMISSION = "Permission"; @@ -171,6 +176,312 @@ public class OAuth2ServiceComponent { private static final String SCOPES = "Scopes"; private BundleContext bundleContext; + private static void loadScopeConfigFile() { + + List listOIDCScopesClaims = new ArrayList<>(); + String configDirPath = CarbonUtils.getCarbonConfigDirPath(); + String confXml = + Paths.get(configDirPath, IDENTITY_PATH, OAuthConstants.OIDC_SCOPE_CONFIG_PATH).toString(); + File configFile = new File(confXml); + if (!configFile.exists()) { + log.warn("OIDC scope-claim Configuration File is not present at: " + confXml); + return; + } + + XMLStreamReader parser = null; + try (InputStream stream = new FileInputStream(configFile)) { + + parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); + StAXOMBuilder builder = new StAXOMBuilder(parser); + OMElement documentElement = builder.getDocumentElement(); + Iterator iterator = documentElement.getChildElements(); + while (iterator.hasNext()) { + ScopeDTO scope = new ScopeDTO(); + OMElement omElement = (OMElement) iterator.next(); + String configType = omElement.getAttributeValue(new QName(ID)); + scope.setName(configType); + + String displayName = omElement.getAttributeValue(new QName(DISPLAY_NAME)); + if (StringUtils.isNotEmpty(displayName)) { + scope.setDisplayName(displayName); + } else { + scope.setDisplayName(configType); + } + + String description = omElement.getAttributeValue(new QName(DESCRIPTION)); + if (StringUtils.isNotEmpty(description)) { + scope.setDescription(description); + } + + scope.setClaim(loadClaimConfig(omElement)); + listOIDCScopesClaims.add(scope); + } + } catch (XMLStreamException e) { + log.warn("Error while streaming OIDC scope config.", e); + } catch (IOException e) { + log.warn("Error while loading OIDC scope config.", e); + } finally { + try { + if (parser != null) { + parser.close(); + } + } catch (XMLStreamException e) { + log.error("Error while closing XML stream", e); + } + } + OAuth2ServiceComponentHolder.getInstance().setOIDCScopesClaims(listOIDCScopesClaims); + } + + private static String[] loadClaimConfig(OMElement configElement) { + + StringBuilder claimConfig = new StringBuilder(); + Iterator it = configElement.getChildElements(); + while (it.hasNext()) { + OMElement element = (OMElement) it.next(); + if (CLAIM.equals(element.getLocalName())) { + String commaSeparatedClaimNames = element.getText(); + if (StringUtils.isNotBlank(commaSeparatedClaimNames)) { + claimConfig.append(commaSeparatedClaimNames.trim()); + } + } + } + + String[] claim; + if (claimConfig.length() > 0) { + claim = claimConfig.toString().split(","); + } else { + claim = new String[0]; + } + return claim; + } + + private static void loadOauthScopeBinding() { + + List scopes = new ArrayList<>(); + String configDirPath = CarbonUtils.getCarbonConfigDirPath(); + String confXml = Paths.get(configDirPath, IDENTITY_PATH, OAuthConstants.OAUTH_SCOPE_BINDING_PATH).toString(); + File configFile = new File(confXml); + if (!configFile.exists()) { + log.warn("OAuth scope binding File is not present at: " + confXml); + return; + } + + XMLStreamReader parser = null; + try (InputStream stream = new FileInputStream(configFile)) { + + parser = XMLInputFactory.newInstance() + .createXMLStreamReader(stream); + StAXOMBuilder builder = new StAXOMBuilder(parser); + OMElement documentElement = builder.getDocumentElement(); + Iterator iterator = documentElement.getChildElements(); + while (iterator.hasNext()) { + OMElement omElement = (OMElement) iterator.next(); + String scopeName = omElement.getAttributeValue(new QName(NAME)); + String displayName = omElement.getAttributeValue(new QName(DISPLAY_NAME)); + String description = omElement.getAttributeValue(new QName(DESCRIPTION)); + List bindingPermissions = loadScopePermissions(omElement); + ScopeBinding scopeBinding = new ScopeBinding(PERMISSIONS_BINDING_TYPE, bindingPermissions); + List scopeBindings = new ArrayList<>(); + scopeBindings.add(scopeBinding); + Scope scope = new Scope(scopeName, displayName, scopeBindings, description); + scopes.add(scope); + } + } catch (XMLStreamException e) { + log.warn("Error while streaming oauth-scope-bindings config.", e); + } catch (IOException e) { + log.warn("Error while loading oauth-scope-bindings config.", e); + } finally { + try { + if (parser != null) { + parser.close(); + } + } catch (XMLStreamException e) { + log.error("Error while closing XML stream", e); + } + } + OAuth2ServiceComponentHolder.getInstance().setOauthScopeBinding(scopes); + } + + private static List loadScopePermissions(OMElement configElement) { + + List permissions = new ArrayList<>(); + Iterator it = configElement.getChildElements(); + while (it.hasNext()) { + OMElement element = (OMElement) it.next(); + Iterator permissionIterator = element.getChildElements(); + while (permissionIterator.hasNext()) { + OMElement permissionElement = (OMElement) permissionIterator.next(); + if (PERMISSION.equals(permissionElement.getLocalName())) { + String permission = permissionElement.getText(); + permissions.add(permission); + } + } + } + return permissions; + } + + private static void initializeLegacyScopeToNewScopeMappings() { + + Map> legacyResourceScopes = loadLegacyResourceScopes(); + Map> newResourceScopes = loadNewResourceScopes(); + Map> mappedScopes = new HashMap<>(); + Map> mappedMultipleScopes = new HashMap<>(); + + for (Map.Entry> entry : legacyResourceScopes.entrySet()) { + ResourceAccessControlKey resourceAccessControlKey = entry.getKey(); + List legacyScopes = entry.getValue(); + List newScopes = newResourceScopes.get(resourceAccessControlKey); + if (CollectionUtils.isEmpty(legacyScopes) || CollectionUtils.isEmpty(newScopes)) { + continue; + } + if (legacyScopes.size() == 1) { + // This will add the scope mappings related to resources protected by single legacy scope. + String legacyScope = legacyScopes.get(0); + if (newScopes.contains(legacyScope)) { + continue; + } + if (mappedScopes.get(legacyScope) != null) { + mappedScopes.get(legacyScope).addAll(newScopes); + } else { + mappedScopes.put(legacyScope, new HashSet<>(newScopes)); + } + } else { + // This will add the scope mappings related to resources protected by multiple legacy scopes. + String legacyScopeKey = legacyScopes.stream().sorted().collect(Collectors.joining(",")); + String newScopesString = newScopes.stream().sorted().collect(Collectors.joining(",")); + if (legacyScopeKey.equals(newScopesString)) { + continue; + } + if (mappedMultipleScopes.get(legacyScopeKey) != null) { + mappedMultipleScopes.get(legacyScopeKey).addAll(newScopes); + } else { + mappedMultipleScopes.put(legacyScopeKey, new HashSet<>(newScopes)); + } + } + } + OAuth2ServiceComponentHolder.getInstance().setLegacyScopesToNewScopesMap(mappedScopes); + OAuth2ServiceComponentHolder.getInstance().setLegacyMultipleScopesToNewScopesMap(mappedMultipleScopes); + } + + /** + * Load legacy resource scopes from identity.xml. + * + * @return Map of resource access control key and scopes. + */ + private static Map> loadLegacyResourceScopes() { + + Map> resourceAccessControlMap = new HashMap<>(); + String configDirPath = CarbonUtils.getCarbonConfigDirPath(); + String filePath = Paths.get(configDirPath, IDENTITY_PATH, IdentityCoreConstants.IDENTITY_CONFIG).toString(); + + XMLStreamReader parser = null; + try (InputStream stream = new FileInputStream(filePath)) { + parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); + StAXOMBuilder builder = new StAXOMBuilder(parser); + OMElement documentElement = builder.getDocumentElement(); + Iterator iterator = documentElement.getChildElements(); + while (iterator.hasNext()) { + OMElement omElement = (OMElement) iterator.next(); + if (RESOURCE_ACCESS_CONTROL.equals(omElement.getLocalName())) { + Iterator resourceIterator = omElement.getChildElements(); + while (resourceIterator.hasNext()) { + OMElement resourceElement = (OMElement) resourceIterator.next(); + if (RESOURCE.equals(resourceElement.getLocalName())) { + processResourceElement(resourceElement, resourceAccessControlMap); + } + } + } + } + } catch (XMLStreamException e) { + log.warn("Error while streaming identity config.", e); + } catch (IOException e) { + log.warn("Error while loading identity config.", e); + } finally { + try { + if (parser != null) { + parser.close(); + } + } catch (XMLStreamException e) { + log.error("Error while closing XML stream", e); + } + } + + return resourceAccessControlMap; + } + + /** + * Load new resource scopes from resource-access-control-v2.xml. + * + * @return Map of resource access control key and scopes. + */ + private static Map> loadNewResourceScopes() { + + Map> resourceAccessControlMap = new HashMap<>(); + String configDirPath = CarbonUtils.getCarbonConfigDirPath(); + String filePath = Paths.get(configDirPath, IDENTITY_PATH, + OAuthConstants.RESOURCE_ACCESS_CONTROL_V2_CONFIG_PATH).toString(); + + XMLStreamReader parser = null; + try (InputStream stream = new FileInputStream(filePath)) { + parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); + StAXOMBuilder builder = new StAXOMBuilder(parser); + OMElement documentElement = builder.getDocumentElement(); + Iterator iterator = documentElement.getChildElements(); + while (iterator.hasNext()) { + OMElement resourceElement = (OMElement) iterator.next(); + if (RESOURCE.equals(resourceElement.getLocalName())) { + processResourceElement(resourceElement, resourceAccessControlMap); + } + } + } catch (XMLStreamException e) { + log.warn("Error while streaming resource access control v2 config.", e); + } catch (IOException e) { + log.warn("Error while loading resource access control v2 config.", e); + } finally { + try { + if (parser != null) { + parser.close(); + } + } catch (XMLStreamException e) { + log.error("Error while closing XML stream", e); + } + } + + return resourceAccessControlMap; + } + + /** + * Process resource element and populate the map. + * + * @param resourceElement Resource element. + * @param resourceScopeMap Resource scope map. + */ + private static void processResourceElement(OMElement resourceElement, + Map> resourceScopeMap) { + + String context = resourceElement.getAttributeValue(new QName(CONTEXT)); + String httpMethod = resourceElement.getAttributeValue(new QName(HTTP_METHOD)); + boolean secured = Boolean.parseBoolean(resourceElement.getAttributeValue(new QName(SECURED))); + + if (secured) { + ResourceAccessControlKey key = new ResourceAccessControlKey(); + key.setEndpointRegex(context); + key.setHttpMethod(httpMethod); + + List scopes = new ArrayList<>(); + Iterator childIterator = resourceElement.getChildElements(); + while (childIterator.hasNext()) { + OMElement childElement = (OMElement) childIterator.next(); + if (SCOPES.equals(childElement.getLocalName())) { + scopes.add(childElement.getText()); + } + } + if (CollectionUtils.isNotEmpty(scopes)) { + resourceScopeMap.put(key, scopes); + } + } + } + @Reference( name = "framework.authentication.context.method.name.translator", service = AuthenticationMethodNameTranslator.class, @@ -460,6 +771,12 @@ protected void activate(ComponentContext context) { || OAuthServerConfiguration.getInstance().isUseLegacyPermissionAccessForUserBasedAuth()) { initializeLegacyScopeToNewScopeMappings(); } + + ActionExecutionRequestBuilderFactory.registerActionInvocationRequestBuilder(ActionType.PRE_ISSUE_ACCESS_TOKEN, + PreIssueAccessTokenRequestBuilder.getInstance()); + ActionExecutionResponseProcessorFactory.registerActionInvocationResponseProcessor( + ActionType.PRE_ISSUE_ACCESS_TOKEN, + PreIssueAccessTokenProcessor.getInstance()); } /** @@ -559,10 +876,10 @@ protected void unsetOAuthClientAuthenticator(OAuthClientAuthenticator oAuthClien } @Reference(name = "token.binding.service", - service = TokenBinderInfo.class, - cardinality = ReferenceCardinality.MULTIPLE, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetTokenBinderInfo") + service = TokenBinderInfo.class, + cardinality = ReferenceCardinality.MULTIPLE, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetTokenBinderInfo") protected void setTokenBinderInfo(TokenBinderInfo tokenBinderInfo) { if (log.isDebugEnabled()) { @@ -731,8 +1048,8 @@ protected void setScopeClaimMappingDAO(ScopeClaimMappingDAO scopeClaimMappingDAO .getScopeClaimMappingDAO(); if (existingScopeClaimMappingDAO != null) { log.warn("Scope Claim DAO implementation " + existingScopeClaimMappingDAO.getClass().getName() + - " is registered already and PersistenceFactory is created." + - " So DAO Impl : " + scopeClaimMappingDAO.getClass().getName() + " will not be registered"); + " is registered already and PersistenceFactory is created." + + " So DAO Impl : " + scopeClaimMappingDAO.getClass().getName() + " will not be registered"); } else { OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(scopeClaimMappingDAO); if (log.isDebugEnabled()) { @@ -751,567 +1068,260 @@ protected void unsetScopeClaimMappingDAO(ScopeClaimMappingDAO scopeClaimMappingD } @Reference( - name = "carbon.organization.management.role.management.component", - service = RoleManager.class, - cardinality = ReferenceCardinality.OPTIONAL, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOrganizationRoleManager" - ) - protected void setOrganizationRoleManager(RoleManager roleManager) { - - if (log.isDebugEnabled()) { - log.debug("Setting organization role management service"); - } - OAuth2ServiceComponentHolder.setRoleManager(roleManager); - } - - protected void unsetOrganizationRoleManager(RoleManager roleManager) { - - OAuth2ServiceComponentHolder.setRoleManager(null); - if (log.isDebugEnabled()) { - log.debug("Unset organization role management service."); - } - } - - @Reference( - name = "organization.user.resident.resolver.service", - service = OrganizationUserResidentResolverService.class, - cardinality = ReferenceCardinality.MANDATORY, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOrganizationUserResidentResolverService" - ) - protected void setOrganizationUserResidentResolverService( - OrganizationUserResidentResolverService organizationUserResidentResolverService) { - - if (log.isDebugEnabled()) { - log.debug("Setting the organization user resident resolver service."); - } - OAuth2ServiceComponentHolder.setOrganizationUserResidentResolverService( - organizationUserResidentResolverService); - } - - protected void unsetOrganizationUserResidentResolverService( - OrganizationUserResidentResolverService organizationUserResidentResolverService) { - - if (log.isDebugEnabled()) { - log.debug("Unset organization user resident resolver service."); - } - OAuth2ServiceComponentHolder.setOrganizationUserResidentResolverService(null); - } - - /** - * Sets the token provider. - * - * @param tokenProvider TokenProvider - */ - @Reference( - name = "token.provider", - service = TokenProvider.class, - cardinality = ReferenceCardinality.OPTIONAL, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetTokenProvider" - ) - protected void setTokenProvider(TokenProvider tokenProvider) { - - if (log.isDebugEnabled()) { - log.debug("Setting token provider."); - } - OAuth2ServiceComponentHolder.getInstance().setTokenProvider(tokenProvider); - } - - /** - * Unsets the token provider. - * - * @param tokenProvider TokenProvider - */ - protected void unsetTokenProvider(TokenProvider tokenProvider) { - - if (log.isDebugEnabled()) { - log.debug("Unset token provider."); - } - OAuth2ServiceComponentHolder.getInstance().setTokenProvider(null); - } - - /** - * Sets the refresh token grant processor. - * - * @param refreshTokenGrantProcessor RefreshTokenGrantProcessor - */ - @Reference( - name = "refreshtoken.grant.processor", - service = RefreshTokenGrantProcessor.class, - cardinality = ReferenceCardinality.OPTIONAL, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetRefreshTokenGrantProcessor" - ) - protected void setRefreshTokenGrantProcessor(RefreshTokenGrantProcessor refreshTokenGrantProcessor) { - - if (log.isDebugEnabled()) { - log.debug("Setting refresh token grant processor."); - } - OAuth2ServiceComponentHolder.getInstance().setRefreshTokenGrantProcessor(refreshTokenGrantProcessor); - } - - /** - * Unsets the refresh token grant processor. - * - * @param refreshTokenGrantProcessor RefreshTokenGrantProcessor - */ - protected void unsetRefreshTokenGrantProcessor(RefreshTokenGrantProcessor refreshTokenGrantProcessor) { - - if (log.isDebugEnabled()) { - log.debug("Unset refresh token grant processor."); - } - OAuth2ServiceComponentHolder.getInstance().setRefreshTokenGrantProcessor(null); - } - - /** - * Sets the access token grant processor. - * - * @param accessTokenDAO AccessTokenDAO - */ - @Reference( - name = "access.token.dao.service", - service = AccessTokenDAO.class, + name = "carbon.organization.management.role.management.component", + service = RoleManager.class, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC, - unbind = "unsetAccessTokenDAOService" + unbind = "unsetOrganizationRoleManager" ) - protected void setAccessTokenDAOService(AccessTokenDAO accessTokenDAO) { + protected void setOrganizationRoleManager(RoleManager roleManager) { if (log.isDebugEnabled()) { - log.debug(String.format("Adding the Access Token DAO Service : %s", accessTokenDAO.getClass().getName())); + log.debug("Setting organization role management service"); } - OAuthComponentServiceHolder.getInstance().setAccessTokenDAOService(accessTokenDAO); + OAuth2ServiceComponentHolder.setRoleManager(roleManager); } - /** - * Unsets the access token grant processor. - * - * @param accessTokenDAO AccessTokenDAO - */ - protected void unsetAccessTokenDAOService(AccessTokenDAO accessTokenDAO) { + protected void unsetOrganizationRoleManager(RoleManager roleManager) { + OAuth2ServiceComponentHolder.setRoleManager(null); if (log.isDebugEnabled()) { - log.debug(String.format("Removing the Access Token DAO Service : %s", accessTokenDAO.getClass().getName())); + log.debug("Unset organization role management service."); } - OAuthComponentServiceHolder.getInstance().setAccessTokenDAOService(null); } - /** - * Sets the access token grant processor. - * - * @param tokenMgtDAOService TokenManagementDAO - */ @Reference( - name = "token.management.dao.service", - service = TokenManagementDAO.class, - cardinality = ReferenceCardinality.OPTIONAL, + name = "organization.user.resident.resolver.service", + service = OrganizationUserResidentResolverService.class, + cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, - unbind = "unsetTokenMgtDAOService" + unbind = "unsetOrganizationUserResidentResolverService" ) - protected void setTokenMgtDAOService(TokenManagementDAO tokenMgtDAOService) { + protected void setOrganizationUserResidentResolverService( + OrganizationUserResidentResolverService organizationUserResidentResolverService) { if (log.isDebugEnabled()) { - log.debug(String.format("Adding the Token Mgt DAO Service : %s", tokenMgtDAOService.getClass().getName())); + log.debug("Setting the organization user resident resolver service."); } - OAuthComponentServiceHolder.getInstance().setTokenManagementDAOService(tokenMgtDAOService); + OAuth2ServiceComponentHolder.setOrganizationUserResidentResolverService( + organizationUserResidentResolverService); } - /** - * Unsets the access token grant processor. - * - * @param tokenManagementDAO TokenManagementDAO - */ - protected void unsetTokenMgtDAOService(TokenManagementDAO tokenManagementDAO) { + protected void unsetOrganizationUserResidentResolverService( + OrganizationUserResidentResolverService organizationUserResidentResolverService) { if (log.isDebugEnabled()) { - log.debug(String.format("Removing the Token Mgt DAO Service : %s", - tokenManagementDAO.getClass().getName())); + log.debug("Unset organization user resident resolver service."); } - OAuthComponentServiceHolder.getInstance().setTokenManagementDAOService(null); + OAuth2ServiceComponentHolder.setOrganizationUserResidentResolverService(null); } - /** - * Sets the access token grant processor. + * Sets the token provider. * - * @param oAuth2RevocationProcessor OAuth2RevocationProcessor + * @param tokenProvider TokenProvider */ @Reference( - name = "oauth2.revocation.processor", - service = OAuth2RevocationProcessor.class, + name = "token.provider", + service = TokenProvider.class, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOAuth2RevocationProcessor" + unbind = "unsetTokenProvider" ) - protected void setOAuth2RevocationProcessor(OAuth2RevocationProcessor oAuth2RevocationProcessor) { + protected void setTokenProvider(TokenProvider tokenProvider) { if (log.isDebugEnabled()) { - log.debug("Setting Oauth2 revocation processor."); + log.debug("Setting token provider."); } - OAuth2ServiceComponentHolder.getInstance().setRevocationProcessor(oAuth2RevocationProcessor); + OAuth2ServiceComponentHolder.getInstance().setTokenProvider(tokenProvider); } /** - * Unsets the access token grant processor. + * Unsets the token provider. * - * @param oAuth2RevocationProcessor OAuth2RevocationProcessor + * @param tokenProvider TokenProvider */ - protected void unsetOAuth2RevocationProcessor(OAuth2RevocationProcessor oAuth2RevocationProcessor) { + protected void unsetTokenProvider(TokenProvider tokenProvider) { if (log.isDebugEnabled()) { - log.debug("Unset Oauth2 revocation processor."); + log.debug("Unset token provider."); } - OAuth2ServiceComponentHolder.getInstance().setRevocationProcessor(null); + OAuth2ServiceComponentHolder.getInstance().setTokenProvider(null); } + /** + * Sets the refresh token grant processor. + * + * @param refreshTokenGrantProcessor RefreshTokenGrantProcessor + */ @Reference( - name = "organization.mgt.initialize.service", - service = OrganizationManagementInitialize.class, + name = "refreshtoken.grant.processor", + service = RefreshTokenGrantProcessor.class, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOrganizationManagementEnablingService" - ) - protected void setOrganizationManagementEnablingService( - OrganizationManagementInitialize organizationManagementInitializeService) { - - OAuth2ServiceComponentHolder.getInstance() - .setOrganizationManagementEnable(organizationManagementInitializeService); - } - - protected void unsetOrganizationManagementEnablingService( - OrganizationManagementInitialize organizationManagementInitializeInstance) { - - OAuth2ServiceComponentHolder.getInstance().setOrganizationManagementEnable(null); - } - - @Reference( - name = "organization.service", - service = OrganizationManager.class, - cardinality = ReferenceCardinality.MANDATORY, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOrganizationManager" + unbind = "unsetRefreshTokenGrantProcessor" ) - protected void setOrganizationManager(OrganizationManager organizationManager) { + protected void setRefreshTokenGrantProcessor(RefreshTokenGrantProcessor refreshTokenGrantProcessor) { - OAuth2ServiceComponentHolder.getInstance().setOrganizationManager(organizationManager); if (log.isDebugEnabled()) { - log.debug("Set organization management service."); + log.debug("Setting refresh token grant processor."); } + OAuth2ServiceComponentHolder.getInstance().setRefreshTokenGrantProcessor(refreshTokenGrantProcessor); } - protected void unsetOrganizationManager(OrganizationManager organizationManager) { + /** + * Unsets the refresh token grant processor. + * + * @param refreshTokenGrantProcessor RefreshTokenGrantProcessor + */ + protected void unsetRefreshTokenGrantProcessor(RefreshTokenGrantProcessor refreshTokenGrantProcessor) { - OAuth2ServiceComponentHolder.getInstance().setOrganizationManager(null); if (log.isDebugEnabled()) { - log.debug("Unset organization management service."); - } - } - - private static void loadScopeConfigFile() { - - List listOIDCScopesClaims = new ArrayList<>(); - String configDirPath = CarbonUtils.getCarbonConfigDirPath(); - String confXml = - Paths.get(configDirPath, IDENTITY_PATH, OAuthConstants.OIDC_SCOPE_CONFIG_PATH).toString(); - File configFile = new File(confXml); - if (!configFile.exists()) { - log.warn("OIDC scope-claim Configuration File is not present at: " + confXml); - return; - } - - XMLStreamReader parser = null; - try (InputStream stream = new FileInputStream(configFile)) { - - parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); - StAXOMBuilder builder = new StAXOMBuilder(parser); - OMElement documentElement = builder.getDocumentElement(); - Iterator iterator = documentElement.getChildElements(); - while (iterator.hasNext()) { - ScopeDTO scope = new ScopeDTO(); - OMElement omElement = (OMElement) iterator.next(); - String configType = omElement.getAttributeValue(new QName(ID)); - scope.setName(configType); - - String displayName = omElement.getAttributeValue(new QName(DISPLAY_NAME)); - if (StringUtils.isNotEmpty(displayName)) { - scope.setDisplayName(displayName); - } else { - scope.setDisplayName(configType); - } - - String description = omElement.getAttributeValue(new QName(DESCRIPTION)); - if (StringUtils.isNotEmpty(description)) { - scope.setDescription(description); - } - - scope.setClaim(loadClaimConfig(omElement)); - listOIDCScopesClaims.add(scope); - } - } catch (XMLStreamException e) { - log.warn("Error while streaming OIDC scope config.", e); - } catch (IOException e) { - log.warn("Error while loading OIDC scope config.", e); - } finally { - try { - if (parser != null) { - parser.close(); - } - } catch (XMLStreamException e) { - log.error("Error while closing XML stream", e); - } - } - OAuth2ServiceComponentHolder.getInstance().setOIDCScopesClaims(listOIDCScopesClaims); - } - - private static String[] loadClaimConfig(OMElement configElement) { - - StringBuilder claimConfig = new StringBuilder(); - Iterator it = configElement.getChildElements(); - while (it.hasNext()) { - OMElement element = (OMElement) it.next(); - if (CLAIM.equals(element.getLocalName())) { - String commaSeparatedClaimNames = element.getText(); - if (StringUtils.isNotBlank(commaSeparatedClaimNames)) { - claimConfig.append(commaSeparatedClaimNames.trim()); - } - } - } - - String[] claim; - if (claimConfig.length() > 0) { - claim = claimConfig.toString().split(","); - } else { - claim = new String[0]; + log.debug("Unset refresh token grant processor."); } - return claim; + OAuth2ServiceComponentHolder.getInstance().setRefreshTokenGrantProcessor(null); } - private static void loadOauthScopeBinding() { - - List scopes = new ArrayList<>(); - String configDirPath = CarbonUtils.getCarbonConfigDirPath(); - String confXml = Paths.get(configDirPath, IDENTITY_PATH, OAuthConstants.OAUTH_SCOPE_BINDING_PATH).toString(); - File configFile = new File(confXml); - if (!configFile.exists()) { - log.warn("OAuth scope binding File is not present at: " + confXml); - return; - } - - XMLStreamReader parser = null; - try (InputStream stream = new FileInputStream(configFile)) { - - parser = XMLInputFactory.newInstance() - .createXMLStreamReader(stream); - StAXOMBuilder builder = new StAXOMBuilder(parser); - OMElement documentElement = builder.getDocumentElement(); - Iterator iterator = documentElement.getChildElements(); - while (iterator.hasNext()) { - OMElement omElement = (OMElement) iterator.next(); - String scopeName = omElement.getAttributeValue(new QName(NAME)); - String displayName = omElement.getAttributeValue(new QName(DISPLAY_NAME)); - String description = omElement.getAttributeValue(new QName(DESCRIPTION)); - List bindingPermissions = loadScopePermissions(omElement); - ScopeBinding scopeBinding = new ScopeBinding(PERMISSIONS_BINDING_TYPE, bindingPermissions); - List scopeBindings = new ArrayList<>(); - scopeBindings.add(scopeBinding); - Scope scope = new Scope(scopeName, displayName, scopeBindings, description); - scopes.add(scope); - } - } catch (XMLStreamException e) { - log.warn("Error while streaming oauth-scope-bindings config.", e); - } catch (IOException e) { - log.warn("Error while loading oauth-scope-bindings config.", e); - } finally { - try { - if (parser != null) { - parser.close(); - } - } catch (XMLStreamException e) { - log.error("Error while closing XML stream", e); - } + /** + * Sets the access token grant processor. + * + * @param accessTokenDAO AccessTokenDAO + */ + @Reference( + name = "access.token.dao.service", + service = AccessTokenDAO.class, + cardinality = ReferenceCardinality.OPTIONAL, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetAccessTokenDAOService" + ) + protected void setAccessTokenDAOService(AccessTokenDAO accessTokenDAO) { + + if (log.isDebugEnabled()) { + log.debug(String.format("Adding the Access Token DAO Service : %s", accessTokenDAO.getClass().getName())); } - OAuth2ServiceComponentHolder.getInstance().setOauthScopeBinding(scopes); + OAuthComponentServiceHolder.getInstance().setAccessTokenDAOService(accessTokenDAO); } - private static List loadScopePermissions(OMElement configElement) { + /** + * Unsets the access token grant processor. + * + * @param accessTokenDAO AccessTokenDAO + */ + protected void unsetAccessTokenDAOService(AccessTokenDAO accessTokenDAO) { - List permissions = new ArrayList<>(); - Iterator it = configElement.getChildElements(); - while (it.hasNext()) { - OMElement element = (OMElement) it.next(); - Iterator permissionIterator = element.getChildElements(); - while (permissionIterator.hasNext()) { - OMElement permissionElement = (OMElement) permissionIterator.next(); - if (PERMISSION.equals(permissionElement.getLocalName())) { - String permission = permissionElement.getText(); - permissions.add(permission); - } - } + if (log.isDebugEnabled()) { + log.debug(String.format("Removing the Access Token DAO Service : %s", accessTokenDAO.getClass().getName())); } - return permissions; + OAuthComponentServiceHolder.getInstance().setAccessTokenDAOService(null); } - private static void initializeLegacyScopeToNewScopeMappings() { - - Map> legacyResourceScopes = loadLegacyResourceScopes(); - Map> newResourceScopes = loadNewResourceScopes(); - Map> mappedScopes = new HashMap<>(); - Map> mappedMultipleScopes = new HashMap<>(); + /** + * Sets the access token grant processor. + * + * @param tokenMgtDAOService TokenManagementDAO + */ + @Reference( + name = "token.management.dao.service", + service = TokenManagementDAO.class, + cardinality = ReferenceCardinality.OPTIONAL, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetTokenMgtDAOService" + ) + protected void setTokenMgtDAOService(TokenManagementDAO tokenMgtDAOService) { - for (Map.Entry> entry : legacyResourceScopes.entrySet()) { - ResourceAccessControlKey resourceAccessControlKey = entry.getKey(); - List legacyScopes = entry.getValue(); - List newScopes = newResourceScopes.get(resourceAccessControlKey); - if (CollectionUtils.isEmpty(legacyScopes) || CollectionUtils.isEmpty(newScopes)) { - continue; - } - if (legacyScopes.size() == 1) { - // This will add the scope mappings related to resources protected by single legacy scope. - String legacyScope = legacyScopes.get(0); - if (newScopes.contains(legacyScope)) { - continue; - } - if (mappedScopes.get(legacyScope) != null) { - mappedScopes.get(legacyScope).addAll(newScopes); - } else { - mappedScopes.put(legacyScope, new HashSet<>(newScopes)); - } - } else { - // This will add the scope mappings related to resources protected by multiple legacy scopes. - String legacyScopeKey = legacyScopes.stream().sorted().collect(Collectors.joining(",")); - String newScopesString = newScopes.stream().sorted().collect(Collectors.joining(",")); - if (legacyScopeKey.equals(newScopesString)) { - continue; - } - if (mappedMultipleScopes.get(legacyScopeKey) != null) { - mappedMultipleScopes.get(legacyScopeKey).addAll(newScopes); - } else { - mappedMultipleScopes.put(legacyScopeKey, new HashSet<>(newScopes)); - } - } + if (log.isDebugEnabled()) { + log.debug(String.format("Adding the Token Mgt DAO Service : %s", tokenMgtDAOService.getClass().getName())); } - OAuth2ServiceComponentHolder.getInstance().setLegacyScopesToNewScopesMap(mappedScopes); - OAuth2ServiceComponentHolder.getInstance().setLegacyMultipleScopesToNewScopesMap(mappedMultipleScopes); + OAuthComponentServiceHolder.getInstance().setTokenManagementDAOService(tokenMgtDAOService); } /** - * Load legacy resource scopes from identity.xml. + * Unsets the access token grant processor. * - * @return Map of resource access control key and scopes. + * @param tokenManagementDAO TokenManagementDAO */ - private static Map> loadLegacyResourceScopes() { - - Map> resourceAccessControlMap = new HashMap<>(); - String configDirPath = CarbonUtils.getCarbonConfigDirPath(); - String filePath = Paths.get(configDirPath, IDENTITY_PATH, IdentityCoreConstants.IDENTITY_CONFIG).toString(); + protected void unsetTokenMgtDAOService(TokenManagementDAO tokenManagementDAO) { - XMLStreamReader parser = null; - try (InputStream stream = new FileInputStream(filePath)) { - parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); - StAXOMBuilder builder = new StAXOMBuilder(parser); - OMElement documentElement = builder.getDocumentElement(); - Iterator iterator = documentElement.getChildElements(); - while (iterator.hasNext()) { - OMElement omElement = (OMElement) iterator.next(); - if (RESOURCE_ACCESS_CONTROL.equals(omElement.getLocalName())) { - Iterator resourceIterator = omElement.getChildElements(); - while (resourceIterator.hasNext()) { - OMElement resourceElement = (OMElement) resourceIterator.next(); - if (RESOURCE.equals(resourceElement.getLocalName())) { - processResourceElement(resourceElement, resourceAccessControlMap); - } - } - } - } - } catch (XMLStreamException e) { - log.warn("Error while streaming identity config.", e); - } catch (IOException e) { - log.warn("Error while loading identity config.", e); - } finally { - try { - if (parser != null) { - parser.close(); - } - } catch (XMLStreamException e) { - log.error("Error while closing XML stream", e); - } + if (log.isDebugEnabled()) { + log.debug(String.format("Removing the Token Mgt DAO Service : %s", + tokenManagementDAO.getClass().getName())); } - - return resourceAccessControlMap; + OAuthComponentServiceHolder.getInstance().setTokenManagementDAOService(null); } /** - * Load new resource scopes from resource-access-control-v2.xml. + * Sets the access token grant processor. * - * @return Map of resource access control key and scopes. + * @param oAuth2RevocationProcessor OAuth2RevocationProcessor */ - private static Map> loadNewResourceScopes() { - - Map> resourceAccessControlMap = new HashMap<>(); - String configDirPath = CarbonUtils.getCarbonConfigDirPath(); - String filePath = Paths.get(configDirPath, IDENTITY_PATH, - OAuthConstants.RESOURCE_ACCESS_CONTROL_V2_CONFIG_PATH).toString(); + @Reference( + name = "oauth2.revocation.processor", + service = OAuth2RevocationProcessor.class, + cardinality = ReferenceCardinality.OPTIONAL, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetOAuth2RevocationProcessor" + ) + protected void setOAuth2RevocationProcessor(OAuth2RevocationProcessor oAuth2RevocationProcessor) { - XMLStreamReader parser = null; - try (InputStream stream = new FileInputStream(filePath)) { - parser = XMLInputFactory.newInstance().createXMLStreamReader(stream); - StAXOMBuilder builder = new StAXOMBuilder(parser); - OMElement documentElement = builder.getDocumentElement(); - Iterator iterator = documentElement.getChildElements(); - while (iterator.hasNext()) { - OMElement resourceElement = (OMElement) iterator.next(); - if (RESOURCE.equals(resourceElement.getLocalName())) { - processResourceElement(resourceElement, resourceAccessControlMap); - } - } - } catch (XMLStreamException e) { - log.warn("Error while streaming resource access control v2 config.", e); - } catch (IOException e) { - log.warn("Error while loading resource access control v2 config.", e); - } finally { - try { - if (parser != null) { - parser.close(); - } - } catch (XMLStreamException e) { - log.error("Error while closing XML stream", e); - } + if (log.isDebugEnabled()) { + log.debug("Setting Oauth2 revocation processor."); } - - return resourceAccessControlMap; + OAuth2ServiceComponentHolder.getInstance().setRevocationProcessor(oAuth2RevocationProcessor); } /** - * Process resource element and populate the map. + * Unsets the access token grant processor. * - * @param resourceElement Resource element. - * @param resourceScopeMap Resource scope map. + * @param oAuth2RevocationProcessor OAuth2RevocationProcessor */ - private static void processResourceElement(OMElement resourceElement, - Map> resourceScopeMap) { + protected void unsetOAuth2RevocationProcessor(OAuth2RevocationProcessor oAuth2RevocationProcessor) { - String context = resourceElement.getAttributeValue(new QName(CONTEXT)); - String httpMethod = resourceElement.getAttributeValue(new QName(HTTP_METHOD)); - boolean secured = Boolean.parseBoolean(resourceElement.getAttributeValue(new QName(SECURED))); + if (log.isDebugEnabled()) { + log.debug("Unset Oauth2 revocation processor."); + } + OAuth2ServiceComponentHolder.getInstance().setRevocationProcessor(null); + } - if (secured) { - ResourceAccessControlKey key = new ResourceAccessControlKey(); - key.setEndpointRegex(context); - key.setHttpMethod(httpMethod); + @Reference( + name = "organization.mgt.initialize.service", + service = OrganizationManagementInitialize.class, + cardinality = ReferenceCardinality.OPTIONAL, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetOrganizationManagementEnablingService" + ) + protected void setOrganizationManagementEnablingService( + OrganizationManagementInitialize organizationManagementInitializeService) { - List scopes = new ArrayList<>(); - Iterator childIterator = resourceElement.getChildElements(); - while (childIterator.hasNext()) { - OMElement childElement = (OMElement) childIterator.next(); - if (SCOPES.equals(childElement.getLocalName())) { - scopes.add(childElement.getText()); - } - } - if (CollectionUtils.isNotEmpty(scopes)) { - resourceScopeMap.put(key, scopes); - } + OAuth2ServiceComponentHolder.getInstance() + .setOrganizationManagementEnable(organizationManagementInitializeService); + } + + protected void unsetOrganizationManagementEnablingService( + OrganizationManagementInitialize organizationManagementInitializeInstance) { + + OAuth2ServiceComponentHolder.getInstance().setOrganizationManagementEnable(null); + } + + @Reference( + name = "organization.service", + service = OrganizationManager.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetOrganizationManager" + ) + protected void setOrganizationManager(OrganizationManager organizationManager) { + + OAuth2ServiceComponentHolder.getInstance().setOrganizationManager(organizationManager); + if (log.isDebugEnabled()) { + log.debug("Set organization management service."); + } + } + + protected void unsetOrganizationManager(OrganizationManager organizationManager) { + + OAuth2ServiceComponentHolder.getInstance().setOrganizationManager(null); + if (log.isDebugEnabled()) { + log.debug("Unset organization management service."); } } @@ -1352,7 +1362,7 @@ protected void unsetIdentityEventService(IdentityEventService identityEventServi * @param consentServerConfigsManagementService The Consent Server Configs Management Service which needs to be set. */ protected void setConsentServerConfigsManagementService(ConsentServerConfigsManagementService - consentServerConfigsManagementService) { + consentServerConfigsManagementService) { OAuth2ServiceComponentHolder.setConsentServerConfigsManagementService(consentServerConfigsManagementService); log.debug("Setting the Consent Server Management Configs."); @@ -1364,7 +1374,7 @@ protected void setConsentServerConfigsManagementService(ConsentServerConfigsMana * @param consentServerConfigsManagementService The Consent Server Configs Management Service which needs to unset. */ protected void unsetConsentServerConfigsManagementService(ConsentServerConfigsManagementService - consentServerConfigsManagementService) { + consentServerConfigsManagementService) { OAuth2ServiceComponentHolder.setConsentServerConfigsManagementService(null); log.debug("Unsetting the Consent Server Configs Management."); @@ -1379,13 +1389,13 @@ protected void unsetConsentServerConfigsManagementService(ConsentServerConfigsMa ) protected void setConfigurationContextService(ConfigurationContextService configurationContextService) { - OAuth2ServiceComponentHolder.getInstance().setConfigurationContextService(configurationContextService); + OAuth2ServiceComponentHolder.setConfigurationContextService(configurationContextService); log.debug("ConfigurationContextService Instance was set."); } protected void unsetConfigurationContextService(ConfigurationContextService configurationContextService) { - OAuth2ServiceComponentHolder.getInstance().setConfigurationContextService(null); + OAuth2ServiceComponentHolder.setConfigurationContextService(null); log.debug("ConfigurationContextService Instance was unset."); } @@ -1420,7 +1430,7 @@ protected void unsetJWTAccessTokenClaimProvider(JWTAccessTokenClaimProvider clai unbind = "unsetSAMLSSOServiceProviderManager") protected void setSAMLSSOServiceProviderManager(SAMLSSOServiceProviderManager samlSSOServiceProviderManager) { - OAuth2ServiceComponentHolder.getInstance().setSamlSSOServiceProviderManager(samlSSOServiceProviderManager); + OAuth2ServiceComponentHolder.setSamlSSOServiceProviderManager(samlSSOServiceProviderManager); if (log.isDebugEnabled()) { log.debug("SAMLSSOServiceProviderManager set in to bundle"); } @@ -1428,7 +1438,7 @@ protected void setSAMLSSOServiceProviderManager(SAMLSSOServiceProviderManager sa protected void unsetSAMLSSOServiceProviderManager(SAMLSSOServiceProviderManager samlSSOServiceProviderManager) { - OAuth2ServiceComponentHolder.getInstance().setSamlSSOServiceProviderManager(null); + OAuth2ServiceComponentHolder.setSamlSSOServiceProviderManager(null); if (log.isDebugEnabled()) { log.debug("SAMLSSOServiceProviderManager unset in to bundle"); } @@ -1520,6 +1530,7 @@ protected void setAPIResourceManagerService(APIResourceManager apiResourceManage } OAuth2ServiceComponentHolder.getInstance().setApiResourceManager(apiResourceManager); } + protected void unsetAPIResourceManagerService(APIResourceManager apiResourceManager) { if (log.isDebugEnabled()) { @@ -1597,7 +1608,6 @@ protected void registerConfigurationManager(ConfigurationManager configurationMa OAuth2ServiceComponentHolder.getInstance().setConfigurationManager(configurationManager); } - /** * Unset the ConfigurationManager. * diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java index 6d6f986290..3de3f055f6 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java @@ -167,6 +167,8 @@ public OAuth2AccessTokenRespDTO issue(OAuth2AccessTokenReqDTO tokenReqDTO) String grantType = tokenReqDTO.getGrantType(); OAuth2AccessTokenRespDTO tokenRespDTO = null; + log.info("=== Starting access token issue flow. grantType: " + grantType); + AuthorizationGrantHandler authzGrantHandler = authzGrantHandlers.get(grantType); OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(tokenReqDTO); @@ -573,6 +575,12 @@ private OAuth2AccessTokenRespDTO validateGrantAndIssueToken(OAuth2AccessTokenReq } } + log.info("=== End of access token issue flow. grantType: " + grantType + " tokenRespDTO: " + "{" + + "accessToken: " + tokenRespDTO.getAccessToken() + ", refreshToken: " + tokenRespDTO.getRefreshToken() + + ", expiresIn: " + tokenRespDTO.getExpiresIn() + ", authorizedScopes: " + + tokenRespDTO.getAuthorizedScopes() + ", tokenType: " + tokenRespDTO.getTokenType() + + ", parameterObjects: " + tokenRespDTO.getParameterObjects() + "}"); + if (Constants.DEVICE_FLOW_GRANT_TYPE.equals(grantType)) { Optional deviceCodeOptional = getDeviceCode(tokenReqDTO); if (deviceCodeOptional.isPresent()) { @@ -590,6 +598,8 @@ private OAuth2AccessTokenRespDTO validateGrantAndIssueToken(OAuth2AccessTokenReq addUserAttributesAgainstAccessTokenForPasswordGrant(tokenRespDTO, tokReqMsgCtx); } + persistCustomizedAccessTokenAttributesForRefreshToken(tokenRespDTO, tokReqMsgCtx); + if (GrantType.AUTHORIZATION_CODE.toString().equals(grantType)) { // Cache entry against the authorization code has no value beyond the token request. clearCacheEntryAgainstAuthorizationCode(getAuthorizationCode(tokenReqDTO)); @@ -1237,6 +1247,37 @@ private void addUserAttributesAgainstAccessTokenForPasswordGrant(OAuth2AccessTok } } + private void persistCustomizedAccessTokenAttributesForRefreshToken(OAuth2AccessTokenRespDTO tokenRespDTO, + OAuthTokenReqMessageContext tokReqMsgCtx) { + + /* + If pre issue access token actions are executed it may have done modifications to the audience list, claims, + incorporated to the access token which are not persisted in the access token table. + If so, persist those custom modifications against the token id in the transaction session store + to populate the authorized access token context back at refresh token flow. + */ + if (tokReqMsgCtx.isPreIssueAccessTokenActionsExecuted()) { + AuthorizationGrantCacheKey newCacheKey = new AuthorizationGrantCacheKey(tokenRespDTO.getTokenId()); + AuthorizationGrantCacheEntry authorizationGrantCacheEntry = + new AuthorizationGrantCacheEntry(); + authorizationGrantCacheEntry.setTokenId(tokenRespDTO.getTokenId()); + authorizationGrantCacheEntry.setPreIssueAccessTokenActionsExecuted( + tokReqMsgCtx.isPreIssueAccessTokenActionsExecuted()); + authorizationGrantCacheEntry.setAudiences(tokReqMsgCtx.getAudiences()); + authorizationGrantCacheEntry.setCustomClaims(tokReqMsgCtx.getAdditionalAccessTokenClaims()); + + authorizationGrantCacheEntry.setValidityPeriod( + TimeUnit.MILLISECONDS.toNanos(tokReqMsgCtx.getRefreshTokenvalidityPeriod())); + AuthorizationGrantCache.getInstance().addToCacheByToken(newCacheKey, authorizationGrantCacheEntry); + + if (log.isDebugEnabled()) { + log.debug(String.format( + "Customized audience list and access token attributes from pre issue access token actions are persisted in the AuthorizationGrantCache against the token id: %s.", + tokenRespDTO.getTokenId())); + } + } + } + private void clearCacheEntryAgainstAuthorizationCode(String authorizationCode) { AuthorizationGrantCacheKey oldCacheKey = new AuthorizationGrantCacheKey(authorizationCode); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java index 40235d0f7c..c903e81925 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java @@ -167,7 +167,7 @@ private JWTClaimsSet createSubjectTokenJWTClaimSet(OAuthAuthzReqMessageContext o long curTimeInMillis = Calendar.getInstance().getTimeInMillis(); AuthenticatedUser authenticatedUser = getAuthenticatedUser(oauthAuthzMsgCtx, null); - String sub = getSubjectClaim(consumerKey, spTenantDomain, authenticatedUser); + String sub = authenticatedUser.getAuthenticatedSubjectIdentifier(); String subject = oauthAuthzMsgCtx.getAuthorizationReqDTO().getRequestedSubjectId(); @@ -289,6 +289,7 @@ protected String buildJWTToken(OAuthTokenReqMessageContext request) throws Ident } jwtClaimsSet = jwtClaimsSetBuilder.build(); + if (JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName())) { return new PlainJWT(jwtClaimsSet).serialize(); } @@ -567,6 +568,7 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe getAccessTokenLifeTimeInMillis(authAuthzReqMessageContext, oAuthAppDO, consumerKey); spTenantDomain = authAuthzReqMessageContext.getAuthorizationReqDTO().getTenantDomain(); } else { + // todo: should be updated based on context accessTokenLifeTimeInMillis = getAccessTokenLifeTimeInMillis(tokenReqMessageContext, oAuthAppDO, consumerKey); spTenantDomain = tokenReqMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain(); @@ -576,8 +578,8 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe long curTimeInMillis = Calendar.getInstance().getTimeInMillis(); AuthenticatedUser authenticatedUser = getAuthenticatedUser(authAuthzReqMessageContext, tokenReqMessageContext); - String sub = getSubjectClaim(consumerKey, spTenantDomain, authenticatedUser); - if (checkPairwiseSubEnabledForAccessTokens()) { + String sub = authenticatedUser.getAuthenticatedSubjectIdentifier(); + if (OAuth2Util.isPairwiseSubEnabledForAccessTokens()) { // pairwise sub claim is returned only if pairwise subject identifier for access tokens is enabled. sub = OIDCClaimUtil.getSubjectClaim(sub, oAuthAppDO); } @@ -593,6 +595,7 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe jwtClaimsSetBuilder.claim(CLIENT_ID, consumerKey); setClaimsForNonPersistence(jwtClaimsSetBuilder, authAuthzReqMessageContext, tokenReqMessageContext, authenticatedUser, oAuthAppDO); + // todo: change scopes based on context. Already happening String scope = getScope(authAuthzReqMessageContext, tokenReqMessageContext); if (StringUtils.isNotEmpty(scope)) { jwtClaimsSetBuilder.claim(SCOPE, scope); @@ -601,22 +604,26 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe jwtClaimsSetBuilder.claim(OAuthConstants.AUTHORIZED_USER_TYPE, getAuthorizedUserType(authAuthzReqMessageContext, tokenReqMessageContext)); + // todo: calculate based on validity period in context jwtClaimsSetBuilder.expirationTime(calculateAccessTokenExpiryTime(accessTokenLifeTimeInMillis, curTimeInMillis)); - // This is a spec (openid-connect-core-1_0:2.0) requirement for ID tokens. But we are keeping this in JWT - // as well. - List audience = OAuth2Util.getOIDCAudience(consumerKey, oAuthAppDO); - jwtClaimsSetBuilder.audience(audience); + // This is a spec (openid-connect-core-1_0:2.0) requirement for ID tokens. But we are keeping this in JWT as well. + jwtClaimsSetBuilder.audience(tokenReqMessageContext != null ? tokenReqMessageContext.getAudiences() : + OAuth2Util.getOIDCAudience(consumerKey, oAuthAppDO)); + JWTClaimsSet jwtClaimsSet; // Handle custom claims if (authAuthzReqMessageContext != null) { jwtClaimsSet = handleCustomClaims(jwtClaimsSetBuilder, authAuthzReqMessageContext); } else { + // todo: update based on new claims or added or removed claims on user from context. + // todo: need to execute this before invoking the action so respective information is available jwtClaimsSet = handleCustomClaims(jwtClaimsSetBuilder, tokenReqMessageContext); } + // todo: ignore as no longer needed to be used. If used this will just add those additional claims to the JWT if (tokenReqMessageContext != null && tokenReqMessageContext.getOauth2AccessTokenReqDTO() != null && tokenReqMessageContext.getOauth2AccessTokenReqDTO().getAccessTokenExtendedAttributes() != null) { Map customClaims = @@ -628,6 +635,7 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe } } } + // Include token binding. jwtClaimsSet = handleTokenBinding(jwtClaimsSetBuilder, tokenReqMessageContext); @@ -692,12 +700,6 @@ private JWTClaimsSet handleCnf(JWTClaimsSet.Builder jwtClaimsSetBuilder, return jwtClaimsSetBuilder.build(); } - private String getSubjectClaim(String clientId, String spTenantDomain, AuthenticatedUser authorizedUser) - throws IdentityOAuth2Exception { - - return authorizedUser.getAuthenticatedSubjectIdentifier(); - } - /** * Get authentication request object from message context. * @@ -789,7 +791,20 @@ protected long getAccessTokenLifeTimeInMillis(OAuthAuthzReqMessageContext authzR protected long getAccessTokenLifeTimeInMillis(OAuthTokenReqMessageContext tokenReqMessageContext, OAuthAppDO oAuthAppDO, String consumerKey) throws IdentityOAuth2Exception { + long lifetimeInMillis; + + if (tokenReqMessageContext.isPreIssueAccessTokenActionsExecuted()) { + lifetimeInMillis = tokenReqMessageContext.getValidityPeriod(); + if (log.isDebugEnabled()) { + log.debug("Access token life time is set from message context. Token Lifetime : " + lifetimeInMillis + + "ms."); + } + + return lifetimeInMillis; + } + + //todo: check if following is redundant and clean up accordingly. boolean isUserAccessTokenType = isUserAccessTokenType(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), tokenReqMessageContext); @@ -842,6 +857,22 @@ protected JWTClaimsSet handleCustomClaims(JWTClaimsSet.Builder jwtClaimsSetBuild OAuthTokenReqMessageContext tokenReqMessageContext) throws IdentityOAuth2Exception { + if (tokenReqMessageContext != null && tokenReqMessageContext.isPreIssueAccessTokenActionsExecuted()) { + Map customClaims = tokenReqMessageContext.getAdditionalAccessTokenClaims(); + + if (customClaims != null) { + if (log.isDebugEnabled()) { + log.debug( + "Pre issue access token actions are executed. Returning the customized claim set from actions. Claims: " + + customClaims.keySet()); + } + + customClaims.forEach(jwtClaimsSetBuilder::claim); + } + + return jwtClaimsSetBuilder.build(); + } + if (tokenReqMessageContext != null && tokenReqMessageContext.getOauth2AccessTokenReqDTO() != null && StringUtils.equals(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java index 4f1a55358a..95d8e17438 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java @@ -23,6 +23,9 @@ import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; import org.wso2.carbon.identity.oauth2.token.bindings.TokenBinding; +import java.sql.Timestamp; +import java.util.List; +import java.util.Map; import java.util.Properties; /** @@ -42,7 +45,7 @@ public class OAuthTokenReqMessageContext { private long refreshTokenvalidityPeriod = OAuthConstants.UNASSIGNED_VALIDITY_PERIOD; - private long accessTokenIssuedTime; + private Timestamp accessTokenIssuedTimestamp; private long refreshTokenIssuedTime; @@ -56,6 +59,12 @@ public class OAuthTokenReqMessageContext { private boolean isImpersonationRequest; + private boolean preIssueAccessTokenActionsExecuted; + + private List audiences; + + private Map additionalAccessTokenClaims; + public OAuthTokenReqMessageContext(OAuth2AccessTokenReqDTO oauth2AccessTokenReqDTO) { this.oauth2AccessTokenReqDTO = oauth2AccessTokenReqDTO; @@ -96,11 +105,19 @@ public void setTenantID(int tenantID) { this.tenantID = tenantID; } + /** + * Get the validity period of the token. + * @return validity period of the token in milliseconds + */ public long getValidityPeriod() { return validityPeriod; } + /** + * Set the validity period of the token. + * @param validityPeriod validity period of the token in milliseconds + */ public void setValidityPeriod(long validityPeriod) { this.validityPeriod = validityPeriod; @@ -128,12 +145,17 @@ public void setRefreshTokenvalidityPeriod(long refreshTokenvalidityPeriod) { public long getAccessTokenIssuedTime() { - return accessTokenIssuedTime; + return accessTokenIssuedTimestamp.getTime(); } public void setAccessTokenIssuedTime(long accessTokenIssuedTime) { - this.accessTokenIssuedTime = accessTokenIssuedTime; + accessTokenIssuedTimestamp = new Timestamp(accessTokenIssuedTime); + } + + public Timestamp getAccessTokenIssuedTimestamp() { + + return accessTokenIssuedTimestamp; } public long getRefreshTokenIssuedTime() { @@ -183,4 +205,34 @@ public void setImpersonationRequest(boolean impersonationRequest) { isImpersonationRequest = impersonationRequest; } + + public boolean isPreIssueAccessTokenActionsExecuted() { + + return preIssueAccessTokenActionsExecuted; + } + + public void setPreIssueAccessTokenActionsExecuted(boolean preIssueAccessTokenActionsExecuted) { + + this.preIssueAccessTokenActionsExecuted = preIssueAccessTokenActionsExecuted; + } + + public List getAudiences() { + + return audiences; + } + + public void setAudiences(List audiences) { + + this.audiences = audiences; + } + + public Map getAdditionalAccessTokenClaims() { + + return additionalAccessTokenClaims; + } + + public void setAdditionalAccessTokenClaims(Map additionalAccessTokenClaims) { + + this.additionalAccessTokenClaims = additionalAccessTokenClaims; + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java index 4fefb780b8..6a7eebaf3d 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java @@ -26,6 +26,8 @@ import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.apache.oltu.oauth2.common.message.types.GrantType; import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityConstants; @@ -68,9 +70,12 @@ import java.util.Arrays; import java.util.Collections; import java.util.Date; +import java.util.HashMap; import java.util.List; +import java.util.Map; import java.util.Set; import java.util.UUID; +import java.util.function.Consumer; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenBindings.NONE; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenStates.TOKEN_STATE_ACTIVE; @@ -429,12 +434,10 @@ private OAuth2AccessTokenRespDTO generateNewAccessToken(OAuthTokenReqMessageCont OauthTokenIssuer oauthTokenIssuer) throws IdentityOAuth2Exception { - OAuthAppDO oAuthAppBean = getoAuthApp(consumerKey); Timestamp timestamp = new Timestamp(new Date().getTime()); - long validityPeriodInMillis = getConfiguredExpiryTimeForApplication(tokReqMsgCtx, consumerKey, oAuthAppBean); - AccessTokenDO newTokenBean = createNewTokenBean(tokReqMsgCtx, oAuthAppBean, existingTokenBean, timestamp, - validityPeriodInMillis, oauthTokenIssuer); - setDetailsToMessageContext(tokReqMsgCtx, validityPeriodInMillis, newTokenBean, timestamp); + updateMessageContextToCreateNewToken(tokReqMsgCtx, consumerKey, existingTokenBean, timestamp); + executePreIssueAccessTokenActions(tokReqMsgCtx); + AccessTokenDO newTokenBean = createNewTokenBean(tokReqMsgCtx, existingTokenBean, oauthTokenIssuer); /* Check whether the existing token needs to be expired and send the corresponding parameters to the persistAccessTokenInDB method. */ @@ -451,9 +454,36 @@ private OAuth2AccessTokenRespDTO generateNewAccessToken(OAuthTokenReqMessageCont // Update cache with newly added token. updateCacheIfEnabled(newTokenBean, OAuth2Util.buildScopeString(tokReqMsgCtx.getScope()), oauthTokenIssuer); - return createResponseWithTokenBean(newTokenBean, validityPeriodInMillis, scope); + return createResponseWithTokenBean(newTokenBean, newTokenBean.getValidityPeriodInMillis(), scope); } + private void executePreIssueAccessTokenActions(OAuthTokenReqMessageContext tokenReqMessageContext) + throws IdentityOAuth2Exception { + + //todo: read from Action Management Service and check if there are actions to engage + boolean preIssueAccessTokenActionAvailable = true; + + OAuthAppDO oAuthAppBean = getoAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); + + if (preIssueAccessTokenActionAvailable && "JWT".equals(oAuthAppBean.getTokenType())) { + + Map additionalProperties = new HashMap<>(); + Consumer> mapInitializer = map -> { + map.put("tokenMessageContext", tokenReqMessageContext); + }; + mapInitializer.accept(additionalProperties); + + try { + OAuthComponentServiceHolder.getInstance().getActionExecutorService() + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties); + } catch (ActionExecutionException e) { + // If error ignore and proceed + log.error("Error while executing pre issue access token action", e); + } + } + } + + private boolean isExistingTokenValid(AccessTokenDO existingTokenBean, long expireTime) { if (TOKEN_STATE_ACTIVE.equals(existingTokenBean.getTokenState()) && expireTime != 0) { @@ -472,10 +502,11 @@ private boolean isExistingTokenValid(AccessTokenDO existingTokenBean, long expir return false; } - private AccessTokenDO createNewTokenBean(OAuthTokenReqMessageContext tokReqMsgCtx, OAuthAppDO oAuthAppBean, - AccessTokenDO existingTokenBean, Timestamp timestamp, long validityPeriodInMillis, - OauthTokenIssuer oauthTokenIssuer) throws IdentityOAuth2Exception { + private AccessTokenDO createNewTokenBean(OAuthTokenReqMessageContext tokReqMsgCtx, AccessTokenDO existingTokenBean, + OauthTokenIssuer oauthTokenIssuer) throws IdentityOAuth2Exception { + String tenantDomain = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getTenantDomain(); + OAuth2AccessTokenReqDTO tokenReq = tokReqMsgCtx.getOauth2AccessTokenReqDTO(); validateGrantTypeParam(tokenReq); @@ -488,49 +519,63 @@ private AccessTokenDO createNewTokenBean(OAuthTokenReqMessageContext tokReqMsgCt newTokenBean.setTokenId(UUID.randomUUID().toString()); newTokenBean.setGrantType(tokenReq.getGrantType()); newTokenBean.setAppResidentTenantId(IdentityTenantUtil.getLoginTenantId()); + newTokenBean.setIsConsentedToken(tokReqMsgCtx.isConsentedToken()); + newTokenBean.setTokenType(getTokenType(tokReqMsgCtx)); + newTokenBean.setIssuedTime(tokReqMsgCtx.getAccessTokenIssuedTimestamp()); + newTokenBean.setAccessToken(getNewAccessToken(tokReqMsgCtx, oauthTokenIssuer)); + newTokenBean.setValidityPeriodInMillis(tokReqMsgCtx.getValidityPeriod()); + newTokenBean.setValidityPeriod(tokReqMsgCtx.getValidityPeriod() / SECONDS_TO_MILISECONDS_FACTOR); + newTokenBean.setTokenBinding(tokReqMsgCtx.getTokenBinding()); + newTokenBean.setAccessTokenExtendedAttributes(tokenReq.getAccessTokenExtendedAttributes()); + setRefreshTokenDetails(tokReqMsgCtx, existingTokenBean, newTokenBean, oauthTokenIssuer); + + return newTokenBean; + } + + private void updateMessageContextToCreateNewToken(OAuthTokenReqMessageContext tokReqMsgCtx, String consumerKey, + AccessTokenDO existingTokenBean, Timestamp timestamp) + throws IdentityOAuth2Exception { + /* If the existing token is available, the consented token flag will be extracted from that. Otherwise, from the current grant. */ if (OAuth2ServiceComponentHolder.isConsentedTokenColumnEnabled()) { if (existingTokenBean != null) { - newTokenBean.setIsConsentedToken(existingTokenBean.isConsentedToken()); + tokReqMsgCtx.setConsentedToken(existingTokenBean.isConsentedToken()); } else { - if (OIDCClaimUtil.isConsentBasedClaimFilteringApplicable(tokenReq.getGrantType())) { - newTokenBean.setIsConsentedToken(true); + if (OIDCClaimUtil.isConsentBasedClaimFilteringApplicable( + tokReqMsgCtx.getOauth2AccessTokenReqDTO().getGrantType())) { + tokReqMsgCtx.setConsentedToken(true); } } - tokReqMsgCtx.setConsentedToken(newTokenBean.isConsentedToken()); } - newTokenBean.setTokenType(getTokenType(tokReqMsgCtx)); - newTokenBean.setIssuedTime(timestamp); - newTokenBean.setAccessToken(getNewAccessToken(tokReqMsgCtx, oauthTokenIssuer)); - newTokenBean.setValidityPeriodInMillis(validityPeriodInMillis); - newTokenBean.setValidityPeriod(validityPeriodInMillis / SECONDS_TO_MILISECONDS_FACTOR); - newTokenBean.setTokenBinding(tokReqMsgCtx.getTokenBinding()); - newTokenBean.setAccessTokenExtendedAttributes(tokenReq.getAccessTokenExtendedAttributes()); - setRefreshTokenDetails(tokReqMsgCtx, oAuthAppBean, existingTokenBean, timestamp, validityPeriodInMillis, - tokenReq, newTokenBean, oauthTokenIssuer); - return newTokenBean; + OAuthAppDO oAuthAppBean = getoAuthApp(consumerKey); + long validityPeriodInMillis = getConfiguredExpiryTimeForApplication(tokReqMsgCtx, consumerKey, oAuthAppBean); + tokReqMsgCtx.setValidityPeriod(validityPeriodInMillis); + tokReqMsgCtx.setAccessTokenIssuedTime(timestamp.getTime()); + tokReqMsgCtx.setAudiences(OAuth2Util.getOIDCAudience(consumerKey, oAuthAppBean)); + + updateRefreshTokenValidityPeriodInMessageContext(oAuthAppBean, tokReqMsgCtx); } - private void setRefreshTokenDetails(OAuthTokenReqMessageContext tokReqMsgCtx, OAuthAppDO oAuthAppBean, - AccessTokenDO existingTokenBean, Timestamp timestamp, long validityPeriodInMillis, - OAuth2AccessTokenReqDTO tokenReq, AccessTokenDO newTokenBean, OauthTokenIssuer oauthTokenIssuer) + private void setRefreshTokenDetails(OAuthTokenReqMessageContext tokReqMsgCtx, AccessTokenDO existingTokenBean, + AccessTokenDO newTokenBean, OauthTokenIssuer oauthTokenIssuer) throws IdentityOAuth2Exception { - boolean isExtendedToken = newTokenBean.getAccessTokenExtendedAttributes() != null && - newTokenBean.getAccessTokenExtendedAttributes().getRefreshTokenValidityPeriod() > + OAuth2AccessTokenReqDTO tokenReq = tokReqMsgCtx.getOauth2AccessTokenReqDTO(); + boolean isExtendedToken = tokenReq.getAccessTokenExtendedAttributes() != null && + tokenReq.getAccessTokenExtendedAttributes().getRefreshTokenValidityPeriod() > EXTENDED_REFRESH_TOKEN_DEFAULT_TIME; /* Check whether the token renewal per request configuration is configured and the validation of the refresh token. If the token renewal per request configuration is enabled, renew the refresh token as well. */ - if (!isTokenRenewalPerRequestConfigured() && isRefreshTokenValid(existingTokenBean, validityPeriodInMillis, - tokenReq.getClientId()) && !isExtendedToken) { + if (!isTokenRenewalPerRequestConfigured() && + isRefreshTokenValid(existingTokenBean, tokReqMsgCtx.getValidityPeriod(), + tokenReq.getClientId()) && !isExtendedToken) { setRefreshTokenDetailsFromExistingToken(existingTokenBean, newTokenBean); } else { // no valid refresh token found in existing Token - newTokenBean.setRefreshTokenIssuedTime(timestamp); + newTokenBean.setRefreshTokenIssuedTime(tokReqMsgCtx.getAccessTokenIssuedTimestamp()); // Set refresh token validity period. - newTokenBean.setRefreshTokenValidityPeriodInMillis( - getRefreshTokenValidityPeriod(tokenReq.getClientId(), oAuthAppBean, tokReqMsgCtx)); + newTokenBean.setRefreshTokenValidityPeriodInMillis(tokReqMsgCtx.getRefreshTokenvalidityPeriod()); newTokenBean.setRefreshToken(getRefreshToken(tokReqMsgCtx, oauthTokenIssuer)); } } @@ -616,23 +661,6 @@ private void updateCacheIfEnabled(AccessTokenDO newTokenBean, String scope, Oaut } } - private void setDetailsToMessageContext(OAuthTokenReqMessageContext tokReqMsgCtx, long validityPeriodInMillis, - AccessTokenDO newTokenBean, Timestamp timestamp) { - // set the validity period. this is needed by downstream handlers. - // if this is set before - then this will override it by the calculated new value. - tokReqMsgCtx.setValidityPeriod(validityPeriodInMillis); - - // set the refresh token validity period. this is needed by downstream handlers. - // if this is set before - then this will override it by the calculated new value. - tokReqMsgCtx.setRefreshTokenvalidityPeriod(newTokenBean.getRefreshTokenValidityPeriodInMillis()); - - // set access token issued time.this is needed by downstream handlers. - tokReqMsgCtx.setAccessTokenIssuedTime(timestamp.getTime()); - - // set refresh token issued time.this is needed by downstream handlers. - tokReqMsgCtx.setRefreshTokenIssuedTime(newTokenBean.getRefreshTokenIssuedTime().getTime()); - } - private String getNewAccessToken(OAuthTokenReqMessageContext tokReqMsgCtx, OauthTokenIssuer oauthTokenIssuer) throws IdentityOAuth2Exception { try { @@ -678,15 +706,14 @@ private void validateGrantTypeParam(OAuth2AccessTokenReqDTO tokenReq) throws Ide } } - private long getRefreshTokenValidityPeriod(String consumerKey, OAuthAppDO oAuthAppBean, - OAuthTokenReqMessageContext tokReqMsgCtx) { + private void updateRefreshTokenValidityPeriodInMessageContext(OAuthAppDO oAuthAppBean, + OAuthTokenReqMessageContext tokReqMsgCtx) { + long refreshTokenValidityPeriodInMillis; long validityPeriodFromMsgContext = tokReqMsgCtx.getRefreshTokenvalidityPeriod(); - if (validityPeriodFromMsgContext != OAuthConstants.UNASSIGNED_VALIDITY_PERIOD - && validityPeriodFromMsgContext > 0) { - refreshTokenValidityPeriodInMillis = validityPeriodFromMsgContext * - SECONDS_TO_MILISECONDS_FACTOR; + if (validityPeriodFromMsgContext > 0) { + refreshTokenValidityPeriodInMillis = validityPeriodFromMsgContext * SECONDS_TO_MILISECONDS_FACTOR; if (log.isDebugEnabled()) { log.debug("OAuth application id : " + oAuthAppBean.getOauthConsumerKey() + ", using refresh token " + "validity period configured from OAuthTokenReqMessageContext: " + @@ -696,14 +723,15 @@ private long getRefreshTokenValidityPeriod(String consumerKey, OAuthAppDO oAuthA refreshTokenValidityPeriodInMillis = oAuthAppBean.getRefreshTokenExpiryTime() * SECONDS_TO_MILISECONDS_FACTOR; if (log.isDebugEnabled()) { - log.debug("OAuth application id : " + consumerKey + ", refresh token validity time " + - refreshTokenValidityPeriodInMillis + "ms"); + log.debug("OAuth application id : " + oAuthAppBean.getOauthConsumerKey() + + ", refresh token validity time " + refreshTokenValidityPeriodInMillis + "ms"); } } else { refreshTokenValidityPeriodInMillis = OAuthServerConfiguration.getInstance() .getRefreshTokenValidityPeriodInSeconds() * SECONDS_TO_MILISECONDS_FACTOR; } - return refreshTokenValidityPeriodInMillis; + + tokReqMsgCtx.setRefreshTokenvalidityPeriod(refreshTokenValidityPeriodInMillis); } private void addTokenToCache(OAuthCacheKey cacheKey, AccessTokenDO existingAccessTokenDO) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java index 8a2752997c..ae4ea5c442 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java @@ -24,6 +24,8 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.core.util.IdentityUtil; @@ -37,6 +39,7 @@ import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.dao.OAuthAppDO; +import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth.tokenprocessor.RefreshTokenGrantProcessor; import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; @@ -55,9 +58,12 @@ import java.sql.Timestamp; import java.util.Arrays; +import java.util.HashMap; import java.util.List; +import java.util.Map; import java.util.Optional; import java.util.concurrent.TimeUnit; +import java.util.function.Consumer; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -109,11 +115,13 @@ public OAuth2AccessTokenRespDTO issue(OAuthTokenReqMessageContext tokReqMsgCtx) // context property. RefreshTokenValidationDataDO validationBean = (RefreshTokenValidationDataDO) tokReqMsgCtx .getProperty(PREV_ACCESS_TOKEN); - if (isRefreshTokenExpired(validationBean)) { return handleError(OAuth2ErrorCodes.INVALID_GRANT, "Refresh token is expired.", tokenReq); } + tokReqMsgCtx.setValidityPeriod(validationBean.getAccessTokenValidityInMillis()); + + executePreIssueAccessTokenActions(validationBean,tokReqMsgCtx); AccessTokenDO accessTokenBean = getRefreshTokenGrantProcessor() .createAccessTokenBean(tokReqMsgCtx, tokenReq, validationBean, getTokenType(tokReqMsgCtx)); @@ -667,6 +675,56 @@ private static void addUserAttributesToCache(AccessTokenDO accessTokenBean, } } + private void executePreIssueAccessTokenActions(RefreshTokenValidationDataDO refreshTokenValidationDataDO, + OAuthTokenReqMessageContext tokenReqMessageContext) + throws IdentityOAuth2Exception { + + //todo: read from Action Management Service and check if there are actions to engage + boolean preIssueAccessTokenActionAvailable = true; + + OAuthAppDO oAuthAppBean = getOAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); + + if (preIssueAccessTokenActionAvailable && "JWT".equals(oAuthAppBean.getTokenType())) { + + setCustomizedAccessTokenAttributesToMessageContext(refreshTokenValidationDataDO, tokenReqMessageContext); + + Map additionalProperties = new HashMap<>(); + Consumer> mapInitializer = map -> { + map.put("tokenMessageContext", tokenReqMessageContext); + }; + mapInitializer.accept(additionalProperties); + + try { + OAuthComponentServiceHolder.getInstance().getActionExecutorService() + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties); + } catch (ActionExecutionException e) { + // If error ignore and proceed + log.error("Error while executing pre issue access token action", e); + } + } + } + + private void setCustomizedAccessTokenAttributesToMessageContext(RefreshTokenValidationDataDO refreshTokenData, + OAuthTokenReqMessageContext tokenRequestContext) { + + AuthorizationGrantCacheKey grantCacheKey = new AuthorizationGrantCacheKey(refreshTokenData.getTokenId()); + AuthorizationGrantCacheEntry grantCacheEntry = AuthorizationGrantCache.getInstance() + .getValueFromCacheByTokenId(grantCacheKey, refreshTokenData.getTokenId()); + + if (grantCacheEntry != null && grantCacheEntry.isPreIssueAccessTokenActionsExecuted()) { + tokenRequestContext.setPreIssueAccessTokenActionsExecuted(true); + tokenRequestContext.setAdditionalAccessTokenClaims(grantCacheEntry.getCustomClaims()); + tokenRequestContext.setAudiences(grantCacheEntry.getAudiences()); + if (log.isDebugEnabled()) { + log.debug(String.format( + "Updated OAuthTokenReqMessageContext with customized audience list and access token attributes in the AuthorizationGrantCache for token id: %s.", + refreshTokenData.getTokenId())); + } + + AuthorizationGrantCache.getInstance().clearCacheEntryByToken(grantCacheKey); + } + } + private boolean isRenewRefreshToken(String renewRefreshToken) { if (StringUtils.isNotBlank(renewRefreshToken)) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java index a7d1f2cc63..34553b1fd3 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java @@ -334,6 +334,8 @@ public class OAuth2Util { */ public static final String FIDP_ROLE_BASED_AUTHZ_APP_CONFIG = "FIdPRoleBasedAuthzApplications.AppName"; + private static final String ENABLE_PPID_FOR_ACCESS_TOKENS = "OAuth.OpenIDConnect.EnablePairwiseSubForAccessToken"; + private static final String INBOUND_AUTH2_TYPE = "oauth2"; private static final Log log = LogFactory.getLog(OAuth2Util.class); private static final Log diagnosticLog = LogFactory.getLog("diagnostics"); @@ -5428,4 +5430,9 @@ public static String getUserResidentTenantDomain(AuthenticatedUser authenticated authenticatedUser.getUserResidentOrganization(), e); } } + + public static boolean isPairwiseSubEnabledForAccessTokens() { + + return Boolean.parseBoolean(IdentityUtil.getProperty(ENABLE_PPID_FOR_ACCESS_TOKENS)); + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCClaimUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCClaimUtil.java index 46eb0641dc..c3a7663904 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCClaimUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCClaimUtil.java @@ -288,7 +288,7 @@ private static boolean isUserConsentRequiredForClaims(String grantType) { * @return subject type */ - private static SubjectType getSubjectType(OAuthAppDO authAppDO) { + public static SubjectType getSubjectType(OAuthAppDO authAppDO) { if (StringUtils.isNotEmpty(authAppDO.getSubjectType())) { return SubjectType.fromValue(authAppDO.getSubjectType()); diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuerTest.java index 44a1f4b448..ac00f11b12 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuerTest.java @@ -318,6 +318,7 @@ public Object[][] provideClaimSetData() { cal.add(Calendar.HOUR_OF_DAY, 1); // adds one hour tokenReqMessageContext.addProperty(EXPIRY_TIME_JWT, cal.getTime()); tokenReqMessageContext.addProperty(OAuthConstants.UserType.USER_TYPE, OAuthConstants.UserType.APPLICATION); + tokenReqMessageContext.setAudiences(Collections.singletonList(DUMMY_CLIENT_ID)); authenticatedUserForTokenReq.setFederatedUser(false); return new Object[][]{ @@ -372,6 +373,7 @@ public void testCreateJWTClaimSet(Object authzReqMessageContext, oAuth2Util.when(() -> OAuth2Util.getOIDCAudience(anyString(), any())).thenReturn(Collections.singletonList (DUMMY_CLIENT_ID)); oAuth2Util.when(OAuth2Util::isTokenPersistenceEnabled).thenReturn(true); + oAuth2Util.when(OAuth2Util::isPairwiseSubEnabledForAccessTokens).thenReturn(ppidEnabled); when(mockOAuthServerConfiguration.getSignatureAlgorithm()).thenReturn(SHA256_WITH_HMAC); when(mockOAuthServerConfiguration.getUserAccessTokenValidityPeriodInSeconds()) @@ -381,8 +383,6 @@ public void testCreateJWTClaimSet(Object authzReqMessageContext, JWTTokenIssuer jwtTokenIssuer = spy(new JWTTokenIssuer()); - identityUtil.when(() -> IdentityUtil.getProperty("OAuth.OpenIDConnect.EnablePairwiseSubForAccessToken")) - .thenReturn(String.valueOf(ppidEnabled)); JWTClaimsSet jwtClaimSet = jwtTokenIssuer.createJWTClaimSet( (OAuthAuthzReqMessageContext) authzReqMessageContext, diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java index 4ed73470f9..b07fb83118 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java @@ -18,10 +18,16 @@ package org.wso2.carbon.identity.oauth2.token.handlers.grant; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; +import org.wso2.carbon.identity.actions.ActionExecutorService; +import org.wso2.carbon.identity.actions.ActionType; +import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityException; import org.wso2.carbon.identity.common.testng.WithCarbonHome; @@ -52,7 +58,10 @@ import java.util.Set; import java.util.UUID; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyMap; import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertNotNull; import static org.testng.Assert.assertTrue; @@ -64,10 +73,11 @@ files = {"dbScripts/identity.sql", "dbScripts/insert_application_and_token.sql", "dbScripts/insert_consumer_app.sql", "dbScripts/insert_local_idp.sql"}) @WithRealmService(injectToSingletons = { OAuthComponentServiceHolder.class }) - public class AbstractAuthorizationGrantHandlerTest { private AbstractAuthorizationGrantHandler handler; + @Mock + private ActionExecutorService mockActionExecutionService; private RefreshGrantHandler refreshGrantHandler; private AuthenticatedUser authenticatedUser; @@ -82,11 +92,17 @@ public class AbstractAuthorizationGrantHandlerTest { private OAuthAppDO oAuthAppDO; @BeforeMethod - public void setUp() throws IdentityOAuth2Exception, IdentityOAuthAdminException { + public void setUp() throws IdentityOAuth2Exception, IdentityOAuthAdminException, ActionExecutionException { authenticatedUser = new AuthenticatedUser() { }; OAuthComponentServiceHolder.getInstance().setRealmService(IdentityTenantUtil.getRealmService()); + + OAuthComponentServiceHolder.getInstance().setActionExecutorService(mockActionExecutionService); + MockitoAnnotations.initMocks(this); + when(mockActionExecutionService.execute(any(ActionType.class), anyMap())).thenReturn( + new ActionExecutionResponse()); + authenticatedUser.setUserName("randomUser"); authenticatedUser.setTenantDomain("Homeless"); authenticatedUser.setUserStoreDomain("Street"); From 18fecba3ec04e6e3ce2c590be32bc11c038cc291 Mon Sep 17 00:00:00 2001 From: malithie Date: Tue, 23 Jul 2024 09:38:12 +0530 Subject: [PATCH 57/90] Update pre issue access token extension to use core module. --- .../org.wso2.carbon.identity.oauth/pom.xml | 4 + .../carbon/identity/actions/APIClient.java | 99 -------------- .../ActionExecutionRequestBuilder.java | 34 ----- .../ActionExecutionRequestBuilderFactory.java | 47 ------- .../ActionExecutionResponseProcessor.java | 34 ----- ...tionExecutionResponseProcessorFactory.java | 45 ------ .../actions/ActionExecutorService.java | 31 ----- .../actions/ActionExecutorServiceImpl.java | 107 --------------- .../carbon/identity/actions/ActionType.java | 27 ---- .../exception/ActionExecutionException.java | 33 ----- .../actions/model/ActionExecutionRequest.java | 129 ------------------ .../model/ActionExecutionResponse.java | 50 ------- .../actions/model/ActionExecutionStatus.java | 41 ------ .../actions/model/AllowedOperation.java | 52 ------- .../identity/actions/model/Application.java | 45 ------ .../carbon/identity/actions/model/Event.java | 52 ------- .../identity/actions/model/Operation.java | 23 ---- .../identity/actions/model/Organization.java | 45 ------ .../actions/model/PerformableOperation.java | 56 -------- .../identity/actions/model/Request.java | 41 ------ .../carbon/identity/actions/model/Tenant.java | 42 ------ .../carbon/identity/actions/model/User.java | 39 ------ .../identity/actions/model/UserStore.java | 52 ------- .../actions/util/OperationComparator.java | 45 ------ .../action/PreIssueAccessTokenProcessor.java | 64 +++++---- .../PreIssueAccessTokenRequestBuilder.java | 40 +++--- .../model/PreIssueAccessTokenEvent.java | 12 +- .../oauth/action/model/TokenRequest.java | 6 +- .../internal/OAuthComponentServiceHolder.java | 76 ++++++----- .../oauth/internal/OAuthServiceComponent.java | 45 ++++-- .../internal/OAuth2ServiceComponent.java | 15 +- .../AbstractAuthorizationGrantHandler.java | 15 +- .../handlers/grant/RefreshGrantHandler.java | 8 +- ...AbstractAuthorizationGrantHandlerTest.java | 12 +- pom.xml | 6 + 35 files changed, 174 insertions(+), 1298 deletions(-) delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java delete mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 1e88799f2e..3641bfb4b7 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -107,6 +107,10 @@ org.wso2.orbit.org.opensaml opensaml + + org.wso2.carbon.identity.framework + org.wso2.carbon.identity.action.execution + org.wso2.carbon.identity.framework org.wso2.carbon.identity.event diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java deleted file mode 100644 index f46006f9c0..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/APIClient.java +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.databind.ObjectMapper; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.http.HttpEntity; -import org.apache.http.client.config.RequestConfig; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.entity.StringEntity; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.util.EntityUtils; -import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; - -/** - * APIClient. - */ -public class APIClient { - - private static final Log log = LogFactory.getLog(APIClient.class); - private final CloseableHttpClient httpClient; - private final int connectionTimeout = 2000; - private final int connectionRequestTimeout = 2000; - private final int readTimeout = 5000; - - public APIClient() { - // Initialize the http client. Set connection time out to 2s and read time out to 5s. - RequestConfig config = RequestConfig.custom() - .setConnectTimeout(connectionTimeout) - .setConnectionRequestTimeout(connectionRequestTimeout) - .setSocketTimeout(readTimeout) - .setRedirectsEnabled(false) - .setRelativeRedirectsAllowed(false) - .build(); - httpClient = HttpClientBuilder.create().setDefaultRequestConfig(config).build(); - } - - public ActionExecutionResponse callAPI(String url, ActionExecutionRequest request) { - - try { - // Create a HttpPost request - HttpPost httpPost = new HttpPost(url); - - // Convert the ActionInvocationRequest object to JSON string - ObjectMapper requestObjectmapper = new ObjectMapper(); - requestObjectmapper.setSerializationInclusion(JsonInclude.Include.NON_NULL); - requestObjectmapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY); - - String jsonRequest = requestObjectmapper.writeValueAsString(request); - - log.info("=== Action Request: \n" + jsonRequest); - - // Set the JSON string as the request body - StringEntity entity = new StringEntity(jsonRequest); - httpPost.setEntity(entity); - httpPost.setHeader("Accept", "application/json"); - httpPost.setHeader("Content-type", "application/json"); - - // Execute the request and get the response - CloseableHttpResponse response = httpClient.execute(httpPost); - - // Extract the JSON string from the response - HttpEntity responseEntity = response.getEntity(); - String jsonResponse = EntityUtils.toString(responseEntity); - - ObjectMapper objectMapper = new ObjectMapper(); - ActionExecutionResponse actionExecutionResponse = - objectMapper.readValue(jsonResponse, ActionExecutionResponse.class); - - return actionExecutionResponse; - } catch (Exception e) { - log.error("Failed to invoke the http endpoint: " + url, e); - - return null; - } - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java deleted file mode 100644 index 19654c9de2..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilder.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; - -import java.util.Map; - -/** - * ActionInvocationRequestBuilder. - */ -public interface ActionExecutionRequestBuilder { - - ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, Map eventContext) throws - ActionExecutionException; - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java deleted file mode 100644 index 05fa080eb6..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionRequestBuilderFactory.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; - -import java.util.HashMap; -import java.util.Map; - -/** - * ActionInvocationRequestBuilderFactory. - */ -public class ActionExecutionRequestBuilderFactory { - - private static final Map actionInvocationRequestBuilders = new HashMap<>(); - - public static ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, - Map eventContext) - throws ActionExecutionException { - - return actionInvocationRequestBuilders.get(actionType).buildActionInvocationRequest(actionType, eventContext); - } - - public static void registerActionInvocationRequestBuilder(ActionType actionType, - ActionExecutionRequestBuilder actionExecutionRequestBuilder) { - - actionInvocationRequestBuilders.put(actionType, actionExecutionRequestBuilder); - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java deleted file mode 100644 index bbe7b0001d..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessor.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionStatus; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; -import org.wso2.carbon.identity.actions.model.Event; - -import java.util.Map; - -public interface ActionExecutionResponseProcessor { - - ActionExecutionStatus processResponse(ActionType actionType, Map eventContext, Event actionEvent, - ActionExecutionResponse actionExecutionResponse) throws - ActionExecutionException; - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java deleted file mode 100644 index 3123584172..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutionResponseProcessorFactory.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import java.util.HashMap; -import java.util.Map; - -public class ActionExecutionResponseProcessorFactory { - - private static final Map actionInvocationResponseProcessors = - new HashMap<>(); - - public static ActionExecutionResponseProcessor getActionInvocationResponseProcessor(ActionType actionType) { - - switch (actionType) { - case PRE_ISSUE_ACCESS_TOKEN: - return actionInvocationResponseProcessors.get(ActionType.PRE_ISSUE_ACCESS_TOKEN); - default: - return null; - } - } - - public static void registerActionInvocationResponseProcessor(ActionType actionType, - ActionExecutionResponseProcessor actionExecutionResponseProcessor) { - - actionInvocationResponseProcessors.put(actionType, actionExecutionResponseProcessor); - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java deleted file mode 100644 index 2ddc405aa7..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorService.java +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; - -import java.util.Map; - -public interface ActionExecutorService { - - ActionExecutionResponse execute(ActionType actionType, Map eventContext) throws - ActionExecutionException; - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java deleted file mode 100644 index db9c12bb69..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionExecutorServiceImpl.java +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; -import org.wso2.carbon.identity.actions.model.AllowedOperation; -import org.wso2.carbon.identity.actions.model.PerformableOperation; -import org.wso2.carbon.identity.actions.util.OperationComparator; -import org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer; - -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -/** - * ActionInvocationService. - */ - -public class ActionExecutorServiceImpl implements ActionExecutorService { - - private static final Log log = LogFactory.getLog(ActionExecutorServiceImpl.class); - - private static final ActionExecutorServiceImpl instance = new ActionExecutorServiceImpl(); - private final APIClient apiClient; - - private ActionExecutorServiceImpl() { - - apiClient = new APIClient(); - } - - public static ActionExecutorServiceImpl getInstance() { - - return instance; - } - - public ActionExecutionResponse execute(ActionType actionType, Map eventContext) throws - ActionExecutionException { - - ActionExecutionRequest request = - ActionExecutionRequestBuilderFactory.buildActionInvocationRequest(actionType, eventContext); - - ActionExecutionResponse response = - apiClient.callAPI("https://mpd07d9c71841be2961c.free.beeceptor.com/anymock/pre-issue-access-token", request); - - ObjectMapper objectMapper = new ObjectMapper(); - try { - String jsonResponse = objectMapper.writeValueAsString(response); - log.info("=== Action Response: \n" + jsonResponse); - } catch (JsonProcessingException e) { - throw new RuntimeException(e); - } - - List allowedPerformableOperations = validatePerformableOperations(request, response); - response.setOperations(allowedPerformableOperations); - - ActionExecutionResponseProcessorFactory.getActionInvocationResponseProcessor(actionType) - .processResponse(actionType, eventContext, request.getEvent(), response); - - return response; - } - - // implement a method to validate if the paths of PerformableOperations in ActionInvocationResponse matches with paths of allowedOperations on ActionInvocationRequest. - private List validatePerformableOperations(ActionExecutionRequest request, - ActionExecutionResponse response) { - - List allowedOperations = request.getAllowedOperations(); - - List allowedPerformableOperations = response.getOperations().stream() - .filter(performableOperation -> allowedOperations.stream() - .anyMatch(allowedOperation -> OperationComparator.compare(allowedOperation, - performableOperation))) - .collect(Collectors.toList()); - - response.getOperations().forEach(operation -> { - if (allowedPerformableOperations.contains(operation)) { - log.info("==== Operation " + operation.getOp() + " with path " + operation.getPath() + " is allowed."); - } else { - log.info("==== Operation " + operation.getOp() + " with path " + operation.getPath() + - " is not allowed."); - } - }); - - return allowedPerformableOperations; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java deleted file mode 100644 index bdf7285481..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/ActionType.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions; - -/** - * Action Type. - */ -public enum ActionType { - PRE_ISSUE_ACCESS_TOKEN, - POST_ISSUE_ACCESS_TOKEN, -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java deleted file mode 100644 index 32443f4a4a..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/exception/ActionExecutionException.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.exception; - -public class ActionExecutionException extends Exception { - - public ActionExecutionException(String message) { - - super(message); - } - - public ActionExecutionException(String message, Throwable cause) { - - super(message, cause); - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java deleted file mode 100644 index eb44512af8..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionRequest.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import org.apache.commons.lang.StringUtils; -import org.slf4j.MDC; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; - -import java.util.List; - -/** - * Action Invocation Request. - */ -public class ActionExecutionRequest { - - private final ActionType actionType; - private final String flowId; - private final Event event; - private final List allowedOperations; - - public ActionExecutionRequest(Builder builder) { - - this.actionType = builder.actionType; - this.flowId = builder.flowId; - this.event = builder.event; - this.allowedOperations = builder.allowedOperations; - } - - // todo: read from a util class - private static String getCorrelationId() { - - String ref; - if (isCorrelationIDPresent()) { - ref = MDC.get(FrameworkUtils.CORRELATION_ID_MDC); - } else { -// if (log.isDebugEnabled()) { -// log.debug("Correlation id is not present in the log MDC."); -// } - ref = StringUtils.EMPTY; - } - return ref; - } - - // todo: read from a util class - private static boolean isCorrelationIDPresent() { - - return MDC.get(FrameworkUtils.CORRELATION_ID_MDC) != null; - } - - public ActionType getActionType() { - - return actionType; - } - - public String getFlowId() { - - return flowId; - } - - public String getRequestId() { - - return getCorrelationId(); - } - - public Event getEvent() { - - return event; - } - - public List getAllowedOperations() { - - return allowedOperations; - } - - public static class Builder { - - private ActionType actionType; - private String flowId; - private Event event; - private List allowedOperations; - - public Builder actionType(ActionType actionType) { - - this.actionType = actionType; - return this; - } - - public Builder flowId(String flowId) { - - this.flowId = flowId; - return this; - } - - public Builder event(Event event) { - - this.event = event; - return this; - } - - public Builder allowedOperations(List allowedOperations) { - - this.allowedOperations = allowedOperations; - return this; - } - - public ActionExecutionRequest build() { - - return new ActionExecutionRequest(this); - } - } -} - diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java deleted file mode 100644 index 88a8ba4b2d..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionResponse.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import java.util.List; - -/** - * Action Invocation Response. - */ -public class ActionExecutionResponse { - - private String actionStatus; - private List operations; - - public String getActionStatus() { - - return actionStatus; - } - - public void setActionStatus(String actionStatus) { - - this.actionStatus = actionStatus; - } - - public List getOperations() { - - return operations; - } - - public void setOperations(List operations) { - - this.operations = operations; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java deleted file mode 100644 index be1a647d73..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/ActionExecutionStatus.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import java.util.Map; - -public class ActionExecutionStatus { - - public enum Status { - SUCCESS, - FAILURE, - INCOMPLETE, - ERROR - } - - private Status status; - - private Map responseContext; - - public ActionExecutionStatus(Status status, Map responseContext) { - - this.status = status; - this.responseContext = responseContext; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java deleted file mode 100644 index 6276bc8c78..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/AllowedOperation.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import java.util.List; - -/** - * Operation. - */ - -public class AllowedOperation { - - String op; - - List paths; - - public void setOp(String op) { - - this.op = op; - } - - public String getOp() { - - return op; - } - - public List getPaths() { - - return paths; - } - - public void setPaths(List paths) { - - this.paths = paths; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java deleted file mode 100644 index df0637b495..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Application.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -public class Application { - - String id; - String name; - - public String getId() { - - return id; - } - - public void setId(String id) { - - this.id = id; - } - - public String getName() { - - return name; - } - - public void setName(String name) { - - this.name = name; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java deleted file mode 100644 index f9f54a6e12..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Event.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -/** - * Action Invocation Response. - */ -public abstract class Event { - - protected Request request; - protected Tenant tenant; - protected Organization organization; - protected User user; - protected UserStore userStore; - public Tenant getTenant() { - - return tenant; - } - public Organization getOrganization() { - - return organization; - } - public Request getRequest() { - - return request; - } - public User getUser() { - - return user; - } - - public UserStore getUserStore() { - - return userStore; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java deleted file mode 100644 index 6302874a4f..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Operation.java +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -public interface Operation { - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java deleted file mode 100644 index 607c04737a..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Organization.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -/** - * Organization. - */ -public class Organization { - - private String id; - - private String name; - - public Organization(String id, String name) { - - this.id = id; - this.name = name; - } - - public String getId() { - - return id; - } - - public String getName() { - - return name; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java deleted file mode 100644 index c46ae7bb16..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/PerformableOperation.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -public class PerformableOperation { - - private String op; - private String path; - private Object value; - - public String getOp() { - - return op; - } - - public void setOp(String op) { - - this.op = op; - } - - public String getPath() { - - return path; - } - - public void setPath(String path) { - - this.path = path; - } - - public Object getValue() { - - return value; - } - - public void setValue(Object value) { - - this.value = value; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java deleted file mode 100644 index ec9f3b2a80..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Request.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import java.util.Collections; -import java.util.Map; - -public class Request { - - protected Map additionalHeaders; - protected Map additionalParams; - - // implement a method to get additional headers - public Map getAdditionalHeaders() { - - return additionalHeaders != null ? additionalHeaders : Collections.emptyMap(); - } - - // implement a method to get additional params - public Map getAdditionalParams() { - - return additionalParams != null ? additionalParams : Collections.emptyMap(); - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java deleted file mode 100644 index ecafe880df..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/Tenant.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -/** - * Tenant. - */ -public class Tenant { - - private String id; - private String name; - public Tenant(String id, String name) { - this.id = id; - this.name = name; - } - - public String getId() { - - return id; - } - - public String getName() { - - return name; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java deleted file mode 100644 index 69507f2df4..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/User.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -public class User { - - String id; - - public User(String id) { - - this.id = id; - } - - public String getId() { - - return id; - } - public void setId(String id) { - - this.id = id; - } - -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java deleted file mode 100644 index 91c0ee4ac3..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/model/UserStore.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.model; - -import java.nio.charset.StandardCharsets; -import java.util.Base64; - -public class UserStore { - - String id; - String name; - - public UserStore(String name) { - - setName(name); - } - - public String getId() { - - return id; - } - - public String getName() { - - return name; - } - - public void setName(String name) { - - /** - * As of now user store id is generated by encoding the user store name. - */ - this.id = name != null ? Base64.getEncoder().encodeToString(name.getBytes(StandardCharsets.UTF_8)) : null; - this.name = name; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java deleted file mode 100644 index 74793445ec..0000000000 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/actions/util/OperationComparator.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.identity.actions.util; - -import org.wso2.carbon.identity.actions.model.AllowedOperation; -import org.wso2.carbon.identity.actions.model.PerformableOperation; - -public class OperationComparator { - - public static boolean compare(AllowedOperation allowedOp, PerformableOperation performableOp) { - - if (!allowedOp.getOp().equals(performableOp.getOp())) { - return false; - } - - String performableOperationBasePath = performableOp.getPath().contains("/") - ? performableOp.getPath().substring(0, performableOp.getPath().lastIndexOf('/') + 1) - : ""; - - for (String allowedPath : allowedOp.getPaths()) { - if (performableOp.getPath().equals(allowedPath) || - performableOperationBasePath.equals(allowedPath)) { - return true; - } - } - - return false; - } -} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java index c5d5b3f876..3f8753aff0 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java @@ -21,12 +21,14 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.actions.ActionExecutionResponseProcessor; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; -import org.wso2.carbon.identity.actions.model.ActionExecutionStatus; -import org.wso2.carbon.identity.actions.model.Event; -import org.wso2.carbon.identity.actions.model.PerformableOperation; +import org.wso2.carbon.identity.action.execution.ActionExecutionResponseProcessor; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionResponseProcessorException; +import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; +import org.wso2.carbon.identity.action.execution.model.ActionInvocationErrorResponse; +import org.wso2.carbon.identity.action.execution.model.ActionInvocationSuccessResponse; +import org.wso2.carbon.identity.action.execution.model.ActionType; +import org.wso2.carbon.identity.action.execution.model.Event; +import org.wso2.carbon.identity.action.execution.model.PerformableOperation; import org.wso2.carbon.identity.oauth.action.model.AccessToken; import org.wso2.carbon.identity.oauth.action.model.ClaimPathInfo; import org.wso2.carbon.identity.oauth.action.model.PreIssueAccessTokenEvent; @@ -51,39 +53,26 @@ public class PreIssueAccessTokenProcessor implements ActionExecutionResponseProc private static final String OPERATION_REPLACE = "replace"; private static final String SCOPE_PATH_PREFIX = "/accessToken/scopes/"; private static final String CLAIMS_PATH_PREFIX = "/accessToken/claims/"; - private static final PreIssueAccessTokenProcessor instance = new PreIssueAccessTokenProcessor(); private static final Pattern NQCHAR_PATTERN = Pattern.compile("^[\\x21\\x23-\\x5B\\x5D-\\x7E]+$"); private static final Pattern STRING_OR_URI_PATTERN = Pattern.compile("^([a-zA-Z][a-zA-Z0-9+.-]*://[^\\s/$.?#].[^\\s]*)|(^[a-zA-Z0-9.-]+$)"); - // Validate if the input is a valid StringOrURI - public static PreIssueAccessTokenProcessor getInstance() { return instance; } - private boolean validateNQChar(String input) { - - Matcher matcher = NQCHAR_PATTERN.matcher(input); - return matcher.matches(); - } - - private boolean isValidStringOrURI(String input) { - - Matcher matcher = STRING_OR_URI_PATTERN.matcher(input); - return matcher.matches(); - } - @Override - public ActionExecutionStatus processResponse(ActionType actionType, Map eventContext, - Event actionEvent, ActionExecutionResponse actionExecutionResponse) { + public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map eventContext, + Event event, + ActionInvocationSuccessResponse actionInvocationSuccessResponse) + throws ActionExecutionResponseProcessorException { OAuthTokenReqMessageContext tokenMessageContext = (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); - PreIssueAccessTokenEvent preIssueAccessTokenEvent = (PreIssueAccessTokenEvent) actionEvent; - List operationsToPerform = actionExecutionResponse.getOperations(); + PreIssueAccessTokenEvent preIssueAccessTokenEvent = (PreIssueAccessTokenEvent) event; + List operationsToPerform = actionInvocationSuccessResponse.getOperations(); AccessToken requestAccessToken = preIssueAccessTokenEvent.getAccessToken(); AccessToken.Builder responseAccessTokenBuilder = preIssueAccessTokenEvent.getAccessToken().copy(); @@ -101,8 +90,7 @@ public ActionExecutionStatus processResponse(ActionType actionType, Map map, Event event, + ActionInvocationErrorResponse actionInvocationErrorResponse) + throws ActionExecutionResponseProcessorException { + + return null; } private void updateTokenMessageContext(OAuthTokenReqMessageContext tokenMessageContext, @@ -539,4 +535,16 @@ private int validateIndex(String operationPath, int listSize) { LOG.info("Invalid index: " + indexPart); return -1; } + + private boolean validateNQChar(String input) { + + Matcher matcher = NQCHAR_PATTERN.matcher(input); + return matcher.matches(); + } + + private boolean isValidStringOrURI(String input) { + + Matcher matcher = STRING_OR_URI_PATTERN.matcher(input); + return matcher.matches(); + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index 1cca00db9f..184d303251 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -21,17 +21,17 @@ import com.nimbusds.jwt.JWTClaimsSet; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.actions.ActionExecutionRequestBuilder; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionRequest; -import org.wso2.carbon.identity.actions.model.AllowedOperation; -import org.wso2.carbon.identity.actions.model.Event; -import org.wso2.carbon.identity.actions.model.Organization; -import org.wso2.carbon.identity.actions.model.Request; -import org.wso2.carbon.identity.actions.model.Tenant; -import org.wso2.carbon.identity.actions.model.User; -import org.wso2.carbon.identity.actions.model.UserStore; +import org.wso2.carbon.identity.action.execution.ActionExecutionRequestBuilder; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionRequestBuilderException; +import org.wso2.carbon.identity.action.execution.model.ActionExecutionRequest; +import org.wso2.carbon.identity.action.execution.model.ActionType; +import org.wso2.carbon.identity.action.execution.model.AllowedOperation; +import org.wso2.carbon.identity.action.execution.model.Event; +import org.wso2.carbon.identity.action.execution.model.Organization; +import org.wso2.carbon.identity.action.execution.model.Request; +import org.wso2.carbon.identity.action.execution.model.Tenant; +import org.wso2.carbon.identity.action.execution.model.User; +import org.wso2.carbon.identity.action.execution.model.UserStore; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; @@ -74,8 +74,8 @@ public static PreIssueAccessTokenRequestBuilder getInstance() { } @Override - public ActionExecutionRequest buildActionInvocationRequest(ActionType actionType, Map eventContext) - throws ActionExecutionException { + public ActionExecutionRequest buildActionExecutionRequest(ActionType actionType, Map eventContext) + throws ActionExecutionRequestBuilderException { OAuthTokenReqMessageContext tokenMessageContext = (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); @@ -91,7 +91,7 @@ public ActionExecutionRequest buildActionInvocationRequest(ActionType actionType } private Event getEvent(OAuthTokenReqMessageContext tokenMessageContext, Map claimsToAdd) - throws ActionExecutionException { + throws ActionExecutionRequestBuilderException { OAuth2AccessTokenReqDTO tokenReqDTO = tokenMessageContext.getOauth2AccessTokenReqDTO(); AuthenticatedUser authorizedUser = tokenMessageContext.getAuthorizedUser(); @@ -151,7 +151,7 @@ private Request getRequest(OAuth2AccessTokenReqDTO tokenRequestDTO) { } private AccessToken getAccessToken(OAuthTokenReqMessageContext tokenMessageContext, Map claimsToAdd) - throws ActionExecutionException { + throws ActionExecutionRequestBuilderException { try { OAuthAppDO oAuthAppDO = getAppInformation(tokenMessageContext); @@ -181,7 +181,7 @@ private AccessToken getAccessToken(OAuthTokenReqMessageContext tokenMessageConte "Failed to generate pre issue access token action request. Application: %s. Grant type: %s. Error: %s.", tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId(), tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); - throw new ActionExecutionException(errorMessage, e); + throw new ActionExecutionRequestBuilderException(errorMessage, e); } } @@ -220,7 +220,7 @@ private void handleSubjectClaim(AuthenticatedUser authorizedUser, OAuthAppDO oAu } private Map getAdditionalClaimsToAddToToken(OAuthTokenReqMessageContext tokenMessageContext) - throws ActionExecutionException { + throws ActionExecutionRequestBuilderException { /* Directly return custom claims if pre-issue access token actions have been executed. This is to ensure that the custom claims added are incorporated in the refresh token flow. @@ -241,7 +241,7 @@ private Map getAdditionalClaimsToAddToToken(OAuthTokenReqMessage String errorMessage = String.format("Failed to retrieve OIDC claim set for the access token. Grant type: %s Error: %s", tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); - throw new ActionExecutionException(errorMessage, e); + throw new ActionExecutionRequestBuilderException(errorMessage, e); } } @@ -296,7 +296,7 @@ private AllowedOperation createAllowedOperation(String op, List paths) { } private boolean isAccessTokenAuthorizedForUser(String grantType, OAuthTokenReqMessageContext tokReqMsgCtx) - throws ActionExecutionException { + throws ActionExecutionRequestBuilderException { AuthorizationGrantHandler grantHandler = OAuthServerConfiguration.getInstance().getSupportedGrantTypes().get(grantType); @@ -307,7 +307,7 @@ private boolean isAccessTokenAuthorizedForUser(String grantType, OAuthTokenReqMe String errorMessage = String.format("Failed to determine the authorized entity of the token. Grant type: %s Error: %s", grantType, e.getMessage()); - throw new ActionExecutionException(errorMessage, e.getCause()); + throw new ActionExecutionRequestBuilderException(errorMessage, e.getCause()); } } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java index 70784a5119..f783aa387b 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java @@ -18,12 +18,12 @@ package org.wso2.carbon.identity.oauth.action.model; -import org.wso2.carbon.identity.actions.model.Event; -import org.wso2.carbon.identity.actions.model.Organization; -import org.wso2.carbon.identity.actions.model.Request; -import org.wso2.carbon.identity.actions.model.Tenant; -import org.wso2.carbon.identity.actions.model.User; -import org.wso2.carbon.identity.actions.model.UserStore; +import org.wso2.carbon.identity.action.execution.model.Event; +import org.wso2.carbon.identity.action.execution.model.Organization; +import org.wso2.carbon.identity.action.execution.model.Request; +import org.wso2.carbon.identity.action.execution.model.Tenant; +import org.wso2.carbon.identity.action.execution.model.User; +import org.wso2.carbon.identity.action.execution.model.UserStore; /** * PreIssueATEvent. diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java index 7c03b1a8cb..e7ecc97a39 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java @@ -18,7 +18,7 @@ package org.wso2.carbon.identity.oauth.action.model; -import org.wso2.carbon.identity.actions.model.Request; +import org.wso2.carbon.identity.action.execution.model.Request; import java.util.ArrayList; import java.util.HashMap; @@ -89,12 +89,12 @@ public List getScopes() { public static class Builder { + private final Map additionalHeaders = new HashMap<>(); + private final Map additionalParams = new HashMap<>(); private String clientId; private String grantType; private String redirectUri; private List scopes = new ArrayList<>(); - private final Map additionalHeaders = new HashMap<>(); - private final Map additionalParams = new HashMap<>(); public Builder clientId(String clientId) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java index 28ed5152ac..bab0212fbd 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java @@ -20,7 +20,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.actions.ActionExecutorService; +import org.wso2.carbon.identity.action.execution.ActionExecutorService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager; @@ -57,11 +57,11 @@ */ public class OAuthComponentServiceHolder { + private static final Log log = LogFactory.getLog(OAuthComponentServiceHolder.class); private static OAuthComponentServiceHolder instance = new OAuthComponentServiceHolder(); private RealmService realmService; private OAuthEventInterceptor oAuthEventInterceptorHandlerProxy; private OAuth2Service oauth2Service; - private static final Log log = LogFactory.getLog(OAuthComponentServiceHolder.class); private OAuth2ScopeService oauth2ScopeService; private List tokenBindingMetaDataDTOs = new ArrayList<>(); private OAuthAdminServiceImpl oAuthAdminService; @@ -86,6 +86,15 @@ public class OAuthComponentServiceHolder { private ActionExecutorService actionExecutorService; + private OAuthComponentServiceHolder() { + + } + + public static OAuthComponentServiceHolder getInstance() { + + return instance; + } + /** * Get the list of scope validator implementations available. * @@ -96,6 +105,16 @@ public List getScopeValidators() { return scopeValidators; } + /** + * Set a list of scope validator implementations. + * + * @param scopeValidators List of Scope validator implementation. + */ + public void setScopeValidators(List scopeValidators) { + + this.scopeValidators = scopeValidators; + } + /** * Add scope validator implementation. * @@ -116,16 +135,6 @@ public void removeScopeValidator(ScopeValidator scopeValidator) { scopeValidators.remove(scopeValidator); } - /** - * Set a list of scope validator implementations. - * - * @param scopeValidators List of Scope validator implementation. - */ - public void setScopeValidators(List scopeValidators) { - - this.scopeValidators = scopeValidators; - } - /** * Get the list of scope validation handler implementations available. * @@ -166,15 +175,6 @@ public void setScopeValidatorPolicyHandlers(List scopeVa this.scopeValidationHandlers = scopeValidationHandlers; } - private OAuthComponentServiceHolder() { - - } - - public static OAuthComponentServiceHolder getInstance() { - - return instance; - } - public RealmService getRealmService() { return realmService; @@ -186,18 +186,22 @@ public void setRealmService(RealmService realmService) { } public void addOauthEventInterceptorProxy(OAuthEventInterceptor oAuthEventInterceptorHandlerProxy) { + this.oAuthEventInterceptorHandlerProxy = oAuthEventInterceptorHandlerProxy; } public OAuthEventInterceptor getOAuthEventInterceptorProxy() { + return this.oAuthEventInterceptorHandlerProxy; } public OAuth2Service getOauth2Service() { + return oauth2Service; } public void setOauth2Service(OAuth2Service oauth2Service) { + this.oauth2Service = oauth2Service; } @@ -259,6 +263,16 @@ public void removeOAuthApplicationMgtListener(OAuthApplicationMgtListener oAuthA .remove(oAuthApplicationMgtListener.getExecutionOrder(), oAuthApplicationMgtListener); } + /** + * Get RoleManagementService instance. + * + * @return RoleManagementService instance. + */ + public RoleManagementService getRoleManagementService() { + + return roleManagementService; + } + /** * Set RoleManagementService instance. * @@ -274,9 +288,9 @@ public void setRoleManagementService(RoleManagementService roleManagementService * * @return RoleManagementService instance. */ - public RoleManagementService getRoleManagementService() { + public org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService getRoleV2ManagementService() { - return roleManagementService; + return roleV2ManagementService; } /** @@ -290,16 +304,6 @@ public void setRoleV2ManagementService( this.roleV2ManagementService = roleManagementService; } - /** - * Get RoleManagementService instance. - * - * @return RoleManagementService instance. - */ - public org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService getRoleV2ManagementService() { - - return roleV2ManagementService; - } - /** * Get OrganizationUserResidentResolverService instance. * @@ -394,7 +398,7 @@ public void setAccessTokenDAOService(AccessTokenDAO accessTokenDAOService) { /** * Get TokenManagementDAO instance. * - * @return TokenManagementDAO {@link TokenManagementDAO} instance. + * @return TokenManagementDAO {@link TokenManagementDAO} instance. */ public TokenManagementDAO getTokenManagementDAOService() { @@ -413,6 +417,7 @@ public void setTokenManagementDAOService(TokenManagementDAO tokenManagementDAOSe /** * Get ApplicationManagementService instance. + * * @return ApplicationManagementService instance. */ public ApplicationManagementService getApplicationManagementService() { @@ -422,6 +427,7 @@ public ApplicationManagementService getApplicationManagementService() { /** * Set ApplicationManagementService instance. + * * @param applicationManagementService ApplicationManagementService instance. */ public void setApplicationManagementService(ApplicationManagementService applicationManagementService) { @@ -431,6 +437,7 @@ public void setApplicationManagementService(ApplicationManagementService applica /** * Get OAuthProtocolApplicationService instance. + * * @return OAuthProtocolApplicationService instance. */ public OauthInboundAuthConfigHandler getOAuthInboundConfigHandler() { @@ -440,6 +447,7 @@ public OauthInboundAuthConfigHandler getOAuthInboundConfigHandler() { /** * Set OAuthProtocolApplicationService instance. + * * @param oauthInboundAuthConfigHandler OAuthProtocolApplicationService instance. */ public void setOAuthInboundConfigHandler(OauthInboundAuthConfigHandler oauthInboundAuthConfigHandler) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index e78be0a310..2671c56603 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -26,7 +26,7 @@ import org.osgi.service.component.annotations.Reference; import org.osgi.service.component.annotations.ReferenceCardinality; import org.osgi.service.component.annotations.ReferencePolicy; -import org.wso2.carbon.identity.actions.ActionExecutorServiceImpl; +import org.wso2.carbon.identity.action.execution.ActionExecutorService; import org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService; @@ -71,6 +71,7 @@ public class OAuthServiceComponent { private ServiceRegistration serviceRegistration = null; protected void activate(ComponentContext context) { + try { // initialize the OAuth Server configuration OAuthServerConfiguration oauthServerConfig = OAuthServerConfiguration.getInstance(); @@ -114,8 +115,6 @@ protected void activate(ComponentContext context) { // Note : DO NOT add any activation related code below this point, // to make sure the server doesn't start up if any activation failures occur - OAuthComponentServiceHolder.getInstance().setActionExecutorService(ActionExecutorServiceImpl.getInstance()); - if (log.isDebugEnabled()) { log.debug("Identity OAuth bundle is activated"); } @@ -267,10 +266,10 @@ protected void setIdentityCoreInitializedEventService(IdentityCoreInitializedEve } @Reference(name = "token.binding.service", - service = TokenBinderInfo.class, - cardinality = ReferenceCardinality.MULTIPLE, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetTokenBinderInfo") + service = TokenBinderInfo.class, + cardinality = ReferenceCardinality.MULTIPLE, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetTokenBinderInfo") protected void setTokenBinderInfo(TokenBinderInfo tokenBinderInfo) { if (log.isDebugEnabled()) { @@ -288,10 +287,10 @@ protected void unsetTokenBinderInfo(TokenBinderInfo tokenBinderInfo) { } @Reference(name = "oauth.application.mgt.listener", - service = OAuthApplicationMgtListener.class, - cardinality = ReferenceCardinality.MULTIPLE, - policy = ReferencePolicy.DYNAMIC, - unbind = "unsetOAuthApplicationMgtListener") + service = OAuthApplicationMgtListener.class, + cardinality = ReferenceCardinality.MULTIPLE, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetOAuthApplicationMgtListener") protected void setOAuthApplicationMgtListener(OAuthApplicationMgtListener oAuthApplicationMgtListener) { if (log.isDebugEnabled()) { @@ -546,7 +545,6 @@ protected void registerConfigurationManager(ConfigurationManager configurationMa OAuthComponentServiceHolder.getInstance().setConfigurationManager(configurationManager); } - /** * Unset the ConfigurationManager. * @@ -559,4 +557,27 @@ protected void unregisterConfigurationManager(ConfigurationManager configuration } OAuthComponentServiceHolder.getInstance().setConfigurationManager(null); } + + @Reference( + name = "action.execution.service.component", + service = ActionExecutorService.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unregisterActionExecutorService" + ) + protected void registerActionExecutionService(ActionExecutorService actionExecutorService) { + + if (log.isDebugEnabled()) { + log.debug("Registering the ActionExecutorService in OAuthServiceComponent."); + } + OAuthComponentServiceHolder.getInstance().setActionExecutorService(actionExecutorService); + } + + protected void unregisterActionExecutorService(ActionExecutorService actionExecutorService) { + + if (log.isDebugEnabled()) { + log.debug("Unregistering the ActionExecutorService in OAuthServiceComponent."); + } + OAuthComponentServiceHolder.getInstance().setActionExecutorService(null); + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java index bc6af598db..67977726df 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java @@ -32,9 +32,6 @@ import org.osgi.service.component.annotations.ReferenceCardinality; import org.osgi.service.component.annotations.ReferencePolicy; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.identity.actions.ActionExecutionRequestBuilderFactory; -import org.wso2.carbon.identity.actions.ActionExecutionResponseProcessorFactory; -import org.wso2.carbon.identity.actions.ActionType; import org.wso2.carbon.identity.api.resource.mgt.APIResourceManager; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher; @@ -51,8 +48,6 @@ import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; import org.wso2.carbon.identity.event.services.IdentityEventService; -import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenRequestBuilder; -import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenProcessor; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; @@ -468,11 +463,11 @@ protected void activate(ComponentContext context) { initializeLegacyScopeToNewScopeMappings(); } - ActionExecutionRequestBuilderFactory.registerActionInvocationRequestBuilder(ActionType.PRE_ISSUE_ACCESS_TOKEN, - PreIssueAccessTokenRequestBuilder.getInstance()); - ActionExecutionResponseProcessorFactory.registerActionInvocationResponseProcessor( - ActionType.PRE_ISSUE_ACCESS_TOKEN, - PreIssueAccessTokenProcessor.getInstance()); +// ActionExecutionRequestBuilderFactory.registerActionInvocationRequestBuilder(ActionType.PRE_ISSUE_ACCESS_TOKEN, +// PreIssueAccessTokenRequestBuilder.getInstance()); +// ActionExecutionResponseProcessorFactory.registerActionInvocationResponseProcessor( +// ActionType.PRE_ISSUE_ACCESS_TOKEN, +// PreIssueAccessTokenProcessor.getInstance()); } /** diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java index 6a7eebaf3d..7cff96078f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java @@ -26,8 +26,8 @@ import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.apache.oltu.oauth2.common.message.types.GrantType; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityConstants; @@ -277,7 +277,7 @@ public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) throws Id Set scopeHandlers = OAuthServerConfiguration.getInstance().getOAuth2ScopeHandlers(); boolean isValid = true; - for (OAuth2ScopeHandler scopeHandler: scopeHandlers) { + for (OAuth2ScopeHandler scopeHandler : scopeHandlers) { if (scopeHandler != null && scopeHandler.canHandle(tokReqMsgCtx)) { isValid = scopeHandler.validateScope(tokReqMsgCtx); if (log.isDebugEnabled()) { @@ -325,6 +325,7 @@ public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) throws Id @Override public boolean authorizeAccessDelegation(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { + OAuthCallback authzCallback = new OAuthCallback(tokReqMsgCtx.getAuthorizedUser(), tokReqMsgCtx.getOauth2AccessTokenReqDTO().getClientId(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN); @@ -362,7 +363,7 @@ protected void storeAccessToken(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, try { OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO() .insertAccessToken(newAccessToken, oAuth2AccessTokenReqDTO.getClientId(), - newTokenBean, existingTokenBean, userStoreDomain); + newTokenBean, existingTokenBean, userStoreDomain); } catch (IdentityException e) { String maskedToken = LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(newAccessToken) : newAccessToken; @@ -475,7 +476,8 @@ private void executePreIssueAccessTokenActions(OAuthTokenReqMessageContext token try { OAuthComponentServiceHolder.getInstance().getActionExecutorService() - .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties); + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, + IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); } catch (ActionExecutionException e) { // If error ignore and proceed log.error("Error while executing pre issue access token action", e); @@ -483,7 +485,6 @@ private void executePreIssueAccessTokenActions(OAuthTokenReqMessageContext token } } - private boolean isExistingTokenValid(AccessTokenDO existingTokenBean, long expireTime) { if (TOKEN_STATE_ACTIVE.equals(existingTokenBean.getTokenState()) && expireTime != 0) { @@ -768,7 +769,7 @@ private OAuth2AccessTokenRespDTO createResponseWithTokenBean(AccessTokenDO exist if (issueRefreshToken(existingAccessTokenDO.getTokenType()) && OAuthServerConfiguration.getInstance().getSupportedGrantTypes().containsKey( - GrantType.REFRESH_TOKEN.toString())) { + GrantType.REFRESH_TOKEN.toString())) { String grantTypes = oAuthAppDO.getGrantTypes(); List supportedGrantTypes = new ArrayList<>(); if (StringUtils.isNotEmpty(grantTypes)) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java index ae4ea5c442..be55ed56e7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java @@ -24,10 +24,11 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.base.IdentityConstants; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCache; import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry; @@ -696,7 +697,8 @@ private void executePreIssueAccessTokenActions(RefreshTokenValidationDataDO refr try { OAuthComponentServiceHolder.getInstance().getActionExecutorService() - .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties); + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, + IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); } catch (ActionExecutionException e) { // If error ignore and proceed log.error("Error while executing pre issue access token action", e); diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java index b07fb83118..b3f7a2a14c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java @@ -24,10 +24,8 @@ import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; -import org.wso2.carbon.identity.actions.ActionExecutorService; -import org.wso2.carbon.identity.actions.ActionType; -import org.wso2.carbon.identity.actions.exception.ActionExecutionException; -import org.wso2.carbon.identity.actions.model.ActionExecutionResponse; +import org.wso2.carbon.identity.action.execution.ActionExecutorService; +import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityException; import org.wso2.carbon.identity.common.testng.WithCarbonHome; @@ -50,6 +48,8 @@ import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeHandler; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.model.ActionType; import java.util.Collections; import java.util.HashMap; @@ -100,8 +100,8 @@ public void setUp() throws IdentityOAuth2Exception, IdentityOAuthAdminException, OAuthComponentServiceHolder.getInstance().setActionExecutorService(mockActionExecutionService); MockitoAnnotations.initMocks(this); - when(mockActionExecutionService.execute(any(ActionType.class), anyMap())).thenReturn( - new ActionExecutionResponse()); + when(mockActionExecutionService.execute(any(ActionType.class), anyMap(), any())).thenReturn( + new ActionExecutionStatus(ActionExecutionStatus.Status.SUCCESS, null)); authenticatedUser.setUserName("randomUser"); authenticatedUser.setTenantDomain("Homeless"); diff --git a/pom.xml b/pom.xml index 9f99fbe518..779f01cb50 100644 --- a/pom.xml +++ b/pom.xml @@ -276,6 +276,11 @@ org.wso2.carbon.identity.configuration.mgt.core ${carbon.identity.framework.version} + + org.wso2.carbon.identity.framework + org.wso2.carbon.identity.action.execution + ${carbon.identity.framework.action.execution.version} + @@ -907,6 +912,7 @@ 7.3.22 [5.25.234, 8.0.0) + 7.3.42-SNAPSHOT 1.4.7 From 80b91be4a891206d8bea35b43869690b7c646380 Mon Sep 17 00:00:00 2001 From: JeethJJ Date: Tue, 23 Jul 2024 13:44:39 +0530 Subject: [PATCH 58/90] Add implementation for AllowAllScopes which authorises all scopes upon config. --- .../config/OAuthServerConfiguration.java | 30 +++++++++++++++++++ .../DefaultOAuth2ScopeValidator.java | 28 ++++++++++++----- 2 files changed, 51 insertions(+), 7 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java index d9fd4e6557..ac7e265ca2 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java @@ -169,6 +169,7 @@ public class OAuthServerConfiguration { private boolean removeUsernameFromIntrospectionResponseForAppTokens = true; private boolean useLegacyScopesAsAliasForNewScopes = false; private boolean useLegacyPermissionAccessForUserBasedAuth = false; + private boolean authorizeAllScopes = false; private String accessTokenPartitioningDomains = null; private TokenPersistenceProcessor persistenceProcessor = null; private Set callbackHandlerMetaData = new HashSet<>(); @@ -534,6 +535,9 @@ private void buildOAuthServerConfiguration() { // Read config for restricted query parameters in oauth requests parseRestrictedQueryParameters(oauthElem); + + // Read config for allow all scopes for an application + parseAuthorizeAllScopes(oauthElem); } /** @@ -3667,6 +3671,31 @@ public boolean isUseLegacyPermissionAccessForUserBasedAuth() { return useLegacyPermissionAccessForUserBasedAuth; } + /** + * Parse the AuthorizeAllScopes configuration that authorize all scopes for all applications. + * + * @param oauthConfigElem oauthConfigElem. + */ + private void parseAuthorizeAllScopes(OMElement oauthConfigElem) { + + OMElement authorizeAllScopesElem = oauthConfigElem.getFirstChildWithName( + getQNameWithIdentityNS(ConfigElements.AUTHORIZE_ALL_SCOPES)); + if (authorizeAllScopesElem != null) { + authorizeAllScopes = Boolean.parseBoolean(authorizeAllScopesElem.getText()); + } + } + + /** + * This method returns the value of the property AuthorizeAllScopes for the OAuth + * configuration in identity.xml. + * + * @return true if the AuthorizeAllScopes is enabled. + */ + public boolean isAuthorizeAllScopes() { + + return authorizeAllScopes; + } + private static void setOAuthResponseJspPageAvailable() { java.nio.file.Path path = Paths.get(CarbonUtils.getCarbonHome(), "repository", "deployment", @@ -4041,6 +4070,7 @@ private class ConfigElements { private static final String SCOPE_METADATA_EXTENSION_IMPL = "ScopeMetadataService"; private static final String RESTRICTED_QUERY_PARAMETERS_ELEMENT = "RestrictedQueryParameters"; private static final String RESTRICTED_QUERY_PARAMETER_ELEMENT = "Parameter"; + private static final String AUTHORIZE_ALL_SCOPES = "AuthorizeAllScopes"; } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java index 1025c723f3..1e290ee625 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java @@ -258,22 +258,36 @@ private List getAuthorizedScopes(List requestedScopes, Authentic } /** - * Get the authorized scopes for the given appId and tenant domain. + * Get the authorized scopes for the given appId and/or tenant domain. * * @param appId App id. * @param tenantDomain Tenant domain. * @return Authorized scopes. - * @throws IdentityOAuth2Exception if an error occurs while retrieving authorized scopes for app. + * @throws IdentityOAuth2Exception if an error occurs while retrieving authorized scopes. */ private List getAuthorizedScopes(String appId, String tenantDomain) throws IdentityOAuth2Exception { try { - return OAuth2ServiceComponentHolder.getInstance() - .getAuthorizedAPIManagementService().getAuthorizedScopes(appId, tenantDomain); + if (OAuthServerConfiguration.getInstance().isAuthorizeAllScopes()) { + List scopes = OAuth2ServiceComponentHolder.getInstance() + .getApiResourceManager().getScopesByTenantDomain(tenantDomain, ""); + List allScopesList = Collections.singletonList( + new AuthorizedScopes("RBAC", scopes.stream() + .map(Scope::getName) + .collect(Collectors.toCollection(ArrayList::new))) + ); + return allScopesList; + } else { + return OAuth2ServiceComponentHolder.getInstance() + .getAuthorizedAPIManagementService().getAuthorizedScopes(appId, tenantDomain); + } } catch (IdentityApplicationManagementException e) { throw new IdentityOAuth2Exception("Error while retrieving authorized scopes for app : " + appId + "tenant domain : " + tenantDomain, e); + } catch (APIResourceMgtException e) { + throw new IdentityOAuth2Exception("Error while retrieving scopes for tenant domain : " + + tenantDomain, e); } } @@ -362,7 +376,7 @@ private void removeRegisteredScopes(OAuthTokenReqMessageContext tokenReqMessageC } /** - * Get the requested OIDC scopes + * Get the requested OIDC scopes. * * @param tenantDomain Tenant domain. * @param requestedScopes Requested scopes. @@ -395,7 +409,7 @@ private List removeOIDCScopes(List requestedScopes, Set } /** - * Get the application resource id for the given client id + * Get the application resource id for the given client id. * * @param clientId Client Id. * @param tenantName Tenant name. @@ -414,7 +428,7 @@ private String getApplicationId(String clientId, String tenantName) throws Ident } /** - * Checks if the scopes list is empty + * Checks if the scopes list is empty. * * @param scopes Scopes list * @return true if scopes list is empty From e7de8e6f44af049fdaa2d0f95aed22e468288cd9 Mon Sep 17 00:00:00 2001 From: vivekvinushanth Date: Tue, 23 Jul 2024 21:11:27 +0530 Subject: [PATCH 59/90] fix cache removal at token revocation --- .../identity/oauth2/internal/OAuthApplicationMgtListener.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java index 9827bae341..40d8b5ffca 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java @@ -506,7 +506,7 @@ private void clearCacheEntriesAgainstTokenByConsumerKey(Set acces String tenantDomain) throws IdentityOAuth2Exception { AppInfoCache appInfoCache = AppInfoCache.getInstance(); - appInfoCache.clearCacheEntry(consumerKey); + appInfoCache.clearCacheEntry(consumerKey, tenantDomain); OAuthCache.getInstance().clearCacheEntry(new OAuthCacheKey(consumerKey)); if (isNotEmpty(accessTokenDOSet)) { for (AccessTokenDO accessTokenDo : accessTokenDOSet) { From ad04803d7f47f683dabcfbec470c0259012ceaa1 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 00:24:21 +0000 Subject: [PATCH 60/90] [WSO2 Release] [Jenkins #4974] [Release 7.0.121] prepare release v7.0.121 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 0a7297facb..1cc9dfec9b 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121-SNAPSHOT + 7.0.121 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.121-SNAPSHOT + 7.0.121 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index e9375a88da..1294179b10 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121-SNAPSHOT + 7.0.121 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.121-SNAPSHOT + 7.0.121 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index eb9008f822..cf2e3ddd18 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121-SNAPSHOT + 7.0.121 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 9bcc5e57fe..ab99c3a6dc 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 874d7c2b31..d4af9f5031 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.121-SNAPSHOT + 7.0.121 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index d7d1352072..503afacc16 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 70f3ff40df..879016d9d7 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index b83666a53e..bd720ce423 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 573f5e0d2e..0db333befe 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index df6acefd4b..8b625b5d74 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 6a1486ba54..05965d73c5 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.121-SNAPSHOT + 7.0.121 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 0ef698c9c1..9fef5fb392 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 46ab1e61fa..d324b1e4be 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index d5c1f0192a..c4e1a40f64 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 2713086fc0..59fb5c7ec5 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 1e88799f2e..124b31cdf6 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 76fe708fd3..82fc01f6c4 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 24bfa92649..9a5ae50287 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index cc8154c743..fb2767f95d 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index e3134c1a4c..90f1b7cd97 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index ebfa3d314f..d40c883017 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 2209a7cd6d..6d7d4add75 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 300ddbcbb1..fa4e9b0586 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 16646f9d3d..832b55796a 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 diff --git a/pom.xml b/pom.xml index 9f99fbe518..a4c67b68b1 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121-SNAPSHOT + 7.0.121 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.121 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index f96102a646..f59490c894 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121-SNAPSHOT + 7.0.121 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index daba382b4e..fc262fa6e3 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121-SNAPSHOT + 7.0.121 4.0.0 From 3f97b5ee2f647164a51e368d14257a6de8f11657 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 00:24:23 +0000 Subject: [PATCH 61/90] [WSO2 Release] [Jenkins #4974] [Release 7.0.121] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 1cc9dfec9b..4792dde22f 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121 + 7.0.122-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.121 + 7.0.122-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 1294179b10..58dd610df2 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121 + 7.0.122-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.121 + 7.0.122-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index cf2e3ddd18..b015740bfd 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121 + 7.0.122-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index ab99c3a6dc..389a6062a9 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index d4af9f5031..aebd03e62c 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.121 + 7.0.122-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 503afacc16..149f1f8e40 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 879016d9d7..0918425ab9 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index bd720ce423..01becbdf68 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 0db333befe..52bba44ef1 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 8b625b5d74..e82b12a816 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 05965d73c5..0865a8a0cb 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.121 + 7.0.122-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 9fef5fb392..32f65aedd6 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index d324b1e4be..14c57ad5d8 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index c4e1a40f64..adb1e2c032 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 59fb5c7ec5..953584593f 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 124b31cdf6..f999deb215 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 82fc01f6c4..529e2f10cd 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 9a5ae50287..9a3b2dd65c 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index fb2767f95d..c9febb9b98 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 90f1b7cd97..81b6dde57f 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index d40c883017..79cf1c1347 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 6d7d4add75..b695866e19 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index fa4e9b0586..348e539469 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 832b55796a..7abb5aa864 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index a4c67b68b1..a531e8b78c 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121 + 7.0.122-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.121 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index f59490c894..1e1cc4ae3f 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.121 + 7.0.122-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index fc262fa6e3..b51bfd167a 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.121 + 7.0.122-SNAPSHOT 4.0.0 From a654b92d5335ccd7e66f7b87c7993b432d33a6b9 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 04:49:08 +0000 Subject: [PATCH 62/90] [WSO2 Release] [Jenkins #4976] [Release 7.0.122] prepare release v7.0.122 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 4792dde22f..b306fedf5f 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122-SNAPSHOT + 7.0.122 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.122-SNAPSHOT + 7.0.122 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 58dd610df2..3c78c68c6a 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122-SNAPSHOT + 7.0.122 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.122-SNAPSHOT + 7.0.122 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index b015740bfd..1602e7aeaa 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122-SNAPSHOT + 7.0.122 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 389a6062a9..6087529f24 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index aebd03e62c..c5ce1a759f 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.122-SNAPSHOT + 7.0.122 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 149f1f8e40..6174a272d7 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 0918425ab9..d99b6d0b8b 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 01becbdf68..14917f364e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 52bba44ef1..5e9afa1aae 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index e82b12a816..16df19f309 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 0865a8a0cb..25d6d4f28e 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.122-SNAPSHOT + 7.0.122 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 32f65aedd6..1947411002 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 14c57ad5d8..4685a60137 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index adb1e2c032..a3ca157e38 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 953584593f..9aca679cb5 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index f999deb215..44f06f0754 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 529e2f10cd..e341abf72a 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 9a3b2dd65c..f86a6afb4f 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index c9febb9b98..da112868fb 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 81b6dde57f..1c5e437460 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 79cf1c1347..9be6e4a8ff 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index b695866e19..1b2e9455ce 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 348e539469..a4518a5a39 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 7abb5aa864..cc6bfb6558 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 diff --git a/pom.xml b/pom.xml index a531e8b78c..434cdcf0cf 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122-SNAPSHOT + 7.0.122 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.122 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 1e1cc4ae3f..6a569c761a 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122-SNAPSHOT + 7.0.122 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index b51bfd167a..d9d34690bb 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122-SNAPSHOT + 7.0.122 4.0.0 From 1bea1b356eeae0a48dc7129d7291a6dc31cae0e6 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 04:49:10 +0000 Subject: [PATCH 63/90] [WSO2 Release] [Jenkins #4976] [Release 7.0.122] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index b306fedf5f..d751740af0 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122 + 7.0.123-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.122 + 7.0.123-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 3c78c68c6a..169aad15a1 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122 + 7.0.123-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.122 + 7.0.123-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 1602e7aeaa..311bad7891 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122 + 7.0.123-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 6087529f24..fab66d52ff 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index c5ce1a759f..e9e8c7a4c9 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.122 + 7.0.123-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 6174a272d7..eda411507a 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index d99b6d0b8b..3ed8d9102b 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 14917f364e..82907178cb 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 5e9afa1aae..815cd7c512 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 16df19f309..23fcf1dcb5 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 25d6d4f28e..d4a47a66b8 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.122 + 7.0.123-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 1947411002..ae2309a6df 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 4685a60137..0bec07c5bb 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index a3ca157e38..2922149b6b 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 9aca679cb5..ae46723933 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 44f06f0754..4a0745a7a1 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index e341abf72a..9eeb4377c9 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index f86a6afb4f..ef03400028 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index da112868fb..5722531c4e 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 1c5e437460..6ebaf81ce0 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 9be6e4a8ff..c0e5f8b257 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 1b2e9455ce..b4e217ba74 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index a4518a5a39..eed9b5ee15 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index cc6bfb6558..0a6e0be211 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 434cdcf0cf..5272dd1831 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122 + 7.0.123-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.122 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 6a569c761a..4cc3d1042f 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.122 + 7.0.123-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index d9d34690bb..cc127aa8c2 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.122 + 7.0.123-SNAPSHOT 4.0.0 From 17c6f6a257dbc86e9f5b11abb7c8fc9b258d75e2 Mon Sep 17 00:00:00 2001 From: Thumimku Date: Wed, 24 Jul 2024 16:41:42 +0530 Subject: [PATCH 64/90] add diag log --- .../identity/oauth/common/OAuthConstants.java | 1 + .../oauth2/token/SubjectTokenIssuer.java | 41 +++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 94b888cec6..7562f28e56 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -718,6 +718,7 @@ public static class ActionIDs { public static final String SCOPE_VALIDATION = "validate-scope"; public static final String ISSUE_ACCESS_TOKEN = "issue-access-token"; + public static final String ISSUE_SUBJECT_TOKEN = "issue-access-token"; public static final String ISSUE_ID_TOKEN = "issue-id-token"; public static final String VALIDATE_AUTHORIZATION_CODE = "validate-authz-code"; public static final String ISSUE_AUTHZ_CODE = "issue-authz-code"; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java index 808837960a..d071b0dafe 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java @@ -20,8 +20,13 @@ package org.wso2.carbon.identity.oauth2.token; import org.apache.commons.lang.StringUtils; +import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.central.log.mgt.utils.LogConstants; +import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; +import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; +import org.wso2.carbon.identity.oauth.dao.OAuthAppDO; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.impersonation.models.ImpersonationContext; @@ -29,7 +34,9 @@ import org.wso2.carbon.identity.oauth2.impersonation.services.ImpersonationMgtService; import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder; import org.wso2.carbon.identity.oauth2.model.SubjectTokenDO; +import org.wso2.carbon.utils.DiagnosticLog; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.SUBJECT_TOKEN_EXPIRY_TIME_VALUE; import static org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration.JWT_TOKEN_TYPE; /** @@ -38,6 +45,8 @@ */ public class SubjectTokenIssuer { + private static final String OAUTH_APP_DO = "OAuthAppDO"; + /** * Issues a subject token for the given OAuth authorization request message context. * @@ -75,6 +84,38 @@ public SubjectTokenDO issue(OAuthAuthzReqMessageContext oauthAuthzMsgCtx) throws .get(JWT_TOKEN_TYPE); SubjectTokenDO subjectTokenDO = new SubjectTokenDO(); subjectTokenDO.setSubjectToken(oauthTokenIssuer.issueSubjectToken(oauthAuthzMsgCtx)); + OAuthAppDO oAuthAppDO = (OAuthAppDO) oauthAuthzMsgCtx.getProperty(OAUTH_APP_DO); + int subjectTokenLifeTime = oAuthAppDO.getSubjectTokenExpiryTime() <= 0 ? SUBJECT_TOKEN_EXPIRY_TIME_VALUE : + oAuthAppDO.getSubjectTokenExpiryTime(); + + if (LoggerUtils.isDiagnosticLogsEnabled()) { + DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder( + OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, + OAuthConstants.LogConstants.ActionIDs.ISSUE_SUBJECT_TOKEN); + diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID, + oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey()) + .inputParam(OAuthConstants.LogConstants.InputKeys.AUTHORIZED_SCOPES, + oauthAuthzMsgCtx.getApprovedScope()) + .inputParam(OAuthConstants.LogConstants.InputKeys.GRANT_TYPE, "Code") + .inputParam("token expiry time (s)", subjectTokenLifeTime) + .resultStatus(DiagnosticLog.ResultStatus.SUCCESS) + .resultMessage("Subject token issued for the application.") + .logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION); + + AuthenticatedUser impersonator = oauthAuthzMsgCtx.getAuthorizationReqDTO().getUser(); + if (impersonator != null) { + try { + diagnosticLogBuilder.inputParam(LogConstants.InputKeys.USER_ID, impersonator.getUserId()); + } catch (UserIdNotFoundException e) { + if (StringUtils.isNotBlank(impersonator.getAuthenticatedSubjectIdentifier())) { + diagnosticLogBuilder.inputParam(LogConstants.InputKeys.USER, LoggerUtils.isLogMaskingEnable ? + LoggerUtils.getMaskedContent(impersonator.getAuthenticatedSubjectIdentifier()) : + impersonator.getAuthenticatedSubjectIdentifier()); + } + } + } + } + return subjectTokenDO; } From 847af583a413b8d03715d56c1020ba201a8e3140 Mon Sep 17 00:00:00 2001 From: vivekvinushanth Date: Wed, 24 Jul 2024 20:06:45 +0530 Subject: [PATCH 65/90] fix cache removal at token revocation --- .../identity/oauth2/internal/OAuthApplicationMgtListener.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java index 40d8b5ffca..857ff0f805 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java @@ -518,6 +518,8 @@ private void clearCacheEntriesAgainstTokenByConsumerKey(Set acces CacheEntry oauthCacheEntry = OAuthCache.getInstance().getValueFromCache(oauthCacheKey); if (oauthCacheEntry != null) { OAuthCache.getInstance().clearCacheEntry(oauthCacheKey, tenantDomain); + OAuthCache.getInstance().clearCacheEntry(oauthCacheKey, accessTokenDo.getAuthzUser() + .getTenantDomain()); } String tokenBindingReference = "NONE"; if (accessTokenDo.getTokenBinding() != null && StringUtils From caf772fe662423ccb5c298ea4444e568d008ec3d Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 15:16:58 +0000 Subject: [PATCH 66/90] [WSO2 Release] [Jenkins #4978] [Release 7.0.123] prepare release v7.0.123 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index d751740af0..813b7c8176 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123-SNAPSHOT + 7.0.123 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.123-SNAPSHOT + 7.0.123 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 169aad15a1..0b6f5dfe07 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123-SNAPSHOT + 7.0.123 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.123-SNAPSHOT + 7.0.123 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 311bad7891..a7583d2cf7 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123-SNAPSHOT + 7.0.123 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index fab66d52ff..be3a2a58c5 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index e9e8c7a4c9..ce170f656a 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.123-SNAPSHOT + 7.0.123 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index eda411507a..d3c741a7a2 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 3ed8d9102b..9831aab60d 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 82907178cb..8d107647c6 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 815cd7c512..4ba2290a60 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 23fcf1dcb5..ea5fea5d56 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index d4a47a66b8..b247fe973b 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.123-SNAPSHOT + 7.0.123 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index ae2309a6df..976136c290 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 0bec07c5bb..25ef92eb7e 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 2922149b6b..1bfd8f3baa 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index ae46723933..e7c9f1def9 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 4a0745a7a1..6205895e4a 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 9eeb4377c9..f94ac1e29e 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index ef03400028..e4bc2c21a9 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 5722531c4e..6c07e51daa 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 6ebaf81ce0..ee1030d24f 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index c0e5f8b257..22f752602e 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index b4e217ba74..b27699bd1b 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index eed9b5ee15..3cfd6f3ae8 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 0a6e0be211..893f82080c 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 diff --git a/pom.xml b/pom.xml index 5272dd1831..1a1e46aebf 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123-SNAPSHOT + 7.0.123 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.123 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 4cc3d1042f..448029e4b6 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123-SNAPSHOT + 7.0.123 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index cc127aa8c2..602af70ea8 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123-SNAPSHOT + 7.0.123 4.0.0 From d8fdfda7b42adbea43b725aad8d79cc2c3891c36 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Wed, 24 Jul 2024 15:17:01 +0000 Subject: [PATCH 67/90] [WSO2 Release] [Jenkins #4978] [Release 7.0.123] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 813b7c8176..589c089849 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123 + 7.0.124-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.123 + 7.0.124-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 0b6f5dfe07..e3b52bcfca 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123 + 7.0.124-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.123 + 7.0.124-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index a7583d2cf7..c9ff8a6f84 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123 + 7.0.124-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index be3a2a58c5..a7a3daa10d 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index ce170f656a..2f7bad525e 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.123 + 7.0.124-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index d3c741a7a2..09ff0d9204 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 9831aab60d..19b5e26b28 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 8d107647c6..9e3d4f8e47 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 4ba2290a60..663cdac2a1 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index ea5fea5d56..d6d245a9e9 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index b247fe973b..f692129d0b 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.123 + 7.0.124-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 976136c290..30f670912a 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 25ef92eb7e..5c491a30a9 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 1bfd8f3baa..9d3b3b59e2 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index e7c9f1def9..1b0e5363bf 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 6205895e4a..ff80ec26e4 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index f94ac1e29e..57af0cb082 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index e4bc2c21a9..167e13859a 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 6c07e51daa..023927fdc8 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index ee1030d24f..342b03b149 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 22f752602e..ac7ef32a16 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index b27699bd1b..fe54b35b6f 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 3cfd6f3ae8..8807df9865 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 893f82080c..7de4cf4f30 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 1a1e46aebf..c83c1094f2 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123 + 7.0.124-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.123 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 448029e4b6..58a54ec659 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.123 + 7.0.124-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 602af70ea8..a9d9cf4d3a 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.123 + 7.0.124-SNAPSHOT 4.0.0 From 145d1fbbafbf456b76afa6f56489f8a7cb8949e7 Mon Sep 17 00:00:00 2001 From: malithie Date: Thu, 25 Jul 2024 13:59:44 +0530 Subject: [PATCH 68/90] Fix checkstyle issues. --- ...AbstractAuthorizationGrantHandlerTest.java | 84 ++++++++++--------- 1 file changed, 44 insertions(+), 40 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java index b3f7a2a14c..57bdfd8ace 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java @@ -25,7 +25,9 @@ import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import org.wso2.carbon.identity.action.execution.ActionExecutorService; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; +import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityException; import org.wso2.carbon.identity.common.testng.WithCarbonHome; @@ -48,8 +50,6 @@ import org.wso2.carbon.identity.oauth2.model.AccessTokenDO; import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeHandler; -import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; -import org.wso2.carbon.identity.action.execution.model.ActionType; import java.util.Collections; import java.util.HashMap; @@ -72,11 +72,11 @@ @WithH2Database(jndiName = "jdbc/WSO2IdentityDB", files = {"dbScripts/identity.sql", "dbScripts/insert_application_and_token.sql", "dbScripts/insert_consumer_app.sql", "dbScripts/insert_local_idp.sql"}) -@WithRealmService(injectToSingletons = { OAuthComponentServiceHolder.class }) +@WithRealmService(injectToSingletons = {OAuthComponentServiceHolder.class}) public class AbstractAuthorizationGrantHandlerTest { private AbstractAuthorizationGrantHandler handler; - @Mock + @Mock private ActionExecutorService mockActionExecutionService; private RefreshGrantHandler refreshGrantHandler; @@ -146,26 +146,27 @@ public Object[][] issueDataProvider() { { true, false, 0L, 0L, 0L, 0L, true, TOKEN_STATE_ACTIVE, false, true }, { true, false, 0L, 0L, 0L, 3600L, true, TOKEN_STATE_ACTIVE, false, false }, - { true, true, 3600L, 3600L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, true }, - { true, true, 0L, 3600L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, false }, - { true, true, 0L, 0L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, true }, - { true, false, 0L, 0L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, false }, - { false, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_ACTIVE, true, true }, - { false, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_REVOKED, true, false }, - { false, false, 0L, 0L, 0L, 0L, true, TOKEN_STATE_ACTIVE, true, true }, - { false, false, 0L, 0L, 0L, 3600L, true, TOKEN_STATE_ACTIVE, true, false }, - { true, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_ACTIVE, true, true }, - { true, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_REVOKED, true, false }, - { true, false, 0L, 0L, 0L, 0L, true, TOKEN_STATE_ACTIVE, true, true }, - { true, false, 0L, 0L, 0L, 3600L, true, TOKEN_STATE_ACTIVE, true, false }, - { true, true, 0L, 0L, -1L, 3600L, true, TOKEN_STATE_ACTIVE, true, true }, - { false, true, 0L, 0L, -1L, 3600L, true, TOKEN_STATE_ACTIVE, true, false } }; + {true, true, 3600L, 3600L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, true}, + {true, true, 0L, 3600L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, false}, + {true, true, 0L, 0L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, true}, + {true, false, 0L, 0L, 0L, 0L, false, TOKEN_STATE_ACTIVE, true, false}, + {false, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_ACTIVE, true, true}, + {false, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_REVOKED, true, false}, + {false, false, 0L, 0L, 0L, 0L, true, TOKEN_STATE_ACTIVE, true, true}, + {false, false, 0L, 0L, 0L, 3600L, true, TOKEN_STATE_ACTIVE, true, false}, + {true, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_ACTIVE, true, true}, + {true, false, 0L, 0L, 3600L, 0L, true, TOKEN_STATE_REVOKED, true, false}, + {true, false, 0L, 0L, 0L, 0L, true, TOKEN_STATE_ACTIVE, true, true}, + {true, false, 0L, 0L, 0L, 3600L, true, TOKEN_STATE_ACTIVE, true, false}, + {true, true, 0L, 0L, -1L, 3600L, true, TOKEN_STATE_ACTIVE, true, true}, + {false, true, 0L, 0L, -1L, 3600L, true, TOKEN_STATE_ACTIVE, true, false}}; } @Test(dataProvider = "IssueDataProvider") public void testIssue(boolean cacheEnabled, boolean cacheEntryAvailable, long cachedTokenValidity, - long cachedRefreshTokenValidity, long dbTokenValidity, long dbRefreshTokenValidity, - boolean dbEntryAvailable, String dbTokenState, boolean tokenLoggable, boolean isIDPIdColumnEnabled) + long cachedRefreshTokenValidity, long dbTokenValidity, long dbRefreshTokenValidity, + boolean dbEntryAvailable, String dbTokenState, boolean tokenLoggable, + boolean isIDPIdColumnEnabled) throws Exception { OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(isIDPIdColumnEnabled); @@ -179,7 +180,7 @@ public void testIssue(boolean cacheEnabled, boolean cacheEntryAvailable, long ca OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO); tokReqMsgCtx.setAuthorizedUser(authenticatedUser); - tokReqMsgCtx.setScope(new String[] { "scope1", "scope2" }); + tokReqMsgCtx.setScope(new String[]{"scope1", "scope2"}); OAuth2AccessTokenRespDTO tokenRespDTO = handler.issue(tokReqMsgCtx); assertNotNull(tokenRespDTO.getAccessToken()); @@ -187,12 +188,14 @@ public void testIssue(boolean cacheEnabled, boolean cacheEntryAvailable, long ca @DataProvider(name = "AuthorizeAccessDelegationDataProvider") public Object[][] buildAuthorizeAccessDelegationDataProvider() { - return new Object[][] { { GrantType.SAML20_BEARER.toString() }, { GrantType.IWA_NTLM.toString() }, - { PASSWORD_GRANT } }; + + return new Object[][]{{GrantType.SAML20_BEARER.toString()}, {GrantType.IWA_NTLM.toString()}, + {PASSWORD_GRANT}}; } @Test(dataProvider = "AuthorizeAccessDelegationDataProvider") public void testAuthorizeAccessDelegation(String grantType) throws Exception { + Set callbackHandlerMetaData = new HashSet<>(); callbackHandlerMetaData.add(new OAuthCallbackHandlerMetaData(DEFAULT_CALLBACK_HANDLER_CLASS_NAME, null, 1)); @@ -207,7 +210,7 @@ public void testAuthorizeAccessDelegation(String grantType) throws Exception { oAuth2AccessTokenReqDTO.setGrantType(grantType); OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO); - tokReqMsgCtx.setScope(new String[] { "scope1", "scope2" }); + tokReqMsgCtx.setScope(new String[]{"scope1", "scope2"}); tokReqMsgCtx.setAuthorizedUser(authenticatedUser); boolean result = handler.authorizeAccessDelegation(tokReqMsgCtx); @@ -216,11 +219,12 @@ public void testAuthorizeAccessDelegation(String grantType) throws Exception { @DataProvider(name = "IsAuthorizedClientDataProvider") public Object[][] buildIsAuthorizedClient() { - return new Object[][] { - { true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString() + " " + PASSWORD_GRANT, - PASSWORD_GRANT, true }, - { true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString(), PASSWORD_GRANT, - false }, { true, null, PASSWORD_GRANT, false }, { false, null, PASSWORD_GRANT, false }, }; + + return new Object[][]{ + {true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString() + " " + PASSWORD_GRANT, + PASSWORD_GRANT, true}, + {true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString(), PASSWORD_GRANT, + false}, {true, null, PASSWORD_GRANT, false}, {false, null, PASSWORD_GRANT, false},}; } @Test(dataProvider = "IsAuthorizedClientDataProvider") @@ -232,7 +236,7 @@ public void testIsAuthorizedClient(boolean oAuthAppDOAvailable, String grantType oAuth2AccessTokenReqDTO.setGrantType(grantType); OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO); - tokReqMsgCtx.setScope(new String[] { "scope1", "scope2" }); + tokReqMsgCtx.setScope(new String[]{"scope1", "scope2"}); tokReqMsgCtx.setAuthorizedUser(authenticatedUser); if (oAuthAppDOAvailable) { @@ -251,7 +255,7 @@ public void testStoreAccessToken() throws IdentityException { AccessTokenDO newAccessTokenDO = new AccessTokenDO(); AccessTokenDO existingAccessTokenDO = new AccessTokenDO(); newAccessTokenDO.setAuthzUser(authenticatedUser); - newAccessTokenDO.setScope(new String[] { "scope1", "scope2" }); + newAccessTokenDO.setScope(new String[]{"scope1", "scope2"}); handler.storeAccessToken(oAuth2AccessTokenReqDTO, TestConstants.USERSTORE_DOMAIN, newAccessTokenDO, TestConstants.NEW_ACCESS_TOKEN, existingAccessTokenDO); @@ -319,15 +323,15 @@ public boolean canHandle(OAuthTokenReqMessageContext tokReqMsgCtx) { scopeHandlers.add(oAuth2ScopeHandler2); scopeHandlers.add(oAuth2ScopeHandler3); - return new Object[][] { { oAuthTokenReqMessageContext1, Collections.EMPTY_SET, true }, - { oAuthTokenReqMessageContext2, Collections.EMPTY_SET, true }, - { oAuthTokenReqMessageContext3, Collections.EMPTY_SET, true }, - { oAuthTokenReqMessageContext3, scopeHandlers, false } }; + return new Object[][]{{oAuthTokenReqMessageContext1, Collections.EMPTY_SET, true}, + {oAuthTokenReqMessageContext2, Collections.EMPTY_SET, true}, + {oAuthTokenReqMessageContext3, Collections.EMPTY_SET, true}, + {oAuthTokenReqMessageContext3, scopeHandlers, false}}; } @Test(dataProvider = "BuildTokenRequestMessageContext") public void testValidateScope(Object tokenRequestMessageContext, Set scopeHandlers, - boolean expectedValue) throws IdentityOAuth2Exception { + boolean expectedValue) throws IdentityOAuth2Exception { OAuthTokenReqMessageContext tokReqMsgCtx = (OAuthTokenReqMessageContext) tokenRequestMessageContext; OAuthServerConfiguration serverConfiguration = OAuthServerConfiguration.getInstance(); @@ -356,10 +360,10 @@ public Object[][] buildTokenRequestMsgContextForAuthorizedClient() { oAuthTokenReqMessageContext2.addProperty("OAuthAppDO", oAuthAppDO2); oAuthTokenReqMessageContext3.addProperty("OAuthAppDO", oAuthAppDO3); - return new Object[][] { { oAuthTokenReqMessageContext1, false, false }, - { oAuthTokenReqMessageContext1, true, false }, { oAuthTokenReqMessageContext2, false, true }, - { oAuthTokenReqMessageContext2, true, true }, { oAuthTokenReqMessageContext3, false, false }, - { oAuthTokenReqMessageContext3, true, false } }; + return new Object[][]{{oAuthTokenReqMessageContext1, false, false}, + {oAuthTokenReqMessageContext1, true, false}, {oAuthTokenReqMessageContext2, false, true}, + {oAuthTokenReqMessageContext2, true, true}, {oAuthTokenReqMessageContext3, false, false}, + {oAuthTokenReqMessageContext3, true, false}}; } @Test(dataProvider = "BuildTokenRequestMsgContextForAuthorizedClient") From 0b335d007feff6218379dbfde81e81e3f64ef1c6 Mon Sep 17 00:00:00 2001 From: malithie Date: Thu, 25 Jul 2024 14:00:34 +0530 Subject: [PATCH 69/90] Code formatting and improvements. --- .../action/PreIssueAccessTokenProcessor.java | 735 +++++++++++------- .../PreIssueAccessTokenRequestBuilder.java | 167 ++-- .../oauth/action/model/AccessToken.java | 13 +- .../oauth/action/model/ClaimPathInfo.java | 5 +- .../model/OperationExecutionResult.java | 44 ++ .../model/PreIssueAccessTokenEvent.java | 7 +- .../oauth/action/model/TokenRequest.java | 10 +- 7 files changed, 618 insertions(+), 363 deletions(-) create mode 100644 components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java index 3f8753aff0..6a1c6cbbb4 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java @@ -18,11 +18,11 @@ package org.wso2.carbon.identity.oauth.action; +import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.action.execution.ActionExecutionResponseProcessor; -import org.wso2.carbon.identity.action.execution.exception.ActionExecutionResponseProcessorException; import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; import org.wso2.carbon.identity.action.execution.model.ActionInvocationErrorResponse; import org.wso2.carbon.identity.action.execution.model.ActionInvocationSuccessResponse; @@ -31,6 +31,7 @@ import org.wso2.carbon.identity.action.execution.model.PerformableOperation; import org.wso2.carbon.identity.oauth.action.model.AccessToken; import org.wso2.carbon.identity.oauth.action.model.ClaimPathInfo; +import org.wso2.carbon.identity.oauth.action.model.OperationExecutionResult; import org.wso2.carbon.identity.oauth.action.model.PreIssueAccessTokenEvent; import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; @@ -43,31 +44,32 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; -@SuppressWarnings("unchecked") +/** + * This class is responsible for processing the response received from the action execution + * of the pre issue access token. + */ public class PreIssueAccessTokenProcessor implements ActionExecutionResponseProcessor { private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenProcessor.class); - - private static final String OPERATION_ADD = "add"; - private static final String OPERATION_REMOVE = "remove"; - private static final String OPERATION_REPLACE = "replace"; private static final String SCOPE_PATH_PREFIX = "/accessToken/scopes/"; private static final String CLAIMS_PATH_PREFIX = "/accessToken/claims/"; - private static final PreIssueAccessTokenProcessor instance = new PreIssueAccessTokenProcessor(); private static final Pattern NQCHAR_PATTERN = Pattern.compile("^[\\x21\\x23-\\x5B\\x5D-\\x7E]+$"); private static final Pattern STRING_OR_URI_PATTERN = - Pattern.compile("^([a-zA-Z][a-zA-Z0-9+.-]*://[^\\s/$.?#].[^\\s]*)|(^[a-zA-Z0-9.-]+$)"); + Pattern.compile("^([a-zA-Z][a-zA-Z0-9+.-]*://[^\\s/$.?#].\\S*)|(^[a-zA-Z0-9.-]+$)"); + private static final String LAST_ELEMENT_CHARACTER = "-"; + private static final char PATH_SEPARATOR = '/'; - public static PreIssueAccessTokenProcessor getInstance() { + @Override + public ActionType getSupportedActionType() { - return instance; + return ActionType.PRE_ISSUE_ACCESS_TOKEN; } @Override public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map eventContext, Event event, - ActionInvocationSuccessResponse actionInvocationSuccessResponse) - throws ActionExecutionResponseProcessorException { + ActionInvocationSuccessResponse + actionInvocationSuccessResponse) { OAuthTokenReqMessageContext tokenMessageContext = (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); @@ -76,18 +78,22 @@ public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map operationExecutionResultList = new ArrayList<>(); if (operationsToPerform != null) { for (PerformableOperation operation : operationsToPerform) { switch (operation.getOp()) { - case OPERATION_ADD: - handleAddOperation(operation, requestAccessToken, responseAccessTokenBuilder); + case ADD: + operationExecutionResultList.add( + handleAddOperation(operation, requestAccessToken, responseAccessTokenBuilder)); break; - case OPERATION_REMOVE: - handleRemoveOperation(operation, requestAccessToken, responseAccessTokenBuilder); + case REMOVE: + operationExecutionResultList.add( + handleRemoveOperation(operation, requestAccessToken, responseAccessTokenBuilder)); break; - case OPERATION_REPLACE: - handleReplaceOperation(operation, requestAccessToken, responseAccessTokenBuilder); + case REPLACE: + operationExecutionResultList.add( + handleReplaceOperation(operation, requestAccessToken, responseAccessTokenBuilder)); break; default: break; @@ -95,17 +101,37 @@ public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map operationExecutionResultList) { + + //todo: need to add to diagnostic logs + if (LOG.isDebugEnabled()) { + ObjectMapper objectMapper = new ObjectMapper(); + try { + String executionSummary = objectMapper.writeValueAsString(operationExecutionResultList); + LOG.debug(String.format("Processed response for action type: %s. Results of operations performed: %s", + actionType, executionSummary)); + } catch (JsonProcessingException e) { + LOG.debug("Error occurred while logging operation execution results.", e); + } + } + } + @Override public ActionExecutionStatus processErrorResponse(ActionType actionType, Map map, Event event, - ActionInvocationErrorResponse actionInvocationErrorResponse) - throws ActionExecutionResponseProcessorException { + ActionInvocationErrorResponse actionInvocationErrorResponse) { + //todo: need to implement to process the error so that if a processable error is received + // it is communicated to the client. + // we will look into this as we go along with other extension types validating the way to model this. return null; } @@ -114,9 +140,9 @@ private void updateTokenMessageContext(OAuthTokenReqMessageContext tokenMessageC tokenMessageContext.setScope(responseAccessToken.getScopes().toArray(new String[0])); - String expires_in_claim_name = CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(); + String expiresInClaimName = CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(); responseAccessToken.getClaims().stream() - .filter(claim -> expires_in_claim_name.equals(claim.getName())) + .filter(claim -> expiresInClaimName.equals(claim.getName())) .findFirst() .map(claim -> Long.parseLong(claim.getValue().toString()) * 1000) .ifPresent(tokenMessageContext::setValidityPeriod); @@ -144,382 +170,525 @@ private void updateTokenMessageContext(OAuthTokenReqMessageContext tokenMessageC tokenMessageContext.setPreIssueAccessTokenActionsExecuted(true); } - private void handleAddOperation(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult handleAddOperation(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { - List authorizedScopes = - responseAccessToken.getScopes() != null ? responseAccessToken.getScopes() : new ArrayList<>(); + return addScope(operation, responseAccessToken); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { + return addClaim(operation, requestAccessToken, responseAccessToken); + } - int index = validateIndex(operation.getPath(), authorizedScopes.size()); - if (index == -1) { - return; - } + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Unknown path."); + } - String scopeToAdd = operation.getValue().toString(); - if (validateNQChar(scopeToAdd) && !authorizedScopes.contains(scopeToAdd)) { - authorizedScopes.add(scopeToAdd); - LOG.info("Scope added. Scope : " + scopeToAdd); - } else { - //todo: add a diagnostic log indicating this is null - LOG.info("Scope exists or is null: " + scopeToAdd); - } + private OperationExecutionResult addScope(PerformableOperation operation, + AccessToken.Builder responseAccessToken) { - responseAccessToken.scopes(authorizedScopes); - } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { - addClaim(operation, requestAccessToken, responseAccessToken); + List authorizedScopes = + responseAccessToken.getScopes() != null ? responseAccessToken.getScopes() : new ArrayList<>(); + + int index = validateIndex(operation.getPath(), authorizedScopes.size()); + if (index == -1) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); + } + + String scopeToAdd = operation.getValue().toString(); + if (authorizedScopes.contains(scopeToAdd) || !validateNQChar(scopeToAdd)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Scope exists or is invalid."); } + + authorizedScopes.add(scopeToAdd); + responseAccessToken.scopes(authorizedScopes); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, "Scope added."); } - private void addClaim(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult addClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { List claims = requestAccessToken.getClaims(); if (claims == null || claims.isEmpty()) { - // todo: add a diagnostic log indicating there are no claims to replace - LOG.warn("No claims to replace"); - return; + // todo: not sure why this is here. If it's an add we don't need to check for empty claims rather just add. + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Claims not found."); } if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + return addAudience(operation, requestAccessToken, responseAccessToken); + } else { + return addToOtherClaims(operation, requestAccessToken, responseAccessToken); + } + } - AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { - List audienceList = (List) audience.getValue(); + private OperationExecutionResult addAudience(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - int index = validateIndex(operation.getPath(), audienceList.size()); - if (index == -1) { - return; - } + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); - String audienceToAdd = operation.getValue().toString(); - if (!isValidStringOrURI(audienceToAdd)) { - LOG.warn("Audience is invalid: " + audienceToAdd); - return; - } + int index = validateIndex(operation.getPath(), audienceList.size()); + if (index == -1) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); + } - AccessToken.Claim responseAudience = - responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - List responseAudienceList = (List) responseAudience.getValue(); - if (!responseAudienceList.contains(audienceToAdd)) { - responseAudienceList.add(audienceToAdd); - LOG.info("Audience added: " + audienceToAdd); - } else { - LOG.warn("Audience already exists: " + audienceToAdd); - } + String audienceToAdd = operation.getValue().toString(); + if (!isValidStringOrURI(audienceToAdd)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Audience is invalid."); } - } else { - int index = validateIndex(operation.getPath(), requestAccessToken.getClaims().size()); - if (index == -1) { - return; + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + if (responseAudienceList.contains(audienceToAdd)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Audience already exists."); } - Object claimToAdd = operation.getValue(); + responseAudienceList.add(audienceToAdd); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Audience added."); + } - ObjectMapper objectMapper = new ObjectMapper(); - try { - AccessToken.Claim claim = objectMapper.convertValue(claimToAdd, AccessToken.Claim.class); - if (requestAccessToken.getClaim(claim.getName()) != null) { - LOG.warn("An access token claim with the same name already exists: " + claim.getName()); - return; - } + //todo: In the add path it should be possible to add audience irrespective of the fact the access token + // included a set of audiences or not. Need to recheck this. + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Audience claim not found."); + } - Object claimValue = claim.getValue(); - if (!isValidClaimValue(claimValue, true)) { - LOG.warn("Claim value is of an invalid type: " + claimValue.getClass().getSimpleName()); - return; - } + private OperationExecutionResult addToOtherClaims(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + int index = validateIndex(operation.getPath(), requestAccessToken.getClaims().size()); + if (index == -1) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); + } + + Object claimToAdd = operation.getValue(); + ObjectMapper objectMapper = new ObjectMapper(); + try { + AccessToken.Claim claim = objectMapper.convertValue(claimToAdd, AccessToken.Claim.class); + if (requestAccessToken.getClaim(claim.getName()) != null) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "An access token claim already exists."); + } + Object claimValue = claim.getValue(); + if (isValidPrimitiveValue(claimValue) || isValidListValue(claimValue)) { responseAccessToken.addClaim(claim.getName(), claimValue); - LOG.info("Claim added: " + claim.getName() + " with value: " + claimValue); - } catch (IllegalArgumentException e) { - LOG.warn("Failed to convert the claim value to a primitive type: " + claimToAdd.getClass().getName(), - e); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, "Claim added."); + + } else { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid claim value."); } + } catch (IllegalArgumentException e) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid claim."); } } - private boolean isValidClaimValue(Object value, boolean isList) { + private OperationExecutionResult handleRemoveOperation(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - if (value instanceof String || value instanceof Number || value instanceof Boolean) { - return true; - } else if (isList && value instanceof List) { - List list = (List) value; - return list.stream().allMatch(item -> item instanceof String); + if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { + return removeScope(operation, requestAccessToken, responseAccessToken); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { + return removeClaim(operation, requestAccessToken, responseAccessToken); } - return false; + + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Unknown path."); } - private void handleRemoveOperation(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult removeScope(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { + if (requestAccessToken.getScopes() == null || requestAccessToken.getScopes().isEmpty()) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "No scopes to remove."); + } - if (requestAccessToken.getScopes() == null || requestAccessToken.getScopes().isEmpty()) { - // todo: add a diagnostic log indicating there are no scopes to remove - LOG.info("No scopes to remove"); - return; - } + int index = validateIndex(operation.getPath(), requestAccessToken.getScopes().size()); + if (index == -1) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); + } + + String scopeToRemove = requestAccessToken.getScopes().get(index); + boolean removed = responseAccessToken.getScopes().remove(scopeToRemove); + if (removed) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Scope removed."); + } else { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Failed to remove scope."); + } + } + + private OperationExecutionResult removeClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { + + List claims = requestAccessToken.getClaims(); + if (claims == null || claims.isEmpty()) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "No claims to remove."); + } + + if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + return removeAudience(operation, requestAccessToken, responseAccessToken); + } else { + return removeOtherClaims(operation, requestAccessToken, responseAccessToken); + } + } + + private OperationExecutionResult removeAudience(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - int index = validateIndex(operation.getPath(), requestAccessToken.getScopes().size()); + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); + + int index = validateIndex(operation.getPath(), audienceList.size()); if (index == -1) { - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); } - String scopeToRemove = requestAccessToken.getScopes().get(index); - boolean removed = responseAccessToken.getScopes().remove(scopeToRemove); + String audienceToRemove = audienceList.get(index); + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + boolean removed = responseAudienceList.remove(audienceToRemove); if (removed) { - // todo: add a diagnostic log to indicate scope is removed. - LOG.info("Scope is removed: " + scopeToRemove); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Audience removed."); } - - } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { - removeClaim(operation, requestAccessToken, responseAccessToken); } + + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Audience not found."); } - private void removeClaim(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult removeOtherClaims(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - List claims = requestAccessToken.getClaims(); + ClaimPathInfo claimPathInfo = parseOperationPath(operation.getPath()); + AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); + if (claim == null) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, "Claim not found."); + } - if (claims == null || claims.isEmpty()) { - // todo: add a diagnostic log indicating there are no claims to replace - LOG.warn("No claims to remove"); - return; + if (claimPathInfo.getIndex() != -1) { + return removeClaimValueAtIndexFromArrayTypeClaim(operation, claimPathInfo, claim, + responseAccessToken); + } else { + return removePrimitiveTypeClaim(operation, claimPathInfo, responseAccessToken); } + } - if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + private OperationExecutionResult removeClaimValueAtIndexFromArrayTypeClaim(PerformableOperation operation, + ClaimPathInfo claimPathInfo, + AccessToken.Claim claim, + AccessToken.Builder + responseAccessToken) { - AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { - List audienceList = (List) audience.getValue(); + if (!(claim.getValue() instanceof List)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Claim to remove the value from is not an array."); + } - int index = validateIndex(operation.getPath(), audienceList.size()); - if (index == -1) { - return; - } + List claimValueList = (List) claim.getValue(); + if (claimPathInfo.getIndex() < 0 || claimPathInfo.getIndex() >= claimValueList.size()) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); + } - String audienceToRemove = audienceList.get(index); + String claimValueToRemove = claimValueList.get(claimPathInfo.getIndex()); - AccessToken.Claim responseAudience = - responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - List responseAudienceList = (List) responseAudience.getValue(); - boolean removed = responseAudienceList.remove(audienceToRemove); - if (removed) { - LOG.info("Audience removed: " + audienceToRemove); - } - } - } else { + AccessToken.Claim claimInResponse = + responseAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueListInResponse = (List) claimInResponse.getValue(); + boolean removed = claimValueListInResponse.remove(claimValueToRemove); - String operationPath = operation.getPath(); - ClaimPathInfo claimPathInfo = parseOperationPath(operationPath); - - if (requestAccessToken.getClaim(claimPathInfo.getClaimName()) != null) { - if (claimPathInfo.getIndex() != -1) { - AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); - List claimValueList = (List) claim.getValue(); - if (claimPathInfo.getIndex() >= 0 && claimPathInfo.getIndex() < claimValueList.size()) { - String claimValueToRemove = claimValueList.get(claimPathInfo.getIndex()); - - AccessToken.Claim claimInResponse = responseAccessToken.getClaim(claimPathInfo.getClaimName()); - List claimValueListInResponse = (List) claimInResponse.getValue(); - boolean removed = claimValueListInResponse.remove(claimValueToRemove); - if (removed) { - LOG.info("Claim value from claim removed. Claim: " + claimPathInfo.getClaimName() + - " Claim value: " + claimValueToRemove); - } - } else { - LOG.warn("Index is out of bounds for claim. Claim: " + claimPathInfo.getClaimName() + - " Index: " + claimPathInfo.getIndex()); - } - } else { - boolean claimRemoved = responseAccessToken.getClaims() - .removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); - if (claimRemoved) { - LOG.info("Claim removed: " + claimPathInfo.getClaimName()); - } - } - } + if (removed) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Claim value removed."); + } else { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Failed to remove claim value."); } } - public ClaimPathInfo parseOperationPath(String operationPath) { + private OperationExecutionResult removePrimitiveTypeClaim(PerformableOperation operation, + ClaimPathInfo claimPathInfo, + AccessToken.Builder responseAccessToken) { - String[] pathSegments = operationPath.split("/"); - String lastSegment = pathSegments[pathSegments.length - 1]; - String claimName; - int index = -1; + boolean claimRemoved = + responseAccessToken.getClaims().removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); - try { - // Attempt to parse the last segment as an integer to check if it's an index - index = Integer.parseInt(lastSegment); - // If parsing succeeds, the last segment is an index, so the claim name is the second last segment - claimName = pathSegments[pathSegments.length - 2]; - } catch (NumberFormatException e) { - // If parsing fails, the last segment is not an index, so it's the claim name itself - claimName = lastSegment; + if (claimRemoved) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Claim removed."); + } else { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Failed to remove claim."); } - - return new ClaimPathInfo(claimName, index); } - private void handleReplaceOperation(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult handleReplaceOperation(PerformableOperation operation, + AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { if (operation.getPath().startsWith(SCOPE_PATH_PREFIX)) { - replaceScope(operation, requestAccessToken, responseAccessToken); + return replaceScope(operation, requestAccessToken, responseAccessToken); } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX)) { - replaceClaim(operation, requestAccessToken, responseAccessToken); + return replaceClaim(operation, requestAccessToken, responseAccessToken); } + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Unknown path."); } - private void replaceScope(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult replaceScope(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { List scopes = requestAccessToken.getScopes(); if (scopes == null || scopes.isEmpty()) { - LOG.warn("Attempted to replace a scope, but no scopes are available."); - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "No scopes."); } int index = validateIndex(operation.getPath(), scopes.size()); if (index == -1) { - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); } String scopeToAdd = operation.getValue().toString(); if (!validateNQChar(scopeToAdd)) { - LOG.warn("Scope is invalid: " + scopeToAdd); - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid scope."); } if (scopes.contains(scopeToAdd)) { - LOG.warn("Scope already exists: " + scopeToAdd); - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Scope already exists."); } String scopeToReplace = scopes.get(index); responseAccessToken.getScopes().remove(scopeToReplace); responseAccessToken.getScopes().add(scopeToAdd); - LOG.info("Scope replaced: " + scopeToReplace + " with " + scopeToAdd); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, "Scope replaced."); } - private void replaceClaim(PerformableOperation operation, AccessToken requestAccessToken, - AccessToken.Builder responseAccessToken) { + private OperationExecutionResult replaceClaim(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { List claims = requestAccessToken.getClaims(); if (claims == null || claims.isEmpty()) { - // todo: add a diagnostic log indicating there are no claims to replace - LOG.warn("No claims to replace"); - return; + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "No claims to replace."); } if (operation.getPath().equals(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName())) { - long expiresIn; - try { - expiresIn = Long.parseLong(operation.getValue().toString()); - } catch (NumberFormatException e) { - LOG.warn("Invalid expiry time format: " + operation.getValue().toString(), e); - return; - } + return replaceExpiresIn(operation, responseAccessToken); + } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + return replaceAudience(operation, requestAccessToken, responseAccessToken); + } else { + return replaceOtherClaims(operation, requestAccessToken, responseAccessToken); + } + } - if (expiresIn <= 0) { - LOG.warn("Invalid expiry time: must be positive, but was " + expiresIn); - return; - } + private OperationExecutionResult replaceExpiresIn(PerformableOperation operation, + AccessToken.Builder responseAccessToken) { - responseAccessToken.getClaims().removeIf( - claim -> claim.getName().equals(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName())); - responseAccessToken.addClaim(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(), expiresIn); - LOG.info("Expiry time claim replaced with: " + expiresIn); - } else if (operation.getPath().startsWith(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName())) { + long expiresIn; + try { + expiresIn = Long.parseLong(operation.getValue().toString()); + } catch (NumberFormatException e) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid expiry time format."); + } - AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { - List audienceList = (List) audience.getValue(); + if (expiresIn <= 0) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid expiry time. Must be positive."); + } - int index = validateIndex(operation.getPath(), audienceList.size()); - if (index == -1) { - return; - } + responseAccessToken.getClaims().removeIf( + claim -> claim.getName() + .equals(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName())); + responseAccessToken.addClaim(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName(), + expiresIn); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Expiry time updated."); + } - String audienceToAdd = operation.getValue().toString(); - if (!isValidStringOrURI(audienceToAdd)) { - LOG.warn("Audience is invalid: " + audienceToAdd); - return; - } + private OperationExecutionResult replaceOtherClaims(PerformableOperation operation, AccessToken requestAccessToken, + AccessToken.Builder responseAccessToken) { - if (audienceList.contains(audienceToAdd)) { - LOG.warn("Audience already exists: " + audienceToAdd); - return; - } + ClaimPathInfo claimPathInfo = parseOperationPath(operation.getPath()); + AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); - String audienceToReplace = audienceList.get(index); + if (claim == null) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Claim not found."); + } - AccessToken.Claim responseAudience = - responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); - List responseAudienceList = (List) responseAudience.getValue(); - responseAudienceList.remove(audienceToReplace); - responseAudienceList.add(audienceToAdd); + if (claimPathInfo.getIndex() != -1) { + return replaceClaimValueAtIndexFromArrayTypeClaim(operation, claimPathInfo, claim, responseAccessToken); + } else { + return replacePrimitiveTypeClaim(operation, claimPathInfo, responseAccessToken); + } + } - LOG.info("Audience replaced: " + audienceToReplace + " with " + audienceToAdd); - } + private OperationExecutionResult replaceClaimValueAtIndexFromArrayTypeClaim(PerformableOperation operation, + ClaimPathInfo claimPathInfo, + AccessToken.Claim claim, + AccessToken.Builder + responseAccessToken) { + + if (!(claim.getValue() instanceof List)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Claim to replace the value is not an array."); + } + + List claimValueList = (List) claim.getValue(); + if (claimPathInfo.getIndex() < 0 || claimPathInfo.getIndex() >= claimValueList.size()) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, "Invalid index."); + } + + Object claimValue = operation.getValue(); + if (!isValidPrimitiveValue(claimValue)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid claim value. Must be a valid string, number or boolean."); + } + + // Replace claim value in the response access token + AccessToken.Claim claimInResponse = responseAccessToken.getClaim(claimPathInfo.getClaimName()); + List claimValueListInResponse = (List) claimInResponse.getValue(); + String claimToReplace = claimValueList.get(claimPathInfo.getIndex()); + if (claimValueListInResponse.contains(claimValue.toString())) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Claim value already exists."); + } + claimValueListInResponse.remove(claimToReplace); + claimValueListInResponse.add(claimValue.toString()); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Claim value replaced."); + } + + private OperationExecutionResult replacePrimitiveTypeClaim(PerformableOperation operation, + ClaimPathInfo claimPathInfo, + AccessToken.Builder responseAccessToken) { + + boolean claimRemoved = responseAccessToken.getClaims() + .removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); + if (claimRemoved) { + responseAccessToken.addClaim(claimPathInfo.getClaimName(), + operation.getValue()); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Claim replaced."); } else { - String operationPath = operation.getPath(); - ClaimPathInfo claimPathInfo = parseOperationPath(operationPath); - - if (requestAccessToken.getClaim(claimPathInfo.getClaimName()) != null) { - if (claimPathInfo.getIndex() != -1) { - AccessToken.Claim claim = requestAccessToken.getClaim(claimPathInfo.getClaimName()); - List claimValueList = (List) claim.getValue(); - if (claimPathInfo.getIndex() >= 0 && claimPathInfo.getIndex() < claimValueList.size()) { - String claimToReplace = claimValueList.get(claimPathInfo.getIndex()); - - Object claimValue = operation.getValue(); - if (!isValidClaimValue(claimValue, false)) { - LOG.warn("Claim value is of an invalid type: " + claimValue.getClass().getSimpleName()); - return; - } - - AccessToken.Claim claimInResponse = responseAccessToken.getClaim(claimPathInfo.getClaimName()); - List claimValueListInResponse = (List) claimInResponse.getValue(); - - if (claimValueListInResponse.contains(claimValue.toString())) { - LOG.warn("Claim value already exists: " + claimValue); - return; - } - - claimValueListInResponse.remove(claimToReplace); - claimValueListInResponse.add(claimValue.toString()); - LOG.info("Claim value from claim replaced. Claim: " + claimPathInfo.getClaimName() + - " Replaced: " + claimToReplace + " with: " + claimValue); - } else { - LOG.warn("Index is out of bounds for claim. Claim: " + claimPathInfo.getClaimName() + - " Index: " + claimPathInfo.getIndex()); - } - } else { - boolean claimRemoved = responseAccessToken.getClaims() - .removeIf(claim -> claim.getName().equals(claimPathInfo.getClaimName())); - if (claimRemoved) { - responseAccessToken.addClaim(claimPathInfo.getClaimName(), - operation.getValue()); - LOG.info("Claim removed: " + claimPathInfo.getClaimName()); - } - } + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Failed to replace claim."); + } + } + + private OperationExecutionResult replaceAudience(PerformableOperation operation, AccessToken + requestAccessToken, + AccessToken.Builder responseAccessToken) { + + AccessToken.Claim audience = requestAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + if (audience != null && audience.getValue() != null && audience.getValue() instanceof List) { + List audienceList = (List) audience.getValue(); + + int index = validateIndex(operation.getPath(), audienceList.size()); + if (index == -1) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid index."); } + + String audienceToAdd = operation.getValue().toString(); + if (!isValidStringOrURI(audienceToAdd)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Invalid Audience. Must be a valid string or URI."); + } + + if (audienceList.contains(audienceToAdd)) { + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Audience to replace already exists."); + } + + String audienceToReplace = audienceList.get(index); + + AccessToken.Claim responseAudience = + responseAccessToken.getClaim(AccessToken.ClaimNames.AUD.getName()); + List responseAudienceList = (List) responseAudience.getValue(); + responseAudienceList.remove(audienceToReplace); + responseAudienceList.add(audienceToAdd); + return new OperationExecutionResult(operation, OperationExecutionResult.Status.SUCCESS, + "Audience replaced."); + } + + return new OperationExecutionResult(operation, OperationExecutionResult.Status.FAILURE, + "Audience claim not found."); + } + + private ClaimPathInfo parseOperationPath(String operationPath) { + + String[] pathSegments = operationPath.split("/"); + String lastSegment = pathSegments[pathSegments.length - 1]; + String claimName; + int index = -1; + + try { + // Attempt to parse the last segment as an integer to check if it's an index + index = Integer.parseInt(lastSegment); + // If parsing succeeds, the last segment is an index, so the claim name is the second last segment + claimName = pathSegments[pathSegments.length - 2]; + } catch (NumberFormatException e) { + // If parsing fails, the last segment is not an index, so it's the claim name itself + claimName = lastSegment; } + + return new ClaimPathInfo(claimName, index); + } + + private boolean isValidPrimitiveValue(Object value) { + + return value instanceof String || value instanceof Number || value instanceof Boolean; + } + + private boolean isValidListValue(Object value) { + + if (!(value instanceof List)) { + return false; + } + List list = (List) value; + return list.stream().allMatch(item -> item instanceof String); } private int validateIndex(String operationPath, int listSize) { - String indexPart = operationPath.substring(operationPath.lastIndexOf('/') + 1); - if ("-".equals(indexPart)) { + String indexPart = operationPath.substring(operationPath.lastIndexOf(PATH_SEPARATOR) + 1); + if (LAST_ELEMENT_CHARACTER.equals(indexPart)) { return listSize > 0 ? listSize - 1 : 0; } + try { int index = Integer.parseInt(indexPart); if (index >= 0 && index < listSize) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index 184d303251..3cabca6256 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -27,6 +27,7 @@ import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.action.execution.model.AllowedOperation; import org.wso2.carbon.identity.action.execution.model.Event; +import org.wso2.carbon.identity.action.execution.model.Operation; import org.wso2.carbon.identity.action.execution.model.Organization; import org.wso2.carbon.identity.action.execution.model.Request; import org.wso2.carbon.identity.action.execution.model.Tenant; @@ -61,16 +62,18 @@ import java.util.stream.Collectors; /** - * Event builder for PreIssueATEvent. + * This class is responsible for building the action execution request for the pre issue access token action. */ public class PreIssueAccessTokenRequestBuilder implements ActionExecutionRequestBuilder { private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenRequestBuilder.class); - private static final PreIssueAccessTokenRequestBuilder instance = new PreIssueAccessTokenRequestBuilder(); + public static final String CLAIMS_PATH_PREFIX = "/accessToken/claims/"; + public static final String SCOPES_PATH_PREFIX = "/accessToken/scopes/"; - public static PreIssueAccessTokenRequestBuilder getInstance() { + @Override + public ActionType getSupportedActionType() { - return instance; + return ActionType.PRE_ISSUE_ACCESS_TOKEN; } @Override @@ -97,26 +100,14 @@ private Event getEvent(OAuthTokenReqMessageContext tokenMessageContext, Map claimsToAdd) + private boolean isAccessTokenAuthorizedForUser(String grantType, OAuthTokenReqMessageContext tokReqMsgCtx) + throws ActionExecutionRequestBuilderException { + + AuthorizationGrantHandler grantHandler = + OAuthServerConfiguration.getInstance().getSupportedGrantTypes().get(grantType); + + try { + return grantHandler.isOfTypeApplicationUser(tokReqMsgCtx); + } catch (IdentityOAuth2Exception e) { + throw new ActionExecutionRequestBuilderException( + "Failed to determine the authorized entity of the token for grant type: " + + grantType, e); + } + } + + private AccessToken getAccessToken(OAuthTokenReqMessageContext + tokenMessageContext, Map claimsToAdd) throws ActionExecutionRequestBuilderException { try { @@ -159,29 +180,18 @@ private AccessToken getAccessToken(OAuthTokenReqMessageContext tokenMessageConte List audience = getAudience(tokenMessageContext, oAuthAppDO); String tokenType = oAuthAppDO.getTokenType(); - AccessToken.Builder accessTokenBuilder = new AccessToken.Builder() - .tokenType(tokenType) - .addClaim(AccessToken.ClaimNames.ISS.getName(), issuer) - .addClaim(AccessToken.ClaimNames.CLIENT_ID.getName(), - tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId()) - .addClaim(AccessToken.ClaimNames.AUTHORIZED_USER_TYPE.getName(), - String.valueOf(tokenMessageContext.getProperty(OAuthConstants.UserType.USER_TYPE))) - .addClaim(AccessToken.ClaimNames.EXPIRES_IN.getName(), - tokenMessageContext.getValidityPeriod() / 1000) - .addClaim(AccessToken.ClaimNames.AUD.getName(), audience) - .scopes(Arrays.asList(tokenMessageContext.getScope())); + AccessToken.Builder accessTokenBuilder = new AccessToken.Builder(); + handleStandardClaims(tokenMessageContext, tokenType, issuer, audience, accessTokenBuilder); handleSubjectClaim(tokenMessageContext.getAuthorizedUser(), oAuthAppDO, accessTokenBuilder); handleTokenBindingClaims(tokenMessageContext, accessTokenBuilder); claimsToAdd.forEach(accessTokenBuilder::addClaim); - return accessTokenBuilder.build(); } catch (IdentityOAuth2Exception | InvalidOAuthClientException e) { - String errorMessage = String.format( - "Failed to generate pre issue access token action request. Application: %s. Grant type: %s. Error: %s.", - tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId(), - tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); - throw new ActionExecutionRequestBuilderException(errorMessage, e); + throw new ActionExecutionRequestBuilderException( + "Failed to generate pre issue access token action request for application: " + + tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId() + " grant type: " + + tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e); } } @@ -207,6 +217,21 @@ private List getAudience(OAuthTokenReqMessageContext tokenMessageContext } } + private void handleStandardClaims(OAuthTokenReqMessageContext tokenMessageContext, String tokenType, + String issuer, List audience, AccessToken.Builder accessTokenBuilder) { + + accessTokenBuilder.tokenType(tokenType) + .addClaim(AccessToken.ClaimNames.ISS.getName(), issuer) + .addClaim(AccessToken.ClaimNames.CLIENT_ID.getName(), + tokenMessageContext.getOauth2AccessTokenReqDTO().getClientId()) + .addClaim(AccessToken.ClaimNames.AUTHORIZED_USER_TYPE.getName(), + String.valueOf(tokenMessageContext.getProperty(OAuthConstants.UserType.USER_TYPE))) + .addClaim(AccessToken.ClaimNames.EXPIRES_IN.getName(), + tokenMessageContext.getValidityPeriod() / 1000) + .addClaim(AccessToken.ClaimNames.AUD.getName(), audience) + .scopes(Arrays.asList(tokenMessageContext.getScope())); + } + private void handleSubjectClaim(AuthenticatedUser authorizedUser, OAuthAppDO oAuthAppDO, AccessToken.Builder accessTokenBuilder) throws IdentityOAuth2Exception { @@ -238,10 +263,9 @@ private Map getAdditionalClaimsToAddToToken(OAuthTokenReqMessage claimsCallBackHandler.handleCustomClaims(new JWTClaimsSet.Builder(), tokenMessageContext); return Optional.ofNullable(claimsSet).map(JWTClaimsSet::getClaims).orElseGet(HashMap::new); } catch (IdentityOAuth2Exception e) { - String errorMessage = - String.format("Failed to retrieve OIDC claim set for the access token. Grant type: %s Error: %s", - tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e.getMessage()); - throw new ActionExecutionRequestBuilderException(errorMessage, e); + throw new ActionExecutionRequestBuilderException( + "Failed to retrieve OIDC claim set for the access token for grant type: " + + tokenMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), e); } } @@ -256,38 +280,46 @@ private void handleTokenBindingClaims(OAuthTokenReqMessageContext tokenMessageCo } } - //todo: revalidate further - private List getAllowedOperations(Map oidcClaims) { + public List getAllowedOperations(Map oidcClaims) { + + List removeOrReplacePaths = getRemoveOrReplacePaths(oidcClaims); + + List replacePaths = new ArrayList<>(removeOrReplacePaths); + replacePaths.add(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.EXPIRES_IN.getName()); + + AllowedOperation addOperation = + createAllowedOperation(Operation.ADD, Arrays.asList(CLAIMS_PATH_PREFIX, SCOPES_PATH_PREFIX, + CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName() + "/")); + AllowedOperation removeOperation = createAllowedOperation(Operation.REMOVE, removeOrReplacePaths); + AllowedOperation replaceOperation = createAllowedOperation(Operation.REPLACE, replacePaths); + + return Arrays.asList(addOperation, removeOperation, replaceOperation); + } + + private List getRemoveOrReplacePaths(Map oidcClaims) { List removeOrReplacePaths = oidcClaims.entrySet().stream() .filter(entry -> entry.getValue() instanceof String || entry.getValue() instanceof Number || entry.getValue() instanceof Boolean || entry.getValue() instanceof List || entry.getValue() instanceof String[]) - .map(entry -> { - String path = "/accessToken/claims/" + entry.getKey(); - if (entry.getValue() instanceof List || entry.getValue() instanceof String[]) { - path += "/"; - } - return path; - }) + .map(this::generatePathForClaim) .collect(Collectors.toList()); - removeOrReplacePaths.add("/accessToken/scopes/"); - removeOrReplacePaths.add("/accessToken/claims/" + AccessToken.ClaimNames.AUD.getName() + "/"); - - List replacePaths = new ArrayList<>(removeOrReplacePaths); - replacePaths.add("/accessToken/claims/" + AccessToken.ClaimNames.EXPIRES_IN.getName()); + removeOrReplacePaths.add(SCOPES_PATH_PREFIX); + removeOrReplacePaths.add(CLAIMS_PATH_PREFIX + AccessToken.ClaimNames.AUD.getName() + "/"); + return removeOrReplacePaths; + } - AllowedOperation addOperation = - createAllowedOperation("add", Arrays.asList("/accessToken/claims/", "/accessToken/scopes/", - "/accessToken/claims/" + AccessToken.ClaimNames.AUD.getName() + "/")); - AllowedOperation removeOperation = createAllowedOperation("remove", removeOrReplacePaths); - AllowedOperation replaceOperation = createAllowedOperation("replace", replacePaths); + private String generatePathForClaim(Map.Entry entry) { - return Arrays.asList(addOperation, removeOperation, replaceOperation); + String basePath = CLAIMS_PATH_PREFIX + entry.getKey(); + if (entry.getValue() instanceof List || entry.getValue() instanceof String[]) { + basePath += "/"; + } + return basePath; } - private AllowedOperation createAllowedOperation(String op, List paths) { + private AllowedOperation createAllowedOperation(Operation op, List paths) { AllowedOperation operation = new AllowedOperation(); operation.setOp(op); @@ -295,19 +327,4 @@ private AllowedOperation createAllowedOperation(String op, List paths) { return operation; } - private boolean isAccessTokenAuthorizedForUser(String grantType, OAuthTokenReqMessageContext tokReqMsgCtx) - throws ActionExecutionRequestBuilderException { - - AuthorizationGrantHandler grantHandler = - OAuthServerConfiguration.getInstance().getSupportedGrantTypes().get(grantType); - - try { - return grantHandler.isOfTypeApplicationUser(tokReqMsgCtx); - } catch (IdentityOAuth2Exception e) { - String errorMessage = - String.format("Failed to determine the authorized entity of the token. Grant type: %s Error: %s", - grantType, e.getMessage()); - throw new ActionExecutionRequestBuilderException(errorMessage, e.getCause()); - } - } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java index d3b5f80f24..48ae530055 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/AccessToken.java @@ -26,7 +26,8 @@ import java.util.stream.Collectors; /** - * AccessToken. + * This class represents the model of the access token sent in the json request + * to the API endpoint of the pre issue access token action. */ public class AccessToken { @@ -77,6 +78,9 @@ public AccessToken.Builder copy() { .claims(this.claims.stream().map(Claim::copy).collect(Collectors.toList())); } + /** + * Enum for standard claim names. + */ public enum ClaimNames { SUB("sub"), @@ -109,6 +113,9 @@ public String getName() { } } + /** + * Model class for claims. + */ public static class Claim { private String name; @@ -172,9 +179,11 @@ private Object deepCopyValue(Object value) { return value; } } - } + /** + * Builder for AccessToken. + */ public static class Builder { private String tokenType; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java index df44678dfe..e2d4e21698 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/ClaimPathInfo.java @@ -18,6 +18,10 @@ package org.wso2.carbon.identity.oauth.action.model; +/** + * This class is used to identify the claim and the index of the value of the claim to be updated in the + * {@link AccessToken}. The claim value of the {@link AccessToken} is an array in this case. + */ public class ClaimPathInfo { private final String claimName; @@ -38,5 +42,4 @@ public int getIndex() { return index; } - } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java new file mode 100644 index 0000000000..687c63a630 --- /dev/null +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java @@ -0,0 +1,44 @@ +package org.wso2.carbon.identity.oauth.action.model; + +import org.wso2.carbon.identity.action.execution.model.PerformableOperation; + +/** + * This class represents the result of the execution of an operation. + * It contains the operation that was executed, the status of the execution and a message. + * This is used to summarize the operations performed based on action response. + */ +public class OperationExecutionResult { + + private final PerformableOperation operation; + private final Status status; + private final String message; + + public OperationExecutionResult(PerformableOperation operation, Status status, String message) { + + this.operation = operation; + this.status = status; + this.message = message; + } + + public PerformableOperation getOperation() { + + return operation; + } + + public Status getStatus() { + + return status; + } + + public String getMessage() { + + return message; + } + + /** + * Enum to represent the status of the operation execution. + */ + public enum Status { + SUCCESS, FAILURE + } +} diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java index f783aa387b..631451c56c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/PreIssueAccessTokenEvent.java @@ -26,7 +26,9 @@ import org.wso2.carbon.identity.action.execution.model.UserStore; /** - * PreIssueATEvent. + * This class models the event at a pre issue access token trigger. + * PreIssueAccessTokenEvent is the entity that represents the event that is sent to the Action + * over {@link org.wso2.carbon.identity.action.execution.model.ActionExecutionRequest}. */ public class PreIssueAccessTokenEvent extends Event { @@ -47,6 +49,9 @@ public AccessToken getAccessToken() { return accessToken; } + /** + * Builder for the PreIssueAccessTokenEvent. + */ public static class Builder { private AccessToken accessToken; diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java index e7ecc97a39..2c82e84b29 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java @@ -25,6 +25,11 @@ import java.util.List; import java.util.Map; +/** + * This class models the request at a pre issue access token trigger. + * TokenRequest is the entity that represents the request that is sent to Action + * over {@link org.wso2.carbon.identity.action.execution.model.ActionExecutionRequest}. + */ public class TokenRequest extends Request { private static final List headersToAvoid = new ArrayList<>(); @@ -87,6 +92,9 @@ public List getScopes() { return scopes; } + /** + * Builder for TokenRequest. + */ public static class Builder { private final Map additionalHeaders = new HashMap<>(); @@ -141,4 +149,4 @@ public TokenRequest build() { return new TokenRequest(this); } } -} \ No newline at end of file +} From fa2f791169284816e502615c7a89769aa9697dc9 Mon Sep 17 00:00:00 2001 From: malithie Date: Thu, 25 Jul 2024 14:01:49 +0530 Subject: [PATCH 70/90] Added validations to invoke the action. --- .../AbstractAuthorizationGrantHandler.java | 41 +++++++++++----- .../handlers/grant/RefreshGrantHandler.java | 47 ++++++++++++------- 2 files changed, 60 insertions(+), 28 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java index 7cff96078f..bbb4854007 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java @@ -27,6 +27,7 @@ import org.apache.oltu.oauth2.common.message.types.GrantType; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; @@ -73,6 +74,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; import java.util.UUID; import java.util.function.Consumer; @@ -461,23 +463,25 @@ private OAuth2AccessTokenRespDTO generateNewAccessToken(OAuthTokenReqMessageCont private void executePreIssueAccessTokenActions(OAuthTokenReqMessageContext tokenReqMessageContext) throws IdentityOAuth2Exception { - //todo: read from Action Management Service and check if there are actions to engage - boolean preIssueAccessTokenActionAvailable = true; - - OAuthAppDO oAuthAppBean = getoAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); - - if (preIssueAccessTokenActionAvailable && "JWT".equals(oAuthAppBean.getTokenType())) { + if (checkExecutePreIssueAccessTokensActions(tokenReqMessageContext)) { Map additionalProperties = new HashMap<>(); - Consumer> mapInitializer = map -> { - map.put("tokenMessageContext", tokenReqMessageContext); - }; + Consumer> mapInitializer = + map -> map.put("tokenMessageContext", tokenReqMessageContext); mapInitializer.accept(additionalProperties); try { - OAuthComponentServiceHolder.getInstance().getActionExecutorService() - .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, - IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); + ActionExecutionStatus executionStatus = + OAuthComponentServiceHolder.getInstance().getActionExecutorService() + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, + IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); + if (log.isDebugEnabled()) { + log.debug(String.format( + "Invoked pre issue access token action for clientID: %s grant types: %s. Status: %s", + tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId(), + tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), + Optional.ofNullable(executionStatus).isPresent() ? executionStatus.getStatus() : "NA")); + } } catch (ActionExecutionException e) { // If error ignore and proceed log.error("Error while executing pre issue access token action", e); @@ -485,6 +489,19 @@ private void executePreIssueAccessTokenActions(OAuthTokenReqMessageContext token } } + private boolean checkExecutePreIssueAccessTokensActions(OAuthTokenReqMessageContext tokenReqMessageContext) + throws IdentityOAuth2Exception { + + OAuthAppDO oAuthAppBean = getoAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); + String grantType = tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(); + + // Allow for following grant types and for JWT access tokens only. + return (OAuthConstants.GrantTypes.AUTHORIZATION_CODE.equals(grantType) || + OAuthConstants.GrantTypes.CLIENT_CREDENTIALS.equals(grantType) || + OAuthConstants.GrantTypes.PASSWORD.equals(grantType) || + OAuthConstants.GrantTypes.REFRESH_TOKEN.equals(grantType)) && "JWT".equals(oAuthAppBean.getTokenType()); + } + private boolean isExistingTokenValid(AccessTokenDO existingTokenBean, long expireTime) { if (TOKEN_STATE_ACTIVE.equals(existingTokenBean.getTokenState()) && expireTime != 0) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java index be55ed56e7..414dc534ed 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java @@ -25,6 +25,7 @@ import org.apache.commons.logging.LogFactory; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.wso2.carbon.identity.action.execution.exception.ActionExecutionException; +import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; import org.wso2.carbon.identity.action.execution.model.ActionType; import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException; import org.wso2.carbon.identity.base.IdentityConstants; @@ -122,7 +123,7 @@ public OAuth2AccessTokenRespDTO issue(OAuthTokenReqMessageContext tokReqMsgCtx) tokReqMsgCtx.setValidityPeriod(validationBean.getAccessTokenValidityInMillis()); - executePreIssueAccessTokenActions(validationBean,tokReqMsgCtx); + executePreIssueAccessTokenActions(validationBean, tokReqMsgCtx); AccessTokenDO accessTokenBean = getRefreshTokenGrantProcessor() .createAccessTokenBean(tokReqMsgCtx, tokenReq, validationBean, getTokenType(tokReqMsgCtx)); @@ -680,25 +681,27 @@ private void executePreIssueAccessTokenActions(RefreshTokenValidationDataDO refr OAuthTokenReqMessageContext tokenReqMessageContext) throws IdentityOAuth2Exception { - //todo: read from Action Management Service and check if there are actions to engage - boolean preIssueAccessTokenActionAvailable = true; - - OAuthAppDO oAuthAppBean = getOAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); - - if (preIssueAccessTokenActionAvailable && "JWT".equals(oAuthAppBean.getTokenType())) { + if (checkExecutePreIssueAccessTokensActions(refreshTokenValidationDataDO, tokenReqMessageContext)) { setCustomizedAccessTokenAttributesToMessageContext(refreshTokenValidationDataDO, tokenReqMessageContext); Map additionalProperties = new HashMap<>(); - Consumer> mapInitializer = map -> { - map.put("tokenMessageContext", tokenReqMessageContext); - }; + Consumer> mapInitializer = + map -> map.put("tokenMessageContext", tokenReqMessageContext); mapInitializer.accept(additionalProperties); try { - OAuthComponentServiceHolder.getInstance().getActionExecutorService() - .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, - IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); + ActionExecutionStatus executionStatus = + OAuthComponentServiceHolder.getInstance().getActionExecutorService() + .execute(ActionType.PRE_ISSUE_ACCESS_TOKEN, additionalProperties, + IdentityTenantUtil.getTenantDomain(IdentityTenantUtil.getLoginTenantId())); + if (log.isDebugEnabled()) { + log.debug(String.format( + "Invoked pre issue access token action for clientID: %s grant types: %s. Status: %s", + tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId(), + tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), + Optional.ofNullable(executionStatus).isPresent() ? executionStatus.getStatus() : "NA")); + } } catch (ActionExecutionException e) { // If error ignore and proceed log.error("Error while executing pre issue access token action", e); @@ -706,6 +709,19 @@ private void executePreIssueAccessTokenActions(RefreshTokenValidationDataDO refr } } + private boolean checkExecutePreIssueAccessTokensActions(RefreshTokenValidationDataDO refreshTokenValidationDataDO, + OAuthTokenReqMessageContext tokenReqMessageContext) + throws IdentityOAuth2Exception { + + OAuthAppDO oAuthAppBean = getOAuthApp(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId()); + String grantType = refreshTokenValidationDataDO.getGrantType(); + + // Allow if refresh token is issued for token requests from following grant types and, + // for JWT access tokens only. + return (OAuthConstants.GrantTypes.AUTHORIZATION_CODE.equals(grantType) || + OAuthConstants.GrantTypes.PASSWORD.equals(grantType)) && "JWT".equals(oAuthAppBean.getTokenType()); + } + private void setCustomizedAccessTokenAttributesToMessageContext(RefreshTokenValidationDataDO refreshTokenData, OAuthTokenReqMessageContext tokenRequestContext) { @@ -718,9 +734,8 @@ private void setCustomizedAccessTokenAttributesToMessageContext(RefreshTokenVali tokenRequestContext.setAdditionalAccessTokenClaims(grantCacheEntry.getCustomClaims()); tokenRequestContext.setAudiences(grantCacheEntry.getAudiences()); if (log.isDebugEnabled()) { - log.debug(String.format( - "Updated OAuthTokenReqMessageContext with customized audience list and access token attributes in the AuthorizationGrantCache for token id: %s.", - refreshTokenData.getTokenId())); + log.debug("Updated OAuthTokenReqMessageContext with customized audience list and access token" + + " attributes in the AuthorizationGrantCache for token id: " + refreshTokenData.getTokenId()); } AuthorizationGrantCache.getInstance().clearCacheEntryByToken(grantCacheKey); From 353e4a20fc6486dc7cc960de8c1e7f366cd58b0d Mon Sep 17 00:00:00 2001 From: malithie Date: Thu, 25 Jul 2024 14:02:14 +0530 Subject: [PATCH 71/90] Refactoring updates. --- .../cache/AuthorizationGrantCacheEntry.java | 1 - .../oauth/internal/OAuthServiceComponent.java | 16 +++++++++++++++- .../oauth2/token/AccessTokenIssuer.java | 19 ++++++++++--------- .../identity/oauth2/token/JWTTokenIssuer.java | 19 +++++++------------ 4 files changed, 32 insertions(+), 23 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java index 6a44fe84a2..41e8116025 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/cache/AuthorizationGrantCacheEntry.java @@ -28,7 +28,6 @@ import java.util.LinkedHashSet; import java.util.List; import java.util.Map; -import java.util.Objects; /** * Contains authenticated user attributes and nonce value. diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java index 2671c56603..8e54385e3f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthServiceComponent.java @@ -26,6 +26,8 @@ import org.osgi.service.component.annotations.Reference; import org.osgi.service.component.annotations.ReferenceCardinality; import org.osgi.service.component.annotations.ReferencePolicy; +import org.wso2.carbon.identity.action.execution.ActionExecutionRequestBuilder; +import org.wso2.carbon.identity.action.execution.ActionExecutionResponseProcessor; import org.wso2.carbon.identity.action.execution.ActionExecutorService; import org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; @@ -37,6 +39,8 @@ import org.wso2.carbon.identity.event.handler.AbstractEventHandler; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.OauthInboundAuthConfigHandler; +import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenProcessor; +import org.wso2.carbon.identity.oauth.action.PreIssueAccessTokenRequestBuilder; import org.wso2.carbon.identity.oauth.cache.OAuthCache; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.common.token.bindings.TokenBinderInfo; @@ -112,6 +116,8 @@ protected void activate(ComponentContext context) { authProtocolApplicationService); context.getBundleContext().registerService(ApplicationInboundAuthConfigHandler.class, authProtocolApplicationService, null); + + registerActionRequestBuilderAndResponseProcessor(context); // Note : DO NOT add any activation related code below this point, // to make sure the server doesn't start up if any activation failures occur @@ -125,6 +131,14 @@ protected void activate(ComponentContext context) { } } + private void registerActionRequestBuilderAndResponseProcessor(ComponentContext context) { + + context.getBundleContext() + .registerService(ActionExecutionRequestBuilder.class, new PreIssueAccessTokenRequestBuilder(), null); + context.getBundleContext() + .registerService(ActionExecutionResponseProcessor.class, new PreIssueAccessTokenProcessor(), null); + } + protected void deactivate(ComponentContext context) { if (serviceRegistration != null) { @@ -559,7 +573,7 @@ protected void unregisterConfigurationManager(ConfigurationManager configuration } @Reference( - name = "action.execution.service.component", + name = "action.execution.service", service = ActionExecutorService.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java index 3de3f055f6..a2edda746a 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java @@ -192,7 +192,6 @@ public OAuth2AccessTokenRespDTO issue(OAuth2AccessTokenReqDTO tokenReqDTO) } } - triggerPreListeners(tokenReqDTO, tokReqMsgCtx, isRefreshRequest); OAuthClientAuthnContext oAuthClientAuthnContext = tokenReqDTO.getoAuthClientAuthnContext(); @@ -788,7 +787,6 @@ private boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) throws I removeAuthorizedScopes(tokReqMsgCtx, authorizedScopes); } - boolean isDropUnregisteredScopes = OAuthServerConfiguration.getInstance().isDropUnregisteredScopes(); if (isDropUnregisteredScopes) { if (log.isDebugEnabled()) { @@ -840,6 +838,7 @@ private List getScopeList(String[] scopes) { } private ServiceProvider getServiceProvider(OAuth2AccessTokenReqDTO tokenReq) throws IdentityOAuth2Exception { + ServiceProvider serviceProvider; try { serviceProvider = OAuth2ServiceComponentHolder.getApplicationMgtService().getServiceProviderByClientId( @@ -914,6 +913,7 @@ private String getSubjectClaim(ServiceProvider serviceProvider, private String getDefaultSubject(ServiceProvider serviceProvider, AuthenticatedUser authenticatedUser) throws UserIdNotFoundException { + String subject; boolean useUserIdForDefaultSubject = false; ServiceProviderProperty[] spProperties = serviceProvider.getSpProperties(); @@ -1138,8 +1138,8 @@ private void handleTokenBinding(OAuth2AccessTokenReqDTO tokenReqDTO, String gran if (OAuth2Constants.TokenBinderType.CLIENT_REQUEST.equals(tokenBinder.getBindingType()) && tokenBindingValueOptional.get().length() >= MAX_ALLOWED_LENGTH) { - throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.INVALID_REQUEST, - "Token binding reference length exceeds limit"); + throw new IdentityOAuth2ClientException(OAuth2ErrorCodes.INVALID_REQUEST, + "Token binding reference length exceeds limit"); } String tokenBindingValue = tokenBindingValueOptional.get(); @@ -1233,7 +1233,7 @@ private void cacheUserAttributesAgainstAccessToken(AuthorizationGrantCacheEntry } private void addUserAttributesAgainstAccessTokenForPasswordGrant(OAuth2AccessTokenRespDTO tokenRespDTO, - OAuthTokenReqMessageContext tokReqMsgCtx) { + OAuthTokenReqMessageContext tokReqMsgCtx) { if (tokReqMsgCtx.getAuthorizedUser() != null) { AuthorizationGrantCacheKey newCacheKey = new AuthorizationGrantCacheKey(tokenRespDTO.getAccessToken()); @@ -1271,9 +1271,10 @@ private void persistCustomizedAccessTokenAttributesForRefreshToken(OAuth2AccessT AuthorizationGrantCache.getInstance().addToCacheByToken(newCacheKey, authorizationGrantCacheEntry); if (log.isDebugEnabled()) { - log.debug(String.format( - "Customized audience list and access token attributes from pre issue access token actions are persisted in the AuthorizationGrantCache against the token id: %s.", - tokenRespDTO.getTokenId())); + log.debug( + "Customized audience list and access token attributes from pre issue access token actions " + + "are persisted in the AuthorizationGrantCache against the token id: " + + tokenRespDTO.getTokenId()); } } } @@ -1384,7 +1385,7 @@ private static boolean isNotActiveState(String appState) { * provide the correct user store manager from the user realm. * * @param tenantDomain The tenant domain of the authenticated user. - * @param userId The ID of the authenticated user. + * @param userId The ID of the authenticated user. * @return User store manager of the user reside organization. */ private Optional getUserStoreManagerFromRealmOfUserResideOrganization(String tenantDomain, diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java index 0c406f41eb..5b11a6e955 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java @@ -610,7 +610,6 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe jwtClaimsSetBuilder.claim(CLIENT_ID, consumerKey); setClaimsForNonPersistence(jwtClaimsSetBuilder, authAuthzReqMessageContext, tokenReqMessageContext, authenticatedUser, oAuthAppDO); - // todo: change scopes based on context. Already happening String scope = getScope(authAuthzReqMessageContext, tokenReqMessageContext); if (StringUtils.isNotEmpty(scope)) { jwtClaimsSetBuilder.claim(SCOPE, scope); @@ -618,12 +617,11 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe jwtClaimsSetBuilder.claim(OAuthConstants.AUTHORIZED_USER_TYPE, getAuthorizedUserType(authAuthzReqMessageContext, tokenReqMessageContext)); - - // todo: calculate based on validity period in context jwtClaimsSetBuilder.expirationTime(calculateAccessTokenExpiryTime(accessTokenLifeTimeInMillis, curTimeInMillis)); - // This is a spec (openid-connect-core-1_0:2.0) requirement for ID tokens. But we are keeping this in JWT as well. + // This is a spec (openid-connect-core-1_0:2.0) requirement for ID tokens. + // But we are keeping this in JWT as well. jwtClaimsSetBuilder.audience(tokenReqMessageContext != null ? tokenReqMessageContext.getAudiences() : OAuth2Util.getOIDCAudience(consumerKey, oAuthAppDO)); @@ -633,12 +631,10 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe if (authAuthzReqMessageContext != null) { jwtClaimsSet = handleCustomClaims(jwtClaimsSetBuilder, authAuthzReqMessageContext); } else { - // todo: update based on new claims or added or removed claims on user from context. - // todo: need to execute this before invoking the action so respective information is available jwtClaimsSet = handleCustomClaims(jwtClaimsSetBuilder, tokenReqMessageContext); } - // todo: ignore as no longer needed to be used. If used this will just add those additional claims to the JWT + // todo: deprecate when pre issue access token action is ready if (tokenReqMessageContext != null && tokenReqMessageContext.getOauth2AccessTokenReqDTO() != null && tokenReqMessageContext.getOauth2AccessTokenReqDTO().getAccessTokenExtendedAttributes() != null) { Map customClaims = @@ -812,14 +808,13 @@ protected long getAccessTokenLifeTimeInMillis(OAuthTokenReqMessageContext tokenR if (tokenReqMessageContext.isPreIssueAccessTokenActionsExecuted()) { lifetimeInMillis = tokenReqMessageContext.getValidityPeriod(); if (log.isDebugEnabled()) { - log.debug("Access token life time is set from message context. Token Lifetime : " + lifetimeInMillis + - "ms."); + log.debug("Access token life time is set from OAuthTokenReqMessageContext. Token Lifetime : " + + lifetimeInMillis + "ms."); } return lifetimeInMillis; } - //todo: check if following is redundant and clean up accordingly. boolean isUserAccessTokenType = isUserAccessTokenType(tokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType(), tokenReqMessageContext); @@ -877,8 +872,8 @@ protected JWTClaimsSet handleCustomClaims(JWTClaimsSet.Builder jwtClaimsSetBuild if (customClaims != null) { if (log.isDebugEnabled()) { - log.debug( - "Pre issue access token actions are executed. Returning the customized claim set from actions. Claims: " + + log.debug("Pre issue access token actions are executed. " + + "Returning the customized claim set from actions. Claims: " + customClaims.keySet()); } From 27de4a5607fc9208e5aa319b00cae256842857b0 Mon Sep 17 00:00:00 2001 From: Thumimku Date: Thu, 25 Jul 2024 16:22:22 +0530 Subject: [PATCH 72/90] add diag logs --- .../carbon/identity/oauth/common/OAuthConstants.java | 3 ++- .../identity/oauth2/token/AccessTokenIssuer.java | 12 +++++++++++- .../identity/oauth2/token/SubjectTokenIssuer.java | 5 +++-- .../oauth2/token/SubjectTokenIssuerTest.java | 8 ++++++++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java index 7562f28e56..1f11cb57e6 100644 --- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java +++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java @@ -718,7 +718,7 @@ public static class ActionIDs { public static final String SCOPE_VALIDATION = "validate-scope"; public static final String ISSUE_ACCESS_TOKEN = "issue-access-token"; - public static final String ISSUE_SUBJECT_TOKEN = "issue-access-token"; + public static final String ISSUE_SUBJECT_TOKEN = "issue-subject-token"; public static final String ISSUE_ID_TOKEN = "issue-id-token"; public static final String VALIDATE_AUTHORIZATION_CODE = "validate-authz-code"; public static final String ISSUE_AUTHZ_CODE = "issue-authz-code"; @@ -777,6 +777,7 @@ public static class InputKeys { public static final String CALLBACK_URI = "callback URI"; public static final String PROMPT = "prompt"; public static final String APP_STATE = "app state"; + public static final String IMPERSONATOR = "impersonator"; } /** diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java index 6d6f986290..6eb3d6b335 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java @@ -96,6 +96,8 @@ import static org.apache.commons.lang.StringUtils.isNotBlank; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.GrantTypes.REFRESH_TOKEN; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.IMPERSONATING_ACTOR; +import static org.wso2.carbon.identity.oauth.common.OAuthConstants.LogConstants.InputKeys.IMPERSONATOR; import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE; import static org.wso2.carbon.identity.oauth2.OAuth2Constants.MAX_ALLOWED_LENGTH; import static org.wso2.carbon.identity.oauth2.Oauth2ScopeConstants.CONSOLE_SCOPE_PREFIX; @@ -507,8 +509,16 @@ private OAuth2AccessTokenRespDTO validateGrantAndIssueToken(OAuth2AccessTokenReq .inputParam(OAuthConstants.LogConstants.InputKeys.GRANT_TYPE, grantType) .inputParam("token expiry time (s)", tokenRespDTO.getExpiresIn()) .resultStatus(DiagnosticLog.ResultStatus.SUCCESS) - .resultMessage("Access token issued for the application.") .logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION); + if (tokReqMsgCtx.isImpersonationRequest()) { + if (tokReqMsgCtx.getProperty(IMPERSONATING_ACTOR) != null) { + String impersonatorId = tokReqMsgCtx.getProperty(IMPERSONATING_ACTOR).toString(); + diagnosticLogBuilder.inputParam(IMPERSONATOR, impersonatorId); + } + diagnosticLogBuilder.resultMessage("Impersonated Access token issued for the application."); + } else { + diagnosticLogBuilder.resultMessage("Access token issued for the application."); + } if (tokReqMsgCtx.getAuthorizedUser() != null) { diagnosticLogBuilder.inputParam(LogConstants.InputKeys.USER_ID, tokReqMsgCtx.getAuthorizedUser().getUserId()); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java index d071b0dafe..f725a63e3a 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuer.java @@ -96,7 +96,8 @@ public SubjectTokenDO issue(OAuthAuthzReqMessageContext oauthAuthzMsgCtx) throws oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey()) .inputParam(OAuthConstants.LogConstants.InputKeys.AUTHORIZED_SCOPES, oauthAuthzMsgCtx.getApprovedScope()) - .inputParam(OAuthConstants.LogConstants.InputKeys.GRANT_TYPE, "Code") + .inputParam(OAuthConstants.LogConstants.InputKeys.RESPONSE_TYPE, + oauthAuthzMsgCtx.getAuthorizationReqDTO().getResponseType()) .inputParam("token expiry time (s)", subjectTokenLifeTime) .resultStatus(DiagnosticLog.ResultStatus.SUCCESS) .resultMessage("Subject token issued for the application.") @@ -114,8 +115,8 @@ public SubjectTokenDO issue(OAuthAuthzReqMessageContext oauthAuthzMsgCtx) throws } } } + LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder); } - return subjectTokenDO; } diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuerTest.java index e833ec2e4a..eebc8f1d76 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/SubjectTokenIssuerTest.java @@ -27,7 +27,9 @@ import org.testng.annotations.Test; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; +import org.wso2.carbon.identity.oauth.dao.OAuthAppDO; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext; import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO; @@ -63,9 +65,11 @@ public class SubjectTokenIssuerTest { @Mock private JWTTokenIssuer jwtTokenIssuer; private static final String[] SCOPES_WITHOUT_OPENID = new String[]{"scope1", "scope2"}; + private static final String OAUTH_APP_DO = "OAuthAppDO"; private ImpersonationMgtServiceImpl impersonationMgtService = new ImpersonationMgtServiceImpl(); private MockedStatic oAuthServerConfiguration; + private MockedStatic loggerUtils; @BeforeMethod public void setUp() throws Exception { @@ -86,6 +90,8 @@ public void setUp() throws Exception { Map oauthTokenIssuerMap = new HashMap<>(); oauthTokenIssuerMap.put(JWT_TOKEN_TYPE, jwtTokenIssuer); lenient().when(mockOAuthServerConfiguration.getOauthTokenIssuerMap()).thenReturn(oauthTokenIssuerMap); + loggerUtils = mockStatic(LoggerUtils.class); + loggerUtils.when(LoggerUtils::isDiagnosticLogsEnabled).thenReturn(true); } @AfterMethod @@ -94,12 +100,14 @@ public void tearDown() { OAuth2ServiceComponentHolder.getInstance() .removeImpersonationValidator(new DummyErrornusImpersonationValidator()); oAuthServerConfiguration.close(); + loggerUtils.close(); } @Test public void testIssue() throws IdentityException { when(oAuthAuthzReqMessageContext.getAuthorizationReqDTO()).thenReturn(oAuth2AuthorizeReqDTO); + when(oAuthAuthzReqMessageContext.getProperty(OAUTH_APP_DO)).thenReturn(new OAuthAppDO()); OAuth2ServiceComponentHolder.getInstance().addImpersonationValidator( new DummyImpersonationValidator()); From 9a1b8eb756c40b8dc2c2a9225119b4433681915c Mon Sep 17 00:00:00 2001 From: Jihan Jeeth <50905371+JeethJJ@users.noreply.github.com> Date: Thu, 25 Jul 2024 16:31:03 +0530 Subject: [PATCH 73/90] Revert "Authorise all scopes for all application upon server-wide configuration" --- .../config/OAuthServerConfiguration.java | 30 ------------------- .../DefaultOAuth2ScopeValidator.java | 28 +++++------------ 2 files changed, 7 insertions(+), 51 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java index ac7e265ca2..d9fd4e6557 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.java @@ -169,7 +169,6 @@ public class OAuthServerConfiguration { private boolean removeUsernameFromIntrospectionResponseForAppTokens = true; private boolean useLegacyScopesAsAliasForNewScopes = false; private boolean useLegacyPermissionAccessForUserBasedAuth = false; - private boolean authorizeAllScopes = false; private String accessTokenPartitioningDomains = null; private TokenPersistenceProcessor persistenceProcessor = null; private Set callbackHandlerMetaData = new HashSet<>(); @@ -535,9 +534,6 @@ private void buildOAuthServerConfiguration() { // Read config for restricted query parameters in oauth requests parseRestrictedQueryParameters(oauthElem); - - // Read config for allow all scopes for an application - parseAuthorizeAllScopes(oauthElem); } /** @@ -3671,31 +3667,6 @@ public boolean isUseLegacyPermissionAccessForUserBasedAuth() { return useLegacyPermissionAccessForUserBasedAuth; } - /** - * Parse the AuthorizeAllScopes configuration that authorize all scopes for all applications. - * - * @param oauthConfigElem oauthConfigElem. - */ - private void parseAuthorizeAllScopes(OMElement oauthConfigElem) { - - OMElement authorizeAllScopesElem = oauthConfigElem.getFirstChildWithName( - getQNameWithIdentityNS(ConfigElements.AUTHORIZE_ALL_SCOPES)); - if (authorizeAllScopesElem != null) { - authorizeAllScopes = Boolean.parseBoolean(authorizeAllScopesElem.getText()); - } - } - - /** - * This method returns the value of the property AuthorizeAllScopes for the OAuth - * configuration in identity.xml. - * - * @return true if the AuthorizeAllScopes is enabled. - */ - public boolean isAuthorizeAllScopes() { - - return authorizeAllScopes; - } - private static void setOAuthResponseJspPageAvailable() { java.nio.file.Path path = Paths.get(CarbonUtils.getCarbonHome(), "repository", "deployment", @@ -4070,7 +4041,6 @@ private class ConfigElements { private static final String SCOPE_METADATA_EXTENSION_IMPL = "ScopeMetadataService"; private static final String RESTRICTED_QUERY_PARAMETERS_ELEMENT = "RestrictedQueryParameters"; private static final String RESTRICTED_QUERY_PARAMETER_ELEMENT = "Parameter"; - private static final String AUTHORIZE_ALL_SCOPES = "AuthorizeAllScopes"; } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java index 1e290ee625..1025c723f3 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/DefaultOAuth2ScopeValidator.java @@ -258,36 +258,22 @@ private List getAuthorizedScopes(List requestedScopes, Authentic } /** - * Get the authorized scopes for the given appId and/or tenant domain. + * Get the authorized scopes for the given appId and tenant domain. * * @param appId App id. * @param tenantDomain Tenant domain. * @return Authorized scopes. - * @throws IdentityOAuth2Exception if an error occurs while retrieving authorized scopes. + * @throws IdentityOAuth2Exception if an error occurs while retrieving authorized scopes for app. */ private List getAuthorizedScopes(String appId, String tenantDomain) throws IdentityOAuth2Exception { try { - if (OAuthServerConfiguration.getInstance().isAuthorizeAllScopes()) { - List scopes = OAuth2ServiceComponentHolder.getInstance() - .getApiResourceManager().getScopesByTenantDomain(tenantDomain, ""); - List allScopesList = Collections.singletonList( - new AuthorizedScopes("RBAC", scopes.stream() - .map(Scope::getName) - .collect(Collectors.toCollection(ArrayList::new))) - ); - return allScopesList; - } else { - return OAuth2ServiceComponentHolder.getInstance() - .getAuthorizedAPIManagementService().getAuthorizedScopes(appId, tenantDomain); - } + return OAuth2ServiceComponentHolder.getInstance() + .getAuthorizedAPIManagementService().getAuthorizedScopes(appId, tenantDomain); } catch (IdentityApplicationManagementException e) { throw new IdentityOAuth2Exception("Error while retrieving authorized scopes for app : " + appId + "tenant domain : " + tenantDomain, e); - } catch (APIResourceMgtException e) { - throw new IdentityOAuth2Exception("Error while retrieving scopes for tenant domain : " - + tenantDomain, e); } } @@ -376,7 +362,7 @@ private void removeRegisteredScopes(OAuthTokenReqMessageContext tokenReqMessageC } /** - * Get the requested OIDC scopes. + * Get the requested OIDC scopes * * @param tenantDomain Tenant domain. * @param requestedScopes Requested scopes. @@ -409,7 +395,7 @@ private List removeOIDCScopes(List requestedScopes, Set } /** - * Get the application resource id for the given client id. + * Get the application resource id for the given client id * * @param clientId Client Id. * @param tenantName Tenant name. @@ -428,7 +414,7 @@ private String getApplicationId(String clientId, String tenantName) throws Ident } /** - * Checks if the scopes list is empty. + * Checks if the scopes list is empty * * @param scopes Scopes list * @return true if scopes list is empty From 23a45f214b22eb85c76ca02669a2133dd27b69f1 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 25 Jul 2024 11:46:53 +0000 Subject: [PATCH 74/90] [WSO2 Release] [Jenkins #4980] [Release 7.0.124] prepare release v7.0.124 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 589c089849..8676a8a48d 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124-SNAPSHOT + 7.0.124 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.124-SNAPSHOT + 7.0.124 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index e3b52bcfca..fd6559bbef 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124-SNAPSHOT + 7.0.124 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.124-SNAPSHOT + 7.0.124 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index c9ff8a6f84..9f55466fb6 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124-SNAPSHOT + 7.0.124 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index a7a3daa10d..d941f1af86 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 2f7bad525e..35e3b6bc50 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.124-SNAPSHOT + 7.0.124 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 09ff0d9204..73be19f5f1 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 19b5e26b28..1259fb2da7 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 9e3d4f8e47..0bd7ea1bcd 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 663cdac2a1..230505cbdb 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index d6d245a9e9..ca551bec9c 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index f692129d0b..20c55f22b6 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.124-SNAPSHOT + 7.0.124 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 30f670912a..5af16cd5f5 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 5c491a30a9..673936f0d9 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 9d3b3b59e2..44ca1d9535 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 1b0e5363bf..2cf49d0410 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index ff80ec26e4..6a40652bcb 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 57af0cb082..77f5bda8ac 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 167e13859a..5c459cb45a 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 023927fdc8..866698f97f 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 342b03b149..0bc65ac589 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index ac7ef32a16..0cb545b630 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index fe54b35b6f..ba89ddf428 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 8807df9865..39f022c61d 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 7de4cf4f30..aa5cc8f222 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 diff --git a/pom.xml b/pom.xml index c83c1094f2..0251456d04 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124-SNAPSHOT + 7.0.124 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.124 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 58a54ec659..015956d4e2 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124-SNAPSHOT + 7.0.124 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index a9d9cf4d3a..4e30892633 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124-SNAPSHOT + 7.0.124 4.0.0 From dd58fc9fcd43921396fb459eadd778aab30cc65e Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 25 Jul 2024 11:46:55 +0000 Subject: [PATCH 75/90] [WSO2 Release] [Jenkins #4980] [Release 7.0.124] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 8676a8a48d..6c65add139 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124 + 7.0.125-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.124 + 7.0.125-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index fd6559bbef..d7438008a5 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124 + 7.0.125-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.124 + 7.0.125-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 9f55466fb6..4266856c6b 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124 + 7.0.125-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index d941f1af86..a85e512fae 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 35e3b6bc50..ed808f36ae 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.124 + 7.0.125-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 73be19f5f1..329cbd158d 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 1259fb2da7..70fa264e92 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 0bd7ea1bcd..cc2a0ce4e7 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 230505cbdb..ade095b08e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index ca551bec9c..126b804d91 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 20c55f22b6..468b5d8d32 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.124 + 7.0.125-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 5af16cd5f5..67cc9568f3 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 673936f0d9..6f6b76a2f6 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 44ca1d9535..3d0ddecbe2 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 2cf49d0410..a23e754818 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 6a40652bcb..cd3992cfa2 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 77f5bda8ac..6a83904bea 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 5c459cb45a..9438a99d11 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 866698f97f..57cc35ebca 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 0bc65ac589..d07c2c6c88 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 0cb545b630..7d5a199935 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index ba89ddf428..1efa038f72 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 39f022c61d..61e1a78612 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index aa5cc8f222..d70aa5754b 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 0251456d04..c5ef581063 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124 + 7.0.125-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.124 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 015956d4e2..7a84279456 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.124 + 7.0.125-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 4e30892633..69a77d081e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.124 + 7.0.125-SNAPSHOT 4.0.0 From 50677a7600064e516fa12944b3cbd9958daeb5d4 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 25 Jul 2024 13:21:37 +0000 Subject: [PATCH 76/90] [WSO2 Release] [Jenkins #4982] [Release 7.0.125] prepare release v7.0.125 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 6c65add139..b5d67ad239 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125-SNAPSHOT + 7.0.125 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.125-SNAPSHOT + 7.0.125 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index d7438008a5..e6f16274b4 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125-SNAPSHOT + 7.0.125 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.125-SNAPSHOT + 7.0.125 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 4266856c6b..9b73c60a04 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125-SNAPSHOT + 7.0.125 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index a85e512fae..42d588d29a 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index ed808f36ae..6d48fcb3c5 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.125-SNAPSHOT + 7.0.125 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 329cbd158d..e5bfbcdae0 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 70fa264e92..e3d611fddf 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index cc2a0ce4e7..e0188def6f 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index ade095b08e..5ade125ad1 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 126b804d91..f1a8065357 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 468b5d8d32..912af4076b 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.125-SNAPSHOT + 7.0.125 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 67cc9568f3..63216d6add 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 6f6b76a2f6..1bf4ee0d90 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 3d0ddecbe2..65f66a89c7 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index a23e754818..769e288385 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index cd3992cfa2..8c6913ae66 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 6a83904bea..0f2ee0ff32 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 9438a99d11..b469f6972c 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 57cc35ebca..74a87de343 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index d07c2c6c88..088ee6fa8f 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 7d5a199935..77ca8a180c 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 1efa038f72..8db20de343 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 61e1a78612..4aacce412d 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index d70aa5754b..b72273d5be 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 diff --git a/pom.xml b/pom.xml index c5ef581063..89bde2d55e 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125-SNAPSHOT + 7.0.125 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.125 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 7a84279456..523f9f4128 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125-SNAPSHOT + 7.0.125 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 69a77d081e..3fa65e9025 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125-SNAPSHOT + 7.0.125 4.0.0 From 011e3d75c387503b0361acc93c2712cd8f806462 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Thu, 25 Jul 2024 13:21:39 +0000 Subject: [PATCH 77/90] [WSO2 Release] [Jenkins #4982] [Release 7.0.125] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index b5d67ad239..54631606b9 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125 + 7.0.126-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.125 + 7.0.126-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index e6f16274b4..4d18835369 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125 + 7.0.126-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.125 + 7.0.126-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 9b73c60a04..d637d02648 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125 + 7.0.126-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index 42d588d29a..afd948f77a 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 6d48fcb3c5..8ac40cf8c4 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.125 + 7.0.126-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index e5bfbcdae0..9262b1b393 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index e3d611fddf..f4625760d4 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index e0188def6f..6b9b1f7c6a 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 5ade125ad1..1a84f8cc33 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index f1a8065357..4b03527028 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 912af4076b..e9e297ad5c 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.125 + 7.0.126-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 63216d6add..253e0509de 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 1bf4ee0d90..0dd056fbc4 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 65f66a89c7..24794c0372 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 769e288385..8491cbb087 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 8c6913ae66..e40d438d28 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 0f2ee0ff32..5eb45bd7ec 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index b469f6972c..90b770fc5b 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 74a87de343..64c523c5d0 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index 088ee6fa8f..e23d68dd48 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 77ca8a180c..9d3438460c 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 8db20de343..b629fbed87 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index 4aacce412d..a4694b26f5 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index b72273d5be..06ac2406c4 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 89bde2d55e..3e6eacbfb7 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125 + 7.0.126-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.125 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 523f9f4128..9de79f6332 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.125 + 7.0.126-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 3fa65e9025..2ad4d45442 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.125 + 7.0.126-SNAPSHOT 4.0.0 From 7a54fdf5af88627ac2237cde2bbaae62e7ae3287 Mon Sep 17 00:00:00 2001 From: vivekvinushanth Date: Fri, 26 Jul 2024 11:38:11 +0530 Subject: [PATCH 78/90] fix cache removal at token revocation --- .../identity/oauth2/internal/OAuthApplicationMgtListener.java | 1 + 1 file changed, 1 insertion(+) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java index 857ff0f805..35e2ace7d5 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.java @@ -517,6 +517,7 @@ private void clearCacheEntriesAgainstTokenByConsumerKey(Set acces OAuthCacheKey oauthCacheKey = new OAuthCacheKey(accessTokenDo.getAccessToken()); CacheEntry oauthCacheEntry = OAuthCache.getInstance().getValueFromCache(oauthCacheKey); if (oauthCacheEntry != null) { + OAuthCache.getInstance().clearCacheEntry(oauthCacheKey); OAuthCache.getInstance().clearCacheEntry(oauthCacheKey, tenantDomain); OAuthCache.getInstance().clearCacheEntry(oauthCacheKey, accessTokenDo.getAuthzUser() .getTenantDomain()); From d84f9f9662a6316d990e18aad8ccfbc86e651a4f Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 26 Jul 2024 06:27:46 +0000 Subject: [PATCH 79/90] [WSO2 Release] [Jenkins #4984] [Release 7.0.126] prepare release v7.0.126 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 54631606b9..160a78370e 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126-SNAPSHOT + 7.0.126 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.126-SNAPSHOT + 7.0.126 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 4d18835369..d5c0328ea1 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126-SNAPSHOT + 7.0.126 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.126-SNAPSHOT + 7.0.126 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index d637d02648..a653e23717 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126-SNAPSHOT + 7.0.126 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index afd948f77a..b706d5d257 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 8ac40cf8c4..5219bf8417 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.126-SNAPSHOT + 7.0.126 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 9262b1b393..df3fb51a48 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index f4625760d4..220712af90 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 6b9b1f7c6a..a52ca84f50 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 1a84f8cc33..86033314d6 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 4b03527028..63dde43e11 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index e9e297ad5c..2b4c6564c5 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.126-SNAPSHOT + 7.0.126 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index 253e0509de..a5e70253e5 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 0dd056fbc4..d1b10d91f6 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 24794c0372..37379c1ac3 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 8491cbb087..9c251863da 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index e40d438d28..6b6adad0f4 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 5eb45bd7ec..e21a49dd9e 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 90b770fc5b..221af918fa 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 64c523c5d0..9f6159e179 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index e23d68dd48..e9ba3fc0c3 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 9d3438460c..2f3b24ee63 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index b629fbed87..a617f3250e 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index a4694b26f5..bcf97e83f4 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 06ac2406c4..4a374aff8a 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 diff --git a/pom.xml b/pom.xml index 3e6eacbfb7..ba600f472e 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126-SNAPSHOT + 7.0.126 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.126 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 9de79f6332..05b640d527 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126-SNAPSHOT + 7.0.126 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 2ad4d45442..53f24b0963 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126-SNAPSHOT + 7.0.126 4.0.0 From 73a8ddf6706f6cfedd4bf7022abafa278b786737 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Fri, 26 Jul 2024 06:27:48 +0000 Subject: [PATCH 80/90] [WSO2 Release] [Jenkins #4984] [Release 7.0.126] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 160a78370e..eaa6b3c53d 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126 + 7.0.127-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.126 + 7.0.127-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index d5c0328ea1..788cac5741 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126 + 7.0.127-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.126 + 7.0.127-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index a653e23717..939697967b 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126 + 7.0.127-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index b706d5d257..a492a0a2d0 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 5219bf8417..80c9415de9 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.126 + 7.0.127-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index df3fb51a48..35c49247e6 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 220712af90..2a8bc866c7 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index a52ca84f50..94e238d0db 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 86033314d6..aa7d5b6af0 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 63dde43e11..77eaff35b8 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 2b4c6564c5..7d75521627 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.126 + 7.0.127-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index a5e70253e5..aa718eb937 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index d1b10d91f6..08c6e247e9 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 37379c1ac3..f903e2adbc 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 9c251863da..4bdc5ce292 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 6b6adad0f4..df2253cdca 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index e21a49dd9e..7cb9abd0a0 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 221af918fa..2ec1d05565 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 9f6159e179..92428dec52 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index e9ba3fc0c3..d7778f6bc2 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index 2f3b24ee63..b1bd9b360f 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index a617f3250e..284f451a4c 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index bcf97e83f4..c8330d5f4e 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index 4a374aff8a..b9baf584db 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index ba600f472e..a52aefca45 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126 + 7.0.127-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.126 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index 05b640d527..dfeb859d02 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.126 + 7.0.127-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 53f24b0963..5ecbb1ffa2 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.126 + 7.0.127-SNAPSHOT 4.0.0 From 4215567a811387b154833e2aa59a3ed305135fba Mon Sep 17 00:00:00 2001 From: malithie Date: Mon, 29 Jul 2024 12:57:35 +0530 Subject: [PATCH 81/90] Remove redundant comments and incorporate core changes. --- .../action/PreIssueAccessTokenProcessor.java | 18 +++++++++++------- .../PreIssueAccessTokenRequestBuilder.java | 6 +++--- .../internal/OAuth2ServiceComponent.java | 6 ------ .../oauth2/token/AccessTokenIssuer.java | 8 -------- pom.xml | 2 +- 5 files changed, 15 insertions(+), 25 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java index 6a1c6cbbb4..a7ab27058c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java @@ -18,11 +18,13 @@ package org.wso2.carbon.identity.oauth.action; +import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.action.execution.ActionExecutionResponseProcessor; +import org.wso2.carbon.identity.action.execution.exception.ActionExecutionResponseProcessorException; import org.wso2.carbon.identity.action.execution.model.ActionExecutionStatus; import org.wso2.carbon.identity.action.execution.model.ActionInvocationErrorResponse; import org.wso2.carbon.identity.action.execution.model.ActionInvocationSuccessResponse; @@ -66,10 +68,9 @@ public ActionType getSupportedActionType() { } @Override - public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map eventContext, - Event event, - ActionInvocationSuccessResponse - actionInvocationSuccessResponse) { + public ActionExecutionStatus processSuccessResponse(Map eventContext, Event event, + ActionInvocationSuccessResponse actionInvocationSuccessResponse) + throws ActionExecutionResponseProcessorException { OAuthTokenReqMessageContext tokenMessageContext = (OAuthTokenReqMessageContext) eventContext.get("tokenMessageContext"); @@ -101,7 +102,7 @@ public ActionExecutionStatus processSuccessResponse(ActionType actionType, Map map, Event event, - ActionInvocationErrorResponse actionInvocationErrorResponse) { + public ActionExecutionStatus processErrorResponse(Map map, Event event, + ActionInvocationErrorResponse actionInvocationErrorResponse) + throws ActionExecutionResponseProcessorException { //todo: need to implement to process the error so that if a processable error is received // it is communicated to the client. diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index 3cabca6256..a9b0fffd08 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -66,9 +66,9 @@ */ public class PreIssueAccessTokenRequestBuilder implements ActionExecutionRequestBuilder { - private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenRequestBuilder.class); public static final String CLAIMS_PATH_PREFIX = "/accessToken/claims/"; public static final String SCOPES_PATH_PREFIX = "/accessToken/scopes/"; + private static final Log LOG = LogFactory.getLog(PreIssueAccessTokenRequestBuilder.class); @Override public ActionType getSupportedActionType() { @@ -77,7 +77,7 @@ public ActionType getSupportedActionType() { } @Override - public ActionExecutionRequest buildActionExecutionRequest(ActionType actionType, Map eventContext) + public ActionExecutionRequest buildActionExecutionRequest(Map eventContext) throws ActionExecutionRequestBuilderException { OAuthTokenReqMessageContext tokenMessageContext = @@ -86,7 +86,7 @@ public ActionExecutionRequest buildActionExecutionRequest(ActionType actionType, Map additionalClaimsToAddToToken = getAdditionalClaimsToAddToToken(tokenMessageContext); ActionExecutionRequest.Builder actionRequestBuilder = new ActionExecutionRequest.Builder(); - actionRequestBuilder.actionType(actionType); + actionRequestBuilder.actionType(getSupportedActionType()); actionRequestBuilder.event(getEvent(tokenMessageContext, additionalClaimsToAddToToken)); actionRequestBuilder.allowedOperations(getAllowedOperations(additionalClaimsToAddToToken)); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java index 67977726df..7e4db0f45f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java @@ -462,12 +462,6 @@ protected void activate(ComponentContext context) { || OAuthServerConfiguration.getInstance().isUseLegacyPermissionAccessForUserBasedAuth()) { initializeLegacyScopeToNewScopeMappings(); } - -// ActionExecutionRequestBuilderFactory.registerActionInvocationRequestBuilder(ActionType.PRE_ISSUE_ACCESS_TOKEN, -// PreIssueAccessTokenRequestBuilder.getInstance()); -// ActionExecutionResponseProcessorFactory.registerActionInvocationResponseProcessor( -// ActionType.PRE_ISSUE_ACCESS_TOKEN, -// PreIssueAccessTokenProcessor.getInstance()); } /** diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java index a2edda746a..a3299f23ed 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java @@ -167,8 +167,6 @@ public OAuth2AccessTokenRespDTO issue(OAuth2AccessTokenReqDTO tokenReqDTO) String grantType = tokenReqDTO.getGrantType(); OAuth2AccessTokenRespDTO tokenRespDTO = null; - log.info("=== Starting access token issue flow. grantType: " + grantType); - AuthorizationGrantHandler authzGrantHandler = authzGrantHandlers.get(grantType); OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(tokenReqDTO); @@ -574,12 +572,6 @@ private OAuth2AccessTokenRespDTO validateGrantAndIssueToken(OAuth2AccessTokenReq } } - log.info("=== End of access token issue flow. grantType: " + grantType + " tokenRespDTO: " + "{" - + "accessToken: " + tokenRespDTO.getAccessToken() + ", refreshToken: " + tokenRespDTO.getRefreshToken() - + ", expiresIn: " + tokenRespDTO.getExpiresIn() + ", authorizedScopes: " + - tokenRespDTO.getAuthorizedScopes() + ", tokenType: " + tokenRespDTO.getTokenType() + - ", parameterObjects: " + tokenRespDTO.getParameterObjects() + "}"); - if (Constants.DEVICE_FLOW_GRANT_TYPE.equals(grantType)) { Optional deviceCodeOptional = getDeviceCode(tokenReqDTO); if (deviceCodeOptional.isPresent()) { diff --git a/pom.xml b/pom.xml index 97d3672dce..e022174bc7 100644 --- a/pom.xml +++ b/pom.xml @@ -912,7 +912,7 @@ 7.3.22 [5.25.234, 8.0.0) - 7.3.42-SNAPSHOT + 7.3.50-SNAPSHOT 1.4.7 From 7f508be4ee2af1874754da9dcb1b8bf2012c99e9 Mon Sep 17 00:00:00 2001 From: malithie Date: Mon, 29 Jul 2024 14:13:21 +0530 Subject: [PATCH 82/90] Added client authentication params for params to avoid. --- .../carbon/identity/oauth/action/model/TokenRequest.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java index 2c82e84b29..7e0472607c 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/TokenRequest.java @@ -45,8 +45,6 @@ public class TokenRequest extends Request { headersToAvoid.add("content-type"); // parameters from authorization code grant paramsToAvoid.add("code"); - paramsToAvoid.add("client_id"); - paramsToAvoid.add("client_secret"); paramsToAvoid.add("redirect_uri"); paramsToAvoid.add("grant_type"); paramsToAvoid.add("scope"); @@ -55,6 +53,11 @@ public class TokenRequest extends Request { paramsToAvoid.add("password"); // parameters from refresh token grant paramsToAvoid.add("refresh_token"); + // parameters used for client authentication for token endpoint + paramsToAvoid.add("client_id"); + paramsToAvoid.add("client_secret"); + paramsToAvoid.add("client_assertion_type"); + paramsToAvoid.add("client_assertion"); } private final String clientId; From e51297f8ce7f897c4216cc95f171f13253a74d91 Mon Sep 17 00:00:00 2001 From: malithie Date: Mon, 29 Jul 2024 17:44:10 +0530 Subject: [PATCH 83/90] Removed redundant checkPairwiseSubEnabledForAccessTokens. --- .../carbon/identity/oauth2/token/JWTTokenIssuer.java | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java index 5b11a6e955..acd9437db6 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java @@ -572,7 +572,6 @@ protected JWTClaimsSet createJWTClaimSet(OAuthAuthzReqMessageContext authAuthzRe getAccessTokenLifeTimeInMillis(authAuthzReqMessageContext, oAuthAppDO, consumerKey); spTenantDomain = authAuthzReqMessageContext.getAuthorizationReqDTO().getTenantDomain(); } else { - // todo: should be updated based on context accessTokenLifeTimeInMillis = getAccessTokenLifeTimeInMillis(tokenReqMessageContext, oAuthAppDO, consumerKey); spTenantDomain = tokenReqMessageContext.getOauth2AccessTokenReqDTO().getTenantDomain(); @@ -1000,16 +999,6 @@ private JWTClaimsSet setSignerRealm(String tenantDomain, JWTClaimsSet jwtClaimsS return jwtClaimsSet; } - /** - * Check whether pairwise subject identifier is enabled for access token response. - * - * @return true if pairwise subject identifier is enabled for access token response. - */ - private boolean checkPairwiseSubEnabledForAccessTokens() { - - return Boolean.parseBoolean(IdentityUtil.getProperty(ENABLE_PPID_FOR_ACCESS_TOKENS)); - } - /** * Set entity_id claim to the JWT if token persistence is disabled. This is to identify the principal subject of the * issuing token. From d204731b3281314ea010ac62f0c0670bfad0767c Mon Sep 17 00:00:00 2001 From: malithie Date: Mon, 29 Jul 2024 18:35:01 +0530 Subject: [PATCH 84/90] Address review comments. --- .../action/PreIssueAccessTokenRequestBuilder.java | 1 + ...va => PreIssueAccessTokenResponseProcessor.java} | 4 ++-- .../oauth/internal/OAuthServiceComponent.java | 13 +++++-------- .../oauth2/token/OAuthTokenReqMessageContext.java | 11 +++-------- .../grant/AbstractAuthorizationGrantHandler.java | 7 ++++--- .../token/handlers/grant/RefreshGrantHandler.java | 3 ++- pom.xml | 5 ++--- 7 files changed, 19 insertions(+), 25 deletions(-) rename components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/{PreIssueAccessTokenProcessor.java => PreIssueAccessTokenResponseProcessor.java} (99%) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index a9b0fffd08..6088d59c05 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -105,6 +105,7 @@ private Event getEvent(OAuthTokenReqMessageContext tokenMessageContext, Map org.wso2.carbon.identity.framework org.wso2.carbon.identity.action.execution - ${carbon.identity.framework.action.execution.version} + ${carbon.identity.framework.version} @@ -909,10 +909,9 @@ [1.0.1, 2.0.0) - 7.3.22 + 7.3.50 [5.25.234, 8.0.0) - 7.3.50-SNAPSHOT 1.4.7 From 8ee4aae79df2e897433bb4cee708bd19eae501ae Mon Sep 17 00:00:00 2001 From: malithie Date: Tue, 30 Jul 2024 09:47:57 +0530 Subject: [PATCH 85/90] Fixed resolving organization. --- .../PreIssueAccessTokenRequestBuilder.java | 31 ++++++++++++++++--- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index 6088d59c05..f802e5c92a 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -43,6 +43,7 @@ import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth.dao.OAuthAppDO; +import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; import org.wso2.carbon.identity.oauth2.model.HttpRequestHeader; @@ -52,6 +53,7 @@ import org.wso2.carbon.identity.oauth2.util.OAuth2Util; import org.wso2.carbon.identity.openidconnect.CustomClaimsCallbackHandler; import org.wso2.carbon.identity.openidconnect.OIDCClaimUtil; +import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; import java.util.ArrayList; import java.util.Arrays; @@ -105,10 +107,9 @@ private Event getEvent(OAuthTokenReqMessageContext tokenMessageContext, Map Date: Tue, 30 Jul 2024 12:09:54 +0530 Subject: [PATCH 86/90] Fixed checkstyle issues. --- .../identity/oauth2/token/OAuthTokenReqMessageContext.java | 3 ++- .../handlers/grant/AbstractAuthorizationGrantHandler.java | 3 ++- .../oauth2/token/handlers/grant/RefreshGrantHandler.java | 3 ++- .../handlers/grant/AbstractAuthorizationGrantHandlerTest.java | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java index 4c7516b1ad..5955e9b509 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/OAuthTokenReqMessageContext.java @@ -23,7 +23,6 @@ import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; import org.wso2.carbon.identity.oauth2.token.bindings.TokenBinding; -import java.sql.Timestamp; import java.util.List; import java.util.Map; import java.util.Properties; @@ -174,10 +173,12 @@ public void setTokenBinding(TokenBinding tokenBinding) { } public String[] getAuthorizedInternalScopes() { + return authorizedInternalScopes; } public void setAuthorizedInternalScopes(String[] authorizedInternalScopes) { + this.authorizedInternalScopes = authorizedInternalScopes; } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java index f5d76c1fb6..9d45411bd3 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandler.java @@ -500,7 +500,8 @@ private boolean checkExecutePreIssueAccessTokensActions(OAuthTokenReqMessageCont return (OAuthConstants.GrantTypes.AUTHORIZATION_CODE.equals(grantType) || OAuthConstants.GrantTypes.CLIENT_CREDENTIALS.equals(grantType) || OAuthConstants.GrantTypes.PASSWORD.equals(grantType) || - OAuthConstants.GrantTypes.REFRESH_TOKEN.equals(grantType)) && JWT_TOKEN_TYPE.equals(oAuthAppBean.getTokenType()); + OAuthConstants.GrantTypes.REFRESH_TOKEN.equals(grantType)) && + JWT_TOKEN_TYPE.equals(oAuthAppBean.getTokenType()); } private boolean isExistingTokenValid(AccessTokenDO existingTokenBean, long expireTime) { diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java index fafa6c147c..67cdcda414 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java @@ -720,7 +720,8 @@ private boolean checkExecutePreIssueAccessTokensActions(RefreshTokenValidationDa // Allow if refresh token is issued for token requests from following grant types and, // for JWT access tokens only. return (OAuthConstants.GrantTypes.AUTHORIZATION_CODE.equals(grantType) || - OAuthConstants.GrantTypes.PASSWORD.equals(grantType)) && JWT_TOKEN_TYPE.equals(oAuthAppBean.getTokenType()); + OAuthConstants.GrantTypes.PASSWORD.equals(grantType)) && + JWT_TOKEN_TYPE.equals(oAuthAppBean.getTokenType()); } private void setCustomizedAccessTokenAttributesToMessageContext(RefreshTokenValidationDataDO refreshTokenData, diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java index 57bdfd8ace..fbf0662ff9 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AbstractAuthorizationGrantHandlerTest.java @@ -224,7 +224,7 @@ public Object[][] buildIsAuthorizedClient() { {true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString() + " " + PASSWORD_GRANT, PASSWORD_GRANT, true}, {true, GrantType.SAML20_BEARER.toString() + " " + GrantType.IWA_NTLM.toString(), PASSWORD_GRANT, - false}, {true, null, PASSWORD_GRANT, false}, {false, null, PASSWORD_GRANT, false},}; + false}, {true, null, PASSWORD_GRANT, false}, {false, null, PASSWORD_GRANT, false}}; } @Test(dataProvider = "IsAuthorizedClientDataProvider") From ab92724832c8f3a734c90e03a005c06b669e4720 Mon Sep 17 00:00:00 2001 From: malithie Date: Tue, 30 Jul 2024 22:17:07 +0530 Subject: [PATCH 87/90] Add license. --- .../action/model/OperationExecutionResult.java | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java index 687c63a630..3d820c4f42 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/model/OperationExecutionResult.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.oauth.action.model; import org.wso2.carbon.identity.action.execution.model.PerformableOperation; From 7a338a5b0710a0043ba85930218f215efe1f7a0e Mon Sep 17 00:00:00 2001 From: malithie Date: Tue, 30 Jul 2024 22:34:27 +0530 Subject: [PATCH 88/90] Remove redundant debug log checks. --- .../oauth/action/PreIssueAccessTokenRequestBuilder.java | 2 ++ .../carbon/identity/oauth2/token/AccessTokenIssuer.java | 9 +++------ .../carbon/identity/oauth2/token/JWTTokenIssuer.java | 6 ++---- .../oauth2/token/handlers/grant/RefreshGrantHandler.java | 6 ++---- 4 files changed, 9 insertions(+), 14 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java index f802e5c92a..f41249469e 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenRequestBuilder.java @@ -126,6 +126,8 @@ private void setUserForEventBuilder(PreIssueAccessTokenEvent.Builder eventBuilde eventBuilder.user(new User(user.getUserId())); } catch (UserIdNotFoundException e) { if (LOG.isDebugEnabled()) { + // todo: fall back to a different identifier like username. + // Verify based on when this exception is thrown. LOG.debug(String.format( "Error occurred while retrieving user id of the authorized user for application: " + clientID + "for grantType: " + grantType), e); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java index ef3a04ee52..07eaaab09f 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java @@ -1272,12 +1272,9 @@ private void persistCustomizedAccessTokenAttributesForRefreshToken(OAuth2AccessT TimeUnit.MILLISECONDS.toNanos(tokReqMsgCtx.getRefreshTokenvalidityPeriod())); AuthorizationGrantCache.getInstance().addToCacheByToken(newCacheKey, authorizationGrantCacheEntry); - if (log.isDebugEnabled()) { - log.debug( - "Customized audience list and access token attributes from pre issue access token actions " + - "are persisted in the AuthorizationGrantCache against the token id: " + - tokenRespDTO.getTokenId()); - } + log.debug("Customized audience list and access token attributes from pre issue access token actions " + + "are persisted in the AuthorizationGrantCache against the token id: " + + tokenRespDTO.getTokenId()); } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java index acd9437db6..45fba7b340 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java @@ -806,10 +806,8 @@ protected long getAccessTokenLifeTimeInMillis(OAuthTokenReqMessageContext tokenR if (tokenReqMessageContext.isPreIssueAccessTokenActionsExecuted()) { lifetimeInMillis = tokenReqMessageContext.getValidityPeriod(); - if (log.isDebugEnabled()) { - log.debug("Access token life time is set from OAuthTokenReqMessageContext. Token Lifetime : " + - lifetimeInMillis + "ms."); - } + log.debug("Access token life time is set from OAuthTokenReqMessageContext. Token Lifetime : " + + lifetimeInMillis + "ms."); return lifetimeInMillis; } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java index 67cdcda414..c474bf1450 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/RefreshGrantHandler.java @@ -735,10 +735,8 @@ private void setCustomizedAccessTokenAttributesToMessageContext(RefreshTokenVali tokenRequestContext.setPreIssueAccessTokenActionsExecuted(true); tokenRequestContext.setAdditionalAccessTokenClaims(grantCacheEntry.getCustomClaims()); tokenRequestContext.setAudiences(grantCacheEntry.getAudiences()); - if (log.isDebugEnabled()) { - log.debug("Updated OAuthTokenReqMessageContext with customized audience list and access token" + - " attributes in the AuthorizationGrantCache for token id: " + refreshTokenData.getTokenId()); - } + log.debug("Updated OAuthTokenReqMessageContext with customized audience list and access token" + + " attributes in the AuthorizationGrantCache for token id: " + refreshTokenData.getTokenId()); AuthorizationGrantCache.getInstance().clearCacheEntryByToken(grantCacheKey); } From 2f44c22d817c26e2c5cd5ef402bda8fd4ea0b8eb Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 30 Jul 2024 17:48:26 +0000 Subject: [PATCH 89/90] [WSO2 Release] [Jenkins #4986] [Release 7.0.127] prepare release v7.0.127 --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index eaa6b3c53d..2575d678bc 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127-SNAPSHOT + 7.0.127 ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.127-SNAPSHOT + 7.0.127 WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 788cac5741..51011c5a93 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127-SNAPSHOT + 7.0.127 ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.127-SNAPSHOT + 7.0.127 WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 939697967b..3f6bf554b1 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127-SNAPSHOT + 7.0.127 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index a492a0a2d0..b5cc06df47 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index 80c9415de9..e97e2de580 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.127-SNAPSHOT + 7.0.127 ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index 35c49247e6..a3c93fd4ab 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 2a8bc866c7..15dcd4c030 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 94e238d0db..3fe9fced72 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index aa7d5b6af0..9367bec345 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index 77eaff35b8..bc1c90fd01 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index 7d75521627..ddfbbb09a2 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.127-SNAPSHOT + 7.0.127 ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index aa718eb937..fcfa505169 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 08c6e247e9..47ac5d0001 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index f903e2adbc..4a28db4ade 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 4bdc5ce292..7aa0a5f5ed 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index 1fe930395c..de6669e5af 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 7cb9abd0a0..945805c1b4 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index 2ec1d05565..b38b7b214a 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 92428dec52..07513e4127 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index d7778f6bc2..b3648508d4 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index b1bd9b360f..ccacdd6648 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index 284f451a4c..e982e47909 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index c8330d5f4e..f931b88f08 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index b9baf584db..fc14987ac9 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 diff --git a/pom.xml b/pom.xml index 7ab15740fc..1a1f5ffd45 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127-SNAPSHOT + 7.0.127 pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - HEAD + v7.0.127 diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index dfeb859d02..e6749799ae 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127-SNAPSHOT + 7.0.127 ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 5ecbb1ffa2..983d4f400e 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127-SNAPSHOT + 7.0.127 4.0.0 From 3a0ed829933a8ed0b7405acc47847699d351d7a9 Mon Sep 17 00:00:00 2001 From: WSO2 Builder Date: Tue, 30 Jul 2024 17:48:29 +0000 Subject: [PATCH 90/90] [WSO2 Release] [Jenkins #4986] [Release 7.0.127] prepare for next development iteration --- components/org.wso2.carbon.identity.api.server.dcr/pom.xml | 4 ++-- .../org.wso2.carbon.identity.api.server.oauth.scope/pom.xml | 4 ++-- .../pom.xml | 2 +- components/org.wso2.carbon.identity.discovery/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ciba/pom.xml | 2 +- .../pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.common/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.extension/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.par/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.stub/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth.ui/pom.xml | 2 +- components/org.wso2.carbon.identity.oauth/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.dcr/pom.xml | 2 +- components/org.wso2.carbon.identity.oidc.session/pom.xml | 2 +- components/org.wso2.carbon.identity.webfinger/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.feature/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.server.feature/pom.xml | 2 +- features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml | 2 +- pom.xml | 4 ++-- service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml | 2 +- .../org.wso2.carbon.identity.oauth.common.testng/pom.xml | 2 +- 27 files changed, 30 insertions(+), 30 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml index 2575d678bc..01e06755ff 100644 --- a/components/org.wso2.carbon.identity.api.server.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.dcr/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127 + 7.0.128-SNAPSHOT ../../pom.xml org.wso2.carbon.identity.api.server.dcr - 7.0.127 + 7.0.128-SNAPSHOT WSO2 Carbon - User DCR Rest API WSO2 Carbon - User DCR Rest API diff --git a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml index 51011c5a93..4f92e80798 100644 --- a/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml @@ -5,12 +5,12 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127 + 7.0.128-SNAPSHOT ../.. org.wso2.carbon.identity.api.server.oauth.scope - 7.0.127 + 7.0.128-SNAPSHOT WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs Rest APIs for OAuth 2.0 Scope Handling diff --git a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml index 3f6bf554b1..14e0069e40 100644 --- a/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml +++ b/components/org.wso2.carbon.identity.client.attestation.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127 + 7.0.128-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.discovery/pom.xml b/components/org.wso2.carbon.identity.discovery/pom.xml index b5cc06df47..51331e7b91 100644 --- a/components/org.wso2.carbon.identity.discovery/pom.xml +++ b/components/org.wso2.carbon.identity.discovery/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml index e97e2de580..6fd3b1acc6 100644 --- a/components/org.wso2.carbon.identity.oauth.ciba/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ciba/pom.xml @@ -20,7 +20,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.127 + 7.0.128-SNAPSHOT ../../pom.xml diff --git a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml index a3c93fd4ab..4e90b7cdd4 100644 --- a/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.common/pom.xml b/components/org.wso2.carbon.identity.oauth.common/pom.xml index 15dcd4c030..6b9308c67d 100644 --- a/components/org.wso2.carbon.identity.oauth.common/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.common/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml index 3fe9fced72..f34b5e35c8 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml @@ -6,7 +6,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml index 9367bec345..a18677673e 100644 --- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml index bc1c90fd01..961cecbc87 100644 --- a/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.extension/pom.xml b/components/org.wso2.carbon.identity.oauth.extension/pom.xml index ddfbbb09a2..9a9b884754 100644 --- a/components/org.wso2.carbon.identity.oauth.extension/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.extension/pom.xml @@ -19,7 +19,7 @@ identity-inbound-auth-oauth org.wso2.carbon.identity.inbound.auth.oauth2 - 7.0.127 + 7.0.128-SNAPSHOT ../../pom.xml 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.par/pom.xml b/components/org.wso2.carbon.identity.oauth.par/pom.xml index fcfa505169..1cb452762f 100644 --- a/components/org.wso2.carbon.identity.oauth.par/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.par/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml index 47ac5d0001..40762e7c3d 100644 --- a/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.scope.endpoint/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.stub/pom.xml b/components/org.wso2.carbon.identity.oauth.stub/pom.xml index 4a28db4ade..bf3ef314f2 100644 --- a/components/org.wso2.carbon.identity.oauth.stub/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.stub/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth.ui/pom.xml b/components/org.wso2.carbon.identity.oauth.ui/pom.xml index 7aa0a5f5ed..25d49f86af 100644 --- a/components/org.wso2.carbon.identity.oauth.ui/pom.xml +++ b/components/org.wso2.carbon.identity.oauth.ui/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml index de6669e5af..42bc98e3e4 100644 --- a/components/org.wso2.carbon.identity.oauth/pom.xml +++ b/components/org.wso2.carbon.identity.oauth/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml index 945805c1b4..e4bd76233d 100644 --- a/components/org.wso2.carbon.identity.oidc.dcr/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.dcr/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.oidc.session/pom.xml b/components/org.wso2.carbon.identity.oidc.session/pom.xml index b38b7b214a..901fb43b31 100644 --- a/components/org.wso2.carbon.identity.oidc.session/pom.xml +++ b/components/org.wso2.carbon.identity.oidc.session/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/components/org.wso2.carbon.identity.webfinger/pom.xml b/components/org.wso2.carbon.identity.webfinger/pom.xml index 07513e4127..c57c127cd3 100644 --- a/components/org.wso2.carbon.identity.webfinger/pom.xml +++ b/components/org.wso2.carbon.identity.webfinger/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml index b3648508d4..eb8151c0c9 100644 --- a/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.common.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml index ccacdd6648..bd58f49155 100644 --- a/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.dcr.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.feature/pom.xml index e982e47909..7ed3e814fe 100644 --- a/features/org.wso2.carbon.identity.oauth.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml index f931b88f08..df4ca6d6ba 100644 --- a/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.server.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml index fc14987ac9..4c3c9320c8 100644 --- a/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml +++ b/features/org.wso2.carbon.identity.oauth.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 1a1f5ffd45..b0dce6a549 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127 + 7.0.128-SNAPSHOT pom WSO2 Carbon OAuth module http://wso2.org @@ -37,7 +37,7 @@ https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git scm:git:https://github.com/wso2-extensions/identity-inbound-auth-oauth.git - v7.0.127 + HEAD diff --git a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml index e6749799ae..4c1fde7e7b 100644 --- a/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml +++ b/service-stubs/org.wso2.carbon.claim.metadata.mgt.stub/pom.xml @@ -21,7 +21,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth - 7.0.127 + 7.0.128-SNAPSHOT ../../pom.xml diff --git a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml index 983d4f400e..7fba971975 100644 --- a/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml +++ b/test-utils/org.wso2.carbon.identity.oauth.common.testng/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.identity.inbound.auth.oauth2 identity-inbound-auth-oauth ../../pom.xml - 7.0.127 + 7.0.128-SNAPSHOT 4.0.0