Merge branch 'master' of github.com:wso2-extensions/identity-inbound-auth-oauth into new-claim-token-persist

Author: dushaniw

components/org.wso2.carbon.identity.api.server.dcr/pom.xml

@@ -5,12 +5,12 @@
     <parent>
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
         <relativePath>../..</relativePath>
     </parent>
 
     <artifactId>org.wso2.carbon.identity.api.server.dcr</artifactId>
-    <version>6.11.162-SNAPSHOT</version>
+    <version>6.11.172-SNAPSHOT</version>
     <name>WSO2 Carbon -  User DCR Rest API</name>
     <description>WSO2 Carbon - User DCR Rest API</description>
 

components/org.wso2.carbon.identity.api.server.dcr/src/gen/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/dto/ApplicationDTO.java

@@ -48,6 +48,7 @@ public class ApplicationDTO  {
   private String subjectType = null;
   private String requestObjectEncryptionAlgorithm = null;
   private String requestObjectEncryptionMethod = null;
+  private String softwareStatement = null;
 
 
   /**
@@ -264,6 +265,16 @@ public void setRequestObjectEncryptionMethod(String requestObjectEncryptionMetho
     this.requestObjectEncryptionMethod = requestObjectEncryptionMethod;
   }
 
+  @ApiModelProperty(value = "")
+  @JsonProperty("software_statement")
+  public String getSoftwareStatement() {
+    return softwareStatement;
+  }
+
+  public void setSoftwareStatement(String softwareStatement) {
+    this.softwareStatement = softwareStatement;
+  }
+
   @Override
   public String toString()  {
     StringBuilder sb = new StringBuilder();

components/org.wso2.carbon.identity.api.server.dcr/src/main/java/org/wso2/carbon/identity/oauth2/dcr/endpoint/util/DCRMUtils.java

@@ -159,6 +159,10 @@ public static void handleErrorResponse(DCRMException dcrmException, Log log) thr
                 status = Response.Status.UNAUTHORIZED;
             } else if (errorCode.startsWith(FORBIDDEN_STATUS)) {
                 status = Response.Status.FORBIDDEN;
+            } else if (errorCode.startsWith(DCRMConstants.ErrorCodes.INVALID_CLIENT_METADATA) ||
+                    errorCode.startsWith(DCRMConstants.ErrorCodes.INVALID_SOFTWARE_STATEMENT)) {
+                status = Response.Status.BAD_REQUEST;
+                isStatusOnly = false;
             }
         }
         throw buildDCRMEndpointException(status, errorCode, dcrmException.getMessage(), isStatusOnly);
@@ -229,6 +233,7 @@ public static ApplicationDTO getApplicationDTOFromApplication(Application applic
         applicationDTO.setRequestObjectEncryptionMethod(application.getRequestObjectEncryptionMethod());
         applicationDTO.setRequirePushAuthorizationRequest(application.isRequirePushedAuthorizationRequests());
         applicationDTO.setTlsClientCertificateBoundAccessToken(application.isTlsClientCertificateBoundAccessTokens());
+        applicationDTO.setSoftwareStatement(application.getSoftwareStatement());
         return applicationDTO;
     }
 
@@ -265,6 +270,9 @@ private static DCRMEndpointException buildDCRMEndpointException(Response.Status
             if (code.equals(DCRMConstants.ErrorMessages.BAD_REQUEST_INVALID_REDIRECT_URI.toString())) {
                 error = DCRMConstants.ErrorCodes.INVALID_REDIRECT_URI;
             }
+            if (code.equals(DCRMConstants.ErrorCodes.INVALID_SOFTWARE_STATEMENT)) {
+                error = DCRMConstants.ErrorCodes.INVALID_SOFTWARE_STATEMENT;
+            }
 
             ErrorDTO errorDTO = new ErrorDTO();
             errorDTO.setError(error);

components/org.wso2.carbon.identity.api.server.oauth.scope/pom.xml

@@ -5,12 +5,12 @@
     <parent>
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
         <relativePath>../..</relativePath>
     </parent>
 
     <artifactId>org.wso2.carbon.identity.api.server.oauth.scope</artifactId>
-    <version>6.11.162-SNAPSHOT</version>
+    <version>6.11.172-SNAPSHOT</version>
 
     <name>WSO2 Carbon - Identity OAuth 2.0 Scope Rest APIs</name>
     <description>Rest APIs for OAuth 2.0 Scope Handling</description>

components/org.wso2.carbon.identity.discovery/pom.xml

@@ -21,7 +21,7 @@
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
         <relativePath>../../pom.xml</relativePath>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

components/org.wso2.carbon.identity.oauth.ciba/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>identity-inbound-auth-oauth</artifactId>
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/org.wso2.carbon.identity.oauth.client.authn.filter/pom.xml

@@ -22,7 +22,7 @@
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
         <relativePath>../../pom.xml</relativePath>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

components/org.wso2.carbon.identity.oauth.common/pom.xml

@@ -23,7 +23,7 @@
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
         <relativePath>../../pom.xml</relativePath>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java

@@ -228,8 +228,33 @@ public static SubjectType fromValue(String text) {
     public static final String ORG_ID = "org_id";
     public static final String IS_FAPI_CONFORMANT_APP = "isFAPIConformant";
     public static final String ENABLE_FAPI = "OAuth.OpenIDConnect.FAPI.EnableFAPIValidation";
-    public static final String IS_THIRD_PARTY_APP = "isThirdPartyApp";
+    public static final String ENABLE_DCR_FAPI_ENFORCEMENT = "OAuth.DCRM.EnableFAPIEnforcement";
+    public static final String FAPI_CLIENT_AUTH_METHOD_CONFIGURATION = "OAuth.OpenIDConnect.FAPI." +
+            "AllowedClientAuthenticationMethods.AllowedClientAuthenticationMethod";
+    public static final String FAPI_SIGNATURE_ALGORITHM_CONFIGURATION = "OAuth.OpenIDConnect.FAPI." +
+            "AllowedSignatureAlgorithms.AllowedSignatureAlgorithm";
+    public static final String VALIDATE_SECTOR_IDENTIFIER = "OAuth.DCRM.EnableSectorIdentifierURIValidation";
+    public static final String TOKEN_EP_SIGNATURE_ALG_CONFIGURATION = "OAuth.OpenIDConnect" +
+            ".SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm";
+    public static final String ID_TOKEN_SIGNATURE_ALG_CONFIGURATION = "OAuth.OpenIDConnect" +
+            ".SupportedIDTokenSigningAlgorithms.SupportedIDTokenSigningAlgorithm";
+    public static final String REQUEST_OBJECT_SIGNATURE_ALG_CONFIGURATION = "OAuth.OpenIDConnect" +
+            ".SupportedRequestObjectSigningAlgorithms.SupportedRequestObjectSigningAlgorithm";
+    public static final String ID_TOKEN_ENCRYPTION_ALGORITHM = "OAuth.OpenIDConnect." +
+            "SupportedIDTokenEncryptionAlgorithms.SupportedIDTokenEncryptionAlgorithm";
+    public static final String REQUEST_OBJECT_ENCRYPTION_ALGORITHM = "OAuth.OpenIDConnect." +
+            "SupportedRequestObjectEncryptionAlgorithms.SupportedRequestObjectEncryptionAlgorithm";
+    public static final String ID_TOKEN_ENCRYPTION_METHOD = "OAuth.OpenIDConnect.SupportedIDTokenEncryptionMethods." +
+            "SupportedIDTokenEncryptionMethod";
+    public static final String REQUEST_OBJECT_ENCRYPTION_METHOD = "OAuth.OpenIDConnect." +
+            "SupportedRequestObjectEncryptionMethods.SupportedRequestObjectEncryptionMethod";
+    public static final String IS_PUSH_AUTHORIZATION_REQUEST = "isPushAuthorizationRequest";
+
 
+    public static final String IS_THIRD_PARTY_APP = "isThirdPartyApp";
+    public static final String PRIVATE_KEY_JWT = "private_key_jwt";
+    public static final String TLS_CLIENT_AUTH = "tls_client_auth";
+    public static final String RESTRICTED_ENCRYPTION_ALGORITHM = "RSA1_5";
 
     private OAuthConstants() {
 
@@ -601,6 +626,8 @@ public static class SignatureAlgorithms {
         public static final String SHA1 = "SHA-1";
         public static final String KID_HASHING_ALGORITHM = SHA256;
         public static final String PREVIOUS_KID_HASHING_ALGORITHM = SHA1;
+        public static final String PS256 = "PS256";
+        public static final String ES256 = "ES256";
 
         private SignatureAlgorithms() {
 

components/org.wso2.carbon.identity.oauth.dcr.endpoint/pom.xml

@@ -6,7 +6,7 @@
         <groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
         <artifactId>identity-inbound-auth-oauth</artifactId>
         <relativePath>../../pom.xml</relativePath>
-        <version>6.11.162-SNAPSHOT</version>
+        <version>6.11.172-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>