From 7aee4fa8f6450fa84d64328061fde71a6e06dbd6 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Mon, 2 Oct 2023 12:08:56 +0530 Subject: [PATCH 01/17] Support new oauth attributes --- .../v1/OpenIDConnectConfiguration.java | 273 +++++++++++++++++- .../oauth2/ApiModelToOAuthConsumerApp.java | 17 ++ .../oauth2/OAuthConsumerAppToApiModel.java | 16 +- 3 files changed, 302 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java index b3016bf3a8..079e2999e8 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java @@ -89,6 +89,20 @@ public static StateEnum fromValue(String value) { private OIDCLogoutConfiguration logout; private Boolean validateRequestObjectSignature = false; private List scopeValidators = null; + private String tokenEndpointAuthMethod; + private String tokenEndpointAuthSignatureAlgorithm; + private String sectorIdentifierURI; + private String idTokenSignatureAlgorithm; + private String authorizationResponseEncryptionAlgorithm; + private String authorizationResponseSignatureAlgorithm; + private String authorizationResponseEncryptionMethod; + private String requestObjectSignatureAlgorithm; + private String requestObjectEncryptionAlgorithm; + private String requestObjectEncryptionMethod; + private String tlsClientAuthSubjectDN; + private boolean tlsClientCertificateBoundAccessTokens; + private boolean requirePushedAuthorizationRequests; + private String subjectType; /** @@ -377,7 +391,231 @@ public OpenIDConnectConfiguration addScopeValidatorsItem(String scopeValidatorsI return this; } - + public OpenIDConnectConfiguration tokenEndpointAuthMethod(String tokenEndpointAuthMethod) { + + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tokenEndpointAuthMethod") + @Valid + public String getTokenEndpointAuthMethod() { + return tokenEndpointAuthMethod; + } + public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + } + + public OpenIDConnectConfiguration tokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSignatureAlgorithm) { + + this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tokenEndpointAuthSignatureAlgorithm") + @Valid + public String getTokenEndpointAuthSignatureAlgorithm() { + return tokenEndpointAuthSignatureAlgorithm; + } + public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSignatureAlgorithm) { + this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; + } + + public OpenIDConnectConfiguration sectorIdentifierURI(String sectorIdentifierURI) { + + this.sectorIdentifierURI = sectorIdentifierURI; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("sectorIdentifierURI") + @Valid + public String getSectorIdentifierURI() { + return sectorIdentifierURI; + } + public void setSectorIdentifierURI(String sectorIdentifierURI) { + this.sectorIdentifierURI = sectorIdentifierURI; + } + + public OpenIDConnectConfiguration idTokenSignatureAlgorithm(String idTokenSignatureAlgorithm) { + + this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("idTokenSignatureAlgorithm") + @Valid + public String getIdTokenSignatureAlgorithm() { + return idTokenSignatureAlgorithm; + } + public void setIdTokenSignatureAlgorithm(String idTokenSignatureAlgorithm) { + this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; + } + + public OpenIDConnectConfiguration authorizationResponseEncryptionAlgorithm( + String authorizationResponseEncryptionAlgorithm) { + + this.authorizationResponseEncryptionAlgorithm = authorizationResponseEncryptionAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("authorizationResponseEncryptionAlgorithm") + @Valid + public String getAuthorizationResponseEncryptionAlgorithm() { + return authorizationResponseEncryptionAlgorithm; + } + public void setAuthorizationResponseEncryptionAlgorithm(String authorizationResponseEncryptionAlgorithm) { + this.authorizationResponseEncryptionAlgorithm = authorizationResponseEncryptionAlgorithm; + } + + public OpenIDConnectConfiguration authorizationResponseSignatureAlgorithm( + String authorizationResponseSignatureAlgorithm) { + + this.authorizationResponseSignatureAlgorithm = authorizationResponseSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("authorizationResponseSignatureAlgorithm") + @Valid + public String getAuthorizationResponseSignatureAlgorithm() { + return authorizationResponseSignatureAlgorithm; + } + public void setAuthorizationResponseSignatureAlgorithm(String authorizationResponseSignatureAlgorithm) { + this.authorizationResponseSignatureAlgorithm = authorizationResponseSignatureAlgorithm; + } + + public OpenIDConnectConfiguration authorizationResponseEncryptionMethod(String authorizationResponseEncryptionMethod) { + + this.authorizationResponseEncryptionMethod = authorizationResponseEncryptionMethod; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("authorizationResponseEncryptionMethod") + @Valid + public String getAuthorizationResponseEncryptionMethod() { + return authorizationResponseEncryptionMethod; + } + public void setAuthorizationResponseEncryptionMethod(String authorizationResponseEncryptionMethod) { + this.authorizationResponseEncryptionMethod = authorizationResponseEncryptionMethod; + } + + public OpenIDConnectConfiguration requestObjectSignatureAlgorithm(String requestObjectSignatureAlgorithm) { + + this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectSignatureAlgorithm") + @Valid + public String getRequestObjectSignatureAlgorithm() { + return requestObjectSignatureAlgorithm; + } + public void setRequestObjectSignatureAlgorithm(String requestObjectSignatureAlgorithm) { + this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; + } + + public OpenIDConnectConfiguration requestObjectEncryptionAlgorithm(String requestObjectEncryptionAlgorithm) { + + this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectEncryptionAlgorithm") + @Valid + public String getRequestObjectEncryptionAlgorithm() { + return requestObjectEncryptionAlgorithm; + } + public void setRequestObjectEncryptionAlgorithm(String requestObjectEncryptionAlgorithm) { + this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; + } + + public OpenIDConnectConfiguration requestObjectEncryptionMethod(String requestObjectEncryptionMethod) { + + this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectEncryptionMethod") + @Valid + public String getRequestObjectEncryptionMethod() { + return requestObjectEncryptionMethod; + } + public void setRequestObjectEncryptionMethod(String requestObjectEncryptionMethod) { + this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; + } + + public OpenIDConnectConfiguration tlsClientAuthSubjectDN(String tlsClientAuthSubjectDN) { + + this.tlsClientAuthSubjectDN = tlsClientAuthSubjectDN; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tlsClientAuthSubjectDN") + @Valid + public String getTlsClientAuthSubjectDN() { + return tlsClientAuthSubjectDN; + } + public void setTlsClientAuthSubjectDN(String tlsClientAuthSubjectDN) { + this.tlsClientAuthSubjectDN = tlsClientAuthSubjectDN; + } + + public OpenIDConnectConfiguration tlsClientCertificateBoundAccessTokens(boolean tlsClientCertificateBoundAccessTokens) { + + this.tlsClientCertificateBoundAccessTokens = tlsClientCertificateBoundAccessTokens; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tlsClientCertificateBoundAccessTokens") + @Valid + public boolean getTlsClientCertificateBoundAccessTokens() { + return tlsClientCertificateBoundAccessTokens; + } + public void setTlsClientCertificateBoundAccessTokens(boolean tlsClientCertificateBoundAccessTokens) { + this.tlsClientCertificateBoundAccessTokens = tlsClientCertificateBoundAccessTokens; + } + + public OpenIDConnectConfiguration requirePushedAuthorizationRequests(boolean requirePushedAuthorizationRequests) { + + this.requirePushedAuthorizationRequests = requirePushedAuthorizationRequests; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requirePushedAuthorizationRequests") + @Valid + public boolean getRequirePushedAuthorizationRequests() { + return requirePushedAuthorizationRequests; + } + public void setRequirePushedAuthorizationRequests(boolean requirePushedAuthorizationRequests) { + this.requirePushedAuthorizationRequests = requirePushedAuthorizationRequests; + } + + public OpenIDConnectConfiguration subjectType(String subjectType) { + + this.subjectType = subjectType; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("subjectType") + @Valid + public String getSubjectType() { + return subjectType; + } + public void setSubjectType(String subjectType) { + this.subjectType = subjectType; + } @Override public boolean equals(java.lang.Object o) { @@ -402,12 +640,27 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.idToken, openIDConnectConfiguration.idToken) && Objects.equals(this.logout, openIDConnectConfiguration.logout) && Objects.equals(this.validateRequestObjectSignature, openIDConnectConfiguration.validateRequestObjectSignature) && - Objects.equals(this.scopeValidators, openIDConnectConfiguration.scopeValidators); + Objects.equals(this.scopeValidators, openIDConnectConfiguration.scopeValidators) && + Objects.equals(this.tokenEndpointAuthMethod, openIDConnectConfiguration.tokenEndpointAuthMethod) && + Objects.equals(this.tokenEndpointAuthSignatureAlgorithm, openIDConnectConfiguration.tokenEndpointAuthSignatureAlgorithm) && + Objects.equals(this.sectorIdentifierURI, openIDConnectConfiguration.sectorIdentifierURI) && + Objects.equals(this.idTokenSignatureAlgorithm, openIDConnectConfiguration.idTokenSignatureAlgorithm) && + Objects.equals(this.authorizationResponseEncryptionAlgorithm, openIDConnectConfiguration.authorizationResponseEncryptionAlgorithm) && + Objects.equals(this.authorizationResponseSignatureAlgorithm, openIDConnectConfiguration.authorizationResponseSignatureAlgorithm) && + Objects.equals(this.authorizationResponseEncryptionMethod, openIDConnectConfiguration.authorizationResponseEncryptionMethod) && + Objects.equals(this.requestObjectSignatureAlgorithm, openIDConnectConfiguration.requestObjectSignatureAlgorithm) && + Objects.equals(this.requestObjectEncryptionAlgorithm, openIDConnectConfiguration.requestObjectEncryptionAlgorithm) && + Objects.equals(this.requestObjectEncryptionMethod, openIDConnectConfiguration.requestObjectEncryptionMethod) && + Objects.equals(this.tlsClientAuthSubjectDN, openIDConnectConfiguration.tlsClientAuthSubjectDN) && + Objects.equals(this.tlsClientCertificateBoundAccessTokens, openIDConnectConfiguration.tlsClientCertificateBoundAccessTokens) && + Objects.equals(this.requirePushedAuthorizationRequests, openIDConnectConfiguration.requirePushedAuthorizationRequests) && + Objects.equals(this.subjectType, openIDConnectConfiguration.subjectType); + } @Override public int hashCode() { - return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, accessToken, refreshToken, idToken, logout, validateRequestObjectSignature, scopeValidators); + return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, accessToken, refreshToken, idToken, logout, validateRequestObjectSignature, scopeValidators, tokenEndpointAuthMethod, tokenEndpointAuthSignatureAlgorithm, sectorIdentifierURI, idTokenSignatureAlgorithm, authorizationResponseEncryptionAlgorithm, authorizationResponseSignatureAlgorithm, authorizationResponseEncryptionMethod, requestObjectSignatureAlgorithm, requestObjectEncryptionAlgorithm, requestObjectEncryptionMethod, tlsClientAuthSubjectDN, tlsClientCertificateBoundAccessTokens, requirePushedAuthorizationRequests, subjectType); } @Override @@ -430,6 +683,20 @@ public String toString() { sb.append(" logout: ").append(toIndentedString(logout)).append("\n"); sb.append(" validateRequestObjectSignature: ").append(toIndentedString(validateRequestObjectSignature)).append("\n"); sb.append(" scopeValidators: ").append(toIndentedString(scopeValidators)).append("\n"); + sb.append(" tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n"); + sb.append(" tokenEndpointAuthSignatureAlgorithm: ").append(toIndentedString(tokenEndpointAuthSignatureAlgorithm)).append("\n"); + sb.append(" sectorIdentifierURI: ").append(toIndentedString(sectorIdentifierURI)).append("\n"); + sb.append(" idTokenSignatureAlgorithm: ").append(toIndentedString(idTokenSignatureAlgorithm)).append("\n"); + sb.append(" authorizationResponseEncryptionAlgorithm: ").append(toIndentedString(authorizationResponseEncryptionAlgorithm)).append("\n"); + sb.append(" authorizationResponseSignatureAlgorithm: ").append(toIndentedString(authorizationResponseSignatureAlgorithm)).append("\n"); + sb.append(" authorizationResponseEncryptionMethod: ").append(toIndentedString(authorizationResponseEncryptionMethod)).append("\n"); + sb.append(" requestObjectSignatureAlgorithm: ").append(toIndentedString(requestObjectSignatureAlgorithm)).append("\n"); + sb.append(" requestObjectEncryptionAlgorithm: ").append(toIndentedString(requestObjectEncryptionAlgorithm)).append("\n"); + sb.append(" requestObjectEncryptionMethod: ").append(toIndentedString(requestObjectEncryptionMethod)).append("\n"); + sb.append(" tlsClientAuthSubjectDN: ").append(toIndentedString(tlsClientAuthSubjectDN)).append("\n"); + sb.append(" tlsClientCertificateBoundAccessTokens: ").append(toIndentedString(tlsClientCertificateBoundAccessTokens)).append("\n"); + sb.append(" requirePushedAuthorizationRequests: ").append(toIndentedString(requirePushedAuthorizationRequests)).append("\n"); + sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index 4515f431a7..fa5851173a 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -57,6 +57,23 @@ public OAuthConsumerAppDTO apply(String appName, OpenIDConnectConfiguration oidc consumerAppDTO.setBypassClientCredentials(oidcModel.getPublicClient()); consumerAppDTO.setRequestObjectSignatureValidationEnabled(oidcModel.getValidateRequestObjectSignature()); + consumerAppDTO.setTokenEndpointAuthMethod(oidcModel.getTokenEndpointAuthMethod()); + consumerAppDTO.setTokenEndpointAuthSignatureAlgorithm(oidcModel.getTokenEndpointAuthSignatureAlgorithm()); + consumerAppDTO.setSectorIdentifierURI(oidcModel.getSectorIdentifierURI()); + consumerAppDTO.setIdTokenSignatureAlgorithm(oidcModel.getIdTokenSignatureAlgorithm()); + consumerAppDTO.setAuthorizationResponseEncryptionAlgorithm(oidcModel + .getAuthorizationResponseEncryptionAlgorithm()); + consumerAppDTO.setAuthorizationResponseSignatureAlgorithm(oidcModel + .getAuthorizationResponseSignatureAlgorithm()); + consumerAppDTO.setAuthorizationResponseEncryptionMethod(oidcModel.getAuthorizationResponseEncryptionMethod()); + consumerAppDTO.setRequestObjectSignatureAlgorithm(oidcModel.getRequestObjectSignatureAlgorithm()); + consumerAppDTO.setRequestObjectEncryptionAlgorithm(oidcModel.getRequestObjectEncryptionAlgorithm()); + consumerAppDTO.setRequestObjectEncryptionMethod(oidcModel.getRequestObjectEncryptionMethod()); + consumerAppDTO.setTlsClientAuthSubjectDN(oidcModel.getTlsClientAuthSubjectDN()); + consumerAppDTO.setTlsClientCertificateBoundAccessTokens(oidcModel.getTlsClientCertificateBoundAccessTokens()); + consumerAppDTO.setRequirePushedAuthorizationRequests(oidcModel.getRequirePushedAuthorizationRequests()); + consumerAppDTO.setSubjectType(oidcModel.getSubjectType()); + updateAllowedOrigins(consumerAppDTO, oidcModel.getAllowedOrigins()); updatePkceConfigurations(consumerAppDTO, oidcModel.getPkce()); updateAccessTokenConfiguration(consumerAppDTO, oidcModel.getAccessToken()); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index a4aad84987..c8bae51160 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -53,7 +53,21 @@ public OpenIDConnectConfiguration apply(OAuthConsumerAppDTO oauthAppDTO) { .idToken(buildIdTokenConfiguration(oauthAppDTO)) .logout(buildLogoutConfiguration(oauthAppDTO)) .scopeValidators(getScopeValidators(oauthAppDTO)) - .validateRequestObjectSignature(oauthAppDTO.isRequestObjectSignatureValidationEnabled()); + .validateRequestObjectSignature(oauthAppDTO.isRequestObjectSignatureValidationEnabled()) + .tokenEndpointAuthMethod(oauthAppDTO.getTokenEndpointAuthMethod()) + .tokenEndpointAuthSignatureAlgorithm(oauthAppDTO.getTokenEndpointAuthSignatureAlgorithm()) + .sectorIdentifierURI(oauthAppDTO.getSectorIdentifierURI()) + .idTokenSignatureAlgorithm(oauthAppDTO.getIdTokenSignatureAlgorithm()) + .authorizationResponseEncryptionAlgorithm(oauthAppDTO.getAuthorizationResponseEncryptionAlgorithm()) + .authorizationResponseSignatureAlgorithm(oauthAppDTO.getAuthorizationResponseSignatureAlgorithm()) + .authorizationResponseEncryptionMethod(oauthAppDTO.getAuthorizationResponseEncryptionMethod()) + .requestObjectSignatureAlgorithm(oauthAppDTO.getRequestObjectSignatureAlgorithm()) + .requestObjectEncryptionAlgorithm(oauthAppDTO.getRequestObjectEncryptionAlgorithm()) + .requestObjectEncryptionMethod(oauthAppDTO.getRequestObjectEncryptionMethod()) + .tlsClientAuthSubjectDN(oauthAppDTO.getTlsClientAuthSubjectDN()) + .tlsClientCertificateBoundAccessTokens(oauthAppDTO.getTlsClientCertificateBoundAccessTokens()) + .requirePushedAuthorizationRequests(oauthAppDTO.getRequirePushedAuthorizationRequests()) + .subjectType(oauthAppDTO.getSubjectType()); } private List getScopeValidators(OAuthConsumerAppDTO oauthAppDTO) { From 64f9ec81d4628cc1d0065c8708b7a2da69b88263 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Fri, 20 Oct 2023 01:14:02 +0530 Subject: [PATCH 02/17] Add support for additional oauth attributes --- .../v1/ClientAuthenticationConfiguration.java | 113 +++++++ .../management/v1/IdTokenConfiguration.java | 23 +- .../management/v1/OIDCMetaData.java | 46 ++- .../v1/OpenIDConnectConfiguration.java | 283 +++--------------- ...PushAuthorizationRequestConfiguration.java | 71 +++++ .../v1/RequestObjectConfiguration.java | 114 +++++++ .../RequestObjectEncryptionConfiguration.java | 94 ++++++ .../management/v1/SubjectConfig.java | 46 ++- .../management/v1/SubjectConfiguration.java | 92 ++++++ .../ServerApplicationMetadataService.java | 10 + .../oauth2/ApiModelToOAuthConsumerApp.java | 71 +++-- .../oauth2/OAuthConsumerAppToApiModel.java | 68 ++++- .../src/main/resources/applications.yaml | 62 ++++ .../identity/api/server/common/Constants.java | 1 + 14 files changed, 824 insertions(+), 270 deletions(-) create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java new file mode 100644 index 0000000000..e69be1481b --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java @@ -0,0 +1,113 @@ +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class ClientAuthenticationConfiguration { + + private String tokenEndpointAuthMethod; + private String tokenEndpointAuthSigningAlg; + private String tlsClientAuthSubjectDn; + + /** + **/ + public ClientAuthenticationConfiguration tokenEndpointAuthMethod(String tokenEndpointAuthMethod) { + + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + return this; + } + + @ApiModelProperty(example = "true", value = "") + @JsonProperty("tokenEndpointAuthMethod") + @Valid + public String getTokenEndpointAuthMethod() { + return tokenEndpointAuthMethod; + } + public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + } + + /** + **/ + public ClientAuthenticationConfiguration tokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg) { + + this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlg; + return this; + } + + @ApiModelProperty(example = "PS256", value = "") + @JsonProperty("tokenEndpointAuthSigningAlg") + @Valid + public String getTokenEndpointAuthSigningAlg() { + return tokenEndpointAuthSigningAlg; + } + public void setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg) { + this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlg; + } + + /** + **/ + public ClientAuthenticationConfiguration tlsClientAuthSubjectDn(String tlsClientAuthSubjectDn) { + + this.tlsClientAuthSubjectDn = tlsClientAuthSubjectDn; + return this; + } + + @ApiModelProperty(example = "CN=John Doe,OU=OrgUnit,O=Organization,L=Colombo,ST=Western,C=LK", value = "") + @JsonProperty("tlsClientAuthSubjectDn") + @Valid + public String getTlsClientAuthSubjectDn() { + return tlsClientAuthSubjectDn; + } + public void setTlsClientAuthSubjectDn(String tlsClientAuthSubjectDn) { + this.tlsClientAuthSubjectDn = tlsClientAuthSubjectDn; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ClientAuthenticationConfiguration clientAuthenticationConfiguration = (ClientAuthenticationConfiguration) o; + return Objects.equals(this.tokenEndpointAuthMethod, clientAuthenticationConfiguration.tokenEndpointAuthMethod) && + Objects.equals(this.tokenEndpointAuthSigningAlg, clientAuthenticationConfiguration.tokenEndpointAuthSigningAlg) && + Objects.equals(this.tlsClientAuthSubjectDn, clientAuthenticationConfiguration.tlsClientAuthSubjectDn); + } + + @Override + public int hashCode() { + return Objects.hash(tokenEndpointAuthMethod, tokenEndpointAuthSigningAlg, tlsClientAuthSubjectDn); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class ClientAuthenticationConfiguration {\n"); + + sb.append(" tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n"); + sb.append(" tokenEndpointAuthSigningAlg: ").append(toIndentedString(tokenEndpointAuthSigningAlg)).append("\n"); + sb.append(" tlsClientAuthSubjectDn: ").append(toIndentedString(tlsClientAuthSubjectDn)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/IdTokenConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/IdTokenConfiguration.java index 095a10e805..1899e46e59 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/IdTokenConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/IdTokenConfiguration.java @@ -37,6 +37,7 @@ public class IdTokenConfiguration { private Long expiryInSeconds; private List audience = null; + private String idTokenSignedResponseAlg; private IdTokenEncryptionConfiguration encryption; @@ -84,6 +85,24 @@ public IdTokenConfiguration addAudienceItem(String audienceItem) { return this; } + /** + **/ + public IdTokenConfiguration idTokenSignedResponseAlg(String idTokenSignedResponseAlg) { + + this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; + return this; + } + + @ApiModelProperty(example = "PS256", value = "") + @JsonProperty("idTokenSignedResponseAlg") + @Valid + public String getIdTokenSignedResponseAlg() { + return idTokenSignedResponseAlg; + } + public void setIdTokenSignedResponseAlg(String idTokenSignedResponseAlg) { + this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; + } + /** **/ public IdTokenConfiguration encryption(IdTokenEncryptionConfiguration encryption) { @@ -116,12 +135,13 @@ public boolean equals(java.lang.Object o) { IdTokenConfiguration idTokenConfiguration = (IdTokenConfiguration) o; return Objects.equals(this.expiryInSeconds, idTokenConfiguration.expiryInSeconds) && Objects.equals(this.audience, idTokenConfiguration.audience) && + Objects.equals(this.idTokenSignedResponseAlg, idTokenConfiguration.idTokenSignedResponseAlg) && Objects.equals(this.encryption, idTokenConfiguration.encryption); } @Override public int hashCode() { - return Objects.hash(expiryInSeconds, audience, encryption); + return Objects.hash(expiryInSeconds, audience, idTokenSignedResponseAlg, encryption); } @Override @@ -132,6 +152,7 @@ public String toString() { sb.append(" expiryInSeconds: ").append(toIndentedString(expiryInSeconds)).append("\n"); sb.append(" audience: ").append(toIndentedString(audience)).append("\n"); + sb.append(" idTokenSignedResponseAlg: ").append(toIndentedString(idTokenSignedResponseAlg)).append("\n"); sb.append(" encryption: ").append(toIndentedString(encryption)).append("\n"); sb.append("}"); return sb.toString(); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java index c4d70dad28..9626fa9f89 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java @@ -44,6 +44,8 @@ public class OIDCMetaData { private MetadataProperty scopeValidators; private MetadataProperty accessTokenType; private MetadataProperty accessTokenBindingType; + private MetadataProperty tokenEndpointAuthMethod; + private MetadataProperty tokenEndpointSignatureAlgorithm; /** **/ @@ -225,6 +227,42 @@ public void setAccessTokenBindingType(MetadataProperty accessTokenBindingType) { this.accessTokenBindingType = accessTokenBindingType; } + /** + **/ + public OIDCMetaData tokenEndpointAuthMethod(MetadataProperty tokenEndpointAuthMethod) { + + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tokenEndpointAuthMethod") + @Valid + public MetadataProperty getTokenEndpointAuthMethod() { + return tokenEndpointAuthMethod; + } + public void setTokenEndpointAuthMethod(MetadataProperty tokenEndpointAuthMethod) { + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + } + + /** + **/ + public OIDCMetaData tokenEndpointSignatureAlgorithm(MetadataProperty tokenEndpointSignatureAlgorithm) { + + this.tokenEndpointSignatureAlgorithm = tokenEndpointSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("tokenEndpointSignatureAlgorithm") + @Valid + public MetadataProperty getTokenEndpointSignatureAlgorithm() { + return tokenEndpointSignatureAlgorithm; + } + public void setTokenEndpointSignatureAlgorithm(MetadataProperty tokenEndpointSignatureAlgorithm) { + this.tokenEndpointSignatureAlgorithm = tokenEndpointSignatureAlgorithm; + } + @Override @@ -246,12 +284,14 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.idTokenEncryptionMethod, oiDCMetaData.idTokenEncryptionMethod) && Objects.equals(this.scopeValidators, oiDCMetaData.scopeValidators) && Objects.equals(this.accessTokenType, oiDCMetaData.accessTokenType) && - Objects.equals(this.accessTokenBindingType, oiDCMetaData.accessTokenBindingType); + Objects.equals(this.accessTokenBindingType, oiDCMetaData.accessTokenBindingType) && + Objects.equals(this.tokenEndpointAuthMethod, oiDCMetaData.tokenEndpointAuthMethod) && + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.tokenEndpointSignatureAlgorithm); } @Override public int hashCode() { - return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType); + return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType, tokenEndpointAuthMethod, tokenEndpointSignatureAlgorithm); } @Override @@ -270,6 +310,8 @@ public String toString() { sb.append(" scopeValidators: ").append(toIndentedString(scopeValidators)).append("\n"); sb.append(" accessTokenType: ").append(toIndentedString(accessTokenType)).append("\n"); sb.append(" accessTokenBindingType: ").append(toIndentedString(accessTokenBindingType)).append("\n"); + sb.append(" tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n"); + sb.append(" tokenEndpointSignatureAlgorithm: ").append(toIndentedString(tokenEndpointSignatureAlgorithm)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java index 079e2999e8..cf3c46e6b2 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java @@ -89,21 +89,10 @@ public static StateEnum fromValue(String value) { private OIDCLogoutConfiguration logout; private Boolean validateRequestObjectSignature = false; private List scopeValidators = null; - private String tokenEndpointAuthMethod; - private String tokenEndpointAuthSignatureAlgorithm; - private String sectorIdentifierURI; - private String idTokenSignatureAlgorithm; - private String authorizationResponseEncryptionAlgorithm; - private String authorizationResponseSignatureAlgorithm; - private String authorizationResponseEncryptionMethod; - private String requestObjectSignatureAlgorithm; - private String requestObjectEncryptionAlgorithm; - private String requestObjectEncryptionMethod; - private String tlsClientAuthSubjectDN; - private boolean tlsClientCertificateBoundAccessTokens; - private boolean requirePushedAuthorizationRequests; - private String subjectType; - + private ClientAuthenticationConfiguration clientAuthentication; + private RequestObjectConfiguration requestObject; + private PushAuthorizationRequestConfiguration pushAuthorizationRequest; + private SubjectConfiguration subject; /** **/ @@ -391,230 +380,76 @@ public OpenIDConnectConfiguration addScopeValidatorsItem(String scopeValidatorsI return this; } - public OpenIDConnectConfiguration tokenEndpointAuthMethod(String tokenEndpointAuthMethod) { - - this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("tokenEndpointAuthMethod") - @Valid - public String getTokenEndpointAuthMethod() { - return tokenEndpointAuthMethod; - } - public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) { - this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; - } - - public OpenIDConnectConfiguration tokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSignatureAlgorithm) { - - this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("tokenEndpointAuthSignatureAlgorithm") - @Valid - public String getTokenEndpointAuthSignatureAlgorithm() { - return tokenEndpointAuthSignatureAlgorithm; - } - public void setTokenEndpointAuthSignatureAlgorithm(String tokenEndpointAuthSignatureAlgorithm) { - this.tokenEndpointAuthSignatureAlgorithm = tokenEndpointAuthSignatureAlgorithm; - } - - public OpenIDConnectConfiguration sectorIdentifierURI(String sectorIdentifierURI) { - - this.sectorIdentifierURI = sectorIdentifierURI; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("sectorIdentifierURI") - @Valid - public String getSectorIdentifierURI() { - return sectorIdentifierURI; - } - public void setSectorIdentifierURI(String sectorIdentifierURI) { - this.sectorIdentifierURI = sectorIdentifierURI; - } - - public OpenIDConnectConfiguration idTokenSignatureAlgorithm(String idTokenSignatureAlgorithm) { - - this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("idTokenSignatureAlgorithm") - @Valid - public String getIdTokenSignatureAlgorithm() { - return idTokenSignatureAlgorithm; - } - public void setIdTokenSignatureAlgorithm(String idTokenSignatureAlgorithm) { - this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; - } - - public OpenIDConnectConfiguration authorizationResponseEncryptionAlgorithm( - String authorizationResponseEncryptionAlgorithm) { - - this.authorizationResponseEncryptionAlgorithm = authorizationResponseEncryptionAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("authorizationResponseEncryptionAlgorithm") - @Valid - public String getAuthorizationResponseEncryptionAlgorithm() { - return authorizationResponseEncryptionAlgorithm; - } - public void setAuthorizationResponseEncryptionAlgorithm(String authorizationResponseEncryptionAlgorithm) { - this.authorizationResponseEncryptionAlgorithm = authorizationResponseEncryptionAlgorithm; - } - - public OpenIDConnectConfiguration authorizationResponseSignatureAlgorithm( - String authorizationResponseSignatureAlgorithm) { - - this.authorizationResponseSignatureAlgorithm = authorizationResponseSignatureAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("authorizationResponseSignatureAlgorithm") - @Valid - public String getAuthorizationResponseSignatureAlgorithm() { - return authorizationResponseSignatureAlgorithm; - } - public void setAuthorizationResponseSignatureAlgorithm(String authorizationResponseSignatureAlgorithm) { - this.authorizationResponseSignatureAlgorithm = authorizationResponseSignatureAlgorithm; - } - - public OpenIDConnectConfiguration authorizationResponseEncryptionMethod(String authorizationResponseEncryptionMethod) { - - this.authorizationResponseEncryptionMethod = authorizationResponseEncryptionMethod; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("authorizationResponseEncryptionMethod") - @Valid - public String getAuthorizationResponseEncryptionMethod() { - return authorizationResponseEncryptionMethod; - } - public void setAuthorizationResponseEncryptionMethod(String authorizationResponseEncryptionMethod) { - this.authorizationResponseEncryptionMethod = authorizationResponseEncryptionMethod; - } - - public OpenIDConnectConfiguration requestObjectSignatureAlgorithm(String requestObjectSignatureAlgorithm) { - - this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("requestObjectSignatureAlgorithm") - @Valid - public String getRequestObjectSignatureAlgorithm() { - return requestObjectSignatureAlgorithm; - } - public void setRequestObjectSignatureAlgorithm(String requestObjectSignatureAlgorithm) { - this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; - } - - public OpenIDConnectConfiguration requestObjectEncryptionAlgorithm(String requestObjectEncryptionAlgorithm) { - - this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("requestObjectEncryptionAlgorithm") - @Valid - public String getRequestObjectEncryptionAlgorithm() { - return requestObjectEncryptionAlgorithm; - } - public void setRequestObjectEncryptionAlgorithm(String requestObjectEncryptionAlgorithm) { - this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; - } - - public OpenIDConnectConfiguration requestObjectEncryptionMethod(String requestObjectEncryptionMethod) { - - this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("requestObjectEncryptionMethod") - @Valid - public String getRequestObjectEncryptionMethod() { - return requestObjectEncryptionMethod; - } - public void setRequestObjectEncryptionMethod(String requestObjectEncryptionMethod) { - this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; - } - - public OpenIDConnectConfiguration tlsClientAuthSubjectDN(String tlsClientAuthSubjectDN) { + /** + **/ + public OpenIDConnectConfiguration clientAuthentication(ClientAuthenticationConfiguration clientAuthentication) { - this.tlsClientAuthSubjectDN = tlsClientAuthSubjectDN; + this.clientAuthentication = clientAuthentication; return this; } @ApiModelProperty(value = "") - @JsonProperty("tlsClientAuthSubjectDN") + @JsonProperty("clientAuthentication") @Valid - public String getTlsClientAuthSubjectDN() { - return tlsClientAuthSubjectDN; + public ClientAuthenticationConfiguration getClientAuthentication() { + return clientAuthentication; } - public void setTlsClientAuthSubjectDN(String tlsClientAuthSubjectDN) { - this.tlsClientAuthSubjectDN = tlsClientAuthSubjectDN; + public void setClientAuthentication(ClientAuthenticationConfiguration clientAuthentication) { + this.clientAuthentication = clientAuthentication; } - public OpenIDConnectConfiguration tlsClientCertificateBoundAccessTokens(boolean tlsClientCertificateBoundAccessTokens) { + /** + **/ + public OpenIDConnectConfiguration requestObject(RequestObjectConfiguration requestObject) { - this.tlsClientCertificateBoundAccessTokens = tlsClientCertificateBoundAccessTokens; + this.requestObject = requestObject; return this; } @ApiModelProperty(value = "") - @JsonProperty("tlsClientCertificateBoundAccessTokens") + @JsonProperty("requestObject") @Valid - public boolean getTlsClientCertificateBoundAccessTokens() { - return tlsClientCertificateBoundAccessTokens; + public RequestObjectConfiguration getRequestObject() { + return requestObject; } - public void setTlsClientCertificateBoundAccessTokens(boolean tlsClientCertificateBoundAccessTokens) { - this.tlsClientCertificateBoundAccessTokens = tlsClientCertificateBoundAccessTokens; + public void setRequestObject(RequestObjectConfiguration requestObject) { + this.requestObject = requestObject; } - public OpenIDConnectConfiguration requirePushedAuthorizationRequests(boolean requirePushedAuthorizationRequests) { + /** + **/ + public OpenIDConnectConfiguration pushAuthorizationRequest(PushAuthorizationRequestConfiguration pushAuthorizationRequest) { - this.requirePushedAuthorizationRequests = requirePushedAuthorizationRequests; + this.pushAuthorizationRequest = pushAuthorizationRequest; return this; } @ApiModelProperty(value = "") - @JsonProperty("requirePushedAuthorizationRequests") + @JsonProperty("pushAuthorizationRequest") @Valid - public boolean getRequirePushedAuthorizationRequests() { - return requirePushedAuthorizationRequests; + public PushAuthorizationRequestConfiguration getPushAuthorizationRequest() { + return pushAuthorizationRequest; } - public void setRequirePushedAuthorizationRequests(boolean requirePushedAuthorizationRequests) { - this.requirePushedAuthorizationRequests = requirePushedAuthorizationRequests; + public void setPushAuthorizationRequest(PushAuthorizationRequestConfiguration pushAuthorizationRequest) { + this.pushAuthorizationRequest = pushAuthorizationRequest; } - public OpenIDConnectConfiguration subjectType(String subjectType) { + /** + **/ + public OpenIDConnectConfiguration subject(SubjectConfiguration subject) { - this.subjectType = subjectType; + this.subject = subject; return this; } @ApiModelProperty(value = "") - @JsonProperty("subjectType") + @JsonProperty("subject") @Valid - public String getSubjectType() { - return subjectType; + public SubjectConfiguration getSubject() { + return subject; } - public void setSubjectType(String subjectType) { - this.subjectType = subjectType; + public void setSubject(SubjectConfiguration subject) { + this.subject = subject; } @Override @@ -641,26 +476,16 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.logout, openIDConnectConfiguration.logout) && Objects.equals(this.validateRequestObjectSignature, openIDConnectConfiguration.validateRequestObjectSignature) && Objects.equals(this.scopeValidators, openIDConnectConfiguration.scopeValidators) && - Objects.equals(this.tokenEndpointAuthMethod, openIDConnectConfiguration.tokenEndpointAuthMethod) && - Objects.equals(this.tokenEndpointAuthSignatureAlgorithm, openIDConnectConfiguration.tokenEndpointAuthSignatureAlgorithm) && - Objects.equals(this.sectorIdentifierURI, openIDConnectConfiguration.sectorIdentifierURI) && - Objects.equals(this.idTokenSignatureAlgorithm, openIDConnectConfiguration.idTokenSignatureAlgorithm) && - Objects.equals(this.authorizationResponseEncryptionAlgorithm, openIDConnectConfiguration.authorizationResponseEncryptionAlgorithm) && - Objects.equals(this.authorizationResponseSignatureAlgorithm, openIDConnectConfiguration.authorizationResponseSignatureAlgorithm) && - Objects.equals(this.authorizationResponseEncryptionMethod, openIDConnectConfiguration.authorizationResponseEncryptionMethod) && - Objects.equals(this.requestObjectSignatureAlgorithm, openIDConnectConfiguration.requestObjectSignatureAlgorithm) && - Objects.equals(this.requestObjectEncryptionAlgorithm, openIDConnectConfiguration.requestObjectEncryptionAlgorithm) && - Objects.equals(this.requestObjectEncryptionMethod, openIDConnectConfiguration.requestObjectEncryptionMethod) && - Objects.equals(this.tlsClientAuthSubjectDN, openIDConnectConfiguration.tlsClientAuthSubjectDN) && - Objects.equals(this.tlsClientCertificateBoundAccessTokens, openIDConnectConfiguration.tlsClientCertificateBoundAccessTokens) && - Objects.equals(this.requirePushedAuthorizationRequests, openIDConnectConfiguration.requirePushedAuthorizationRequests) && - Objects.equals(this.subjectType, openIDConnectConfiguration.subjectType); + Objects.equals(this.clientAuthentication, openIDConnectConfiguration.clientAuthentication) && + Objects.equals(this.requestObject, openIDConnectConfiguration.requestObject) && + Objects.equals(this.pushAuthorizationRequest, openIDConnectConfiguration.pushAuthorizationRequest) && + Objects.equals(this.subject, openIDConnectConfiguration.subject); } @Override public int hashCode() { - return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, accessToken, refreshToken, idToken, logout, validateRequestObjectSignature, scopeValidators, tokenEndpointAuthMethod, tokenEndpointAuthSignatureAlgorithm, sectorIdentifierURI, idTokenSignatureAlgorithm, authorizationResponseEncryptionAlgorithm, authorizationResponseSignatureAlgorithm, authorizationResponseEncryptionMethod, requestObjectSignatureAlgorithm, requestObjectEncryptionAlgorithm, requestObjectEncryptionMethod, tlsClientAuthSubjectDN, tlsClientCertificateBoundAccessTokens, requirePushedAuthorizationRequests, subjectType); + return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, accessToken, refreshToken, idToken, logout, validateRequestObjectSignature, scopeValidators, clientAuthentication, requestObject, pushAuthorizationRequest, subject); } @Override @@ -683,20 +508,10 @@ public String toString() { sb.append(" logout: ").append(toIndentedString(logout)).append("\n"); sb.append(" validateRequestObjectSignature: ").append(toIndentedString(validateRequestObjectSignature)).append("\n"); sb.append(" scopeValidators: ").append(toIndentedString(scopeValidators)).append("\n"); - sb.append(" tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n"); - sb.append(" tokenEndpointAuthSignatureAlgorithm: ").append(toIndentedString(tokenEndpointAuthSignatureAlgorithm)).append("\n"); - sb.append(" sectorIdentifierURI: ").append(toIndentedString(sectorIdentifierURI)).append("\n"); - sb.append(" idTokenSignatureAlgorithm: ").append(toIndentedString(idTokenSignatureAlgorithm)).append("\n"); - sb.append(" authorizationResponseEncryptionAlgorithm: ").append(toIndentedString(authorizationResponseEncryptionAlgorithm)).append("\n"); - sb.append(" authorizationResponseSignatureAlgorithm: ").append(toIndentedString(authorizationResponseSignatureAlgorithm)).append("\n"); - sb.append(" authorizationResponseEncryptionMethod: ").append(toIndentedString(authorizationResponseEncryptionMethod)).append("\n"); - sb.append(" requestObjectSignatureAlgorithm: ").append(toIndentedString(requestObjectSignatureAlgorithm)).append("\n"); - sb.append(" requestObjectEncryptionAlgorithm: ").append(toIndentedString(requestObjectEncryptionAlgorithm)).append("\n"); - sb.append(" requestObjectEncryptionMethod: ").append(toIndentedString(requestObjectEncryptionMethod)).append("\n"); - sb.append(" tlsClientAuthSubjectDN: ").append(toIndentedString(tlsClientAuthSubjectDN)).append("\n"); - sb.append(" tlsClientCertificateBoundAccessTokens: ").append(toIndentedString(tlsClientCertificateBoundAccessTokens)).append("\n"); - sb.append(" requirePushedAuthorizationRequests: ").append(toIndentedString(requirePushedAuthorizationRequests)).append("\n"); - sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); + sb.append(" clientAuthentication: ").append(toIndentedString(clientAuthentication)).append("\n"); + sb.append(" requestObject: ").append(toIndentedString(requestObject)).append("\n"); + sb.append(" pushAuthorizationRequest: ").append(toIndentedString(pushAuthorizationRequest)).append("\n"); + sb.append(" subject: ").append(toIndentedString(subject)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java new file mode 100644 index 0000000000..ace5f86493 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java @@ -0,0 +1,71 @@ +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class PushAuthorizationRequestConfiguration { + + private Boolean requirePushAuthorizationRequest; + + /** + **/ + public PushAuthorizationRequestConfiguration requirePushAuthorizationRequest(Boolean requirePushAuthorizationRequest) { + + this.requirePushAuthorizationRequest = requirePushAuthorizationRequest; + return this; + } + + @ApiModelProperty(example = "false", value = "") + @JsonProperty("requirePushAuthorizationRequest") + @Valid + public Boolean getRequirePushAuthorizationRequest() { + return requirePushAuthorizationRequest; + } + public void setRequirePushAuthorizationRequest(Boolean requirePushAuthorizationRequest) { + this.requirePushAuthorizationRequest = requirePushAuthorizationRequest; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PushAuthorizationRequestConfiguration pushAuthorizationRequestConfiguration = (PushAuthorizationRequestConfiguration) o; + return Objects.equals(this.requirePushAuthorizationRequest, pushAuthorizationRequestConfiguration.requirePushAuthorizationRequest); + } + + @Override + public int hashCode() { + return Objects.hash(requirePushAuthorizationRequest); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class PushAuthorizationRequestConfiguration {\n"); + + sb.append(" requirePushAuthorizationRequest: ").append(toIndentedString(requirePushAuthorizationRequest)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java new file mode 100644 index 0000000000..e02300164c --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java @@ -0,0 +1,114 @@ +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class RequestObjectConfiguration { + + private String requestObjectSigningAlg; + private Boolean requireSignedRequestObject; + + private RequestObjectEncryptionConfiguration encryption; + + /** + **/ + public RequestObjectConfiguration requestObjectSigningAlg(String requestObjectSigningAlg) { + + this.requestObjectSigningAlg = requestObjectSigningAlg; + return this; + } + + @ApiModelProperty(example = "PS256", value = "") + @JsonProperty("requestObjectSigningAlg") + @Valid + public String getRequestObjectSigningAlg() { + return requestObjectSigningAlg; + } + public void setRequestObjectSigningAlg(String requestObjectSigningAlg) { + this.requestObjectSigningAlg = requestObjectSigningAlg; + } + + /** + **/ + public RequestObjectConfiguration requireSignedRequestObject(Boolean requireSignedRequestObject) { + + this.requireSignedRequestObject = requireSignedRequestObject; + return this; + } + + @ApiModelProperty(example = "false", value = "") + @JsonProperty("requireSignedRequestObject") + @Valid + public Boolean getRequireSignedRequestObject() { + return requireSignedRequestObject; + } + public void setRequireSignedRequestObject(Boolean requireSignedRequestObject) { + this.requireSignedRequestObject = requireSignedRequestObject; + } + + /** + **/ + public RequestObjectConfiguration encryption(RequestObjectEncryptionConfiguration encryption) { + + this.encryption = encryption; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("encryption") + @Valid + public RequestObjectEncryptionConfiguration getEncryption() { + return encryption; + } + public void setEncryption(RequestObjectEncryptionConfiguration encryption) { + this.encryption = encryption; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + RequestObjectConfiguration requestObjectConfiguration = (RequestObjectConfiguration) o; + return Objects.equals(this.requestObjectSigningAlg, requestObjectConfiguration.requestObjectSigningAlg) && + Objects.equals(this.requireSignedRequestObject, requestObjectConfiguration.requestObjectSigningAlg) && + Objects.equals(this.encryption, requestObjectConfiguration.encryption); + } + + @Override + public int hashCode() { + return Objects.hash(requestObjectSigningAlg, requireSignedRequestObject, encryption); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class RequestObjectConfiguration {\n"); + + sb.append(" requestObjectSigningAlg: ").append(toIndentedString(requestObjectSigningAlg)).append("\n"); + sb.append(" requireSignedRequestObject: ").append(toIndentedString(requireSignedRequestObject)).append("\n"); + sb.append(" encryption: ").append(toIndentedString(encryption)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java new file mode 100644 index 0000000000..87c4a67203 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java @@ -0,0 +1,94 @@ +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class RequestObjectEncryptionConfiguration { + + private String algorithm; + private String method; + + /** + **/ + public RequestObjectEncryptionConfiguration algorithm(String algorithm) { + + this.algorithm = algorithm; + return this; + } + + @ApiModelProperty(example = "RSA-OAEP", value = "") + @JsonProperty("algorithm") + @Valid + public String getAlgorithm() { + return algorithm; + } + public void setAlgorithm(String algorithm) { + this.algorithm = algorithm; + } + + /** + **/ + public RequestObjectEncryptionConfiguration method(String method) { + + this.method = method; + return this; + } + + @ApiModelProperty(example = "A128CBC+HS256", value = "") + @JsonProperty("method") + @Valid + public String getMethod() { + return method; + } + public void setMethod(String method) { + this.method = method; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + RequestObjectEncryptionConfiguration requestObjectEncryptionConfiguration = (RequestObjectEncryptionConfiguration) o; + return Objects.equals(this.algorithm, requestObjectEncryptionConfiguration.algorithm) && + Objects.equals(this.method, requestObjectEncryptionConfiguration.method); + } + + @Override + public int hashCode() { + return Objects.hash(algorithm, method); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class RequestObjectEncryptionConfiguration {\n"); + + sb.append(" algorithm: ").append(toIndentedString(algorithm)).append("\n"); + sb.append(" method: ").append(toIndentedString(method)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java index ce244fbf2c..87a255c7d6 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java @@ -37,6 +37,8 @@ public class SubjectConfig { private Boolean includeUserDomain; private Boolean includeTenantDomain; private Boolean useMappedLocalSubject; + private String subjectType; + private String sectorIdentifierUri; /** **/ @@ -110,6 +112,42 @@ public void setUseMappedLocalSubject(Boolean useMappedLocalSubject) { this.useMappedLocalSubject = useMappedLocalSubject; } + /** + **/ + public SubjectConfig subjectType(String subjectType) { + + this.subjectType = subjectType; + return this; + } + + @ApiModelProperty(example = "false", value = "") + @JsonProperty("subjectType") + @Valid + public String getSubjectType() { + return subjectType; + } + public void setSubjectType(String subjectType) { + this.subjectType = subjectType; + } + + /** + **/ + public SubjectConfig sectorIdentifierUri(String sectorIdentifierUri) { + + this.sectorIdentifierUri = sectorIdentifierUri; + return this; + } + + @ApiModelProperty(example = "false", value = "") + @JsonProperty("sectorIdentifierUri") + @Valid + public String getSectorIdentifierUri() { + return sectorIdentifierUri; + } + public void setSectorIdentifierUri(String sectorIdentifierUri) { + this.sectorIdentifierUri = sectorIdentifierUri; + } + @Override @@ -125,12 +163,14 @@ public boolean equals(java.lang.Object o) { return Objects.equals(this.claim, subjectConfig.claim) && Objects.equals(this.includeUserDomain, subjectConfig.includeUserDomain) && Objects.equals(this.includeTenantDomain, subjectConfig.includeTenantDomain) && - Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject); + Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject) && + Objects.equals(this.subjectType, subjectConfig.subjectType) && + Objects.equals(this.sectorIdentifierUri, subjectConfig.sectorIdentifierUri); } @Override public int hashCode() { - return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject); + return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject, subjectType, sectorIdentifierUri); } @Override @@ -143,6 +183,8 @@ public String toString() { sb.append(" includeUserDomain: ").append(toIndentedString(includeUserDomain)).append("\n"); sb.append(" includeTenantDomain: ").append(toIndentedString(includeTenantDomain)).append("\n"); sb.append(" useMappedLocalSubject: ").append(toIndentedString(useMappedLocalSubject)).append("\n"); + sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); + sb.append(" sectorIdentifierUri: ").append(toIndentedString(sectorIdentifierUri)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java new file mode 100644 index 0000000000..048f04cfab --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java @@ -0,0 +1,92 @@ +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class SubjectConfiguration { + + private String subjectType; + private String sectorIdentifierUri; + + /** + **/ + public SubjectConfiguration subjectType(String subjectType) { + + this.subjectType = subjectType; + return this; + } + + @ApiModelProperty(example = "public", value = "") + @JsonProperty("subjectType") + @Valid + public String getSubjectType() { + return subjectType; + } + public void setSubjectType(String subjectType) { + this.subjectType = subjectType; + } + + /** + **/ + public SubjectConfiguration sectorIdentifierUri(String sectorIdentifierUri) { + + this.sectorIdentifierUri = sectorIdentifierUri; + return this; + } + + @ApiModelProperty(example = "https://app.example.com", value = "") + @JsonProperty("sectorIdentifierUri") + @Valid + public String getSectorIdentifierUri() { + return sectorIdentifierUri; + } + public void setSectorIdentifierUri(String sectorIdentifierUri) { + this.sectorIdentifierUri = sectorIdentifierUri; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + SubjectConfiguration subjectConfiguration = (SubjectConfiguration) o; + return Objects.equals(this.subjectType, subjectConfiguration.subjectType) && + Objects.equals(this.sectorIdentifierUri, subjectConfiguration.sectorIdentifierUri); + } + + @Override + public int hashCode() { + return Objects.hash(subjectType, sectorIdentifierUri); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class SubjectConfiguration {\n"); + + sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); + sb.append(" sectorIdentifierUri: ").append(toIndentedString(sectorIdentifierUri)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index 365a923f14..d19a94fb0b 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -34,6 +34,7 @@ import org.wso2.carbon.identity.api.server.application.management.v1.SAMLMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils; +import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.api.server.common.error.APIError; import org.wso2.carbon.identity.application.common.model.Property; import org.wso2.carbon.identity.application.mgt.AbstractInboundAuthenticatorConfig; @@ -151,6 +152,14 @@ public OIDCMetaData getOIDCMetadata() { OIDCMetaData oidcMetaData = new OIDCMetaData(); OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService(); + List authMethods = oAuthAdminService.getSupportedClientAuthenticationMethods(); + oidcMetaData.setTokenEndpointAuthMethod(new MetadataProperty() + .defaultValue("Any") + .options(authMethods)); + List authAlgorithms = oAuthAdminService.getSupportedTokenEndpointSignatureAlgorithms(); + oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty() + .defaultValue("PS256") + .options(authAlgorithms)); List supportedGrantTypes = new LinkedList<>(Arrays.asList(oAuthAdminService.getAllowedGrantTypes())); List supportedGrantTypeNames = new ArrayList<>(); // Iterate through the standard grant type names and add matching elements. @@ -201,6 +210,7 @@ public OIDCMetaData getOIDCMetadata() { List supportedTokenBindings = oAuthAdminService.getSupportedTokenBindingsMetaData(); List supportedTokenBindingTypes = new ArrayList<>(); supportedTokenBindingTypes.add("None"); + supportedTokenBindingTypes.add(Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE); for (TokenBindingMetaDataDTO tokenBindingDTO : supportedTokenBindings) { supportedTokenBindingTypes.add(tokenBindingDTO.getTokenBindingType()); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index fa5851173a..9957820021 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -18,12 +18,17 @@ import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; import org.wso2.carbon.identity.api.server.application.management.v1.AccessTokenConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.ClientAuthenticationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.IdTokenConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OAuth2PKCEConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OIDCLogoutConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.PushAuthorizationRequestConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.RefreshTokenConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils; +import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO; @@ -57,29 +62,16 @@ public OAuthConsumerAppDTO apply(String appName, OpenIDConnectConfiguration oidc consumerAppDTO.setBypassClientCredentials(oidcModel.getPublicClient()); consumerAppDTO.setRequestObjectSignatureValidationEnabled(oidcModel.getValidateRequestObjectSignature()); - consumerAppDTO.setTokenEndpointAuthMethod(oidcModel.getTokenEndpointAuthMethod()); - consumerAppDTO.setTokenEndpointAuthSignatureAlgorithm(oidcModel.getTokenEndpointAuthSignatureAlgorithm()); - consumerAppDTO.setSectorIdentifierURI(oidcModel.getSectorIdentifierURI()); - consumerAppDTO.setIdTokenSignatureAlgorithm(oidcModel.getIdTokenSignatureAlgorithm()); - consumerAppDTO.setAuthorizationResponseEncryptionAlgorithm(oidcModel - .getAuthorizationResponseEncryptionAlgorithm()); - consumerAppDTO.setAuthorizationResponseSignatureAlgorithm(oidcModel - .getAuthorizationResponseSignatureAlgorithm()); - consumerAppDTO.setAuthorizationResponseEncryptionMethod(oidcModel.getAuthorizationResponseEncryptionMethod()); - consumerAppDTO.setRequestObjectSignatureAlgorithm(oidcModel.getRequestObjectSignatureAlgorithm()); - consumerAppDTO.setRequestObjectEncryptionAlgorithm(oidcModel.getRequestObjectEncryptionAlgorithm()); - consumerAppDTO.setRequestObjectEncryptionMethod(oidcModel.getRequestObjectEncryptionMethod()); - consumerAppDTO.setTlsClientAuthSubjectDN(oidcModel.getTlsClientAuthSubjectDN()); - consumerAppDTO.setTlsClientCertificateBoundAccessTokens(oidcModel.getTlsClientCertificateBoundAccessTokens()); - consumerAppDTO.setRequirePushedAuthorizationRequests(oidcModel.getRequirePushedAuthorizationRequests()); - consumerAppDTO.setSubjectType(oidcModel.getSubjectType()); - updateAllowedOrigins(consumerAppDTO, oidcModel.getAllowedOrigins()); updatePkceConfigurations(consumerAppDTO, oidcModel.getPkce()); updateAccessTokenConfiguration(consumerAppDTO, oidcModel.getAccessToken()); updateRefreshTokenConfiguration(consumerAppDTO, oidcModel.getRefreshToken()); updateIdTokenConfiguration(consumerAppDTO, oidcModel.getIdToken()); updateOidcLogoutConfiguration(consumerAppDTO, oidcModel.getLogout()); + updateClientAuthenticationConfigurations(consumerAppDTO, oidcModel.getClientAuthentication()); + updateRequestObjectConfiguration(consumerAppDTO, oidcModel.getRequestObject()); + updatePARConfigurations(consumerAppDTO, oidcModel.getPushAuthorizationRequest()); + updateSubjectConfigurations(consumerAppDTO, oidcModel.getSubject()); return consumerAppDTO; } @@ -109,6 +101,7 @@ private void updateIdTokenConfiguration(OAuthConsumerAppDTO consumerAppDTO, IdTo .map(audiences -> audiences.toArray(new String[0])) .orElse(new String[0]) ); + consumerAppDTO.setIdTokenSignatureAlgorithm(idToken.getIdTokenSignedResponseAlg()); if (idToken.getEncryption() != null) { boolean idTokenEncryptionEnabled = isIdTokenEncryptionEnabled(idToken); @@ -118,6 +111,7 @@ private void updateIdTokenConfiguration(OAuthConsumerAppDTO consumerAppDTO, IdTo consumerAppDTO.setIdTokenEncryptionMethod(idToken.getEncryption().getMethod()); } } + } } @@ -149,6 +143,12 @@ private void updateAccessTokenConfiguration(OAuthConsumerAppDTO consumerAppDTO, consumerAppDTO.setTokenType(accessToken.getType()); consumerAppDTO.setUserAccessTokenExpiryTime(accessToken.getUserAccessTokenExpiryInSeconds()); consumerAppDTO.setApplicationAccessTokenExpiryTime(accessToken.getApplicationAccessTokenExpiryInSeconds()); + if (Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE.equals(accessToken.getBindingType())) { + consumerAppDTO.setTlsClientCertificateBoundAccessTokens(true); + accessToken.setBindingType("None"); + } else { + consumerAppDTO.setTlsClientCertificateBoundAccessTokens(false); + } consumerAppDTO.setTokenBindingType(accessToken.getBindingType()); if (accessToken.getRevokeTokensWhenIDPSessionTerminated() != null) { consumerAppDTO.setTokenRevocationWithIDPSessionTerminationEnabled(accessToken @@ -195,4 +195,41 @@ private String getCallbackUrl(List callbackURLs) { return null; } } + + private void updateClientAuthenticationConfigurations(OAuthConsumerAppDTO appDTO, + ClientAuthenticationConfiguration clientAuthentication) { + + if (clientAuthentication != null) { + appDTO.setTokenEndpointAuthMethod(clientAuthentication.getTokenEndpointAuthMethod()); + appDTO.setTokenEndpointAuthSignatureAlgorithm(clientAuthentication.getTokenEndpointAuthSigningAlg()); + appDTO.setTlsClientAuthSubjectDN(clientAuthentication.getTlsClientAuthSubjectDn()); + } + } + + private void updatePARConfigurations(OAuthConsumerAppDTO appDTO, PushAuthorizationRequestConfiguration par) { + + if (par != null) { + appDTO.setRequirePushedAuthorizationRequests(par.getRequirePushAuthorizationRequest()); + } + } + + private void updateRequestObjectConfiguration(OAuthConsumerAppDTO consumerAppDTO, + RequestObjectConfiguration requestObject) { + + if (requestObject != null) { + + consumerAppDTO.setRequestObjectEncryptionAlgorithm(requestObject.getEncryption().getAlgorithm()); + consumerAppDTO.setRequestObjectEncryptionMethod(requestObject.getEncryption().getMethod()); + consumerAppDTO.setRequestObjectSignatureValidationEnabled(requestObject.getRequireSignedRequestObject()); + consumerAppDTO.setRequestObjectSignatureAlgorithm(requestObject.getRequestObjectSigningAlg()); + } + } + + private void updateSubjectConfigurations(OAuthConsumerAppDTO consumerAppDTO, SubjectConfiguration subject) { + + if (subject != null) { + consumerAppDTO.setSubjectType(subject.getSubjectType()); + consumerAppDTO.setSectorIdentifierURI(subject.getSectorIdentifierUri()); + } + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index c8bae51160..a7be6a699f 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -17,12 +17,18 @@ import org.apache.commons.lang.StringUtils; import org.wso2.carbon.identity.api.server.application.management.v1.AccessTokenConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.ClientAuthenticationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.IdTokenConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.IdTokenEncryptionConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OAuth2PKCEConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OIDCLogoutConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.PushAuthorizationRequestConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.RefreshTokenConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectEncryptionConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfiguration; +import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO; import java.util.ArrayList; @@ -54,20 +60,10 @@ public OpenIDConnectConfiguration apply(OAuthConsumerAppDTO oauthAppDTO) { .logout(buildLogoutConfiguration(oauthAppDTO)) .scopeValidators(getScopeValidators(oauthAppDTO)) .validateRequestObjectSignature(oauthAppDTO.isRequestObjectSignatureValidationEnabled()) - .tokenEndpointAuthMethod(oauthAppDTO.getTokenEndpointAuthMethod()) - .tokenEndpointAuthSignatureAlgorithm(oauthAppDTO.getTokenEndpointAuthSignatureAlgorithm()) - .sectorIdentifierURI(oauthAppDTO.getSectorIdentifierURI()) - .idTokenSignatureAlgorithm(oauthAppDTO.getIdTokenSignatureAlgorithm()) - .authorizationResponseEncryptionAlgorithm(oauthAppDTO.getAuthorizationResponseEncryptionAlgorithm()) - .authorizationResponseSignatureAlgorithm(oauthAppDTO.getAuthorizationResponseSignatureAlgorithm()) - .authorizationResponseEncryptionMethod(oauthAppDTO.getAuthorizationResponseEncryptionMethod()) - .requestObjectSignatureAlgorithm(oauthAppDTO.getRequestObjectSignatureAlgorithm()) - .requestObjectEncryptionAlgorithm(oauthAppDTO.getRequestObjectEncryptionAlgorithm()) - .requestObjectEncryptionMethod(oauthAppDTO.getRequestObjectEncryptionMethod()) - .tlsClientAuthSubjectDN(oauthAppDTO.getTlsClientAuthSubjectDN()) - .tlsClientCertificateBoundAccessTokens(oauthAppDTO.getTlsClientCertificateBoundAccessTokens()) - .requirePushedAuthorizationRequests(oauthAppDTO.getRequirePushedAuthorizationRequests()) - .subjectType(oauthAppDTO.getSubjectType()); + .clientAuthentication(buildClientAuthenticationConfiguration(oauthAppDTO)) + .requestObject(buildRequestObjectConfiguration(oauthAppDTO)) + .pushAuthorizationRequest(buildPARAuthenticationConfiguration(oauthAppDTO)) + .subject(buildSubjectConfiguration(oauthAppDTO)); } private List getScopeValidators(OAuthConsumerAppDTO oauthAppDTO) { @@ -92,6 +88,9 @@ private OAuth2PKCEConfiguration buildPKCEConfiguration(OAuthConsumerAppDTO oAuth private AccessTokenConfiguration buildTokenConfiguration(OAuthConsumerAppDTO oAuthConsumerAppDTO) { + if (oAuthConsumerAppDTO.getTlsClientCertificateBoundAccessTokens()) { + oAuthConsumerAppDTO.setTokenBindingType(Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE); + } return new AccessTokenConfiguration() .type(oAuthConsumerAppDTO.getTokenType()) .userAccessTokenExpiryInSeconds(oAuthConsumerAppDTO.getUserAccessTokenExpiryTime()) @@ -114,6 +113,7 @@ private IdTokenConfiguration buildIdTokenConfiguration(OAuthConsumerAppDTO oAuth return new IdTokenConfiguration() .expiryInSeconds(oAuthConsumerAppDTO.getIdTokenExpiryTime()) .audience(getAudiences(oAuthConsumerAppDTO)) + .idTokenSignedResponseAlg(oAuthConsumerAppDTO.getIdTokenSignatureAlgorithm()) .encryption(buildIdTokenEncryptionConfiguration(oAuthConsumerAppDTO)); } @@ -160,4 +160,44 @@ private List getCallbackUrls(OAuthConsumerAppDTO oauthApp) { } return callbackUris; } + + private ClientAuthenticationConfiguration buildClientAuthenticationConfiguration(OAuthConsumerAppDTO appDTO) { + + return new ClientAuthenticationConfiguration() + .tokenEndpointAuthMethod(appDTO.getTokenEndpointAuthMethod()) + .tokenEndpointAuthSigningAlg(appDTO.getTokenEndpointAuthSignatureAlgorithm()) + .tlsClientAuthSubjectDn(appDTO.getTlsClientAuthSubjectDN()); + } + + private RequestObjectConfiguration buildRequestObjectConfiguration(OAuthConsumerAppDTO oAuthConsumerAppDTO) { + + return new RequestObjectConfiguration() + .requestObjectSigningAlg(oAuthConsumerAppDTO.getRequestObjectSignatureAlgorithm()) + .requireSignedRequestObject(oAuthConsumerAppDTO.isRequestObjectSignatureValidationEnabled()) + .encryption(buildRequestObjectEncryptionConfiguration(oAuthConsumerAppDTO)); + } + + private RequestObjectEncryptionConfiguration buildRequestObjectEncryptionConfiguration(OAuthConsumerAppDTO appDTO) { + + String algorithm = appDTO.getRequestObjectEncryptionAlgorithm(); + String method = appDTO.getRequestObjectEncryptionMethod(); + return new RequestObjectEncryptionConfiguration() + .algorithm(StringUtils.equals(algorithm, "null") || + StringUtils.isBlank(algorithm) ? "" : appDTO.getRequestObjectEncryptionAlgorithm()) + .method(StringUtils.equals(method, "null") || + StringUtils.isBlank(method) ? "" : appDTO.getRequestObjectEncryptionMethod()); + } + + private PushAuthorizationRequestConfiguration buildPARAuthenticationConfiguration(OAuthConsumerAppDTO appDTO) { + + return new PushAuthorizationRequestConfiguration() + .requirePushAuthorizationRequest(appDTO.getRequirePushedAuthorizationRequests()); + } + + private SubjectConfiguration buildSubjectConfiguration(OAuthConsumerAppDTO oAuthConsumerAppDTO) { + + return new SubjectConfiguration() + .subjectType(oAuthConsumerAppDTO.getSubjectType()) + .sectorIdentifierUri(oAuthConsumerAppDTO.getSectorIdentifierURI()); + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index 5dfca4f485..a5ab0a1bd6 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3246,6 +3246,14 @@ components: - XACML Scope Validator items: type: string + clientAuthentication: + $ref: '#/components/schemas/ClientAuthenticationConfiguration' + requestObject: + $ref: '#/components/schemas/RequestObjectConfiguration' + pushAuthorizationRequest: + $ref: '#/components/schemas/PushAuthorizationRequestConfiguration' + subject: + $ref: '#/components/schemas/SubjectConfiguration' OAuth2PKCEConfiguration: type: object properties: @@ -3308,6 +3316,9 @@ components: - 'http://idp.abc.com' items: type: string + idTokenSignedResponseAlg: + type: string + example: 'PS256' encryption: $ref: '#/components/schemas/IdTokenEncryptionConfiguration' IdTokenEncryptionConfiguration: @@ -3323,6 +3334,53 @@ components: method: type: string example: A128CBC+HS256 + ClientAuthenticationConfiguration: + type: object + properties: + tokenEndpointAuthMethod: + type: string + example: 'client_secret_basic' + tokenEndpointAuthSigningAlg: + type: string + example: 'PS256' + tlsClientAuthSubjectDnUpdated: + type: string + example: 'CN=John Doe,OU=OrgUnit,O=Organization,L=Colombo,ST=Western,C=LK' + RequestObjectConfiguration: + type: object + properties: + requireSignedRequestObject: + type: boolean + example: false + requestObjectSigningAlg: + type: string + example: 'PS256' + encryption: + $ref: '#/components/schemas/RequestObjectEncryptionConfiguration' + RequestObjectEncryptionConfiguration: + type: object + properties: + algorithm: + type: string + example: RSA-OAEP + method: + type: string + example: A128CBC+HS256 + PushAuthorizationRequestConfiguration: + type: object + properties: + requirePushAuthorizationRequest: + type: boolean + example: false + SubjectConfiguration: + type: object + properties: + subjectType: + type: string + example: 'public' + sectorIdentifierUri: + type: string + example: 'https://app.example.com' OIDCLogoutConfiguration: type: object properties: @@ -3522,6 +3580,10 @@ components: $ref: '#/components/schemas/MetadataProperty' accessTokenBindingType: $ref: '#/components/schemas/MetadataProperty' + tokenEndpointAuthMethod: + $ref: '#/components/schemas/MetadataProperty' + tokenEndpointSignatureAlgorithm: + $ref: '#/components/schemas/MetadataProperty' WSTrustMetaData: type: object properties: diff --git a/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java b/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java index c03827d040..6919e5e6cc 100644 --- a/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java +++ b/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java @@ -46,6 +46,7 @@ public class Constants { static final String[] VALID_MEDIA_TYPES_JSON = {MEDIA_TYPE_JSON, "text/json"}; static final String[] VALID_MEDIA_TYPES_XML = {MEDIA_TYPE_XML, "text/xml"}; static final String[] VALID_MEDIA_TYPES_YAML = {MEDIA_TYPE_YAML, "text/yaml", "application/x-yaml"}; + public static final String TLS_CLIENT_CERTIFICATE_BINDING_TYPE = "TLS Client Certificate"; /** * Enum for server error prefixes. From 7204ea0e1cc7d66c7833f34835cdd11302b20010 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Fri, 20 Oct 2023 12:25:20 +0530 Subject: [PATCH 03/17] Removing spacing inconsistency --- .../src/main/resources/applications.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index a5ab0a1bd6..a3eac36c22 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3253,7 +3253,7 @@ components: pushAuthorizationRequest: $ref: '#/components/schemas/PushAuthorizationRequestConfiguration' subject: - $ref: '#/components/schemas/SubjectConfiguration' + $ref: '#/components/schemas/SubjectConfiguration' OAuth2PKCEConfiguration: type: object properties: From fd163dfd9252d8de5a8bcaae5608d5dbf228bb11 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Sat, 21 Oct 2023 00:00:04 +0530 Subject: [PATCH 04/17] Using util methods to get metadata values --- .../v1/core/ServerApplicationMetadataService.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index d19a94fb0b..1e0d7a332f 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -39,9 +39,11 @@ import org.wso2.carbon.identity.application.common.model.Property; import org.wso2.carbon.identity.application.mgt.AbstractInboundAuthenticatorConfig; import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.dto.OAuthIDTokenAlgorithmDTO; import org.wso2.carbon.identity.oauth.dto.TokenBindingMetaDataDTO; +import org.wso2.carbon.identity.oauth2.util.OAuth2Util; import org.wso2.carbon.identity.sso.saml.SAMLSSOConfigServiceImpl; import org.wso2.carbon.security.SecurityConfigException; @@ -65,6 +67,8 @@ public class ServerApplicationMetadataService { private static final Log LOG = LogFactory.getLog(ServerApplicationMetadataService.class); + private static final String TOKEN_EP_SIGNATURE_ALGS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm"; /** * Return a list of all available inbound protocols. If the customOnly parameter set to True, will return only the @@ -152,11 +156,11 @@ public OIDCMetaData getOIDCMetadata() { OIDCMetaData oidcMetaData = new OIDCMetaData(); OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService(); - List authMethods = oAuthAdminService.getSupportedClientAuthenticationMethods(); + List authMethods = OAuth2Util.getSupportedClientAuthenticationMethods(); oidcMetaData.setTokenEndpointAuthMethod(new MetadataProperty() .defaultValue("Any") .options(authMethods)); - List authAlgorithms = oAuthAdminService.getSupportedTokenEndpointSignatureAlgorithms(); + List authAlgorithms = IdentityUtil.getPropertyAsList(TOKEN_EP_SIGNATURE_ALGS_SUPPORTED); oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty() .defaultValue("PS256") .options(authAlgorithms)); From 93c169fc00ececb941dbe2820f95a2364abdbe53 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Sat, 21 Oct 2023 00:06:15 +0530 Subject: [PATCH 05/17] Upgrading oauth dependency version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 68b7dee6b4..25b49c660b 100644 --- a/pom.xml +++ b/pom.xml @@ -765,7 +765,7 @@ 5.2.0 **/gen/**/* 1.4.4 - 6.11.51 + 6.11.144 5.11.16 1.9.4 findbugs-exclude-filter.xml From 78efe0a4d57ffad7719fbfc9c4d41ecd0887a30f Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Sat, 21 Oct 2023 00:22:53 +0530 Subject: [PATCH 06/17] Fix build issue --- .../application/management/v1/RequestObjectConfiguration.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java index e02300164c..9e0627ec39 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java @@ -78,7 +78,7 @@ public boolean equals(java.lang.Object o) { } RequestObjectConfiguration requestObjectConfiguration = (RequestObjectConfiguration) o; return Objects.equals(this.requestObjectSigningAlg, requestObjectConfiguration.requestObjectSigningAlg) && - Objects.equals(this.requireSignedRequestObject, requestObjectConfiguration.requestObjectSigningAlg) && + Objects.equals(this.requireSignedRequestObject, requestObjectConfiguration.requireSignedRequestObject) && Objects.equals(this.encryption, requestObjectConfiguration.encryption); } From 0a731a640fb8d7b33a833c83d73c4ce867f92973 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Mon, 23 Oct 2023 14:27:37 +0530 Subject: [PATCH 07/17] Removing unused interface changes --- .../management/v1/SubjectConfig.java | 46 +------------------ 1 file changed, 2 insertions(+), 44 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java index 87a255c7d6..ce244fbf2c 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfig.java @@ -37,8 +37,6 @@ public class SubjectConfig { private Boolean includeUserDomain; private Boolean includeTenantDomain; private Boolean useMappedLocalSubject; - private String subjectType; - private String sectorIdentifierUri; /** **/ @@ -112,42 +110,6 @@ public void setUseMappedLocalSubject(Boolean useMappedLocalSubject) { this.useMappedLocalSubject = useMappedLocalSubject; } - /** - **/ - public SubjectConfig subjectType(String subjectType) { - - this.subjectType = subjectType; - return this; - } - - @ApiModelProperty(example = "false", value = "") - @JsonProperty("subjectType") - @Valid - public String getSubjectType() { - return subjectType; - } - public void setSubjectType(String subjectType) { - this.subjectType = subjectType; - } - - /** - **/ - public SubjectConfig sectorIdentifierUri(String sectorIdentifierUri) { - - this.sectorIdentifierUri = sectorIdentifierUri; - return this; - } - - @ApiModelProperty(example = "false", value = "") - @JsonProperty("sectorIdentifierUri") - @Valid - public String getSectorIdentifierUri() { - return sectorIdentifierUri; - } - public void setSectorIdentifierUri(String sectorIdentifierUri) { - this.sectorIdentifierUri = sectorIdentifierUri; - } - @Override @@ -163,14 +125,12 @@ public boolean equals(java.lang.Object o) { return Objects.equals(this.claim, subjectConfig.claim) && Objects.equals(this.includeUserDomain, subjectConfig.includeUserDomain) && Objects.equals(this.includeTenantDomain, subjectConfig.includeTenantDomain) && - Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject) && - Objects.equals(this.subjectType, subjectConfig.subjectType) && - Objects.equals(this.sectorIdentifierUri, subjectConfig.sectorIdentifierUri); + Objects.equals(this.useMappedLocalSubject, subjectConfig.useMappedLocalSubject); } @Override public int hashCode() { - return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject, subjectType, sectorIdentifierUri); + return Objects.hash(claim, includeUserDomain, includeTenantDomain, useMappedLocalSubject); } @Override @@ -183,8 +143,6 @@ public String toString() { sb.append(" includeUserDomain: ").append(toIndentedString(includeUserDomain)).append("\n"); sb.append(" includeTenantDomain: ").append(toIndentedString(includeTenantDomain)).append("\n"); sb.append(" useMappedLocalSubject: ").append(toIndentedString(useMappedLocalSubject)).append("\n"); - sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); - sb.append(" sectorIdentifierUri: ").append(toIndentedString(sectorIdentifierUri)).append("\n"); sb.append("}"); return sb.toString(); } From f8962b9aa3bfcfa2ef3aa9886bc42c8126113e23 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Tue, 24 Oct 2023 23:22:18 +0530 Subject: [PATCH 08/17] Removing tls cert binding type --- .../inbound/oauth2/ApiModelToOAuthConsumerApp.java | 7 ------- .../inbound/oauth2/OAuthConsumerAppToApiModel.java | 4 ---- .../wso2/carbon/identity/api/server/common/Constants.java | 1 - 3 files changed, 12 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index 9957820021..86bb13099f 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -28,7 +28,6 @@ import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils; -import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO; @@ -143,12 +142,6 @@ private void updateAccessTokenConfiguration(OAuthConsumerAppDTO consumerAppDTO, consumerAppDTO.setTokenType(accessToken.getType()); consumerAppDTO.setUserAccessTokenExpiryTime(accessToken.getUserAccessTokenExpiryInSeconds()); consumerAppDTO.setApplicationAccessTokenExpiryTime(accessToken.getApplicationAccessTokenExpiryInSeconds()); - if (Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE.equals(accessToken.getBindingType())) { - consumerAppDTO.setTlsClientCertificateBoundAccessTokens(true); - accessToken.setBindingType("None"); - } else { - consumerAppDTO.setTlsClientCertificateBoundAccessTokens(false); - } consumerAppDTO.setTokenBindingType(accessToken.getBindingType()); if (accessToken.getRevokeTokensWhenIDPSessionTerminated() != null) { consumerAppDTO.setTokenRevocationWithIDPSessionTerminationEnabled(accessToken diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index a7be6a699f..174a5366c5 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -28,7 +28,6 @@ import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.RequestObjectEncryptionConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.SubjectConfiguration; -import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO; import java.util.ArrayList; @@ -88,9 +87,6 @@ private OAuth2PKCEConfiguration buildPKCEConfiguration(OAuthConsumerAppDTO oAuth private AccessTokenConfiguration buildTokenConfiguration(OAuthConsumerAppDTO oAuthConsumerAppDTO) { - if (oAuthConsumerAppDTO.getTlsClientCertificateBoundAccessTokens()) { - oAuthConsumerAppDTO.setTokenBindingType(Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE); - } return new AccessTokenConfiguration() .type(oAuthConsumerAppDTO.getTokenType()) .userAccessTokenExpiryInSeconds(oAuthConsumerAppDTO.getUserAccessTokenExpiryTime()) diff --git a/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java b/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java index 6919e5e6cc..c03827d040 100644 --- a/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java +++ b/components/org.wso2.carbon.identity.api.server.common/src/main/java/org/wso2/carbon/identity/api/server/common/Constants.java @@ -46,7 +46,6 @@ public class Constants { static final String[] VALID_MEDIA_TYPES_JSON = {MEDIA_TYPE_JSON, "text/json"}; static final String[] VALID_MEDIA_TYPES_XML = {MEDIA_TYPE_XML, "text/xml"}; static final String[] VALID_MEDIA_TYPES_YAML = {MEDIA_TYPE_YAML, "text/yaml", "application/x-yaml"}; - public static final String TLS_CLIENT_CERTIFICATE_BINDING_TYPE = "TLS Client Certificate"; /** * Enum for server error prefixes. From 9ed22c6317551771bf79f01fabd5b6050081f0d6 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Tue, 24 Oct 2023 23:23:54 +0530 Subject: [PATCH 09/17] Adding the fapi app sp. property to the sp. --- .../ApplicationManagementConstants.java | 1 + .../management/v1/ApplicationModel.java | 23 ++++- .../management/v1/ApplicationPatchModel.java | 23 ++++- .../v1/ApplicationResponseModel.java | 23 ++++- .../management/v1/OIDCMetaData.java | 87 ++++++++++++++++++- .../ServerApplicationMetadataService.java | 39 +++++++-- .../ApiModelToServiceProvider.java | 22 +++++ .../ServiceProviderToApiModel.java | 16 +++- .../application/UpdateServiceProvider.java | 23 +++++ .../src/main/resources/applications.yaml | 12 +++ 10 files changed, 254 insertions(+), 15 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index 3865722114..49c8d40c56 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -53,6 +53,7 @@ private ApplicationManagementConstants() { public static final String ISSUER = "issuer"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; + public static final String IS_FAPI_CONFORMANT = "isFAPIConformant"; public static final String NON_EXISTING_USER_CODE = "30007 - "; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java index b63b5b2eb5..8e73dd89b0 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java @@ -45,6 +45,7 @@ public class ApplicationModel { private String templateId; private Boolean isManagementApp = false; private Boolean isB2BSelfServiceApp = false; + private Boolean isFapiApplication = false; private ClaimConfiguration claimConfiguration; private InboundProtocols inboundProtocolConfiguration; private AuthenticationSequence authenticationSequence; @@ -287,6 +288,24 @@ public void setProvisioningConfigurations(ProvisioningConfiguration provisioning this.provisioningConfigurations = provisioningConfigurations; } + /** + **/ + public ApplicationModel isFapiApplication(Boolean isFapiApplication) { + + this.isFapiApplication = isFapiApplication; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("isFapiApplication") + @Valid + public Boolean getIsFapiApplication() { + return isFapiApplication; + } + public void setIsFapiApplication(Boolean isFapiApplication) { + this.isFapiApplication = isFapiApplication; + } + @Override @@ -307,6 +326,7 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.templateId, applicationModel.templateId) && Objects.equals(this.isManagementApp, applicationModel.isManagementApp) && Objects.equals(this.isB2BSelfServiceApp, applicationModel.isB2BSelfServiceApp) && + Objects.equals(this.isFapiApplication, applicationModel.isFapiApplication) && Objects.equals(this.claimConfiguration, applicationModel.claimConfiguration) && Objects.equals(this.inboundProtocolConfiguration, applicationModel.inboundProtocolConfiguration) && Objects.equals(this.authenticationSequence, applicationModel.authenticationSequence) && @@ -316,7 +336,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); + return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, isFapiApplication, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); } @Override @@ -333,6 +353,7 @@ public String toString() { sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); sb.append(" isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n"); sb.append(" isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n"); + sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" inboundProtocolConfiguration: ").append(toIndentedString(inboundProtocolConfiguration)).append("\n"); sb.append(" authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java index 7596bdbcba..2aee5e2984 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java @@ -41,6 +41,7 @@ public class ApplicationPatchModel { private String imageUrl; private String accessUrl; private String templateId; + private Boolean isFapiApplication; private ClaimConfiguration claimConfiguration; private AuthenticationSequence authenticationSequence; private AdvancedApplicationConfiguration advancedConfigurations; @@ -208,6 +209,24 @@ public void setProvisioningConfigurations(ProvisioningConfiguration provisioning this.provisioningConfigurations = provisioningConfigurations; } + /** + **/ + public ApplicationPatchModel isFapiApplication(Boolean isFapiApplication) { + + this.isFapiApplication = isFapiApplication; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("isFapiApplication") + @Valid + public Boolean getIsFapiApplication() { + return isFapiApplication; + } + public void setIsFapiApplication(Boolean isFapiApplication) { + this.isFapiApplication = isFapiApplication; + } + @Override @@ -225,6 +244,7 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.imageUrl, applicationPatchModel.imageUrl) && Objects.equals(this.accessUrl, applicationPatchModel.accessUrl) && Objects.equals(this.templateId, applicationPatchModel.templateId) && + Objects.equals(this.isFapiApplication, applicationPatchModel.isFapiApplication) && Objects.equals(this.claimConfiguration, applicationPatchModel.claimConfiguration) && Objects.equals(this.authenticationSequence, applicationPatchModel.authenticationSequence) && Objects.equals(this.advancedConfigurations, applicationPatchModel.advancedConfigurations) && @@ -233,7 +253,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(name, description, imageUrl, accessUrl, templateId, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); + return Objects.hash(name, description, imageUrl, accessUrl, templateId, isFapiApplication, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); } @Override @@ -247,6 +267,7 @@ public String toString() { sb.append(" imageUrl: ").append(toIndentedString(imageUrl)).append("\n"); sb.append(" accessUrl: ").append(toIndentedString(accessUrl)).append("\n"); sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); + sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n"); sb.append(" advancedConfigurations: ").append(toIndentedString(advancedConfigurations)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java index 18b7f2c497..ba61226ee5 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java @@ -49,6 +49,7 @@ public class ApplicationResponseModel { private String templateId; private Boolean isManagementApp; private Boolean isB2BSelfServiceApp; + private Boolean isFapiApplication; private ClaimConfiguration claimConfiguration; private List inboundProtocols = null; @@ -388,6 +389,24 @@ public void setAccess(AccessEnum access) { this.access = access; } + /** + **/ + public ApplicationResponseModel isFapiApplication(Boolean isFapiApplication) { + + this.isFapiApplication = isFapiApplication; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("isFapiApplication") + @Valid + public Boolean getIsFapiApplication() { + return isFapiApplication; + } + public void setIsFapiApplication(Boolean isFapiApplication) { + this.isFapiApplication = isFapiApplication; + } + @Override @@ -410,6 +429,7 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.templateId, applicationResponseModel.templateId) && Objects.equals(this.isManagementApp, applicationResponseModel.isManagementApp) && Objects.equals(this.isB2BSelfServiceApp, applicationResponseModel.isB2BSelfServiceApp) && + Objects.equals(this.isFapiApplication, applicationResponseModel.isFapiApplication) && Objects.equals(this.claimConfiguration, applicationResponseModel.claimConfiguration) && Objects.equals(this.inboundProtocols, applicationResponseModel.inboundProtocols) && Objects.equals(this.authenticationSequence, applicationResponseModel.authenticationSequence) && @@ -420,7 +440,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access); + return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, isFapiApplication, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access); } @Override @@ -439,6 +459,7 @@ public String toString() { sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); sb.append(" isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n"); sb.append(" isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n"); + sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" inboundProtocols: ").append(toIndentedString(inboundProtocols)).append("\n"); sb.append(" authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java index 9626fa9f89..b40572f57c 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java @@ -46,6 +46,10 @@ public class OIDCMetaData { private MetadataProperty accessTokenBindingType; private MetadataProperty tokenEndpointAuthMethod; private MetadataProperty tokenEndpointSignatureAlgorithm; + private MetadataProperty idTokenSignatureAlgorithm; + private MetadataProperty requestObjectSignatureAlgorithm; + private MetadataProperty requestObjectEncryptionAlgorithm; + private MetadataProperty requestObjectEncryptionMethod; /** **/ @@ -263,6 +267,77 @@ public void setTokenEndpointSignatureAlgorithm(MetadataProperty tokenEndpointSig this.tokenEndpointSignatureAlgorithm = tokenEndpointSignatureAlgorithm; } + /** + **/ + public OIDCMetaData idTokenSignatureAlgorithm(MetadataProperty idTokenSignatureAlgorithm) { + + this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("idTokenSignatureAlgorithm") + @Valid + public MetadataProperty getIdTokenSignatureAlgorithm() { + return idTokenSignatureAlgorithm; + } + public void setIdTokenSignatureAlgorithm(MetadataProperty idTokenSignatureAlgorithm) { + this.idTokenSignatureAlgorithm = idTokenSignatureAlgorithm; + } + + /** + **/ + public OIDCMetaData requestObjectSignatureAlgorithm(MetadataProperty requestObjectSignatureAlgorithm) { + + this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectSignatureAlgorithm") + @Valid + public MetadataProperty getRequestObjectSignatureAlgorithm() { + return requestObjectSignatureAlgorithm; + } + public void setRequestObjectSignatureAlgorithm(MetadataProperty requestObjectSignatureAlgorithm) { + this.requestObjectSignatureAlgorithm = requestObjectSignatureAlgorithm; + } + + /** + **/ + public OIDCMetaData requestObjectEncryptionAlgorithm(MetadataProperty requestObjectEncryptionAlgorithm) { + + this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectEncryptionAlgorithm") + @Valid + public MetadataProperty getRequestObjectEncryptionAlgorithm() { + return requestObjectEncryptionAlgorithm; + } + public void setRequestObjectEncryptionAlgorithm(MetadataProperty requestObjectEncryptionAlgorithm) { + this.requestObjectEncryptionAlgorithm = requestObjectEncryptionAlgorithm; + } + + /** + **/ + public OIDCMetaData requestObjectEncryptionMethod(MetadataProperty requestObjectEncryptionMethod) { + + this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("requestObjectEncryptionMethod") + @Valid + public MetadataProperty getRequestObjectEncryptionMethod() { + return requestObjectEncryptionMethod; + } + public void setRequestObjectEncryptionMethod(MetadataProperty requestObjectEncryptionMethod) { + this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; + } @Override @@ -286,12 +361,16 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.accessTokenType, oiDCMetaData.accessTokenType) && Objects.equals(this.accessTokenBindingType, oiDCMetaData.accessTokenBindingType) && Objects.equals(this.tokenEndpointAuthMethod, oiDCMetaData.tokenEndpointAuthMethod) && - Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.tokenEndpointSignatureAlgorithm); + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.tokenEndpointSignatureAlgorithm) && + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.idTokenSignatureAlgorithm) && + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectSignatureAlgorithm) && + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionAlgorithm) && + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionMethod); } @Override public int hashCode() { - return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType, tokenEndpointAuthMethod, tokenEndpointSignatureAlgorithm); + return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType, tokenEndpointAuthMethod, tokenEndpointSignatureAlgorithm, idTokenSignatureAlgorithm, requestObjectSignatureAlgorithm, requestObjectEncryptionAlgorithm, requestObjectEncryptionMethod); } @Override @@ -312,6 +391,10 @@ public String toString() { sb.append(" accessTokenBindingType: ").append(toIndentedString(accessTokenBindingType)).append("\n"); sb.append(" tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n"); sb.append(" tokenEndpointSignatureAlgorithm: ").append(toIndentedString(tokenEndpointSignatureAlgorithm)).append("\n"); + sb.append(" idTokenSignatureAlgorithm: ").append(toIndentedString(idTokenSignatureAlgorithm)).append("\n"); + sb.append(" requestObjectSignatureAlgorithm: ").append(toIndentedString(requestObjectSignatureAlgorithm)).append("\n"); + sb.append(" requestObjectEncryptionAlgorithm: ").append(toIndentedString(requestObjectEncryptionAlgorithm)).append("\n"); + sb.append(" requestObjectEncryptionMethod: ").append(toIndentedString(requestObjectEncryptionMethod)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index 1e0d7a332f..3954e1f374 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -34,7 +34,6 @@ import org.wso2.carbon.identity.api.server.application.management.v1.SAMLMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils; -import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.api.server.common.error.APIError; import org.wso2.carbon.identity.application.common.model.Property; import org.wso2.carbon.identity.application.mgt.AbstractInboundAuthenticatorConfig; @@ -67,8 +66,18 @@ public class ServerApplicationMetadataService { private static final Log LOG = LogFactory.getLog(ServerApplicationMetadataService.class); - private static final String TOKEN_EP_SIGNATURE_ALGS_SUPPORTED = "OAuth.OpenIDConnect." + + private static final String TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm"; + private static final String ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedIDTokenSigningAlgorithms.SupportedIDTokenSigningAlgorithm"; + private static final String REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectSigningAlgorithms.SupportedRequestObjectSigningAlgorithm"; + private static final String REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectEncryptionAlgorithms.SupportedRequestObjectEncryptionAlgorithm"; + private static final String REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectEncryptionMethods.SupportedRequestObjectEncryptionMethod"; + private static final String DEFAULT_SIGNATURE_ALGORITHM = "PS256"; + /** * Return a list of all available inbound protocols. If the customOnly parameter set to True, will return only the @@ -156,14 +165,27 @@ public OIDCMetaData getOIDCMetadata() { OIDCMetaData oidcMetaData = new OIDCMetaData(); OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService(); - List authMethods = OAuth2Util.getSupportedClientAuthenticationMethods(); + List tokenEpAuthMethods = OAuth2Util.getSupportedClientAuthenticationMethods(); oidcMetaData.setTokenEndpointAuthMethod(new MetadataProperty() - .defaultValue("Any") - .options(authMethods)); - List authAlgorithms = IdentityUtil.getPropertyAsList(TOKEN_EP_SIGNATURE_ALGS_SUPPORTED); + .options(tokenEpAuthMethods)); + List tokenEpSigningAlgorithms = IdentityUtil.getPropertyAsList(TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED); oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty() - .defaultValue("PS256") - .options(authAlgorithms)); + .options(tokenEpSigningAlgorithms)); + List idTokenSigningAlgorithms = IdentityUtil.getPropertyAsList(ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED); + oidcMetaData.setIdTokenSignatureAlgorithm(new MetadataProperty() + .options(idTokenSigningAlgorithms)); + List requestObjectSigningAlgorithms = IdentityUtil + .getPropertyAsList(REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED); + oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() + .options(requestObjectSigningAlgorithms)); + List requestObjectEncryptionAlgorithms = IdentityUtil + .getPropertyAsList(REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED); + oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() + .options(requestObjectEncryptionAlgorithms)); + List requestObjectEncryptionMethods = IdentityUtil + .getPropertyAsList(REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED); + oidcMetaData.setRequestObjectEncryptionMethod(new MetadataProperty() + .options(requestObjectEncryptionMethods)); List supportedGrantTypes = new LinkedList<>(Arrays.asList(oAuthAdminService.getAllowedGrantTypes())); List supportedGrantTypeNames = new ArrayList<>(); // Iterate through the standard grant type names and add matching elements. @@ -214,7 +236,6 @@ public OIDCMetaData getOIDCMetadata() { List supportedTokenBindings = oAuthAdminService.getSupportedTokenBindingsMetaData(); List supportedTokenBindingTypes = new ArrayList<>(); supportedTokenBindingTypes.add("None"); - supportedTokenBindingTypes.add(Constants.TLS_CLIENT_CERTIFICATE_BINDING_TYPE); for (TokenBindingMetaDataDTO tokenBindingDTO : supportedTokenBindings) { supportedTokenBindingTypes.add(tokenBindingDTO.getTokenBindingType()); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java index 12d4739a8d..8314b863e9 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java @@ -15,6 +15,7 @@ */ package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application; +import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationModel; import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence; @@ -24,7 +25,11 @@ import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.UpdateInboundProtocols; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.UpdateProvisioningConfiguration; import org.wso2.carbon.identity.application.common.model.ServiceProvider; +import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; import java.util.function.Function; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull; @@ -53,6 +58,7 @@ public ServiceProvider apply(ApplicationModel applicationModel) { addAuthenticationSequence(application, applicationModel.getAuthenticationSequence()); addProvisioningConfiguration(application, applicationModel.getProvisioningConfigurations()); addInboundAuthenticationProtocolsToApplication(application, applicationModel.getInboundProtocolConfiguration()); + addFapiStatusToApplication(application, applicationModel.getIsFapiApplication()); return application; } @@ -94,4 +100,20 @@ private void addAdvancedConfigurationToApplication(ServiceProvider application, new UpdateAdvancedConfigurations().apply(application, advancedApplicationConfig); } } + + private void addFapiStatusToApplication(ServiceProvider application, boolean isFapiApplication) { + + List spProperties = new ArrayList<>(Arrays.asList(application.getSpProperties())); + for (ServiceProviderProperty spProperty: spProperties) { + if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { + spProperty.setValue(String.valueOf(isFapiApplication)); + return; + } + } + ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty(); + serviceProviderProperty.setName(ApplicationManagementConstants.IS_FAPI_CONFORMANT); + serviceProviderProperty.setValue(String.valueOf(isFapiApplication)); + spProperties.add(serviceProviderProperty); + application.setSpProperties(spProperties.toArray(new ServiceProviderProperty[0])); + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java index d23707a319..4ef0044b67 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java @@ -18,6 +18,7 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder; import org.wso2.carbon.identity.api.server.application.management.v1.AdditionalSpProperty; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; @@ -111,7 +112,8 @@ public ApplicationResponseModel apply(ServiceProvider application) { .advancedConfigurations(buildAdvancedAppConfiguration(application)) .provisioningConfigurations(buildProvisioningConfiguration(application)) .authenticationSequence(buildAuthenticationSequence(application)) - .access(getAccess(application.getApplicationName())); + .access(getAccess(application.getApplicationName())) + .isFapiApplication(getIsFapiApplication(application)); } } @@ -481,4 +483,16 @@ private String getInboundKey(ServiceProvider application, String authType) { return StringUtils.EMPTY; } + + private boolean getIsFapiApplication(ServiceProvider application) { + + boolean isFapiApplication = false; + List spProperties = Arrays.asList(application.getSpProperties()); + for (ServiceProviderProperty spProperty : spProperties) { + if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { + isFapiApplication = Boolean.parseBoolean(spProperty.getValue()); + } + } + return isFapiApplication; + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java index d88f056b5f..9aaf1189af 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java @@ -15,6 +15,7 @@ */ package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application; +import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationPatchModel; import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence; @@ -23,6 +24,11 @@ import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.UpdateProvisioningConfiguration; import org.wso2.carbon.identity.application.common.model.ServiceProvider; +import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull; @@ -44,6 +50,7 @@ public void apply(ServiceProvider serviceProvider, ApplicationPatchModel applica patchAuthenticationSequence(applicationPatchModel.getAuthenticationSequence(), serviceProvider); patchAdvancedConfiguration(serviceProvider, applicationPatchModel.getAdvancedConfigurations()); patchProvisioningConfiguration(applicationPatchModel.getProvisioningConfigurations(), serviceProvider); + patchFapiStatusToApplication(applicationPatchModel.getIsFapiApplication(), serviceProvider); } private void patchClaimConfiguration(ServiceProvider serviceProvider, ClaimConfiguration claimConfiguration) { @@ -76,4 +83,20 @@ private void patchProvisioningConfiguration(ProvisioningConfiguration provisioni new UpdateProvisioningConfiguration().apply(serviceProvider, provisioningConfigurations); } } + + private void patchFapiStatusToApplication(boolean isFapiApplication, ServiceProvider application) { + + List spProperties = new ArrayList<>(Arrays.asList(application.getSpProperties())); + for (ServiceProviderProperty spProperty: spProperties) { + if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { + spProperty.setValue(String.valueOf(isFapiApplication)); + return; + } + } + ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty(); + serviceProviderProperty.setName(ApplicationManagementConstants.IS_FAPI_CONFORMANT); + serviceProviderProperty.setValue(String.valueOf(isFapiApplication)); + spProperties.add(serviceProviderProperty); + application.setSpProperties(spProperties.toArray(new ServiceProviderProperty[0])); + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index a3eac36c22..9e3c3322dd 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -2622,6 +2622,10 @@ components: type: boolean example: false description: Decides whether the application used to for B2B self service + isFapiApplication: + type: boolean + example: false + description: Whether the application should support FAPI conformance claimConfiguration: $ref: '#/components/schemas/ClaimConfiguration' inboundProtocolConfiguration: @@ -2671,6 +2675,10 @@ components: type: boolean example: false description: Decides whether the application used to for B2B self service + isFapiApplication: + type: boolean + example: false + description: Whether the application should support FAPI conformance claimConfiguration: $ref: '#/components/schemas/ClaimConfiguration' inboundProtocols: @@ -2706,6 +2714,10 @@ components: templateId: type: string example: "adwefi2429asdfdf94444rraf44" + isFapiApplication: + type: boolean + example: false + description: Whether the application should support FAPI conformance claimConfiguration: $ref: '#/components/schemas/ClaimConfiguration' authenticationSequence: From 47b34182a8621eaf77c2748100408f0bdc0cc662 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Wed, 25 Oct 2023 13:59:44 +0530 Subject: [PATCH 10/17] Removing sp related changes --- .../ApplicationManagementConstants.java | 1 - .../management/v1/ApplicationModel.java | 23 +------------------ .../management/v1/ApplicationPatchModel.java | 23 +------------------ .../v1/ApplicationResponseModel.java | 23 +------------------ .../ApiModelToServiceProvider.java | 23 ------------------- .../ServiceProviderToApiModel.java | 16 +------------ .../application/UpdateServiceProvider.java | 23 ------------------- .../src/main/resources/applications.yaml | 12 ---------- 8 files changed, 4 insertions(+), 140 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index 49c8d40c56..3865722114 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -53,7 +53,6 @@ private ApplicationManagementConstants() { public static final String ISSUER = "issuer"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; - public static final String IS_FAPI_CONFORMANT = "isFAPIConformant"; public static final String NON_EXISTING_USER_CODE = "30007 - "; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java index 63526af05f..ae72d5f23e 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationModel.java @@ -46,7 +46,6 @@ public class ApplicationModel { private String templateId; private Boolean isManagementApp = false; private Boolean isB2BSelfServiceApp = false; - private Boolean isFapiApplication = false; private AssociatedRolesConfig associatedRoles; private ClaimConfiguration claimConfiguration; private InboundProtocols inboundProtocolConfiguration; @@ -311,24 +310,6 @@ public void setProvisioningConfigurations(ProvisioningConfiguration provisioning this.provisioningConfigurations = provisioningConfigurations; } - /** - **/ - public ApplicationModel isFapiApplication(Boolean isFapiApplication) { - - this.isFapiApplication = isFapiApplication; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("isFapiApplication") - @Valid - public Boolean getIsFapiApplication() { - return isFapiApplication; - } - public void setIsFapiApplication(Boolean isFapiApplication) { - this.isFapiApplication = isFapiApplication; - } - @Override @@ -349,7 +330,6 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.templateId, applicationModel.templateId) && Objects.equals(this.isManagementApp, applicationModel.isManagementApp) && Objects.equals(this.isB2BSelfServiceApp, applicationModel.isB2BSelfServiceApp) && - Objects.equals(this.isFapiApplication, applicationModel.isFapiApplication) && Objects.equals(this.associatedRoles, applicationModel.associatedRoles) && Objects.equals(this.claimConfiguration, applicationModel.claimConfiguration) && Objects.equals(this.inboundProtocolConfiguration, applicationModel.inboundProtocolConfiguration) && @@ -360,7 +340,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, isFapiApplication, associatedRoles, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); + return Objects.hash(id, name, description, imageUrl, accessUrl, templateId, isManagementApp, isB2BSelfServiceApp, associatedRoles, claimConfiguration, inboundProtocolConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); } @Override @@ -377,7 +357,6 @@ public String toString() { sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); sb.append(" isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n"); sb.append(" isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n"); - sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" inboundProtocolConfiguration: ").append(toIndentedString(inboundProtocolConfiguration)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java index 336f2cf59f..1d91ea8ade 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationPatchModel.java @@ -42,7 +42,6 @@ public class ApplicationPatchModel { private String imageUrl; private String accessUrl; private String templateId; - private Boolean isFapiApplication; private AssociatedRolesConfig associatedRoles; private ClaimConfiguration claimConfiguration; private AuthenticationSequence authenticationSequence; @@ -229,24 +228,6 @@ public void setProvisioningConfigurations(ProvisioningConfiguration provisioning this.provisioningConfigurations = provisioningConfigurations; } - /** - **/ - public ApplicationPatchModel isFapiApplication(Boolean isFapiApplication) { - - this.isFapiApplication = isFapiApplication; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("isFapiApplication") - @Valid - public Boolean getIsFapiApplication() { - return isFapiApplication; - } - public void setIsFapiApplication(Boolean isFapiApplication) { - this.isFapiApplication = isFapiApplication; - } - @Override @@ -264,7 +245,6 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.imageUrl, applicationPatchModel.imageUrl) && Objects.equals(this.accessUrl, applicationPatchModel.accessUrl) && Objects.equals(this.templateId, applicationPatchModel.templateId) && - Objects.equals(this.isFapiApplication, applicationPatchModel.isFapiApplication) && Objects.equals(this.associatedRoles, applicationPatchModel.associatedRoles) && Objects.equals(this.claimConfiguration, applicationPatchModel.claimConfiguration) && Objects.equals(this.authenticationSequence, applicationPatchModel.authenticationSequence) && @@ -274,7 +254,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(name, description, imageUrl, accessUrl, templateId, isFapiApplication, associatedRoles, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); + return Objects.hash(name, description, imageUrl, accessUrl, templateId, associatedRoles, claimConfiguration, authenticationSequence, advancedConfigurations, provisioningConfigurations); } @Override @@ -288,7 +268,6 @@ public String toString() { sb.append(" imageUrl: ").append(toIndentedString(imageUrl)).append("\n"); sb.append(" accessUrl: ").append(toIndentedString(accessUrl)).append("\n"); sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); - sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" authenticationSequence: ").append(toIndentedString(authenticationSequence)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java index a649208c63..acff3f557e 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationResponseModel.java @@ -50,7 +50,6 @@ public class ApplicationResponseModel { private String templateId; private Boolean isManagementApp; private Boolean isB2BSelfServiceApp; - private Boolean isFapiApplication; private AssociatedRolesConfig associatedRoles; private ClaimConfiguration claimConfiguration; private List inboundProtocols = null; @@ -412,24 +411,6 @@ public void setAccess(AccessEnum access) { this.access = access; } - /** - **/ - public ApplicationResponseModel isFapiApplication(Boolean isFapiApplication) { - - this.isFapiApplication = isFapiApplication; - return this; - } - - @ApiModelProperty(value = "") - @JsonProperty("isFapiApplication") - @Valid - public Boolean getIsFapiApplication() { - return isFapiApplication; - } - public void setIsFapiApplication(Boolean isFapiApplication) { - this.isFapiApplication = isFapiApplication; - } - @Override @@ -452,7 +433,6 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.templateId, applicationResponseModel.templateId) && Objects.equals(this.isManagementApp, applicationResponseModel.isManagementApp) && Objects.equals(this.isB2BSelfServiceApp, applicationResponseModel.isB2BSelfServiceApp) && - Objects.equals(this.isFapiApplication, applicationResponseModel.isFapiApplication) && Objects.equals(this.associatedRoles, applicationResponseModel.associatedRoles) && Objects.equals(this.claimConfiguration, applicationResponseModel.claimConfiguration) && Objects.equals(this.inboundProtocols, applicationResponseModel.inboundProtocols) && @@ -464,7 +444,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, isFapiApplication, associatedRoles, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access); + return Objects.hash(id, name, description, imageUrl, accessUrl, clientId, issuer, templateId, isManagementApp, isB2BSelfServiceApp, associatedRoles, claimConfiguration, inboundProtocols, authenticationSequence, advancedConfigurations, provisioningConfigurations, access); } @Override @@ -483,7 +463,6 @@ public String toString() { sb.append(" templateId: ").append(toIndentedString(templateId)).append("\n"); sb.append(" isManagementApp: ").append(toIndentedString(isManagementApp)).append("\n"); sb.append(" isB2BSelfServiceApp: ").append(toIndentedString(isB2BSelfServiceApp)).append("\n"); - sb.append(" isFapiApplication: ").append(toIndentedString(isFapiApplication)).append("\n"); sb.append(" associatedRoles: ").append(toIndentedString(associatedRoles)).append("\n"); sb.append(" claimConfiguration: ").append(toIndentedString(claimConfiguration)).append("\n"); sb.append(" inboundProtocols: ").append(toIndentedString(inboundProtocols)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java index a59fbf6605..3022158e75 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ApiModelToServiceProvider.java @@ -17,7 +17,6 @@ */ package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application; -import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationModel; import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig; @@ -28,11 +27,7 @@ import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.UpdateInboundProtocols; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.UpdateProvisioningConfiguration; import org.wso2.carbon.identity.application.common.model.ServiceProvider; -import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; import java.util.function.Function; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull; @@ -62,8 +57,6 @@ public ServiceProvider apply(ApplicationModel applicationModel) { addProvisioningConfiguration(application, applicationModel.getProvisioningConfigurations()); addInboundAuthenticationProtocolsToApplication(application, applicationModel.getInboundProtocolConfiguration()); addAssociatedRolesConfigurations(application, applicationModel.getAssociatedRoles()); - addFapiStatusToApplication(application, applicationModel.getIsFapiApplication()); - return application; } @@ -111,20 +104,4 @@ private void addAdvancedConfigurationToApplication(ServiceProvider application, new UpdateAdvancedConfigurations().apply(application, advancedApplicationConfig); } } - - private void addFapiStatusToApplication(ServiceProvider application, boolean isFapiApplication) { - - List spProperties = new ArrayList<>(Arrays.asList(application.getSpProperties())); - for (ServiceProviderProperty spProperty: spProperties) { - if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { - spProperty.setValue(String.valueOf(isFapiApplication)); - return; - } - } - ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty(); - serviceProviderProperty.setName(ApplicationManagementConstants.IS_FAPI_CONFORMANT); - serviceProviderProperty.setValue(String.valueOf(isFapiApplication)); - spProperties.add(serviceProviderProperty); - application.setSpProperties(spProperties.toArray(new ServiceProviderProperty[0])); - } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java index 6ea92f364b..8be7aa8af3 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/ServiceProviderToApiModel.java @@ -20,7 +20,6 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder; import org.wso2.carbon.identity.api.server.application.management.v1.AdditionalSpProperty; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; @@ -118,8 +117,7 @@ public ApplicationResponseModel apply(ServiceProvider application) { .advancedConfigurations(buildAdvancedAppConfiguration(application)) .provisioningConfigurations(buildProvisioningConfiguration(application)) .authenticationSequence(buildAuthenticationSequence(application)) - .access(getAccess(application.getApplicationName())) - .isFapiApplication(getIsFapiApplication(application)); + .access(getAccess(application.getApplicationName())); } } @@ -514,16 +512,4 @@ private String getInboundKey(ServiceProvider application, String authType) { return StringUtils.EMPTY; } - - private boolean getIsFapiApplication(ServiceProvider application) { - - boolean isFapiApplication = false; - List spProperties = Arrays.asList(application.getSpProperties()); - for (ServiceProviderProperty spProperty : spProperties) { - if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { - isFapiApplication = Boolean.parseBoolean(spProperty.getValue()); - } - } - return isFapiApplication; - } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java index 0727fa5bec..1e35189e54 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateServiceProvider.java @@ -17,7 +17,6 @@ */ package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application; -import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationPatchModel; import org.wso2.carbon.identity.api.server.application.management.v1.AssociatedRolesConfig; @@ -27,11 +26,6 @@ import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction; import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.UpdateProvisioningConfiguration; import org.wso2.carbon.identity.application.common.model.ServiceProvider; -import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; import static org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils.setIfNotNull; @@ -54,7 +48,6 @@ public void apply(ServiceProvider serviceProvider, ApplicationPatchModel applica patchAuthenticationSequence(applicationPatchModel.getAuthenticationSequence(), serviceProvider); patchAdvancedConfiguration(serviceProvider, applicationPatchModel.getAdvancedConfigurations()); patchProvisioningConfiguration(applicationPatchModel.getProvisioningConfigurations(), serviceProvider); - patchFapiStatusToApplication(applicationPatchModel.getIsFapiApplication(), serviceProvider); } private void patchAssociatedRolesConfigurations(ServiceProvider serviceProvider, @@ -95,20 +88,4 @@ private void patchProvisioningConfiguration(ProvisioningConfiguration provisioni new UpdateProvisioningConfiguration().apply(serviceProvider, provisioningConfigurations); } } - - private void patchFapiStatusToApplication(boolean isFapiApplication, ServiceProvider application) { - - List spProperties = new ArrayList<>(Arrays.asList(application.getSpProperties())); - for (ServiceProviderProperty spProperty: spProperties) { - if (spProperty.getName().equals(ApplicationManagementConstants.IS_FAPI_CONFORMANT)) { - spProperty.setValue(String.valueOf(isFapiApplication)); - return; - } - } - ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty(); - serviceProviderProperty.setName(ApplicationManagementConstants.IS_FAPI_CONFORMANT); - serviceProviderProperty.setValue(String.valueOf(isFapiApplication)); - spProperties.add(serviceProviderProperty); - application.setSpProperties(spProperties.toArray(new ServiceProviderProperty[0])); - } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index 3380af357d..feb203a66a 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -2622,10 +2622,6 @@ components: type: boolean example: false description: Decides whether the application used to for B2B self service - isFapiApplication: - type: boolean - example: false - description: Whether the application should support FAPI conformance associatedRoles: $ref: '#/components/schemas/AssociatedRolesConfig' claimConfiguration: @@ -2676,10 +2672,6 @@ components: type: boolean example: false description: Decides whether the application used to for B2B self service - isFapiApplication: - type: boolean - example: false - description: Whether the application should support FAPI conformance associatedRoles: $ref: '#/components/schemas/AssociatedRolesConfig' claimConfiguration: @@ -2717,10 +2709,6 @@ components: templateId: type: string example: "adwefi2429asdfdf94444rraf44" - isFapiApplication: - type: boolean - example: false - description: Whether the application should support FAPI conformance associatedRoles: $ref: '#/components/schemas/AssociatedRolesConfig' claimConfiguration: From da04c44e0764b0758d85b725a72e404790313049 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Wed, 25 Oct 2023 16:22:53 +0530 Subject: [PATCH 11/17] Removing requireSignedRequest object property --- .../v1/RequestObjectConfiguration.java | 23 +------------------ .../oauth2/ApiModelToOAuthConsumerApp.java | 1 - .../oauth2/OAuthConsumerAppToApiModel.java | 1 - .../src/main/resources/applications.yaml | 3 --- 4 files changed, 1 insertion(+), 27 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java index 9e0627ec39..71b42e5a1a 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java @@ -9,7 +9,6 @@ public class RequestObjectConfiguration { private String requestObjectSigningAlg; - private Boolean requireSignedRequestObject; private RequestObjectEncryptionConfiguration encryption; @@ -31,24 +30,6 @@ public void setRequestObjectSigningAlg(String requestObjectSigningAlg) { this.requestObjectSigningAlg = requestObjectSigningAlg; } - /** - **/ - public RequestObjectConfiguration requireSignedRequestObject(Boolean requireSignedRequestObject) { - - this.requireSignedRequestObject = requireSignedRequestObject; - return this; - } - - @ApiModelProperty(example = "false", value = "") - @JsonProperty("requireSignedRequestObject") - @Valid - public Boolean getRequireSignedRequestObject() { - return requireSignedRequestObject; - } - public void setRequireSignedRequestObject(Boolean requireSignedRequestObject) { - this.requireSignedRequestObject = requireSignedRequestObject; - } - /** **/ public RequestObjectConfiguration encryption(RequestObjectEncryptionConfiguration encryption) { @@ -78,13 +59,12 @@ public boolean equals(java.lang.Object o) { } RequestObjectConfiguration requestObjectConfiguration = (RequestObjectConfiguration) o; return Objects.equals(this.requestObjectSigningAlg, requestObjectConfiguration.requestObjectSigningAlg) && - Objects.equals(this.requireSignedRequestObject, requestObjectConfiguration.requireSignedRequestObject) && Objects.equals(this.encryption, requestObjectConfiguration.encryption); } @Override public int hashCode() { - return Objects.hash(requestObjectSigningAlg, requireSignedRequestObject, encryption); + return Objects.hash(requestObjectSigningAlg, encryption); } @Override @@ -94,7 +74,6 @@ public String toString() { sb.append("class RequestObjectConfiguration {\n"); sb.append(" requestObjectSigningAlg: ").append(toIndentedString(requestObjectSigningAlg)).append("\n"); - sb.append(" requireSignedRequestObject: ").append(toIndentedString(requireSignedRequestObject)).append("\n"); sb.append(" encryption: ").append(toIndentedString(encryption)).append("\n"); sb.append("}"); return sb.toString(); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index 86bb13099f..d214b50932 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -213,7 +213,6 @@ private void updateRequestObjectConfiguration(OAuthConsumerAppDTO consumerAppDTO consumerAppDTO.setRequestObjectEncryptionAlgorithm(requestObject.getEncryption().getAlgorithm()); consumerAppDTO.setRequestObjectEncryptionMethod(requestObject.getEncryption().getMethod()); - consumerAppDTO.setRequestObjectSignatureValidationEnabled(requestObject.getRequireSignedRequestObject()); consumerAppDTO.setRequestObjectSignatureAlgorithm(requestObject.getRequestObjectSigningAlg()); } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index 174a5366c5..285a2c900f 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -169,7 +169,6 @@ private RequestObjectConfiguration buildRequestObjectConfiguration(OAuthConsumer return new RequestObjectConfiguration() .requestObjectSigningAlg(oAuthConsumerAppDTO.getRequestObjectSignatureAlgorithm()) - .requireSignedRequestObject(oAuthConsumerAppDTO.isRequestObjectSignatureValidationEnabled()) .encryption(buildRequestObjectEncryptionConfiguration(oAuthConsumerAppDTO)); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index feb203a66a..ab71d76199 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3381,9 +3381,6 @@ components: RequestObjectConfiguration: type: object properties: - requireSignedRequestObject: - type: boolean - example: false requestObjectSigningAlg: type: string example: 'PS256' From 9981f8624ee88ae567b57dead9048a076595c6c8 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Thu, 26 Oct 2023 13:46:59 +0530 Subject: [PATCH 12/17] Adding license headers --- .../v1/ClientAuthenticationConfiguration.java | 18 ++++++++++++++++++ .../PushAuthorizationRequestConfiguration.java | 18 ++++++++++++++++++ .../v1/RequestObjectConfiguration.java | 18 ++++++++++++++++++ .../RequestObjectEncryptionConfiguration.java | 18 ++++++++++++++++++ .../management/v1/SubjectConfiguration.java | 18 ++++++++++++++++++ 5 files changed, 90 insertions(+) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java index e69be1481b..bb93182817 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationConfiguration.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.api.server.application.management.v1; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java index ace5f86493..9327d6ced7 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PushAuthorizationRequestConfiguration.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.api.server.application.management.v1; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java index 71b42e5a1a..502320b968 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectConfiguration.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.api.server.application.management.v1; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java index 87c4a67203..9e04d2624a 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RequestObjectEncryptionConfiguration.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.api.server.application.management.v1; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java index 048f04cfab..a7de775d2b 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/SubjectConfiguration.java @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package org.wso2.carbon.identity.api.server.application.management.v1; import com.fasterxml.jackson.annotation.JsonProperty; From 1f4de9bb1b4a721922a631b048ee16397e81baea Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Thu, 26 Oct 2023 15:13:50 +0530 Subject: [PATCH 13/17] Resolving review comments --- .../ApplicationManagementConstants.java | 10 ++ .../v1/ClientAuthenticationMethod.java | 110 ++++++++++++++++++ .../ClientAuthenticationMethodMetadata.java | 100 ++++++++++++++++ .../management/v1/OIDCMetaData.java | 33 +++++- .../ServerApplicationMetadataService.java | 66 +++++++---- .../oauth2/ApiModelToOAuthConsumerApp.java | 12 +- .../oauth2/OAuthConsumerAppToApiModel.java | 13 ++- 7 files changed, 309 insertions(+), 35 deletions(-) create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethod.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethodMetadata.java diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index 3865722114..f61fc31e22 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -53,6 +53,16 @@ private ApplicationManagementConstants() { public static final String ISSUER = "issuer"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; + public static final String TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm"; + public static final String ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedIDTokenSigningAlgorithms.SupportedIDTokenSigningAlgorithm"; + public static final String REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectSigningAlgorithms.SupportedRequestObjectSigningAlgorithm"; + public static final String REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectEncryptionAlgorithms.SupportedRequestObjectEncryptionAlgorithm"; + public static final String REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED = "OAuth.OpenIDConnect." + + "SupportedRequestObjectEncryptionMethods.SupportedRequestObjectEncryptionMethod"; public static final String NON_EXISTING_USER_CODE = "30007 - "; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethod.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethod.java new file mode 100644 index 0000000000..7bc5f58224 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethod.java @@ -0,0 +1,110 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.Objects; + +public class ClientAuthenticationMethod { + + private String name; + private String displayName; + + /** + **/ + public ClientAuthenticationMethod name(String name) { + + this.name = name; + return this; + } + + @ApiModelProperty(example = "private_key_jwt", value = "") + @JsonProperty("name") + @Valid + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public ClientAuthenticationMethod displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + @ApiModelProperty(example = "Private Key JWT", value = "") + @JsonProperty("displayName") + @Valid + public String getDisplayName() { + return displayName; + } + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ClientAuthenticationMethod clientAuthenticationMethod = (ClientAuthenticationMethod) o; + return Objects.equals(this.name, clientAuthenticationMethod.name) && + Objects.equals(this.displayName, clientAuthenticationMethod.displayName); + } + + @Override + public int hashCode() { + return Objects.hash(name, displayName); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class ClientAuthenticationMethod {\n"); + + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethodMetadata.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethodMetadata.java new file mode 100644 index 0000000000..b4f513a157 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ClientAuthenticationMethodMetadata.java @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.annotations.ApiModelProperty; + +import javax.validation.Valid; +import java.util.ArrayList; +import java.util.List; +import java.util.Objects; + +public class ClientAuthenticationMethodMetadata { + + private List options = null; + + + /** + **/ + public ClientAuthenticationMethodMetadata options(List options) { + + this.options = options; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("options") + @Valid + public List getOptions() { + return options; + } + public void setOptions(List options) { + this.options = options; + } + + public ClientAuthenticationMethodMetadata addOptionsItem(ClientAuthenticationMethod optionsItem) { + if (this.options == null) { + this.options = new ArrayList<>(); + } + this.options.add(optionsItem); + return this; + } + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ClientAuthenticationMethodMetadata clientAuthenticationMethodMetadata = (ClientAuthenticationMethodMetadata) o; + return Objects.equals(this.options, clientAuthenticationMethodMetadata.options); + } + + @Override + public int hashCode() { + return Objects.hash(options); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class ClientAuthenticationMethodMetadata {\n"); + + sb.append(" options: ").append(toIndentedString(options)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java index b40572f57c..827674c829 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java @@ -44,12 +44,13 @@ public class OIDCMetaData { private MetadataProperty scopeValidators; private MetadataProperty accessTokenType; private MetadataProperty accessTokenBindingType; - private MetadataProperty tokenEndpointAuthMethod; + private ClientAuthenticationMethodMetadata tokenEndpointAuthMethod; private MetadataProperty tokenEndpointSignatureAlgorithm; private MetadataProperty idTokenSignatureAlgorithm; private MetadataProperty requestObjectSignatureAlgorithm; private MetadataProperty requestObjectEncryptionAlgorithm; private MetadataProperty requestObjectEncryptionMethod; + private MetadataProperty subjectType; /** **/ @@ -233,7 +234,7 @@ public void setAccessTokenBindingType(MetadataProperty accessTokenBindingType) { /** **/ - public OIDCMetaData tokenEndpointAuthMethod(MetadataProperty tokenEndpointAuthMethod) { + public OIDCMetaData tokenEndpointAuthMethod(ClientAuthenticationMethodMetadata tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; return this; @@ -242,10 +243,10 @@ public OIDCMetaData tokenEndpointAuthMethod(MetadataProperty tokenEndpointAuthMe @ApiModelProperty(value = "") @JsonProperty("tokenEndpointAuthMethod") @Valid - public MetadataProperty getTokenEndpointAuthMethod() { + public ClientAuthenticationMethodMetadata getTokenEndpointAuthMethod() { return tokenEndpointAuthMethod; } - public void setTokenEndpointAuthMethod(MetadataProperty tokenEndpointAuthMethod) { + public void setTokenEndpointAuthMethod(ClientAuthenticationMethodMetadata tokenEndpointAuthMethod) { this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; } @@ -339,6 +340,24 @@ public void setRequestObjectEncryptionMethod(MetadataProperty requestObjectEncry this.requestObjectEncryptionMethod = requestObjectEncryptionMethod; } + /** + **/ + public OIDCMetaData subjectType(MetadataProperty subjectType) { + + this.subjectType = subjectType; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("subjectType") + @Valid + public MetadataProperty getSubjectType() { + return subjectType; + } + public void setSubjectType(MetadataProperty subjectType) { + this.subjectType = subjectType; + } + @Override public boolean equals(java.lang.Object o) { @@ -365,12 +384,13 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.idTokenSignatureAlgorithm) && Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectSignatureAlgorithm) && Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionAlgorithm) && - Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionMethod); + Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionMethod) && + Objects.equals(this.subjectType, oiDCMetaData.subjectType); } @Override public int hashCode() { - return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType, tokenEndpointAuthMethod, tokenEndpointSignatureAlgorithm, idTokenSignatureAlgorithm, requestObjectSignatureAlgorithm, requestObjectEncryptionAlgorithm, requestObjectEncryptionMethod); + return Objects.hash(allowedGrantTypes, defaultUserAccessTokenExpiryTime, defaultApplicationAccessTokenExpiryTime, defaultRefreshTokenExpiryTime, defaultIdTokenExpiryTime, idTokenEncryptionAlgorithm, idTokenEncryptionMethod, scopeValidators, accessTokenType, accessTokenBindingType, tokenEndpointAuthMethod, tokenEndpointSignatureAlgorithm, idTokenSignatureAlgorithm, requestObjectSignatureAlgorithm, requestObjectEncryptionAlgorithm, requestObjectEncryptionMethod, subjectType); } @Override @@ -395,6 +415,7 @@ public String toString() { sb.append(" requestObjectSignatureAlgorithm: ").append(toIndentedString(requestObjectSignatureAlgorithm)).append("\n"); sb.append(" requestObjectEncryptionAlgorithm: ").append(toIndentedString(requestObjectEncryptionAlgorithm)).append("\n"); sb.append(" requestObjectEncryptionMethod: ").append(toIndentedString(requestObjectEncryptionMethod)).append("\n"); + sb.append(" subjectType: ").append(toIndentedString(subjectType)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index 3954e1f374..928ebc6458 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -21,10 +21,13 @@ import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants; import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants.ErrorMessage; import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder; import org.wso2.carbon.identity.api.server.application.management.v1.AdaptiveAuthTemplates; import org.wso2.carbon.identity.api.server.application.management.v1.AuthProtocolMetadata; +import org.wso2.carbon.identity.api.server.application.management.v1.ClientAuthenticationMethod; +import org.wso2.carbon.identity.api.server.application.management.v1.ClientAuthenticationMethodMetadata; import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolProperty; import org.wso2.carbon.identity.api.server.application.management.v1.GrantType; @@ -66,18 +69,6 @@ public class ServerApplicationMetadataService { private static final Log LOG = LogFactory.getLog(ServerApplicationMetadataService.class); - private static final String TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + - "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm"; - private static final String ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + - "SupportedIDTokenSigningAlgorithms.SupportedIDTokenSigningAlgorithm"; - private static final String REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + - "SupportedRequestObjectSigningAlgorithms.SupportedRequestObjectSigningAlgorithm"; - private static final String REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + - "SupportedRequestObjectEncryptionAlgorithms.SupportedRequestObjectEncryptionAlgorithm"; - private static final String REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED = "OAuth.OpenIDConnect." + - "SupportedRequestObjectEncryptionMethods.SupportedRequestObjectEncryptionMethod"; - private static final String DEFAULT_SIGNATURE_ALGORITHM = "PS256"; - /** * Return a list of all available inbound protocols. If the customOnly parameter set to True, will return only the @@ -166,26 +157,57 @@ public OIDCMetaData getOIDCMetadata() { OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService(); List tokenEpAuthMethods = OAuth2Util.getSupportedClientAuthenticationMethods(); - oidcMetaData.setTokenEndpointAuthMethod(new MetadataProperty() - .options(tokenEpAuthMethods)); - List tokenEpSigningAlgorithms = IdentityUtil.getPropertyAsList(TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED); + List supportedClientAuthenticationMethods = new ArrayList<>(); + for (String tokenEpAuthMethod : tokenEpAuthMethods) { + ClientAuthenticationMethod clientAuthenticationMethod = new ClientAuthenticationMethod(); + clientAuthenticationMethod.setName(tokenEpAuthMethod); + if (tokenEpAuthMethod.equals("client_secret_basic")) { + clientAuthenticationMethod.setDisplayName("Client Secret Post"); + } else if (tokenEpAuthMethod.equals("client_secret_post")) { + clientAuthenticationMethod.setDisplayName("Client Secret Post"); + } else if (tokenEpAuthMethod.equals("private_key_jwt")) { + clientAuthenticationMethod.setDisplayName("Private Key JWT"); + } else if (tokenEpAuthMethod.equals("tls_client_auth")) { + clientAuthenticationMethod.setDisplayName("Mutual TLS"); + } else { + clientAuthenticationMethod.setDisplayName(tokenEpAuthMethod); + } + supportedClientAuthenticationMethods.add(clientAuthenticationMethod); + } + oidcMetaData.setTokenEndpointAuthMethod( + new ClientAuthenticationMethodMetadata().options(supportedClientAuthenticationMethods)); + List tokenEpSigningAlgorithms = IdentityUtil + .getPropertyAsList(ApplicationManagementConstants.TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED); oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty() .options(tokenEpSigningAlgorithms)); - List idTokenSigningAlgorithms = IdentityUtil.getPropertyAsList(ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED); + List idTokenSigningAlgorithms = new ArrayList<>(); + idTokenSigningAlgorithms.add("None"); + idTokenSigningAlgorithms.addAll(IdentityUtil. + getPropertyAsList(ApplicationManagementConstants.ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED)); oidcMetaData.setIdTokenSignatureAlgorithm(new MetadataProperty() .options(idTokenSigningAlgorithms)); - List requestObjectSigningAlgorithms = IdentityUtil - .getPropertyAsList(REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED); + List requestObjectSigningAlgorithms = new ArrayList<>(); + requestObjectSigningAlgorithms.add("None"); + requestObjectSigningAlgorithms.addAll(IdentityUtil + .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED)); oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() .options(requestObjectSigningAlgorithms)); - List requestObjectEncryptionAlgorithms = IdentityUtil - .getPropertyAsList(REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED); + List requestObjectEncryptionAlgorithms = new ArrayList<>(); + requestObjectEncryptionAlgorithms.add("None"); + requestObjectEncryptionAlgorithms.addAll(IdentityUtil + .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED)); oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() .options(requestObjectEncryptionAlgorithms)); - List requestObjectEncryptionMethods = IdentityUtil - .getPropertyAsList(REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED); + List requestObjectEncryptionMethods = new ArrayList<>(); + requestObjectEncryptionMethods.add("None"); + requestObjectEncryptionMethods.addAll(IdentityUtil + .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED)); oidcMetaData.setRequestObjectEncryptionMethod(new MetadataProperty() .options(requestObjectEncryptionMethods)); + List subjectTypes = Arrays.asList("public", "pairwise"); + oidcMetaData.setSubjectType(new MetadataProperty() + .defaultValue("public") + .options(subjectTypes)); List supportedGrantTypes = new LinkedList<>(Arrays.asList(oAuthAdminService.getAllowedGrantTypes())); List supportedGrantTypeNames = new ArrayList<>(); // Iterate through the standard grant type names and add matching elements. diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index d214b50932..06466a90ad 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -211,9 +211,15 @@ private void updateRequestObjectConfiguration(OAuthConsumerAppDTO consumerAppDTO if (requestObject != null) { - consumerAppDTO.setRequestObjectEncryptionAlgorithm(requestObject.getEncryption().getAlgorithm()); - consumerAppDTO.setRequestObjectEncryptionMethod(requestObject.getEncryption().getMethod()); - consumerAppDTO.setRequestObjectSignatureAlgorithm(requestObject.getRequestObjectSigningAlg()); + if (requestObject.getEncryption().getAlgorithm() != null) { + consumerAppDTO.setRequestObjectEncryptionAlgorithm(requestObject.getEncryption().getAlgorithm()); + } + if (requestObject.getEncryption().getMethod() != null) { + consumerAppDTO.setRequestObjectEncryptionMethod(requestObject.getEncryption().getMethod()); + } + if (requestObject.getRequestObjectSigningAlg() != null) { + consumerAppDTO.setRequestObjectSignatureAlgorithm(requestObject.getRequestObjectSigningAlg()); + } } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index 285a2c900f..86ac3cc468 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -176,11 +176,16 @@ private RequestObjectEncryptionConfiguration buildRequestObjectEncryptionConfigu String algorithm = appDTO.getRequestObjectEncryptionAlgorithm(); String method = appDTO.getRequestObjectEncryptionMethod(); + + if (StringUtils.equals(algorithm, "null") || StringUtils.isBlank(algorithm)) { + algorithm = ""; + } + if (StringUtils.equals(method, "null") || StringUtils.isBlank(method)) { + method = ""; + } return new RequestObjectEncryptionConfiguration() - .algorithm(StringUtils.equals(algorithm, "null") || - StringUtils.isBlank(algorithm) ? "" : appDTO.getRequestObjectEncryptionAlgorithm()) - .method(StringUtils.equals(method, "null") || - StringUtils.isBlank(method) ? "" : appDTO.getRequestObjectEncryptionMethod()); + .algorithm(algorithm) + .method(method); } private PushAuthorizationRequestConfiguration buildPARAuthenticationConfiguration(OAuthConsumerAppDTO appDTO) { From 0bd2b50d2c8d0d9d2b59f11e32f15773809d004f Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Thu, 26 Oct 2023 15:23:19 +0530 Subject: [PATCH 14/17] Resolving review comments --- .../src/main/resources/applications.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index 7f1203b0fe..2a69ee739c 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3552,6 +3552,22 @@ components: defaultValue: type: string example: 'Option 1' + ClientAuthenticationMethodMetadata: + type: object + properties: + options: + type: array + items: + $ref: '#/components/schemas/ClientAuthenticationMethod' + ClientAuthenticationMethod: + type: object + properties: + name: + type: string + example: private_key_jwt + displayName: + type: string + example: Private Key JWT GrantTypeMetaData: type: object properties: @@ -3623,6 +3639,8 @@ components: $ref: '#/components/schemas/MetadataProperty' requestObjectEncryptionMethod: $ref: '#/components/schemas/MetadataProperty' + subjectType: + $ref: '#/components/schemas/MetadataProperty' WSTrustMetaData: type: object properties: From d110edcb8c488d06542a506adb4beb74268339fd Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Thu, 26 Oct 2023 17:09:24 +0530 Subject: [PATCH 15/17] Updating pom version --- .../v1/core/ServerApplicationMetadataService.java | 6 +++--- pom.xml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index 928ebc6458..d5b3a1e149 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -156,13 +156,13 @@ public OIDCMetaData getOIDCMetadata() { OIDCMetaData oidcMetaData = new OIDCMetaData(); OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService(); - List tokenEpAuthMethods = OAuth2Util.getSupportedClientAuthenticationMethods(); + List tokenEpAuthMethods = Arrays.asList(OAuth2Util.getSupportedClientAuthMethods()); List supportedClientAuthenticationMethods = new ArrayList<>(); for (String tokenEpAuthMethod : tokenEpAuthMethods) { ClientAuthenticationMethod clientAuthenticationMethod = new ClientAuthenticationMethod(); clientAuthenticationMethod.setName(tokenEpAuthMethod); if (tokenEpAuthMethod.equals("client_secret_basic")) { - clientAuthenticationMethod.setDisplayName("Client Secret Post"); + clientAuthenticationMethod.setDisplayName("Client Secret Basic"); } else if (tokenEpAuthMethod.equals("client_secret_post")) { clientAuthenticationMethod.setDisplayName("Client Secret Post"); } else if (tokenEpAuthMethod.equals("private_key_jwt")) { @@ -196,7 +196,7 @@ public OIDCMetaData getOIDCMetadata() { requestObjectEncryptionAlgorithms.add("None"); requestObjectEncryptionAlgorithms.addAll(IdentityUtil .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED)); - oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() + oidcMetaData.setRequestObjectEncryptionAlgorithm(new MetadataProperty() .options(requestObjectEncryptionAlgorithms)); List requestObjectEncryptionMethods = new ArrayList<>(); requestObjectEncryptionMethods.add("None"); diff --git a/pom.xml b/pom.xml index b2e93c8ac0..375a49a537 100644 --- a/pom.xml +++ b/pom.xml @@ -765,7 +765,7 @@ 5.2.0 **/gen/**/* 1.4.4 - 6.11.144 + 6.11.165 5.11.16 1.9.4 findbugs-exclude-filter.xml From 5285513bf8257aa1ae3c79093209271a18f36da1 Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Thu, 26 Oct 2023 17:49:57 +0530 Subject: [PATCH 16/17] Resolving review comments --- .../common/ApplicationManagementConstants.java | 2 ++ .../v1/core/ServerApplicationMetadataService.java | 14 ++++++++------ .../inbound/oauth2/ApiModelToOAuthConsumerApp.java | 4 ++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index f61fc31e22..aa12ee9581 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -53,6 +53,7 @@ private ApplicationManagementConstants() { public static final String ISSUER = "issuer"; public static final String RBAC = "RBAC"; public static final String NO_POLICY = "NO POLICY"; + public static final String NONE = "None"; public static final String TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm"; public static final String ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." + @@ -63,6 +64,7 @@ private ApplicationManagementConstants() { "SupportedRequestObjectEncryptionAlgorithms.SupportedRequestObjectEncryptionAlgorithm"; public static final String REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED = "OAuth.OpenIDConnect." + "SupportedRequestObjectEncryptionMethods.SupportedRequestObjectEncryptionMethod"; + public static final String DEFAULT_SUBJECT_TYPE = "OAuth.OpenIDConnect.DefaultSubjectType"; public static final String NON_EXISTING_USER_CODE = "30007 - "; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java index d5b3a1e149..c9508ce370 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java @@ -43,6 +43,7 @@ import org.wso2.carbon.identity.base.IdentityException; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; +import org.wso2.carbon.identity.oauth.common.OAuthConstants; import org.wso2.carbon.identity.oauth.dto.OAuthIDTokenAlgorithmDTO; import org.wso2.carbon.identity.oauth.dto.TokenBindingMetaDataDTO; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; @@ -181,32 +182,33 @@ public OIDCMetaData getOIDCMetadata() { oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty() .options(tokenEpSigningAlgorithms)); List idTokenSigningAlgorithms = new ArrayList<>(); - idTokenSigningAlgorithms.add("None"); + idTokenSigningAlgorithms.add(ApplicationManagementConstants.NONE); idTokenSigningAlgorithms.addAll(IdentityUtil. getPropertyAsList(ApplicationManagementConstants.ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED)); oidcMetaData.setIdTokenSignatureAlgorithm(new MetadataProperty() .options(idTokenSigningAlgorithms)); List requestObjectSigningAlgorithms = new ArrayList<>(); - requestObjectSigningAlgorithms.add("None"); + requestObjectSigningAlgorithms.add(ApplicationManagementConstants.NONE); requestObjectSigningAlgorithms.addAll(IdentityUtil .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_SIGNATURE_ALGORITHMS_SUPPORTED)); oidcMetaData.setRequestObjectSignatureAlgorithm(new MetadataProperty() .options(requestObjectSigningAlgorithms)); List requestObjectEncryptionAlgorithms = new ArrayList<>(); - requestObjectEncryptionAlgorithms.add("None"); + requestObjectEncryptionAlgorithms.add(ApplicationManagementConstants.NONE); requestObjectEncryptionAlgorithms.addAll(IdentityUtil .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_ENCRYPTION_ALGORITHMS_SUPPORTED)); oidcMetaData.setRequestObjectEncryptionAlgorithm(new MetadataProperty() .options(requestObjectEncryptionAlgorithms)); List requestObjectEncryptionMethods = new ArrayList<>(); - requestObjectEncryptionMethods.add("None"); + requestObjectEncryptionMethods.add(ApplicationManagementConstants.NONE); requestObjectEncryptionMethods.addAll(IdentityUtil .getPropertyAsList(ApplicationManagementConstants.REQUEST_OBJECT_ENCRYPTION_METHODS_SUPPORTED)); oidcMetaData.setRequestObjectEncryptionMethod(new MetadataProperty() .options(requestObjectEncryptionMethods)); - List subjectTypes = Arrays.asList("public", "pairwise"); + List subjectTypes = Arrays.asList(OAuthConstants.SubjectType.PUBLIC.getValue(), + OAuthConstants.SubjectType.PAIRWISE.getValue()); oidcMetaData.setSubjectType(new MetadataProperty() - .defaultValue("public") + .defaultValue(IdentityUtil.getProperty(ApplicationManagementConstants.DEFAULT_SUBJECT_TYPE)) .options(subjectTypes)); List supportedGrantTypes = new LinkedList<>(Arrays.asList(oAuthAdminService.getAllowedGrantTypes())); List supportedGrantTypeNames = new ArrayList<>(); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index 06466a90ad..7d32ce5b40 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -211,10 +211,10 @@ private void updateRequestObjectConfiguration(OAuthConsumerAppDTO consumerAppDTO if (requestObject != null) { - if (requestObject.getEncryption().getAlgorithm() != null) { + if (requestObject.getEncryption() != null && requestObject.getEncryption().getAlgorithm() != null) { consumerAppDTO.setRequestObjectEncryptionAlgorithm(requestObject.getEncryption().getAlgorithm()); } - if (requestObject.getEncryption().getMethod() != null) { + if (requestObject.getEncryption() != null && requestObject.getEncryption().getMethod() != null) { consumerAppDTO.setRequestObjectEncryptionMethod(requestObject.getEncryption().getMethod()); } if (requestObject.getRequestObjectSigningAlg() != null) { From 37a72c2d51b287a9b87474c79216248eb6c7a79c Mon Sep 17 00:00:00 2001 From: Chinthaka Jayatilake <37581983+ChinthakaJ98@users.noreply.github.com> Date: Fri, 27 Oct 2023 00:23:35 +0530 Subject: [PATCH 17/17] Fixing test issue --- .../src/main/resources/applications.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index 2a69ee739c..043dfd7eb7 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3628,7 +3628,7 @@ components: accessTokenBindingType: $ref: '#/components/schemas/MetadataProperty' tokenEndpointAuthMethod: - $ref: '#/components/schemas/MetadataProperty' + $ref: '#/components/schemas/ClientAuthenticationMethodMetadata' tokenEndpointSignatureAlgorithm: $ref: '#/components/schemas/MetadataProperty' idTokenSignatureAlgorithm: