From 9270776cd8c03b53493b29ca12f88c7a86ebd4b3 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri <47152272+mpmadhavig@users.noreply.github.com> Date: Wed, 28 Aug 2024 11:37:11 +0530 Subject: [PATCH 1/2] Revert "Add useClientIdAsSubClaimForAppTokens and omitUsernameInIntrospectionRespForAppTokens configs to app" --- .../v1/OpenIDConnectConfiguration.java | 49 +------------------ .../oauth2/ApiModelToOAuthConsumerApp.java | 4 -- .../oauth2/OAuthConsumerAppToApiModel.java | 3 -- .../src/main/resources/applications.yaml | 6 --- pom.xml | 2 +- 5 files changed, 2 insertions(+), 62 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java index aba7fc8098..08f3fcb577 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OpenIDConnectConfiguration.java @@ -88,8 +88,6 @@ public static StateEnum fromValue(String value) { private RefreshTokenConfiguration refreshToken; private SubjectTokenConfiguration subjectToken; private IdTokenConfiguration idToken; - private Boolean useClientIdAsSubClaimForAppTokens; - private Boolean omitUsernameInIntrospectionRespForAppTokens; private OIDCLogoutConfiguration logout; private Boolean validateRequestObjectSignature = false; private List scopeValidators = null; @@ -360,45 +358,6 @@ public void setIdToken(IdTokenConfiguration idToken) { this.idToken = idToken; } - /** - * If enabled, client_id will be sent as the subject claim value for app tokens. - */ - public OpenIDConnectConfiguration useClientIdAsSubClaimForAppTokens(Boolean useClientIdAsSubClaimForAppTokens) { - - this.useClientIdAsSubClaimForAppTokens = useClientIdAsSubClaimForAppTokens; - return this; - } - - @ApiModelProperty("If enable, client_id will be sent as the sub claim value for app tokens.") - @JsonProperty("useClientIdAsSubClaimForAppTokens") - @Valid - public Boolean getUseClientIdAsSubClaimForAppTokens() { - return useClientIdAsSubClaimForAppTokens; - } - public void setUseClientIdAsSubClaimForAppTokens(Boolean useClientIdAsSubClaimForAppTokens) { - this.useClientIdAsSubClaimForAppTokens = useClientIdAsSubClaimForAppTokens; - } - - /** - * If enabled, username will not be sent in the introspection response for app tokens. - */ - public OpenIDConnectConfiguration omitUsernameInIntrospectionRespForAppTokens( - Boolean omitUsernameInIntrospectionRespForAppTokens) { - - this.omitUsernameInIntrospectionRespForAppTokens = omitUsernameInIntrospectionRespForAppTokens; - return this; - } - - @ApiModelProperty("If enabled, username will not be sent in the introspection response for app tokens.") - @JsonProperty("omitUsernameInIntrospectionRespForAppTokens") - @Valid - public Boolean getOmitUsernameInIntrospectionRespForAppTokens() { - return omitUsernameInIntrospectionRespForAppTokens; - } - public void setOmitUsernameInIntrospectionRespForAppTokens(Boolean omitUsernameInIntrospectionRespForAppTokens) { - this.omitUsernameInIntrospectionRespForAppTokens = omitUsernameInIntrospectionRespForAppTokens; - } - /** **/ public OpenIDConnectConfiguration logout(OIDCLogoutConfiguration logout) { @@ -593,10 +552,6 @@ public boolean equals(java.lang.Object o) { Objects.equals(this.refreshToken, openIDConnectConfiguration.refreshToken) && Objects.equals(this.subjectToken, openIDConnectConfiguration.subjectToken) && Objects.equals(this.idToken, openIDConnectConfiguration.idToken) && - Objects.equals(this.useClientIdAsSubClaimForAppTokens, - openIDConnectConfiguration.useClientIdAsSubClaimForAppTokens) && - Objects.equals(this.omitUsernameInIntrospectionRespForAppTokens, - openIDConnectConfiguration.omitUsernameInIntrospectionRespForAppTokens) && Objects.equals(this.logout, openIDConnectConfiguration.logout) && Objects.equals(this.validateRequestObjectSignature, openIDConnectConfiguration.validateRequestObjectSignature) && Objects.equals(this.scopeValidators, openIDConnectConfiguration.scopeValidators) && @@ -611,7 +566,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, hybridFlow, accessToken, refreshToken, subjectToken, idToken, useClientIdAsSubClaimForAppTokens, omitUsernameInIntrospectionRespForAppTokens, logout, validateRequestObjectSignature, scopeValidators, clientAuthentication, requestObject, pushAuthorizationRequest, subject, isFAPIApplication, fapiMetadata); + return Objects.hash(clientId, clientSecret, state, grantTypes, callbackURLs, allowedOrigins, publicClient, pkce, hybridFlow, accessToken, refreshToken, subjectToken, idToken, logout, validateRequestObjectSignature, scopeValidators, clientAuthentication, requestObject, pushAuthorizationRequest, subject, isFAPIApplication, fapiMetadata); } @Override @@ -633,8 +588,6 @@ public String toString() { sb.append(" refreshToken: ").append(toIndentedString(refreshToken)).append("\n"); sb.append(" subjectToken: ").append(toIndentedString(subjectToken)).append("\n"); sb.append(" idToken: ").append(toIndentedString(idToken)).append("\n"); - sb.append(" useClientIdAsSubClaimForAppTokens: ").append(toIndentedString(useClientIdAsSubClaimForAppTokens)).append("\n"); - sb.append(" omitUsernameInIntrospectionRespForAppTokens: ").append(toIndentedString(omitUsernameInIntrospectionRespForAppTokens)).append("\n"); sb.append(" logout: ").append(toIndentedString(logout)).append("\n"); sb.append(" validateRequestObjectSignature: ").append(toIndentedString(validateRequestObjectSignature)).append("\n"); sb.append(" scopeValidators: ").append(toIndentedString(scopeValidators)).append("\n"); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java index c35bc722e5..2d9e7d121a 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/ApiModelToOAuthConsumerApp.java @@ -69,10 +69,6 @@ public OAuthConsumerAppDTO apply(String appName, OpenIDConnectConfiguration oidc consumerAppDTO.setBypassClientCredentials(oidcModel.getPublicClient()); consumerAppDTO.setRequestObjectSignatureValidationEnabled(oidcModel.getValidateRequestObjectSignature()); - consumerAppDTO.setUseClientIdAsSubClaimForAppTokens(oidcModel.getUseClientIdAsSubClaimForAppTokens()); - consumerAppDTO.setOmitUsernameInIntrospectionRespForAppTokens( - oidcModel.getOmitUsernameInIntrospectionRespForAppTokens()); - updateAllowedOrigins(consumerAppDTO, oidcModel.getAllowedOrigins()); updatePkceConfigurations(consumerAppDTO, oidcModel.getPkce()); updateHybridFlowConfigurations(consumerAppDTO, oidcModel.getHybridFlow()); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java index d174d227b9..f66ef57ca6 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/oauth2/OAuthConsumerAppToApiModel.java @@ -59,9 +59,6 @@ public OpenIDConnectConfiguration apply(OAuthConsumerAppDTO oauthAppDTO) { .accessToken(buildTokenConfiguration(oauthAppDTO)) .refreshToken(buildRefreshTokenConfiguration(oauthAppDTO)) .idToken(buildIdTokenConfiguration(oauthAppDTO)) - .useClientIdAsSubClaimForAppTokens(oauthAppDTO.isUseClientIdAsSubClaimForAppTokens()) - .omitUsernameInIntrospectionRespForAppTokens( - oauthAppDTO.isOmitUsernameInIntrospectionRespForAppTokens()) .logout(buildLogoutConfiguration(oauthAppDTO)) .scopeValidators(getScopeValidators(oauthAppDTO)) .validateRequestObjectSignature(oauthAppDTO.isRequestObjectSignatureValidationEnabled()) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index e0b0a05343..1667b034c3 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -3603,12 +3603,6 @@ components: Enabling this option will allow the client to authenticate without a client secret. example: false - useClientIdAsSubClaimForAppTokens: - type: boolean - description: If enabled, client_id will be sent as the sub claim value for app tokens. - omitUsernameInIntrospectionRespForAppTokens: - type: boolean - description: If enabled, username will not be sent in the introspection response for app tokens. pkce: $ref: '#/components/schemas/OAuth2PKCEConfiguration' accessToken: diff --git a/pom.xml b/pom.xml index ada4ea9e83..2478d855b0 100644 --- a/pom.xml +++ b/pom.xml @@ -808,7 +808,7 @@ 1.12.0 **/gen/**/* 1.8.19 - 7.0.140 + 7.0.137 5.11.41 1.9.4 findbugs-exclude-filter.xml From be5f3f6968e4806cca41149af9dfda1ad31da351 Mon Sep 17 00:00:00 2001 From: Madhavi Gayathri <47152272+mpmadhavig@users.noreply.github.com> Date: Tue, 24 Sep 2024 11:30:12 +0530 Subject: [PATCH 2/2] Bump oauth version. --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 2478d855b0..2e25920703 100644 --- a/pom.xml +++ b/pom.xml @@ -808,7 +808,7 @@ 1.12.0 **/gen/**/* 1.8.19 - 7.0.137 + 7.0.154 5.11.41 1.9.4 findbugs-exclude-filter.xml