Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: changes in admin-ui plugin to allow agama-developer-studio to use its OAuth2 apis #3085 #3298

Merged
merged 2 commits into from
Dec 13, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
* @version 0.9, 03/01/2013
*/
@DataEntry
@ObjectClass(value = "jansAdminConfDyn")
@ObjectClass(value = "jansAppConf")
public class AdminConf {
@DN
private String dn;
Expand All @@ -26,6 +26,10 @@ public class AdminConf {
@AttributeName(name = "jansConfDyn")
private DynamicConfig dynamic;

@JsonObject
@AttributeName(name = "jansConfApp")
private MainSettings mainSettings;

@AttributeName(name = "jansRevision")
private long revision;

Expand Down Expand Up @@ -53,6 +57,13 @@ public void setDynamic(DynamicConfig dynamic) {
this.dynamic = dynamic;
}

public MainSettings getMainSettings() {
return mainSettings;
}

public void setMainSettings(MainSettings mainSettings) {
this.mainSettings = mainSettings;
}
@Override
public String toString() {
final StringBuilder sb = new StringBuilder();
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
package io.jans.as.model.config.adminui;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;

@JsonIgnoreProperties(ignoreUnknown = true)
public class MainSettings {

private OIDCSettings oidcConfig;

public OIDCSettings getOidcConfig() {
return oidcConfig;
}

public void setOidcConfig(OIDCSettings oidcConfig) {
this.oidcConfig = oidcConfig;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
package io.jans.as.model.config.adminui;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;

import java.util.List;

@JsonIgnoreProperties(ignoreUnknown = true)
public class OIDCClientSettings {

private String opHost;
private String clientId;
private String clientSecret;
private String tokenEndpoint;
private String redirectUri;
private String postLogoutUri;
private String frontchannelLogoutUri;
private List<String> scopes;
private List<String> acrValues;

public OIDCClientSettings() {
//Do not remove
}

public OIDCClientSettings(String opHost, String clientId, String clientSecret) {

this.opHost = opHost;
this.clientId = clientId;
this.clientSecret = clientSecret;
}

public OIDCClientSettings(String opHost, String clientId, String clientSecret, String tokenEndpoint) {

this.opHost = opHost;
this.clientId = clientId;
this.clientSecret = clientSecret;
this.tokenEndpoint = tokenEndpoint;
}

@JsonInclude(JsonInclude.Include.NON_EMPTY)
public String getOpHost() {
return opHost;
}

@JsonInclude(JsonInclude.Include.NON_EMPTY)
public String getClientId() {
return clientId;
}

@JsonInclude(JsonInclude.Include.NON_EMPTY)
public String getClientSecret() {
return clientSecret;
}

public String getTokenEndpoint() {
return tokenEndpoint;
}

public String getRedirectUri() {
return redirectUri;
}

public void setRedirectUri(String redirectUri) {
this.redirectUri = redirectUri;
}

public String getPostLogoutUri() {
return postLogoutUri;
}

public void setPostLogoutUri(String postLogoutUri) {
this.postLogoutUri = postLogoutUri;
}

public List<String> getScopes() {
return scopes;
}

public void setScopes(List<String> scopes) {
this.scopes = scopes;
}

public List<String> getAcrValues() {
return acrValues;
}

public void setAcrValues(List<String> acrValues) {
this.acrValues = acrValues;
}

public String getFrontchannelLogoutUri() {
return frontchannelLogoutUri;
}

public void setFrontchannelLogoutUri(String frontchannelLogoutUri) {
this.frontchannelLogoutUri = frontchannelLogoutUri;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
package io.jans.as.model.config.adminui;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;

import java.util.List;
@JsonIgnoreProperties(ignoreUnknown = true)
public class OIDCSettings {

private OIDCClientSettings authServerClient;
private OIDCClientSettings tokenServerClient;

public OIDCClientSettings getAuthServerClient() {
return authServerClient;
}

public void setAuthServerClient(OIDCClientSettings authServerClient) {
this.authServerClient = authServerClient;
}

public OIDCClientSettings getTokenServerClient() {
return tokenServerClient;
}

public void setTokenServerClient(OIDCClientSettings tokenServerClient) {
this.tokenServerClient = tokenServerClient;
}
}
5 changes: 5 additions & 0 deletions jans-config-api/plugins/admin-ui-plugin/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@
<groupId>io.jans</groupId>
<artifactId>jans-config-api-shared</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.jans</groupId>
<artifactId>jans-config-api-server</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.jans</groupId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

public class AUIConfiguration {

private String appType;
//auth server
private String authServerHost;
private String authServerClientId;
Expand Down Expand Up @@ -30,6 +31,13 @@ public class AUIConfiguration {
private String tokenServerUserInfoEndpoint;
private String tokenServerEndSessionEndpoint;

public String getAppType() {
return appType;
}

public void setAppType(String appType) {
this.appType = appType;
}
// LicenseSpring
private LicenseConfiguration licenseConfiguration;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,13 @@
import jakarta.ws.rs.core.Response;

@Hidden
@Path("/admin-ui/oauth2")
@Path("/app")
public class OAuth2Resource {

static final String OAUTH2_CONFIG = "/config";
static final String OAUTH2_ACCESS_TOKEN = "/access-token";
static final String OAUTH2_API_PROTECTION_TOKEN = "/api-protection-token";
static final String OAUTH2_API_USER_INFO = "/user-info";
//appType: admin-ui, ads
static final String OAUTH2_CONFIG = "/{appType}/oauth2/config";
static final String OAUTH2_ACCESS_TOKEN = "/{appType}/oauth2/access-token";
static final String OAUTH2_API_PROTECTION_TOKEN = "/{appType}/oauth2/api-protection-token";
static final String OAUTH2_API_USER_INFO = "/{appType}/oauth2/user-info";

public static final String SCOPE_OPENID = "openid";

Expand All @@ -46,9 +46,9 @@ public class OAuth2Resource {
@Path(OAUTH2_CONFIG)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = {SCOPE_OPENID})
public Response getOAuth2Config() {
public Response getOAuth2Config(@PathParam("appType") String appType) {

AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);

OAuth2ConfigResponse oauth2Config = new OAuth2ConfigResponse();
oauth2Config.setAuthzBaseUrl(auiConfiguration.getAuthServerAuthzBaseUrl());
Expand All @@ -67,11 +67,11 @@ public Response getOAuth2Config() {
@GET
@Path(OAUTH2_ACCESS_TOKEN)
@Produces(MediaType.APPLICATION_JSON)
public Response getAccessToken(@QueryParam("code") String code) {
public Response getAccessToken(@QueryParam("code") String code, @PathParam("appType") String appType) {

try {
log.info("Access token request to Auth Server.");
TokenResponse tokenResponse = oAuth2Service.getAccessToken(code);
TokenResponse tokenResponse = oAuth2Service.getAccessToken(code, appType);
log.info("Access token received from Auth Server.");
return Response.ok(tokenResponse).build();
} catch (ApplicationException e) {
Expand All @@ -86,10 +86,10 @@ public Response getAccessToken(@QueryParam("code") String code) {
@GET
@Path(OAUTH2_API_PROTECTION_TOKEN)
@Produces(MediaType.APPLICATION_JSON)
public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt) {
public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt, @PathParam("appType") String appType) {
try {
log.info("Api protection token request to Auth Server.");
TokenResponse tokenResponse = oAuth2Service.getApiProtectionToken(ujwt);
TokenResponse tokenResponse = oAuth2Service.getApiProtectionToken(ujwt, appType);
log.info("Api protection token received from Auth Server.");
return Response.ok(tokenResponse).build();
} catch (ApplicationException e) {
Expand All @@ -104,10 +104,10 @@ public Response getApiProtectionToken(@QueryParam("ujwt") String ujwt) {
@POST
@Path(OAUTH2_API_USER_INFO)
@Produces(MediaType.APPLICATION_JSON)
public Response getUserInfo(@Valid @NotNull UserInfoRequest userInfoRequest) {
public Response getUserInfo(@Valid @NotNull UserInfoRequest userInfoRequest, @PathParam("appType") String appType) {
try {
log.info("Get User-Info request to Auth Server.");
UserInfoResponse userInfoResponse = oAuth2Service.getUserInfo(userInfoRequest);
UserInfoResponse userInfoResponse = oAuth2Service.getUserInfo(userInfoRequest, appType);
log.info("Get User-Info received from Auth Server.");
return Response.ok(userInfoResponse).build();
} catch (ApplicationException e) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,14 +48,14 @@ public class OAuth2Service {
/**
* Calls token endpoint from the Identity Provider and returns a valid Access Token.
*/
public TokenResponse getAccessToken(String code) throws ApplicationException {
public TokenResponse getAccessToken(String code, String appType) throws ApplicationException {
try {
log.debug("Getting access token with code");
if (Strings.isNullOrEmpty(code)) {
log.error(ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
}
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);

TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(code);
Expand Down Expand Up @@ -85,11 +85,11 @@ public TokenResponse getAccessToken(String code) throws ApplicationException {
/**
* Calls token endpoint from the Identity Provider and returns a valid Access Token.
*/
public TokenResponse getApiProtectionToken(String userInfoJwt) throws ApplicationException {
public TokenResponse getApiProtectionToken(String userInfoJwt, String appType) throws ApplicationException {
try {
log.debug("Getting api-protection token");

AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);

TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
tokenRequest.setAuthUsername(auiConfiguration.getTokenServerClientId());
Expand Down Expand Up @@ -134,9 +134,9 @@ public TokenResponse getApiProtectionToken(String userInfoJwt) throws Applicatio
}
}

public Map<String, Object> introspectToken(String accessToken) {
public Map<String, Object> introspectToken(String accessToken, String appType) {
log.info("Token introspection from auth-server.");
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);
Invocation.Builder request = ClientFactory.instance().getClientBuilder(auiConfiguration.getAuthServerIntrospectionEndpoint());
request.header("Authorization", "Bearer " + accessToken);

Expand All @@ -154,10 +154,10 @@ public Map<String, Object> introspectToken(String accessToken) {
}
return null;
}
public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest) throws ApplicationException {
public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest, String appType) throws ApplicationException {
try {
log.debug("Getting User-Info from auth-server: {}", userInfoRequest.getAccessToken());
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(appType);

String accessToken = org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getAccessToken()) ? userInfoRequest.getAccessToken() : null;

Expand All @@ -167,11 +167,11 @@ public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest) throws Appl
}

if (org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getCode()) && org.apache.logging.log4j.util.Strings.isBlank(accessToken)) {
TokenResponse tokenResponse = getAccessToken(userInfoRequest.getCode());
TokenResponse tokenResponse = getAccessToken(userInfoRequest.getCode(), appType);
accessToken = tokenResponse.getAccessToken();
}
log.debug("Access Token : {}", accessToken);
Map<String, Object> introspectionResponse = introspectToken(accessToken);
Map<String, Object> introspectionResponse = introspectToken(accessToken, appType);

MultivaluedMap<String, String> body = new MultivaluedHashMap<>();
body.putSingle("access_token", accessToken);
Expand Down
Loading