private boolean jwtWasIssuedByHost(String issuer) { try { final String consumerKey = consumerService.getConsumer().getKey(); log.debug("jwtWasIssuedByHost: consumer-key='{}', issuer='{}'", consumerKey, issuer); return consumerKey.equals(issuer); } catch(ConsumerCreationException e) { log.error("Could not get the consumer that provides issuer Id.", e); } return false; }
@Override public void deleteTrustCertificate(final String id, final OrphanedTrustCertificate.Type type) { checkCertificateType(type); if (type == OrphanedTrustCertificate.Type.OAUTH) { serviceProviderConsumerStore.remove(id); } else if (type == OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER) { consumerService.removeConsumerByKey(id); } }
private Request sign(Request request, ConsumerToken token) { return consumer.sign(request, SP, token); }
private Consumer getConsumer(final String consumerKey) { return consumerService.getConsumerByKey(consumerKey) == null ? consumerService.getConsumer() : consumerService.getConsumerByKey(consumerKey); }
private void cleanOAuth() { String consumerKey = consumerService.getConsumer().getKey(); final Map<ConsumerTokenStore.Key, ConsumerToken> consumerTokens = consumerTokenStore.getConsumerTokens(consumerKey); for (ConsumerTokenStore.Key key : consumerTokens.keySet()) { consumerTokenStore.remove(key); } for (final ApplicationLink link : ImmutableList.copyOf(linkService.getApplicationLinks())) { Map<String, String> config = authenticationConfigurationManager.getConfiguration(link.getId(), OAuthAuthenticationProvider.class); if (config != null && config.containsKey(AUTH_CONFIG_CONSUMER_KEY_OUTBOUND)) { final String key = config.get(AUTH_CONFIG_CONSUMER_KEY_OUTBOUND); consumerTokenStore.removeTokensForConsumer(key); } authenticationConfigurationManager.unregisterProvider(link.getId(), OAuthAuthenticationProvider.class); } // as a service provider (inbound): get rid of all the consumers for (final Consumer consumer : serviceProviderConsumerStore.getAll()) { serviceProviderTokenStore.removeByConsumer(consumer.getKey()); serviceProviderConsumerStore.remove(consumer.getKey()); } // as a consumer (outbound): get rid of all the service providers we talked to for (final Consumer consumer : consumerService.getAllServiceProviders()) { consumerService.removeConsumerByKey(consumer.getKey()); } } }
if (config != null && config.containsKey(CONSUMER_KEY_OUTBOUND)) { final String oldConsumerKey = config.get(CONSUMER_KEY_OUTBOUND); consumerService.removeConsumerByKey(oldConsumerKey); final Consumer existingConsumerDuplicatedServiceName = consumerService.getConsumer(name); final Consumer existingConsumerDuplicatedKey = consumerService.getConsumerByKey(consumerKey); if (existingConsumerDuplicatedServiceName != null) { fieldErrorMessages.put(NAME_PARAMETER, messageFactory.newI18nMessage("auth.oauth.config.consumer.serviceprovider.service.name.exists", existingConsumerDuplicatedServiceName.getKey())); .description(description) .build(); consumerService.add(name, consumer, sharedSecret); } else /* disable */ { final Map<String, String> config = authenticationConfigurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class); if (config != null && config.containsKey(CONSUMER_KEY_OUTBOUND)) { final String oldConsumerKey = config.get(CONSUMER_KEY_OUTBOUND); consumerService.removeConsumerByKey(oldConsumerKey);
private List<OrphanedTrustCertificate> findOrphanedOAuthServiceProviders() { final List<OrphanedTrustCertificate> orphanedTrustCertificates = new ArrayList<OrphanedTrustCertificate>(); final List<String> registeredServiceProviders = findRegisteredServiceProviders(); final Iterable<Consumer> allServiceProviders = consumerService.getAllServiceProviders(); for (Consumer serviceProvider : allServiceProviders) { if (!registeredServiceProviders.contains(serviceProvider.getKey())) { log.debug("Found orphaned Service Provider with consumer key '" + serviceProvider.getKey() + "' and name '" + serviceProvider.getName() + "'"); orphanedTrustCertificates.add( new OrphanedTrustCertificate(serviceProvider.getKey(), serviceProvider.getDescription(), OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER) ); } } return orphanedTrustCertificates; }
/** * Add an Outgoing Consumer for a 3rdParty link. */ private Consumer add3rdPartyOutgoingConsumer(final ConsumerEntity consumerEntity) { final Consumer consumer = Consumer.key(consumerEntity.getKey()) .name(consumerEntity.getName()) .signatureMethod(Consumer.SignatureMethod.HMAC_SHA1) .description(consumerEntity.getDescription()) .build(); consumerService.add(consumer.getName(), consumer, consumerEntity.getSharedSecret()); return consumer; }
private String getHostClientKey() { return consumerService.getConsumer().getKey(); }
@Override protected void signRequest() throws ResponseException { final com.atlassian.oauth.Request oAuthRequest = createUnsignedRequest(); final com.atlassian.oauth.Request signedRequest = consumerService.sign(oAuthRequest, serviceProvider, consumerToken); final OAuthMessage oAuthMessage = OAuthHelper.asOAuthMessage(signedRequest); try { wrappedRequest.setHeader("Authorization", oAuthMessage.getAuthorizationHeader(null)); } catch (IOException e) { throw new ResponseException("Unable to generate OAuth Authorization request header.", e); } } }
@EventListener public void onApplicationLinkDeleted(BeforeApplicationLinkDeletedEvent beforeApplicationLinkDeletedEvent) { final ApplicationLink applicationLink = beforeApplicationLinkDeletedEvent.getApplicationLink(); final Object oConsumerKey = applicationLink.getProperty(OAUTH_INCOMING_CONSUMER_KEY); if (oConsumerKey != null) { final String consumerKey = oConsumerKey.toString(); serviceProviderTokenStore.removeByConsumer(consumerKey); serviceProviderConsumerStore.remove(consumerKey); logger.debug("Unregistered consumer with key '{}' for deleted application link {}", oConsumerKey, applicationLink); } if (configurationManager.isConfigured(applicationLink.getId(), OAuthAuthenticationProvider.class)) { final Map<String, String> configuration = configurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class); final String consumerKey = configuration.get(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND); if (!StringUtils.isEmpty(consumerKey)) { consumerService.removeConsumerByKey(consumerKey); logger.debug("Unregistered service provider with consumer key '{}' for deleted application link {}", consumerKey, applicationLink); } consumerTokenStoreService.removeAllConsumerTokens(applicationLink); logger.debug("Removed token for deleted application link {}", applicationLink); } }
private String getHostClientKey() { return consumerService.getConsumer().getKey(); }
public ConsumerToken getAccessToken(ServiceProvider serviceProvider, ConsumerToken requestTokenPair, String requestVerifier, final String consumerKey) throws ResponseException { final List<Request.Parameter> parameters = new ArrayList<Request.Parameter>(); parameters.add(new Request.Parameter(OAuth.OAUTH_TOKEN, requestTokenPair.getToken())); if (StringUtils.isNotBlank(requestVerifier)) // Added in OAuth 1.0a { parameters.add(new Request.Parameter(OAuth.OAUTH_VERIFIER, requestVerifier)); } final Request oAuthRequest = new Request(Request.HttpMethod.POST, serviceProvider.getAccessTokenUri(), parameters); final Request signedRequest = consumerService.sign(oAuthRequest, serviceProvider, requestTokenPair); final TokenAndSecret tokenAndSecret = requestToken(serviceProvider.getAccessTokenUri().toString(), signedRequest); ConsumerToken accessToken = ConsumerToken.newAccessToken(tokenAndSecret.token).tokenSecret(tokenAndSecret.secret).consumer(getConsumer(consumerKey)).build(); assert (accessToken.isAccessToken()); return accessToken; }
@Override @Nonnull public Optional<String> generate(HttpMethod httpMethod, URI url, Map<String, String[]> parameters, String secret, Optional<UserProfile> user) { checkArgument(null != parameters, "Parameters Map argument cannot be null"); checkArgument(null != secret, "Secret cannot be null"); final String authValue = jwtEncoder.encodeJwt(httpMethod, url, addonBaseUrl, parameters, consumerService.getConsumer().getKey(), secret, user); return Optional.of(JWT_AUTH_HEADER_PREFIX + authValue); } }
protected void signRequest() throws ResponseException { final com.atlassian.oauth.Request oAuthRequest = createUnsignedRequest(); final com.atlassian.oauth.Request signedRequest = consumerService.sign(oAuthRequest, serviceProvider); final OAuthMessage oAuthMessage = OAuthHelper.asOAuthMessage(signedRequest); try { wrappedRequest.setHeader("Authorization", oAuthMessage.getAuthorizationHeader(null)); } catch (IOException e) { throw new ResponseException("Unable to generate OAuth Authorization request header.", e); } }
@Override @Nonnull public Optional<String> generate(HttpMethod httpMethod, URI url, Map<String, String[]> parameters, String secret, Optional<UserProfile> user) { checkArgument(null != parameters, "Parameters Map argument cannot be null"); checkArgument(null != secret, "Secret cannot be null"); final String authValue = jwtEncoder.encodeJwt(httpMethod, url, addonBaseUrl, parameters, consumerService.getConsumer().getKey(), secret, user); return Optional.of(JWT_AUTH_HEADER_PREFIX + authValue); } }
public ConsumerToken getRequestToken(ServiceProvider serviceProvider, final String consumerKey, String callback) throws ResponseException { final Request oAuthRequest = new Request(Request.HttpMethod.POST, serviceProvider.getRequestTokenUri(), Collections.singleton(new Request.Parameter(OAuth.OAUTH_CALLBACK, callback))); final Request signedRequest = consumerService.sign(oAuthRequest, consumerKey, serviceProvider); final com.atlassian.sal.api.net.Request tokenRequest = requestFactory.createRequest( com.atlassian.sal.api.net.Request.MethodType.POST, serviceProvider.getRequestTokenUri().toString()); tokenRequest.addRequestParameters(parameterToStringArray(signedRequest.getParameters())); final TokenAndSecret tokenAndSecret = requestToken(serviceProvider.getRequestTokenUri().toString(), signedRequest); final ConsumerToken requestToken = ConsumerToken.newRequestToken(tokenAndSecret.token) .tokenSecret(tokenAndSecret.secret) .consumer(getConsumer(consumerKey)) .build(); assert (requestToken.isRequestToken()); return requestToken; }
private String getConsumerKey(ApplicationLink applicationLink) { final Map<String, String> config = authenticationConfigurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class); if (config.containsKey(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND)) { return config.get(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND); } return consumerService.getConsumer().getKey(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("application/xml;charset=UTF-8"); Consumer consumer = store.getConsumer(); Map<String, Object> context = ImmutableMap.of( "consumer", consumer, "encodedPublicKey", RSAKeys.toPemEncoding(consumer.getPublicKey()) ); try { renderer.render("view.xml.vm", context, response.getWriter()); } catch (RenderingException e) { throw new ServletException(e); } catch (ConsumerCreationException e) { throw new ServletException(e); } } }
private ConsumerToken asToken(HttpServletRequest request) { return ConsumerToken.newAccessToken(request.getParameter("token")) .tokenSecret(request.getParameter("token-secret")) .consumer(consumer.getConsumer()) .build(); }