public Consumer getConsumer(final ApplicationLink applicationLink) { final String consumerKey = getConsumerKey(applicationLink); if (consumerKey != null) { return serviceProviderConsumerStore.get(consumerKey); } return null; }
public void addConsumer(final Consumer consumer, final ApplicationLink applicationLink) { // don't check whether the consumer exists already - transparently upgrade existing OAuth consumers to UAL serviceProviderConsumerStore.put(consumer); applicationLink.putProperty(PROPERTY_INCOMING_CONSUMER_KEY, consumer.getKey()); }
@After public void tearDown() { consumerStore.remove(CONSUMER_KEY); } }
@Test public void testIfConsumerDoesNotHave3LOFlagDefinedThenItIsConsideredOn() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertTrue(savedConsumer.getThreeLOAllowed()); }
private void cleanOAuth() { String consumerKey = consumerService.getConsumer().getKey(); final Map<ConsumerTokenStore.Key, ConsumerToken> consumerTokens = consumerTokenStore.getConsumerTokens(consumerKey); for (ConsumerTokenStore.Key key : consumerTokens.keySet()) { consumerTokenStore.remove(key); } for (final ApplicationLink link : ImmutableList.copyOf(linkService.getApplicationLinks())) { Map<String, String> config = authenticationConfigurationManager.getConfiguration(link.getId(), OAuthAuthenticationProvider.class); if (config != null && config.containsKey(AUTH_CONFIG_CONSUMER_KEY_OUTBOUND)) { final String key = config.get(AUTH_CONFIG_CONSUMER_KEY_OUTBOUND); consumerTokenStore.removeTokensForConsumer(key); } authenticationConfigurationManager.unregisterProvider(link.getId(), OAuthAuthenticationProvider.class); } // as a service provider (inbound): get rid of all the consumers for (final Consumer consumer : serviceProviderConsumerStore.getAll()) { serviceProviderTokenStore.removeByConsumer(consumer.getKey()); serviceProviderConsumerStore.remove(consumer.getKey()); } // as a consumer (outbound): get rid of all the service providers we talked to for (final Consumer consumer : consumerService.getAllServiceProviders()) { consumerService.removeConsumerByKey(consumer.getKey()); } } }
private List<OrphanedTrustCertificate> findOrphanedOAuthConsumers() { final List<OrphanedTrustCertificate> orphanedTrustCertificates = new ArrayList<>(); final Set<String> recognisedConsumerKeys = new HashSet<>(); for (final ApplicationLink link : applicationLinkService.getApplicationLinks()) { final Consumer consumer = serviceProviderStoreService.getConsumer(link); if (consumer != null) { recognisedConsumerKeys.add(consumer.getKey()); } } for (final Consumer consumer : serviceProviderConsumerStore.getAll()) { if (!recognisedConsumerKeys.contains(consumer.getKey())) { orphanedTrustCertificates.add( new OrphanedTrustCertificate(consumer.getKey(), consumer.getDescription(), OrphanedTrustCertificate.Type.OAUTH) ); } } return orphanedTrustCertificates; }
@Test public void testServiceProviderConsumerStoreCanStoreOAuth3LOConfiguration() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .threeLOAllowed(false) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertFalse(savedConsumer.getThreeLOAllowed()); }
@Test public void testServiceProviderConsumerStoreCanStoreOAuth2LOImpersonationConfiguration() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .twoLOImpersonationAllowed(true) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertTrue(savedConsumer.getTwoLOImpersonationAllowed()); }
@GET public Response execute(@QueryParam("refappTaId") final String refappTrustedAppsId, @QueryParam("refappOaId") final String refappOAuthId) { final PluginSettings ps = getPluginSettings(); if (refappTrustedAppsId != null) { ps.put("trustedapps", ImmutableList.of(refappTrustedAppsId)); ps.put("trustedapp." + refappTrustedAppsId, createTrustedProperties()); } if (refappOAuthId != null) { serviceProviderConsumerStore.put(new Consumer.InstanceBuilder(refappOAuthId) .name("Test orphaned consumer") .description("Atlassian RefImpl at http://localhost:5992/refapp2") .publicKey(getTestOAuthKey()) .build()); } return noContent().build(); }
private Consumer validateConsumer(OAuthMessage message) throws IOException, OAuthException { // This consumer must exist at the time the token is used. final String consumerKey = message.getConsumerKey(); final Consumer consumer = serviceProviderConsumerStore.get(consumerKey); if (consumer == null) { LOG.info("Unknown consumer key:'{}' supplied in OAuth request" + consumerKey); throw new OAuthProblemException(CONSUMER_KEY_UNKNOWN); } return consumer; }
@Override public void deleteTrustCertificate(final String id, final OrphanedTrustCertificate.Type type) { checkCertificateType(type); if (type == OrphanedTrustCertificate.Type.OAUTH) { serviceProviderConsumerStore.remove(id); } else if (type == OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER) { consumerService.removeConsumerByKey(id); } }
@Test public void testServiceProviderConsumerStoreCanHandle3LOConfigurationChanges() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .threeLOAllowed(false) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertFalse(savedConsumer.getThreeLOAllowed()); final Consumer consumer2 = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .threeLOAllowed(true) .build(); consumerStore.put(consumer2); final Consumer savedConsumer2 = consumerStore.get(CONSUMER_KEY); assertTrue(savedConsumer2.getThreeLOAllowed()); }
private void setUpOAuthConsumer() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); Consumer hardcodedConsumer = Consumer.key("hardcoded-consumer") .name("Hardcoded Consumer") .publicKey(publicKey) .description("Hardcoded Consumer") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback")) .twoLOAllowed(true) .executingTwoLOUser(infoProvider.getAdminUsername()) .build(); consumerStore.put(hardcodedConsumer); }
private void registerOAuthConsumer(final String id, final ApplicationLink applicationLink) { Consumer consumer = serviceProviderConsumerStore.get(id); if (consumer == null) { throw new RuntimeException("No consumer with key '" + consumer.getKey() + "' registered!"); } serviceProviderStoreService.addConsumer(consumer, applicationLink); log.debug("Associated OAuth Consumer with key '" + consumer.getKey() + "' with Application Link id='" + applicationLink.getId() + "' and name='" + applicationLink.getName() + "'"); } }
public void removeConsumer(final ApplicationLink applicationLink) { final String consumerKey = getConsumerKey(applicationLink); if (consumerKey == null) { throw new IllegalStateException("No consumer configured for application link '" + applicationLink + "'."); } serviceProviderTokenStore.removeByConsumer(consumerKey); serviceProviderConsumerStore.remove(consumerKey); if (applicationLink.removeProperty(PROPERTY_INCOMING_CONSUMER_KEY) == null) { throw new IllegalStateException("Failed to remove consumer with key '" + consumerKey + "' from application link '" + applicationLink + "'"); } }
@Test public void testServiceProviderConsumerStoreCanStoreOAuth2LOConfiguration() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .twoLOAllowed(true) .executingTwoLOUser("2lo_user") .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertTrue(savedConsumer.getTwoLOAllowed()); assertEquals("2lo_user", savedConsumer.getExecutingTwoLOUser()); }
.twoLOImpersonationAllowed(options.add2LOi) .build(); serviceProviderConsumerStore.put(updatedConsumer); link.putProperty(OAUTH_INCOMING_CONSUMER_KEY, updatedConsumer.getKey());
OAuthMessage message = OAuthServlet.getMessage(request, null); message.requireParameters(OAUTH_CONSUMER_KEY); Consumer consumer = consumerStore.get(message.getConsumerKey()); if (consumer == null) { throw new OAuthProblemException(CONSUMER_KEY_UNKNOWN);
@EventListener public void onApplicationLinkDeleted(BeforeApplicationLinkDeletedEvent beforeApplicationLinkDeletedEvent) { final ApplicationLink applicationLink = beforeApplicationLinkDeletedEvent.getApplicationLink(); final Object oConsumerKey = applicationLink.getProperty(OAUTH_INCOMING_CONSUMER_KEY); if (oConsumerKey != null) { final String consumerKey = oConsumerKey.toString(); serviceProviderTokenStore.removeByConsumer(consumerKey); serviceProviderConsumerStore.remove(consumerKey); logger.debug("Unregistered consumer with key '{}' for deleted application link {}", oConsumerKey, applicationLink); } if (configurationManager.isConfigured(applicationLink.getId(), OAuthAuthenticationProvider.class)) { final Map<String, String> configuration = configurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class); final String consumerKey = configuration.get(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND); if (!StringUtils.isEmpty(consumerKey)) { consumerService.removeConsumerByKey(consumerKey); logger.debug("Unregistered service provider with consumer key '{}' for deleted application link {}", consumerKey, applicationLink); } consumerTokenStoreService.removeAllConsumerTokens(applicationLink); logger.debug("Removed token for deleted application link {}", applicationLink); } }
@Test public void testDefault2LOParametersAreAppropriateIfLeftUntouched() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertFalse(savedConsumer.getTwoLOAllowed()); assertNull(savedConsumer.getExecutingTwoLOUser()); assertFalse(savedConsumer.getTwoLOImpersonationAllowed()); }