Esempio n. 1
0
  public void removeConsumerApplication(String consumerKey) throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_APPLICATION);
      prepStmt.setString(1, tokenPersistenceProcessor.getProcessedToken(consumerKey));

      prepStmt.execute();
      connection.commit();

    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error(
          "Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries.REMOVE_APPLICATION);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException("Error removing the consumer application.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
    }
  }
Esempio n. 2
0
  private boolean isDuplicateConsumer(String consumerKey) throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    ResultSet rSet = null;

    boolean isDuplicateConsumer = false;

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt =
          connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_CONSUMER);
      prepStmt.setString(1, tokenPersistenceProcessor.getProcessedToken(consumerKey));

      rSet = prepStmt.executeQuery();
      if (rSet.next()) {
        isDuplicateConsumer = true;
      }
    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error(
          "Error when executing the SQL : "
              + SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_CONSUMER);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException(
          "Error when reading the application information from the persistence store.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt);
    }
    return isDuplicateConsumer;
  }
Esempio n. 3
0
  public void updateConsumerApplication(OAuthAppDO oauthAppDO) throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_CONSUMER_APP);
      prepStmt.setString(1, oauthAppDO.getApplicationName());
      prepStmt.setString(2, oauthAppDO.getCallbackUrl());
      prepStmt.setString(3, oauthAppDO.getGrantTypes());
      prepStmt.setString(
          4, tokenPersistenceProcessor.getProcessedToken(oauthAppDO.getOauthConsumerKey()));
      prepStmt.setString(
          5, tokenPersistenceProcessor.getProcessedToken(oauthAppDO.getOauthConsumerSecret()));

      int count = prepStmt.executeUpdate();
      if (log.isDebugEnabled()) {
        log.debug("No. of records updated for updating consumer application. : " + count);
      }
      connection.commit();

    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error(
          "Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries.UPDATE_CONSUMER_APP);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException("Error updating the consumer application.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
    }
  }
Esempio n. 4
0
  public OAuthAppDO getAppInformation(String consumerKey)
      throws InvalidOAuthClientException, IdentityOAuth2Exception {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    ResultSet rSet = null;
    OAuthAppDO oauthApp = null;

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO);
      prepStmt.setString(1, tokenPersistenceProcessor.getProcessedToken(consumerKey));

      rSet = prepStmt.executeQuery();
      List<OAuthAppDO> oauthApps = new ArrayList<OAuthAppDO>();
      /**
       * We need to determine whether the result set has more than 1 row. Meaning, we found an
       * application for the given consumer key. There can be situations where a user passed a key
       * which doesn't yet have an associated application. We need to barf with a meaningful error
       * message for this case
       */
      boolean rSetHasRows = false;
      while (rSet.next()) {
        // There is at least one application associated with a given key
        rSetHasRows = true;
        if (rSet.getString(4) != null && rSet.getString(4).length() > 0) {
          oauthApp = new OAuthAppDO();
          oauthApp.setOauthConsumerKey(consumerKey);
          oauthApp.setOauthConsumerSecret(
              tokenPersistenceProcessor.getPreprocessedToken(rSet.getString(1)));
          oauthApp.setUserName(rSet.getString(2));
          oauthApp.setApplicationName(rSet.getString(3));
          oauthApp.setOauthVersion(rSet.getString(4));
          oauthApp.setCallbackUrl(rSet.getString(5));
          oauthApp.setTenantId(rSet.getInt(6));
          oauthApp.setGrantTypes(rSet.getString(7));
          oauthApps.add(oauthApp);
        }
      }
      if (!rSetHasRows) {
        /**
         * We come here because user submitted a key that doesn't have any associated application
         * with it. We're throwing an error here because we cannot continue without this info.
         * Otherwise it'll throw a null values not supported error when it tries to cache this info
         */
        String message =
            "Cannot find an application associated with the given consumer key : " + consumerKey;
        log.debug(message);
        throw new InvalidOAuthClientException(message);
      }
    } catch (IdentityException e) {
      log.debug(e.getMessage(), e);
      throw new IdentityOAuth2Exception(e.getMessage());
    } catch (SQLException e) {
      log.debug(e.getMessage(), e);
      throw new IdentityOAuth2Exception(e.getMessage());
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt);
    }
    return oauthApp;
  }
Esempio n. 5
0
  public OAuthAppDO[] getOAuthConsumerAppsOfUser(String username, int tenantId)
      throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    ResultSet rSet = null;
    OAuthAppDO[] oauthAppsOfUser;
    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APPS_OF_USER);
      prepStmt.setString(1, username);
      prepStmt.setInt(2, tenantId);

      rSet = prepStmt.executeQuery();
      List<OAuthAppDO> oauthApps = new ArrayList<OAuthAppDO>();
      while (rSet.next()) {
        if (rSet.getString(3) != null && rSet.getString(3).length() > 0) {
          OAuthAppDO oauthApp = new OAuthAppDO();
          oauthApp.setUserName(username);
          oauthApp.setTenantId(tenantId);
          oauthApp.setOauthConsumerKey(
              tokenPersistenceProcessor.getPreprocessedToken(rSet.getString(1)));
          oauthApp.setOauthConsumerSecret(
              tokenPersistenceProcessor.getPreprocessedToken(rSet.getString(2)));
          oauthApp.setApplicationName(rSet.getString(3));
          oauthApp.setOauthVersion(rSet.getString(4));
          oauthApp.setCallbackUrl(rSet.getString(5));
          oauthApp.setGrantTypes(rSet.getString(6));
          oauthApps.add(oauthApp);
        }
      }
      oauthAppsOfUser = oauthApps.toArray(new OAuthAppDO[oauthApps.size()]);
    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error(
          "Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries.GET_APPS_OF_USER);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException(
          "Error when reading the application information from the persistence store.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt);
    }
    return oauthAppsOfUser;
  }
Esempio n. 6
0
  public void addOAuthApplication(OAuthAppDO consumerAppDO) throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;

    if (!isDuplicateApplication(
        consumerAppDO.getUserName(), consumerAppDO.getTenantId(), consumerAppDO)) {
      try {
        connection = JDBCPersistenceManager.getInstance().getDBConnection();
        prepStmt = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_APP);
        prepStmt.setString(
            1, tokenPersistenceProcessor.getProcessedToken(consumerAppDO.getOauthConsumerKey()));
        prepStmt.setString(
            2, tokenPersistenceProcessor.getProcessedToken(consumerAppDO.getOauthConsumerSecret()));
        prepStmt.setString(3, consumerAppDO.getUserName());
        prepStmt.setInt(4, consumerAppDO.getTenantId());
        prepStmt.setString(5, consumerAppDO.getApplicationName());
        prepStmt.setString(6, consumerAppDO.getOauthVersion());
        prepStmt.setString(7, consumerAppDO.getCallbackUrl());
        prepStmt.setString(8, consumerAppDO.getGrantTypes());
        prepStmt.execute();
        connection.commit();

      } catch (IdentityException e) {
        String errorMsg = "Error when getting an Identity Persistence Store instance.";
        log.error(errorMsg, e);
        throw new IdentityOAuthAdminException(errorMsg, e);
      } catch (SQLException e) {
        log.error(
            "Error when executing the SQL : " + SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_APP);
        log.error(e.getMessage(), e);
        throw new IdentityOAuthAdminException(
            "Error when adding a new OAuth consumer application.");
      } finally {
        IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
      }
    } else {
      throw new IdentityOAuthAdminException(
          "Error when adding the consumer application. "
              + "An application with the same name already exists.");
    }
  }
Esempio n. 7
0
  public String[] addOAuthConsumer(String username, int tenantId)
      throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    String sqlStmt = null;
    String consumerKey;
    String consumerSecret = OAuthUtil.getRandomNumber();

    do {
      consumerKey = OAuthUtil.getRandomNumber();
    } while (isDuplicateConsumer(consumerKey));

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      sqlStmt = SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_CONSUMER;
      prepStmt = connection.prepareStatement(sqlStmt);
      prepStmt.setString(1, consumerKey);
      prepStmt.setString(2, consumerSecret);
      prepStmt.setString(3, username);
      prepStmt.setInt(4, tenantId);
      // it is assumed that the OAuth version is 1.0a because this is required with OAuth 1.0a
      prepStmt.setString(5, OAuthConstants.OAuthVersions.VERSION_1A);
      prepStmt.execute();

      connection.commit();

    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error("Error when executing the SQL : " + sqlStmt);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException("Error when adding a new OAuth consumer.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt);
    }
    return new String[] {consumerKey, consumerSecret};
  }
Esempio n. 8
0
  private boolean isDuplicateApplication(String username, int tenantId, OAuthAppDO consumerAppDTO)
      throws IdentityOAuthAdminException {
    Connection connection = null;
    PreparedStatement prepStmt = null;
    ResultSet rSet = null;

    boolean isDuplicateApp = false;

    try {
      connection = JDBCPersistenceManager.getInstance().getDBConnection();
      prepStmt =
          connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_APPLICATION);
      prepStmt.setString(1, username);
      prepStmt.setInt(2, tenantId);
      prepStmt.setString(3, consumerAppDTO.getApplicationName());

      rSet = prepStmt.executeQuery();
      if (rSet.next()) {
        isDuplicateApp = true;
      }
    } catch (IdentityException e) {
      String errorMsg = "Error when getting an Identity Persistence Store instance.";
      log.error(errorMsg, e);
      throw new IdentityOAuthAdminException(errorMsg, e);
    } catch (SQLException e) {
      log.error(
          "Error when executing the SQL : "
              + SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_APPLICATION);
      log.error(e.getMessage(), e);
      throw new IdentityOAuthAdminException(
          "Error when reading the application information from the persistence store.");
    } finally {
      IdentityDatabaseUtil.closeAllConnections(connection, rSet, prepStmt);
    }
    return isDuplicateApp;
  }
  /** @param ctxt */
  protected void activate(ComponentContext ctxt) {
    IdentityTenantUtil.setBundleContext(ctxt.getBundleContext());
    if (log.isDebugEnabled()) {
      log.debug("Identity Core bundle is activated");
    }
    try {
      IdentityUtil.populateProperties();
      bundleContext = ctxt.getBundleContext();

      // Identity database schema creation can be avoided by setting
      // JDBCPersistenceManager.SkipDBSchemaCreation property to "true".
      String skipSchemaCreation =
          IdentityUtil.getProperty(IdentityConstants.ServerConfig.SKIP_DB_SCHEMA_CREATION);

      // initialize the identity persistence manager, if it is not already initialized.
      JDBCPersistenceManager jdbcPersistenceManager = JDBCPersistenceManager.getInstance();
      if (("true".equals(skipSchemaCreation))) {
        // This ideally should be an info log but in API Manager it could be confusing to say
        // DB initialization was skipped, because DB initialization is done by apimgt components
        if (log.isDebugEnabled()) {
          log.debug(
              "Identity Provider Database initialization attempt was skipped since '"
                  + IdentityConstants.ServerConfig.SKIP_DB_SCHEMA_CREATION
                  + "' property has been set to \'true\'");
        }
      } else if (System.getProperty("setup") == null) {
        if (log.isDebugEnabled()) {
          log.debug(
              "Identity Database schema initialization check was skipped since "
                  + "\'setup\' variable was not given during startup");
        }
      } else {
        jdbcPersistenceManager.initializeDatabase();
      }

      // initialize um persistence manager and retrieve the user management datasource.
      UmPersistenceManager.getInstance();

      String migrate = System.getProperty("migrate");
      String migrateIdentityDB = System.getProperty("migrateIdentityDB");
      String migrateIdentityData = System.getProperty("migrateIdentityData");
      String migrateUMDB = System.getProperty("migrateUMDB");
      String migrateUMData = System.getProperty("migrateUMData");
      String migrateIdentityDBFinalize = System.getProperty("migrateIdentityDBFinalize");
      String component = System.getProperty("component");

      try {
        if (component != null && component.contains("identity")) {
          if (Boolean.parseBoolean(migrate)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("databaseMigration").invoke(c.newInstance());
            log.info("Migrated the identity and user management databases");
          } else if (Boolean.parseBoolean(migrateIdentityDB)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("migrateIdentityDB").invoke(c.newInstance());
            log.info("Migrated the identity database");
          } else if (Boolean.parseBoolean(migrateUMDB)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("migrateUMDB").invoke(c.newInstance());
            log.info("Migrated the user management database");
          } else if (Boolean.parseBoolean(migrateIdentityData)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("migrateIdentityData").invoke(c.newInstance());
            log.info("Migrated the identity data");
          } else if (Boolean.parseBoolean(migrateUMData)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("migrateUMData").invoke(c.newInstance());
            log.info("Migrated the user management data");
          } else if (Boolean.parseBoolean(migrateIdentityDBFinalize)) {
            Class<?> c = Class.forName(MIGRATION_CLIENT_CLASS_NAME);
            c.getMethod("migrateIdentityDBFinalize").invoke(c.newInstance());
            log.info("Finalized the identity database");
          }
        }
      } catch (Exception e) {
        if (log.isDebugEnabled()) {
          log.debug("Migration client is not available");
        }
      }

      // this is done to initialize primary key store
      try {
        KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID).getPrimaryKeyStore();
      } catch (Exception e) {
        log.error("Error while initializing primary key store.", e);
      }

      // Register initialize service To guarantee the activation order. Component which is referring
      // this
      // service will wait until this component activated.
      ctxt.getBundleContext()
          .registerService(
              IdentityCoreInitializedEvent.class.getName(),
              new IdentityCoreInitializedEventImpl(),
              null);

    } catch (Throwable e) {
      log.error("Error occurred while populating identity configuration properties", e);
    }
  }