Skip to content

Commit

Permalink
Merge branch 'mosip:develop' into develop
Browse files Browse the repository at this point in the history
  • Loading branch information
kaifk468 authored Oct 13, 2023
2 parents 32a8c4a + 46977be commit 15ff0ac
Show file tree
Hide file tree
Showing 33 changed files with 288 additions and 126 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ public io.mosip.esignet.core.dto.ClientDetail getClientDetails(String clientId)

@CacheEvict(value = Constants.CLIENT_DETAIL_CACHE, key = "#clientDetailCreateRequestV2.getClientId()")
@Override
public ClientDetailResponse createOIDCClientV2(ClientDetailCreateRequestV2 clientDetailCreateRequestV2) throws EsignetException {
public ClientDetailResponse createOAuthClient(ClientDetailCreateRequestV2 clientDetailCreateRequestV2) throws EsignetException {
Optional<ClientDetail> result = clientDetailRepository.findById(clientDetailCreateRequestV2.getClientId());
if (result.isPresent()) {
log.error("Duplicate Client Id : {}", ErrorConstants.DUPLICATE_CLIENT_ID);
Expand All @@ -224,14 +224,14 @@ public ClientDetailResponse createOIDCClientV2(ClientDetailCreateRequestV2 clien
}

auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
Action.OIDC_CLIENT_CREATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(clientDetailCreateRequestV2.getClientId()), null);
Action.OAUTH_CLIENT_CREATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(clientDetailCreateRequestV2.getClientId()), null);

return getClientDetailResponse(clientDetail);
}

@CacheEvict(value = Constants.CLIENT_DETAIL_CACHE, key = "#clientId")
@Override
public ClientDetailResponse updateOIDCClientV2(String clientId, ClientDetailUpdateRequestV2 clientDetailUpdateRequestV2) throws EsignetException {
public ClientDetailResponse updateOAuthClient(String clientId, ClientDetailUpdateRequestV2 clientDetailUpdateRequestV2) throws EsignetException {
Optional<ClientDetail> result = clientDetailRepository.findById(clientId);
if (!result.isPresent()) {
log.error("Invalid Client Id : {}", ErrorConstants.INVALID_CLIENT_ID);
Expand All @@ -249,7 +249,7 @@ public ClientDetailResponse updateOIDCClientV2(String clientId, ClientDetailUpda
clientDetail = clientDetailRepository.save(clientDetail);

auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
Action.OIDC_CLIENT_UPDATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(clientId), null);
Action.OAUTH_CLIENT_UPDATE, ActionStatus.SUCCESS, AuditHelper.buildAuditDto(clientId), null);

return getClientDetailResponse(clientDetail);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ public void createClientV2_withValidDetail_thenPass() throws Exception {
entity.setId("mock_id_v1");
entity.setStatus("active");
Mockito.when(clientDetailRepository.save(Mockito.any(ClientDetail.class))).thenReturn(entity);
ClientDetailResponse clientDetailResponse = clientManagementService.createOIDCClientV2(clientCreateV2ReqDto);
ClientDetailResponse clientDetailResponse = clientManagementService.createOAuthClient(clientCreateV2ReqDto);
Assert.assertNotNull(clientDetailResponse);
Assert.assertTrue(clientDetailResponse.getClientId().equals("mock_id_v1"));
Assert.assertTrue(clientDetailResponse.getStatus().equals("active"));
Expand All @@ -128,7 +128,7 @@ public void createClientV2_withExistingClientId_thenFail() {
ClientDetailCreateRequestV2 clientCreateV2ReqDto = new ClientDetailCreateRequestV2();
clientCreateV2ReqDto.setClientId("client_id_v1");
try {
clientManagementService.createOIDCClientV2(clientCreateV2ReqDto);
clientManagementService.createOAuthClient(clientCreateV2ReqDto);
} catch (EsignetException ex) {
Assert.assertEquals(ex.getErrorCode(), ErrorConstants.DUPLICATE_CLIENT_ID);
}
Expand Down Expand Up @@ -180,7 +180,7 @@ public void updateClient_withValidClientId_thenPass() throws EsignetException {
public void updateClientV2_withNonExistingClientId_thenFail() {
Mockito.when(clientDetailRepository.findById("client_id_v1")).thenReturn(Optional.empty());
try {
clientManagementService.updateOIDCClientV2("client_id_v1", null);
clientManagementService.updateOAuthClient("client_id_v1", null);
} catch (EsignetException ex) {
Assert.assertEquals(ex.getErrorCode(), ErrorConstants.INVALID_CLIENT_ID);
}
Expand Down Expand Up @@ -213,7 +213,7 @@ public void updateClientV2_withValidClientId_thenPass() throws EsignetException
entity.setId("client_id_v1");
entity.setStatus("inactive");
Mockito.when(clientDetailRepository.save(Mockito.any(ClientDetail.class))).thenReturn(entity);
ClientDetailResponse clientDetailResponse = clientManagementService.updateOIDCClientV2("client_id_v1", updateV2Request);
ClientDetailResponse clientDetailResponse = clientManagementService.updateOAuthClient("client_id_v1", updateV2Request);
Assert.assertNotNull(clientDetailResponse);
Assert.assertTrue(clientDetailResponse.getClientId().equals("client_id_v1"));
Assert.assertTrue(clientDetailResponse.getStatus().equals("inactive"));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,4 @@ public class ErrorConstants {
public static final String PROOF_HEADER_INVALID_ALG = "proof_header_invalid_alg";
public static final String PROOF_HEADER_INVALID_KEY = "proof_header_invalid_key";
public static final String PROOF_HEADER_AMBIGUOUS_KEY = "proof_header_ambiguous_key";
public static final String PROOF_INVALID_ISS = "proof_invalid_iss";
public static final String PROOF_INVALID_AUD = "proof_invalid_aud";
public static final String PROOF_INVALID_IAT = "proof_invalid_iat";
public static final String PROOF_INVALID_NONCE = "proof_invalid_nonce";
}
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ public interface ClientManagementService {
* @return
* @throws EsignetException
*/
ClientDetailResponse createOIDCClientV2(ClientDetailCreateRequestV2 clientDetailCreateRequestV2) throws EsignetException;
ClientDetailResponse createOAuthClient(ClientDetailCreateRequestV2 clientDetailCreateRequestV2) throws EsignetException;

/**
* API to update registered relying party client version 2
Expand All @@ -59,6 +59,6 @@ public interface ClientManagementService {
* @return
* @throws EsignetException
*/
ClientDetailResponse updateOIDCClientV2(String clientId, ClientDetailUpdateRequestV2 clientDetailUpdateRequestV2) throws EsignetException;
ClientDetailResponse updateOAuthClient(String clientId, ClientDetailUpdateRequestV2 clientDetailUpdateRequestV2) throws EsignetException;

}
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,6 @@ public interface OAuthService {
* @return list of all the keys used to sign access-token, id-token and user kyc data
*/
Map<String, Object> getJwks();

Map<String, Object> getOAuthServerDiscoveryInfo();
}
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
public enum Action {
OIDC_CLIENT_CREATE,
OIDC_CLIENT_UPDATE,
OAUTH_CLIENT_CREATE,
OAUTH_CLIENT_UPDATE,
GET_OAUTH_DETAILS,
TRANSACTION_STARTED,
SEND_OTP,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -86,30 +86,30 @@ public ResponseWrapper<ClientDetailResponse> updateClient(@Valid @PathVariable("
return response;
}

@PostMapping(value = "/client-mgmt/v2/oidc-client", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseWrapper<ClientDetailResponse> createClientV2(@Valid @RequestBody RequestWrapper<ClientDetailCreateRequestV2> requestWrapper) throws Exception {
@PostMapping(value = "/client-mgmt/oauth-client", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseWrapper<ClientDetailResponse> createOAuthClient(@Valid @RequestBody RequestWrapper<ClientDetailCreateRequestV2> requestWrapper) throws Exception {
ResponseWrapper response = new ResponseWrapper<ClientDetailResponse>();
try {
response.setResponse(clientManagementService.createOIDCClientV2(requestWrapper.getRequest()));
response.setResponse(clientManagementService.createOAuthClient(requestWrapper.getRequest()));
} catch (EsignetException ex) {
auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
Action.OIDC_CLIENT_CREATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getClientId()), ex);
Action.OAUTH_CLIENT_CREATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getClientId()), ex);
throw ex;
}
response.setResponseTime(IdentityProviderUtil.getUTCDateTime());
return response;
}


@PutMapping(value = "/client-mgmt/v2/oidc-client/{client_id}", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseWrapper<ClientDetailResponse> updateClientV2(@Valid @PathVariable("client_id") String clientId,
@PutMapping(value = "/client-mgmt/oauth-client/{client_id}", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseWrapper<ClientDetailResponse> updateOAuthClient(@Valid @PathVariable("client_id") String clientId,
@Valid @RequestBody RequestWrapper<ClientDetailUpdateRequestV2> requestWrapper) throws Exception {
ResponseWrapper response = new ResponseWrapper<ClientDetailResponse>();
try {
response.setResponse(clientManagementService.updateOIDCClientV2(clientId, requestWrapper.getRequest()));
response.setResponse(clientManagementService.updateOAuthClient(clientId, requestWrapper.getRequest()));
} catch (EsignetException ex) {
auditWrapper.logAudit(AuditHelper.getClaimValue(SecurityContextHolder.getContext(), claimName),
Action.OIDC_CLIENT_UPDATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(clientId), ex);
Action.OAUTH_CLIENT_UPDATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(clientId), ex);
throw ex;
}
response.setResponseTime(IdentityProviderUtil.getUTCDateTime());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,11 @@ public Map<String, Object> getAllJwks() {
return oAuthService.getJwks();
}

@GetMapping("/.well-known/oauth-authorization-server")
public Map<String, Object> getOAuthServerDiscoveryInfo() {
return oAuthService.getOAuthServerDiscoveryInfo();
}


private TokenRequest buildTokenRequest(MultiValueMap<String,String> paramMap) {
TokenRequest tokenRequest = new TokenRequest();
Expand Down
24 changes: 17 additions & 7 deletions esignet-service/src/main/resources/application-dev.properties
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,8 @@ mosip.esignet.supported.client.assertion.types={'urn:ietf:params:oauth:client-as
## Type of the client authentication methods for token endpoint
mosip.esignet.supported.client.auth.methods={'private_key_jwt'}

## JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported
mosip.esignet.supported-pkce-methods={'S256'}

## ---------------------------------------- Cache configuration --------------------------------------------------------

Expand All @@ -137,15 +139,24 @@ mosip.esignet.cache.expire-in-seconds={'clientdetails' : 86400, 'preauth': 180,
'authcodegenerated': 60, 'userinfo': ${mosip.esignet.access-token.expire.seconds}, 'linkcodegenerated' : ${mosip.esignet.link-code-expire-in-secs}, \
'linked': 60 , 'linkedcode': ${mosip.esignet.link-code-expire-in-secs}, 'linkedauth' : ${mosip.esignet.authentication-expire-in-secs}, 'consented': 120 }
## ------------------------------------------ Discovery openid-configuration -------------------------------------------

mosipbox.public.url=http://localhost:8088
mosip.esignet.discovery.issuer-id=${mosipbox.public.url}${server.servlet.path}

mosip.esignet.discovery.key-values={'issuer': '${mosip.esignet.discovery.issuer-id}' ,\
mosip.esignet.oauth.key-values={'issuer': '${mosipbox.public.url}' ,\
\ 'authorization_endpoint': '${mosipbox.public.url}${server.servlet.path}/authorize' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' ,\
\ 'userinfo_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oidc/userinfo' , \
\ 'introspection_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oauth/introspect' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' , \
\ 'jwks_uri' : '${mosipbox.public.url}${server.servlet.path}/oauth/jwks.json' , \
\ 'token_endpoint_auth_methods_supported' : ${mosip.esignet.supported.client.auth.methods}, \
\ 'token_endpoint_auth_signing_alg_values_supported' : {'RS256'},\
\ 'scopes_supported' : ${mosip.esignet.supported.openid.scopes}, \
\ 'response_modes_supported' : { 'query' }, \
\ 'grant_types_supported' : ${mosip.esignet.supported.grant.types},\
\ 'response_types_supported' : ${mosip.esignet.supported.response.types}}

mosip.esignet.discovery.key-values={'issuer': '${mosipbox.public.url}' ,\
\ 'authorization_endpoint': '${mosipbox.public.url}${server.servlet.path}/authorize' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' ,\
\ 'userinfo_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oidc/userinfo' ,\
\ 'scopes_supported' : ${mosip.esignet.supported.openid.scopes}, \
\ 'response_types_supported' : ${mosip.esignet.supported.response.types}, \
\ 'response_modes_supported' : { 'query' }, \
Expand All @@ -161,8 +172,7 @@ mosip.esignet.discovery.key-values={'issuer': '${mosip.esignet.discovery.issuer-
\ 'subject_types_supported' : { 'pairwise' }, \
\ 'claims_supported' : {'iss','sub','acr','name','given_name','middle_name','preferred_username','picture','gender','birthdate','locale','nickname', 'family_name','zoneinfo', 'updated_at','address', 'email','email_verified', 'phone_number','phone_number_verified'}, \
\ 'acr_values_supported' : {},\
\ 'request_parameter_supported' : false, \
\ 'ui_locales_supported' : {} }
\ 'request_parameter_supported' : false }

##----------------------------------------- Database properties --------------------------------------------------------

Expand Down
25 changes: 17 additions & 8 deletions esignet-service/src/main/resources/application-local.properties
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ mosip.esignet.link-code-expire-in-secs=60
mosip.esignet.authentication-expire-in-secs=60
mosip.esignet.cnonce-expire-seconds=20

mosip.esignet.supported-pkce-methods={'S256'}

mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authorization/send-otp', \
'${server.servlet.path}/authorization/authenticate', \
'${server.servlet.path}/authorization/auth-code'}
Expand Down Expand Up @@ -118,6 +116,9 @@ mosip.esignet.supported.client.assertion.types={'urn:ietf:params:oauth:client-as
## Type of the client authentication methods for token endpoint
mosip.esignet.supported.client.auth.methods={'private_key_jwt'}

## JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported
mosip.esignet.supported-pkce-methods={'S256'}


## ---------------------------------------- Cache configuration --------------------------------------------------------

Expand Down Expand Up @@ -147,12 +148,21 @@ mosip.esignet.cache.expire-in-seconds={'clientdetails' : 86400, 'preauth': 180,
mosipbox.public.url=http://localhost:8088
mosip.esignet.discovery.issuer-id=${mosipbox.public.url}${server.servlet.path}

mosip.esignet.discovery.key-values={'issuer': '${mosip.esignet.discovery.issuer-id}' ,\
mosip.esignet.oauth.key-values={'issuer': '${mosipbox.public.url}' ,\
\ 'authorization_endpoint': '${mosipbox.public.url}${server.servlet.path}/authorize' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' ,\
\ 'userinfo_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oidc/userinfo' , \
\ 'introspection_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oauth/introspect' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' , \
\ 'jwks_uri' : '${mosipbox.public.url}${server.servlet.path}/oauth/jwks.json' , \
\ 'token_endpoint_auth_methods_supported' : ${mosip.esignet.supported.client.auth.methods}, \
\ 'token_endpoint_auth_signing_alg_values_supported' : {'RS256'},\
\ 'scopes_supported' : ${mosip.esignet.supported.openid.scopes}, \
\ 'response_modes_supported' : { 'query' }, \
\ 'grant_types_supported' : ${mosip.esignet.supported.grant.types},\
\ 'response_types_supported' : ${mosip.esignet.supported.response.types}}

mosip.esignet.discovery.key-values={'issuer': '${mosipbox.public.url}' ,\
\ 'authorization_endpoint': '${mosipbox.public.url}${server.servlet.path}/authorize' , \
\ 'token_endpoint': '${mosipbox.public.url}${server.servlet.path}/oauth/token' ,\
\ 'userinfo_endpoint' : '${mosipbox.public.url}${server.servlet.path}/oidc/userinfo' ,\
\ 'scopes_supported' : ${mosip.esignet.supported.openid.scopes}, \
\ 'response_types_supported' : ${mosip.esignet.supported.response.types}, \
\ 'response_modes_supported' : { 'query' }, \
Expand All @@ -168,8 +178,7 @@ mosip.esignet.discovery.key-values={'issuer': '${mosip.esignet.discovery.issuer-
\ 'subject_types_supported' : { 'pairwise' }, \
\ 'claims_supported' : {'iss','sub','acr','name','given_name','middle_name','preferred_username','picture','gender','birthdate','locale','nickname', 'family_name','zoneinfo', 'updated_at','address', 'email','email_verified', 'phone_number','phone_number_verified'}, \
\ 'acr_values_supported' : {},\
\ 'request_parameter_supported' : false, \
\ 'ui_locales_supported' : {} }
\ 'request_parameter_supported' : false }

##----------------------------------------- Database properties --------------------------------------------------------

Expand Down
11 changes: 11 additions & 0 deletions esignet-service/src/main/resources/logback.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<configuration>
<springProperty scope="context" name="appName" source="spring.application.name"/>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="net.logstash.logback.encoder.LogstashEncoder"/>
</appender>

<root level="INFO">
<appender-ref ref="STDOUT" />
</root>

</configuration>
Original file line number Diff line number Diff line change
Expand Up @@ -233,15 +233,15 @@ public void setup() throws Exception {
@Test
public void testClientManagementEndpoints() throws Exception {
if(this.clientDetailCreateRequestV2 != null) {
ResultActions createResultActions = mockMvc.perform(post("/client-mgmt/v2/oidc-client")
ResultActions createResultActions = mockMvc.perform(post("/client-mgmt/oauth-client")
.contentType(MediaType.APPLICATION_JSON_UTF8)
.content(getRequestWrapper(this.clientDetailCreateRequestV2)));
evaluateResultActions(createResultActions, this.clientDetailCreateRequestV2.getClientId(),
Constants.CLIENT_ACTIVE_STATUS, this.errorCode);
}

if(this.clientDetailUpdateRequestV2 != null) {
ResultActions updateResultActions = mockMvc.perform(put("/client-mgmt/v2/oidc-client/"+this.clientIdQueryParam)
ResultActions updateResultActions = mockMvc.perform(put("/client-mgmt/oauth-client/"+this.clientIdQueryParam)
.contentType(MediaType.APPLICATION_JSON_UTF8)
.content(getRequestWrapper(this.clientDetailUpdateRequestV2)));
evaluateResultActions(updateResultActions, this.clientIdQueryParam,
Expand Down
Loading

0 comments on commit 15ff0ac

Please sign in to comment.