Skip to content

Commit

Permalink
Add code review changes to internal revocations
Browse files Browse the repository at this point in the history
  • Loading branch information
@Lakith-Rambukkanage
Lakith-Rambukkanage committed Oct 18, 2023
1 parent 3ea5ec7 commit 57db5cf
Show file tree
Hide file tree
Showing 25 changed files with 346 additions and 343 deletions.
12 changes: 6 additions & 6 deletions ...gt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/dto/RevokedJWTConsumerKeyDTO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,10 @@ public class RevokedJWTConsumerKeyDTO {

@SerializedName("consumer_key")
private String consumerKey;
@SerializedName("is_revoke_app_only")
private boolean isRevokedAppOnly;
@SerializedName("revocation_time")
private Long revocationTime;
@SerializedName("organization")
private String organization;

public void setRevocationTime(Long revocationTime) {
this.revocationTime = revocationTime;
Expand All @@ -49,11 +49,11 @@ public void setConsumerKey(String consumerKey) {
this.consumerKey = consumerKey;
}

public boolean isRevokedAppOnly() {
return isRevokedAppOnly;
public String getOrganization() {
return organization;
}

public void setRevokedAppOnly(boolean revokedAppOnly) {
isRevokedAppOnly = revokedAppOnly;
public void setOrganization(String organization) {
this.organization = organization;
}
}
32 changes: 26 additions & 6 deletions ...on.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/dto/RevokedJWTUserDTO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,29 @@
*/
public class RevokedJWTUserDTO {

@SerializedName("user_uuid")
private String userUUID;
@SerializedName("subject_id")
private String subjectId;
@SerializedName("subject_id_type")
private String subjectIdType;
@SerializedName("revocation_time")
private Long revocationTime;
@SerializedName("organization")
private String organization;

public String getUserUUID() {
return userUUID;
public String getSubjectId() {
return subjectId;
}

public void setUserUUID(String userUUID) {
this.userUUID = userUUID;
public void setSubjectId(String subjectId) {
this.subjectId = subjectId;
}

public String getSubjectIdType() {
return subjectIdType;
}

public void setSubjectIdType(String subjectIdType) {
this.subjectIdType = subjectIdType;
}

public Long getRevocationTime() {
Expand All @@ -45,4 +57,12 @@ public Long getRevocationTime() {
public void setRevocationTime(Long revocationTime) {
this.revocationTime = revocationTime;
}

public String getOrganization() {
return organization;
}

public void setOrganization(String organization) {
this.organization = organization;
}
}
19 changes: 0 additions & 19 deletions ...gateway/src/main/java/org/wso2/carbon/apimgt/gateway/internal/ServiceReferenceHolder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,6 @@
import org.wso2.carbon.apimgt.impl.jwt.JWTValidationService;
import org.wso2.carbon.apimgt.impl.keymgt.KeyManagerDataService;
import org.wso2.carbon.apimgt.impl.throttling.APIThrottleDataService;
import org.wso2.carbon.apimgt.impl.token.RevokedConsumerKeyEventService;
import org.wso2.carbon.apimgt.impl.token.RevokedUserEventService;
import org.wso2.carbon.apimgt.impl.token.RevokedTokenService;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.impl.webhooks.SubscriptionsDataService;
Expand Down Expand Up @@ -110,8 +108,6 @@ public ThrottleDataHolder getThrottleDataHolder() {
}
private ArtifactRetriever artifactRetriever;
private int gatewayCount = 1;
private RevokedConsumerKeyEventService revokedConsumerKeyEventService;
private RevokedUserEventService revokedUserEventService;

private ServiceReferenceHolder() {

Expand Down Expand Up @@ -423,21 +419,6 @@ public void setRedisPool(JedisPool redisPool) {
this.redisPool = redisPool;
}

public RevokedConsumerKeyEventService getRevokedConsumerKeyService() {
return revokedConsumerKeyEventService;
}

public void setRevokedConsumerKeyService(RevokedConsumerKeyEventService revokedConsumerKeyEventService) {
this.revokedConsumerKeyEventService = revokedConsumerKeyEventService;
}

public RevokedUserEventService getRevokedUserEventService() {
return revokedUserEventService;
}

public void setRevokedUserEventService(RevokedUserEventService revokedUserEventService) {
this.revokedUserEventService = revokedUserEventService;
}
public AnalyticsCustomDataProvider getAnalyticsCustomDataProvider() {
return analyticsCustomDataProvider;
}
Expand Down
33 changes: 15 additions & 18 deletions ...ateway/src/main/java/org/wso2/carbon/apimgt/gateway/jwt/InternalRevokedJWTDataHolder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ private InternalRevokedJWTDataHolder() {

/**
* This method can be used to get the singleton instance of this class.
*
* @return the singleton instance.
*/
public static InternalRevokedJWTDataHolder getInstance() {
Expand All @@ -59,13 +60,12 @@ public void addInternalRevokedJWTClientIDToMap(String consumerKey, Long revocati

public boolean isJWTTokenClientIdExistsInRevokedMap(String consumerKey, Long jwtGeneratedTimestamp) {

if (internalRevokedConsumerKeyMap.containsKey(consumerKey)) {
Long jwtRevokedTime = internalRevokedConsumerKeyMap.get(consumerKey);
Long jwtRevokedTime = internalRevokedConsumerKeyMap.get(consumerKey);

if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}
if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
jwtRevokedTimestamp.toLocalDateTime();
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}
return false;
}
Expand All @@ -81,14 +81,13 @@ public void addInternalRevokedJWTClientIDToAppOnlyMap(String consumerKey, Long r

public boolean isJWTTokenClientIdExistsInRevokedAppOnlyMap(String consumerKey, Long jwtGeneratedTimestamp) {

if (internalRevokedConsumerKeyAppOnlyMap.containsKey(consumerKey)) {
Long jwtRevokedTime = internalRevokedConsumerKeyAppOnlyMap.get(consumerKey);
Long jwtRevokedTime = internalRevokedConsumerKeyAppOnlyMap.get(consumerKey);

if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}
if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}

return false;
}

Expand All @@ -103,13 +102,11 @@ public void addInternalRevokedJWTUserIDToMap(String userUUID, Long revocationTim

public boolean isJWTTokenUserIdExistsInRevokedMap(String user, Long jwtGeneratedTimestamp) {

if (internalRevokedUserEventRuleMap.containsKey(user)) {
Long jwtRevokedTime = internalRevokedUserEventRuleMap.get(user);
Long jwtRevokedTime = internalRevokedUserEventRuleMap.get(user);

if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}
if (jwtRevokedTime != null) {
Timestamp jwtRevokedTimestamp = new Timestamp(jwtRevokedTime);
return jwtRevokedTimestamp.after(new Timestamp(jwtGeneratedTimestamp));
}
return false;
}
Expand Down
13 changes: 3 additions & 10 deletions ...ain/java/org/wso2/carbon/apimgt/gateway/jwt/InternallyRevokedJWTConsumerKeyRetriever.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,16 +107,9 @@ private void loadRevokedJWTConsumerKeysFromWebService() {
RevokedJWTConsumerKeyDTO[] revokedJWTConsumerKeyDTOS = retrieveRevokedJWTConsumerKeysData();
if (revokedJWTConsumerKeyDTOS != null) {
for (RevokedJWTConsumerKeyDTO revokedJWTConsumerKey : revokedJWTConsumerKeyDTOS) {
if (revokedJWTConsumerKey.isRevokedAppOnly()) {
// handle user event revocations of app tokens since the 'sub' claim is client id
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTClientIDToAppOnlyMap(revokedJWTConsumerKey.getConsumerKey(),
revokedJWTConsumerKey.getRevocationTime());
} else {
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTClientIDToMap(revokedJWTConsumerKey.getConsumerKey(),
revokedJWTConsumerKey.getRevocationTime());
}
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTClientIDToMap(revokedJWTConsumerKey.getConsumerKey(),
revokedJWTConsumerKey.getRevocationTime());
if (log.isDebugEnabled()) {
log.debug("JWT signature : " + revokedJWTConsumerKey.getConsumerKey()
+ " added to the revoke map.");
Expand Down
14 changes: 10 additions & 4 deletions ...in/java/org/wso2/carbon/apimgt/gateway/jwt/InternallyRevokedRuleByUserEventRetriever.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,17 @@ private void loadRevokedJWTUsersFromWebService() {
RevokedJWTUserDTO[] revokedJWTUserDTOs = retrieveRevokedJWTUsersData();
if (revokedJWTUserDTOs != null) {
for (RevokedJWTUserDTO revokedJWTUserDTO : revokedJWTUserDTOs) {
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTUserIDToMap(revokedJWTUserDTO.getUserUUID(),
revokedJWTUserDTO.getRevocationTime());
if ("USER_ID".equals(revokedJWTUserDTO.getSubjectIdType())) {
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTUserIDToMap(revokedJWTUserDTO.getSubjectId(),
revokedJWTUserDTO.getRevocationTime());
} else if ("CLIENT_ID".equals(revokedJWTUserDTO.getSubjectIdType())) {
InternalRevokedJWTDataHolder.getInstance().
addInternalRevokedJWTClientIDToAppOnlyMap(revokedJWTUserDTO.getSubjectId(),
revokedJWTUserDTO.getRevocationTime());
}
if (log.isDebugEnabled()) {
log.debug("User uuid : " + revokedJWTUserDTO.getUserUUID()
log.debug("Subject Id : " + revokedJWTUserDTO.getSubjectId()
+ " added to the user event revoke map.");
}
}
Expand Down
24 changes: 14 additions & 10 deletions .../java/org/wso2/carbon/apimgt/gateway/listeners/GatewayTokenRevocationMessageListener.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.gateway.jwt.InternalRevokedJWTDataHolder;
import org.wso2.carbon.apimgt.impl.APIConstants;

import javax.jms.*;
Expand All @@ -49,14 +50,14 @@ public void onMessage(Message message) {
if (payloadData.get("type") != null && payloadData.get("type").asText()
.equals(APIConstants.NotificationEvent.INTERNAL_TOKEN_REVOCATION_CONSUMER_KEY_EVENT)) {
handleInternallyRevokedConsumerKeyMessage(payloadData.get("consumerKey").asText()
, payloadData.get("isRevokeAppOnly").asBoolean()
, payloadData.get("revocationTime").asLong(), payloadData.get("type").asText());
}

if (payloadData.get("type") != null && payloadData.get("type").asText()
.equals(APIConstants.NotificationEvent.INTERNAL_TOKEN_REVOCATION_USER_EVENT)) {
handleInternallyRevokedUserEventMessage(payloadData.get("userUUID").asText(),
payloadData.get("revocationTime").asLong(), payloadData.get("type").asText());
handleInternallyRevokedUserEventMessage(payloadData.get("subjectId").asText(),
payloadData.get("subjectIdType").asText(), payloadData.get("revocationTime").asLong(),
payloadData.get("type").asText());
}

if (APIConstants.TopicNames.TOPIC_TOKEN_REVOCATION.equalsIgnoreCase(jmsDestination.getTopicName())) {
Expand Down Expand Up @@ -106,18 +107,21 @@ private void handleRevokedTokenMessage(String revokedToken, long expiryTime, Str
}
}

private void handleInternallyRevokedConsumerKeyMessage(String consumerKey, boolean isRevokeAppOnly,
long revocationTime, String type) {
private void handleInternallyRevokedConsumerKeyMessage(String consumerKey, long revocationTime, String type) {
if (APIConstants.NotificationEvent.INTERNAL_TOKEN_REVOCATION_CONSUMER_KEY_EVENT.equals(type)) {
ServiceReferenceHolder.getInstance().getRevokedConsumerKeyService()
.addConsumerKeyIntoMap(consumerKey, isRevokeAppOnly, revocationTime);
InternalRevokedJWTDataHolder.getInstance().addInternalRevokedJWTClientIDToMap(consumerKey, revocationTime);
}
}

private void handleInternallyRevokedUserEventMessage(String userUUID, long revocationTime, String type) {
private void handleInternallyRevokedUserEventMessage(String subjectId, String subjectIdType,
long revocationTime, String type) {
if (APIConstants.NotificationEvent.INTERNAL_TOKEN_REVOCATION_USER_EVENT.equals(type)) {
ServiceReferenceHolder.getInstance().getRevokedUserEventService()
.addUserEventIntoMap(userUUID, revocationTime);
if ("USER_ID".equals(subjectIdType)) {
InternalRevokedJWTDataHolder.getInstance().addInternalRevokedJWTUserIDToMap(subjectId, revocationTime);
} else if ("CLIENT_ID".equals(subjectIdType)) {
InternalRevokedJWTDataHolder.getInstance().addInternalRevokedJWTClientIDToAppOnlyMap(subjectId,
revocationTime);
}
}
}
}
2 changes: 0 additions & 2 deletions ...gateway/src/main/java/org/wso2/carbon/apimgt/gateway/listeners/ServerStartupListener.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ public void completedServerStartup() {
ServiceReferenceHolder.getInstance().setAPIThrottleDataService(throttleDataServiceImpl);
ServiceReferenceHolder.getInstance().setThrottleDataHolder(throttleDataHolder);
ServiceReferenceHolder.getInstance().setRevokedTokenService(new RevokedTokenDataImpl());
ServiceReferenceHolder.getInstance().setRevokedConsumerKeyService(new RevokedConsumerKeyEventServiceImpl());
ServiceReferenceHolder.getInstance().setRevokedUserEventService(new RevokedUserEventServiceImpl());
SubscriptionsDataService subscriptionsDataService = new SubscriptionsDataServiceImpl();
ServiceReferenceHolder.getInstance().setSubscriptionsDataService(subscriptionsDataService);
log.debug("APIThrottleDataService Registered...");
Expand Down
35 changes: 0 additions & 35 deletions .../main/java/org/wso2/carbon/apimgt/gateway/service/RevokedConsumerKeyEventServiceImpl.java
View file

This file was deleted.

11 changes: 0 additions & 11 deletions ...way/src/main/java/org/wso2/carbon/apimgt/gateway/service/RevokedUserEventServiceImpl.java
View file

This file was deleted.

Loading

0 comments on commit 57db5cf

Please sign in to comment.