Skip to content

Commit

Permalink
Modified DCR Executor to make SSA an optional parameter
Browse files Browse the repository at this point in the history
  • Loading branch information
@VenukshiMendis
VenukshiMendis committed May 15, 2024
1 parent b02ea52 commit dde9fda
Show file tree
Hide file tree
Showing 9 changed files with 63 additions and 62 deletions.
4 changes: 1 addition & 3 deletions ...src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;


import static java.util.Map.Entry.comparingByKey;

/**
Expand Down Expand Up @@ -583,8 +582,7 @@ private void buildAllowedSubscriptions() {
.map(String::trim)
.collect(Collectors.toList());
allowedAPIs.put(scopeName, rolesList);
}
else if(StringUtils.isEmpty(rolesStr)) {
} else if (StringUtils.isEmpty(rolesStr)) {
allowedAPIs.put(scopeName, Collections.emptyList());
}
}
Expand Down
68 changes: 40 additions & 28 deletions ...eway/src/main/java/com/wso2/openbanking/accelerator/gateway/executor/dcr/DCRExecutor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@
import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants;
import com.wso2.openbanking.accelerator.common.error.OpenBankingErrorCodes;
import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
import com.wso2.openbanking.accelerator.common.identity.IdentityConstants;
import com.wso2.openbanking.accelerator.common.util.Generated;
import com.wso2.openbanking.accelerator.common.util.HTTPClientUtils;
import com.wso2.openbanking.accelerator.common.util.JWTUtils;
Expand Down Expand Up @@ -72,12 +71,12 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.text.ParseException;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;

import javax.ws.rs.HttpMethod;

Expand Down Expand Up @@ -160,9 +159,7 @@ public void postProcessResponse(OBAPIResponseContext obapiResponseContext) {
JsonParser jsonParser = new JsonParser();
JsonObject createdDCRAppDetails = ((JsonObject) jsonParser
.parse(obapiResponseContext.getResponsePayload()));

JsonElement softwareStatementJson = createdDCRAppDetails.get(OpenBankingConstants.SOFTWARE_STATEMENT);
String softwareStatement = (softwareStatementJson != null) ? softwareStatementJson.toString() : null;
String softwareStatement = getSoftwareStatement(createdDCRAppDetails);

//call IS DCR endpoint to create application for obtaining a token to invoke devportal REST APIs
JsonElement registrationResponse = createServiceProvider(basicAuthHeader,
Expand Down Expand Up @@ -280,14 +277,9 @@ public void postProcessResponse(OBAPIResponseContext obapiResponseContext) {
}

List<String> apiIDList = new ArrayList<>();
if (regulatoryAPIs != null ) {
if (softwareStatement != null) {
apiIDList = filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray(), getRolesFromSSA(softwareStatement));
} else {
apiIDList = filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray());
}
if (regulatoryAPIs != null) {
apiIDList = filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray(), softwareStatement);
} else {
log.warn("No regulatory APIs configured. Application will be subscribed to all published APIs");
//subscribe to all APIs if there are no configured regulatory APIs
Expand Down Expand Up @@ -343,7 +335,6 @@ public void postProcessResponse(OBAPIResponseContext obapiResponseContext) {
handleInternalServerError(obapiResponseContext, OpenBankingErrorCodes.REGISTRATION_UPDATE_ERROR);
return;
}

//call token endpoint to retrieve a token for invoking the devportal REST apis
String clientId = registrationResponse.getAsJsonObject().get(clientIdParam).getAsString();
String authHeaderForTokenRequest = GatewayUtils.getBasicAuthHeader(clientId,
Expand Down Expand Up @@ -404,12 +395,10 @@ public void postProcessResponse(OBAPIResponseContext obapiResponseContext) {
subscribedAPIIdList.add(apiId);
}

JsonElement softwareStatementJson = createdDCRAppDetails.get(OpenBankingConstants.SOFTWARE_STATEMENT);
if (softwareStatementJson != null) {
String softwareStatement = softwareStatementJson.getAsString();
List<String> allowedRoles = getRolesFromSSA(softwareStatement);
String softwareStatement = getSoftwareStatement(createdDCRAppDetails);
if (softwareStatement != null) {
List<String> unsubscribedAPIs = getUnAuthorizedAPIs(subscribedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray(), regulatoryAPIs, allowedRoles);
.get("list").getAsJsonArray(), regulatoryAPIs, getRolesFromSSA(softwareStatement));
if (!unsubscribedAPIs.isEmpty()) {
//unsubscribe from the apis
for (String subscriptionId : unsubscribedAPIs) {
Expand Down Expand Up @@ -438,11 +427,8 @@ public void postProcessResponse(OBAPIResponseContext obapiResponseContext) {
handleInternalServerError(obapiResponseContext, OpenBankingErrorCodes.REGISTRATION_UPDATE_ERROR);
return;
}
List<String> apiIDList = (softwareStatementJson == null) ?
filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray()) :
filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray(), getRolesFromSSA(softwareStatementJson.toString()));
List<String> apiIDList = filterRegulatorAPIs(regulatoryAPIs, publishedAPIsResponse.getAsJsonObject()
.get("list").getAsJsonArray(), softwareStatement);

List<String> newApisListToSubscribe = getNewAPIsToSubscribe(apiIDList, subscribedAPIIdList);
if (!newApisListToSubscribe.isEmpty()) {
Expand Down Expand Up @@ -753,12 +739,24 @@ protected List<String> filterRegulatorAPIs(Map<String, List<String>> regulatoryA
return filteredAPIs;
}

protected List<String> filterRegulatorAPIs(Map<String, List<String>> regulatoryAPINames, JsonArray publishedAPIs) {
protected List<String> filterRegulatorAPIs(Map<String, List<String>> regulatoryAPINames, JsonArray publishedAPIs,
String softwareStatement) throws ParseException {

List<String> filteredAPIs = new ArrayList<>();
for (JsonElement apiInfo : publishedAPIs) {
if(regulatoryAPINames.containsKey(apiInfo.getAsJsonObject().get("name").getAsString())) {
filteredAPIs.add(apiInfo.getAsJsonObject().get("id").getAsString());
String apiName = apiInfo.getAsJsonObject().get("name").getAsString();
if (regulatoryAPINames.containsKey(apiName)) {
if (softwareStatement != null) {
List<String> softwareRoles = getRolesFromSSA(softwareStatement);
for (String allowedRole : regulatoryAPINames.get(apiName)) {
if (softwareRoles.contains(allowedRole)) {
filteredAPIs.add(apiInfo.getAsJsonObject().get("id").getAsString());
break;
}
}
} else {
filteredAPIs.add(apiInfo.getAsJsonObject().get("id").getAsString());
}
}
}
return filteredAPIs;
Expand Down Expand Up @@ -908,7 +906,7 @@ protected String getApplicationName(String responsePayload, Map<String, Object>
JsonObject createdDCRAppDetails = ((JsonObject) jsonParser.parse(responsePayload));
JsonElement softwareStatementJson = createdDCRAppDetails.get(OpenBankingConstants.SOFTWARE_STATEMENT);

if(softwareStatementJson == null) {
if (softwareStatementJson == null) {
return createdDCRAppDetails.get(OpenBankingConstants.SOFTWARE_ID).getAsString();
}
String softwareStatement = softwareStatementJson.getAsString();
Expand Down Expand Up @@ -968,4 +966,18 @@ protected JsonElement createServiceProvider(String basicAuthHeader, String softw
return callPost(urlMap.get(GatewayConstants.IAM_DCR_URL).toString(),
dcrPayload.toString(), basicAuthHeader);
}

/**
* Retrieves the software statement from the provided DCR application details.
* Returns null if the software statement is not present.
*
* @param createdDCRAppDetails JsonObject representing the DCR application details.
* @return The software statement as a string, or null if not present.
*/
public String getSoftwareStatement(JsonObject createdDCRAppDetails) {

return Optional.ofNullable(createdDCRAppDetails.get(OpenBankingConstants.SOFTWARE_STATEMENT))
.map(Object::toString)
.orElse(null);
}
}
2 changes: 0 additions & 2 deletions ...rc/main/java/com/wso2/openbanking/accelerator/identity/dcr/model/RegistrationRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,6 @@ public class RegistrationRequest {
@SerializedName("backchannel_user_code_parameter_supported")
private boolean backchannelUserCodeParameterSupported;



private SoftwareStatementBody softwareStatementBody;

private Map<String, Object> requestParameters;
Expand Down
2 changes: 0 additions & 2 deletions ...c/main/java/com/wso2/openbanking/accelerator/identity/dcr/validation/IssuerValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@
import com.wso2.openbanking.accelerator.common.util.JWTUtils;
import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateIssuer;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

Expand Down Expand Up @@ -60,7 +59,6 @@ public boolean isValid(Object registrationRequest,
if (softwareId != null && softwareId.equals(issuer)) {
return true;
}

} else {
return true;
}
Expand Down
2 changes: 1 addition & 1 deletion ...ain/java/com/wso2/openbanking/accelerator/identity/dcr/validation/SignatureValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ public boolean isValid(Object registrationRequest,

try {
String softwareStatement = BeanUtils.getProperty(registrationRequest, softwareStatementPath);
if (softwareStatement != null ) {
if (softwareStatement != null) {
SignedJWT signedJWT = SignedJWT.parse(softwareStatement);
String jwtString = signedJWT.getParsedString();
String alg = signedJWT.getHeader().getAlgorithm().getName();
Expand Down
2 changes: 1 addition & 1 deletion ...ator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.dcr.endpoint/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,4 +200,4 @@
</plugin>
</plugins>
</build>
</project>
</project>
2 changes: 1 addition & 1 deletion ...so2/openbanking/accelerator/identity/dcr/endpoint/impl/api/ClientRegistrationApiImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
* specific language governing permissions and limitations
* under the License.
*/

package com.wso2.openbanking.accelerator.identity.dcr.endpoint.impl.api;

import com.google.gson.Gson;
Expand All @@ -30,7 +31,6 @@
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonHelper;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
Expand Down
15 changes: 7 additions & 8 deletions ...penbanking/accelerator/identity/dcr/endpoint/impl/service/RegistrationServiceHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,7 @@ public Response createRegistration(RegistrationRequest registrationRequest,

if (registrationRequest.getSoftwareStatement() == null) {
serviceProvider.setJwksUri(registrationRequest.getJwksURI());
}
else {
} else {
if (StringUtils.isNotEmpty(jwksEndpointName)) {
serviceProvider.setJwksUri(registrationRequest.getSsaParameters().get(jwksEndpointName).toString());
} else {
Expand All @@ -113,13 +112,12 @@ public Response createRegistration(RegistrationRequest registrationRequest,
Map<String, Object> registrationData = registrationRequest.getRequestParameters();
registrationData.put(RegistrationConstants.CLIENT_ID, application.getClientId());
registrationData.put(RegistrationConstants.CLIENT_ID_ISSUED_AT, clientIdIssuedTime.toString());
if(registrationRequest.getSsaParameters() != null) {
if (registrationRequest.getSsaParameters() != null) {
registrationData.putAll(registrationRequest.getSsaParameters());
}
registrationData.putAll(additionalAttributes);
String registrationResponse = registrationValidator.getRegistrationResponse(registrationData);
return Response.status(Response.Status.CREATED).entity(registrationResponse).build();

}

public Response retrieveRegistration(Map<String, Object> additionalAttributes, String clientId, String accessToken)
Expand Down Expand Up @@ -171,10 +169,10 @@ public Response updateRegistration(RegistrationRequest request, Map<String, Obje
}
}
Application applicationToUpdate = dcrmService.getApplication(clientId);
String applicationNameInRequest = "";
String applicationNameInRequest;
if (useSoftwareIdAsAppName) {
applicationNameInRequest = (request.getSoftwareStatement() != null) ?
request.getSoftwareStatementBody().getSoftwareId():
request.getSoftwareStatementBody().getSoftwareId() :
request.getSoftwareId();
} else {
applicationNameInRequest = request.getSoftwareStatementBody().getClientName();
Expand All @@ -198,7 +196,8 @@ public Response updateRegistration(RegistrationRequest request, Map<String, Obje
//get JWKS URI from the request
String jwksUri = request.getSoftwareStatement() == null ?
request.getJwksURI() : StringUtils.isNotEmpty(jwksEndpointName) ?
request.getSsaParameters().get(jwksEndpointName).toString() : request.getSoftwareStatementBody().getJwksURI();
request.getSsaParameters().get(jwksEndpointName).toString() :
request.getSoftwareStatementBody().getJwksURI();

serviceProvider.setJwksUri(jwksUri);

Expand All @@ -217,7 +216,7 @@ public Response updateRegistration(RegistrationRequest request, Map<String, Obje
//update Service provider with new client data
Map<String, String> updateRequestData = RegistrationUtils.getAlteredApplicationAttributes(request);
Map<String, Object> updateRegistrationData = request.getRequestParameters();
if(request.getSsaParameters() != null) {
if (request.getSsaParameters() != null) {
updateRegistrationData.putAll(request.getSsaParameters());
}
updateRequestData.put(RegistrationConstants.CLIENT_ID_ISSUED_AT, clientIdIssuedAt);
Expand Down
28 changes: 12 additions & 16 deletions ...a/com/wso2/openbanking/accelerator/identity/dcr/endpoint/impl/util/RegistrationUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,6 @@
import com.google.gson.Gson;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;


import com.wso2.openbanking.accelerator.common.util.JWTUtils;
import com.wso2.openbanking.accelerator.identity.dcr.endpoint.impl.dto.RegistrationErrorDTO;
import com.wso2.openbanking.accelerator.identity.dcr.exception.DCRValidationException;
Expand Down Expand Up @@ -78,7 +76,7 @@ public static void validateRegistrationCreation(RegistrationRequest registration
RegistrationValidator dcrRequestValidator;
dcrRequestValidator = RegistrationValidator.getRegistrationValidator();
// set the ssa payload according to the specification format
if (StringUtils.isNotEmpty(registrationRequest.getSoftwareStatement())) {
if (registrationRequest.getSoftwareStatement() != null) {
String decodedSSA = JWTUtils
.decodeRequestJWT(registrationRequest.getSoftwareStatement(), "body").toJSONString();
dcrRequestValidator.setSoftwareStatementPayload(registrationRequest, decodedSSA);
Expand Down Expand Up @@ -108,16 +106,14 @@ public static RegistrationError getRegistrationError(String errorCode, String er
public static ApplicationRegistrationRequest getApplicationRegistrationRequest(
RegistrationRequest registrationRequest, boolean useSoftwareIdAsAppName) {

String applicationName = "";
if (StringUtils.isBlank(registrationRequest.getSoftwareStatement())) {
applicationName = registrationRequest.getSoftwareId();
String applicationName;
if (useSoftwareIdAsAppName) {
applicationName = (registrationRequest.getSoftwareStatement() != null) ?
registrationRequest.getSoftwareStatementBody().getSoftwareId() :
registrationRequest.getSoftwareId();
} else {
if (useSoftwareIdAsAppName) {
applicationName = registrationRequest.getSoftwareStatementBody().getSoftwareId();
} else {
applicationName = RegistrationUtils.getSafeApplicationName(
registrationRequest.getSoftwareStatementBody().getClientName());
}
applicationName = RegistrationUtils.getSafeApplicationName(registrationRequest.getSoftwareStatementBody()
.getClientName());
}

ApplicationRegistrationRequest appRegistrationRequest = new ApplicationRegistrationRequest();
Expand All @@ -140,11 +136,11 @@ public static ApplicationUpdateRequest getApplicationUpdateRequest(RegistrationR
String applicationName;
if (useSoftwareIdAsAppName) {
applicationName = (registrationRequest.getSoftwareStatement() != null) ?
registrationRequest.getSoftwareStatementBody().getSoftwareId():
registrationRequest.getSoftwareStatementBody().getSoftwareId() :
registrationRequest.getSoftwareId();
} else {
applicationName = RegistrationUtils.getSafeApplicationName(
registrationRequest.getSoftwareStatementBody().getClientName());
applicationName = RegistrationUtils.getSafeApplicationName(registrationRequest.getSoftwareStatementBody()
.getClientName());
}

ApplicationUpdateRequest applicationUpdateRequest = new ApplicationUpdateRequest();
Expand Down Expand Up @@ -222,7 +218,7 @@ public static Map<String, String> getAlteredApplicationAttributes(RegistrationRe
Map<String, String> alteredAppAttributeMap = new HashMap<>();
addAttributes(registrationRequest.getRequestParameters(), alteredAppAttributeMap);

if (registrationRequest.getSoftwareStatement() != null){
if (registrationRequest.getSoftwareStatement() != null) {
//add ssa attributes
addAttributes(registrationRequest.getSsaParameters(), alteredAppAttributeMap);
//add ssa issuer
Expand Down

0 comments on commit dde9fda

Please sign in to comment.