diff --git a/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2 b/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2
index aef587b1..3f9148e4 100644
--- a/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2
+++ b/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2
@@ -141,17 +141,6 @@
-
- {% if open_banking.identity.ciba_webapp.servlet_extension is defined %}
-
- {{open_banking.identity.ciba_webapp.servlet_extension}}
-
- {% else %}
-
- com.wso2.openbanking.accelerator.consent.extensions.ciba.impl.CIBAAuthenticationEndpointDefaultImpl
-
- {% endif %}
-
{% if open_banking.identity.ciba.auth_web_link.redirect_endpoint is defined %}
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java
index a878a18c..62c25ffc 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java
@@ -21,7 +21,6 @@
/**
* CIBA Test Constants class.
*/
-@Deprecated
public class CIBAConstants {
public static final String INVALID_REQUEST = "invalid_request";
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java
index c6c8339a..b01a769e 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java
@@ -28,7 +28,6 @@
/**
* CIBA Signature Algorithm Enforcer class
*/
-@Deprecated
public class OBCIBASignatureAlgorithmEnforcementValidator extends SignatureAlgorithmEnforcementValidator {
/**
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java
index a1c633e8..e3cabab2 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java
@@ -43,7 +43,6 @@
/**
* Test class for OBCIBARequestObjectValidationExtension.
*/
-@Deprecated
@PowerMockIgnore("jdk.internal.reflect.*")
@PrepareForTest({JWTClaimsSet.class, OAuth2Parameters.class, RequestObject.class, JSONObject.class,
IdentityExtensionsDataHolder.class})
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java
index 94ad38a2..884d1bf8 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java
@@ -885,18 +885,6 @@ public String getAuthServletExtension() {
((String) getConfigElementFromKey(OpenBankingConstants.AUTH_SERVLET_EXTENSION)).trim();
}
- /**
- * Gets the configured CIBA servlet extention implementation.
- *
- * @deprecated will be removed in the future versions when moving to newer ciba implementation.
- * @return
- */
- @Deprecated
- public String getCibaServletExtension() {
- return getConfigElementFromKey(OpenBankingConstants.CIBA_SERVLET_EXTENSION) == null ? "" :
- ((String) getConfigElementFromKey(OpenBankingConstants.CIBA_SERVLET_EXTENSION)).trim();
- }
-
public String getJWKSConnectionTimeOut() {
return getConfigElementFromKey(OpenBankingConstants.DCR_JWKS_CONNECTION_TIMEOUT) == null ? "3000" :
diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java
index ddb56045..4bec849a 100644
--- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java
+++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java
@@ -196,16 +196,6 @@ public void testGetAuthServletExtension() {
Assert.assertEquals(authServletExtension, "sampleServletExtension");
}
- @Test (priority = 11)
- public void testGetEmptyCibaServletExtension() {
-
- String dummyConfigFile = absolutePathForTestResources + "/open-banking.xml";
- String authServletExtension = OpenBankingConfigParser.getInstance(dummyConfigFile)
- .getCibaServletExtension();
-
- Assert.assertEquals(authServletExtension, "sampleCIBAServletExtension");
- }
-
@Test (priority = 12)
public void testGetJWKSConnectionTimeout() {
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java
deleted file mode 100644
index d196064c..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java
+++ /dev/null
@@ -1,366 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator;
-
-import com.wso2.openbanking.accelerator.common.exception.ConsentManagementException;
-import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
-import com.wso2.openbanking.accelerator.common.util.Generated;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.builder.ConsentStepsBuilder;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistStep;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentRetrievalStep;
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointErrorResponse;
-import com.wso2.openbanking.accelerator.consent.extensions.common.AuthErrorCode;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentException;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ResponseStatus;
-import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
-import net.minidev.json.JSONObject;
-import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCache;
-import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheEntry;
-import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheKey;
-import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
-import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
-import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
-import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
-import org.wso2.carbon.identity.application.authenticator.push.PushAuthenticator;
-import org.wso2.carbon.identity.application.authenticator.push.common.PushAuthContextManager;
-import org.wso2.carbon.identity.application.authenticator.push.common.impl.PushAuthContextManagerImpl;
-import org.wso2.carbon.identity.application.common.model.ServiceProvider;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCache;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCacheKey;
-import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters;
-
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URLDecoder;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Optional;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-
-/**
- * CIBA Push Authenticator for sending push notifications to authentication device.
- */
-@Deprecated
-public class CIBAPushAuthenticator extends PushAuthenticator {
-
- private static final Log log = LogFactory.getLog(CIBAPushAuthenticator.class);
- private static final long serialVersionUID = 6106269076155338045L;
-
- private static List consentRetrievalSteps = null;
- private static List consentPersistSteps = null;
-
- public CIBAPushAuthenticator() {
- initializeConsentSteps();
- }
-
- @Override
- public String getFriendlyName() {
-
- return CIBAPushAuthenticatorConstants.AUTHENTICATOR_FRIENDLY_NAME;
- }
-
- @Override
- public String getName() {
-
- return CIBAPushAuthenticatorConstants.AUTHENTICATOR_NAME;
- }
-
- /**
- * Initialize consent builder.
- */
- public static synchronized void initializeConsentSteps() {
-
- if (consentRetrievalSteps == null || consentPersistSteps == null) {
- ConsentStepsBuilder consentStepsBuilder = ConsentExtensionExporter.getConsentStepsBuilder();
-
- if (consentStepsBuilder != null) {
- consentRetrievalSteps = consentStepsBuilder.getConsentRetrievalSteps();
- consentPersistSteps = consentStepsBuilder.getConsentPersistSteps();
- }
-
- if (consentRetrievalSteps != null && !consentRetrievalSteps.isEmpty()) {
- log.info("Consent retrieval steps are not null or empty");
- } else {
- log.warn("Consent retrieval steps are null or empty");
- }
- if (consentPersistSteps != null && !consentPersistSteps.isEmpty()) {
- log.info("Consent persist steps are not null or empty");
- } else {
- log.warn("Consent persist steps are null or empty");
- }
- } else {
- log.debug("Retrieval and persist steps are available");
- }
- }
-
- /**
- * Execute consent retrieval steps.
- *
- * @param consentData Consent Data
- * @param jsonObject Json object to store consent data
- * @throws ConsentException when an error occurs while executing retrieval steps
- */
- protected void executeRetrieval(ConsentData consentData, JSONObject jsonObject) throws ConsentException {
-
- for (ConsentRetrievalStep step : consentRetrievalSteps) {
- if (log.isDebugEnabled()) {
- log.debug("Executing retrieval step " + step.getClass().toString());
- }
- step.execute(consentData, jsonObject);
- }
- }
-
- /**
- * Retrieve consent.
- *
- * @param request HTTP request
- * @param response HTTP response
- * @param sessionDataKey Session data key
- * @return Consent data
- * @throws ConsentException when an error occurs while retrieving consent
- */
- protected JSONObject retrieveConsent(HttpServletRequest request, HttpServletResponse response,
- String sessionDataKey) throws ConsentException {
-
- String loggedInUser;
- String app;
- String spQueryParams;
- String scopeString;
-
- SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey);
- OAuth2Parameters oAuth2Parameters = cacheEntry.getoAuth2Parameters();
- URI redirectURI;
- try {
- redirectURI = new URI(oAuth2Parameters.getRedirectURI());
- } catch (URISyntaxException e) {
- //Unlikely to happen. In case it happens, error response is sent
- throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR, "Invalid redirect URI");
- }
- //Extracting client ID for regulatory identification and redirect URI for error redirects
- String clientId = oAuth2Parameters.getClientId();
- String state = oAuth2Parameters.getState();
-
- Map sensitiveDataMap =
- ConsentExtensionUtils.getSensitiveDataWithConsentKey(sessionDataKey);
-
- if ("false".equals(sensitiveDataMap.get(CIBAPushAuthenticatorConstants.IS_ERROR))) {
- loggedInUser = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.LOGGED_IN_USER);
- app = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.APPLICATION);
- spQueryParams = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.SP_QUERY_PARAMS);
- scopeString = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.SCOPE);
- } else {
- String isError = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.IS_ERROR);
- //Have to throw standard error because cannot access redirect URI with this error
- log.error("Error while getting endpoint parameters. " + isError);
- throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR,
- CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state);
- }
-
- JSONObject jsonObject = new JSONObject();
- ConsentData consentData = createConsentData(sessionDataKey, loggedInUser, spQueryParams, scopeString, app,
- request);
- consentData.setSensitiveDataMap(sensitiveDataMap);
- consentData.setRedirectURI(redirectURI);
-
- if (clientId == null) {
- log.error("Client Id not available");
- //Unlikely error. Included just in case.
- throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR,
- CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state);
- }
- consentData.setClientId(clientId);
- consentData.setState(state);
-
- try {
- consentData.setRegulatory(IdentityCommonUtil.getRegulatoryFromSPMetaData(clientId));
- } catch (OpenBankingException e) {
- log.error("Error while getting regulatory data", e);
- throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR, "Error while obtaining regulatory data",
- state);
- }
-
- executeRetrieval(consentData, jsonObject);
- if (consentData.getType() == null || consentData.getApplication() == null) {
- log.error(CIBAPushAuthenticatorConstants.ERROR_NO_TYPE_AND_APP_DATA);
- throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR,
- CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state);
- }
- ConsentExtensionUtils.setCommonDataToResponse(consentData, jsonObject);
- try {
- ConsentCache.addConsentDataToCache(sessionDataKey, consentData);
- } catch (ConsentManagementException e) {
- log.error("Error while adding consent data to cache", e);
- throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR,
- CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state);
- }
- return jsonObject;
- }
-
- @Generated(message = "This method is separated for unit testing purposes")
- protected ConsentData createConsentData(String sessionDataKey, String loggedInUser, String spQueryParams,
- String scopeString, String app, HttpServletRequest request) {
- return new ConsentData(sessionDataKey, loggedInUser, spQueryParams, scopeString, app,
- ConsentExtensionUtils.getHeaders(request));
- }
-
- /**
- * Get the authenticated user.
- *
- * @param request Push authenticator HTTP request
- * @return Authenticated User
- */
- @Override
- protected AuthenticatedUser getAuthenticatedUser(HttpServletRequest request) {
-
- // In OB CIBA, only this Push Authenticator IDP is expected to be executed during the CIBA auth flow
- // Hence, the login_hint attribute in the CIBA request object is used to identify the user
- return AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(request.
- getParameter(CIBAPushAuthenticatorConstants.LOGIN_HINT));
- }
-
- @Generated(message = "This method is separated for unit testing purposes")
- protected AuthenticationContext getAutenticationContext(String sessionDataKey) {
- PushAuthContextManager contextManager = new PushAuthContextManagerImpl();
-
- return contextManager.getContext(sessionDataKey);
- }
-
- /**
- * OB specific implementation to retrieve consent data.
- * @param sessionDataKey Session data key
- * @return consent data
- * @throws AuthenticationFailedException Authentication failed exception
- */
- @Override
- protected Optional getAdditionalInfo(HttpServletRequest request, HttpServletResponse response,
- String sessionDataKey) throws AuthenticationFailedException {
-
- AuthenticationContext context = getAutenticationContext(sessionDataKey);
-
- // update the authentication context with required values for OB specific requirements
- try {
- String queryParams = FrameworkUtils
- .getQueryStringWithFrameworkContextId(context.getQueryParams(), context.getCallerSessionKey(),
- context.getContextIdentifier());
- Map params = splitQuery(queryParams);
- handlePreConsent(context, params);
- } catch (UnsupportedEncodingException e) {
- throw new AuthenticationFailedException("Error occurred when processing the request object", e);
- }
-
- SessionDataCacheKey cacheKey = ConsentCache.getCacheKey(sessionDataKey);
- SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromCacheKey(cacheKey);
-
- cacheEntry.setLoggedInUser(context.getSubject());
- SessionDataCache.getInstance().addToCache(cacheKey, cacheEntry);
-
- // Authentication context is added to cache as it is obtained from the cache in a later step by the Parameter
- // Resolver object
- AuthenticationContextCache.getInstance().addToCache(
- new AuthenticationContextCacheKey(sessionDataKey), new AuthenticationContextCacheEntry(context));
-
- JSONObject additionalInfo = retrieveConsent(request, response, sessionDataKey);
- String bindingMessage = request.getParameter(CIBAPushAuthenticatorConstants.BINDING_MESSAGE);
- if (StringUtils.isNotEmpty(bindingMessage)) {
- additionalInfo.put(CIBAPushAuthenticatorConstants.BINDING_MESSAGE, bindingMessage);
- }
- return Optional.ofNullable(additionalInfo.toJSONString());
- }
-
- /**
- * set attributes to context which will be required to prompt the consent page.
- *
- * @param context authentication context
- * @param params query params
- */
- protected void handlePreConsent(AuthenticationContext context, Map params) {
- ServiceProvider serviceProvider = context.getSequenceConfig().getApplicationConfig().getServiceProvider();
-
- context.addEndpointParam(CIBAPushAuthenticatorConstants.LOGGED_IN_USER,
- params.get(CIBAPushAuthenticatorConstants.LOGIN_HINT));
- context.addEndpointParam(CIBAPushAuthenticatorConstants.USER_TENANT_DOMAIN,
- "@carbon.super");
- context.addEndpointParam(CIBAPushAuthenticatorConstants.REQUEST,
- params.get(CIBAPushAuthenticatorConstants.REQUEST_OBJECT));
- context.addEndpointParam(CIBAPushAuthenticatorConstants.SCOPE,
- params.get(CIBAPushAuthenticatorConstants.SCOPE));
- context.addEndpointParam(CIBAPushAuthenticatorConstants.APPLICATION, serviceProvider.getApplicationName());
- context.addEndpointParam(CIBAPushAuthenticatorConstants.CONSENT_PROMPTED, true);
- context.addEndpointParam(CIBAPushAuthenticatorConstants.AUTH_REQ_ID,
- context.getAuthenticationRequest().getRequestQueryParams()
- .get(CIBAPushAuthenticatorConstants.NONCE)[0]);
- }
-
- /**
- * Returns a map of query parameters from the given query param string.
- * @param queryParamsString HTTP request query parameters
- * @return Query parameter map
- * @throws UnsupportedEncodingException Unsupported encoding exception
- */
- protected Map splitQuery(String queryParamsString) throws UnsupportedEncodingException {
- final Map queryParams = new HashMap<>();
- final String[] pairs = queryParamsString.split("&");
- for (String pair : pairs) {
- final int idx = pair.indexOf("=");
- final String key = idx > 0 ? URLDecoder.decode(pair.substring(0, idx), "UTF-8") : pair;
- final String value =
- idx > 0 && pair.length() > idx + 1 ? URLDecoder.decode(pair.substring(idx + 1), "UTF-8") : null;
- queryParams.put(key, value);
- }
- return queryParams;
- }
-
- /**
- * Extend this method to create error response on toolkits. Set necessary status codes and error payloads to
- * CIBAAuthenticationEndpointErrorResponse.
- *
- * @param httpStatusCode Http status code
- * @param errorCode Error code
- * @param errorDescription Error description
- * @return CIBAAuthenticationEndpointErrorResponse CIBA Authentication Endpoint Error Response
- */
- public static CIBAAuthenticationEndpointErrorResponse createErrorResponse(int httpStatusCode, String errorCode,
- String errorDescription) {
-
- CIBAAuthenticationEndpointErrorResponse cibaPushServletErrorResponse =
- new CIBAAuthenticationEndpointErrorResponse();
- JSONObject errorResponse = new JSONObject();
- errorResponse.put(CIBAPushAuthenticatorConstants.ERROR_DESCRIPTION, errorDescription);
- errorResponse.put(CIBAPushAuthenticatorConstants.ERROR, errorCode);
- cibaPushServletErrorResponse.setPayload(errorResponse);
- cibaPushServletErrorResponse.setHttpStatusCode(httpStatusCode);
-
- return cibaPushServletErrorResponse;
- }
-
-}
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java
deleted file mode 100644
index 275a1407..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator;
-
-/**
- * CIBA Push Authenticator Constants.
- */
-@Deprecated
-public class CIBAPushAuthenticatorConstants {
-
- public static final String AUTHENTICATOR_NAME = "ciba";
- public static final String AUTHENTICATOR_FRIENDLY_NAME = "CIBA Authenticator";
- public static final String REQUEST = "request";
- public static final String REQUEST_OBJECT = "request_object";
- public static final String BINDING_MESSAGE = "binding_message";
-
- //Consent Related constants
- public static final String LOGGED_IN_USER = "loggedInUser";
- public static final String USER_TENANT_DOMAIN = "userTenantDomain";
- public static final String SCOPE = "scope";
- public static final String APPLICATION = "application";
- public static final String CONSENT_PROMPTED = "consentPrompted";
- public static final String AUTH_REQ_ID = "auth_req_id";
- public static final String NONCE = "nonce";
- public static final String LOGIN_HINT = "login_hint";
- public static final String SP_QUERY_PARAMS = "spQueryParams";
-
- // error constants
- public static final String IS_ERROR = "isError";
- public static final String ERROR_SERVER_ERROR = "Internal server error";
- public static final String ERROR_NO_TYPE_AND_APP_DATA = "Type and application data is unavailable";
- public static final String ERROR_DESCRIPTION = "error_description";
- public static final String ERROR = "error";
-}
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java
index 1fec9102..f75915ab 100644
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java
+++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java
@@ -13,7 +13,6 @@
import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants;
import com.wso2.openbanking.accelerator.common.exception.ConsentManagementException;
import com.wso2.openbanking.accelerator.common.util.CarbonUtils;
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticatorConstants;
import com.wso2.openbanking.accelerator.consent.extensions.internal.ConsentExtensionsDataHolder;
import com.wso2.openbanking.accelerator.consent.mgt.dao.models.AuthorizationResource;
import com.wso2.openbanking.accelerator.consent.mgt.service.ConsentCoreService;
@@ -40,6 +39,7 @@ public class CIBAWebLinkAuthenticatorExtensionImpl implements CIBAWebLinkAuthent
private static final Log log = LogFactory.getLog(CIBAWebLinkAuthenticatorExtensionImpl.class);
private static final ConsentCoreService consentCoreService =
ConsentExtensionsDataHolder.getInstance().getConsentCoreService();
+ public static final String LOGIN_HINT = "login_hint";
/**
* Method to identify the user/users involved in the authentication.
@@ -50,7 +50,7 @@ public class CIBAWebLinkAuthenticatorExtensionImpl implements CIBAWebLinkAuthent
@Override
public List getAuthenticatedUsers(HttpServletRequest request) {
- return Arrays.stream(request.getParameter(CIBAPushAuthenticatorConstants.LOGIN_HINT)
+ return Arrays.stream(request.getParameter(LOGIN_HINT)
.split(","))
.map(String::trim)
.map(AuthenticatedUser::createLocalAuthenticatedUserFromSubjectIdentifier)
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java
deleted file mode 100644
index 9cf8d2d9..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.impl;
-
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointInterface;
-import net.minidev.json.JSONObject;
-
-/**
- * Implementation to extend CIBA push servlet consent persistence data.
- */
-@Deprecated
-public class CIBAAuthenticationEndpointDefaultImpl implements CIBAAuthenticationEndpointInterface {
-
- @Override
- public JSONObject updateConsentData(JSONObject consentData) {
- return consentData;
- }
-
-}
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java
deleted file mode 100644
index 15b108f9..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.model;
-
-import net.minidev.json.JSONObject;
-
-/**
- * CIBA authentication endpoint error response.
- */
-@Deprecated
-public class CIBAAuthenticationEndpointErrorResponse {
-
- private int httpStatusCode = 0;
- private JSONObject payload = null;
-
- public int getHttpStatusCode() {
-
- return httpStatusCode;
- }
- public void setHttpStatusCode(int httpStatusCode) {
-
- this.httpStatusCode = httpStatusCode;
- }
-
- public JSONObject getPayload() {
-
- return payload;
- }
- public void setPayload(JSONObject payload) {
-
- this.payload = payload;
- }
-
-}
-
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java
deleted file mode 100644
index 4909df8b..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.model;
-
-import net.minidev.json.JSONObject;
-
-/**
- * The interface to extend CIBA push servlet consent persistence data.
- */
-@Deprecated
-public interface CIBAAuthenticationEndpointInterface {
-
- /**
- * Set additional data to consent data.
- * @param consentData consent data json object
- * @return updated consent data json object
- */
- JSONObject updateConsentData(JSONObject consentData);
-}
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java
index cf95f2c0..f4a21eef 100644
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java
+++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java
@@ -19,7 +19,6 @@
package com.wso2.openbanking.accelerator.consent.extensions.internal;
import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigurationService;
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticator;
import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.weblink.CIBAWebLinkAuthenticator;
import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.weblink.notification.CIBAWebLinkNotificationHandler;
import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter;
@@ -60,10 +59,7 @@ protected void activate(ComponentContext context) {
if (log.isDebugEnabled()) {
log.debug("Periodical Consent Status Updater Started");
}
- CIBAPushAuthenticator authenticator = new CIBAPushAuthenticator();
CIBAWebLinkAuthenticator cibaWebLinkAuthenticator = new CIBAWebLinkAuthenticator();
- context.getBundleContext().registerService(ApplicationAuthenticator.class.getName(),
- authenticator, null);
context.getBundleContext().registerService(ApplicationAuthenticator.class.getName(),
cibaWebLinkAuthenticator, null);
context.getBundleContext().registerService(AbstractEventHandler.class.getName(),
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java
deleted file mode 100644
index ff5897cd..00000000
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java
+++ /dev/null
@@ -1,259 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator;
-
-import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser;
-import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigurationService;
-import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils;
-import com.wso2.openbanking.accelerator.consent.extensions.internal.ConsentExtensionsDataHolder;
-import com.wso2.openbanking.accelerator.consent.mgt.service.impl.ConsentCoreServiceImpl;
-import com.wso2.openbanking.accelerator.identity.cache.IdentityCache;
-import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
-import net.minidev.json.JSONObject;
-import org.mockito.Mock;
-import org.mockito.Mockito;
-import org.powermock.api.mockito.PowerMockito;
-import org.powermock.core.classloader.annotations.PowerMockIgnore;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.modules.testng.PowerMockTestCase;
-import org.testng.annotations.DataProvider;
-import org.testng.annotations.Test;
-import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCache;
-import org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig;
-import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
-import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
-import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest;
-import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
-import org.wso2.carbon.identity.application.common.model.ServiceProvider;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCache;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry;
-import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters;
-
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import static org.mockito.Mockito.doNothing;
-import static org.mockito.Mockito.doReturn;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
-import static org.mockito.Mockito.when;
-import static org.powermock.api.mockito.PowerMockito.mockStatic;
-import static org.testng.Assert.assertEquals;
-import static org.testng.Assert.assertNotNull;
-import static org.testng.Assert.assertTrue;
-
-/**
- * Test class for CIBAPushAuthenticator.
- */
-@Deprecated
-@PowerMockIgnore("jdk.internal.reflect.*")
-@PrepareForTest({SessionDataCache.class, AuthenticationContextCache.class, ConsentExtensionUtils.class,
- ConsentCache.class, ConsentData.class, IdentityCommonUtil.class, FrameworkUtils.class,
- AuthenticationContext.class, SequenceConfig.class, ServiceProvider.class, ApplicationConfig.class,
- AuthenticationRequest.class, SessionDataCacheEntry.class, IdentityCache.class, OAuth2Parameters.class,
- HttpServletRequest.class, ConsentCoreServiceImpl.class, ConsentExtensionsDataHolder.class,
- OpenBankingConfigurationService.class, OpenBankingConfigParser.class})
-public class CIBAPushAuthenticatorTests extends PowerMockTestCase {
-
- private final String dummyString = "dummyString";
-
- @Mock
- OpenBankingConfigurationService openBankingConfigurationService;
-
- @Mock
- ConsentExtensionsDataHolder consentExtensionsDataHolder;
-
- @DataProvider(name = "splitQueryParams")
- public Object[][] getSplitQueryParams() {
-
- String validQueryParms = "key1=val1&key2=val2";
- Map validQueryParamMap = new HashMap<>();
- validQueryParamMap.put("key1", "val1");
- validQueryParamMap.put("key2", "val2");
-
- String invalidQueryParams = "key1:val1&key2:val2";
- Map invalidQueryParamMap = new HashMap<>();
- invalidQueryParamMap.put("key1:val1", null);
- invalidQueryParamMap.put("key2:val2", null);
-
- return new Object[][]{
- {validQueryParms, validQueryParamMap},
- {invalidQueryParams, invalidQueryParamMap}
- };
- }
-
- @Test(dataProvider = "splitQueryParams")
- public void splitQueryValidQueryTest(String dummyQueryParms, Map queryParamMap) throws Exception {
- CIBAPushAuthenticator cibaPushAuthenticator = new CIBAPushAuthenticator();
- Map splitQueryParamMap = cibaPushAuthenticator.splitQuery(dummyQueryParms);
-
- assertEquals(queryParamMap, splitQueryParamMap);
- }
-
- @Test
- public void handlePreConsentTest() {
- AuthenticationContext mockAuthnCtxt = spy(AuthenticationContext.class);
-
- Map params = new HashMap() {
- {
- put(CIBAPushAuthenticatorConstants.LOGIN_HINT, dummyString);
- put(CIBAPushAuthenticatorConstants.REQUEST_OBJECT, dummyString);
- put(CIBAPushAuthenticatorConstants.SCOPE, dummyString);
- }
- };
-
- Map queryParamMap = new HashMap<>();
- String[] queryParamArray = new String[1];
- queryParamArray[0] = dummyString;
- queryParamMap.put(CIBAPushAuthenticatorConstants.NONCE, queryParamArray);
-
- SequenceConfig mockSequenceConfig = mock(SequenceConfig.class);
- ApplicationConfig mockApplicationConfig = mock(ApplicationConfig.class);
- ServiceProvider mockServiceProvider = mock(ServiceProvider.class);
- AuthenticationRequest mockAuthenticationRequest = mock(AuthenticationRequest.class);
-
- when(mockAuthnCtxt.getSequenceConfig()).thenReturn(mockSequenceConfig);
- when(mockSequenceConfig.getApplicationConfig()).thenReturn(mockApplicationConfig);
- when(mockApplicationConfig.getServiceProvider()).thenReturn(mockServiceProvider);
- when(mockServiceProvider.getApplicationName()).thenReturn(dummyString);
- when(mockAuthnCtxt.getAuthenticationRequest()).thenReturn(mockAuthenticationRequest);
- when(mockAuthenticationRequest.getRequestQueryParams()).thenReturn(queryParamMap);
-
- int initialSize = mockAuthnCtxt.getEndpointParams().size();
- CIBAPushAuthenticator cibaPushAuthenticator = new CIBAPushAuthenticator();
- cibaPushAuthenticator.handlePreConsent(mockAuthnCtxt, params);
- int finalSize = mockAuthnCtxt.getEndpointParams().size();
-
- assertTrue(finalSize > initialSize);
- }
-
- @Test
- public void setMetadataTest() throws Exception {
- CIBAPushAuthenticator mockAuthenticator = spy(new CIBAPushAuthenticatorMock());
-
- mockStatic(SessionDataCache.class);
- mockStatic(AuthenticationContextCache.class);
- mockStatic(FrameworkUtils.class);
-
- SessionDataCache sessionDataCache = mock(SessionDataCache.class);
- SessionDataCacheEntry sessionDataCacheEntry = mock(SessionDataCacheEntry.class);
- AuthenticationContextCache authenticationContextCache = mock(AuthenticationContextCache.class);
- HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
- HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
- when(httpServletRequest.getParameter(CIBAPushAuthenticatorConstants.BINDING_MESSAGE)).thenReturn(dummyString);
-
- when(mockAuthenticator.splitQuery(Mockito.anyString())).thenReturn(new HashMap<>());
- when(FrameworkUtils.getQueryStringWithFrameworkContextId
- (Mockito.anyObject(), Mockito.anyObject(), Mockito.anyObject())).thenReturn(dummyString);
- when(SessionDataCache.getInstance()).thenReturn(sessionDataCache);
- when(sessionDataCache.getValueFromCache(Mockito.anyObject())).thenReturn(sessionDataCacheEntry);
- when(AuthenticationContextCache.getInstance()).thenReturn(authenticationContextCache);
-
- doNothing().when(mockAuthenticator).handlePreConsent(Mockito.anyObject(), Mockito.anyObject());
- doNothing().when(authenticationContextCache).addToCache(Mockito.anyObject(), Mockito.anyObject());
- JSONObject jsonObject = new JSONObject();
- jsonObject.put(dummyString, dummyString);
- doReturn(jsonObject).when(mockAuthenticator).retrieveConsent(Mockito.anyObject(),
- Mockito.anyObject(), Mockito.anyString());
-
- assertNotNull(mockAuthenticator.getAdditionalInfo(httpServletRequest, httpServletResponse,
- dummyString));
- }
-
- @Test
- public void retrieveConsentTest() throws OpenBankingException {
-
- CIBAPushAuthenticator mockAuthenticator = spy(new CIBAPushAuthenticatorMock());
- Map configs = new HashMap<>();
- configs.put("Consent.PreserveConsentLink", "true");
- mockStatic(ConsentExtensionUtils.class);
- mockStatic(ConsentCoreServiceImpl.class);
- mockStatic(ConsentExtensionsDataHolder.class);
-
- OpenBankingConfigParser openBankingConfigParserMock = Mockito.mock(OpenBankingConfigParser.class);
- Mockito.doReturn(configs).when(openBankingConfigParserMock).getConfiguration();
- PowerMockito.mockStatic(OpenBankingConfigParser.class);
- PowerMockito.when(OpenBankingConfigParser.getInstance()).thenReturn(openBankingConfigParserMock);
-
- mockStatic(ConsentCache.class);
- mockStatic(ConsentData.class);
- mockStatic(IdentityCommonUtil.class);
-
- ConsentData consentData = mock(ConsentData.class);
- IdentityCache identityCache = mock(IdentityCache.class);
- SessionDataCacheEntry cacheEntry = mock(SessionDataCacheEntry.class);
- OAuth2Parameters oAuth2Parameters = mock(OAuth2Parameters.class);
- HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
- IdentityCommonUtil identityCommonUtil = mock(IdentityCommonUtil.class);
-
- when(ConsentCache.getInstance()).thenReturn(identityCache);
- when(ConsentCache.getCacheEntryFromSessionDataKey(Mockito.anyString())).thenReturn(cacheEntry);
- when(cacheEntry.getoAuth2Parameters()).thenReturn(oAuth2Parameters);
- when(oAuth2Parameters.getRedirectURI()).thenReturn(dummyString);
- when(oAuth2Parameters.getClientId()).thenReturn(dummyString);
- when(oAuth2Parameters.getState()).thenReturn(dummyString);
- when(identityCommonUtil.getRegulatoryFromSPMetaData(dummyString)).thenReturn(true);
- when(consentData.getType()).thenReturn(dummyString);
- when(consentData.getApplication()).thenReturn(dummyString);
-
- Map sensitiveDataMap = new HashMap<>();
- Map headers = new HashMap<>();
- sensitiveDataMap.put(CIBAPushAuthenticatorConstants.IS_ERROR, "false");
- sensitiveDataMap.put(CIBAPushAuthenticatorConstants.LOGGED_IN_USER, dummyString);
- sensitiveDataMap.put(CIBAPushAuthenticatorConstants.SP_QUERY_PARAMS, dummyString);
- sensitiveDataMap.put(CIBAPushAuthenticatorConstants.SCOPE, dummyString);
-
- when(ConsentExtensionUtils.getSensitiveDataWithConsentKey(Mockito.anyString())).thenReturn(sensitiveDataMap);
- when(ConsentExtensionUtils.getHeaders(httpServletRequest)).thenReturn(headers);
- when(mockAuthenticator.createConsentData(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(),
- Mockito.anyString(), Mockito.anyString(), Mockito.anyObject())).thenReturn(consentData);
-
- doNothing().when(consentData).setSensitiveDataMap(Mockito.anyObject());
- doNothing().when(consentData).setRedirectURI(Mockito.anyObject());
- doNothing().when(consentData).setRegulatory(Mockito.anyObject());
- doNothing().when(mockAuthenticator).executeRetrieval(Mockito.anyObject(), Mockito.anyObject());
-
- assertNotNull(mockAuthenticator.retrieveConsent(Mockito.anyObject(), Mockito.anyObject(), Mockito.anyString()));
-
- }
-
-}
-
-class CIBAPushAuthenticatorMock extends CIBAPushAuthenticator {
-
- @Override
- protected AuthenticationContext getAutenticationContext(String sessionDataKey) {
-
- return mock(AuthenticationContext.class);
- }
-
- @Override
- protected ConsentData createConsentData(String sessionDataKey, String loggedInUser, String spQueryParams,
- String scopeString, String app, HttpServletRequest request) {
- return mock(ConsentData.class);
- }
-
-}
diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml
index ddc3905f..562ab0aa 100644
--- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml
+++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml
@@ -22,7 +22,6 @@
-
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml
index e51dfb25..e69de29b 100644
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml
+++ b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml
@@ -1,124 +0,0 @@
-
-
- open-banking-accelerator
- com.wso2.openbanking.accelerator
- 3.2.30-SNAPSHOT
- ../../../pom.xml
-
- 4.0.0
-
- com.wso2.openbanking.accelerator.ciba.authentication.endpoint
- WSO2 Open Banking - CIBA Authentication Endpoint
- WSO2 Open Banking - CIBA Authentication Endpoint
- war
-
-
-
- org.testng
- testng
- test
-
-
- com.wso2.openbanking.accelerator
- com.wso2.openbanking.accelerator.consent.extensions
- provided
-
-
- com.fasterxml.jackson.core
- jackson-databind
- provided
-
-
- com.wso2.openbanking.accelerator
- com.wso2.openbanking.accelerator.common
- provided
-
-
- org.wso2.carbon.identity.inbound.auth.oauth2
- org.wso2.carbon.identity.oauth.ciba
- provided
-
-
- org.wso2.carbon.identity.framework
- org.wso2.carbon.identity.application.authentication.framework
- provided
-
-
- org.wso2.carbon.identity.outbound.auth.push
- org.wso2.carbon.identity.application.authenticator.push.common
- provided
-
-
- org.wso2.carbon.identity.outbound.auth.push
- org.wso2.carbon.identity.application.authenticator.push.device.handler
- provided
-
-
- org.wso2.carbon.identity.outbound.auth.push
- org.wso2.carbon.identity.application.authenticator.push
- provided
-
-
-
-
-
-
- com.github.spotbugs
- spotbugs-maven-plugin
-
- Max
- Low
- true
- false
- ${project.build.directory}/spotbugs
- ${project.basedir}/src/main/resources/findbugs-include.xml
-
-
- com.h3xstream.findsecbugs
- findsecbugs-plugin
- ${com.h3xstream.findsecbugs.version}
-
-
-
-
-
- analyze-compile
- compile
-
- check
-
-
-
-
-
- maven-war-plugin
- ${maven-war-plugin.version}
-
-
-
-
- src/main/webapp
-
-
- api#openbanking#ciba
-
-
-
-
-
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java
deleted file mode 100644
index a5ed90e6..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java
+++ /dev/null
@@ -1,686 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.api;
-
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.JWTParser;
-import com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.exception.CIBAAuthenticationEndpointException;
-import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser;
-import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
-import com.wso2.openbanking.accelerator.common.util.CarbonUtils;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.builder.ConsentStepsBuilder;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistData;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistStep;
-import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentRetrievalStep;
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointErrorResponse;
-import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointInterface;
-import com.wso2.openbanking.accelerator.consent.extensions.common.AuthErrorCode;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentException;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils;
-import com.wso2.openbanking.accelerator.consent.extensions.common.ResponseStatus;
-import com.wso2.openbanking.accelerator.identity.util.HTTPClientUtils;
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import net.minidev.json.JSONArray;
-import net.minidev.json.JSONObject;
-import net.minidev.json.parser.JSONParser;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.http.HttpResponse;
-import org.apache.http.HttpStatus;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.util.EntityUtils;
-import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
-import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
-import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
-import org.wso2.carbon.identity.application.authenticator.push.common.PushAuthContextManager;
-import org.wso2.carbon.identity.application.authenticator.push.common.PushJWTValidator;
-import org.wso2.carbon.identity.application.authenticator.push.common.exception.PushAuthTokenValidationException;
-import org.wso2.carbon.identity.application.authenticator.push.common.impl.PushAuthContextManagerImpl;
-import org.wso2.carbon.identity.application.authenticator.push.device.handler.DeviceHandler;
-import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerClientException;
-import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerServerException;
-import org.wso2.carbon.identity.application.authenticator.push.device.handler.impl.DeviceHandlerImpl;
-import org.wso2.carbon.identity.application.authenticator.push.dto.AuthDataDTO;
-import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry;
-import org.wso2.carbon.identity.oauth.ciba.common.AuthReqStatus;
-import org.wso2.carbon.identity.oauth.ciba.dao.CibaDAOFactory;
-import org.wso2.carbon.identity.oauth.ciba.exceptions.CibaCoreException;
-import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters;
-
-import java.io.IOException;
-import java.lang.reflect.InvocationTargetException;
-import java.net.HttpURLConnection;
-import java.text.ParseException;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
-
-import static com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticator.createErrorResponse;
-
-/**
- * Implementation class for the CIBA authentication endpoint API.
- */
-@Deprecated
-@Path("/")
-public class CIBAAuthenticationEndpoint {
-
- private static final Log log = LogFactory.getLog(CIBAAuthenticationEndpoint.class);
- private static CIBAAuthenticationEndpointInterface cibaAuthenticationEndpointInterfaceTK;
- private static List consentPersistSteps = null;
- private static List consentRetrievalSteps = null;
-
- public CIBAAuthenticationEndpoint() {
-
- initializeConsentSteps();
- }
-
- @SuppressFBWarnings("JAXRS_ENDPOINT")
- // Suppressed content - Endpoint
- // Suppression reason - False Positive : This endpoint is secured with access control lists in the configuration
- // Suppressed warning count - 1
- @POST
- @Path("/push-auth/authenticate")
- @Consumes({"application/json; charset=utf-8"})
- @Produces({"application/json; charset=utf-8"})
- public Response handleCIBAAuthenticationRequest(@Context HttpServletRequest request,
- @Context HttpServletResponse response, @Context UriInfo uriInfo) {
-
- try {
- log.info("CIBA authentication call received");
- handleMobileResponse(request, response);
- } catch (CIBAAuthenticationEndpointException e) {
- // create error response
- CIBAAuthenticationEndpointErrorResponse errorResponse = createErrorResponse(e.getHttpStatusCode(),
- e.getErrorCode(), e.getErrorDescription());
- return Response.status(errorResponse.getHttpStatusCode() != 0 ?
- errorResponse.getHttpStatusCode() : e.getHttpStatusCode())
- .entity(errorResponse.getPayload()).build();
- }
-
- return Response.status(HttpStatus.SC_ACCEPTED).build();
- }
-
- @SuppressFBWarnings("JAXRS_ENDPOINT")
- // Suppressed content - Endpoint
- // Suppression reason - False Positive : This endpoint is secured with access control lists in the configuration
- // Suppressed warning count - 1
- @GET
- @Path("/push-auth/discovery-data")
- @Produces({"application/json; charset=utf-8"})
- public Response handleDiscoveryRequest(@Context HttpServletRequest request,
- @Context HttpServletResponse response,
- @Context HttpHeaders headers) {
-
- try {
- log.info("CIBA discovery call received");
- JSONObject deviceRegistrationData = handleDiscovery(request, response, headers);
- return Response.status(HttpStatus.SC_ACCEPTED)
- .entity(deviceRegistrationData).build();
-
- } catch (CIBAAuthenticationEndpointException e) {
- // create error response
- CIBAAuthenticationEndpointErrorResponse errorResponse = createErrorResponse(e.getHttpStatusCode(),
- e.getErrorCode(), e.getErrorDescription());
- return Response.status(errorResponse.getHttpStatusCode() != 0 ?
- errorResponse.getHttpStatusCode() : e.getHttpStatusCode())
- .entity(errorResponse.getPayload()).build();
- }
- }
-
- @SuppressFBWarnings("HTTP_PARAMETER_POLLUTION")
- // Suppressed content - CIBAAuthenticationEndpointConstants.DEVICE_REGISTRATION_URL
- // Suppression reason - False Positive : This is a hard coded, trusted path. It is not a user input
- // Suppressed warning count - 1
- private JSONObject handleDiscovery(HttpServletRequest request, HttpServletResponse response, HttpHeaders headers)
- throws CIBAAuthenticationEndpointException {
-
- List authHeaders = headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
- String userToken = null;
- // Make the API call with user's access token
- if (authHeaders.size() != 0) {
- userToken = authHeaders.get(0);
- }
- String registrationUrl = CarbonUtils.getCarbonServerUrl() +
- CIBAAuthenticationEndpointConstants.DEVICE_REGISTRATION_URL;
- HttpUriRequest deviceRegistrationRequest = new HttpGet(registrationUrl);
- deviceRegistrationRequest.setHeader(CIBAAuthenticationEndpointConstants.AUTH_HEADER_NAME, userToken);
- JSONObject deviceRegistrationData = sendRequest(deviceRegistrationRequest);
- // Change authentication endpoint to OB CIBA webapp as it handles the CIBA authenticate call
- deviceRegistrationData.put(CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT,
- CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT_URL_PREFIX
- + deviceRegistrationData.getAsString(
- CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT));
- return deviceRegistrationData;
- }
-
- public JSONObject sendRequest(HttpUriRequest request)
- throws CIBAAuthenticationEndpointException {
-
- String responseStr = null;
- try {
- CloseableHttpClient client = HTTPClientUtils.getHttpsClient();
- HttpResponse response = client.execute(request);
- responseStr = EntityUtils.toString(response.getEntity());
-
- if ((response.getStatusLine().getStatusCode() / 100) != 2) {
- if (response.getStatusLine().getStatusCode() == HttpURLConnection.HTTP_UNAUTHORIZED) {
- log.debug("Received unauthorized(401) response. body: " + responseStr);
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_UNAUTHORIZED,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_UNAUTHORIZED.getMessage(),
- "Received unauthorized Response: " + responseStr);
- }
- } else {
- // received success (200 range) response
- Object responseJSON;
- try {
- responseJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(responseStr);
- if (!(responseJSON instanceof JSONObject)) {
- log.error("Discovery call response is not a JSON object");
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(),
- "Discovery call response is not a JSON object");
- }
- } catch (net.minidev.json.parser.ParseException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(),
- "Unable to parse the response", e);
- }
-
- JSONObject responseData = (JSONObject) responseJSON;
- return responseData;
- }
-
- } catch (IOException e) {
- log.error("Exception occurred while reading request. Caused by, ", e);
- } catch (OpenBankingException e) {
- log.error("Exception occurred while generating http client. Caused by, ", e);
- }
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(),
- "Unexpected response received for the request. path: " +
- request.getURI() + " response:" + responseStr);
- }
-
- /**
- * Initialize consent builder.
- */
- private static synchronized void initializeConsentSteps() {
-
- if (consentRetrievalSteps == null || consentPersistSteps == null) {
- ConsentStepsBuilder consentStepsBuilder = ConsentExtensionExporter.getConsentStepsBuilder();
-
- if (consentStepsBuilder != null) {
- consentRetrievalSteps = consentStepsBuilder.getConsentRetrievalSteps();
- consentPersistSteps = consentStepsBuilder.getConsentPersistSteps();
- }
-
- if (consentRetrievalSteps != null && !consentRetrievalSteps.isEmpty()) {
- log.info("Consent retrieval steps are not null or empty");
- } else {
- log.warn("Consent retrieval steps are null or empty");
- }
- if (consentPersistSteps != null && !consentPersistSteps.isEmpty()) {
- log.info("Consent persist steps are not null or empty");
- } else {
- log.warn("Consent persist steps are null or empty");
- }
- } else {
- log.debug("Retrieval and persist steps are available");
- }
- }
-
- /**
- * Persist user consent data.
- *
- * @param request HTTP request
- * @param response HTTP response
- * @param sessionDataKey Session Data Key
- * @param payload Json payload
- * @throws ConsentException
- */
- private static void persistConsent(HttpServletRequest request, HttpServletResponse response,
- String sessionDataKey, JSONObject payload) throws ConsentException {
-
- ConsentData consentData = ConsentCache.getConsentDataFromCache(sessionDataKey);
- if (consentData == null) {
- throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR, "Unable to get consent data");
- }
-
- if (payload == null) {
- throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR,
- "Payload unavailable", consentData.getState());
- }
-
- boolean approval;
- if (payload.containsKey(CIBAAuthenticationEndpointConstants.APPROVAL)) {
- try {
- if (payload.get(CIBAAuthenticationEndpointConstants.APPROVAL) instanceof Boolean) {
- approval = (Boolean) payload.get(CIBAAuthenticationEndpointConstants.APPROVAL);
- } else {
- approval = Boolean.parseBoolean((String) payload.get(CIBAAuthenticationEndpointConstants.APPROVAL));
- }
- } catch (ClassCastException e) {
- log.error("Error while processing consent persistence authorize", e);
- throw new ConsentException(ResponseStatus.BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_PERSIST_INVALID_AUTHORIZE.getMessage());
- }
- } else {
- throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_PERSIST_APPROVAL_MANDATORY.getMessage(),
- consentData.getState());
- }
-
- Map headers = ConsentExtensionUtils.getHeaders(request);
- ConsentPersistData consentPersistData = new ConsentPersistData(payload, headers, approval, consentData);
-
- executePersistence(consentPersistData);
-
- if (!approval) {
- throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.ACCESS_DENIED,
- "User denied the consent", consentData.getState());
- }
-
- }
-
- /**
- * Execute consent persistence.
- *
- * @param consentPersistData Consent Persistence data
- * @throws ConsentException
- */
- private static void executePersistence(ConsentPersistData consentPersistData) throws ConsentException {
-
- for (ConsentPersistStep step : consentPersistSteps) {
- if (log.isDebugEnabled()) {
- log.debug("Executing persistence step " + step.getClass().toString());
- }
- step.execute(consentPersistData);
- }
- }
-
- /**
- * Handles authentication request received from mobile app.
- *
- * @param request HTTP request
- * @param response HTTP response
- * @throws CIBAAuthenticationEndpointException
- */
- public static void handleMobileResponse(HttpServletRequest request, HttpServletResponse response)
- throws CIBAAuthenticationEndpointException {
-
- setCIBAExtension();
-
- String responseJsonString;
- try {
- responseJsonString = IOUtils.toString(request.getInputStream());
- } catch (IOException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(),
- "Error in reading the request", e);
- }
-
- if (log.isDebugEnabled()) {
- log.debug("CIBA authenticate call from mobile received: " + responseJsonString);
- }
-
- Object responseDataJSON;
- try {
- responseDataJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(responseJsonString);
- if (!(responseDataJSON instanceof JSONObject)) {
- log.error("response is not a JSON object");
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(),
- "response is not a JSON object");
- }
- } catch (net.minidev.json.parser.ParseException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(),
- "Unable to parse the response", e);
- }
-
- JSONObject responseData = (JSONObject) responseDataJSON;
- String token = responseData.getAsString(CIBAAuthenticationEndpointConstants.AUTH_RESPONSE);
-
- if (StringUtils.isEmpty(token)) {
- if (log.isDebugEnabled()) {
- log.debug(CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND);
- }
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND
- .getCode(),
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND
- .getMessage());
- } else {
- String deviceId = getDeviceIdFromToken(token);
- String sessionDataKey = getSessionDataKeyFromToken(token, deviceId);
-
- if (StringUtils.isEmpty(sessionDataKey)) {
- String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages
- .ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND + deviceId;
- if (log.isDebugEnabled()) {
- log.debug(errorMessage);
- }
-
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND
- .getCode(),
- errorMessage);
- } else {
- addToContext(sessionDataKey, token);
-
- try {
- processAuthenticationRequest(request, response, sessionDataKey);
- } catch (AuthenticationFailedException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(),
- "Authentication Failed", e);
- }
-
- response.setStatus(HttpServletResponse.SC_ACCEPTED);
-
- log.info("Completed processing authentication request from mobile app for session data key "
- + sessionDataKey);
-
- }
- }
- }
-
- /**
- * Retrieve the config for CIBA consent persistence toolkit extension class for.
- */
- private static void setCIBAExtension() {
-
- try {
- cibaAuthenticationEndpointInterfaceTK = (CIBAAuthenticationEndpointInterface)
- Class.forName(OpenBankingConfigParser.getInstance()
- .getCibaServletExtension()).getDeclaredConstructor().newInstance();
- } catch (InstantiationException | IllegalAccessException |
- InvocationTargetException | NoSuchMethodException | ClassNotFoundException e) {
- log.error("CIBA Webapp extension not found", e);
- }
- }
-
- /**
- * Process authentication request received from mobile app.
- *
- * @param sessionDataKey Session Data Key
- * @throws CIBAAuthenticationEndpointException
- */
- protected static void processAuthenticationRequest(HttpServletRequest request,
- HttpServletResponse response, String sessionDataKey) throws
- AuthenticationFailedException, CIBAAuthenticationEndpointException {
-
- SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey);
-
- AuthenticatedUser user = cacheEntry.getLoggedInUser();
-
- PushAuthContextManager contextManager = new PushAuthContextManagerImpl();
- AuthenticationContext sessionContext = contextManager.getContext(sessionDataKey);
- AuthDataDTO authDataDTO = (AuthDataDTO) sessionContext
- .getProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA);
-
- String authResponseToken = authDataDTO.getAuthToken();
- String serverChallenge = authDataDTO.getChallenge();
-
- String deviceId = getDeviceIdFromToken(authResponseToken);
- String publicKey = getPublicKey(deviceId);
-
- PushJWTValidator validator = new PushJWTValidator();
- JWTClaimsSet claimsSet;
- try {
- claimsSet = validator.getValidatedClaimSet(authResponseToken, publicKey);
- } catch (PushAuthTokenValidationException e) {
- String errorMessage = String
- .format("Error occurred when trying to validate the JWT signature from device: %s of user: %s.",
- deviceId, user.toFullQualifiedUsername());
- throw new AuthenticationFailedException(errorMessage, e);
- }
- if (claimsSet != null) {
- if (validator.validateChallenge(claimsSet, serverChallenge, deviceId)) {
- String authStatus;
- String metadataJsonString;
- JSONArray accountIds;
- try {
- authStatus =
- validator.getClaimFromClaimSet(claimsSet,
- CIBAAuthenticationEndpointConstants.TOKEN_RESPONSE, deviceId);
- metadataJsonString = (validator.getClaimFromClaimSet(claimsSet,
- CIBAAuthenticationEndpointConstants.METADATA, deviceId));
-
- Object metadataJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(metadataJsonString);
- if (!(metadataJSON instanceof JSONObject)) {
- log.error("metadata is not a JSON object");
- throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR,
- "metadata is not a JSON object");
- }
- JSONObject metadata = (JSONObject) metadataJSON;
-
- accountIds =
- (JSONArray) metadata.get(CIBAAuthenticationEndpointConstants.METADATA_ACCOUNT_IDS);
- } catch (PushAuthTokenValidationException | net.minidev.json.parser.ParseException e) {
- String errorMessage = "Error in getting claims from the auth response token received from device: "
- + deviceId;
- throw new AuthenticationFailedException(errorMessage, e);
- }
-
- boolean approval;
- if (authStatus.equals(CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_SUCCESS)) {
- approval = true;
- } else if (authStatus.equals(CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_DENIED)) {
- approval = false;
- } else {
- log.error("Invalid authorization status :" + authStatus);
- String errorMessage = "Authentication failed! Incorrect auth status " + authStatus + " for user " +
- user.toFullQualifiedUsername();
- throw new AuthenticationFailedException(errorMessage);
- }
-
- JSONObject payload = new JSONObject();
- payload.put(CIBAAuthenticationEndpointConstants.APPROVAL, approval);
- // Authorize call is skipped in consent persist call in CIBA
- payload.put(CIBAAuthenticationEndpointConstants.AUTHORIZE, false);
- payload.put(CIBAAuthenticationEndpointConstants.ACCOUNT_IDS, accountIds);
-
- // add TK data
- if (cibaAuthenticationEndpointInterfaceTK != null) {
- payload = cibaAuthenticationEndpointInterfaceTK
- .updateConsentData(payload);
- }
-
- persistConsent(request, response, sessionDataKey, payload);
- persistAuthorization(sessionDataKey, authStatus);
- } else {
- String errorMessage = String
- .format("Authentication failed! JWT challenge validation for device: %s of user: %s.",
- deviceId, user);
- throw new AuthenticationFailedException(errorMessage);
- }
-
- } else {
- String errorMessage = String
- .format("Authentication failed! JWT signature is not valid for device: %s of user: %s.",
- deviceId, user);
- throw new AuthenticationFailedException(errorMessage);
- }
-
- try {
- contextManager.clearContext(validator.getClaimFromClaimSet(claimsSet,
- CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY, deviceId));
- } catch (PushAuthTokenValidationException e) {
- String errorMessage = "Error in getting claim " +
- CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY + " from the auth response token " +
- "received from device: " + deviceId;
- throw new AuthenticationFailedException(errorMessage, e);
- }
- }
-
- /**
- * Persist authorization response.
- *
- * @param sessionDataKey Session Data Key
- * @param authStatus User action for the authorization request
- * @throws CIBAAuthenticationEndpointException
- */
- public static void persistAuthorization(String sessionDataKey, String authStatus)
- throws CIBAAuthenticationEndpointException {
-
- SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey);
-
- if (cacheEntry != null) {
- AuthenticatedUser user = cacheEntry.getLoggedInUser();
- OAuth2Parameters oAuth2Parameters = cacheEntry.getoAuth2Parameters();
- String nonce = oAuth2Parameters.getNonce();
-
- try {
- if (CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_SUCCESS.equals(authStatus)) {
- String authCodeKey = CibaDAOFactory.getInstance().getCibaAuthMgtDAO().getCibaAuthCodeKey(nonce);
-
- // Update successful authentication.
- CibaDAOFactory.getInstance().getCibaAuthMgtDAO()
- .persistAuthenticationSuccess(authCodeKey, user);
- } else if (CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_DENIED.equals(authStatus)) {
- String authCodeKey = CibaDAOFactory.getInstance().getCibaAuthMgtDAO().getCibaAuthCodeKey(nonce);
- CibaDAOFactory.getInstance().getCibaAuthMgtDAO().updateStatus(authCodeKey, AuthReqStatus.FAILED);
- } else {
- String errorMessage = "Invalid authorization status: " + authStatus;
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(),
- errorMessage);
- }
- } catch (CibaCoreException e) {
- String errorMessage = "Error while persisting CIBA auth status for session data key " + sessionDataKey;
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(),
- errorMessage, e);
- }
- }
- }
-
- /**
- * Derive the Device ID from the auth response token header.
- *
- * @param token Auth response token
- * @return Device ID
- * @throws CIBAAuthenticationEndpointException if the token string fails to parse to JWT
- */
- protected static String getDeviceIdFromToken(String token) throws CIBAAuthenticationEndpointException {
-
- try {
- return String.valueOf(JWTParser.parse(token).getHeader().getCustomParam(
- CIBAAuthenticationEndpointConstants.TOKEN_DEVICE_ID));
- } catch (ParseException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_DEVICE_ID_FAILED.getCode(),
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_DEVICE_ID_FAILED.getMessage(),
- e);
- }
- }
-
- /**
- * Derive the SessionDataKey from the auth response token.
- *
- * @param token Auth response token
- * @param deviceId Unique ID of the device trying to authenticate
- * @return SessionDataKey
- * @throws CIBAAuthenticationEndpointException if the auth response token fails to parse to JWT or the public key
- * for the device is not retrieved or if the token is not valid
- */
- private static String getSessionDataKeyFromToken(String token, String deviceId) throws
- CIBAAuthenticationEndpointException {
-
- DeviceHandler deviceHandler = new DeviceHandlerImpl();
- PushJWTValidator validator = new PushJWTValidator();
-
- try {
- String publicKey = deviceHandler.getPublicKey(deviceId);
- JWTClaimsSet claimsSet = validator.getValidatedClaimSet(token, publicKey);
- return claimsSet.getStringClaim(CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY);
- } catch (PushDeviceHandlerServerException | PushDeviceHandlerClientException e) {
- String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_PUBLIC_KEY_FAILED
- .toString() + deviceId;
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_PUBLIC_KEY_FAILED.getCode(),
- errorMessage, e);
- } catch (PushAuthTokenValidationException e) {
- String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_TOKEN_VALIDATION_FAILED
- .toString() + deviceId;
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_TOKEN_VALIDATION_FAILED.getCode(),
- errorMessage, e);
- } catch (ParseException e) {
- throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR,
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_PARSE_JWT_FAILED.getCode(),
- CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_PARSE_JWT_FAILED.getMessage(), e);
- }
- }
-
- /**
- * Add the received auth response token to the authentication context.
- *
- * @param sessionDataKey Unique key to identify the session
- * @param token Auth response token
- */
- private static void addToContext(String sessionDataKey, String token) {
-
- PushAuthContextManager contextManager = new PushAuthContextManagerImpl();
- AuthenticationContext context = contextManager.getContext(sessionDataKey);
-
- AuthDataDTO authDataDTO = (AuthDataDTO) context
- .getProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA);
- authDataDTO.setAuthToken(token);
- context.setProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA, authDataDTO);
- contextManager.storeContext(sessionDataKey, context);
- }
-
- /**
- * Get the public key for the device by the device ID.
- *
- * @param deviceId Unique ID for the device
- * @return Public key string
- * @throws AuthenticationFailedException if an error occurs while getting the public key
- */
- protected static String getPublicKey(String deviceId) throws AuthenticationFailedException {
-
- DeviceHandler deviceHandler = new DeviceHandlerImpl();
- try {
- return deviceHandler.getPublicKey(deviceId);
- } catch (PushDeviceHandlerServerException | PushDeviceHandlerClientException e) {
- throw new AuthenticationFailedException("Error occurred when trying to get the public key for device: "
- + deviceId + ".");
- }
- }
-
-}
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java
deleted file mode 100644
index 59d44e41..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.api;
-
-/**
- * Constants for CIBA authentication endpoint.
- */
-@Deprecated
-public class CIBAAuthenticationEndpointConstants {
-
- // request related constants
- public static final String AUTH_RESPONSE = "authResponse";
- public static final String TOKEN_DEVICE_ID = "did";
- public static final String TOKEN_SESSION_DATA_KEY = "sid";
- public static final String CONTEXT_AUTH_DATA = "authData";
- public static final String TOKEN_RESPONSE = "res";
- public static final String METADATA = "mta";
- public static final String AUTH_REQUEST_STATUS_SUCCESS = "SUCCESSFUL";
- public static final String AUTH_REQUEST_STATUS_DENIED = "DENIED";
-
- // device registration related constants
- public static final String DEVICE_REGISTRATION_URL = "/api/users/v1/me/push-auth/discovery-data";
- public static final String AUTHENTICATION_ENDPOINT_URL_PREFIX = "/api/openbanking/ciba";
- public static final String AUTHENTICATION_ENDPOINT = "ae";
- public static final String AUTH_HEADER_NAME = "Authorization";
-
- // consent related constants
- public static final String APPROVAL = "approval";
- public static final String AUTHORIZE = "authorize";
- public static final String ACCOUNT_IDS = "accountIds";
- public static final String METADATA_ACCOUNT_IDS = "approvedAccountIds";
-
- /**
- * Enum which contains error codes and corresponding error messages.
- */
- public enum ErrorMessages {
-
- ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND(
- "PBA-15001",
- "The request did not contain an authentication response token"
- ),
- ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND(
- "PBA-15002",
- "Session data key is not present in the authentication response token received from device: "
- ),
- ERROR_CODE_GET_DEVICE_ID_FAILED(
- "PBA-15003",
- "Error occurred when extracting the auth response token."
- ),
- ERROR_CODE_GET_PUBLIC_KEY_FAILED(
- "PBA-15004",
- "Error occurred when trying to get the public key from device: "
- ),
- ERROR_CODE_TOKEN_VALIDATION_FAILED(
- "PBA-15005",
- "Error occurred when validating auth response token from device: "
- ),
- ERROR_CODE_PARSE_JWT_FAILED(
- "PBA-15006",
- "Error occurred when parsing auth response token to JWT."
- ),
- ERROR_PERSIST_INVALID_AUTHORIZE(
- "400", "Invalid value for authorize. Should be true/false"
- ),
- ERROR_PERSIST_APPROVAL_MANDATORY(
- "400", "Mandatory body parameter approval is unavailable"
- ),
- ERROR_CODE_SERVER_ERROR(
- "500", "internal server error"
- ),
- ERROR_CODE_BAD_REQUEST(
- "400", "Bad Request"
- ),
- ERROR_CODE_UNAUTHORIZED(
- "401", "Unauthorized"
- );
-
- private final String code;
- private final String message;
-
- ErrorMessages(String code, String message) {
-
- this.code = code;
- this.message = message;
- }
-
- public String getCode() {
-
- return code;
- }
-
- public String getMessage() {
-
- return message;
- }
-
- @Override
- public String toString() {
-
- return code + " - " + message;
- }
- }
-}
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java
deleted file mode 100644
index 2440e09d..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
- *
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.exception;
-
-import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
-
-/**
- * Exception for CIBA authentication endpoint.
- */
-@Deprecated
-public class CIBAAuthenticationEndpointException extends OpenBankingException {
-
- private String errorDescription;
- private String errorCode;
- private int httpStatusCode;
-
- public int getHttpStatusCode() {
-
- return httpStatusCode;
- }
-
- public void setHttpStatusCode(int httpStatusCode) {
-
- this.httpStatusCode = httpStatusCode;
- }
-
- public String getErrorDescription() {
-
- return errorDescription;
- }
-
- public void setErrorDescription(String errorDescription) {
-
- this.errorDescription = errorDescription;
- }
-
- public String getErrorCode() {
-
- return errorCode;
- }
-
- public void setErrorCode(String errorCode) {
-
- this.errorCode = errorCode;
- }
-
- public CIBAAuthenticationEndpointException(int httpStatusCode, String errorCode, String errorDescription,
- Throwable e) {
-
- super(errorDescription, e);
- this.errorDescription = errorDescription;
- this.errorCode = errorCode;
- this.httpStatusCode = httpStatusCode;
-
- }
-
- public CIBAAuthenticationEndpointException(int httpStatusCode, String errorCode, String errorDescription) {
-
- super(errorDescription);
- this.errorDescription = errorDescription;
- this.errorCode = errorCode;
- this.httpStatusCode = httpStatusCode;
- }
-}
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml
deleted file mode 100644
index 8932a22e..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-
-
-
-
-
-
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf
deleted file mode 100644
index 9d885be5..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf
+++ /dev/null
@@ -1 +0,0 @@
-Manifest-Version: 1.0
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml
deleted file mode 100644
index b212826c..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-
-
-
-
-
-
-
-
- false
-
-
- Carbon,CXF3
-
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index bd83ba12..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 231ed2d8..00000000
--- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,69 +0,0 @@
-
-
-
-
-
- WSO2 Open Banking - CIBA Authentication Endpoint
- WSO2 Open Banking - CIBA Authentication Endpoint
-
-
- contextConfigLocation
- WEB-INF/beans.xml
-
-
-
- HttpHeaderSecurityFilter
- org.apache.catalina.filters.HttpHeaderSecurityFilter
-
- hstsEnabled
- false
-
-
-
-
- HttpHeaderSecurityFilter
- *
-
-
-
-
- org.springframework.web.context.ContextLoaderListener
-
-
-
-
- CXFServlet
-
- org.apache.cxf.transport.servlet.CXFServlet
-
- 1
-
-
-
- CXFServlet
- /*
-
-
-
- 60
-
-
diff --git a/open-banking-accelerator/pom.xml b/open-banking-accelerator/pom.xml
index 8d0a234c..4231a14f 100644
--- a/open-banking-accelerator/pom.xml
+++ b/open-banking-accelerator/pom.xml
@@ -45,7 +45,6 @@
components/ob-throttler/com.wso2.openbanking.accelerator.throttler.service
components/event-notifications/com.wso2.openbanking.accelerator.event.notifications.service
components/account-metadata/com.wso2.openbanking.accelerator.account.metadata.service
- internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint
internal-apis/internal-webapps/com.wso2.openbanking.accelerator.consent.endpoint
internal-apis/internal-webapps/com.wso2.openbanking.accelerator.dcr.endpoint
internal-apis/internal-webapps/com.wso2.openbanking.authentication.webapp