diff --git a/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2 b/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2 index aef587b1..3f9148e4 100644 --- a/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2 +++ b/open-banking-accelerator/accelerators/ob-is/carbon-home/repository/resources/conf/templates/repository/conf/open-banking.xml.j2 @@ -141,17 +141,6 @@ - - {% if open_banking.identity.ciba_webapp.servlet_extension is defined %} - - {{open_banking.identity.ciba_webapp.servlet_extension}} - - {% else %} - - com.wso2.openbanking.accelerator.consent.extensions.ciba.impl.CIBAAuthenticationEndpointDefaultImpl - - {% endif %} - {% if open_banking.identity.ciba.auth_web_link.redirect_endpoint is defined %} diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java index a878a18c..62c25ffc 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/CIBAConstants.java @@ -21,7 +21,6 @@ /** * CIBA Test Constants class. */ -@Deprecated public class CIBAConstants { public static final String INVALID_REQUEST = "invalid_request"; diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java index c6c8339a..b01a769e 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/main/java/com.wso2.openbanking.accelerator.ciba/OBCIBASignatureAlgorithmEnforcementValidator.java @@ -28,7 +28,6 @@ /** * CIBA Signature Algorithm Enforcer class */ -@Deprecated public class OBCIBASignatureAlgorithmEnforcementValidator extends SignatureAlgorithmEnforcementValidator { /** diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java index a1c633e8..e3cabab2 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.ciba/src/test/java/com/wso2/openbanking/accelerator/ciba/OBCIBARequestObjectValidationExtensionTest.java @@ -43,7 +43,6 @@ /** * Test class for OBCIBARequestObjectValidationExtension. */ -@Deprecated @PowerMockIgnore("jdk.internal.reflect.*") @PrepareForTest({JWTClaimsSet.class, OAuth2Parameters.class, RequestObject.class, JSONObject.class, IdentityExtensionsDataHolder.class}) diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java index 94ad38a2..884d1bf8 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/main/java/com/wso2/openbanking/accelerator/common/config/OpenBankingConfigParser.java @@ -885,18 +885,6 @@ public String getAuthServletExtension() { ((String) getConfigElementFromKey(OpenBankingConstants.AUTH_SERVLET_EXTENSION)).trim(); } - /** - * Gets the configured CIBA servlet extention implementation. - * - * @deprecated will be removed in the future versions when moving to newer ciba implementation. - * @return - */ - @Deprecated - public String getCibaServletExtension() { - return getConfigElementFromKey(OpenBankingConstants.CIBA_SERVLET_EXTENSION) == null ? "" : - ((String) getConfigElementFromKey(OpenBankingConstants.CIBA_SERVLET_EXTENSION)).trim(); - } - public String getJWKSConnectionTimeOut() { return getConfigElementFromKey(OpenBankingConstants.DCR_JWKS_CONNECTION_TIMEOUT) == null ? "3000" : diff --git a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java index ddb56045..4bec849a 100644 --- a/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java +++ b/open-banking-accelerator/components/com.wso2.openbanking.accelerator.common/src/test/java/com/wso2/openbanking/accelerator/common/test/OBConfigParserTests.java @@ -196,16 +196,6 @@ public void testGetAuthServletExtension() { Assert.assertEquals(authServletExtension, "sampleServletExtension"); } - @Test (priority = 11) - public void testGetEmptyCibaServletExtension() { - - String dummyConfigFile = absolutePathForTestResources + "/open-banking.xml"; - String authServletExtension = OpenBankingConfigParser.getInstance(dummyConfigFile) - .getCibaServletExtension(); - - Assert.assertEquals(authServletExtension, "sampleCIBAServletExtension"); - } - @Test (priority = 12) public void testGetJWKSConnectionTimeout() { diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java deleted file mode 100644 index d196064c..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticator.java +++ /dev/null @@ -1,366 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator; - -import com.wso2.openbanking.accelerator.common.exception.ConsentManagementException; -import com.wso2.openbanking.accelerator.common.exception.OpenBankingException; -import com.wso2.openbanking.accelerator.common.util.Generated; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.builder.ConsentStepsBuilder; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistStep; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentRetrievalStep; -import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointErrorResponse; -import com.wso2.openbanking.accelerator.consent.extensions.common.AuthErrorCode; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentException; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils; -import com.wso2.openbanking.accelerator.consent.extensions.common.ResponseStatus; -import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil; -import net.minidev.json.JSONObject; -import org.apache.commons.lang.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCache; -import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheEntry; -import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheKey; -import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; -import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; -import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; -import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; -import org.wso2.carbon.identity.application.authenticator.push.PushAuthenticator; -import org.wso2.carbon.identity.application.authenticator.push.common.PushAuthContextManager; -import org.wso2.carbon.identity.application.authenticator.push.common.impl.PushAuthContextManagerImpl; -import org.wso2.carbon.identity.application.common.model.ServiceProvider; -import org.wso2.carbon.identity.oauth.cache.SessionDataCache; -import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry; -import org.wso2.carbon.identity.oauth.cache.SessionDataCacheKey; -import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters; - -import java.io.Serializable; -import java.io.UnsupportedEncodingException; -import java.net.URI; -import java.net.URISyntaxException; -import java.net.URLDecoder; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - - -/** - * CIBA Push Authenticator for sending push notifications to authentication device. - */ -@Deprecated -public class CIBAPushAuthenticator extends PushAuthenticator { - - private static final Log log = LogFactory.getLog(CIBAPushAuthenticator.class); - private static final long serialVersionUID = 6106269076155338045L; - - private static List consentRetrievalSteps = null; - private static List consentPersistSteps = null; - - public CIBAPushAuthenticator() { - initializeConsentSteps(); - } - - @Override - public String getFriendlyName() { - - return CIBAPushAuthenticatorConstants.AUTHENTICATOR_FRIENDLY_NAME; - } - - @Override - public String getName() { - - return CIBAPushAuthenticatorConstants.AUTHENTICATOR_NAME; - } - - /** - * Initialize consent builder. - */ - public static synchronized void initializeConsentSteps() { - - if (consentRetrievalSteps == null || consentPersistSteps == null) { - ConsentStepsBuilder consentStepsBuilder = ConsentExtensionExporter.getConsentStepsBuilder(); - - if (consentStepsBuilder != null) { - consentRetrievalSteps = consentStepsBuilder.getConsentRetrievalSteps(); - consentPersistSteps = consentStepsBuilder.getConsentPersistSteps(); - } - - if (consentRetrievalSteps != null && !consentRetrievalSteps.isEmpty()) { - log.info("Consent retrieval steps are not null or empty"); - } else { - log.warn("Consent retrieval steps are null or empty"); - } - if (consentPersistSteps != null && !consentPersistSteps.isEmpty()) { - log.info("Consent persist steps are not null or empty"); - } else { - log.warn("Consent persist steps are null or empty"); - } - } else { - log.debug("Retrieval and persist steps are available"); - } - } - - /** - * Execute consent retrieval steps. - * - * @param consentData Consent Data - * @param jsonObject Json object to store consent data - * @throws ConsentException when an error occurs while executing retrieval steps - */ - protected void executeRetrieval(ConsentData consentData, JSONObject jsonObject) throws ConsentException { - - for (ConsentRetrievalStep step : consentRetrievalSteps) { - if (log.isDebugEnabled()) { - log.debug("Executing retrieval step " + step.getClass().toString()); - } - step.execute(consentData, jsonObject); - } - } - - /** - * Retrieve consent. - * - * @param request HTTP request - * @param response HTTP response - * @param sessionDataKey Session data key - * @return Consent data - * @throws ConsentException when an error occurs while retrieving consent - */ - protected JSONObject retrieveConsent(HttpServletRequest request, HttpServletResponse response, - String sessionDataKey) throws ConsentException { - - String loggedInUser; - String app; - String spQueryParams; - String scopeString; - - SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey); - OAuth2Parameters oAuth2Parameters = cacheEntry.getoAuth2Parameters(); - URI redirectURI; - try { - redirectURI = new URI(oAuth2Parameters.getRedirectURI()); - } catch (URISyntaxException e) { - //Unlikely to happen. In case it happens, error response is sent - throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR, "Invalid redirect URI"); - } - //Extracting client ID for regulatory identification and redirect URI for error redirects - String clientId = oAuth2Parameters.getClientId(); - String state = oAuth2Parameters.getState(); - - Map sensitiveDataMap = - ConsentExtensionUtils.getSensitiveDataWithConsentKey(sessionDataKey); - - if ("false".equals(sensitiveDataMap.get(CIBAPushAuthenticatorConstants.IS_ERROR))) { - loggedInUser = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.LOGGED_IN_USER); - app = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.APPLICATION); - spQueryParams = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.SP_QUERY_PARAMS); - scopeString = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.SCOPE); - } else { - String isError = (String) sensitiveDataMap.get(CIBAPushAuthenticatorConstants.IS_ERROR); - //Have to throw standard error because cannot access redirect URI with this error - log.error("Error while getting endpoint parameters. " + isError); - throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR, - CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state); - } - - JSONObject jsonObject = new JSONObject(); - ConsentData consentData = createConsentData(sessionDataKey, loggedInUser, spQueryParams, scopeString, app, - request); - consentData.setSensitiveDataMap(sensitiveDataMap); - consentData.setRedirectURI(redirectURI); - - if (clientId == null) { - log.error("Client Id not available"); - //Unlikely error. Included just in case. - throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR, - CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state); - } - consentData.setClientId(clientId); - consentData.setState(state); - - try { - consentData.setRegulatory(IdentityCommonUtil.getRegulatoryFromSPMetaData(clientId)); - } catch (OpenBankingException e) { - log.error("Error while getting regulatory data", e); - throw new ConsentException(redirectURI, AuthErrorCode.SERVER_ERROR, "Error while obtaining regulatory data", - state); - } - - executeRetrieval(consentData, jsonObject); - if (consentData.getType() == null || consentData.getApplication() == null) { - log.error(CIBAPushAuthenticatorConstants.ERROR_NO_TYPE_AND_APP_DATA); - throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR, - CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state); - } - ConsentExtensionUtils.setCommonDataToResponse(consentData, jsonObject); - try { - ConsentCache.addConsentDataToCache(sessionDataKey, consentData); - } catch (ConsentManagementException e) { - log.error("Error while adding consent data to cache", e); - throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR, - CIBAPushAuthenticatorConstants.ERROR_SERVER_ERROR, state); - } - return jsonObject; - } - - @Generated(message = "This method is separated for unit testing purposes") - protected ConsentData createConsentData(String sessionDataKey, String loggedInUser, String spQueryParams, - String scopeString, String app, HttpServletRequest request) { - return new ConsentData(sessionDataKey, loggedInUser, spQueryParams, scopeString, app, - ConsentExtensionUtils.getHeaders(request)); - } - - /** - * Get the authenticated user. - * - * @param request Push authenticator HTTP request - * @return Authenticated User - */ - @Override - protected AuthenticatedUser getAuthenticatedUser(HttpServletRequest request) { - - // In OB CIBA, only this Push Authenticator IDP is expected to be executed during the CIBA auth flow - // Hence, the login_hint attribute in the CIBA request object is used to identify the user - return AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(request. - getParameter(CIBAPushAuthenticatorConstants.LOGIN_HINT)); - } - - @Generated(message = "This method is separated for unit testing purposes") - protected AuthenticationContext getAutenticationContext(String sessionDataKey) { - PushAuthContextManager contextManager = new PushAuthContextManagerImpl(); - - return contextManager.getContext(sessionDataKey); - } - - /** - * OB specific implementation to retrieve consent data. - * @param sessionDataKey Session data key - * @return consent data - * @throws AuthenticationFailedException Authentication failed exception - */ - @Override - protected Optional getAdditionalInfo(HttpServletRequest request, HttpServletResponse response, - String sessionDataKey) throws AuthenticationFailedException { - - AuthenticationContext context = getAutenticationContext(sessionDataKey); - - // update the authentication context with required values for OB specific requirements - try { - String queryParams = FrameworkUtils - .getQueryStringWithFrameworkContextId(context.getQueryParams(), context.getCallerSessionKey(), - context.getContextIdentifier()); - Map params = splitQuery(queryParams); - handlePreConsent(context, params); - } catch (UnsupportedEncodingException e) { - throw new AuthenticationFailedException("Error occurred when processing the request object", e); - } - - SessionDataCacheKey cacheKey = ConsentCache.getCacheKey(sessionDataKey); - SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromCacheKey(cacheKey); - - cacheEntry.setLoggedInUser(context.getSubject()); - SessionDataCache.getInstance().addToCache(cacheKey, cacheEntry); - - // Authentication context is added to cache as it is obtained from the cache in a later step by the Parameter - // Resolver object - AuthenticationContextCache.getInstance().addToCache( - new AuthenticationContextCacheKey(sessionDataKey), new AuthenticationContextCacheEntry(context)); - - JSONObject additionalInfo = retrieveConsent(request, response, sessionDataKey); - String bindingMessage = request.getParameter(CIBAPushAuthenticatorConstants.BINDING_MESSAGE); - if (StringUtils.isNotEmpty(bindingMessage)) { - additionalInfo.put(CIBAPushAuthenticatorConstants.BINDING_MESSAGE, bindingMessage); - } - return Optional.ofNullable(additionalInfo.toJSONString()); - } - - /** - * set attributes to context which will be required to prompt the consent page. - * - * @param context authentication context - * @param params query params - */ - protected void handlePreConsent(AuthenticationContext context, Map params) { - ServiceProvider serviceProvider = context.getSequenceConfig().getApplicationConfig().getServiceProvider(); - - context.addEndpointParam(CIBAPushAuthenticatorConstants.LOGGED_IN_USER, - params.get(CIBAPushAuthenticatorConstants.LOGIN_HINT)); - context.addEndpointParam(CIBAPushAuthenticatorConstants.USER_TENANT_DOMAIN, - "@carbon.super"); - context.addEndpointParam(CIBAPushAuthenticatorConstants.REQUEST, - params.get(CIBAPushAuthenticatorConstants.REQUEST_OBJECT)); - context.addEndpointParam(CIBAPushAuthenticatorConstants.SCOPE, - params.get(CIBAPushAuthenticatorConstants.SCOPE)); - context.addEndpointParam(CIBAPushAuthenticatorConstants.APPLICATION, serviceProvider.getApplicationName()); - context.addEndpointParam(CIBAPushAuthenticatorConstants.CONSENT_PROMPTED, true); - context.addEndpointParam(CIBAPushAuthenticatorConstants.AUTH_REQ_ID, - context.getAuthenticationRequest().getRequestQueryParams() - .get(CIBAPushAuthenticatorConstants.NONCE)[0]); - } - - /** - * Returns a map of query parameters from the given query param string. - * @param queryParamsString HTTP request query parameters - * @return Query parameter map - * @throws UnsupportedEncodingException Unsupported encoding exception - */ - protected Map splitQuery(String queryParamsString) throws UnsupportedEncodingException { - final Map queryParams = new HashMap<>(); - final String[] pairs = queryParamsString.split("&"); - for (String pair : pairs) { - final int idx = pair.indexOf("="); - final String key = idx > 0 ? URLDecoder.decode(pair.substring(0, idx), "UTF-8") : pair; - final String value = - idx > 0 && pair.length() > idx + 1 ? URLDecoder.decode(pair.substring(idx + 1), "UTF-8") : null; - queryParams.put(key, value); - } - return queryParams; - } - - /** - * Extend this method to create error response on toolkits. Set necessary status codes and error payloads to - * CIBAAuthenticationEndpointErrorResponse. - * - * @param httpStatusCode Http status code - * @param errorCode Error code - * @param errorDescription Error description - * @return CIBAAuthenticationEndpointErrorResponse CIBA Authentication Endpoint Error Response - */ - public static CIBAAuthenticationEndpointErrorResponse createErrorResponse(int httpStatusCode, String errorCode, - String errorDescription) { - - CIBAAuthenticationEndpointErrorResponse cibaPushServletErrorResponse = - new CIBAAuthenticationEndpointErrorResponse(); - JSONObject errorResponse = new JSONObject(); - errorResponse.put(CIBAPushAuthenticatorConstants.ERROR_DESCRIPTION, errorDescription); - errorResponse.put(CIBAPushAuthenticatorConstants.ERROR, errorCode); - cibaPushServletErrorResponse.setPayload(errorResponse); - cibaPushServletErrorResponse.setHttpStatusCode(httpStatusCode); - - return cibaPushServletErrorResponse; - } - -} diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java deleted file mode 100644 index 275a1407..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorConstants.java +++ /dev/null @@ -1,50 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator; - -/** - * CIBA Push Authenticator Constants. - */ -@Deprecated -public class CIBAPushAuthenticatorConstants { - - public static final String AUTHENTICATOR_NAME = "ciba"; - public static final String AUTHENTICATOR_FRIENDLY_NAME = "CIBA Authenticator"; - public static final String REQUEST = "request"; - public static final String REQUEST_OBJECT = "request_object"; - public static final String BINDING_MESSAGE = "binding_message"; - - //Consent Related constants - public static final String LOGGED_IN_USER = "loggedInUser"; - public static final String USER_TENANT_DOMAIN = "userTenantDomain"; - public static final String SCOPE = "scope"; - public static final String APPLICATION = "application"; - public static final String CONSENT_PROMPTED = "consentPrompted"; - public static final String AUTH_REQ_ID = "auth_req_id"; - public static final String NONCE = "nonce"; - public static final String LOGIN_HINT = "login_hint"; - public static final String SP_QUERY_PARAMS = "spQueryParams"; - - // error constants - public static final String IS_ERROR = "isError"; - public static final String ERROR_SERVER_ERROR = "Internal server error"; - public static final String ERROR_NO_TYPE_AND_APP_DATA = "Type and application data is unavailable"; - public static final String ERROR_DESCRIPTION = "error_description"; - public static final String ERROR = "error"; -} diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java index 1fec9102..f75915ab 100644 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java +++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/weblink/CIBAWebLinkAuthenticatorExtensionImpl.java @@ -13,7 +13,6 @@ import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants; import com.wso2.openbanking.accelerator.common.exception.ConsentManagementException; import com.wso2.openbanking.accelerator.common.util.CarbonUtils; -import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticatorConstants; import com.wso2.openbanking.accelerator.consent.extensions.internal.ConsentExtensionsDataHolder; import com.wso2.openbanking.accelerator.consent.mgt.dao.models.AuthorizationResource; import com.wso2.openbanking.accelerator.consent.mgt.service.ConsentCoreService; @@ -40,6 +39,7 @@ public class CIBAWebLinkAuthenticatorExtensionImpl implements CIBAWebLinkAuthent private static final Log log = LogFactory.getLog(CIBAWebLinkAuthenticatorExtensionImpl.class); private static final ConsentCoreService consentCoreService = ConsentExtensionsDataHolder.getInstance().getConsentCoreService(); + public static final String LOGIN_HINT = "login_hint"; /** * Method to identify the user/users involved in the authentication. @@ -50,7 +50,7 @@ public class CIBAWebLinkAuthenticatorExtensionImpl implements CIBAWebLinkAuthent @Override public List getAuthenticatedUsers(HttpServletRequest request) { - return Arrays.stream(request.getParameter(CIBAPushAuthenticatorConstants.LOGIN_HINT) + return Arrays.stream(request.getParameter(LOGIN_HINT) .split(",")) .map(String::trim) .map(AuthenticatedUser::createLocalAuthenticatedUserFromSubjectIdentifier) diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java deleted file mode 100644 index 9cf8d2d9..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/impl/CIBAAuthenticationEndpointDefaultImpl.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.impl; - -import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointInterface; -import net.minidev.json.JSONObject; - -/** - * Implementation to extend CIBA push servlet consent persistence data. - */ -@Deprecated -public class CIBAAuthenticationEndpointDefaultImpl implements CIBAAuthenticationEndpointInterface { - - @Override - public JSONObject updateConsentData(JSONObject consentData) { - return consentData; - } - -} diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java deleted file mode 100644 index 15b108f9..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointErrorResponse.java +++ /dev/null @@ -1,51 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.model; - -import net.minidev.json.JSONObject; - -/** - * CIBA authentication endpoint error response. - */ -@Deprecated -public class CIBAAuthenticationEndpointErrorResponse { - - private int httpStatusCode = 0; - private JSONObject payload = null; - - public int getHttpStatusCode() { - - return httpStatusCode; - } - public void setHttpStatusCode(int httpStatusCode) { - - this.httpStatusCode = httpStatusCode; - } - - public JSONObject getPayload() { - - return payload; - } - public void setPayload(JSONObject payload) { - - this.payload = payload; - } - -} - diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java deleted file mode 100644 index 4909df8b..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/model/CIBAAuthenticationEndpointInterface.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.model; - -import net.minidev.json.JSONObject; - -/** - * The interface to extend CIBA push servlet consent persistence data. - */ -@Deprecated -public interface CIBAAuthenticationEndpointInterface { - - /** - * Set additional data to consent data. - * @param consentData consent data json object - * @return updated consent data json object - */ - JSONObject updateConsentData(JSONObject consentData); -} diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java index cf95f2c0..f4a21eef 100644 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java +++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/main/java/com/wso2/openbanking/accelerator/consent/extensions/internal/ConsentExtensionsComponent.java @@ -19,7 +19,6 @@ package com.wso2.openbanking.accelerator.consent.extensions.internal; import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigurationService; -import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticator; import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.weblink.CIBAWebLinkAuthenticator; import com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.weblink.notification.CIBAWebLinkNotificationHandler; import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter; @@ -60,10 +59,7 @@ protected void activate(ComponentContext context) { if (log.isDebugEnabled()) { log.debug("Periodical Consent Status Updater Started"); } - CIBAPushAuthenticator authenticator = new CIBAPushAuthenticator(); CIBAWebLinkAuthenticator cibaWebLinkAuthenticator = new CIBAWebLinkAuthenticator(); - context.getBundleContext().registerService(ApplicationAuthenticator.class.getName(), - authenticator, null); context.getBundleContext().registerService(ApplicationAuthenticator.class.getName(), cibaWebLinkAuthenticator, null); context.getBundleContext().registerService(AbstractEventHandler.class.getName(), diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java deleted file mode 100644 index ff5897cd..00000000 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/java/com/wso2/openbanking/accelerator/consent/extensions/ciba/authenticator/CIBAPushAuthenticatorTests.java +++ /dev/null @@ -1,259 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator; - -import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser; -import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigurationService; -import com.wso2.openbanking.accelerator.common.exception.OpenBankingException; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils; -import com.wso2.openbanking.accelerator.consent.extensions.internal.ConsentExtensionsDataHolder; -import com.wso2.openbanking.accelerator.consent.mgt.service.impl.ConsentCoreServiceImpl; -import com.wso2.openbanking.accelerator.identity.cache.IdentityCache; -import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil; -import net.minidev.json.JSONObject; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.testng.PowerMockTestCase; -import org.testng.annotations.DataProvider; -import org.testng.annotations.Test; -import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCache; -import org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig; -import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig; -import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; -import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest; -import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; -import org.wso2.carbon.identity.application.common.model.ServiceProvider; -import org.wso2.carbon.identity.oauth.cache.SessionDataCache; -import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry; -import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import static org.mockito.Mockito.doNothing; -import static org.mockito.Mockito.doReturn; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.spy; -import static org.mockito.Mockito.when; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.testng.Assert.assertEquals; -import static org.testng.Assert.assertNotNull; -import static org.testng.Assert.assertTrue; - -/** - * Test class for CIBAPushAuthenticator. - */ -@Deprecated -@PowerMockIgnore("jdk.internal.reflect.*") -@PrepareForTest({SessionDataCache.class, AuthenticationContextCache.class, ConsentExtensionUtils.class, - ConsentCache.class, ConsentData.class, IdentityCommonUtil.class, FrameworkUtils.class, - AuthenticationContext.class, SequenceConfig.class, ServiceProvider.class, ApplicationConfig.class, - AuthenticationRequest.class, SessionDataCacheEntry.class, IdentityCache.class, OAuth2Parameters.class, - HttpServletRequest.class, ConsentCoreServiceImpl.class, ConsentExtensionsDataHolder.class, - OpenBankingConfigurationService.class, OpenBankingConfigParser.class}) -public class CIBAPushAuthenticatorTests extends PowerMockTestCase { - - private final String dummyString = "dummyString"; - - @Mock - OpenBankingConfigurationService openBankingConfigurationService; - - @Mock - ConsentExtensionsDataHolder consentExtensionsDataHolder; - - @DataProvider(name = "splitQueryParams") - public Object[][] getSplitQueryParams() { - - String validQueryParms = "key1=val1&key2=val2"; - Map validQueryParamMap = new HashMap<>(); - validQueryParamMap.put("key1", "val1"); - validQueryParamMap.put("key2", "val2"); - - String invalidQueryParams = "key1:val1&key2:val2"; - Map invalidQueryParamMap = new HashMap<>(); - invalidQueryParamMap.put("key1:val1", null); - invalidQueryParamMap.put("key2:val2", null); - - return new Object[][]{ - {validQueryParms, validQueryParamMap}, - {invalidQueryParams, invalidQueryParamMap} - }; - } - - @Test(dataProvider = "splitQueryParams") - public void splitQueryValidQueryTest(String dummyQueryParms, Map queryParamMap) throws Exception { - CIBAPushAuthenticator cibaPushAuthenticator = new CIBAPushAuthenticator(); - Map splitQueryParamMap = cibaPushAuthenticator.splitQuery(dummyQueryParms); - - assertEquals(queryParamMap, splitQueryParamMap); - } - - @Test - public void handlePreConsentTest() { - AuthenticationContext mockAuthnCtxt = spy(AuthenticationContext.class); - - Map params = new HashMap() { - { - put(CIBAPushAuthenticatorConstants.LOGIN_HINT, dummyString); - put(CIBAPushAuthenticatorConstants.REQUEST_OBJECT, dummyString); - put(CIBAPushAuthenticatorConstants.SCOPE, dummyString); - } - }; - - Map queryParamMap = new HashMap<>(); - String[] queryParamArray = new String[1]; - queryParamArray[0] = dummyString; - queryParamMap.put(CIBAPushAuthenticatorConstants.NONCE, queryParamArray); - - SequenceConfig mockSequenceConfig = mock(SequenceConfig.class); - ApplicationConfig mockApplicationConfig = mock(ApplicationConfig.class); - ServiceProvider mockServiceProvider = mock(ServiceProvider.class); - AuthenticationRequest mockAuthenticationRequest = mock(AuthenticationRequest.class); - - when(mockAuthnCtxt.getSequenceConfig()).thenReturn(mockSequenceConfig); - when(mockSequenceConfig.getApplicationConfig()).thenReturn(mockApplicationConfig); - when(mockApplicationConfig.getServiceProvider()).thenReturn(mockServiceProvider); - when(mockServiceProvider.getApplicationName()).thenReturn(dummyString); - when(mockAuthnCtxt.getAuthenticationRequest()).thenReturn(mockAuthenticationRequest); - when(mockAuthenticationRequest.getRequestQueryParams()).thenReturn(queryParamMap); - - int initialSize = mockAuthnCtxt.getEndpointParams().size(); - CIBAPushAuthenticator cibaPushAuthenticator = new CIBAPushAuthenticator(); - cibaPushAuthenticator.handlePreConsent(mockAuthnCtxt, params); - int finalSize = mockAuthnCtxt.getEndpointParams().size(); - - assertTrue(finalSize > initialSize); - } - - @Test - public void setMetadataTest() throws Exception { - CIBAPushAuthenticator mockAuthenticator = spy(new CIBAPushAuthenticatorMock()); - - mockStatic(SessionDataCache.class); - mockStatic(AuthenticationContextCache.class); - mockStatic(FrameworkUtils.class); - - SessionDataCache sessionDataCache = mock(SessionDataCache.class); - SessionDataCacheEntry sessionDataCacheEntry = mock(SessionDataCacheEntry.class); - AuthenticationContextCache authenticationContextCache = mock(AuthenticationContextCache.class); - HttpServletRequest httpServletRequest = mock(HttpServletRequest.class); - HttpServletResponse httpServletResponse = mock(HttpServletResponse.class); - when(httpServletRequest.getParameter(CIBAPushAuthenticatorConstants.BINDING_MESSAGE)).thenReturn(dummyString); - - when(mockAuthenticator.splitQuery(Mockito.anyString())).thenReturn(new HashMap<>()); - when(FrameworkUtils.getQueryStringWithFrameworkContextId - (Mockito.anyObject(), Mockito.anyObject(), Mockito.anyObject())).thenReturn(dummyString); - when(SessionDataCache.getInstance()).thenReturn(sessionDataCache); - when(sessionDataCache.getValueFromCache(Mockito.anyObject())).thenReturn(sessionDataCacheEntry); - when(AuthenticationContextCache.getInstance()).thenReturn(authenticationContextCache); - - doNothing().when(mockAuthenticator).handlePreConsent(Mockito.anyObject(), Mockito.anyObject()); - doNothing().when(authenticationContextCache).addToCache(Mockito.anyObject(), Mockito.anyObject()); - JSONObject jsonObject = new JSONObject(); - jsonObject.put(dummyString, dummyString); - doReturn(jsonObject).when(mockAuthenticator).retrieveConsent(Mockito.anyObject(), - Mockito.anyObject(), Mockito.anyString()); - - assertNotNull(mockAuthenticator.getAdditionalInfo(httpServletRequest, httpServletResponse, - dummyString)); - } - - @Test - public void retrieveConsentTest() throws OpenBankingException { - - CIBAPushAuthenticator mockAuthenticator = spy(new CIBAPushAuthenticatorMock()); - Map configs = new HashMap<>(); - configs.put("Consent.PreserveConsentLink", "true"); - mockStatic(ConsentExtensionUtils.class); - mockStatic(ConsentCoreServiceImpl.class); - mockStatic(ConsentExtensionsDataHolder.class); - - OpenBankingConfigParser openBankingConfigParserMock = Mockito.mock(OpenBankingConfigParser.class); - Mockito.doReturn(configs).when(openBankingConfigParserMock).getConfiguration(); - PowerMockito.mockStatic(OpenBankingConfigParser.class); - PowerMockito.when(OpenBankingConfigParser.getInstance()).thenReturn(openBankingConfigParserMock); - - mockStatic(ConsentCache.class); - mockStatic(ConsentData.class); - mockStatic(IdentityCommonUtil.class); - - ConsentData consentData = mock(ConsentData.class); - IdentityCache identityCache = mock(IdentityCache.class); - SessionDataCacheEntry cacheEntry = mock(SessionDataCacheEntry.class); - OAuth2Parameters oAuth2Parameters = mock(OAuth2Parameters.class); - HttpServletRequest httpServletRequest = mock(HttpServletRequest.class); - IdentityCommonUtil identityCommonUtil = mock(IdentityCommonUtil.class); - - when(ConsentCache.getInstance()).thenReturn(identityCache); - when(ConsentCache.getCacheEntryFromSessionDataKey(Mockito.anyString())).thenReturn(cacheEntry); - when(cacheEntry.getoAuth2Parameters()).thenReturn(oAuth2Parameters); - when(oAuth2Parameters.getRedirectURI()).thenReturn(dummyString); - when(oAuth2Parameters.getClientId()).thenReturn(dummyString); - when(oAuth2Parameters.getState()).thenReturn(dummyString); - when(identityCommonUtil.getRegulatoryFromSPMetaData(dummyString)).thenReturn(true); - when(consentData.getType()).thenReturn(dummyString); - when(consentData.getApplication()).thenReturn(dummyString); - - Map sensitiveDataMap = new HashMap<>(); - Map headers = new HashMap<>(); - sensitiveDataMap.put(CIBAPushAuthenticatorConstants.IS_ERROR, "false"); - sensitiveDataMap.put(CIBAPushAuthenticatorConstants.LOGGED_IN_USER, dummyString); - sensitiveDataMap.put(CIBAPushAuthenticatorConstants.SP_QUERY_PARAMS, dummyString); - sensitiveDataMap.put(CIBAPushAuthenticatorConstants.SCOPE, dummyString); - - when(ConsentExtensionUtils.getSensitiveDataWithConsentKey(Mockito.anyString())).thenReturn(sensitiveDataMap); - when(ConsentExtensionUtils.getHeaders(httpServletRequest)).thenReturn(headers); - when(mockAuthenticator.createConsentData(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), - Mockito.anyString(), Mockito.anyString(), Mockito.anyObject())).thenReturn(consentData); - - doNothing().when(consentData).setSensitiveDataMap(Mockito.anyObject()); - doNothing().when(consentData).setRedirectURI(Mockito.anyObject()); - doNothing().when(consentData).setRegulatory(Mockito.anyObject()); - doNothing().when(mockAuthenticator).executeRetrieval(Mockito.anyObject(), Mockito.anyObject()); - - assertNotNull(mockAuthenticator.retrieveConsent(Mockito.anyObject(), Mockito.anyObject(), Mockito.anyString())); - - } - -} - -class CIBAPushAuthenticatorMock extends CIBAPushAuthenticator { - - @Override - protected AuthenticationContext getAutenticationContext(String sessionDataKey) { - - return mock(AuthenticationContext.class); - } - - @Override - protected ConsentData createConsentData(String sessionDataKey, String loggedInUser, String spQueryParams, - String scopeString, String app, HttpServletRequest request) { - return mock(ConsentData.class); - } - -} diff --git a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml index ddc3905f..562ab0aa 100644 --- a/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml +++ b/open-banking-accelerator/components/consent-management/com.wso2.openbanking.accelerator.consent.extensions/src/test/resources/testng.xml @@ -22,7 +22,6 @@ - diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml index e51dfb25..e69de29b 100644 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml +++ b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/pom.xml @@ -1,124 +0,0 @@ - - - open-banking-accelerator - com.wso2.openbanking.accelerator - 3.2.30-SNAPSHOT - ../../../pom.xml - - 4.0.0 - - com.wso2.openbanking.accelerator.ciba.authentication.endpoint - WSO2 Open Banking - CIBA Authentication Endpoint - WSO2 Open Banking - CIBA Authentication Endpoint - war - - - - org.testng - testng - test - - - com.wso2.openbanking.accelerator - com.wso2.openbanking.accelerator.consent.extensions - provided - - - com.fasterxml.jackson.core - jackson-databind - provided - - - com.wso2.openbanking.accelerator - com.wso2.openbanking.accelerator.common - provided - - - org.wso2.carbon.identity.inbound.auth.oauth2 - org.wso2.carbon.identity.oauth.ciba - provided - - - org.wso2.carbon.identity.framework - org.wso2.carbon.identity.application.authentication.framework - provided - - - org.wso2.carbon.identity.outbound.auth.push - org.wso2.carbon.identity.application.authenticator.push.common - provided - - - org.wso2.carbon.identity.outbound.auth.push - org.wso2.carbon.identity.application.authenticator.push.device.handler - provided - - - org.wso2.carbon.identity.outbound.auth.push - org.wso2.carbon.identity.application.authenticator.push - provided - - - - - - - com.github.spotbugs - spotbugs-maven-plugin - - Max - Low - true - false - ${project.build.directory}/spotbugs - ${project.basedir}/src/main/resources/findbugs-include.xml - - - com.h3xstream.findsecbugs - findsecbugs-plugin - ${com.h3xstream.findsecbugs.version} - - - - - - analyze-compile - compile - - check - - - - - - maven-war-plugin - ${maven-war-plugin.version} - - - - - src/main/webapp - - - api#openbanking#ciba - - - - - diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java deleted file mode 100644 index a5ed90e6..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpoint.java +++ /dev/null @@ -1,686 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.api; - -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.JWTParser; -import com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.exception.CIBAAuthenticationEndpointException; -import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser; -import com.wso2.openbanking.accelerator.common.exception.OpenBankingException; -import com.wso2.openbanking.accelerator.common.util.CarbonUtils; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.builder.ConsentStepsBuilder; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentData; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistData; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentPersistStep; -import com.wso2.openbanking.accelerator.consent.extensions.authorize.model.ConsentRetrievalStep; -import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointErrorResponse; -import com.wso2.openbanking.accelerator.consent.extensions.ciba.model.CIBAAuthenticationEndpointInterface; -import com.wso2.openbanking.accelerator.consent.extensions.common.AuthErrorCode; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentCache; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentException; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionExporter; -import com.wso2.openbanking.accelerator.consent.extensions.common.ConsentExtensionUtils; -import com.wso2.openbanking.accelerator.consent.extensions.common.ResponseStatus; -import com.wso2.openbanking.accelerator.identity.util.HTTPClientUtils; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; -import net.minidev.json.JSONArray; -import net.minidev.json.JSONObject; -import net.minidev.json.parser.JSONParser; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.http.HttpResponse; -import org.apache.http.HttpStatus; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.util.EntityUtils; -import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; -import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; -import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; -import org.wso2.carbon.identity.application.authenticator.push.common.PushAuthContextManager; -import org.wso2.carbon.identity.application.authenticator.push.common.PushJWTValidator; -import org.wso2.carbon.identity.application.authenticator.push.common.exception.PushAuthTokenValidationException; -import org.wso2.carbon.identity.application.authenticator.push.common.impl.PushAuthContextManagerImpl; -import org.wso2.carbon.identity.application.authenticator.push.device.handler.DeviceHandler; -import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerClientException; -import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerServerException; -import org.wso2.carbon.identity.application.authenticator.push.device.handler.impl.DeviceHandlerImpl; -import org.wso2.carbon.identity.application.authenticator.push.dto.AuthDataDTO; -import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry; -import org.wso2.carbon.identity.oauth.ciba.common.AuthReqStatus; -import org.wso2.carbon.identity.oauth.ciba.dao.CibaDAOFactory; -import org.wso2.carbon.identity.oauth.ciba.exceptions.CibaCoreException; -import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters; - -import java.io.IOException; -import java.lang.reflect.InvocationTargetException; -import java.net.HttpURLConnection; -import java.text.ParseException; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.ws.rs.Consumes; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; - -import static com.wso2.openbanking.accelerator.consent.extensions.ciba.authenticator.CIBAPushAuthenticator.createErrorResponse; - -/** - * Implementation class for the CIBA authentication endpoint API. - */ -@Deprecated -@Path("/") -public class CIBAAuthenticationEndpoint { - - private static final Log log = LogFactory.getLog(CIBAAuthenticationEndpoint.class); - private static CIBAAuthenticationEndpointInterface cibaAuthenticationEndpointInterfaceTK; - private static List consentPersistSteps = null; - private static List consentRetrievalSteps = null; - - public CIBAAuthenticationEndpoint() { - - initializeConsentSteps(); - } - - @SuppressFBWarnings("JAXRS_ENDPOINT") - // Suppressed content - Endpoint - // Suppression reason - False Positive : This endpoint is secured with access control lists in the configuration - // Suppressed warning count - 1 - @POST - @Path("/push-auth/authenticate") - @Consumes({"application/json; charset=utf-8"}) - @Produces({"application/json; charset=utf-8"}) - public Response handleCIBAAuthenticationRequest(@Context HttpServletRequest request, - @Context HttpServletResponse response, @Context UriInfo uriInfo) { - - try { - log.info("CIBA authentication call received"); - handleMobileResponse(request, response); - } catch (CIBAAuthenticationEndpointException e) { - // create error response - CIBAAuthenticationEndpointErrorResponse errorResponse = createErrorResponse(e.getHttpStatusCode(), - e.getErrorCode(), e.getErrorDescription()); - return Response.status(errorResponse.getHttpStatusCode() != 0 ? - errorResponse.getHttpStatusCode() : e.getHttpStatusCode()) - .entity(errorResponse.getPayload()).build(); - } - - return Response.status(HttpStatus.SC_ACCEPTED).build(); - } - - @SuppressFBWarnings("JAXRS_ENDPOINT") - // Suppressed content - Endpoint - // Suppression reason - False Positive : This endpoint is secured with access control lists in the configuration - // Suppressed warning count - 1 - @GET - @Path("/push-auth/discovery-data") - @Produces({"application/json; charset=utf-8"}) - public Response handleDiscoveryRequest(@Context HttpServletRequest request, - @Context HttpServletResponse response, - @Context HttpHeaders headers) { - - try { - log.info("CIBA discovery call received"); - JSONObject deviceRegistrationData = handleDiscovery(request, response, headers); - return Response.status(HttpStatus.SC_ACCEPTED) - .entity(deviceRegistrationData).build(); - - } catch (CIBAAuthenticationEndpointException e) { - // create error response - CIBAAuthenticationEndpointErrorResponse errorResponse = createErrorResponse(e.getHttpStatusCode(), - e.getErrorCode(), e.getErrorDescription()); - return Response.status(errorResponse.getHttpStatusCode() != 0 ? - errorResponse.getHttpStatusCode() : e.getHttpStatusCode()) - .entity(errorResponse.getPayload()).build(); - } - } - - @SuppressFBWarnings("HTTP_PARAMETER_POLLUTION") - // Suppressed content - CIBAAuthenticationEndpointConstants.DEVICE_REGISTRATION_URL - // Suppression reason - False Positive : This is a hard coded, trusted path. It is not a user input - // Suppressed warning count - 1 - private JSONObject handleDiscovery(HttpServletRequest request, HttpServletResponse response, HttpHeaders headers) - throws CIBAAuthenticationEndpointException { - - List authHeaders = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); - String userToken = null; - // Make the API call with user's access token - if (authHeaders.size() != 0) { - userToken = authHeaders.get(0); - } - String registrationUrl = CarbonUtils.getCarbonServerUrl() + - CIBAAuthenticationEndpointConstants.DEVICE_REGISTRATION_URL; - HttpUriRequest deviceRegistrationRequest = new HttpGet(registrationUrl); - deviceRegistrationRequest.setHeader(CIBAAuthenticationEndpointConstants.AUTH_HEADER_NAME, userToken); - JSONObject deviceRegistrationData = sendRequest(deviceRegistrationRequest); - // Change authentication endpoint to OB CIBA webapp as it handles the CIBA authenticate call - deviceRegistrationData.put(CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT, - CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT_URL_PREFIX - + deviceRegistrationData.getAsString( - CIBAAuthenticationEndpointConstants.AUTHENTICATION_ENDPOINT)); - return deviceRegistrationData; - } - - public JSONObject sendRequest(HttpUriRequest request) - throws CIBAAuthenticationEndpointException { - - String responseStr = null; - try { - CloseableHttpClient client = HTTPClientUtils.getHttpsClient(); - HttpResponse response = client.execute(request); - responseStr = EntityUtils.toString(response.getEntity()); - - if ((response.getStatusLine().getStatusCode() / 100) != 2) { - if (response.getStatusLine().getStatusCode() == HttpURLConnection.HTTP_UNAUTHORIZED) { - log.debug("Received unauthorized(401) response. body: " + responseStr); - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_UNAUTHORIZED, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_UNAUTHORIZED.getMessage(), - "Received unauthorized Response: " + responseStr); - } - } else { - // received success (200 range) response - Object responseJSON; - try { - responseJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(responseStr); - if (!(responseJSON instanceof JSONObject)) { - log.error("Discovery call response is not a JSON object"); - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(), - "Discovery call response is not a JSON object"); - } - } catch (net.minidev.json.parser.ParseException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(), - "Unable to parse the response", e); - } - - JSONObject responseData = (JSONObject) responseJSON; - return responseData; - } - - } catch (IOException e) { - log.error("Exception occurred while reading request. Caused by, ", e); - } catch (OpenBankingException e) { - log.error("Exception occurred while generating http client. Caused by, ", e); - } - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(), - "Unexpected response received for the request. path: " + - request.getURI() + " response:" + responseStr); - } - - /** - * Initialize consent builder. - */ - private static synchronized void initializeConsentSteps() { - - if (consentRetrievalSteps == null || consentPersistSteps == null) { - ConsentStepsBuilder consentStepsBuilder = ConsentExtensionExporter.getConsentStepsBuilder(); - - if (consentStepsBuilder != null) { - consentRetrievalSteps = consentStepsBuilder.getConsentRetrievalSteps(); - consentPersistSteps = consentStepsBuilder.getConsentPersistSteps(); - } - - if (consentRetrievalSteps != null && !consentRetrievalSteps.isEmpty()) { - log.info("Consent retrieval steps are not null or empty"); - } else { - log.warn("Consent retrieval steps are null or empty"); - } - if (consentPersistSteps != null && !consentPersistSteps.isEmpty()) { - log.info("Consent persist steps are not null or empty"); - } else { - log.warn("Consent persist steps are null or empty"); - } - } else { - log.debug("Retrieval and persist steps are available"); - } - } - - /** - * Persist user consent data. - * - * @param request HTTP request - * @param response HTTP response - * @param sessionDataKey Session Data Key - * @param payload Json payload - * @throws ConsentException - */ - private static void persistConsent(HttpServletRequest request, HttpServletResponse response, - String sessionDataKey, JSONObject payload) throws ConsentException { - - ConsentData consentData = ConsentCache.getConsentDataFromCache(sessionDataKey); - if (consentData == null) { - throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR, "Unable to get consent data"); - } - - if (payload == null) { - throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR, - "Payload unavailable", consentData.getState()); - } - - boolean approval; - if (payload.containsKey(CIBAAuthenticationEndpointConstants.APPROVAL)) { - try { - if (payload.get(CIBAAuthenticationEndpointConstants.APPROVAL) instanceof Boolean) { - approval = (Boolean) payload.get(CIBAAuthenticationEndpointConstants.APPROVAL); - } else { - approval = Boolean.parseBoolean((String) payload.get(CIBAAuthenticationEndpointConstants.APPROVAL)); - } - } catch (ClassCastException e) { - log.error("Error while processing consent persistence authorize", e); - throw new ConsentException(ResponseStatus.BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_PERSIST_INVALID_AUTHORIZE.getMessage()); - } - } else { - throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_PERSIST_APPROVAL_MANDATORY.getMessage(), - consentData.getState()); - } - - Map headers = ConsentExtensionUtils.getHeaders(request); - ConsentPersistData consentPersistData = new ConsentPersistData(payload, headers, approval, consentData); - - executePersistence(consentPersistData); - - if (!approval) { - throw new ConsentException(consentData.getRedirectURI(), AuthErrorCode.ACCESS_DENIED, - "User denied the consent", consentData.getState()); - } - - } - - /** - * Execute consent persistence. - * - * @param consentPersistData Consent Persistence data - * @throws ConsentException - */ - private static void executePersistence(ConsentPersistData consentPersistData) throws ConsentException { - - for (ConsentPersistStep step : consentPersistSteps) { - if (log.isDebugEnabled()) { - log.debug("Executing persistence step " + step.getClass().toString()); - } - step.execute(consentPersistData); - } - } - - /** - * Handles authentication request received from mobile app. - * - * @param request HTTP request - * @param response HTTP response - * @throws CIBAAuthenticationEndpointException - */ - public static void handleMobileResponse(HttpServletRequest request, HttpServletResponse response) - throws CIBAAuthenticationEndpointException { - - setCIBAExtension(); - - String responseJsonString; - try { - responseJsonString = IOUtils.toString(request.getInputStream()); - } catch (IOException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(), - "Error in reading the request", e); - } - - if (log.isDebugEnabled()) { - log.debug("CIBA authenticate call from mobile received: " + responseJsonString); - } - - Object responseDataJSON; - try { - responseDataJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(responseJsonString); - if (!(responseDataJSON instanceof JSONObject)) { - log.error("response is not a JSON object"); - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(), - "response is not a JSON object"); - } - } catch (net.minidev.json.parser.ParseException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(), - "Unable to parse the response", e); - } - - JSONObject responseData = (JSONObject) responseDataJSON; - String token = responseData.getAsString(CIBAAuthenticationEndpointConstants.AUTH_RESPONSE); - - if (StringUtils.isEmpty(token)) { - if (log.isDebugEnabled()) { - log.debug(CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND); - } - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND - .getCode(), - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND - .getMessage()); - } else { - String deviceId = getDeviceIdFromToken(token); - String sessionDataKey = getSessionDataKeyFromToken(token, deviceId); - - if (StringUtils.isEmpty(sessionDataKey)) { - String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages - .ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND + deviceId; - if (log.isDebugEnabled()) { - log.debug(errorMessage); - } - - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND - .getCode(), - errorMessage); - } else { - addToContext(sessionDataKey, token); - - try { - processAuthenticationRequest(request, response, sessionDataKey); - } catch (AuthenticationFailedException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(), - "Authentication Failed", e); - } - - response.setStatus(HttpServletResponse.SC_ACCEPTED); - - log.info("Completed processing authentication request from mobile app for session data key " - + sessionDataKey); - - } - } - } - - /** - * Retrieve the config for CIBA consent persistence toolkit extension class for. - */ - private static void setCIBAExtension() { - - try { - cibaAuthenticationEndpointInterfaceTK = (CIBAAuthenticationEndpointInterface) - Class.forName(OpenBankingConfigParser.getInstance() - .getCibaServletExtension()).getDeclaredConstructor().newInstance(); - } catch (InstantiationException | IllegalAccessException | - InvocationTargetException | NoSuchMethodException | ClassNotFoundException e) { - log.error("CIBA Webapp extension not found", e); - } - } - - /** - * Process authentication request received from mobile app. - * - * @param sessionDataKey Session Data Key - * @throws CIBAAuthenticationEndpointException - */ - protected static void processAuthenticationRequest(HttpServletRequest request, - HttpServletResponse response, String sessionDataKey) throws - AuthenticationFailedException, CIBAAuthenticationEndpointException { - - SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey); - - AuthenticatedUser user = cacheEntry.getLoggedInUser(); - - PushAuthContextManager contextManager = new PushAuthContextManagerImpl(); - AuthenticationContext sessionContext = contextManager.getContext(sessionDataKey); - AuthDataDTO authDataDTO = (AuthDataDTO) sessionContext - .getProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA); - - String authResponseToken = authDataDTO.getAuthToken(); - String serverChallenge = authDataDTO.getChallenge(); - - String deviceId = getDeviceIdFromToken(authResponseToken); - String publicKey = getPublicKey(deviceId); - - PushJWTValidator validator = new PushJWTValidator(); - JWTClaimsSet claimsSet; - try { - claimsSet = validator.getValidatedClaimSet(authResponseToken, publicKey); - } catch (PushAuthTokenValidationException e) { - String errorMessage = String - .format("Error occurred when trying to validate the JWT signature from device: %s of user: %s.", - deviceId, user.toFullQualifiedUsername()); - throw new AuthenticationFailedException(errorMessage, e); - } - if (claimsSet != null) { - if (validator.validateChallenge(claimsSet, serverChallenge, deviceId)) { - String authStatus; - String metadataJsonString; - JSONArray accountIds; - try { - authStatus = - validator.getClaimFromClaimSet(claimsSet, - CIBAAuthenticationEndpointConstants.TOKEN_RESPONSE, deviceId); - metadataJsonString = (validator.getClaimFromClaimSet(claimsSet, - CIBAAuthenticationEndpointConstants.METADATA, deviceId)); - - Object metadataJSON = new JSONParser(JSONParser.MODE_PERMISSIVE).parse(metadataJsonString); - if (!(metadataJSON instanceof JSONObject)) { - log.error("metadata is not a JSON object"); - throw new ConsentException(ResponseStatus.INTERNAL_SERVER_ERROR, - "metadata is not a JSON object"); - } - JSONObject metadata = (JSONObject) metadataJSON; - - accountIds = - (JSONArray) metadata.get(CIBAAuthenticationEndpointConstants.METADATA_ACCOUNT_IDS); - } catch (PushAuthTokenValidationException | net.minidev.json.parser.ParseException e) { - String errorMessage = "Error in getting claims from the auth response token received from device: " - + deviceId; - throw new AuthenticationFailedException(errorMessage, e); - } - - boolean approval; - if (authStatus.equals(CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_SUCCESS)) { - approval = true; - } else if (authStatus.equals(CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_DENIED)) { - approval = false; - } else { - log.error("Invalid authorization status :" + authStatus); - String errorMessage = "Authentication failed! Incorrect auth status " + authStatus + " for user " + - user.toFullQualifiedUsername(); - throw new AuthenticationFailedException(errorMessage); - } - - JSONObject payload = new JSONObject(); - payload.put(CIBAAuthenticationEndpointConstants.APPROVAL, approval); - // Authorize call is skipped in consent persist call in CIBA - payload.put(CIBAAuthenticationEndpointConstants.AUTHORIZE, false); - payload.put(CIBAAuthenticationEndpointConstants.ACCOUNT_IDS, accountIds); - - // add TK data - if (cibaAuthenticationEndpointInterfaceTK != null) { - payload = cibaAuthenticationEndpointInterfaceTK - .updateConsentData(payload); - } - - persistConsent(request, response, sessionDataKey, payload); - persistAuthorization(sessionDataKey, authStatus); - } else { - String errorMessage = String - .format("Authentication failed! JWT challenge validation for device: %s of user: %s.", - deviceId, user); - throw new AuthenticationFailedException(errorMessage); - } - - } else { - String errorMessage = String - .format("Authentication failed! JWT signature is not valid for device: %s of user: %s.", - deviceId, user); - throw new AuthenticationFailedException(errorMessage); - } - - try { - contextManager.clearContext(validator.getClaimFromClaimSet(claimsSet, - CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY, deviceId)); - } catch (PushAuthTokenValidationException e) { - String errorMessage = "Error in getting claim " + - CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY + " from the auth response token " + - "received from device: " + deviceId; - throw new AuthenticationFailedException(errorMessage, e); - } - } - - /** - * Persist authorization response. - * - * @param sessionDataKey Session Data Key - * @param authStatus User action for the authorization request - * @throws CIBAAuthenticationEndpointException - */ - public static void persistAuthorization(String sessionDataKey, String authStatus) - throws CIBAAuthenticationEndpointException { - - SessionDataCacheEntry cacheEntry = ConsentCache.getCacheEntryFromSessionDataKey(sessionDataKey); - - if (cacheEntry != null) { - AuthenticatedUser user = cacheEntry.getLoggedInUser(); - OAuth2Parameters oAuth2Parameters = cacheEntry.getoAuth2Parameters(); - String nonce = oAuth2Parameters.getNonce(); - - try { - if (CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_SUCCESS.equals(authStatus)) { - String authCodeKey = CibaDAOFactory.getInstance().getCibaAuthMgtDAO().getCibaAuthCodeKey(nonce); - - // Update successful authentication. - CibaDAOFactory.getInstance().getCibaAuthMgtDAO() - .persistAuthenticationSuccess(authCodeKey, user); - } else if (CIBAAuthenticationEndpointConstants.AUTH_REQUEST_STATUS_DENIED.equals(authStatus)) { - String authCodeKey = CibaDAOFactory.getInstance().getCibaAuthMgtDAO().getCibaAuthCodeKey(nonce); - CibaDAOFactory.getInstance().getCibaAuthMgtDAO().updateStatus(authCodeKey, AuthReqStatus.FAILED); - } else { - String errorMessage = "Invalid authorization status: " + authStatus; - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_BAD_REQUEST, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_BAD_REQUEST.getMessage(), - errorMessage); - } - } catch (CibaCoreException e) { - String errorMessage = "Error while persisting CIBA auth status for session data key " + sessionDataKey; - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_SERVER_ERROR.getMessage(), - errorMessage, e); - } - } - } - - /** - * Derive the Device ID from the auth response token header. - * - * @param token Auth response token - * @return Device ID - * @throws CIBAAuthenticationEndpointException if the token string fails to parse to JWT - */ - protected static String getDeviceIdFromToken(String token) throws CIBAAuthenticationEndpointException { - - try { - return String.valueOf(JWTParser.parse(token).getHeader().getCustomParam( - CIBAAuthenticationEndpointConstants.TOKEN_DEVICE_ID)); - } catch (ParseException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_DEVICE_ID_FAILED.getCode(), - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_DEVICE_ID_FAILED.getMessage(), - e); - } - } - - /** - * Derive the SessionDataKey from the auth response token. - * - * @param token Auth response token - * @param deviceId Unique ID of the device trying to authenticate - * @return SessionDataKey - * @throws CIBAAuthenticationEndpointException if the auth response token fails to parse to JWT or the public key - * for the device is not retrieved or if the token is not valid - */ - private static String getSessionDataKeyFromToken(String token, String deviceId) throws - CIBAAuthenticationEndpointException { - - DeviceHandler deviceHandler = new DeviceHandlerImpl(); - PushJWTValidator validator = new PushJWTValidator(); - - try { - String publicKey = deviceHandler.getPublicKey(deviceId); - JWTClaimsSet claimsSet = validator.getValidatedClaimSet(token, publicKey); - return claimsSet.getStringClaim(CIBAAuthenticationEndpointConstants.TOKEN_SESSION_DATA_KEY); - } catch (PushDeviceHandlerServerException | PushDeviceHandlerClientException e) { - String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_PUBLIC_KEY_FAILED - .toString() + deviceId; - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_GET_PUBLIC_KEY_FAILED.getCode(), - errorMessage, e); - } catch (PushAuthTokenValidationException e) { - String errorMessage = CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_TOKEN_VALIDATION_FAILED - .toString() + deviceId; - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_TOKEN_VALIDATION_FAILED.getCode(), - errorMessage, e); - } catch (ParseException e) { - throw new CIBAAuthenticationEndpointException(HttpStatus.SC_INTERNAL_SERVER_ERROR, - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_PARSE_JWT_FAILED.getCode(), - CIBAAuthenticationEndpointConstants.ErrorMessages.ERROR_CODE_PARSE_JWT_FAILED.getMessage(), e); - } - } - - /** - * Add the received auth response token to the authentication context. - * - * @param sessionDataKey Unique key to identify the session - * @param token Auth response token - */ - private static void addToContext(String sessionDataKey, String token) { - - PushAuthContextManager contextManager = new PushAuthContextManagerImpl(); - AuthenticationContext context = contextManager.getContext(sessionDataKey); - - AuthDataDTO authDataDTO = (AuthDataDTO) context - .getProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA); - authDataDTO.setAuthToken(token); - context.setProperty(CIBAAuthenticationEndpointConstants.CONTEXT_AUTH_DATA, authDataDTO); - contextManager.storeContext(sessionDataKey, context); - } - - /** - * Get the public key for the device by the device ID. - * - * @param deviceId Unique ID for the device - * @return Public key string - * @throws AuthenticationFailedException if an error occurs while getting the public key - */ - protected static String getPublicKey(String deviceId) throws AuthenticationFailedException { - - DeviceHandler deviceHandler = new DeviceHandlerImpl(); - try { - return deviceHandler.getPublicKey(deviceId); - } catch (PushDeviceHandlerServerException | PushDeviceHandlerClientException e) { - throw new AuthenticationFailedException("Error occurred when trying to get the public key for device: " - + deviceId + "."); - } - } - -} diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java deleted file mode 100644 index 59d44e41..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/api/CIBAAuthenticationEndpointConstants.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.api; - -/** - * Constants for CIBA authentication endpoint. - */ -@Deprecated -public class CIBAAuthenticationEndpointConstants { - - // request related constants - public static final String AUTH_RESPONSE = "authResponse"; - public static final String TOKEN_DEVICE_ID = "did"; - public static final String TOKEN_SESSION_DATA_KEY = "sid"; - public static final String CONTEXT_AUTH_DATA = "authData"; - public static final String TOKEN_RESPONSE = "res"; - public static final String METADATA = "mta"; - public static final String AUTH_REQUEST_STATUS_SUCCESS = "SUCCESSFUL"; - public static final String AUTH_REQUEST_STATUS_DENIED = "DENIED"; - - // device registration related constants - public static final String DEVICE_REGISTRATION_URL = "/api/users/v1/me/push-auth/discovery-data"; - public static final String AUTHENTICATION_ENDPOINT_URL_PREFIX = "/api/openbanking/ciba"; - public static final String AUTHENTICATION_ENDPOINT = "ae"; - public static final String AUTH_HEADER_NAME = "Authorization"; - - // consent related constants - public static final String APPROVAL = "approval"; - public static final String AUTHORIZE = "authorize"; - public static final String ACCOUNT_IDS = "accountIds"; - public static final String METADATA_ACCOUNT_IDS = "approvedAccountIds"; - - /** - * Enum which contains error codes and corresponding error messages. - */ - public enum ErrorMessages { - - ERROR_CODE_AUTH_RESPONSE_TOKEN_NOT_FOUND( - "PBA-15001", - "The request did not contain an authentication response token" - ), - ERROR_CODE_SESSION_DATA_KEY_NOT_FOUND( - "PBA-15002", - "Session data key is not present in the authentication response token received from device: " - ), - ERROR_CODE_GET_DEVICE_ID_FAILED( - "PBA-15003", - "Error occurred when extracting the auth response token." - ), - ERROR_CODE_GET_PUBLIC_KEY_FAILED( - "PBA-15004", - "Error occurred when trying to get the public key from device: " - ), - ERROR_CODE_TOKEN_VALIDATION_FAILED( - "PBA-15005", - "Error occurred when validating auth response token from device: " - ), - ERROR_CODE_PARSE_JWT_FAILED( - "PBA-15006", - "Error occurred when parsing auth response token to JWT." - ), - ERROR_PERSIST_INVALID_AUTHORIZE( - "400", "Invalid value for authorize. Should be true/false" - ), - ERROR_PERSIST_APPROVAL_MANDATORY( - "400", "Mandatory body parameter approval is unavailable" - ), - ERROR_CODE_SERVER_ERROR( - "500", "internal server error" - ), - ERROR_CODE_BAD_REQUEST( - "400", "Bad Request" - ), - ERROR_CODE_UNAUTHORIZED( - "401", "Unauthorized" - ); - - private final String code; - private final String message; - - ErrorMessages(String code, String message) { - - this.code = code; - this.message = message; - } - - public String getCode() { - - return code; - } - - public String getMessage() { - - return message; - } - - @Override - public String toString() { - - return code + " - " + message; - } - } -} diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java deleted file mode 100644 index 2440e09d..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/java/com/wso2/openbanking/accelerator/ciba/authentication/endpoint/impl/exception/CIBAAuthenticationEndpointException.java +++ /dev/null @@ -1,80 +0,0 @@ -/** - * Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). - * - * WSO2 LLC. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package com.wso2.openbanking.accelerator.ciba.authentication.endpoint.impl.exception; - -import com.wso2.openbanking.accelerator.common.exception.OpenBankingException; - -/** - * Exception for CIBA authentication endpoint. - */ -@Deprecated -public class CIBAAuthenticationEndpointException extends OpenBankingException { - - private String errorDescription; - private String errorCode; - private int httpStatusCode; - - public int getHttpStatusCode() { - - return httpStatusCode; - } - - public void setHttpStatusCode(int httpStatusCode) { - - this.httpStatusCode = httpStatusCode; - } - - public String getErrorDescription() { - - return errorDescription; - } - - public void setErrorDescription(String errorDescription) { - - this.errorDescription = errorDescription; - } - - public String getErrorCode() { - - return errorCode; - } - - public void setErrorCode(String errorCode) { - - this.errorCode = errorCode; - } - - public CIBAAuthenticationEndpointException(int httpStatusCode, String errorCode, String errorDescription, - Throwable e) { - - super(errorDescription, e); - this.errorDescription = errorDescription; - this.errorCode = errorCode; - this.httpStatusCode = httpStatusCode; - - } - - public CIBAAuthenticationEndpointException(int httpStatusCode, String errorCode, String errorDescription) { - - super(errorDescription); - this.errorDescription = errorDescription; - this.errorCode = errorCode; - this.httpStatusCode = httpStatusCode; - } -} diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml deleted file mode 100644 index 8932a22e..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/resources/findbugs-include.xml +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf deleted file mode 100644 index 9d885be5..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/MANIFEST.mf +++ /dev/null @@ -1 +0,0 @@ -Manifest-Version: 1.0 diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml deleted file mode 100644 index b212826c..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/META-INF/webapp-classloading.xml +++ /dev/null @@ -1,35 +0,0 @@ - - - - - - - - - false - - - Carbon,CXF3 - diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml deleted file mode 100644 index bd83ba12..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/beans.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - - - - - - - - - - - diff --git a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml b/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml deleted file mode 100644 index 231ed2d8..00000000 --- a/open-banking-accelerator/internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint/src/main/webapp/WEB-INF/web.xml +++ /dev/null @@ -1,69 +0,0 @@ - - - - - - WSO2 Open Banking - CIBA Authentication Endpoint - WSO2 Open Banking - CIBA Authentication Endpoint - - - contextConfigLocation - WEB-INF/beans.xml - - - - HttpHeaderSecurityFilter - org.apache.catalina.filters.HttpHeaderSecurityFilter - - hstsEnabled - false - - - - - HttpHeaderSecurityFilter - * - - - - - org.springframework.web.context.ContextLoaderListener - - - - - CXFServlet - - org.apache.cxf.transport.servlet.CXFServlet - - 1 - - - - CXFServlet - /* - - - - 60 - - diff --git a/open-banking-accelerator/pom.xml b/open-banking-accelerator/pom.xml index 8d0a234c..4231a14f 100644 --- a/open-banking-accelerator/pom.xml +++ b/open-banking-accelerator/pom.xml @@ -45,7 +45,6 @@ components/ob-throttler/com.wso2.openbanking.accelerator.throttler.service components/event-notifications/com.wso2.openbanking.accelerator.event.notifications.service components/account-metadata/com.wso2.openbanking.accelerator.account.metadata.service - internal-apis/internal-webapps/com.wso2.openbanking.accelerator.ciba.authentication.endpoint internal-apis/internal-webapps/com.wso2.openbanking.accelerator.consent.endpoint internal-apis/internal-webapps/com.wso2.openbanking.accelerator.dcr.endpoint internal-apis/internal-webapps/com.wso2.openbanking.authentication.webapp