From c61eb66269b61f5cd3d1bf4afe84ec6bca6e0e1d Mon Sep 17 00:00:00 2001 From: Udara Pathum Date: Thu, 15 Jun 2023 11:24:56 +0530 Subject: [PATCH 1/3] Remove IdentityPersistentManager --- .../grant/saml/SAML2BearerGrantHandler.java | 13 ++++--------- .../saml/SAML2BearerGrantHandlerTest.java | 19 +++++++++---------- 2 files changed, 13 insertions(+), 19 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java index 25686f074d..e5a37d130b 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java @@ -1,7 +1,7 @@ /* - * Copyright (c) 2012, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2012, WSO2 LLC. (http://www.wso2.com). * - * WSO2 Inc. licenses this file to you under the Apache License, + * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at @@ -43,7 +43,6 @@ import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.base.ServerConfiguration; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.context.RegistryType; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; @@ -59,8 +58,8 @@ import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO; -import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.common.OAuthConstants; @@ -79,7 +78,6 @@ import org.wso2.carbon.identity.saml.common.util.exception.IdentityUnmarshallingException; import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; import org.wso2.carbon.idp.mgt.IdentityProviderManager; -import org.wso2.carbon.registry.core.Registry; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreManager; import org.wso2.carbon.user.core.UniqueIDUserStoreManager; @@ -1013,10 +1011,7 @@ private SAMLSSOServiceProviderDO getSAMLSSOServiceProvider(String issuerName, St privilegedCarbonContext.setTenantDomain(tenantDomain); IdentityTenantUtil.initializeRegistry(tenantId, tenantDomain); - IdentityPersistenceManager persistenceManager = IdentityPersistenceManager.getPersistanceManager(); - Registry registry = (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry - (RegistryType.SYSTEM_CONFIGURATION); - return persistenceManager.getServiceProvider(registry, issuerName); + return SAMLSSOServiceProviderManager.getInstance().getServiceProvider(issuerName, tenantId); } catch (IdentityException e) { throw new IdentityOAuth2Exception("Error occurred while validating existence of SAML service provider " + "'" + issuerName + "' that issued the assertion in the tenant domain '" + tenantDomain + "'"); diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java index 7bc8be5466..ee98676d50 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java @@ -1,7 +1,7 @@ /* - * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * Copyright (c) 2017, WSO2 LLC. (http://www.wso2.com). * - * WSO2 Inc. licenses this file to you under the Apache License, + * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at @@ -52,8 +52,8 @@ import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.common.testng.WithCarbonHome; +import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO; -import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.oauth.common.OAuthConstants; @@ -76,7 +76,6 @@ import org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest; import org.wso2.carbon.idp.mgt.IdentityProviderManagementException; import org.wso2.carbon.idp.mgt.IdentityProviderManager; -import org.wso2.carbon.registry.core.Registry; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.core.UserRealm; import org.wso2.carbon.user.core.UserStoreManager; @@ -113,7 +112,7 @@ @PrepareForTest({IdentityUtil.class, IdentityTenantUtil.class, IdentityProviderManager.class, MultitenantUtils.class, IdentityApplicationManagementUtil.class, OAuthServerConfiguration.class, SSOServiceProviderConfigManager.class, SAML2BearerGrantHandler.class, OAuthComponentServiceHolder.class, OAuth2ServiceComponentHolder.class, - OAuth2Util.class, IdentityPersistenceManager.class, SignatureValidator.class, UnmarshallUtils.class}) + OAuth2Util.class, SAMLSSOServiceProviderManager.class, SignatureValidator.class, UnmarshallUtils.class}) @WithCarbonHome public class SAML2BearerGrantHandlerTest extends PowerMockIdentityBaseTest { @@ -153,7 +152,7 @@ public class SAML2BearerGrantHandlerTest extends PowerMockIdentityBaseTest { @Mock private TokenPersistenceProcessor persistenceProcessor; @Mock - private IdentityPersistenceManager identityPersistenceManager; + private SAMLSSOServiceProviderManager samlSSOServiceProviderManager; @BeforeMethod public void setUp() throws Exception { @@ -523,11 +522,11 @@ private void prepareForGetSAMLSSOServiceProvider() throws Exception { samlssoServiceProviderDO.setIssuer(TestConstants.SAML_ISSUER); samlssoServiceProviderDO.setIdpEntityIDAlias(TestConstants.IDP_ENTITY_ID_ALIAS); - when(identityPersistenceManager.getServiceProvider(any(Registry.class), anyString())) + when(samlSSOServiceProviderManager.getServiceProvider(anyString(), anyInt())) .thenReturn(samlssoServiceProviderDO); - mockStatic(IdentityPersistenceManager.class); - when(IdentityPersistenceManager.getPersistanceManager()).thenReturn(identityPersistenceManager); - when(identityPersistenceManager.isServiceProviderExists(any(Registry.class), anyString())).thenReturn(true); + mockStatic(SAMLSSOServiceProviderManager.class); + when(SAMLSSOServiceProviderManager.getInstance()).thenReturn(samlSSOServiceProviderManager); + when(samlSSOServiceProviderManager.isServiceProviderExists(anyString(), anyInt())).thenReturn(true); mockStatic(SSOServiceProviderConfigManager.class); when(SSOServiceProviderConfigManager.getInstance()).thenReturn(ssoServiceProviderConfigManager); From 3dea4599c00a4140ef8aab5de5092edc2b8392b5 Mon Sep 17 00:00:00 2001 From: Udara Pathum Date: Tue, 20 Jun 2023 16:02:05 +0530 Subject: [PATCH 2/3] Use SAMLSSOServiceProviderManager OSGI service --- .../internal/OAuth2ServiceComponent.java | 23 +++++++++++++++++++ .../OAuth2ServiceComponentHolder.java | 22 ++++++++++++++++++ .../grant/saml/SAML2BearerGrantHandler.java | 4 ++-- .../saml/SAML2BearerGrantHandlerTest.java | 6 +++-- 4 files changed, 51 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java index 78ca2d707d..fc361ce0a3 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java @@ -37,6 +37,7 @@ import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener; import org.wso2.carbon.identity.consent.server.configs.mgt.services.ConsentServerConfigsManagementService; +import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.util.IdentityCoreInitializedEvent; import org.wso2.carbon.identity.event.handler.AbstractEventHandler; import org.wso2.carbon.identity.event.services.IdentityEventService; @@ -906,4 +907,26 @@ protected void unsetJWTAccessTokenClaimProvider(JWTAccessTokenClaimProvider clai } OAuth2ServiceComponentHolder.getInstance().removeJWTAccessTokenClaimProvider(claimProvider); } + + @Reference( + name = "saml.sso.service.provider.manager", + service = org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager.class, + cardinality = ReferenceCardinality.MANDATORY, + policy = ReferencePolicy.DYNAMIC, + unbind = "unsetSAMLSSOServiceProviderManager") + protected void setSAMLSSOServiceProviderManager(SAMLSSOServiceProviderManager samlSSOServiceProviderManager) { + + OAuth2ServiceComponentHolder.getInstance().setSamlSSOServiceProviderManager(samlSSOServiceProviderManager); + if (log.isDebugEnabled()) { + log.debug("SAMLSSOServiceProviderManager set in to bundle"); + } + } + + protected void unsetSAMLSSOServiceProviderManager(SAMLSSOServiceProviderManager samlSSOServiceProviderManager) { + + OAuth2ServiceComponentHolder.getInstance().setSamlSSOServiceProviderManager(null); + if (log.isDebugEnabled()) { + log.debug("SAMLSSOServiceProviderManager unset in to bundle"); + } + } } diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponentHolder.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponentHolder.java index a420ac5242..cfeec2963a 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponentHolder.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponentHolder.java @@ -23,6 +23,7 @@ import org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; import org.wso2.carbon.identity.consent.server.configs.mgt.services.ConsentServerConfigsManagementService; +import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.handler.HandlerComparator; import org.wso2.carbon.identity.event.services.IdentityEventService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; @@ -75,6 +76,7 @@ public class OAuth2ServiceComponentHolder { private static KeyIDProvider keyIDProvider = null; private IdpManager idpManager; private static UserSessionManagementService userSessionManagementService; + private static SAMLSSOServiceProviderManager samlSSOServiceProviderManager; private static RoleManager roleManager; private static OrganizationUserResidentResolverService organizationUserResidentResolverService; private List oidcScopesClaims = new ArrayList<>(); @@ -477,6 +479,26 @@ public static void setConfigurationContextService(ConfigurationContextService co OAuth2ServiceComponentHolder.configurationContextService = configurationContextService; } + /** + * Get the OAuth2ScopeClaimMappingDAO instance. + * + * @param samlSSOServiceProviderManager SAMLSSOServiceProviderManager instance. + */ + public static void setSamlSSOServiceProviderManager(SAMLSSOServiceProviderManager samlSSOServiceProviderManager) { + + OAuth2ServiceComponentHolder.samlSSOServiceProviderManager = samlSSOServiceProviderManager; + } + + /** + * Get the SAMLSSOServiceProviderManager instance. + * + * @return SAMLSSOServiceProviderManager instance. + */ + public static SAMLSSOServiceProviderManager getSamlSSOServiceProviderManager() { + + return samlSSOServiceProviderManager; + } + /** * Returns JWT access token additional claim providers. * diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java index e5a37d130b..bdd094c6e7 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandler.java @@ -58,7 +58,6 @@ import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil; import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.base.IdentityException; -import org.wso2.carbon.identity.core.SAMLSSOServiceProviderManager; import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; @@ -1011,7 +1010,8 @@ private SAMLSSOServiceProviderDO getSAMLSSOServiceProvider(String issuerName, St privilegedCarbonContext.setTenantDomain(tenantDomain); IdentityTenantUtil.initializeRegistry(tenantId, tenantDomain); - return SAMLSSOServiceProviderManager.getInstance().getServiceProvider(issuerName, tenantId); + return OAuth2ServiceComponentHolder.getInstance().getSamlSSOServiceProviderManager() + .getServiceProvider(issuerName, tenantId); } catch (IdentityException e) { throw new IdentityOAuth2Exception("Error occurred while validating existence of SAML service provider " + "'" + issuerName + "' that issued the assertion in the tenant domain '" + tenantDomain + "'"); diff --git a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java index ee98676d50..570834151a 100644 --- a/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java +++ b/components/org.wso2.carbon.identity.oauth/src/test/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/SAML2BearerGrantHandlerTest.java @@ -130,6 +130,8 @@ public class SAML2BearerGrantHandlerTest extends PowerMockIdentityBaseTest { @Mock private OAuthComponentServiceHolder oAuthComponentServiceHolder; @Mock + private OAuth2ServiceComponentHolder oAuth2ServiceComponentHolder; + @Mock private RealmService realmService; @Mock private TenantManager tenantManager; @@ -418,6 +420,7 @@ private void mockOAuthComponents() throws Exception { when(oAuthComponentServiceHolder.getRealmService()).thenReturn(realmService); mockStatic(OAuth2ServiceComponentHolder.class); when(OAuth2ServiceComponentHolder.getApplicationMgtService()).thenReturn(applicationManagementService); + when(OAuth2ServiceComponentHolder.getSamlSSOServiceProviderManager()).thenReturn(samlSSOServiceProviderManager); when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())) .thenReturn(serviceProvider); } @@ -524,8 +527,7 @@ private void prepareForGetSAMLSSOServiceProvider() throws Exception { when(samlSSOServiceProviderManager.getServiceProvider(anyString(), anyInt())) .thenReturn(samlssoServiceProviderDO); - mockStatic(SAMLSSOServiceProviderManager.class); - when(SAMLSSOServiceProviderManager.getInstance()).thenReturn(samlSSOServiceProviderManager); + when(samlSSOServiceProviderManager.isServiceProviderExists(anyString(), anyInt())).thenReturn(true); mockStatic(SSOServiceProviderConfigManager.class); From 5f2923fcba939c50b68b2ec5141ddad315188ce4 Mon Sep 17 00:00:00 2001 From: Udara Pathum Date: Thu, 22 Jun 2023 09:24:16 +0530 Subject: [PATCH 3/3] Bump framework version --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 2299ebdc7c..7c5db192fb 100644 --- a/pom.xml +++ b/pom.xml @@ -863,8 +863,8 @@ [1.0.1, 2.0.0) - 5.25.221 - [5.17.5, 7.0.0) + 5.25.234 + [5.25.234, 7.0.0) 1.1.14