Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement support for pre issue access token action #2528

Merged
merged 17 commits into from
Jul 30, 2024
Merged

Implement support for pre issue access token action #2528

merged 17 commits into from
Jul 30, 2024

Conversation

malithie
Copy link
Contributor

Proposed changes in this pull request

Implements the facility in oauth component to implement actions for wso2/product-is#20739

Key factors considered in the implementation as as below.

  1. pre issue access token actions are allowed at tenant level and applicable for password, authorization code and client credential grant only
  2. From standard access token claim set only scope, token validity period, audience are allowed to be updated
  3. All OIDC claims shared in access token is allowed to be removed or updated
  4. Any claims in the format of string, number, boolean or string array can be added to the access token
  5. When the access token claim set is changed at token issue for password or authorization code the changed claim set is persisted in the grant cache which is backed by the session data store, to share it back with the respective service extending the token issue flow (updated context is preserved). This is valid up to the expiry of the refresh token

Further there are some minor improvements refactoring some methods and making sure to load token message context before executing the action.

Related PR: wso2/carbon-identity-framework#5810

When should this PR be merged

Once wso2/carbon-identity-framework#5810 is merged only

Follow up actions

  1. Diagnostics logs are yet to be improved
  2. Unit and integration tests are yet to be covered
  3. Flows are yet to be verified for B2B cases and federated scenarios comprehensively

@malithie
Add base for pre issue access token extension.
09de598
@malithie
Merge branch 'master' into pre-issue-access-token-action
9c2b7ff 
# Conflicts:
#	components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/internal/OAuthComponentServiceHolder.java
#	components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java
#	components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java
@malithie
Update pre issue access token extension to use core module.
18fecba
@malithie
Fix checkstyle issues.
145d1fb
@malithie
Code formatting and improvements.
0b335d0
@malithie
Added validations to invoke the action.
fa2f791
@malithie
Refactoring updates.
353e4a2
@malithie
Merge branch 'master' into pre-issue-access-token-action
6c26309
@CLAassistant
Copy link

CLAassistant commented Jul 25, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@malithie malithie requested a review from Thumimku July 25, 2024 09:15
DMHP
DMHP reviewed Jul 25, 2024
View reviewed changes
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
....oauth/src/main/java/org/wso2/carbon/identity/oauth/action/PreIssueAccessTokenProcessor.java Outdated Show resolved Hide resolved
@DMHP
Copy link
Contributor

DMHP commented Jul 25, 2024

Reviewed Partially.

@malithie malithie mentioned this pull request Jul 29, 2024
Open
13 tasks
@DMHP
Copy link
Contributor

DMHP commented Jul 30, 2024
edited
Loading

Due to the priority, I am approving the following PR with the following,

  • As discussed with @malithie she has immediate plans to onboard the unit tests to cover the whole flow
  • This feature will be gradually improved to the token exchange grant based on 80% cases.
  • The TODOs will be completed along with the feature.

@malithie
Copy link
Contributor Author

malithie commented Jul 30, 2024
edited
Loading

Due to the priority, I am approving the following PR with the following,

  • As discussed with @malithie she has immediate plans to onboard the unit tests to cover the whole flow
  • This feature will be gradually improved to the token exchange grant based on 80% cases.
  • The TODOs will be completed along with the feature.

Acknowledged.

@malithie malithie merged commit 1a0c89c into wso2-extensions:master Jul 30, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mpmadhavig mpmadhavig mpmadhavig left review comments

@shashimalcse shashimalcse shashimalcse left review comments

@Thumimku Thumimku Thumimku left review comments

@DMHP DMHP DMHP approved these changes

Assignees

@DMHP DMHP

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@malithie @CLAassistant @DMHP @Thumimku @shashimalcse @mpmadhavig