Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: wso2-extensions/identity-inbound-auth-oauth
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 06b64b5d9f3f603ce2e03a57d0674d92a7565139
Choose a base ref
..
head repository: wso2-extensions/identity-inbound-auth-oauth
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: d70822eb1cd8f2a105399a13c01c6225a0e241a2
Choose a head ref
Original file line number Diff line number Diff line change
@@ -48,6 +48,8 @@
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
import org.wso2.carbon.identity.organization.management.service.util.OrganizationManagementUtil;
import org.wso2.carbon.utils.DiagnosticLog;

import java.util.ArrayList;
@@ -515,10 +517,12 @@ private OAuth2IntrospectionResponseDTO validateAccessToken(OAuth2TokenValidation
then getting the tenant domain from the token.
*/
String appTenantDomain = IdentityTenantUtil.getTenantDomain(accessTokenDO.getTenantID());
ServiceProviderProperty[] serviceProviderProperties = OAuth2Util.getServiceProvider(
accessTokenDO.getConsumerKey(), appTenantDomain).getSpProperties();
if (!isFragmentApp(serviceProviderProperties)) {
tenantDomain = appTenantDomain;
if (OrganizationManagementUtil.isOrganization(appTenantDomain)) {
ServiceProviderProperty[] serviceProviderProperties = OAuth2Util.getServiceProvider(
accessTokenDO.getConsumerKey(), appTenantDomain).getSpProperties();
if (!isFragmentApp(serviceProviderProperties)) {
tenantDomain = appTenantDomain;
}
}
boolean isCrossTenantTokenIntrospectionAllowed
= OAuthServerConfiguration.getInstance().isCrossTenantTokenIntrospectionAllowed();
@@ -549,6 +553,9 @@ private OAuth2IntrospectionResponseDTO validateAccessToken(OAuth2TokenValidation
LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
}
return buildIntrospectionErrorResponse(e.getMessage());
} catch (OrganizationManagementException e) {
throw new IdentityOAuth2Exception("Error while checking whether the application tenant is an " +
"organization.", e);
}

if (hasAccessTokenExpired(accessTokenDO)) {
Original file line number Diff line number Diff line change
@@ -71,6 +71,7 @@
import org.wso2.carbon.identity.openidconnect.util.TestUtils;
import org.wso2.carbon.identity.organization.management.service.OrganizationManager;
import org.wso2.carbon.identity.organization.management.service.util.OrganizationManagementConfigUtil;
import org.wso2.carbon.identity.organization.management.service.util.OrganizationManagementUtil;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.service.RealmService;
@@ -254,8 +255,12 @@ public void testBuildIntrospectionResponse(boolean isIDPIdColumnEnabled, String
OAuthServerConfiguration.class);
MockedStatic<IdentityDatabaseUtil> identityDatabaseUtil = mockStatic(IdentityDatabaseUtil.class);
MockedStatic<OAuth2ServiceComponentHolder> oAuth2ServiceComponentHolder =
mockStatic(OAuth2ServiceComponentHolder.class);) {
mockStatic(OAuth2ServiceComponentHolder.class);
MockedStatic<OrganizationManagementUtil> organizationManagementUtil =
mockStatic(OrganizationManagementUtil.class)) {

organizationManagementUtil.when(() -> OrganizationManagementUtil.isOrganization(anyString())).
thenReturn(false);
OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(isIDPIdColumnEnabled);
mockRequiredObjects(oAuthServerConfiguration, identityDatabaseUtil);
OAuth2ServiceComponentHolder oAuth2ServiceComponentHolderInstance =