fix: admin-ui plugin should use encoded client_secret for authenticat…

…ion #2717 (#2718)

jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/auth/OAuth2Service.java

@@ -4,36 +4,31 @@
 import com.google.common.collect.Maps;
 import com.google.common.collect.Sets;
 import io.jans.as.client.TokenRequest;
+import io.jans.as.common.service.common.EncryptionService;
 import io.jans.as.model.common.GrantType;
 import io.jans.as.model.jwt.Jwt;
 import io.jans.as.model.jwt.JwtClaims;
-import io.jans.ca.plugin.adminui.model.config.AUIConfiguration;
-import io.jans.ca.plugin.adminui.model.exception.ApplicationException;
 import io.jans.ca.plugin.adminui.model.auth.TokenResponse;
 import io.jans.ca.plugin.adminui.model.auth.UserInfoRequest;
 import io.jans.ca.plugin.adminui.model.auth.UserInfoResponse;
+import io.jans.ca.plugin.adminui.model.config.AUIConfiguration;
+import io.jans.ca.plugin.adminui.model.exception.ApplicationException;
 import io.jans.ca.plugin.adminui.rest.auth.OAuth2Resource;
 import io.jans.ca.plugin.adminui.service.config.AUIConfigurationService;
 import io.jans.ca.plugin.adminui.utils.ClientFactory;
 import io.jans.ca.plugin.adminui.utils.CommonUtils;
 import io.jans.ca.plugin.adminui.utils.ErrorResponse;
-import jakarta.ws.rs.client.Invocation;
-import org.jboss.resteasy.client.jaxrs.ResteasyClient;
-import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
-import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
-import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine;
-import org.json.JSONArray;
-import org.json.JSONObject;
-import org.slf4j.Logger;
-
 import jakarta.inject.Inject;
 import jakarta.inject.Singleton;
-import jakarta.ws.rs.client.ClientBuilder;
 import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.Invocation;
 import jakarta.ws.rs.core.MultivaluedHashMap;
 import jakarta.ws.rs.core.MultivaluedMap;
 import jakarta.ws.rs.core.Response;
-import jakarta.ws.rs.core.UriBuilder;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.slf4j.Logger;
+
 import java.io.UnsupportedEncodingException;
 import java.util.Arrays;
 import java.util.List;
@@ -48,6 +43,8 @@ public class OAuth2Service {
     @Inject
     AUIConfigurationService auiConfigurationService;
 
+    @Inject
+    EncryptionService encryptionService;
     /**
      * Calls token endpoint from the Identity Provider and returns a valid Access Token.
      */
@@ -64,7 +61,7 @@ public TokenResponse getAccessToken(String code) throws ApplicationException {
             tokenRequest.setCode(code);
 
             tokenRequest.setAuthUsername(auiConfiguration.getAuthServerClientId());
-            tokenRequest.setAuthPassword(auiConfiguration.getAuthServerClientSecret());
+            tokenRequest.setAuthPassword(encryptionService.decrypt(auiConfiguration.getAuthServerClientSecret()));
             tokenRequest.setGrantType(GrantType.AUTHORIZATION_CODE);
             tokenRequest.setRedirectUri(auiConfiguration.getAuthServerRedirectUrl());
             tokenRequest.setScope(auiConfiguration.getAuthServerScope());
@@ -96,7 +93,7 @@ public TokenResponse getApiProtectionToken(String userInfoJwt) throws Applicatio
 
             TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
             tokenRequest.setAuthUsername(auiConfiguration.getTokenServerClientId());
-            tokenRequest.setAuthPassword(auiConfiguration.getTokenServerClientSecret());
+            tokenRequest.setAuthPassword(encryptionService.decrypt(auiConfiguration.getTokenServerClientSecret()));
             tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS);
             tokenRequest.setRedirectUri(auiConfiguration.getTokenServerRedirectUrl());