Merge pull request #1 from jaadds/openkm

Regenerating Application Access Tokens without Accessing Database.

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIConsumer.java

@@ -419,4 +419,19 @@ public Set<SubscribedAPI> getSubscribedIdentifiers(Subscriber subscriber,
      * @throws APIManagementException if failed to API set
      */
     public Map<String,Object> getAllPaginatedAPIsByStatus(String tenantDomain,int start,int end, String Status) throws APIManagementException;
+
+    /**
+     * Revokes the oldAccessToken generating a new one.
+     *
+     * @param oldAccessToken          Token to be revoked
+     * @param clientId                Consumer Key for the Application
+     * @param clientSecret            Consumer Secret for the Application
+     * @param validityTime            Desired Validity time for the token
+     * @param accessAllowDomainsArray List of domains that this access token should be allowed to.
+     * @param jsonInput               Additional parameters if Authorization server needs any.
+     * @return Details of the newly generated Access Token.
+     * @throws APIManagementException
+     */
+    AccessTokenInfo renewAccessToken(String oldAccessToken, String clientId, String clientSecret, String validityTime,
+                                     String[] accessAllowDomainsArray, String jsonInput) throws APIManagementException;
 }

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/AccessTokenInfo.java

@@ -0,0 +1,119 @@
+/*
+ *
+ *   Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ * /
+ */
+
+package org.wso2.carbon.apimgt.api.model;
+
+import org.json.simple.JSONObject;
+
+import java.util.HashMap;
+
+/**
+ * Details about an Access Token.
+ */
+public class AccessTokenInfo {
+
+    private String consumerKey;
+
+    private String[] scope;
+
+    private String tokenState;
+
+    private String accessToken;
+
+    private long issuedTime;
+
+    private long validityPeriod;
+
+    public String[] getScope() {
+        return scope;
+    }
+
+    public void setScope(String[] scope) {
+        this.scope = scope;
+    }
+
+    public String getTokenState() {
+        return tokenState;
+    }
+
+    public void setTokenState(String tokenState) {
+        this.tokenState = tokenState;
+    }
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    public long getIssuedTime() {
+        return issuedTime;
+    }
+
+    public long getValidityPeriod() {
+        return validityPeriod;
+    }
+
+    private HashMap<String,Object> parameters = new HashMap<String, Object>();
+
+    public String getConsumerKey() {
+        return consumerKey;
+    }
+
+    public void setConsumerKey(String consumerKey) {
+        this.consumerKey = consumerKey;
+    }
+
+    public void setIssuedTime(long issuedTime) {
+        this.issuedTime = issuedTime;
+    }
+
+    public void setValidityPeriod(long validityPeriod) {
+        this.validityPeriod = validityPeriod;
+    }
+
+    public void addParameter(String paramName, Object paramValue){
+        parameters.put(paramName,paramName);
+    }
+
+    public Object getParameter(String paramName){
+        return parameters.get(paramName);
+    }
+
+    /**
+     * Sending additional properties as a JSON String.
+
+     */
+    public String getJSONString(){
+
+        if(!parameters.containsKey("scopes")){
+            parameters.put("scopes",scope);
+        }
+
+        if(!parameters.containsKey("tokenState")){
+            parameters.put("tokenState",tokenState);
+        }
+
+        return JSONObject.toJSONString(parameters);
+    }
+
+}

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/AccessTokenRequest.java

@@ -0,0 +1,145 @@
+/*
+ *
+ *   Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ * /
+ */
+
+package org.wso2.carbon.apimgt.api.model;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Representation of a Token Generation Request.
+ */
+public class AccessTokenRequest {
+    private String clientId;
+    private String clientSecret;
+    private String grantType;
+    private String[] scope;
+    private String callbackURI;
+    private String resourceOwnerUsername;
+    private String resourceOwnerPassword;
+    private String refreshToken;
+    private String tenantDomain;
+    private long validityPeriod;
+    private String tokenToRevoke;
+
+    // This map can be used to store additional properties not captured by above list of fields.
+    private HashMap<String,Object> requestParameters = new HashMap<String, Object>();
+
+
+    public String getTokenToRevoke() {
+        return tokenToRevoke;
+    }
+
+    public void setTokenToRevoke(String tokenToRevoke) {
+        this.tokenToRevoke = tokenToRevoke;
+    }
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getClientSecret() {
+        return clientSecret;
+    }
+
+    public void setClientSecret(String clientSecret) {
+        this.clientSecret = clientSecret;
+    }
+
+    public String getGrantType() {
+        return grantType;
+    }
+
+    public void setGrantType(String grantType) {
+        this.grantType = grantType;
+    }
+
+    public String[] getScope() {
+        return scope;
+    }
+
+    public void setScope(String[] scope) {
+        this.scope = scope;
+    }
+
+    public String getCallbackURI() {
+        return callbackURI;
+    }
+
+    public void setCallbackURI(String callbackURI) {
+        this.callbackURI = callbackURI;
+    }
+
+    public long getValidityPeriod(){
+        return this.validityPeriod;
+    }
+
+    public void setValidityPeriod(long validityPeriod){
+        this.validityPeriod = validityPeriod;
+    }
+
+    public String getResourceOwnerUsername() {
+        return resourceOwnerUsername;
+    }
+
+    public void setResourceOwnerUsername(String resourceOwnerUsername) {
+        this.resourceOwnerUsername = resourceOwnerUsername;
+    }
+
+    public String getResourceOwnerPassword() {
+        return resourceOwnerPassword;
+    }
+
+    public void setResourceOwnerPassword(String resourceOwnerPassword) {
+        this.resourceOwnerPassword = resourceOwnerPassword;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+    public void setRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
+
+
+    public String getTenantDomain() {
+        return tenantDomain;
+    }
+
+    public void setTenantDomain(String tenantDomain) {
+        this.tenantDomain = tenantDomain;
+    }
+
+    public void addRequestParam(String paramName, Object paramValue){
+        requestParameters.put(paramName,paramValue);
+    }
+
+    public Object getRequestParam(String key){
+        return requestParameters.get(key);
+    }
+
+
+}
+

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/KeyManager.java

@@ -64,6 +64,15 @@ public interface KeyManager {
      */
     OAuthApplicationInfo retrieveApplication(String consumerKey) throws APIManagementException;
 
+    /**
+     * Store calls this method to get a new Application Access Token. This will be called when getting the token for
+     * the first time and when Store needs to refresh the existing token.
+     * @param tokenRequest AccessTokenRequest which encapsulates parameters sent from UI.
+     * @return Details of the Generated Token. AccessToken and Validity period are a must.
+     * @throws APIManagementException
+     */
+    AccessTokenInfo getNewApplicationAccessToken(AccessTokenRequest tokenRequest) throws APIManagementException;
+
     /**
      * Call Introspection API + User API. This should retrieve two things including user claims.
      *
@@ -85,6 +94,18 @@ public interface KeyManager {
      */
     OAuthApplicationInfo buildFromJSON(String jsonInput) throws APIManagementException;
 
+    /**
+     * This method will parse the JSON input and add those additional values to AccessTokenRequest. If its needed to
+     * pass parameters in addition to those specified in AccessTokenRequest, those can be provided in the JSON input.
+     * @param jsonInput Input as a JSON. This is the same JSON passed from Store UI.
+     * @param tokenRequest Object encapsulating parameters sent from UI.
+     * @return If input AccessTokenRequest is null, a new object will be returned,
+     * else the additional parameters will be added to the input object passed.
+     * @throws APIManagementException
+     */
+    AccessTokenRequest buildAccessTokenRequestFromJSON(String jsonInput, AccessTokenRequest tokenRequest)
+            throws APIManagementException;
+
     /**
      * This method will be used if you want to create a oAuth application in semi-manual mode
      * where you must input minimum consumer key and consumer secret.
@@ -94,44 +115,4 @@ public interface KeyManager {
      * @throws APIManagementException
      */
     OAuthApplicationInfo createSemiManualAuthApplication(OauthAppRequest appInfoRequest) throws APIManagementException;
-
-//    /**
-//     * This Method will talk to APIResource registration end point  of  authorization server then will return the
-//     * response as Map.
-//     *
-//     * @param externalResource ExternalResource object, This APIResource would be an API and it comes with APIResource attributes
-//     *                  such as scopes/url_sets/auth_methods etc.
-//     * @return this will return a Map with returned values of APIResource registration.
-//     * @throws APIManagementException
-//     */
-//
-//    boolean registerNewResource(ExternalResource externalResource) throws APIManagementException;
-//
-//    /**
-//     * This method will be used to retrieve registered resource by given API ID.
-//     *
-//     * @param apiId APIM api id.
-//     * @return It will return a Map with registered resource details.
-//     * @throws APIManagementException
-//     */
-//    Map getResourceByApiId(String apiId) throws APIManagementException;
-//
-//    /**
-//     * This method is responsible for update given APIResource  by its resourceId.
-//     *
-//     * @param externalResource this  will hold ExternalResource data that needs to be updated.
-//     * @return TRUE|FALSE. if it is successfully updated it will return TRUE or else FALSE.
-//     * @throws APIManagementException
-//     */
-//    boolean updateRegisteredResource(ExternalResource externalResource) throws APIManagementException;
-//
-//    /**
-//     * This method will accept API id  as a parameter  and will delete the registered resource.
-//     *
-//     * @param apiID API id.
-//     * @throws APIManagementException
-//     */
-//    void deleteRegisteredResourceByAPIId(String apiID) throws APIManagementException;
-
-
 }