Add the reuse pvt ket jwt config to oidc metadata.

wso2 · Jun 28, 2024 · 36414b3 · 36414b3
1 parent 470a958
commit 36414b3
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 0 deletions.
diff --git a/...bon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/...bon/identity/api/server/application/management/common/ApplicationManagementConstants.java
@@ -57,6 +57,8 @@ private ApplicationManagementConstants() {
     public static final String RBAC = "RBAC";
     public static final String NO_POLICY = "NO POLICY";
     public static final String SELECT_OPTION = "Select Option";
+    public static final String TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT_DEFAULT_VALUE = "OAuth.OpenIDConnect." +
+            "TokenEndpointAllowReusePrivateKeyJWT";
     public static final String TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." +
             "SupportedTokenEndpointSigningAlgorithms.SupportedTokenEndpointSigningAlgorithm";
     public static final String ID_TOKEN_SIGNATURE_ALGORITHMS_SUPPORTED = "OAuth.OpenIDConnect." +

diff --git a/.../gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java b/.../gen/java/org/wso2/carbon/identity/api/server/application/management/v1/OIDCMetaData.java
@@ -48,6 +48,7 @@ public class OIDCMetaData  {
     private ClientAuthenticationMethodMetadata tokenEndpointAuthMethod;
     private MetadataProperty tokenEndpointSignatureAlgorithm;
     private MetadataProperty idTokenSignatureAlgorithm;
+    private Boolean tokenEndpointAllowReusePvtKeyJwt;
     private MetadataProperty requestObjectSignatureAlgorithm;
     private MetadataProperty requestObjectEncryptionAlgorithm;
     private MetadataProperty requestObjectEncryptionMethod;
@@ -270,6 +271,31 @@ public void setTokenEndpointSignatureAlgorithm(MetadataProperty tokenEndpointSig
         this.tokenEndpointSignatureAlgorithm = tokenEndpointSignatureAlgorithm;
     }
 
+    /**
+     * Allow reuse of the private key for JWT generation at the token endpoint.
+     *
+     * @param tokenEndpointAllowReusePvtKeyJwt Allow reuse of the private key for JWT generation at the token endpoint.
+     * @return OIDCMetaData object.
+     **/
+    public OIDCMetaData tokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) {
+
+        this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt;
+        return this;
+    }
+
+    @ApiModelProperty(example = "false", value = "")
+    @JsonProperty("tokenEndpointAllowReusePvtKeyJwt")
+    @Valid
+    public Boolean getTokenEndpointAllowReusePvtKeyJwt() {
+
+        return tokenEndpointAllowReusePvtKeyJwt;
+    }
+
+    public void setTokenEndpointAllowReusePvtKeyJwt(Boolean tokenEndpointAllowReusePvtKeyJwt) {
+
+        this.tokenEndpointAllowReusePvtKeyJwt = tokenEndpointAllowReusePvtKeyJwt;
+    }
+
     /**
      **/
     public OIDCMetaData idTokenSignatureAlgorithm(MetadataProperty idTokenSignatureAlgorithm) {
@@ -402,6 +428,7 @@ public boolean equals(java.lang.Object o) {
             Objects.equals(this.accessTokenBindingType, oiDCMetaData.accessTokenBindingType) &&
             Objects.equals(this.tokenEndpointAuthMethod, oiDCMetaData.tokenEndpointAuthMethod) &&
             Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.tokenEndpointSignatureAlgorithm) &&
+            Objects.equals(this.tokenEndpointAllowReusePvtKeyJwt, oiDCMetaData.tokenEndpointAllowReusePvtKeyJwt) &&
             Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.idTokenSignatureAlgorithm) &&
             Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectSignatureAlgorithm) &&
             Objects.equals(this.tokenEndpointSignatureAlgorithm, oiDCMetaData.requestObjectEncryptionAlgorithm) &&
@@ -433,6 +460,8 @@ public String toString() {
         sb.append("    accessTokenBindingType: ").append(toIndentedString(accessTokenBindingType)).append("\n");
         sb.append("    tokenEndpointAuthMethod: ").append(toIndentedString(tokenEndpointAuthMethod)).append("\n");
         sb.append("    tokenEndpointSignatureAlgorithm: ").append(toIndentedString(tokenEndpointSignatureAlgorithm)).append("\n");
+        sb.append("    tokenEndpointAllowReusePvtKeyJwt: ").append(toIndentedString(tokenEndpointAllowReusePvtKeyJwt))
+                .append("\n");
         sb.append("    idTokenSignatureAlgorithm: ").append(toIndentedString(idTokenSignatureAlgorithm)).append("\n");
         sb.append("    requestObjectSignatureAlgorithm: ").append(toIndentedString(requestObjectSignatureAlgorithm)).append("\n");
         sb.append("    requestObjectEncryptionAlgorithm: ").append(toIndentedString(requestObjectEncryptionAlgorithm)).append("\n");

diff --git a/.../identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java b/.../identity/api/server/application/management/v1/core/ServerApplicationMetadataService.java
@@ -169,6 +169,9 @@ public OIDCMetaData getOIDCMetadata() {
         supportedClientAuthMethods.addAll(getClientAuthenticationMethods());
         oidcMetaData.setTokenEndpointAuthMethod(
                 new ClientAuthenticationMethodMetadata().options(supportedClientAuthMethods));
+        boolean tokenEpAllowReusePvtKeyJwtDefaultValue = Boolean.parseBoolean(IdentityUtil
+                .getProperty(ApplicationManagementConstants.TOKEN_EP_ALLOW_REUSE_PVT_KEY_JWT_DEFAULT_VALUE));
+        oidcMetaData.setTokenEndpointAllowReusePvtKeyJwt(tokenEpAllowReusePvtKeyJwtDefaultValue);
         List<String> tokenEpSigningAlgorithms = IdentityUtil
                 .getPropertyAsList(ApplicationManagementConstants.TOKEN_EP_SIGNATURE_ALGORITHMS_SUPPORTED);
         oidcMetaData.setTokenEndpointSignatureAlgorithm(new MetadataProperty()