Skip to content

Commit

Permalink
fix: admin-ui plugin should use encoded client_secret for authenticat…
Browse files Browse the repository at this point in the history
…ion #2717
  • Loading branch information
duttarnab committed Oct 25, 2022
1 parent d51ae24 commit 4de0d27
Showing 1 changed file with 12 additions and 15 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -4,36 +4,31 @@
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import io.jans.as.client.TokenRequest;
import io.jans.as.common.service.common.EncryptionService;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.jwt.Jwt;
import io.jans.as.model.jwt.JwtClaims;
import io.jans.ca.plugin.adminui.model.config.AUIConfiguration;
import io.jans.ca.plugin.adminui.model.exception.ApplicationException;
import io.jans.ca.plugin.adminui.model.auth.TokenResponse;
import io.jans.ca.plugin.adminui.model.auth.UserInfoRequest;
import io.jans.ca.plugin.adminui.model.auth.UserInfoResponse;
import io.jans.ca.plugin.adminui.model.config.AUIConfiguration;
import io.jans.ca.plugin.adminui.model.exception.ApplicationException;
import io.jans.ca.plugin.adminui.rest.auth.OAuth2Resource;
import io.jans.ca.plugin.adminui.service.config.AUIConfigurationService;
import io.jans.ca.plugin.adminui.utils.ClientFactory;
import io.jans.ca.plugin.adminui.utils.CommonUtils;
import io.jans.ca.plugin.adminui.utils.ErrorResponse;
import jakarta.ws.rs.client.Invocation;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;

import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.client.Invocation;
import jakarta.ws.rs.core.MultivaluedHashMap;
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriBuilder;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;

import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import java.util.List;
Expand All @@ -48,6 +43,8 @@ public class OAuth2Service {
@Inject
AUIConfigurationService auiConfigurationService;

@Inject
EncryptionService encryptionService;
/**
* Calls token endpoint from the Identity Provider and returns a valid Access Token.
*/
Expand All @@ -64,7 +61,7 @@ public TokenResponse getAccessToken(String code) throws ApplicationException {
tokenRequest.setCode(code);

tokenRequest.setAuthUsername(auiConfiguration.getAuthServerClientId());
tokenRequest.setAuthPassword(auiConfiguration.getAuthServerClientSecret());
tokenRequest.setAuthPassword(encryptionService.decrypt(auiConfiguration.getAuthServerClientSecret()));
tokenRequest.setGrantType(GrantType.AUTHORIZATION_CODE);
tokenRequest.setRedirectUri(auiConfiguration.getAuthServerRedirectUrl());
tokenRequest.setScope(auiConfiguration.getAuthServerScope());
Expand Down Expand Up @@ -96,7 +93,7 @@ public TokenResponse getApiProtectionToken(String userInfoJwt) throws Applicatio

TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
tokenRequest.setAuthUsername(auiConfiguration.getTokenServerClientId());
tokenRequest.setAuthPassword(auiConfiguration.getTokenServerClientSecret());
tokenRequest.setAuthPassword(encryptionService.decrypt(auiConfiguration.getTokenServerClientSecret()));
tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS);
tokenRequest.setRedirectUri(auiConfiguration.getTokenServerRedirectUrl());

Expand Down

0 comments on commit 4de0d27

Please sign in to comment.