[Dev] How to make my custom authenticator as default for all service providers.

2017-09-07 Thread shiva.k 
Hi,

 

I am using WSO2 API manager 2.1.0 and I deployed my custom authenticator as
OSGI bundler for authenticating using built in identity server. And it's
activated successfully. But when I send request to /authorize during
authorization grant type flow. I am getting Invalid request.

 

Here are my configurations.

wso2am-2.1.0/repository/conf/identity/application-authentication.xml





   // ---> my custom class name

















 











   













 

 



















 

wso2am-2.1.0/repository/conf/identity/service-providers/default.xml





 
SSBasicAuthenticator

 
ssbasicauth

true





 

When I browse to https://localhost:8243/authorize?response_type=code

_id=iHvjBTLy70slPCt0JZIGVSrmLW8a=PRODUCTION_uri=http:/
/mail.google.com

I get below errors please HELP.

[2017-09-07 15:33:54,053] ERROR - DefaultStepHandler Authenticator is null

[2017-09-07 15:33:54,062] ERROR - OAuth2AuthzEndpoint Cannot find
AuthenticationResult from the cache

 



 

Please reply if u need more information.

 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Where can I find /token endpoint source code.

2017-09-06 Thread shiva.k 
Hi Ahamed,

 

Thank you for your support and suggestions, I was able to successfully obtain 
the tenant domain name using from clientId as you suggested. And also in 
AccessTokenIssuer class in issue method itself a proper tenant domain based on 
clientId is set in oauth token request object.

 

Thank You,

Shiva Kumar KR

 

From: Farasath Ahamed [mailto:farasa...@wso2.com] 
Sent: 06 September 2017 17:40
To: shiv...@securelyshare.com; WSO2 Developers' List 
Subject: Re: [Dev] Where can I find /token endpoint source code.

 

 

On Tue, Sep 5, 2017 at 10:39 PM, Farasath Ahamed  > wrote:

Hi Shiva,

 

Please use reply all including the dev list :) So that others will be able to 
chip in with their ideas as well...

 

There is a small catch there. Even if you managed to pass the tenantDomain as a 
query param to the token endpoint it will not reach your extended password 
grant handler. The reason is this line of code in our current 
implementation[1], which limits the password grant type to pass username, 
password parameters only to the grant handler. We have fixed this in master 
where we pass all the parameters sent in the token.

 

There is a small trick to get this working. You can write a grant handler 
extending the password grant handler but register it as a custom grant instead 
of grant_type=password, let's say you register it as grant_type=custom1, then 
in the token request you can send the tenantDomain as a parameter like below,

 

"grant_type=custom1=ddd=abc.com  
",

 

within the grant handler, you can access any parameter sent using,

 

 // extract request parameters

 RequestParameter[] parameters = 
oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getRequestParameters();

 

All the details you need to implement a custom grant type are in [2] with 
examples. Give it a try! :)

 

 

[1] 
https://github.com/wso2-support/identity-inbound-auth-oauth/blob/support-5.3.3/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java#L273-L275

 

Correct link

https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.3/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java#L257-L287
 

 

 

 

[2] https://docs.wso2.com/display/IS530/Writing+a+Custom+OAuth+2.0+Grant+Type

 

 

Thanks,


Farasath Ahamed

Software Engineer, WSO2 Inc.;   http://wso2.com

Mobile:   +94777603866

Blog: blog.farazath.com  

Twitter: @farazath619  

  

 

 

 

On Tue, Sep 5, 2017 at 10:16 PM,  > wrote:

Yes absolutely  is there any way or alternate way?

 

From: Farasath Ahamed [mailto:farasa...@wso2.com  ] 
Sent: 05 September 2017 22:14
To: shiv...@securelyshare.com  ; WSO2 
Developers' List  >
Subject: Re: [Dev] Where can I find /token endpoint source code.

 

 

 

On Tue, Sep 5, 2017 at 10:06 PM,  > wrote:

Hi Ahamed,

 

Thank you for your response I found the configuration files. Is it possible to 
change the /token context attribute to take a path variable in /token and pass 
that to /oauth2/token. Eg.

 

http://ws.apache.org/ns/synapse; name="_WSO2AMTokenAPI_" 
context="/{domain}/token">

 

And your ultimate target is to pass this particular parameter to the password 
grant handler is it?

 

 

Thank You,

Shiva Kumar KR

 

From: Farasath Ahamed [mailto:farasa...@wso2.com  ] 
Sent: 05 September 2017 21:26
To: shiv...@securelyshare.com  
Cc: WSO2 Developers' List  >
Subject: Re: [Dev] Where can I find /token endpoint source code.

 

Hi Shiva,

 

/token exposed is actually a proxy to /oauth2/token which is the actual 
endpoint that handles your token request. Souce code for OAuth2 Token Endpoint 
can be found in [1].

You can find the proxy configuration for /token in 
APIM_HOME/repository/deployment/server/synapse-configs/default/api/_TokenAPI_.xml

 

 

[1] 
https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java

 

 

Thanks,

Farasath




Farasath Ahamed

Software Engineer, WSO2 Inc.;   http://wso2.com

Mobile:   +94777603866

Blog: blog.farazath.com  

Twitter: @farazath619

[Dev] Is it possible to obtain subscriber information from clientId, client secret

2017-09-06 Thread shiva.k 
Hi All,

 

I am extending Password grant handler for customizing the authentication
mechanism, within that I have a requirement to know subscriber username from
clientId or client secret, is this possible programmatically?

 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] how can i customize basic authentication of wso2 api manager for authorization code grant type.

2017-09-06 Thread shiva.k 
How can I customize basic authentication of Authorization code grant type
page. Any handlers I can override.

I tried to extend ExtendedAuthorizationCodeGrantHandler and overriding
validateGrant method, but when i click sign in the validateGrant method is
not invoking. Please see the configuration below.

 

In WSO2_HOME/repository/conf/identity/identity.xml I have changed handler to
my implementation please suggest any way to override authentication when I
click sign in.

 



authorization_code

 


 
org.wso2.carbon.test.SSAuthorizationCodeGrantHanl
der



 



 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Where can I find /token endpoint source code.

2017-09-05 Thread shiva.k 
Hi WSO2 team,

 

I want to know in which class /token url request is handled. It will be very
helpful for me if any one suggest which class name and project.

 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Change token url in WSO2 API Manager

2017-09-04 Thread shiva.k 
Hi Wso2 team,

 

Please can you suggest any ways to change default token generation url,
http://  :8280/token  to
http:// 
:8280/t//token.

For eg.

Default token generation is http://wso2.com:8280/token

I want - http://wso2.com:8280/t/securelyshare.com/token

 

How can I achieve this, thanks in advance.

 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] how to obtain tenant domain from just clientid and client secret.

2017-09-04 Thread shiva.k 
Hi, 

I am using WSO2 api manager 2.1.0, and I am extending password grant type
handler to customize few operations

I tried to obtain tenant domain from OAuthAppDO from I got the below
exception please help me.

 

This is utility method I trying to get OauthAppDO from which I get
AuthenticatedUser object and it's tenantdomain. But it's throwing exception.

 

String tenantDomain =
OAuthUtil.getAppInformationByClientId(oAuth2AccessTokenReqDTO.getClientId())
.getUser().getTenantDomain();

 

... 47 more

[2017-09-04 18:55:59,723] ERROR - StandardWrapperValve Servlet.service() for
servlet [OAuth2Endpoints] in context with path [/oauth2] threw exception

java.lang.RuntimeException: org.apache.cxf.interceptor.Fault:
org.wso2.carbon.identity.oauth.OAuthUtil.getAppInformationByClientId(Ljava/l
ang/String;)Lorg/wso2/carbon/identity/oauth/dao/OAuthAppDO;

at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Abs
tractFaultChainInitiatorObserver.java:116)

at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain
.java:336)

at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationOb
server.java:121)

at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDes
tination.java:249)

at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(Servlet
Controller.java:248)

at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.
java:222)

at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.
java:153)

at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServ
let.java:171)

at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractH
TTPServlet.java:289)

at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServ
let.java:209)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)

at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPSer
vlet.java:265)

at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:303)

at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:208)

at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:241)

at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:208)

at
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecu
rityFilter.java:120)

at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:241)

at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:208)

at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja
va:218)

at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja
va:122)

at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
.java:505)

at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169
)

at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103
)

at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(Composit
eValve.java:99)

at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatVal
ve.java:47)

at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValv
e.java:57)

at
org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve
.invoke(TenantLazyLoaderValve.java:48)

at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatVa
lveContainer.java:47)

at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:
62)

at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(Car
bonStuckThreadDetectionValve.java:159)

at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:958)

at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonCon
textCreatorValve.java:57)

at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
:116)

at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)

at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Proce
ssor.java:1087)

at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(Abstrac
tProtocol.java:637)

at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.jav
a:1756)

at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:
1715)

at