Hi Dinusha, Looks like this comment has broken the 4.0.8 build. Can you please commit the changes APIKey class too..
Thanks & regards, -Prabath On Tue, Feb 12, 2013 at 6:12 PM, <[email protected]> wrote: > Author: dinusha > Date: Tue Feb 12 18:12:37 2013 > New Revision: 161943 > URL: http://wso2.org/svn/browse/wso2?view=rev&revision=161943 > > Log: > Fix for APIMANAGER-850. > > Modified: > > > carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java > > Modified: > carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java > URL: > http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java?rev=161943&r1=161942&r2=161943&view=diff > > ============================================================================== > --- > carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java > (original) > +++ > carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java > Tue Feb 12 18:12:37 2013 > @@ -1205,10 +1205,14 @@ > accessTokenStoreTable = > APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); > } > > - String getTokenSql = "SELECT > ACCESS_TOKEN,AUTHZ_USER,TOKEN_SCOPE,CONSUMER_KEY," + > - "TIME_CREATED,VALIDITY_PERIOD " + > - "FROM " + accessTokenStoreTable + > - " WHERE ACCESS_TOKEN= ? AND > TOKEN_STATE='ACTIVE' "; > + String getTokenSql = "SELECT > a.ACCESS_TOKEN,a.AUTHZ_USER,a.TOKEN_SCOPE,a.CONSUMER_KEY," + > + "a.TIME_CREATED,a.VALIDITY_PERIOD, > b.AUTHZ_DOMAIN " + > + "FROM " + accessTokenStoreTable + " a" + > + " INNER JOIN > IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS b" + > + " ON a.CONSUMER_KEY = b.CONSUMER_KEY" + > + " WHERE a.ACCESS_TOKEN= ? AND > a.TOKEN_STATE='ACTIVE' "; > + > + String authorizedDomains = getAuthorizedDomains(accessToken); > try { > connection = APIMgtDBUtil.getConnection(); > PreparedStatement getToken = > connection.prepareStatement(getTokenSql); > @@ -1222,6 +1226,7 @@ > > > apiKey.setCreatedDate(getTokenRS.getTimestamp("TIME_CREATED").toString().split("\\.")[0]); > > apiKey.setConsumerKey(getTokenRS.getString("CONSUMER_KEY")); > apiKey.setValidityPeriod("" + > getTokenRS.getInt("VALIDITY_PERIOD")); > + apiKey.setAuthorizedDomains(authorizedDomains); > > } > } catch (SQLException e) { > @@ -1461,6 +1466,7 @@ > " ICA.CONSUMER_KEY = IAT.CONSUMER_KEY AND" + > " ICA.USERNAME = IAT.AUTHZ_USER"; > > + String authorizedDomains; > Set<APIKey> apiKeys = new HashSet<APIKey>(); > try { > connection = APIMgtDBUtil.getConnection(); > @@ -1469,12 +1475,17 @@ > nestedPS.setString(2, username); > nestedPS.setString(3, > APIConstants.ACCESS_TOKEN_USER_TYPE_APPLICATION); > ResultSet nestedRS = nestedPS.executeQuery(); > + String accessToken; > while (nestedRS.next()) { > APIKey apiKey = new APIKey(); > + accessToken = nestedRS.getString("ACCESS_TOKEN"); > + authorizedDomains = getAuthorizedDomains(accessToken); > + > apiKey.setConsumerKey(nestedRS.getString("CONSUMER_KEY")); > > apiKey.setConsumerSecret(nestedRS.getString("CONSUMER_SECRET")); > - apiKey.setAccessToken(nestedRS.getString("ACCESS_TOKEN")); > + apiKey.setAccessToken(accessToken); > apiKey.setType(nestedRS.getString("TOKEN_TYPE")); > + apiKey.setAuthorizedDomains(authorizedDomains); > apiKeys.add(apiKey); > } > } catch (SQLException e) { > @@ -3337,6 +3348,90 @@ > return urlMappings; > } > > + public static boolean isDomainRestricted(String apiKey, String > clientDomain) > + throws APIManagementException { > + boolean restricted = true; > + if (clientDomain != null) { > + clientDomain = clientDomain.trim(); > + } > + List<String> authorizedDomains = > Arrays.asList(getAuthorizedDomains(apiKey).split(",")); > + if (authorizedDomains.contains("ALL") || > authorizedDomains.contains(clientDomain)) { > + restricted = false; > + } > + return restricted; > + } > + > + public static String getAuthorizedDomains(String accessToken) throws > APIManagementException { > + String authorizedDomains = ""; > + String accessTokenStoreTable = > APIConstants.ACCESS_TOKEN_STORE_TABLE; > + if (APIUtil.checkAccessTokenPartitioningEnabled() && > + APIUtil.checkUserNameAssertionEnabled()) { > + accessTokenStoreTable = > APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); > + } > + String accessAllowDomainsSql = "SELECT a.AUTHZ_DOMAIN " + > + " FROM IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS a " + > + " INNER JOIN " + accessTokenStoreTable + " b " + > + " ON a.CONSUMER_KEY = b.CONSUMER_KEY " + > + " WHERE b.ACCESS_TOKEN = ? "; > + > + Connection connection = null; > + PreparedStatement prepStmt = null; > + ResultSet rs = null; > + try { > + connection = APIMgtDBUtil.getConnection(); > + prepStmt = connection.prepareStatement(accessAllowDomainsSql); > + prepStmt.setString(1, accessToken); > + rs = prepStmt.executeQuery(); > + boolean first = true; > + while (rs.next()) { //if(rs.next==true) -> domain != null > + String domain = rs.getString(1); > + if (first) { > + authorizedDomains = domain; > + first = false; > + } else { > + authorizedDomains = authorizedDomains + ", " + domain; > + } > + } > + prepStmt.close(); > + } catch (SQLException e) { > + throw new APIManagementException > + ("Error in retrieving access allowing domain list > from table.", e); > + } finally { > + APIMgtDBUtil.closeAllConnections(prepStmt, connection, rs); > + } > + return authorizedDomains; > + } > + > + public static String findConsumerKeyFromAccessToken(String > accessToken) > + throws APIManagementException { > + Connection connection = null; > + PreparedStatement smt = null; > + ResultSet rs = null; > + String authorizedDomain = null; > + > + String accessTokenStoreTable = > APIConstants.ACCESS_TOKEN_STORE_TABLE; > + if (APIUtil.checkAccessTokenPartitioningEnabled() && > + APIUtil.checkUserNameAssertionEnabled()) { > + accessTokenStoreTable = > APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); > + } > + try { > + String getConsumerKeySql = "SELECT CONSUMER_KEY FROM " + > accessTokenStoreTable + > + " WHERE ACCESS_TOKEN=?"; > + connection = APIMgtDBUtil.getConnection(); > + smt = connection.prepareStatement(getConsumerKeySql); > + smt.setString(1, accessToken); > + rs = smt.executeQuery(); > + while (rs.next()) { > + authorizedDomain = rs.getString(1); > + } > + } catch (SQLException e) { > + handleException("Error while getting authorized domians.", e); > + } finally { > + APIMgtDBUtil.closeAllConnections(smt, connection, rs); > + } > + return authorizedDomain; > + } > + > private static class SubscriptionInfo { > private int subscriptionId; > private String tierId; > _______________________________________________ > Commits mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/commits > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
