On Sun, Feb 17, 2013 at 12:49 AM, Prabath Siriwardena <[email protected]>wrote:
> Hi Dinusha, > > Looks like this comment has broken the 4.0.8 build. Can you please commit > the changes APIKey class too.. > *commit > > Thanks & regards, > -Prabath > > On Tue, Feb 12, 2013 at 6:12 PM, <[email protected]> wrote: > >> Author: dinusha >> Date: Tue Feb 12 18:12:37 2013 >> New Revision: 161943 >> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=161943 >> >> Log: >> Fix for APIMANAGER-850. >> >> Modified: >> >> >> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >> >> Modified: >> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >> URL: >> http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java?rev=161943&r1=161942&r2=161943&view=diff >> >> ============================================================================== >> --- >> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >> (original) >> +++ >> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >> Tue Feb 12 18:12:37 2013 >> @@ -1205,10 +1205,14 @@ >> accessTokenStoreTable = >> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >> } >> >> - String getTokenSql = "SELECT >> ACCESS_TOKEN,AUTHZ_USER,TOKEN_SCOPE,CONSUMER_KEY," + >> - "TIME_CREATED,VALIDITY_PERIOD " + >> - "FROM " + accessTokenStoreTable + >> - " WHERE ACCESS_TOKEN= ? AND >> TOKEN_STATE='ACTIVE' "; >> + String getTokenSql = "SELECT >> a.ACCESS_TOKEN,a.AUTHZ_USER,a.TOKEN_SCOPE,a.CONSUMER_KEY," + >> + "a.TIME_CREATED,a.VALIDITY_PERIOD, >> b.AUTHZ_DOMAIN " + >> + "FROM " + accessTokenStoreTable + " a" + >> + " INNER JOIN >> IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS b" + >> + " ON a.CONSUMER_KEY = b.CONSUMER_KEY" + >> + " WHERE a.ACCESS_TOKEN= ? AND >> a.TOKEN_STATE='ACTIVE' "; >> + >> + String authorizedDomains = getAuthorizedDomains(accessToken); >> try { >> connection = APIMgtDBUtil.getConnection(); >> PreparedStatement getToken = >> connection.prepareStatement(getTokenSql); >> @@ -1222,6 +1226,7 @@ >> >> >> apiKey.setCreatedDate(getTokenRS.getTimestamp("TIME_CREATED").toString().split("\\.")[0]); >> >> apiKey.setConsumerKey(getTokenRS.getString("CONSUMER_KEY")); >> apiKey.setValidityPeriod("" + >> getTokenRS.getInt("VALIDITY_PERIOD")); >> + apiKey.setAuthorizedDomains(authorizedDomains); >> >> } >> } catch (SQLException e) { >> @@ -1461,6 +1466,7 @@ >> " ICA.CONSUMER_KEY = IAT.CONSUMER_KEY AND" + >> " ICA.USERNAME = IAT.AUTHZ_USER"; >> >> + String authorizedDomains; >> Set<APIKey> apiKeys = new HashSet<APIKey>(); >> try { >> connection = APIMgtDBUtil.getConnection(); >> @@ -1469,12 +1475,17 @@ >> nestedPS.setString(2, username); >> nestedPS.setString(3, >> APIConstants.ACCESS_TOKEN_USER_TYPE_APPLICATION); >> ResultSet nestedRS = nestedPS.executeQuery(); >> + String accessToken; >> while (nestedRS.next()) { >> APIKey apiKey = new APIKey(); >> + accessToken = nestedRS.getString("ACCESS_TOKEN"); >> + authorizedDomains = getAuthorizedDomains(accessToken); >> + >> >> apiKey.setConsumerKey(nestedRS.getString("CONSUMER_KEY")); >> >> apiKey.setConsumerSecret(nestedRS.getString("CONSUMER_SECRET")); >> - >> apiKey.setAccessToken(nestedRS.getString("ACCESS_TOKEN")); >> + apiKey.setAccessToken(accessToken); >> apiKey.setType(nestedRS.getString("TOKEN_TYPE")); >> + apiKey.setAuthorizedDomains(authorizedDomains); >> apiKeys.add(apiKey); >> } >> } catch (SQLException e) { >> @@ -3337,6 +3348,90 @@ >> return urlMappings; >> } >> >> + public static boolean isDomainRestricted(String apiKey, String >> clientDomain) >> + throws APIManagementException { >> + boolean restricted = true; >> + if (clientDomain != null) { >> + clientDomain = clientDomain.trim(); >> + } >> + List<String> authorizedDomains = >> Arrays.asList(getAuthorizedDomains(apiKey).split(",")); >> + if (authorizedDomains.contains("ALL") || >> authorizedDomains.contains(clientDomain)) { >> + restricted = false; >> + } >> + return restricted; >> + } >> + >> + public static String getAuthorizedDomains(String accessToken) throws >> APIManagementException { >> + String authorizedDomains = ""; >> + String accessTokenStoreTable = >> APIConstants.ACCESS_TOKEN_STORE_TABLE; >> + if (APIUtil.checkAccessTokenPartitioningEnabled() && >> + APIUtil.checkUserNameAssertionEnabled()) { >> + accessTokenStoreTable = >> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >> + } >> + String accessAllowDomainsSql = "SELECT a.AUTHZ_DOMAIN " + >> + " FROM IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS a " + >> + " INNER JOIN " + accessTokenStoreTable + " b " + >> + " ON a.CONSUMER_KEY = b.CONSUMER_KEY " + >> + " WHERE b.ACCESS_TOKEN = ? "; >> + >> + Connection connection = null; >> + PreparedStatement prepStmt = null; >> + ResultSet rs = null; >> + try { >> + connection = APIMgtDBUtil.getConnection(); >> + prepStmt = >> connection.prepareStatement(accessAllowDomainsSql); >> + prepStmt.setString(1, accessToken); >> + rs = prepStmt.executeQuery(); >> + boolean first = true; >> + while (rs.next()) { //if(rs.next==true) -> domain != null >> + String domain = rs.getString(1); >> + if (first) { >> + authorizedDomains = domain; >> + first = false; >> + } else { >> + authorizedDomains = authorizedDomains + ", " + >> domain; >> + } >> + } >> + prepStmt.close(); >> + } catch (SQLException e) { >> + throw new APIManagementException >> + ("Error in retrieving access allowing domain list >> from table.", e); >> + } finally { >> + APIMgtDBUtil.closeAllConnections(prepStmt, connection, rs); >> + } >> + return authorizedDomains; >> + } >> + >> + public static String findConsumerKeyFromAccessToken(String >> accessToken) >> + throws APIManagementException { >> + Connection connection = null; >> + PreparedStatement smt = null; >> + ResultSet rs = null; >> + String authorizedDomain = null; >> + >> + String accessTokenStoreTable = >> APIConstants.ACCESS_TOKEN_STORE_TABLE; >> + if (APIUtil.checkAccessTokenPartitioningEnabled() && >> + APIUtil.checkUserNameAssertionEnabled()) { >> + accessTokenStoreTable = >> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >> + } >> + try { >> + String getConsumerKeySql = "SELECT CONSUMER_KEY FROM " + >> accessTokenStoreTable + >> + " WHERE ACCESS_TOKEN=?"; >> + connection = APIMgtDBUtil.getConnection(); >> + smt = connection.prepareStatement(getConsumerKeySql); >> + smt.setString(1, accessToken); >> + rs = smt.executeQuery(); >> + while (rs.next()) { >> + authorizedDomain = rs.getString(1); >> + } >> + } catch (SQLException e) { >> + handleException("Error while getting authorized domians.", >> e); >> + } finally { >> + APIMgtDBUtil.closeAllConnections(smt, connection, rs); >> + } >> + return authorizedDomain; >> + } >> + >> private static class SubscriptionInfo { >> private int subscriptionId; >> private String tierId; >> _______________________________________________ >> Commits mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/commits >> > > > > -- > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com > http://RampartFAQ.com > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
