Hi Prabath, sorry for the inconvenience.. I have reverted this commit until, i port this fix properly to public branch. please take a up in apimgt.impl/1.0.8 module.
Regards, Dinusha. On Sun, Feb 17, 2013 at 12:54 AM, Prabath Siriwardena <[email protected]>wrote: > > > On Sun, Feb 17, 2013 at 12:49 AM, Prabath Siriwardena <[email protected]>wrote: > >> Hi Dinusha, >> >> Looks like this comment has broken the 4.0.8 build. Can you please commit >> the changes APIKey class too.. >> > > *commit > > >> >> Thanks & regards, >> -Prabath >> >> On Tue, Feb 12, 2013 at 6:12 PM, <[email protected]> wrote: >> >>> Author: dinusha >>> Date: Tue Feb 12 18:12:37 2013 >>> New Revision: 161943 >>> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=161943 >>> >>> Log: >>> Fix for APIMANAGER-850. >>> >>> Modified: >>> >>> >>> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >>> >>> Modified: >>> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >>> URL: >>> http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java?rev=161943&r1=161942&r2=161943&view=diff >>> >>> ============================================================================== >>> --- >>> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >>> (original) >>> +++ >>> carbon/platform/branches/4.0.0/components/apimgt/org.wso2.carbon.apimgt.impl/1.0.8/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java >>> Tue Feb 12 18:12:37 2013 >>> @@ -1205,10 +1205,14 @@ >>> accessTokenStoreTable = >>> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >>> } >>> >>> - String getTokenSql = "SELECT >>> ACCESS_TOKEN,AUTHZ_USER,TOKEN_SCOPE,CONSUMER_KEY," + >>> - "TIME_CREATED,VALIDITY_PERIOD " + >>> - "FROM " + accessTokenStoreTable + >>> - " WHERE ACCESS_TOKEN= ? AND >>> TOKEN_STATE='ACTIVE' "; >>> + String getTokenSql = "SELECT >>> a.ACCESS_TOKEN,a.AUTHZ_USER,a.TOKEN_SCOPE,a.CONSUMER_KEY," + >>> + "a.TIME_CREATED,a.VALIDITY_PERIOD, >>> b.AUTHZ_DOMAIN " + >>> + "FROM " + accessTokenStoreTable + " a" + >>> + " INNER JOIN >>> IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS b" + >>> + " ON a.CONSUMER_KEY = b.CONSUMER_KEY" + >>> + " WHERE a.ACCESS_TOKEN= ? AND >>> a.TOKEN_STATE='ACTIVE' "; >>> + >>> + String authorizedDomains = getAuthorizedDomains(accessToken); >>> try { >>> connection = APIMgtDBUtil.getConnection(); >>> PreparedStatement getToken = >>> connection.prepareStatement(getTokenSql); >>> @@ -1222,6 +1226,7 @@ >>> >>> >>> apiKey.setCreatedDate(getTokenRS.getTimestamp("TIME_CREATED").toString().split("\\.")[0]); >>> >>> apiKey.setConsumerKey(getTokenRS.getString("CONSUMER_KEY")); >>> apiKey.setValidityPeriod("" + >>> getTokenRS.getInt("VALIDITY_PERIOD")); >>> + apiKey.setAuthorizedDomains(authorizedDomains); >>> >>> } >>> } catch (SQLException e) { >>> @@ -1461,6 +1466,7 @@ >>> " ICA.CONSUMER_KEY = IAT.CONSUMER_KEY AND" + >>> " ICA.USERNAME = IAT.AUTHZ_USER"; >>> >>> + String authorizedDomains; >>> Set<APIKey> apiKeys = new HashSet<APIKey>(); >>> try { >>> connection = APIMgtDBUtil.getConnection(); >>> @@ -1469,12 +1475,17 @@ >>> nestedPS.setString(2, username); >>> nestedPS.setString(3, >>> APIConstants.ACCESS_TOKEN_USER_TYPE_APPLICATION); >>> ResultSet nestedRS = nestedPS.executeQuery(); >>> + String accessToken; >>> while (nestedRS.next()) { >>> APIKey apiKey = new APIKey(); >>> + accessToken = nestedRS.getString("ACCESS_TOKEN"); >>> + authorizedDomains = getAuthorizedDomains(accessToken); >>> + >>> >>> apiKey.setConsumerKey(nestedRS.getString("CONSUMER_KEY")); >>> >>> apiKey.setConsumerSecret(nestedRS.getString("CONSUMER_SECRET")); >>> - >>> apiKey.setAccessToken(nestedRS.getString("ACCESS_TOKEN")); >>> + apiKey.setAccessToken(accessToken); >>> apiKey.setType(nestedRS.getString("TOKEN_TYPE")); >>> + apiKey.setAuthorizedDomains(authorizedDomains); >>> apiKeys.add(apiKey); >>> } >>> } catch (SQLException e) { >>> @@ -3337,6 +3348,90 @@ >>> return urlMappings; >>> } >>> >>> + public static boolean isDomainRestricted(String apiKey, String >>> clientDomain) >>> + throws APIManagementException { >>> + boolean restricted = true; >>> + if (clientDomain != null) { >>> + clientDomain = clientDomain.trim(); >>> + } >>> + List<String> authorizedDomains = >>> Arrays.asList(getAuthorizedDomains(apiKey).split(",")); >>> + if (authorizedDomains.contains("ALL") || >>> authorizedDomains.contains(clientDomain)) { >>> + restricted = false; >>> + } >>> + return restricted; >>> + } >>> + >>> + public static String getAuthorizedDomains(String accessToken) >>> throws APIManagementException { >>> + String authorizedDomains = ""; >>> + String accessTokenStoreTable = >>> APIConstants.ACCESS_TOKEN_STORE_TABLE; >>> + if (APIUtil.checkAccessTokenPartitioningEnabled() && >>> + APIUtil.checkUserNameAssertionEnabled()) { >>> + accessTokenStoreTable = >>> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >>> + } >>> + String accessAllowDomainsSql = "SELECT a.AUTHZ_DOMAIN " + >>> + " FROM IDN_OAUTH2_ACCESS_TOKEN_DOMAIN_MAPPINGS a " + >>> + " INNER JOIN " + accessTokenStoreTable + " b " + >>> + " ON a.CONSUMER_KEY = b.CONSUMER_KEY " + >>> + " WHERE b.ACCESS_TOKEN = ? "; >>> + >>> + Connection connection = null; >>> + PreparedStatement prepStmt = null; >>> + ResultSet rs = null; >>> + try { >>> + connection = APIMgtDBUtil.getConnection(); >>> + prepStmt = >>> connection.prepareStatement(accessAllowDomainsSql); >>> + prepStmt.setString(1, accessToken); >>> + rs = prepStmt.executeQuery(); >>> + boolean first = true; >>> + while (rs.next()) { //if(rs.next==true) -> domain != null >>> + String domain = rs.getString(1); >>> + if (first) { >>> + authorizedDomains = domain; >>> + first = false; >>> + } else { >>> + authorizedDomains = authorizedDomains + ", " + >>> domain; >>> + } >>> + } >>> + prepStmt.close(); >>> + } catch (SQLException e) { >>> + throw new APIManagementException >>> + ("Error in retrieving access allowing domain list >>> from table.", e); >>> + } finally { >>> + APIMgtDBUtil.closeAllConnections(prepStmt, connection, rs); >>> + } >>> + return authorizedDomains; >>> + } >>> + >>> + public static String findConsumerKeyFromAccessToken(String >>> accessToken) >>> + throws APIManagementException { >>> + Connection connection = null; >>> + PreparedStatement smt = null; >>> + ResultSet rs = null; >>> + String authorizedDomain = null; >>> + >>> + String accessTokenStoreTable = >>> APIConstants.ACCESS_TOKEN_STORE_TABLE; >>> + if (APIUtil.checkAccessTokenPartitioningEnabled() && >>> + APIUtil.checkUserNameAssertionEnabled()) { >>> + accessTokenStoreTable = >>> APIUtil.getAccessTokenStoreTableFromAccessToken(accessToken); >>> + } >>> + try { >>> + String getConsumerKeySql = "SELECT CONSUMER_KEY FROM " + >>> accessTokenStoreTable + >>> + " WHERE ACCESS_TOKEN=?"; >>> + connection = APIMgtDBUtil.getConnection(); >>> + smt = connection.prepareStatement(getConsumerKeySql); >>> + smt.setString(1, accessToken); >>> + rs = smt.executeQuery(); >>> + while (rs.next()) { >>> + authorizedDomain = rs.getString(1); >>> + } >>> + } catch (SQLException e) { >>> + handleException("Error while getting authorized domians.", >>> e); >>> + } finally { >>> + APIMgtDBUtil.closeAllConnections(smt, connection, rs); >>> + } >>> + return authorizedDomain; >>> + } >>> + >>> private static class SubscriptionInfo { >>> private int subscriptionId; >>> private String tierId; >>> _______________________________________________ >>> Commits mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/commits >>> >> >> >> >> -- >> Thanks & Regards, >> Prabath >> >> Mobile : +94 71 809 6732 >> >> http://blog.facilelogin.com >> http://RampartFAQ.com >> > > > > -- > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com > http://RampartFAQ.com >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
