-
Notifications
You must be signed in to change notification settings - Fork 368
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix the issue https://github.com/wso2/product-is/issues/21192 #2587
base: master
Are you sure you want to change the base?
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -35,6 +35,9 @@ | |
import java.sql.Timestamp; | ||
import java.util.Date; | ||
|
||
import static org.wso2.carbon.identity.oauth2.device.constants.Constants.PENDING; | ||
Thumimku marked this conversation as resolved.
Show resolved
Hide resolved
|
||
import static org.wso2.carbon.identity.oauth2.device.constants.Constants.SLOW_DOWN; | ||
|
||
/** | ||
* Device flow grant type for Identity Server. | ||
*/ | ||
|
@@ -47,11 +50,11 @@ public boolean validateGrant(OAuthTokenReqMessageContext oAuthTokenReqMessageCon | |
IdentityOAuth2Exception { | ||
|
||
super.validateGrant(oAuthTokenReqMessageContext); | ||
boolean authStatus = false; | ||
RequestParameter[] parameters = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getRequestParameters(); | ||
String deviceCode = null; | ||
String clientId = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId(); | ||
String deviceStatus; | ||
DeviceFlowDO deviceFlowDO = null; | ||
|
||
for (RequestParameter parameter : parameters) { | ||
if (Constants.DEVICE_CODE.equals(parameter.getKey()) && StringUtils.isNotBlank(parameter.getValue()[0])) { | ||
|
@@ -64,32 +67,56 @@ public boolean validateGrant(OAuthTokenReqMessageContext oAuthTokenReqMessageCon | |
log.debug("Getting ready to release token for device_code: " + deviceCode); | ||
} | ||
|
||
DeviceFlowDO deviceFlowDO = DeviceFlowPersistenceFactory.getInstance().getDeviceFlowDAO() | ||
.getAuthenticationDetails(deviceCode, clientId); | ||
Date date = new Date(); | ||
deviceStatus = deviceFlowDO.getStatus(); | ||
deviceFlowDO.setDeviceCode(deviceCode); | ||
if (Constants.NOT_EXIST.equals(deviceStatus)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.INVALID_REQUEST, DeviceErrorCodes.INVALID_REQUEST); | ||
try { | ||
deviceFlowDO = DeviceFlowPersistenceFactory.getInstance().getDeviceFlowDAO() | ||
.getAuthenticationDetails(deviceCode, clientId); | ||
deviceStatus = deviceFlowDO.getStatus(); | ||
deviceFlowDO.setDeviceCode(deviceCode); | ||
setLastPollTime(deviceCode); | ||
} catch (IdentityOAuth2Exception e) { | ||
deviceStatus = e.getMessage(); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. we don't need this line right? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As we need to pass it here, https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/2587/files#diff-04c8d9d96bce4315cd10faf6cee77e67804ef26f765ac63eda3f36ab5767b945R80 we need to specify here. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this catch block don't get execute after line 76, cause |
||
setLastPollTime(deviceCode); | ||
handleInvalidRequests(deviceStatus); | ||
} | ||
|
||
handleInvalidRequests(deviceStatus, deviceFlowDO); | ||
if (Constants.AUTHORIZED.equals(deviceStatus)) { | ||
DeviceFlowPersistenceFactory.getInstance().getDeviceFlowDAO().setDeviceCodeExpired(deviceCode, | ||
Constants.EXPIRED); | ||
setPropertiesForTokenGeneration(oAuthTokenReqMessageContext, deviceFlowDO); | ||
} | ||
return true; | ||
Thumimku marked this conversation as resolved.
Show resolved
Hide resolved
|
||
} | ||
|
||
private void setLastPollTime(String deviceCode) | ||
throws IdentityOAuth2Exception { | ||
|
||
Date date = new Date(); | ||
Timestamp newPollTime = new Timestamp(date.getTime()); | ||
DeviceFlowPersistenceFactory.getInstance().getDeviceFlowDAO().setLastPollTime(deviceCode, newPollTime); | ||
if (!isWithinValidPollInterval(newPollTime, deviceFlowDO)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.SubDeviceErrorCodes.SLOW_DOWN, | ||
DeviceErrorCodes.SubDeviceErrorCodesDescriptions.SLOW_DOWN); | ||
} | ||
|
||
private void handleInvalidRequests(String deviceStatus, DeviceFlowDO deviceFlowDO) | ||
throws IdentityOAuth2Exception { | ||
|
||
Date date = new Date(); | ||
if (Constants.NOT_EXIST.equals(deviceStatus)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.INVALID_REQUEST, DeviceErrorCodes.INVALID_REQUEST); | ||
} else if (Constants.EXPIRED.equals(deviceStatus) || isExpiredDeviceCode(deviceFlowDO, date)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.SubDeviceErrorCodes.EXPIRED_TOKEN, | ||
DeviceErrorCodes.SubDeviceErrorCodesDescriptions.EXPIRED_TOKEN); | ||
} else if (Constants.AUTHORIZED.equals(deviceStatus)) { | ||
authStatus = true; | ||
DeviceFlowPersistenceFactory.getInstance().getDeviceFlowDAO().setDeviceCodeExpired(deviceCode, | ||
Constants.EXPIRED); | ||
setPropertiesForTokenGeneration(oAuthTokenReqMessageContext, deviceFlowDO); | ||
} else if (Constants.USED.equals(deviceStatus) || Constants.PENDING.equals(deviceStatus)) { | ||
} | ||
} | ||
|
||
private void handleInvalidRequests(String deviceStatus) throws IdentityOAuth2Exception { | ||
|
||
if (PENDING.equals(deviceStatus)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.SubDeviceErrorCodes.AUTHORIZATION_PENDING, | ||
DeviceErrorCodes.SubDeviceErrorCodesDescriptions.AUTHORIZATION_PENDING); | ||
} else if (SLOW_DOWN.equals(deviceStatus)) { | ||
throw new IdentityOAuth2Exception(DeviceErrorCodes.SubDeviceErrorCodes.SLOW_DOWN, | ||
DeviceErrorCodes.SubDeviceErrorCodesDescriptions.SLOW_DOWN); | ||
} | ||
return authStatus; | ||
} | ||
|
||
/** | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We already imported
in line 36.
We don't need to import this static constant, we can directly use
Constants.SLOW_DOWN