Merge pull request #3595 from mevan-karu/pat_impl_choreo

Fix minor issues in PAT flow
wso2 · Oct 2, 2024 · e46b688 · e46b688
2 parents ee0448f + efa1a69
commit e46b688
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 7 deletions.
diff --git a/adapter/config/types.go b/adapter/config/types.go
@@ -328,8 +328,8 @@ type upstreamCircuitBreaker struct {
 type security struct {
 	TokenService []tokenService
 	AuthHeader   authHeader
-	APIKeyConfig apiKeyConfig
-	PATConfig    patConfig
+	APIKeyConfig apiKeyConfig `toml:"apiKeyConfig"`
+	PATConfig    patConfig    `toml:"patConfig"`
 }
 
 type authService struct {
@@ -500,7 +500,7 @@ type authHeader struct {
 }
 
 type apiKeyConfig struct {
-	OAuthAgentURL string
+	OAuthAgentURL string `toml:"oauthAgentURL"`
 }
 
 type patConfig struct {

diff --git a/...ent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java b/...ent/enforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/APIKeyUtils.java
@@ -97,10 +97,10 @@ public static String generateAPIKeyHash(String apiKey) {
     /**
      * This function exchanges a given API key to an JWT token.
      *
-     * @param keyHash    Key hash
-     * @return          JWT corresponding to given key hash.
+     * @param pat    PAT
+     * @return JWT corresponding to given PAT.
      */
-    public static Optional<String> exchangeAPIKeyToJWT(String keyHash) {
+    public static Optional<String> exchangePATToJWT(String pat) {
 
         URL url = null;
         try {
@@ -115,6 +115,7 @@ public static Optional<String> exchangeAPIKeyToJWT(String keyHash) {
             // Create a request to exchange API key to JWT.
             HttpPost exchangeRequest = new HttpPost(url.toURI());
             exchangeRequest.addHeader("Content-Type", ContentType.APPLICATION_JSON.toString());
+            String keyHash = generateAPIKeyHash(pat);
             exchangeRequest.setEntity(new StringEntity(createPATExchangeRequest(keyHash)));
             try (CloseableHttpResponse response = httpClient.execute(exchangeRequest)) {
                 if (response.getStatusLine().getStatusCode() == 200) {

diff --git a/...nforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java b/...nforcer/src/main/java/org/wso2/choreo/connect/enforcer/security/jwt/JWTAuthenticator.java
@@ -820,7 +820,7 @@ private String exchangeJWTForPAT(String pat) throws APISecurityException {
             }
             return (String) cachedJWT;
         }
-        Optional<String> jwt = APIKeyUtils.exchangeAPIKeyToJWT(pat);
+        Optional<String> jwt = APIKeyUtils.exchangePATToJWT(pat);
         if (jwt.isEmpty()) {
             throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(),
                     APISecurityConstants.API_AUTH_INVALID_CREDENTIALS,