Replace hostname and port with placeholders of callback URLs.

Thisara-Welmilla · Nov 6, 2023 · 926e14f · 926e14f
1 parent b268df1
commit 926e14f
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 6 deletions.
diff --git a/...tion.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationConstants.java b/...tion.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationConstants.java
@@ -102,6 +102,8 @@ private ApplicationConstants() {
     // Console and My Account application names.
     public static final String CONSOLE_APPLICATION_NAME = "Console";
     public static final String MY_ACCOUNT_APPLICATION_NAME = "My Account";
+    public static final String MY_ACCOUNT_APP_PATH = "/myaccount";
+    public static final String CONSOLE_APP_PATH = "/console";
 
     /**
      * Group the constants related to logs.

diff --git a/...cation.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationMgtUtil.java b/...cation.mgt/src/main/java/org/wso2/carbon/identity/application/mgt/ApplicationMgtUtil.java
@@ -46,6 +46,9 @@
 import org.wso2.carbon.identity.application.mgt.internal.ApplicationManagementServiceComponentHolder;
 import org.wso2.carbon.identity.base.IdentityException;
 import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
+import org.wso2.carbon.identity.core.ServiceURL;
+import org.wso2.carbon.identity.core.ServiceURLBuilder;
+import org.wso2.carbon.identity.core.URLBuilderException;
 import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
 import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
@@ -69,10 +72,12 @@
 import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
 
+import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.CONSOLE_APP_PATH;
 import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.ENABLE_APPLICATION_ROLE_VALIDATION_PROPERTY;
 import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.LogConstants.APP_OWNER;
 import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.LogConstants.DISABLE_LEGACY_AUDIT_LOGS_IN_APP_MGT_CONFIG;
 import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.LogConstants.INBOUND_AUTHENTICATION_CONFIG;
+import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.MY_ACCOUNT_APP_PATH;
 import static org.wso2.carbon.user.core.constants.UserCoreErrorConstants.ErrorMessages.ERROR_CODE_ROLE_ALREADY_EXISTS;
 import static org.wso2.carbon.utils.CarbonUtils.isLegacyAuditLogsDisabled;
 
@@ -93,6 +98,7 @@ public class ApplicationMgtUtil {
     private static final int MAX_RETRY_ATTEMPTS = 3;
     private static final String DOMAIN_QUALIFIED_REGISTRY_SYSTEM_USERNAME =
             UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME + "/" + CarbonConstants.REGISTRY_SYSTEM_USERNAME;
+    private static final String ORIGIN_PLACEHOLDER = "<HOSTNAME>:<PORT>";
 
     private static Log log = LogFactory.getLog(ApplicationMgtUtil.class);
 
@@ -1026,4 +1032,42 @@ public static boolean isLegacyAuditLogsDisabledInAppMgt() {
         return Boolean.parseBoolean(System.getProperty(DISABLE_LEGACY_AUDIT_LOGS_IN_APP_MGT_CONFIG))
                 || isLegacyAuditLogsDisabled();
     }
+
+    /**
+     * This method use to replace the hostname and port with placeholders of URLs of console and myaccount.
+     *
+     * @param absoluteUrl     The absolute URL which need to be modified.
+     * @return The URL which origin replaced placeholders.
+     * @throws URLBuilderException If any error occurs when building absolute public url without path.
+     */
+    public static String replaceUrlOriginWithPlaceholders(String absoluteUrl) throws URLBuilderException {
+
+        if (absoluteUrl.contains(CONSOLE_APP_PATH) || absoluteUrl.contains(MY_ACCOUNT_APP_PATH)) {
+
+            ServiceURL serviceURL = ServiceURLBuilder.create().build();
+            String origin = serviceURL.getAbsolutePublicUrlWithoutPath().replace(serviceURL.getProtocol(), "");
+            absoluteUrl = absoluteUrl.replace(origin, ORIGIN_PLACEHOLDER);
+        }
+
+        return absoluteUrl;
+    }
+
+    /**
+     * This method use to replace placeholders with the hostname and port of URLs of console and myaccount.
+     *
+     * @param absoluteUrl     The URL which need to resolve from placeholders.
+     * @return The resolved URL from placeholders.
+     * @throws URLBuilderException If any error occurs when building absolute public url without path.
+     */
+    public static String resolveOriginUrlFromPlaceholders(String absoluteUrl) throws URLBuilderException {
+
+        if (absoluteUrl.contains(CONSOLE_APP_PATH) || absoluteUrl.contains(MY_ACCOUNT_APP_PATH)) {
+
+            ServiceURL serviceURL = ServiceURLBuilder.create().build();
+            String origin = serviceURL.getAbsolutePublicUrlWithoutPath().replace(serviceURL.getProtocol(), "");
+            absoluteUrl = absoluteUrl.replace(origin, ORIGIN_PLACEHOLDER);
+        }
+
+        return absoluteUrl;
+    }
 }
diff --git a/...t/src/main/java/org/wso2/carbon/identity/application/mgt/dao/impl/ApplicationDAOImpl.java b/...t/src/main/java/org/wso2/carbon/identity/application/mgt/dao/impl/ApplicationDAOImpl.java
@@ -77,6 +77,7 @@
 import org.wso2.carbon.identity.base.IdentityException;
 import org.wso2.carbon.identity.base.IdentityRuntimeException;
 import org.wso2.carbon.identity.core.CertificateRetrievingException;
+import org.wso2.carbon.identity.core.URLBuilderException;
 import org.wso2.carbon.identity.core.model.ExpressionNode;
 import org.wso2.carbon.identity.core.model.FilterData;
 import org.wso2.carbon.identity.core.model.FilterTreeBuilder;
@@ -397,7 +398,8 @@ private ApplicationCreateResult persistBasicApplicationInformation(Connection co
             storeAppPrepStmt.setString(9, "0");
             storeAppPrepStmt.setString(10, resourceId);
             storeAppPrepStmt.setString(11, application.getImageUrl());
-            storeAppPrepStmt.setString(12, application.getAccessUrl());
+            storeAppPrepStmt.setString(12,
+                    ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(application.getAccessUrl()));
             storeAppPrepStmt.execute();
 
             results = storeAppPrepStmt.getGeneratedKeys();
@@ -435,6 +437,9 @@ private ApplicationCreateResult persistBasicApplicationInformation(Connection co
             }
 
             return new ApplicationCreateResult(resourceId, applicationId);
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when replacing origin of the access URL with placeholders", e);
         } finally {
             IdentityApplicationManagementUtil.closeResultSet(results);
             IdentityApplicationManagementUtil.closeStatement(storeAppPrepStmt);
@@ -952,7 +957,8 @@ private void updateBasicApplicationData(ServiceProvider serviceProvider, Connect
             statement.setString(ApplicationTableColumns.IS_SAAS_APP, isSaasApp ? "1" : "0");
             statement.setString(ApplicationTableColumns.IS_DISCOVERABLE, isDiscoverable ? "1" : "0");
             statement.setString(ApplicationTableColumns.IMAGE_URL, serviceProvider.getImageUrl());
-            statement.setString(ApplicationTableColumns.ACCESS_URL, serviceProvider.getAccessUrl());
+            statement.setString(ApplicationTableColumns.ACCESS_URL,
+                    ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(serviceProvider.getAccessUrl()));
             if (isValidUserForOwnerUpdate) {
                 User owner = serviceProvider.getOwner();
                 statement.setString(ApplicationTableColumns.USERNAME, owner.getUserName());
@@ -962,6 +968,9 @@ private void updateBasicApplicationData(ServiceProvider serviceProvider, Connect
             statement.setInt(ApplicationTableColumns.ID, applicationId);
 
             statement.executeUpdate();
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when replacing origin of the access URL with placeholders", e);
         }
 
         if (log.isDebugEnabled()) {
@@ -1880,7 +1889,8 @@ private ServiceProvider getBasicApplicationData(String applicationName, Connecti
                 serviceProvider.setApplicationName(basicAppDataResultSet.getString(3));
                 serviceProvider.setDescription(basicAppDataResultSet.getString(6));
                 serviceProvider.setImageUrl(basicAppDataResultSet.getString(ApplicationTableColumns.IMAGE_URL));
-                serviceProvider.setAccessUrl(basicAppDataResultSet.getString(ApplicationTableColumns.ACCESS_URL));
+                serviceProvider.setAccessUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(
+                        basicAppDataResultSet.getString(ApplicationTableColumns.ACCESS_URL)));
                 serviceProvider.setDiscoverable(getBooleanValue(basicAppDataResultSet.getString(ApplicationTableColumns
                         .IS_DISCOVERABLE)));
 
@@ -1928,6 +1938,9 @@ private ServiceProvider getBasicApplicationData(String applicationName, Connecti
             }
 
             return serviceProvider;
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when resolving origin of the access URL with placeholders", e);
         } finally {
             IdentityApplicationManagementUtil.closeResultSet(basicAppDataResultSet);
             IdentityApplicationManagementUtil.closeStatement(loadBasicAppInfoStmt);
@@ -2336,7 +2349,8 @@ private ServiceProvider getBasicApplicationData(int appId, Connection connection
                 serviceProvider.setApplicationName(rs.getString(ApplicationTableColumns.APP_NAME));
                 serviceProvider.setDescription(rs.getString(ApplicationTableColumns.DESCRIPTION));
                 serviceProvider.setImageUrl(rs.getString(ApplicationTableColumns.IMAGE_URL));
-                serviceProvider.setAccessUrl(rs.getString(ApplicationTableColumns.ACCESS_URL));
+                serviceProvider.setAccessUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(
+                        rs.getString(ApplicationTableColumns.ACCESS_URL)));
                 serviceProvider.setDiscoverable(getBooleanValue(rs.getString(ApplicationTableColumns.IS_DISCOVERABLE)));
 
                 User owner = new User();
@@ -2386,6 +2400,9 @@ private ServiceProvider getBasicApplicationData(int appId, Connection connection
             }
 
             return serviceProvider;
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when resolving origin of the access URL with placeholders", e);
         } finally {
             IdentityApplicationManagementUtil.closeResultSet(rs);
             IdentityApplicationManagementUtil.closeStatement(prepStmt);
@@ -5618,7 +5635,14 @@ private ApplicationBasicInfo buildApplicationBasicInfo(ResultSet appNameResultSe
 
         basicInfo.setApplicationResourceId(appNameResultSet.getString(ApplicationTableColumns.UUID));
         basicInfo.setImageUrl(appNameResultSet.getString(ApplicationTableColumns.IMAGE_URL));
-        basicInfo.setAccessUrl(appNameResultSet.getString(ApplicationTableColumns.ACCESS_URL));
+
+        try {
+            basicInfo.setAccessUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(
+                    appNameResultSet.getString(ApplicationTableColumns.ACCESS_URL)));
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when resolving origin of the access URL with placeholders", e);
+        }
 
         String username = appNameResultSet.getString(ApplicationTableColumns.USERNAME);
         String userStoreDomain = appNameResultSet.getString(ApplicationTableColumns.USER_STORE);
@@ -5651,7 +5675,14 @@ private ApplicationBasicInfo buildApplicationBasicInfoWithInboundConfig(ResultSe
 
         basicInfo.setApplicationResourceId(appNameResultSet.getString(ApplicationTableColumns.UUID));
         basicInfo.setImageUrl(appNameResultSet.getString(ApplicationTableColumns.IMAGE_URL));
-        basicInfo.setAccessUrl(appNameResultSet.getString(ApplicationTableColumns.ACCESS_URL));
+
+        try {
+            basicInfo.setAccessUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(
+                    appNameResultSet.getString(ApplicationTableColumns.ACCESS_URL)));
+        } catch (URLBuilderException e) {
+            throw new IdentityApplicationManagementException(
+                    "Error occurred when resolving origin of the access URL with placeholders", e);
+        }
 
         String inboundAuthKey = appNameResultSet.getString(ApplicationInboundTableColumns.INBOUND_AUTH_KEY);
         String inboundAuthType = appNameResultSet.getString(ApplicationInboundTableColumns.INBOUND_AUTH_TYPE);