Merge pull request #2175 from Shenali-SJ/test-oauth-response

Update oauth endpoint request with t, ut and sp
wso2-extensions · Oct 4, 2023 · 8b7f6da · 8b7f6da
2 parents 0dd6ea4 + b227050
commit 8b7f6da
Showing 1 changed file with 32 additions and 4 deletions.
diff --git a/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java b/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java
@@ -240,6 +240,9 @@ public class OAuth2AuthzEndpoint {
 
     private static final String PARAMETERS = "params";
     private static final String FORM_POST_REDIRECT_URI = "redirectURI";
+    private static final String SERVICE_PROVIDER = "serviceProvider";
+    private static final String TENANT_DOMAIN = "tenantDomain";
+    private static final String USER_TENANT_DOMAIN = "userTenantDomain";
     private static final String AUTHENTICATION_ENDPOINT = "/authenticationendpoint";
     private static final String OAUTH_RESPONSE_JSP_PAGE = "/oauth_response.jsp";
 
@@ -652,7 +655,7 @@ private Response handleResponseFromConsent(OAuthMessage oAuthMessage) throws OAu
             handleUserConsent(oAuthMessage, consent, sessionState, oauth2Params, authorizationResponseDTO);
 
             if (isFormPostWithoutErrors(oAuthMessage, authorizationResponseDTO)) {
-                handleFormPostResponseMode(oAuthMessage, sessionState, authorizationResponseDTO);
+                handleFormPostResponseMode(oAuthMessage, sessionState, authorizationResponseDTO, null);
                 if (authorizationResponseDTO.getIsForwardToOAuthResponseJSP()) {
                     return Response.ok().build();
                 }
@@ -945,7 +948,8 @@ private void manageOIDCSessionState(OAuthMessage oAuthMessage, OIDCSessionState
 
     private void handleFormPostResponseMode(OAuthMessage oAuthMessage,
                                             OIDCSessionState sessionState,
-                                            AuthorizationResponseDTO authorizationResponseDTO) {
+                                            AuthorizationResponseDTO authorizationResponseDTO,
+                                            AuthenticatedUser authenticatedUser) {
 
         String authenticatedIdPs = oAuthMessage.getSessionDataCacheEntry().getAuthenticatedIdPs();
         OAuth2Parameters oauth2Params = getOauth2Params(oAuthMessage);
@@ -964,7 +968,12 @@ sessionState, oauth2Params, getLoggedInUser(oAuthMessage).getAuthenticatedSubjec
             String params = buildParams(authorizationResponseDTO.getSuccessResponseDTO().getFormPostBody(),
                     authenticatedIdPs, sessionStateValue);
             String redirectURI = oauth2Params.getRedirectURI();
-            forwardToOauthResponseJSP(oAuthMessage, params, redirectURI);
+            if (authenticatedUser != null) {
+                forwardToOauthResponseJSP(oAuthMessage, params, redirectURI, authorizationResponseDTO,
+                        authenticatedUser);
+            } else {
+                forwardToOauthResponseJSP(oAuthMessage, params, redirectURI);
+            }
             authorizationResponseDTO.setIsForwardToOAuthResponseJSP(true);
         } else {
             authorizationResponseDTO.setAuthenticatedIDPs(authenticatedIdPs);
@@ -1167,7 +1176,7 @@ private Response handleSuccessfulAuthentication(OAuthMessage oAuthMessage, OAuth
 
         if (!authorizationResponseDTO.getIsConsentRedirect()) {
             if (isFormPostWithoutErrors(oAuthMessage, authorizationResponseDTO)) {
-                handleFormPostResponseMode(oAuthMessage, sessionState, authorizationResponseDTO);
+                handleFormPostResponseMode(oAuthMessage, sessionState, authorizationResponseDTO, authenticatedUser);
                 if (authorizationResponseDTO.getIsForwardToOAuthResponseJSP()) {
                     return Response.ok().build();
                 }
@@ -4135,6 +4144,25 @@ private Response forwardToOauthResponseJSP(OAuthMessage oAuthMessage, String par
         }
     }
 
+    private Response forwardToOauthResponseJSP(OAuthMessage oAuthMessage, String params, String redirectURI,
+                                               AuthorizationResponseDTO authorizationResponseDTO,
+                                               AuthenticatedUser authenticatedUser) {
+        try {
+            HttpServletRequest request = oAuthMessage.getRequest();
+            request.setAttribute(USER_TENANT_DOMAIN, authenticatedUser.getTenantDomain());
+            request.setAttribute(TENANT_DOMAIN, authorizationResponseDTO.getSigningTenantDomain());
+            request.setAttribute(SERVICE_PROVIDER, getServiceProvider(authorizationResponseDTO.getClientId()));
+            forwardToOauthResponseJSP(oAuthMessage, params, redirectURI);
+            return Response.ok().build();
+        } catch (OAuthSystemException exception) {
+            log.error("Error occurred while setting service provider in the request to oauth_response.jsp page.",
+                    exception);
+            return Response.status(HttpServletResponse.SC_INTERNAL_SERVER_ERROR)
+                       .entity("Internal Server Error: " + exception.getMessage())
+                       .build();
+        }
+    }
+
     private boolean isPromptSelectAccount(OAuth2Parameters oauth2Params) {
 
         return OAuthConstants.Prompt.SELECT_ACCOUNT.equals(oauth2Params.getPrompt());