From 12c09a08d6ccf8f324e6149d72aff6d9c9591f79 Mon Sep 17 00:00:00 2001 From: Sattvik Chakravarthy Date: Thu, 12 Sep 2024 12:08:14 +0530 Subject: [PATCH] fix: pr comments and refactor --- src/main/java/io/supertokens/oauth/OAuth.java | 8 -- .../java/io/supertokens/oauth/OAuthToken.java | 1 - .../CreateUpdateOrGetOAuthClientAPI.java | 75 ++++++++----------- .../OAuthAcceptAuthConsentRequestAPI.java | 9 +-- .../oauth/OAuthAcceptAuthLoginRequestAPI.java | 9 +-- .../OAuthAcceptAuthLogoutRequestAPI.java | 9 +-- .../webserver/api/oauth/OAuthAuthAPI.java | 36 +++++---- .../api/oauth/OAuthClientListAPI.java | 4 +- .../oauth/OAuthGetAuthConsentRequestAPI.java | 7 +- .../oauth/OAuthGetAuthLoginRequestAPI.java | 7 +- .../oauth/OAuthGetAuthLogoutRequestAPI.java | 7 +- .../webserver/api/oauth/OAuthProxyHelper.java | 54 ++----------- .../OAuthRejectAuthConsentRequestAPI.java | 9 +-- .../oauth/OAuthRejectAuthLoginRequestAPI.java | 6 +- .../OAuthRejectAuthLogoutRequestAPI.java | 6 +- .../webserver/api/oauth/OAuthTokenAPI.java | 20 +++-- .../api/oauth/OAuthTokenIntrospectAPI.java | 24 +++--- .../api/oauth/RemoveOAuthClientAPI.java | 4 +- 18 files changed, 103 insertions(+), 192 deletions(-) diff --git a/src/main/java/io/supertokens/oauth/OAuth.java b/src/main/java/io/supertokens/oauth/OAuth.java index ede17b745..18b9e8fea 100644 --- a/src/main/java/io/supertokens/oauth/OAuth.java +++ b/src/main/java/io/supertokens/oauth/OAuth.java @@ -27,7 +27,6 @@ import io.supertokens.featureflag.EE_FEATURES; import io.supertokens.featureflag.FeatureFlag; import io.supertokens.featureflag.exceptions.FeatureNotEnabledException; -import io.supertokens.jwt.JWTSigningFunctions; import io.supertokens.jwt.exceptions.UnsupportedJWTSigningAlgorithmException; import io.supertokens.oauth.exceptions.*; import io.supertokens.pluginInterface.Storage; @@ -35,16 +34,11 @@ import io.supertokens.pluginInterface.exceptions.InvalidConfigException; import io.supertokens.pluginInterface.exceptions.StorageQueryException; import io.supertokens.pluginInterface.exceptions.StorageTransactionLogicException; -import io.supertokens.pluginInterface.jwt.JWTSigningKeyInfo; import io.supertokens.pluginInterface.multitenancy.AppIdentifier; import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException; import io.supertokens.pluginInterface.oauth.OAuthStorage; import io.supertokens.pluginInterface.oauth.exceptions.OAuth2ClientAlreadyExistsForAppException; -import io.supertokens.session.accessToken.AccessToken; -import io.supertokens.session.jwt.JWT; import io.supertokens.session.jwt.JWT.JWTException; -import io.supertokens.signingkeys.JWTSigningKey; -import io.supertokens.signingkeys.SigningKeys; import io.supertokens.utils.Utils; import java.io.IOException; @@ -55,8 +49,6 @@ import java.util.Map.Entry; public class OAuth { - private static final String HYDRA_JWKS_PATH = "/.well-known/jwks.json"; - private static void checkForOauthFeature(AppIdentifier appIdentifier, Main main) throws StorageQueryException, TenantOrAppNotFoundException, FeatureNotEnabledException { EE_FEATURES[] features = FeatureFlag.getInstance(main, appIdentifier).getEnabledFeatures(); diff --git a/src/main/java/io/supertokens/oauth/OAuthToken.java b/src/main/java/io/supertokens/oauth/OAuthToken.java index 61d4db15c..ec4cd5e21 100644 --- a/src/main/java/io/supertokens/oauth/OAuthToken.java +++ b/src/main/java/io/supertokens/oauth/OAuthToken.java @@ -98,7 +98,6 @@ public static JsonObject getPayloadFromJWTToken(AppIdentifier appIdentifier, public static String reSignToken(AppIdentifier appIdentifier, Main main, String token, String iss, JsonObject payloadUpdate, TokenType tokenType, boolean useDynamicSigningKey, int retryCount) throws IOException, JWTException, InvalidKeyException, NoSuchAlgorithmException, StorageQueryException, StorageTransactionLogicException, UnsupportedJWTSigningAlgorithmException, TenantOrAppNotFoundException, InvalidKeySpecException, JWTCreationException { - // Load the JWKS from the specified URL JsonObject payload = JWT.getPayloadWithoutVerifying(token).payload; // move keys in ext to root diff --git a/src/main/java/io/supertokens/webserver/api/oauth/CreateUpdateOrGetOAuthClientAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/CreateUpdateOrGetOAuthClientAPI.java index 171fb388b..60fc8f956 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/CreateUpdateOrGetOAuthClientAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/CreateUpdateOrGetOAuthClientAPI.java @@ -17,8 +17,6 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Map; @@ -65,8 +63,8 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/clients/" + clientId, // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> new HashMap<>(), // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + new HashMap<>(), // getHeadersForProxy (statusCode, headers, rawBody, jsonBody) -> { // handleResponse this.sendJsonResponse(200, jsonBody, resp); } @@ -93,12 +91,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I "/admin/clients", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> { // getJsonBody - return input; - }, - () -> { // getHeadersForProxy - return new HashMap<>(); - }, + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse String clientId = jsonBody.getAsJsonObject().get("clientId").getAsString(); @@ -122,6 +116,31 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO JsonObject input = InputParser.parseJsonObjectOrThrowError(req); String clientId = InputParser.parseStringOrThrowError(input, "clientId", false); + // Apply existing client config on top of input + try { + Map queryParams = new HashMap<>(); + queryParams.put("client_id", clientId); + HttpRequest.Response response = OAuth.handleOAuthProxyGET( + main, + getAppIdentifier(req), + enforcePublicTenantAndGetPublicTenantStorage(req), + "/admin/clients/" + clientId, + true, queryParams, null); + + JsonObject existingConfig = response.jsonResponse.getAsJsonObject(); + existingConfig = OAuth.convertSnakeCaseToCamelCaseRecursively(existingConfig).getAsJsonObject(); + for (Map.Entry entry : existingConfig.entrySet()) { + String key = entry.getKey(); + if (!input.has(key)) { + input.add(key, entry.getValue()); + } + } + } catch (StorageQueryException | TenantOrAppNotFoundException | FeatureNotEnabledException | InvalidConfigException | BadPermissionException e) { + throw new ServletException(e); + } catch (OAuthClientNotFoundException | OAuthAPIException e) { + // ignore since the PUT API will throw one of this error later on + } + try { OAuthProxyHelper.proxyJsonPUT( main, req, resp, @@ -130,39 +149,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/clients/" + clientId, true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> { // getJsonBody - return new HashMap<>(); - }, - () -> { // getHeadersForProxy - try { - Map queryParams = new HashMap<>(); - queryParams.put("client_id", clientId); - HttpRequest.Response response = OAuth.handleOAuthProxyGET( - main, - getAppIdentifier(req), - enforcePublicTenantAndGetPublicTenantStorage(req), - "/admin/clients/" + clientId, - true, queryParams, null); - - JsonObject existingConfig = response.jsonResponse.getAsJsonObject(); - existingConfig = OAuth.convertSnakeCaseToCamelCaseRecursively(existingConfig).getAsJsonObject(); - for (Map.Entry entry : existingConfig.entrySet()) { - String key = entry.getKey(); - if (!input.has(key)) { - input.add(key, entry.getValue()); - } - } - } catch (StorageQueryException | TenantOrAppNotFoundException | FeatureNotEnabledException | InvalidConfigException | BadPermissionException e) { - throw new ServletException(e); - } catch (OAuthClientNotFoundException | OAuthAPIException e) { - // ignore since the PUT API will throw one of this error later on - } - - return input; - }, - () -> { // getHeadersForProxy - return new HashMap<>(); - }, + new HashMap<>(), // queryParams + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse this.sendJsonResponse(200, jsonBody, resp); } diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthConsentRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthConsentRequestAPI.java index 17cdb45c1..9532543ae 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthConsentRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthConsentRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -41,9 +38,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/consent/accept", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, // getJsonBody - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLoginRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLoginRequestAPI.java index ac76dd2f0..3dfd9a07a 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLoginRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLoginRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -41,9 +38,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/login/accept", true, true, - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, - HashMap::new, + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLogoutRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLogoutRequestAPI.java index ec6586d2d..0a93ad6c7 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLogoutRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAcceptAuthLogoutRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -41,9 +38,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/logout/accept", true, true, - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, - HashMap::new, + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, + new HashMap<>(), (statusCode, headers, rawBody, jsonBody) -> { JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAuthAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAuthAPI.java index 6bf9c8a33..0eb2df1e5 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthAuthAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthAuthAPI.java @@ -52,6 +52,17 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I JsonObject params = InputParser.parseJsonObjectOrThrowError(input, "params", false); String cookies = InputParser.parseStringOrThrowError(input, "cookies", true); + Map queryParams = params.entrySet().stream().collect(Collectors.toMap( + Map.Entry::getKey, + e -> e.getValue().getAsString() + )); + + Map headers = new HashMap<>(); + + if (cookies != null) { + headers.put("Cookie", cookies); + } + try { OAuthProxyHelper.proxyGET( main, req, resp, @@ -60,28 +71,15 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I "/oauth2/auth", // proxyPath false, // proxyToAdmin false, // camelToSnakeCaseConversion - () -> { // getQueryParamsForProxy - return params.entrySet().stream().collect(Collectors.toMap( - Map.Entry::getKey, - e -> e.getValue().getAsString() - )); - }, - () -> { // getHeadersForProxy - Map headers = new HashMap<>(); - - if (cookies != null) { - headers.put("Cookie", cookies); - } - - return headers; - }, - (statusCode, headers, rawBody, jsonBody) -> { // handleResponse - if (headers == null || !headers.containsKey("Location")) { + queryParams, + headers, + (statusCode, responseHeaders, rawBody, jsonBody) -> { // handleResponse + if (headers == null || !responseHeaders.containsKey("Location")) { throw new IllegalStateException("Invalid response from hydra"); } - String redirectTo = headers.get("Location").get(0); - List responseCookies = headers.get("Set-Cookie"); + String redirectTo = responseHeaders.get("Location").get(0); + List responseCookies = responseHeaders.get("Set-Cookie"); JsonObject response = new JsonObject(); response.addProperty("redirectTo", redirectTo); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthClientListAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthClientListAPI.java index 9fbdd8085..d9fc6a46f 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthClientListAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthClientListAPI.java @@ -42,8 +42,8 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/clients", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - HashMap::new, // getQueryParamsForProxy - HashMap::new, // getHeadersForProxy + new HashMap<>(), // queryParams + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = new JsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthConsentRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthConsentRequestAPI.java index 371a0f0b1..0c1b7f632 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthConsentRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthConsentRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -38,8 +35,8 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/consent", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLoginRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLoginRequestAPI.java index 0c848d7ca..9cadc4708 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLoginRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLoginRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -38,8 +35,8 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/login", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLogoutRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLogoutRequestAPI.java index 3afa294d7..0349bbce4 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLogoutRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthGetAuthLogoutRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -38,8 +35,8 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/logout", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthProxyHelper.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthProxyHelper.java index 4d67fc97d..dff334f77 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthProxyHelper.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthProxyHelper.java @@ -32,16 +32,12 @@ public class OAuthProxyHelper { public static void proxyGET(Main main, HttpServletRequest req, HttpServletResponse resp, AppIdentifier appIdentifier, Storage storage, String path, boolean proxyToAdmin, boolean camelToSnakeCaseConversion, - GetQueryParamsForProxy getQueryParamsForProxy, GetHeadersForProxy getHeadersForProxy, + Map queryParams, Map headers, HandleResponse handleResponse) throws IOException, ServletException { - Map queryParams = getQueryParamsForProxy.apply(); - if (camelToSnakeCaseConversion) { queryParams = OAuth.convertCamelToSnakeCase(queryParams); } - Map headers = getHeadersForProxy.apply(); - try { HttpRequest.Response response = OAuth.handleOAuthProxyGET(main, appIdentifier, storage, path, proxyToAdmin, queryParams, headers); @@ -67,16 +63,12 @@ public static void proxyGET(Main main, HttpServletRequest req, HttpServletRespon public static void proxyFormPOST(Main main, HttpServletRequest req, HttpServletResponse resp, AppIdentifier appIdentifier, Storage storage, String path, boolean proxyToAdmin, boolean camelToSnakeCaseConversion, - GetFormFieldsForProxy getFormFieldsForProxy, GetHeadersForProxy getHeadersForProxy, + Map formFields, Map headers, HandleResponse handleResponse) throws IOException, ServletException { - Map formFields = getFormFieldsForProxy.apply(); - if (camelToSnakeCaseConversion) { formFields = OAuth.convertCamelToSnakeCase(formFields); } - Map headers = getHeadersForProxy.apply(); - try { HttpRequest.Response response = OAuth.handleOAuthProxyFormPOST(main, appIdentifier, storage, path, proxyToAdmin, formFields, headers); @@ -102,16 +94,12 @@ public static void proxyFormPOST(Main main, HttpServletRequest req, HttpServletR public static void proxyJsonPOST(Main main, HttpServletRequest req, HttpServletResponse resp, AppIdentifier appIdentifier, Storage storage, String path, boolean proxyToAdmin, boolean camelToSnakeCaseConversion, - GetJsonBody getJsonBody, GetHeadersForProxy getHeadersForProxy, + JsonObject jsonInput, Map headers, HandleResponse handleResponse) throws IOException, ServletException { - JsonObject jsonInput = getJsonBody.apply(); - if (camelToSnakeCaseConversion) { jsonInput = OAuth.convertCamelToSnakeCase(jsonInput); } - Map headers = getHeadersForProxy.apply(); - try { HttpRequest.Response response = OAuth.handleOAuthProxyJsonPOST(main, appIdentifier, storage, path, proxyToAdmin, jsonInput, headers); @@ -137,22 +125,16 @@ public static void proxyJsonPOST(Main main, HttpServletRequest req, HttpServletR public static void proxyJsonPUT(Main main, HttpServletRequest req, HttpServletResponse resp, AppIdentifier appIdentifier, Storage storage, String path, boolean proxyToAdmin, boolean camelToSnakeCaseConversion, - GetQueryParamsForProxy getQueryParamsForProxy, GetJsonBody getJsonBodyForProxyPUT, - GetHeadersForProxy getHeadersForProxy, HandleResponse handleResponse) throws IOException, ServletException { - Map queryParams = getQueryParamsForProxy.apply(); - + Map queryParams, JsonObject jsonInput, + Map headers, HandleResponse handleResponse) throws IOException, ServletException { if (camelToSnakeCaseConversion) { queryParams = OAuth.convertCamelToSnakeCase(queryParams); } - JsonObject jsonInput = getJsonBodyForProxyPUT.apply(); - if (camelToSnakeCaseConversion) { jsonInput = OAuth.convertCamelToSnakeCase(jsonInput); } - Map headers = getHeadersForProxy.apply(); - try { HttpRequest.Response response = OAuth.handleOAuthProxyJsonPUT(main, appIdentifier, storage, path, queryParams, proxyToAdmin, jsonInput, headers); @@ -178,16 +160,12 @@ public static void proxyJsonPUT(Main main, HttpServletRequest req, HttpServletRe public static void proxyJsonDELETE(Main main, HttpServletRequest req, HttpServletResponse resp, AppIdentifier appIdentifier, Storage storage, String path, boolean proxyToAdmin, boolean camelToSnakeCaseConversion, - GetJsonBody getJsonBodyForProxyDELETE, GetHeadersForProxy getHeadersForProxy, + JsonObject jsonInput, Map headers, HandleResponse handleResponse) throws IOException, ServletException { - JsonObject jsonInput = getJsonBodyForProxyDELETE.apply(); - if (camelToSnakeCaseConversion) { jsonInput = OAuth.convertCamelToSnakeCase(jsonInput); } - Map headers = getHeadersForProxy.apply(); - try { HttpRequest.Response response = OAuth.handleOAuthProxyJsonDELETE(main, appIdentifier, storage, path, proxyToAdmin, jsonInput, headers); @@ -228,26 +206,6 @@ public static Map defaultGetQueryParamsFromRequest(HttpServletRe return queryParams; } - @FunctionalInterface - public interface GetQueryParamsForProxy { - Map apply() throws IOException, ServletException; - } - - @FunctionalInterface - public interface GetFormFieldsForProxy { - Map apply() throws IOException, ServletException; - } - - @FunctionalInterface - public interface GetJsonBody { - JsonObject apply() throws IOException, ServletException; - } - - @FunctionalInterface - public interface GetHeadersForProxy { - Map apply() throws IOException, ServletException; - } - @FunctionalInterface public interface HandleResponse { void apply(int statusCode, Map> headers, String rawBody, JsonElement jsonBody) throws IOException, ServletException; diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthConsentRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthConsentRequestAPI.java index ddbd04797..816229714 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthConsentRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthConsentRequestAPI.java @@ -1,10 +1,7 @@ package io.supertokens.webserver.api.oauth; import java.io.IOException; -import java.net.URLDecoder; -import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.Map; import com.google.gson.JsonObject; @@ -41,9 +38,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/consent/reject", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, // getJsonBody - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, // getJsonBody + new HashMap<>(), // getHeadersForProxy (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLoginRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLoginRequestAPI.java index 4497e5395..aff51a895 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLoginRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLoginRequestAPI.java @@ -39,9 +39,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/login/reject", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, // getJsonBody - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLogoutRequestAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLogoutRequestAPI.java index 326799e03..41311b9d4 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLogoutRequestAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthRejectAuthLogoutRequestAPI.java @@ -38,9 +38,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO "/admin/oauth2/auth/requests/logout/reject", // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), - () -> input, // getJsonBody - HashMap::new, // getHeadersForProxy + OAuthProxyHelper.defaultGetQueryParamsFromRequest(req), + input, // jsonBody + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject response = jsonBody.getAsJsonObject(); response.addProperty("status", "OK"); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java index 41cd057af..23ee2ead5 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java @@ -62,6 +62,11 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I Boolean useStaticKeyInput = InputParser.parseBooleanOrThrowError(input, "useStaticSigningKey", true); + Map formFields = new HashMap<>(); + for (Map.Entry entry : bodyFromSDK.entrySet()) { + formFields.put(entry.getKey(), entry.getValue().getAsString()); + } + try { OAuthProxyHelper.proxyFormPOST( main, req, resp, @@ -70,15 +75,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I "/oauth2/token", // proxyPath false, // proxyToAdmin false, // camelToSnakeCaseConversion - () -> { - Map formFields = new HashMap<>(); - for (Map.Entry entry : bodyFromSDK.entrySet()) { - formFields.put(entry.getKey(), entry.getValue().getAsString()); - } - - return formFields; - }, - HashMap::new, + formFields, + new HashMap<>(), // headers (statusCode, headers, rawBody, jsonBody) -> { if (jsonBody == null) { throw new IllegalStateException("unexpected response from hydra"); @@ -88,8 +86,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I AppIdentifier appIdentifier = getAppIdentifier(req); Storage storage = enforcePublicTenantAndGetPublicTenantStorage(req); - JsonObject accessTokenUpdate = InputParser.parseJsonObjectOrThrowError(bodyFromSDK, "access_token", true); - JsonObject idTokenUpdate = InputParser.parseJsonObjectOrThrowError(bodyFromSDK, "id_token", true); + JsonObject accessTokenUpdate = InputParser.parseJsonObjectOrThrowError(input, "access_token", true); + JsonObject idTokenUpdate = InputParser.parseJsonObjectOrThrowError(input, "id_token", true); // useStaticKeyInput defaults to true, so we check if it has been explicitly set to false boolean useDynamicKey = Boolean.FALSE.equals(useStaticKeyInput); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenIntrospectAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenIntrospectAPI.java index 77a54f46b..60c9b80fa 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenIntrospectAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenIntrospectAPI.java @@ -56,24 +56,22 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I if (token.startsWith("st_rt_")) { String iss = InputParser.parseStringOrThrowError(input, "iss", false); + Map formFields = new HashMap<>(); + for (Map.Entry entry : input.entrySet()) { + formFields.put(entry.getKey(), entry.getValue().getAsString()); + } + try { OAuthProxyHelper.proxyFormPOST( main, req, resp, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req), - "/admin/oauth2/introspect", - true, - false, - () -> { - Map formFields = new HashMap<>(); - for (Map.Entry entry : input.entrySet()) { - formFields.put(entry.getKey(), entry.getValue().getAsString()); - } - - return formFields; - }, - HashMap::new, - (statusCode, headers, rawBody, jsonBody) -> { + "/admin/oauth2/introspect", // pathProxy + true, // proxyToAdmin + false, // camelToSnakeCaseConversion + formFields, + new HashMap<>(), // getHeaders + (statusCode, headers, rawBody, jsonBody) -> { // handleResponse JsonObject jsonObject = jsonBody.getAsJsonObject(); jsonObject.addProperty("iss", iss); diff --git a/src/main/java/io/supertokens/webserver/api/oauth/RemoveOAuthClientAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/RemoveOAuthClientAPI.java index 9692574e2..42c2fcea9 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/RemoveOAuthClientAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/RemoveOAuthClientAPI.java @@ -58,8 +58,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I "/admin/clients/" + clientId, // proxyPath true, // proxyToAdmin true, // camelToSnakeCaseConversion - () -> new JsonObject(), // getJsonBody - HashMap::new, // getHeadersForProxy + new JsonObject(), // getJsonBody + new HashMap<>(), // getHeadersForProxy (statusCode, headers, rawBody, jsonBody) -> { // handleResponse try { OAuth.removeClientId(main, getAppIdentifier(req), enforcePublicTenantAndGetPublicTenantStorage(req), clientId);