Skip to content

Commit

Permalink
Read Pvt Key JWT value from consumer app.
Browse files Browse the repository at this point in the history
  • Loading branch information
mpmadhavig committed Jun 18, 2024
1 parent 0f79202 commit c8d0067
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@

import static org.apache.commons.lang.StringUtils.isEmpty;
import static org.apache.commons.lang.StringUtils.isNotEmpty;
import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE;
import static org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt.Constants.AUDIENCE_CLAIM;
import static org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt.Constants.DEFAULT_ENABLE_JTI_CACHE;
import static org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt.Constants.DEFAULT_AUDIENCE;
Expand Down Expand Up @@ -69,7 +70,7 @@ public class PrivateKeyJWTClientAuthenticator extends AbstractOAuthClientAuthent
private JWTValidator jwtValidator;

private int rejectBeforePeriod = DEFAULT_VALIDITY_PERIOD_IN_MINUTES;
private boolean preventTokenReuse = true;
private boolean preventTokenReuse = DEFAULT_VALUE_FOR_PREVENT_TOKEN_REUSE;
private String tokenEPAlias = DEFAULT_AUDIENCE;

public PrivateKeyJWTClientAuthenticator() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -198,9 +198,7 @@ public boolean isValidAssertion(SignedJWT signedJWT) throws OAuthClientAuthnExce
consumerKey, OAuth2ErrorCodes.SERVER_ERROR);
}

preventTokenReuse = !JWTServiceDataHolder.getInstance()
.getPrivateKeyJWTAuthenticationConfigurationDAO()
.getPrivateKeyJWTClientAuthenticationConfigurationByTenantDomain(tenantDomain).isEnableTokenReuse();
preventTokenReuse = !oAuthAppDO.isTokenEndpointAllowReusePvtKeyJwt();

//Validate signature validation, audience, nbf,exp time, jti.
if (!validateAudience(acceptedAudienceList, audience)
Expand All @@ -217,7 +215,7 @@ public boolean isValidAssertion(SignedJWT signedJWT) throws OAuthClientAuthnExce

} catch (IdentityOAuth2Exception e) {
return logAndThrowException(e.getMessage(), e.getErrorCode());
} catch (UserStoreException | JWTClientAuthenticatorServiceServerException e) {
} catch (UserStoreException e) {
return logAndThrowException(e.getMessage());
}
}
Expand Down

0 comments on commit c8d0067

Please sign in to comment.