Add extensions for token persistence removal feature #2091
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dushaniw
changed the title
This was referenced Jun 8, 2023
|
PR builder started |
mpmadhavig
reviewed
Jun 15, 2023
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
mpmadhavig
reviewed
Jun 15, 2023
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
mpmadhavig
reviewed
Jun 15, 2023
...ity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/internal/OAuth2ServiceComponent.java
Show resolved
Hide resolved
mpmadhavig
reviewed
Jun 15, 2023
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
chamathns
reviewed
Jun 15, 2023
.../src/main/java/org/wso2/carbon/identity/oauth/tokenprocessor/RefreshTokenGrantProcessor.java
Show resolved
Hide resolved
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
|
PR builder completed |
jenkins-is-staging
approved these changes
Jun 15, 2023
There was a problem hiding this comment.
Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/5275323134
…auth-oauth into is6.2.0-m2
…auth-oauth into is6.2.0-m2
chamathns
reviewed
Sep 7, 2023
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
...in/java/org/wso2/carbon/identity/oauth/tokenprocessor/DefaultRefreshTokenGrantProcessor.java
Outdated
Show resolved
Hide resolved
chamathns
approved these changes
Sep 7, 2023
|
PR builder started |
|
PR builder completed |
jenkins-is-staging
approved these changes
Sep 7, 2023
There was a problem hiding this comment.
Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/6107073090
19 tasks
dushaniw
added a commit
to dushaniw/identity-inbound-auth-oauth
that referenced
this pull request
Jan 26, 2024
19 tasks
dushaniw
added a commit
to dushaniw/identity-inbound-auth-oauth
that referenced
this pull request
Jan 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes in this pull request
This PR is added as a part of removing token persistence efforts in wso2/api-manager#1664.
Provide external DAO layer plugin capability for AccessTokenDAO and TokenManagementDAO
Added a method to load external data access logic for AccessTokenDao and TokenManagementDao layers. With this change, APIM team hopes to plug a custom AccessTokenDAO and TokenManagementDAO implementation to support the mentioned feature.
Add abstraction layer for Revoke flow to separate token persistence operations
Added an abstraction layer to separate out the token dao layer access. This way, we could plug custom DAO access logic to facilitate the token persistence-related feature.
In this pr, an interface OAuth2RevocationProcessor.java is introduced and the existing implementation parts are moved to the default class DefaultOAuth2RevocationProcessor.java
Add abstraction layer for Refresh grant flow to separate token persistence operations
Added a method to plug custom logic for Refresh grant handler. Reason for introducing this is because the refresh token generated in this effort is a JWT token and we need to remove token validation steps that refer stored access tokens when generating access tokens from refresh grant. This PR introduced an interface RefreshTokenGrantProcessor.java and moved the default extracted logic from RefreshGrantHandler.java to DefaultRefreshTokenGrantProcessor.java. Custom implementation can be plugged in as a service by implementing RefreshTokenGrantProcessor.java interface. If no service is registered, default DefaultRefreshTokenGrantProcessor.java is applied.