diff --git a/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/listener/OauthDPoPInterceptorHandlerProxy.java b/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/listener/OauthDPoPInterceptorHandlerProxy.java index 46f59add..8fddda54 100644 --- a/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/listener/OauthDPoPInterceptorHandlerProxy.java +++ b/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/listener/OauthDPoPInterceptorHandlerProxy.java @@ -174,10 +174,13 @@ public void onPostTokenRenewal(OAuth2AccessTokenReqDTO tokenReqDTO, OAuth2Access } - private void setDPoPTokenType(OAuthTokenReqMessageContext tokReqMsgCtx,OAuth2AccessTokenRespDTO tokenRespDTO){ + private void setDPoPTokenType(OAuthTokenReqMessageContext tokReqMsgCtx, OAuth2AccessTokenRespDTO tokenRespDTO) { + if (tokReqMsgCtx.getTokenBinding() != null && DPoPConstants.DPOP_TOKEN_TYPE.equals(tokReqMsgCtx.getTokenBinding().getBindingType())) { - tokenRespDTO.setTokenType(DPoPConstants.DPOP_TOKEN_TYPE); + if (tokenRespDTO != null) { + tokenRespDTO.setTokenType(DPoPConstants.DPOP_TOKEN_TYPE); + } } } } diff --git a/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/token/binder/DPoPBasedTokenBinder.java b/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/token/binder/DPoPBasedTokenBinder.java index 9efe090f..8a8e2770 100644 --- a/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/token/binder/DPoPBasedTokenBinder.java +++ b/component/org.wso2.carbon.identity.dpop/src/main/java/org/wso2/carbon/identity/dpop/token/binder/DPoPBasedTokenBinder.java @@ -27,19 +27,22 @@ import org.wso2.carbon.identity.dpop.internal.DPoPDataHolder; import org.wso2.carbon.identity.dpop.util.Utils; import org.wso2.carbon.identity.dpop.validators.DPoPHeaderValidator; -import org.wso2.carbon.identity.oauth.common.OAuthConstants.GrantTypes; +import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; import org.wso2.carbon.identity.oauth2.model.HttpRequestHeader; import org.wso2.carbon.identity.oauth2.token.bindings.TokenBinding; import org.wso2.carbon.identity.oauth2.token.bindings.impl.AbstractTokenBinder; +import org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler; import org.wso2.carbon.identity.oauth2.util.OAuth2Util; import java.text.ParseException; -import java.util.Arrays; +import java.util.ArrayList; import java.util.Collections; import java.util.List; +import java.util.Map; import java.util.Optional; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -50,8 +53,8 @@ public class DPoPBasedTokenBinder extends AbstractTokenBinder { private static final String BINDING_TYPE = "DPoP"; private static final Log log = LogFactory.getLog(DPoPBasedTokenBinder.class); - private final List supportedGrantTypes = Arrays.asList(GrantTypes.AUTHORIZATION_CODE, GrantTypes.PASSWORD, - GrantTypes.CLIENT_CREDENTIALS, GrantTypes.REFRESH_TOKEN); + private Map authzGrantHandlers; + private List supportedGrantTypes = new ArrayList<>(); private DPoPTokenManagerDAO tokenBindingTypeManagerDao = DPoPDataHolder.getInstance().getTokenBindingTypeManagerDao(); @@ -76,7 +79,7 @@ public String getBindingType() { @Override public List getSupportedGrantTypes() { - return Collections.unmodifiableList(supportedGrantTypes); + return Collections.unmodifiableList(getAllSupportedGrantTypes()); } @Override @@ -241,4 +244,12 @@ private boolean validateDPoPHeader(Object request, TokenBinding tokenBinding) th } return true; } + + private List getAllSupportedGrantTypes() { + + authzGrantHandlers = OAuthServerConfiguration.getInstance().getSupportedGrantTypes(); + supportedGrantTypes.clear(); + supportedGrantTypes.addAll(authzGrantHandlers.keySet()); + return supportedGrantTypes; + } }