diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java index 75d7c805f6d9..0c32bfe91c49 100755 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java @@ -1483,6 +1483,7 @@ private OAuthConstants() { public static final String API_STORE_GROUP_EXTRACTOR_IMPLEMENTATION = API_STORE + "GroupingExtractor"; public static final String API_STORE_REST_API_GROUP_EXTRACTOR_IMPLEMENTATION = API_STORE + "RESTApiGroupingExtractor"; + public static final String IS_ENABLE_JWT_FOR_PORTALS = OAUTH_CONFIGS + "EnableJWTForPortals"; public static final String API_CUSTOM_SEQUENCES_FOLDER_LOCATION = "repository" + File.separator + "resources" + File.separator + "customsequences"; public static final String WORKFLOW_EXTENSION_LOCATION = diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java index 63ed1a563b39..8a6dcef69f7b 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java @@ -7052,6 +7052,24 @@ public static boolean isMultiGroupAppSharingEnabled() { return Boolean.valueOf(multiGrpAppSharing); } + /** + * Enable jwt for portal logins + * + * @return boolean value of the config + */ + public static boolean isJWTEnabledForPortals() { + + APIManagerConfiguration config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService() + .getAPIManagerConfiguration(); + + String isEnabledJwtForPortals = config.getFirstProperty(APIConstants.IS_ENABLE_JWT_FOR_PORTALS); + if (isEnabledJwtForPortals != null) { + return Boolean.valueOf(isEnabledJwtForPortals); + } + + return false; + + } /** * Used to check whether Provisioning Out-of-Band OAuth Clients feature is enabled * diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SettingsDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SettingsDTO.java index 0b9e61668439..6348aa234ac4 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SettingsDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SettingsDTO.java @@ -25,6 +25,7 @@ public class SettingsDTO { private List scopes = new ArrayList(); private List gatewayTypes = new ArrayList(); + private Boolean isJWTEnabledForLoginTokens = false; private List keyManagerConfiguration = new ArrayList(); private Boolean analyticsEnabled = null; @@ -62,6 +63,23 @@ public void setGatewayTypes(List gatewayTypes) { this.gatewayTypes = gatewayTypes; } + /** + **/ + public SettingsDTO isJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("IsJWTEnabledForLoginTokens") + public Boolean isIsJWTEnabledForLoginTokens() { + return isJWTEnabledForLoginTokens; + } + public void setIsJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + } + /** **/ public SettingsDTO keyManagerConfiguration(List keyManagerConfiguration) { @@ -110,13 +128,14 @@ public boolean equals(java.lang.Object o) { SettingsDTO settings = (SettingsDTO) o; return Objects.equals(scopes, settings.scopes) && Objects.equals(gatewayTypes, settings.gatewayTypes) && + Objects.equals(isJWTEnabledForLoginTokens, settings.isJWTEnabledForLoginTokens) && Objects.equals(keyManagerConfiguration, settings.keyManagerConfiguration) && Objects.equals(analyticsEnabled, settings.analyticsEnabled); } @Override public int hashCode() { - return Objects.hash(scopes, gatewayTypes, keyManagerConfiguration, analyticsEnabled); + return Objects.hash(scopes, gatewayTypes, isJWTEnabledForLoginTokens, keyManagerConfiguration, analyticsEnabled); } @Override @@ -126,6 +145,7 @@ public String toString() { sb.append(" scopes: ").append(toIndentedString(scopes)).append("\n"); sb.append(" gatewayTypes: ").append(toIndentedString(gatewayTypes)).append("\n"); + sb.append(" isJWTEnabledForLoginTokens: ").append(toIndentedString(isJWTEnabledForLoginTokens)).append("\n"); sb.append(" keyManagerConfiguration: ").append(toIndentedString(keyManagerConfiguration)).append("\n"); sb.append(" analyticsEnabled: ").append(toIndentedString(analyticsEnabled)).append("\n"); sb.append("}"); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/SettingsMappingUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/SettingsMappingUtil.java index 85ce5cfcc9ae..99759d09ff2e 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/SettingsMappingUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/SettingsMappingUtil.java @@ -61,6 +61,7 @@ public SettingsDTO fromSettingsToDTO(Boolean isUserAvailable) throws APIManageme } settingsDTO.setScopes(getScopeList()); settingsDTO.setGatewayTypes(APIUtil.getGatewayTypes()); + settingsDTO.setIsJWTEnabledForLoginTokens(APIUtil.isJWTEnabledForPortals()); return settingsDTO; } diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml index b2b5b49eef33..9ab2731e5ae0 100755 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml @@ -4594,6 +4594,9 @@ components: type: array items: type: string + IsJWTEnabledForLoginTokens: + type: boolean + default: false keyManagerConfiguration: type: array items: diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml index b2b5b49eef33..9ab2731e5ae0 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml @@ -4594,6 +4594,9 @@ components: type: array items: type: string + IsJWTEnabledForLoginTokens: + type: boolean + default: false keyManagerConfiguration: type: array items: diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml index 7645d60f5b37..26019f4337fe 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/devportal-api.yaml @@ -5290,6 +5290,9 @@ components: IsPasswordChangeEnabled: type: boolean default: true + IsJWTEnabledForLoginTokens: + type: boolean + default: false userStorePasswordPattern: type: string description: The 'PasswordJavaRegEx' cofigured in the UserStoreManager diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml index 09e591810f9d..fd443b4d4b86 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/publisher-api.yaml @@ -11915,6 +11915,9 @@ components: type: string description: Authorization Header example: authorization + IsJWTEnabledForLoginTokens: + type: boolean + default: false customProperties: type: array items: diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/dto/SettingsDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/dto/SettingsDTO.java index 04789fd8fd2d..61018a6dfad7 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/dto/SettingsDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/gen/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/dto/SettingsDTO.java @@ -39,6 +39,7 @@ public class SettingsDTO { private String defaultAdvancePolicy = null; private String defaultSubscriptionPolicy = null; private String authorizationHeader = null; + private Boolean isJWTEnabledForLoginTokens = false; private List customProperties = new ArrayList(); /** @@ -273,6 +274,23 @@ public void setAuthorizationHeader(String authorizationHeader) { this.authorizationHeader = authorizationHeader; } + /** + **/ + public SettingsDTO isJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("IsJWTEnabledForLoginTokens") + public Boolean isIsJWTEnabledForLoginTokens() { + return isJWTEnabledForLoginTokens; + } + public void setIsJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + } + /** **/ public SettingsDTO customProperties(List customProperties) { @@ -314,12 +332,13 @@ public boolean equals(java.lang.Object o) { Objects.equals(defaultAdvancePolicy, settings.defaultAdvancePolicy) && Objects.equals(defaultSubscriptionPolicy, settings.defaultSubscriptionPolicy) && Objects.equals(authorizationHeader, settings.authorizationHeader) && + Objects.equals(isJWTEnabledForLoginTokens, settings.isJWTEnabledForLoginTokens) && Objects.equals(customProperties, settings.customProperties); } @Override public int hashCode() { - return Objects.hash(devportalUrl, environment, gatewayTypes, scopes, monetizationAttributes, subscriberContactAttributes, securityAuditProperties, externalStoresEnabled, docVisibilityEnabled, crossTenantSubscriptionEnabled, defaultAdvancePolicy, defaultSubscriptionPolicy, authorizationHeader, customProperties); + return Objects.hash(devportalUrl, environment, gatewayTypes, scopes, monetizationAttributes, subscriberContactAttributes, securityAuditProperties, externalStoresEnabled, docVisibilityEnabled, crossTenantSubscriptionEnabled, defaultAdvancePolicy, defaultSubscriptionPolicy, authorizationHeader, isJWTEnabledForLoginTokens, customProperties); } @Override @@ -340,6 +359,7 @@ public String toString() { sb.append(" defaultAdvancePolicy: ").append(toIndentedString(defaultAdvancePolicy)).append("\n"); sb.append(" defaultSubscriptionPolicy: ").append(toIndentedString(defaultSubscriptionPolicy)).append("\n"); sb.append(" authorizationHeader: ").append(toIndentedString(authorizationHeader)).append("\n"); + sb.append(" isJWTEnabledForLoginTokens: ").append(toIndentedString(isJWTEnabledForLoginTokens)).append("\n"); sb.append(" customProperties: ").append(toIndentedString(customProperties)).append("\n"); sb.append("}"); return sb.toString(); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SettingsMappingUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SettingsMappingUtil.java index 213c281845fb..e51206a55255 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SettingsMappingUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1.common/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/SettingsMappingUtil.java @@ -87,6 +87,7 @@ public SettingsDTO fromSettingstoDTO(Boolean isUserAvailable, String organizatio APIUtil.isExternalStoresEnabled(RestApiCommonUtil.getLoggedInUserTenantDomain())); settingsDTO.setDocVisibilityEnabled(APIUtil.isDocVisibilityLevelsEnabled()); settingsDTO.setCrossTenantSubscriptionEnabled(APIUtil.isCrossTenantSubscriptionsEnabled()); + settingsDTO.setIsJWTEnabledForLoginTokens(APIUtil.isJWTEnabledForPortals()); Map gatewayEnvironments = APIUtil.getReadOnlyGatewayEnvironments(); String authorizationHeader = APIUtil.getOAuthConfiguration(loggedInUserTenantDomain, APIConstants.AUTHORIZATION_HEADER); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml index 09e591810f9d..fd443b4d4b86 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml @@ -11915,6 +11915,9 @@ components: type: string description: Authorization Header example: authorization + IsJWTEnabledForLoginTokens: + type: boolean + default: false customProperties: type: array items: diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java index 7e27c752d52e..a5a69be8330b 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/store/v1/dto/SettingsDTO.java @@ -34,6 +34,7 @@ public class SettingsDTO { private SettingsIdentityProviderDTO identityProvider = null; private Boolean isAnonymousModeEnabled = true; private Boolean isPasswordChangeEnabled = true; + private Boolean isJWTEnabledForLoginTokens = false; private String userStorePasswordPattern = null; private String passwordPolicyPattern = null; private Integer passwordPolicyMinLength = null; @@ -227,6 +228,23 @@ public void setIsPasswordChangeEnabled(Boolean isPasswordChangeEnabled) { this.isPasswordChangeEnabled = isPasswordChangeEnabled; } + /** + **/ + public SettingsDTO isJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("IsJWTEnabledForLoginTokens") + public Boolean isIsJWTEnabledForLoginTokens() { + return isJWTEnabledForLoginTokens; + } + public void setIsJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + } + /** * The 'PasswordJavaRegEx' cofigured in the UserStoreManager **/ @@ -320,6 +338,7 @@ public boolean equals(java.lang.Object o) { Objects.equals(identityProvider, settings.identityProvider) && Objects.equals(isAnonymousModeEnabled, settings.isAnonymousModeEnabled) && Objects.equals(isPasswordChangeEnabled, settings.isPasswordChangeEnabled) && + Objects.equals(isJWTEnabledForLoginTokens, settings.isJWTEnabledForLoginTokens) && Objects.equals(userStorePasswordPattern, settings.userStorePasswordPattern) && Objects.equals(passwordPolicyPattern, settings.passwordPolicyPattern) && Objects.equals(passwordPolicyMinLength, settings.passwordPolicyMinLength) && @@ -328,7 +347,7 @@ public boolean equals(java.lang.Object o) { @Override public int hashCode() { - return Objects.hash(grantTypes, scopes, applicationSharingEnabled, mapExistingAuthApps, apiGatewayEndpoint, monetizationEnabled, recommendationEnabled, isUnlimitedTierPaid, identityProvider, isAnonymousModeEnabled, isPasswordChangeEnabled, userStorePasswordPattern, passwordPolicyPattern, passwordPolicyMinLength, passwordPolicyMaxLength); + return Objects.hash(grantTypes, scopes, applicationSharingEnabled, mapExistingAuthApps, apiGatewayEndpoint, monetizationEnabled, recommendationEnabled, isUnlimitedTierPaid, identityProvider, isAnonymousModeEnabled, isPasswordChangeEnabled, isJWTEnabledForLoginTokens, userStorePasswordPattern, passwordPolicyPattern, passwordPolicyMinLength, passwordPolicyMaxLength); } @Override @@ -347,6 +366,7 @@ public String toString() { sb.append(" identityProvider: ").append(toIndentedString(identityProvider)).append("\n"); sb.append(" isAnonymousModeEnabled: ").append(toIndentedString(isAnonymousModeEnabled)).append("\n"); sb.append(" isPasswordChangeEnabled: ").append(toIndentedString(isPasswordChangeEnabled)).append("\n"); + sb.append(" isJWTEnabledForLoginTokens: ").append(toIndentedString(isJWTEnabledForLoginTokens)).append("\n"); sb.append(" userStorePasswordPattern: ").append(toIndentedString(userStorePasswordPattern)).append("\n"); sb.append(" passwordPolicyPattern: ").append(toIndentedString(passwordPolicyPattern)).append("\n"); sb.append(" passwordPolicyMinLength: ").append(toIndentedString(passwordPolicyMinLength)).append("\n"); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java index 5ab3f6b11b67..b8b2febfa20f 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/store/v1/mappings/SettingsMappingUtil.java @@ -60,6 +60,7 @@ public SettingsDTO fromSettingstoDTO(Boolean isUserAvailable, Boolean moneatizat SettingsDTO settingsDTO = new SettingsDTO(); settingsDTO.setScopes(GetScopeList()); settingsDTO.setApplicationSharingEnabled(APIUtil.isMultiGroupAppSharingEnabled()); + settingsDTO.setIsJWTEnabledForLoginTokens(APIUtil.isJWTEnabledForPortals()); settingsDTO.setRecommendationEnabled(recommendationEnabled); settingsDTO.setMapExistingAuthApps(APIUtil.isMapExistingAuthAppsEnabled()); settingsDTO.setMonetizationEnabled(moneatizationEnabled); diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml index 7645d60f5b37..26019f4337fe 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml @@ -5290,6 +5290,9 @@ components: IsPasswordChangeEnabled: type: boolean default: true + IsJWTEnabledForLoginTokens: + type: boolean + default: false userStorePasswordPattern: type: string description: The 'PasswordJavaRegEx' cofigured in the UserStoreManager diff --git a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 index 7e689ea92531..11248a7067b8 100644 --- a/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 +++ b/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/conf_templates/templates/repository/conf/api-manager.xml.j2 @@ -434,6 +434,9 @@ {{apim.oauth_config.enable_certificate_bound_access_token}} + {% if apim.oauth_config.enable_jwt_for_portals is defined %} + {{apim.oauth_config.enable_jwt_for_portals}} + {% endif %}