Skip to content

Commit

Permalink
Merge pull request #5145 from Thumimku/addAppleIdForAttestationMD
Browse files Browse the repository at this point in the history
Add appleAppID to client Attestation meta data
  • Loading branch information
Thumimku authored Nov 9, 2023
2 parents 5147775 + 69eecb2 commit d22cb3e
Show file tree
Hide file tree
Showing 5 changed files with 70 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ public class ClientAttestationMetaData implements Serializable {
private static final String IS_ATTESTATION_ENABLED = "IsAttestationEnabled";
private static final String ANDROID_PACKAGE_NAME = "AndroidPackageName";
private static final String ANDROID_ATTESTATION_SERVICE_CREDENTIALS = "AndroidAttestationServiceCredentials";
private static final String APPLE_APP_ID = "AppleAppId";

// Field to store whether attestation is enabled.
@IgnoreNullElement
Expand All @@ -58,6 +59,11 @@ public class ClientAttestationMetaData implements Serializable {
@XmlElement(name = ANDROID_ATTESTATION_SERVICE_CREDENTIALS)
private String androidAttestationServiceCredentials;

// Field to store Apple app ID.
@IgnoreNullElement
@XmlElement(name = APPLE_APP_ID)
private String appleAppId;

/**
* Creates an instance of the ClientAttestationMetaData class by parsing an OMElement.
*
Expand All @@ -83,6 +89,9 @@ public static ClientAttestationMetaData build(OMElement metaDataOM) {
if (ANDROID_ATTESTATION_SERVICE_CREDENTIALS.equals(elementName)) {
metaData.setAndroidAttestationServiceCredentials(element.getText());
}
if (APPLE_APP_ID.equals(elementName)) {
metaData.setAppleAppId(element.getText());
}
}
return metaData;
}
Expand Down Expand Up @@ -147,4 +156,24 @@ public void setAndroidAttestationServiceCredentials(String androidAttestationSer

this.androidAttestationServiceCredentials = androidAttestationServiceCredentials;
}

/**
* Gets the Apple App ID.
*
* @return The Apple App ID.
*/
public String getAppleAppId() {

return appleAppId;
}

/**
* Sets the Apple App ID.
*
* @param appleAppId The Apple App ID to set.
*/
public void setAppleAppId(String appleAppId) {

this.appleAppId = appleAppId;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,8 @@ private IdentityApplicationConstants() {
public static final String IS_ATTESTATION_ENABLED_DISPLAY_NAME = "Is Client Attestation Enabled";
public static final String ANDROID_PACKAGE_NAME_PROPERTY_NAME = "androidPackageName";
public static final String ANDROID_PACKAGE_NAME_DISPLAY_NAME = "Android mobile application package name";
public static final String APPLE_APP_ID_PROPERTY_NAME = "appleAppId";
public static final String APPLE_APP_ID_DISPLAY_NAME = "Apple application id";
public static final String APPLICATION_SECRET_TYPE_ANDROID_ATTESTATION_CREDENTIALS
= "ANDROID_ATTESTATION_CREDENTIALS";
public static final String CLIENT_ATTESTATION = "CLIENT_ATTESTATION";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,8 @@
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.ANDROID;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.ANDROID_PACKAGE_NAME_DISPLAY_NAME;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.ANDROID_PACKAGE_NAME_PROPERTY_NAME;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.APPLE_APP_ID_DISPLAY_NAME;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.APPLE_APP_ID_PROPERTY_NAME;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.APPLICATION_SECRET_TYPE_ANDROID_ATTESTATION_CREDENTIALS;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.CLIENT_ATTESTATION;
import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.CLIENT_ID_SP_PROPERTY_NAME;
Expand Down Expand Up @@ -450,6 +452,10 @@ private ApplicationCreateResult persistBasicApplicationInformation(Connection co
buildAndroidPackageNameProperty(application.getClientAttestationMetaData());
serviceProviderProperties.add(androidPackageName);

ServiceProviderProperty appleAppId =
buildAppleAppIdProperty(application.getClientAttestationMetaData());
serviceProviderProperties.add(appleAppId);

storeAndroidAttestationServiceCredentialAsSecret(application);
}

Expand Down Expand Up @@ -2118,6 +2124,7 @@ public ServiceProvider getApplication(int applicationId) throws IdentityApplicat
ClientAttestationMetaData clientAttestationMetaData = new ClientAttestationMetaData();
clientAttestationMetaData.setAttestationEnabled(getIsAttestationEnabled(propertyList));
clientAttestationMetaData.setAndroidPackageName(getAndroidPackageName(propertyList));
clientAttestationMetaData.setAppleAppId(getAppleAppId(propertyList));
if (StringUtils.isNotEmpty(clientAttestationMetaData.getAndroidPackageName())
&& clientAttestationMetaData.isAttestationEnabled()) {
clientAttestationMetaData.setAndroidAttestationServiceCredentials
Expand Down Expand Up @@ -2358,6 +2365,15 @@ private String getAndroidPackageName(List<ServiceProviderProperty> propertyList)
.orElse(StringUtils.EMPTY);
}

private String getAppleAppId(List<ServiceProviderProperty> propertyList) {

return propertyList.stream()
.filter(property -> APPLE_APP_ID_PROPERTY_NAME.equals(property.getName()))
.findFirst()
.map(ServiceProviderProperty::getValue)
.orElse(StringUtils.EMPTY);
}

private String getAndroidAttestationServiceCredentials(ServiceProvider serviceProvider)
throws IdentityApplicationManagementException {

Expand Down Expand Up @@ -4973,6 +4989,10 @@ private void updateConfigurationsAsServiceProperties(ServiceProvider sp)
buildAndroidPackageNameProperty(sp.getClientAttestationMetaData());
spPropertyMap.put(androidPackageName.getName(), androidPackageName);

ServiceProviderProperty appleAppId =
buildAppleAppIdProperty(sp.getClientAttestationMetaData());
spPropertyMap.put(appleAppId.getName(), appleAppId);

storeAndroidAttestationServiceCredentialAsSecret(sp);
}

Expand Down Expand Up @@ -5008,6 +5028,16 @@ private ServiceProviderProperty buildIsAPIBasedAuthenticationEnabledProperty(Ser
return androidPackageName;
}

private ServiceProviderProperty buildAppleAppIdProperty
(ClientAttestationMetaData clientAttestationMetaData) {

ServiceProviderProperty appleAppId = new ServiceProviderProperty();
appleAppId.setName(APPLE_APP_ID_PROPERTY_NAME);
appleAppId.setDisplayName(APPLE_APP_ID_DISPLAY_NAME);
appleAppId.setValue(String.valueOf(clientAttestationMetaData.getAppleAppId()));
return appleAppId;
}

private void storeAndroidAttestationServiceCredentialAsSecret(ServiceProvider sp)
throws IdentityApplicationManagementException {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -828,14 +828,15 @@ public Object[][] testAddApplicationWithAttestationData() {


return new Object[][]{
{true, "com.wso2.sample.mobile.application", "sampleCredentials"}
{true, "com.wso2.sample.mobile.application", "sampleCredentials", "APPLETEAMID.com.wso2.mobile.sample"}
};
}

@Test(dataProvider = "testAddApplicationWithAttestationData")
public void testAddApplicationWithAttestationData(boolean isAttestationEnabled,
String androidPackageName,
String androidCredentials) throws Exception {
String androidCredentials,
String appleAppId) throws Exception {

ResolvedSecret resolvedSecret = new ResolvedSecret();
resolvedSecret.setResolvedSecretValue(androidCredentials);
Expand All @@ -850,6 +851,7 @@ public void testAddApplicationWithAttestationData(boolean isAttestationEnabled,
ClientAttestationMetaData clientAttestationMetaData = new ClientAttestationMetaData();
clientAttestationMetaData.setAttestationEnabled(isAttestationEnabled);
clientAttestationMetaData.setAndroidPackageName(androidPackageName);
clientAttestationMetaData.setAppleAppId(appleAppId);
clientAttestationMetaData.setAndroidAttestationServiceCredentials(androidCredentials);
inputSP.setClientAttestationMetaData(clientAttestationMetaData);

Expand All @@ -860,6 +862,8 @@ public void testAddApplicationWithAttestationData(boolean isAttestationEnabled,
Assert.assertEquals(addedSP.getClientAttestationMetaData().getAndroidPackageName(), androidPackageName);
Assert.assertEquals(addedSP.getClientAttestationMetaData().getAndroidAttestationServiceCredentials(),
androidCredentials);
Assert.assertEquals(addedSP.getClientAttestationMetaData().getAppleAppId(),
appleAppId);

SecretManager secretManager = mock(SecretManagerImpl.class);
when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(true);
Expand All @@ -870,12 +874,14 @@ public void testAddApplicationWithAttestationData(boolean isAttestationEnabled,
(inputSP.getApplicationName(), SUPER_TENANT_DOMAIN_NAME);
Assert.assertEquals(retrievedSP.getClientAttestationMetaData().isAttestationEnabled(), isAttestationEnabled);
Assert.assertEquals(retrievedSP.getClientAttestationMetaData().getAndroidPackageName(), androidPackageName);
Assert.assertEquals(retrievedSP.getClientAttestationMetaData().getAppleAppId(), appleAppId);
Assert.assertEquals(retrievedSP.getClientAttestationMetaData().getAndroidAttestationServiceCredentials(),
androidCredentials);
// Updating the application by changing the isManagementApplication flag. It should be changed.
ClientAttestationMetaData clientAttestationMetaData2 = new ClientAttestationMetaData();
clientAttestationMetaData2.setAttestationEnabled(!isAttestationEnabled);
clientAttestationMetaData2.setAndroidPackageName(null);
clientAttestationMetaData2.setAppleAppId(null);
clientAttestationMetaData2.setAndroidAttestationServiceCredentials(null);
inputSP.setClientAttestationMetaData(clientAttestationMetaData2);
applicationManagementService.updateApplication(inputSP, SUPER_TENANT_DOMAIN_NAME, REGISTRY_SYSTEM_USERNAME);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -427,6 +427,7 @@
<xs:sequence>
<xs:element minOccurs="0" name="androidAttestationServiceCredentials" nillable="true" type="xs:string"/>
<xs:element minOccurs="0" name="androidPackageName" nillable="true" type="xs:string"/>
<xs:element minOccurs="0" name="appleAppId" nillable="true" type="xs:string"/>
<xs:element minOccurs="0" name="attestationEnabled" type="xs:boolean"/>
</xs:sequence>
</xs:complexType>
Expand Down

0 comments on commit d22cb3e

Please sign in to comment.