-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrate IdentityKeyStoreResolver #160
base: master
Are you sure you want to change the base?
Integrate IdentityKeyStoreResolver #160
Conversation
...src/main/java/org/wso2/carbon/identity/sts/passive/custom/provider/CustomCryptoProvider.java
Outdated
Show resolved
Hide resolved
...src/main/java/org/wso2/carbon/identity/sts/passive/custom/provider/CustomCryptoProvider.java
Outdated
Show resolved
Hide resolved
...s.passive/src/main/java/org/wso2/carbon/identity/sts/passive/utils/RequestProcessorUtil.java
Outdated
Show resolved
Hide resolved
...s.passive/src/main/java/org/wso2/carbon/identity/sts/passive/utils/RequestProcessorUtil.java
Outdated
Show resolved
Hide resolved
Unit tests have failed. Please check if it is due to these changes and address them. |
...src/main/java/org/wso2/carbon/identity/sts/passive/custom/provider/CustomCryptoProvider.java
Outdated
Show resolved
Hide resolved
...src/main/java/org/wso2/carbon/identity/sts/passive/custom/provider/CustomCryptoProvider.java
Outdated
Show resolved
Hide resolved
Created the doc PR |
19fc4ac
to
4c97bfe
Compare
4c97bfe
to
8b9dce0
Compare
PR builder started |
PR builder completed |
@Binara-Sachin
Please check locally. |
PR builder started |
PR builder completed |
Fixed in 48b481e |
PR builder started |
PR builder completed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/11657970218
// If keystore is not located in file system, (tenant keystore) | ||
// keyStoreName = keystore name, keyStoreFileLocation = "" or any path | ||
if (MultitenantConstants.SUPER_TENANT_ID != tenantId && keyStoreFileLocation.equals(keyStoreName)) { | ||
keyStoreFileLocation = ""; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why exactly do we need to set an empty value here? How was this handled with the previous implementation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Explained in the comment here (https://github.com/wso2-extensions/identity-inbound-auth-sts/pull/160/files/48b481e291091c1a292e6260d2e31891a8ae706c#diff-fa2ec612e95f800d6407cafffc914c60e6d403d0b2942a7dc98476f2cf666173R221-R225)
- keyStoreName should only be populated if this is a tenant keystore.
- Otherwise, we should make keyStoreName empty and set the correct location.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shall we move this logic to the getEncryptionProperties()
? And populate the properties based on the tenant.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Made the changes 32f5992
Does this support PKCS12 type keystores? |
...s.passive/src/main/java/org/wso2/carbon/identity/sts/passive/utils/RequestProcessorUtil.java
Outdated
Show resolved
Hide resolved
Since we are reverting Oauth PR wso2-extensions/identity-inbound-auth-oauth#2618
Purpose
IdentityKeyStoreResolver
class into the WS-Federation and WS-Trust flows.Important