Application Management Listener
Writing a custom Application Management Listener¶
The Application Management Listener contains an extension. According to your requirements, you can extend and override
the methods in the ApplicationUpdaterImpl
class to support the following functions:
- Setting authenticators
- Setting a conditional authentication script
- Publishing data during application creation, update, and deletion
- Enabling specific OAuth 2.0 properties in the created application such as ID token encryption, Proof Key for Code Exchange (PKCE) support
- Storing additional details regarding the application as metadata
To achieve the above, extend the following class.
com.wso2.openbanking.accelerator.identity.listener.application.ApplicationUpdaterImpl
To extend the validation capabilities according to your requirements, override relevant methods of this class. Given below is a brief description of each method.
setOauthAppProperties method¶
This method lets you enable OAuth 2.0 properties related to the application. For example, ID token encryption.
public void setOauthAppProperties(boolean isRegulatoryApp, OAuthConsumerAppDTO oauthApplication, Map<String, Object> spMetaData)
throws OpenBankingException {
oauthApplication.setIdTokenEncryptionEnabled(true);
oauthApplication.setIdTokenEncryptionAlgorithm("RSA-OAEP");
}
setServiceProviderProperties method¶
This method lets you store any additional details about the application, as metadata.
Note
By default, the details sent during the application registration are already stored as metadata.
public void setServiceProviderProperties(boolean isRegulatoryApp, ServiceProvider serviceProvider, ServiceProviderProperty[] serviceProvideProperties)
throws OpenBankingException {
// retrieve a list of existing service provider properties
List < ServiceProviderProperty > spProperties = new ArrayList < > (Arrays.asList(serviceProvider.getSpProperties()));
// create a new service provider property
ServiceProviderProperty serviceProviderProperty = new ServiceProviderProperty();
serviceProviderProperty.setValue(spPropertyValue);
serviceProviderProperty.setName(spPropertyName);
serviceProviderProperty.setDisplayName(spPropertyName);
// add the created property to an existing list of properties
spProperties.add(serviceProviderProperty);
// set the modified list to the service provider
serviceProvider.setSpProperties(spProperties.toArray(new ServiceProviderProperty[0]));
}
setAuthenticators method¶
This method lets you configure authenticators to be invoked during the authorization flow.
public void setAuthenticators (boolean isRegulatoryApp, String tenantDomain, ServiceProvider serviceProvider,
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig)
throws OpenBankingException {
if (isRegulatoryApp) {
List<AuthenticationStep> authSteps = new ArrayList<>();
//Step 1 - Default basic authentication
LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
LocalAuthenticatorConfig[] localAuthenticatorConfigs = new LocalAuthenticatorConfig[1];
AuthenticationStep basicAuthenticationStep = new AuthenticationStep();
String authenticatorDisplayName = "<PRIMARY_AUTHENTICATOR_DISPLAY_NAME>";
String authenticatorName = "<PRIMARY_AUTHENTICATOR_NAME>";
localAuthenticatorConfig.setDisplayName(authenticatorDisplayName);
localAuthenticatorConfig.setEnabled(true);
localAuthenticatorConfig.setName(authenticatorName);
localAuthenticatorConfigs[0] = localAuthenticatorConfig;
basicAuthenticationStep.setStepOrder(1);
basicAuthenticationStep.setLocalAuthenticatorConfigs(localAuthenticatorConfigs);
basicAuthenticationStep.setAttributeStep(true);
basicAuthenticationStep.setSubjectStep(true);
//set step 1
authSteps.add(basicAuthenticationStep);
if (logger.isDebugEnabled()) {
logger.debug(String.format("Authentication step 1 added: %s", authenticatorName));
}
localAndOutboundAuthenticationConfig.setAuthenticationSteps(authSteps.toArray(
new AuthenticationStep[0]));
}
}
Tip
You can change the name of the Identity Provider by configuring the following tag in the
<IS_HOME>/repository/conf/deployment.toml
file. For example:
[open_banking.sca.idp]
name = "SMSAuthentication"
setConditionalAuthScript method¶
This method lets you set a conditional authentication script. Using this script, you can dynamically set the authentication steps according to the context.
public void setConditionalAuthScript(boolean isRegulatoryApp, ServiceProvider serviceProvider,
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig)
throws OpenBankingException {
if (isRegulatoryApp) {
if (localAndOutboundAuthenticationConfig.getAuthenticationScriptConfig() == null) {
TextFileReader textFileReader = TextFileReader.getInstance();
try {
String authScript = textFileReader.readFile(IdentityCommonConstants.CONDITIONAL_COMMON_AUTH_SCRIPT_FILE_NAME);
if (StringUtils.isNotEmpty(authScript)) {
AuthenticationScriptConfig scriptConfig = new AuthenticationScriptConfig();
scriptConfig.setContent(authScript);
scriptConfig.setEnabled(true);
localAndOutboundAuthenticationConfig.setAuthenticationScriptConfig(scriptConfig);
}
} catch (IOException e) {
throw new OpenBankingException("Error occurred while reading file", e);
}
}
}
}
publishData method¶
This method lets you publish data during the application creation. Given below is the method signature:
public void publishData(Map < String, Object > spMetaData, OAuthConsumerAppDTO oAuthConsumerAppDTO) throws OpenBankingException {
}
doPreCreateApplication method¶
This method lets you implement any logic that needs to be executed before the application creation. Given below is the method signature:
public void doPreCreateApplication(boolean isRegulatoryApp, ServiceProvider serviceProvider, LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig, String tenantDomain, String userName) throws OpenBankingException {
}
doPostGetApplication method¶
This method lets you implement any logic that needs to be executed after retrieving application details. Given below is the method signature:
public void doPostGetApplication(ServiceProvider serviceProvider, String applicationName, String tenantDomain) throws OpenBankingException {
}
doPreUpdateApplication method¶
This method executes before updating a created application.
By default, when this is executed it invokes the following methods in the given order. If required, the default order can be changed.
setAuthenticators
methodsetConditionalAuthScript
methodsetServiceProviderProperties
methodsetOauthAppProperties
methodpublishData
method
Any logic that needs to be executed before or after the default logic of the doPreUpdateApplication
method can be
implemented after invoking its super()
method. Given below is the method signature:
public void doPreUpdateApplication(boolean isRegulatoryApp, OAuthConsumerAppDTO oauthApplication, ServiceProvider serviceProvider, LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig, String tenantDomain, String userName) throws OpenBankingException {
}
doPreDeleteApplication method¶
This method lets you implement any logic that needs to be executed before the application deletion. Given below is the method signature:
public void doPreDeleteApplication(String applicationName, String tenantDomain, String userName) throws OpenBankingException {
}
doPostDeleteApplication method¶
This method lets you implement any logic that needs to be executed after the application deletion. For example, publishing data. Given below is the method signature:
public void doPostDeleteApplication(ServiceProvider serviceProvider, String tenantDomain, String userName) throws OpenBankingException {
}
Configuring a custom Application Management Listener¶
-
Open the
<IS_HOME>/repository/conf/deployment.toml
file. -
Add the following tag and configure the classpath of the extended class. For example:
[open_banking.dcr] applicationupdater = "com.wso2.openbanking.accelerator.identity.listener.application.ApplicationUpdaterImpl"