diff --git a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml
index 4432ee3693f..15a68ed8604 100644
--- a/components/org.wso2.carbon.identity.oauth.dcr/pom.xml
+++ b/components/org.wso2.carbon.identity.oauth.dcr/pom.xml
@@ -117,6 +117,11 @@
jackson-core
test
+
+ com.fasterxml.jackson.core
+ jackson-databind
+ test
+
com.sun.xml.parsers
jaxp-ri
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
index 9c5164cc1fd..49067de1ead 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
@@ -98,6 +98,8 @@
import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_REVOCATION_WITH_IDP_SESSION_TERMINATION;
import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.TOKEN_TYPE;
import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.OPENID_CONNECT_AUDIENCE;
+import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getConsoleCallbackFromServerConfig;
+import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.getMyAccountCallbackFromServerConfig;
/**
* JDBC Based data access layer for OAuth Consumer Applications.
@@ -332,6 +334,18 @@ public OAuthAppDO[] getOAuthConsumerAppsOfUser(String username, int tenantId) th
oauthApp.setCallbackUrl(
ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(5)));
}
+ if (ApplicationMgtUtil.isConsole(oauthApp.getApplicationName())) {
+ String consoleCallbackUrl = getConsoleCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(consoleCallbackUrl)) {
+ oauthApp.setCallbackUrl(consoleCallbackUrl);
+ }
+ }
+ if (ApplicationMgtUtil.isMyAccount(oauthApp.getApplicationName())) {
+ String myAccountCallbackUrl = getMyAccountCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(myAccountCallbackUrl)) {
+ oauthApp.setCallbackUrl(myAccountCallbackUrl);
+ }
+ }
oauthApp.setGrantTypes(rSet.getString(6));
oauthApp.setId(rSet.getInt(7));
@@ -440,6 +454,19 @@ public OAuthAppDO getAppInformation(String consumerKey, int tenantId) throws
oauthApp.setCallbackUrl(
ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(5)));
}
+ String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId);
+ if (ApplicationMgtUtil.isConsole(oauthApp.getApplicationName())) {
+ String consoleCallbackUrl = getConsoleCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(consoleCallbackUrl)) {
+ oauthApp.setCallbackUrl(consoleCallbackUrl);
+ }
+ }
+ if (ApplicationMgtUtil.isMyAccount(oauthApp.getApplicationName())) {
+ String myAccountCallbackUrl = getMyAccountCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(myAccountCallbackUrl)) {
+ oauthApp.setCallbackUrl(myAccountCallbackUrl);
+ }
+ }
authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(6)));
authenticatedUser.setUserStoreDomain(rSet.getString(7));
@@ -528,6 +555,19 @@ public OAuthAppDO getAppInformation(String consumerKey, AccessTokenDO accessToke
oauthApp.setCallbackUrl(
ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(CALLBACK_URL)));
}
+ String tenantDomain = IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID));
+ if (ApplicationMgtUtil.isConsole(oauthApp.getApplicationName())) {
+ String consoleCallbackUrl = getConsoleCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(consoleCallbackUrl)) {
+ oauthApp.setCallbackUrl(consoleCallbackUrl);
+ }
+ }
+ if (ApplicationMgtUtil.isMyAccount(oauthApp.getApplicationName())) {
+ String myAccountCallbackUrl = getMyAccountCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(myAccountCallbackUrl)) {
+ oauthApp.setCallbackUrl(myAccountCallbackUrl);
+ }
+ }
authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID)));
authenticatedUser.setUserStoreDomain(rSet.getString(USER_DOMAIN));
@@ -602,6 +642,19 @@ public OAuthAppDO[] getAppsForConsumerKey(String consumerKey)
oauthApp.setCallbackUrl(
ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(CALLBACK_URL)));
}
+ String tenantDomain = IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID));
+ if (ApplicationMgtUtil.isConsole(oauthApp.getApplicationName())) {
+ String consoleCallbackUrl = getConsoleCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(consoleCallbackUrl)) {
+ oauthApp.setCallbackUrl(consoleCallbackUrl);
+ }
+ }
+ if (ApplicationMgtUtil.isMyAccount(oauthApp.getApplicationName())) {
+ String myAccountCallbackUrl = getMyAccountCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(myAccountCallbackUrl)) {
+ oauthApp.setCallbackUrl(myAccountCallbackUrl);
+ }
+ }
authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(rSet.getInt(TENANT_ID)));
authenticatedUser.setUserStoreDomain(rSet.getString(USER_DOMAIN));
@@ -686,6 +739,19 @@ public OAuthAppDO getAppInformationByAppName(String appName) throws
oauthApp.setCallbackUrl(
ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(rSet.getString(6)));
}
+ String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantID);
+ if (ApplicationMgtUtil.isConsole(oauthApp.getApplicationName())) {
+ String consoleCallbackUrl = getConsoleCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(consoleCallbackUrl)) {
+ oauthApp.setCallbackUrl(consoleCallbackUrl);
+ }
+ }
+ if (ApplicationMgtUtil.isMyAccount(oauthApp.getApplicationName())) {
+ String myAccountCallbackUrl = getMyAccountCallbackFromServerConfig(tenantDomain);
+ if (StringUtils.isNotBlank(myAccountCallbackUrl)) {
+ oauthApp.setCallbackUrl(myAccountCallbackUrl);
+ }
+ }
oauthApp.setGrantTypes(rSet.getString(7));
oauthApp.setId(rSet.getInt(8));
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java
index a791045be43..6a6565a5c87 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java
@@ -42,6 +42,9 @@ public static class TokenBinderType {
public static final String OAUTH_TOKEN_PERSISTENCE_ENABLE = "OAuth.TokenPersistence.Enable";
public static final String OAUTH_CODE_PERSISTENCE_ENABLE = "OAuth.EnableAuthCodePersistence";
public static final String OAUTH_ENABLE_REVOKE_TOKEN_HEADERS = "OAuth.EnableRevokeTokenHeadersInResponse";
+ public static final String CONSOLE_CALLBACK_URL_FROM_SERVER_CONFIGS = "Console.CallbackURL";
+ public static final String MY_ACCOUNT_CALLBACK_URL_FROM_SERVER_CONFIGS = "MyAccount.CallbackURL";
+ public static final String TENANT_DOMAIN_PLACEHOLDER = "{TENANT_DOMAIN}";
public static final int MAX_ALLOWED_LENGTH = 256;
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java
index 3828bfbf69f..954f44a78c0 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java
@@ -5159,4 +5159,56 @@ public static boolean isApiBasedAuthSupportedGrant(HttpServletRequest request) {
return StringUtils.equals(OAuthConstants.CODE,
request.getParameter(OAuthConstants.OAuth20Params.RESPONSE_TYPE));
}
+
+ /**
+ * Resolve Console application callback url for a specific tenant based on the callback url configured in toml.
+ *
+ * @param tenantDomain Tenant domain.
+ * @return Console callback url.
+ */
+ public static String getConsoleCallbackFromServerConfig(String tenantDomain) {
+
+ String callbackUrl = IdentityUtil.getProperty(OAuth2Constants.CONSOLE_CALLBACK_URL_FROM_SERVER_CONFIGS);
+ if (StringUtils.isNotBlank(callbackUrl)) {
+ // If callback is a regex pattern, return it as it is.
+ if (callbackUrl.startsWith(OAuthConstants.CALLBACK_URL_REGEXP_PREFIX)) {
+ return callbackUrl;
+ }
+
+ if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
+ callbackUrl = "regexp=(" + callbackUrl.replace(OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, tenantDomain)
+ + "|" + callbackUrl.replace("/t/" + OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, "") + ")";
+ } else {
+ callbackUrl = callbackUrl.replace(OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, tenantDomain);
+ }
+ return callbackUrl;
+ }
+ return null;
+ }
+
+ /**
+ * Resolve MyAccount application callback url for a specific tenant based on the callback url configured in toml.
+ *
+ * @param tenantDomain Tenant domain.
+ * @return MyAccount callback url.
+ */
+ public static String getMyAccountCallbackFromServerConfig(String tenantDomain) {
+
+ String callbackUrl = IdentityUtil.getProperty(OAuth2Constants.MY_ACCOUNT_CALLBACK_URL_FROM_SERVER_CONFIGS);
+ if (StringUtils.isNotBlank(callbackUrl)) {
+ // If callback is a regex pattern, return it as it is.
+ if (callbackUrl.startsWith(OAuthConstants.CALLBACK_URL_REGEXP_PREFIX)) {
+ return callbackUrl;
+ }
+
+ if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
+ callbackUrl = "regexp=(" + callbackUrl.replace(OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, tenantDomain)
+ + "|" + callbackUrl.replace("/t/" + OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, "") + ")";
+ } else {
+ callbackUrl = callbackUrl.replace(OAuth2Constants.TENANT_DOMAIN_PLACEHOLDER, tenantDomain);
+ }
+ return callbackUrl;
+ }
+ return null;
+ }
}
diff --git a/pom.xml b/pom.xml
index b7858cab821..ce089c1c0c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -890,7 +890,7 @@
[1.0.1, 2.0.0)
- 5.25.520
+ 5.25.640
[5.25.234, 7.0.0)