Improving performance of token validation service invocation

components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/src/main/java/org/wso2/carbon/dynamic/client/web/proxy/OAuthEndpointProxy.java

@@ -60,15 +60,7 @@ public class OAuthEndpointProxy {
             int status = serverResponse.getStatusLine().getStatusCode();
             String resp = EntityUtils.toString(responseData, Constants.CharSets.CHARSET_UTF_8);
             response = Response.status(DCRProxyUtils.getResponseStatus(status)).entity(resp).build();
-        } catch (URISyntaxException e) {
+        } catch (URISyntaxException | IOException e) {
-            String msg = "Service invoke error occurred while registering client";
-            log.error(msg, e);
-            response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
-        } catch (UnsupportedEncodingException e) {
-            String msg = "Service invoke error occurred while registering client";
-            log.error(msg, e);
-            response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
-        } catch (IOException e) {
             String msg = "Service invoke error occurred while registering client";
             log.error(msg, e);
             response = Response.status(javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml

@@ -110,9 +110,7 @@
                             org.apache.commons.httpclient.params,
                             org.apache.commons.pool,
                             org.apache.commons.pool.impl,
-                            org.apache.http.client,
                             org.apache.http.conn,
-                            org.apache.http.impl.client,
                             org.apache.http.impl.conn
                         </Import-Package>
                     </instructions>

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java

@@ -63,8 +63,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public String getProperty(String name) {
+    public void setProperties(Properties properties) {
-        return null;
+
     }
 
     @Override
@@ -73,8 +73,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public void setProperties(Properties properties) {
+    public String getProperty(String name) {
-
+        return null;
     }
 
     private Credentials getCredentials(Request request) {

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java

@@ -101,8 +101,8 @@ public class CertificateAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public String getProperty(String name) {
+    public void setProperties(Properties properties) {
-        return null;
+
     }
 
     @Override
@@ -111,8 +111,8 @@ public class CertificateAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public void setProperties(Properties properties) {
+    public String getProperty(String name) {
-
+        return null;
     }
 
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java

@@ -145,8 +145,8 @@ public class JWTAuthenticator implements WebappAuthenticator {
 	}
 
     @Override
-    public String getProperty(String name) {
+    public void setProperties(Properties properties) {
-        return null;
+
     }
 
     @Override
@@ -155,8 +155,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public void setProperties(Properties properties) {
+    public String getProperty(String name) {
-
+        return null;
     }
-
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java

@@ -18,7 +18,6 @@
  */
 package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 
-import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -27,7 +26,6 @@ import org.apache.tomcat.util.buf.MessageBytes;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
-import org.wso2.carbon.webapp.authenticator.framework.Constants;
 import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
@@ -43,53 +41,51 @@ public class OAuthAuthenticator implements WebappAuthenticator {
 
     private static final String OAUTH_AUTHENTICATOR = "OAuth";
     private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s";
-    private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN);
+    private static final Pattern PATTERN = Pattern.compile("[B|b]earer\\s");
     private static final String BEARER_TOKEN_TYPE = "bearer";
     private static final String RESOURCE_KEY = "resource";
-
     private Properties properties;
     private OAuth2TokenValidator tokenValidator;
-
     private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
 
-    @Override
     public void init() {
-        if (properties == null) {
+        if (this.properties == null) {
-            throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator are " +
+            throw new IllegalArgumentException("Required properties needed to initialize OAuthAuthenticator " +
-                    "not provided");
+                    "are not provided");
         }
-        String url = properties.getProperty("TokenValidationEndpointUrl");
+
-        if (url == null || url.isEmpty()) {
+        String url = this.properties.getProperty("TokenValidationEndpointUrl");
+        if ((url == null) || (url.isEmpty())) {
             throw new IllegalArgumentException("OAuth token validation endpoint url is not provided");
         }
-        String adminUsername = properties.getProperty("Username");
+        String adminUsername = this.properties.getProperty("Username");
         if (adminUsername == null) {
-            throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint is " +
+            throw new IllegalArgumentException("Username to connect to the OAuth token validation endpoint " +
-                    "not provided");
+                    "is not provided");
         }
-        String adminPassword = properties.getProperty("Password");
+
+        String adminPassword = this.properties.getProperty("Password");
         if (adminPassword == null) {
-            throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint is " +
+            throw new IllegalArgumentException("Password to connect to the OAuth token validation endpoint " +
-                    "not provided");
+                    "is not provided");
         }
-        boolean isRemote = Boolean.parseBoolean(properties.getProperty("IsRemote"));
+
+        boolean isRemote = Boolean.parseBoolean(this.properties.getProperty("IsRemote"));
 
         Properties validatorProperties = new Properties();
-        validatorProperties.setProperty("MaxTotalConnections", properties.getProperty("MaxTotalConnections"));
+        validatorProperties.setProperty("MaxTotalConnections", this.properties.getProperty("MaxTotalConnections"));
-        validatorProperties.setProperty("MaxConnectionsPerHost", properties.getProperty("MaxConnectionsPerHost"));
+        validatorProperties.setProperty("MaxConnectionsPerHost", this.properties.getProperty("MaxConnectionsPerHost"));
         this.tokenValidator =
-                OAuthValidatorFactory.getNewValidator(url, adminUsername, adminPassword, isRemote, validatorProperties);
+                OAuthValidatorFactory.getValidator(url, adminUsername, adminPassword, isRemote, validatorProperties);
     }
 
-    @Override
+    public boolean canHandle(org.apache.catalina.connector.Request request) {
-    public boolean canHandle(Request request) {
+        MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
-        MessageBytes authorization =
+
-                request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
-        String tokenValue;
         if (authorization != null) {
             authorization.toBytes();
             ByteChunk authBC = authorization.getByteChunk();
-            tokenValue = authBC.toString();
+            String tokenValue = authBC.toString();
             Matcher matcher = PATTERN.matcher(tokenValue);
             if (matcher.find()) {
                 return true;
@@ -98,49 +94,46 @@ public class OAuthAuthenticator implements WebappAuthenticator {
         return false;
     }
 
-    @Override
+    public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
-    public AuthenticationInfo authenticate(Request request, Response response) {
         String requestUri = request.getRequestURI();
         String requestMethod = request.getMethod();
         AuthenticationInfo authenticationInfo = new AuthenticationInfo();
-        if (requestUri == null || "".equals(requestUri)) {
+        if ((requestUri == null) || ("".equals(requestUri))) {
-            authenticationInfo.setStatus(Status.CONTINUE);
+            authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
             return authenticationInfo;
         }
 
         StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
         String context = tokenizer.nextToken();
-        if (context == null || "".equals(context)) {
+        if ((context == null) || ("".equals(context))) {
-            authenticationInfo.setStatus(Status.CONTINUE);
+            authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
         }
         String apiVersion = tokenizer.nextToken();
-        //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
+
         String authLevel = "any";
         try {
-            if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
+            if ("noMatchedAuthScheme".equals(authLevel)) {
-                AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,
+                AuthenticationFrameworkUtil.handleNoMatchAuthScheme(
-                                                                    context);
+                        request, response, requestMethod, apiVersion, context);
-                authenticationInfo.setStatus(Status.CONTINUE);
+
+                authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
             } else {
-                String bearerToken = this.getBearerToken(request);
+                String bearerToken = getBearerToken(request);
-                //Set the resource context param. This will be used in scope validation.
+
                 String resource = requestUri + ":" + requestMethod;
 
-                OAuthValidationResponse oAuthValidationResponse = tokenValidator.validateToken(bearerToken, resource);
+                OAuthValidationResponse oAuthValidationResponse =
+                        this.tokenValidator.validateToken(bearerToken, resource);
 
                 if (oAuthValidationResponse.isValid()) {
                     String username = oAuthValidationResponse.getUserName();
                     String tenantDomain = oAuthValidationResponse.getTenantDomain();
-                    //Remove the userstore domain from username
+
-                    /*if (username.contains("/")) {
-                        username = username.substring(username.indexOf('/') + 1);
-                    }*/
                     authenticationInfo.setUsername(username);
                     authenticationInfo.setTenantDomain(tenantDomain);
                     authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username + "@" + tenantDomain));
-                    if (oAuthValidationResponse.isValid()) {
+                    if (oAuthValidationResponse.isValid())
-                        authenticationInfo.setStatus(Status.CONTINUE);
+                        authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
-                    }
                 } else {
                     authenticationInfo.setMessage(oAuthValidationResponse.getErrorMsg());
                 }
@@ -153,33 +146,28 @@ public class OAuthAuthenticator implements WebappAuthenticator {
         return authenticationInfo;
     }
 
-    @Override
     public String getName() {
-        return OAuthAuthenticator.OAUTH_AUTHENTICATOR;
+        return "OAuth";
     }
 
-    @Override
     public String getProperty(String name) {
-        if (properties == null) {
+        if (this.properties == null) {
             return null;
         }
-        return properties.getProperty(name);
+        return this.properties.getProperty(name);
     }
 
-    @Override
     public Properties getProperties() {
-        return properties;
+        return this.properties;
     }
 
-    @Override
     public void setProperties(Properties properties) {
         this.properties = properties;
     }
 
-    private String getBearerToken(Request request) {
+    private String getBearerToken(org.apache.catalina.connector.Request request) {
-        MessageBytes authorization =
+        MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("Authorization");
-                request.getCoyoteRequest().getMimeHeaders().
+
-                        getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
         String tokenValue = null;
         if (authorization != null) {
             authorization.toBytes();

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java

@@ -38,10 +38,10 @@ public interface WebappAuthenticator {
 
     String getName();
 
-    String getProperty(String name);
+    void setProperties(Properties properties);
 
     Properties getProperties();
 
-    void setProperties(Properties properties);
+    String getProperty(String name);
 
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuth2TokenValidator.java

@@ -31,5 +31,4 @@ public interface OAuth2TokenValidator {
      * @return OAuthValidationResponse with the validated results.
      */
     OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException;
-
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/OAuthValidatorFactory.java

@@ -29,61 +29,18 @@ import java.util.Properties;
  */
 public class OAuthValidatorFactory {
 
-    private static final String AUTHENTICATOR_CONFIG_IS_REMOTE = "isRemote";
+    public static OAuth2TokenValidator getValidator(String url, String adminUsername, String adminPassword,
-    private static final String AUTHENTICATOR_CONFIG_HOST_URL = "hostURL";
+                                                    boolean isRemote, Properties properties)
-    private static final String AUTHENTICATOR_CONFIG_ADMIN_USERNAME = "adminUsername";
+            throws IllegalArgumentException
-    private static final String AUTHENTICATOR_CONFIG_ADMIN_PASSWORD = "adminPassword";
+    {
-    private static final String AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME = "OAuthAuthenticator";
-    private static final String OAUTH_ENDPOINT_POSTFIX =
-            "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
-
-    /**
-     * This factory method checks the authenticators.xml configuration file and provides an appropriate implementation
-     * of OAuth2TokenValidator.
-     *
-     * @return OAuth2TokenValidator
-     */
-    public static OAuth2TokenValidator getValidator() throws IllegalArgumentException {
-        AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
-        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = authenticatorsConfiguration.
-                getAuthenticatorConfig(AUTHENTICATOR_CONFIG_OAUTH_AUTHENTICATOR_NAME);
-        boolean isRemote;
-        String hostUrl;
-        String adminUserName;
-        String adminPassword;
-        if (authenticatorConfig != null && authenticatorConfig.getParameters() != null) {
-            isRemote = Boolean.parseBoolean(authenticatorConfig.getParameters().get(
-                    AUTHENTICATOR_CONFIG_IS_REMOTE));
-            hostUrl = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_HOST_URL);
-            adminUserName = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_USERNAME);
-            adminPassword = authenticatorConfig.getParameters().get(AUTHENTICATOR_CONFIG_ADMIN_PASSWORD);
-        } else {
-            throw new IllegalArgumentException("OAuth Authenticator configuration parameters need to be defined in " +
-                    "Authenticators.xml.");
-        }
         if (isRemote) {
-            if (!(hostUrl == null || hostUrl.trim().isEmpty())) {
+            if ((url != null) && (!url.trim().isEmpty())) {
-                hostUrl = hostUrl + OAUTH_ENDPOINT_POSTFIX;
+                url = url + "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
-                return new RemoteOAuthValidator(hostUrl, adminUserName, adminPassword, null);
-            } else {
-                throw new IllegalArgumentException("Remote server host can't be empty in authenticators.xml.");
-            }
-        }
-        return new LocalOAuthValidator();
-    }
-
-    public static OAuth2TokenValidator getNewValidator(
-            String url, String adminUsername, String adminPassword, boolean isRemote,
-            Properties properties) throws IllegalArgumentException {
-        if (isRemote) {
-            if (!(url == null || url.trim().isEmpty())) {
-                url = url + OAUTH_ENDPOINT_POSTFIX;
                 return new RemoteOAuthValidator(url, adminUsername, adminPassword, properties);
-            } else {
-                throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator " +
-                        "configuration.");
             }
+            throw new IllegalArgumentException("Remote server host can't be empty in OAuthAuthenticator configuration.");
         }
+
         return new LocalOAuthValidator();
     }
 

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java

@@ -17,15 +17,8 @@
  */
 package org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.impl;
 
-import org.apache.axis2.AxisFault;
-import org.apache.axis2.client.Options;
-import org.apache.axis2.client.ServiceClient;
-import org.apache.axis2.transport.http.HTTPConstants;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.httpclient.Header;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.apache.commons.pool.ObjectPool;
 import org.apache.commons.pool.impl.GenericObjectPool;
 import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
 import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO;
@@ -35,13 +28,10 @@ import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
 import org.wso2.carbon.webapp.authenticator.framework.Utils.OAuthTokenValidationStubFactory;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthConstants;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
 
 import java.rmi.RemoteException;
-import java.util.ArrayList;
-import java.util.List;
 import java.util.Properties;
 
 /**
@@ -50,39 +40,30 @@ import java.util.Properties;
 public class RemoteOAuthValidator implements OAuth2TokenValidator {
 
     private GenericObjectPool stubs;
-
     private static final Log log = LogFactory.getLog(RemoteOAuthValidator.class);
 
     public RemoteOAuthValidator(String hostURL, String adminUserName, String adminPassword, Properties properties) {
-        this.stubs = new GenericObjectPool(
+        this.stubs = new GenericObjectPool(new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties));
-                new OAuthTokenValidationStubFactory(hostURL, adminUserName, adminPassword, properties));
     }
 
-    @Override
+    public OAuthValidationResponse validateToken(String accessToken, String resource) throws OAuthTokenValidationException {
-    public OAuthValidationResponse validateToken(String accessToken,
-                                                 String resource) throws OAuthTokenValidationException {
         OAuth2TokenValidationServiceStub stub = null;
         OAuth2TokenValidationResponseDTO validationResponse;
         try {
-            OAuth2TokenValidationRequestDTO validationRequest = this.createValidationRequest(accessToken, resource);
+            OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
-            stub = (OAuth2TokenValidationServiceStub) stubs.borrowObject();
+            stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
-            validationResponse = stub.
+            validationResponse = stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
-                    findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
         } catch (RemoteException e) {
-            throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " +
+            throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote IS server for OAuth2 token validation.", e);
-                    "IS server for OAuth2 token validation.", e);
         } catch (Exception e) {
-            /* In this particular instance, generic exceptions are caught as enforced by the pooling library
+            throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation service stub from the pool", e);
-            used to pool stubs created to invoke OAuth token validation service */
-            throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " +
-                    "service stub from the pool", e);
         } finally {
             try {
-                stubs.returnObject(stub);
+                this.stubs.returnObject(stub);
             } catch (Exception e) {
-                log.warn("Error occurred while returning the object back to the oauth token validation service " +
+                log.warn("Error occurred while returning the object back to the oauth token validation service    stub pool", e);
-                        "   stub pool", e);
             }
+
         }
 
         if (validationResponse == null) {
@@ -92,41 +73,38 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator {
             return null;
         }
 
-        String userName;
-        String tenantDomain;
         boolean isValid = validationResponse.getValid();
+        String tenantDomain;
+        String username;
         if (isValid) {
-            userName = MultitenantUtils.getTenantAwareUsername(
+            username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
-                    validationResponse.getAuthorizedUser());
             tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
         } else {
             OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
             oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
             return oAuthValidationResponse;
         }
-        return new OAuthValidationResponse(userName, tenantDomain, isValid);
+        return new OAuthValidationResponse(username, tenantDomain, isValid);
     }
 
     private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {
         OAuth2TokenValidationRequestDTO validationRequest = new OAuth2TokenValidationRequestDTO();
-        OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken =
+        OAuth2TokenValidationRequestDTO_OAuth2AccessToken oauthToken = new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
-                new OAuth2TokenValidationRequestDTO_OAuth2AccessToken();
+
-        oauthToken.setTokenType(OAuthConstants.BEARER_TOKEN_TYPE);
+        oauthToken.setTokenType("bearer");
         oauthToken.setIdentifier(accessToken);
         validationRequest.setAccessToken(oauthToken);
 
-        //Set the resource context param. This will be used in scope validation.
+        OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
-        OAuth2TokenValidationRequestDTO_TokenValidationContextParam resourceContextParam = new
+
-                OAuth2TokenValidationRequestDTO_TokenValidationContextParam();
+        resourceContextParam.setKey("resource");
-        resourceContextParam.setKey(OAuthConstants.RESOURCE_KEY);
         resourceContextParam.setValue(resource);
 
-        OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams =
+        OAuth2TokenValidationRequestDTO_TokenValidationContextParam[] tokenValidationContextParams = new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
-                new OAuth2TokenValidationRequestDTO_TokenValidationContextParam[1];
+
         tokenValidationContextParams[0] = resourceContextParam;
         validationRequest.setContext(tokenValidationContextParams);
 
         return validationRequest;
     }
-
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/config/AuthenticatorConfig.java

@@ -46,24 +46,23 @@ public class AuthenticatorConfig {
         this.className = className;
     }
 
-    @XmlElementWrapper(name = "Parameters", nillable = true)
+    @XmlElementWrapper(name="Parameters", nillable=true)
-    @XmlElement(name = "Parameter", nillable = false)
+    @XmlElement(name="Parameter", nillable=false)
     public List<Parameter> getParams() {
-        return params;
+        return this.params;
     }
 
     public void setParams(List<Parameter> params) {
         this.params = params;
     }
-
+    @XmlRootElement(name="Parameter")
-    @XmlRootElement(name = "Parameter")
     public static class Parameter {
         private String name;
         private String value;
 
-        @XmlAttribute(name = "Name")
+        @XmlAttribute(name="Name")
         public String getName() {
-            return name;
+            return this.name;
         }
 
         public void setName(String name) {
@@ -72,13 +71,12 @@ public class AuthenticatorConfig {
 
         @XmlValue
         public String getValue() {
-            return value;
+            return this.value;
         }
 
         public void setValue(String value) {
             this.value = value;
         }
-
     }
 
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java

@@ -78,9 +78,9 @@ public class WebappAuthenticatorFrameworkServiceComponent {
             WebappAuthenticatorConfig.init();
             WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository();
             for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) {
-                WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()).
+                WebappAuthenticator authenticator = (WebappAuthenticator)Class.forName(config.getClassName()).newInstance();
-                        newInstance();
+
-                if (config.getParams() != null && !config.getParams().isEmpty()) {
+                if ((config.getParams() != null) && (!config.getParams().isEmpty())) {
                     Properties properties = new Properties();
                     for (AuthenticatorConfig.Parameter param : config.getParams()) {
                         properties.setProperty(param.getName(), param.getValue());
@@ -100,7 +100,7 @@ public class WebappAuthenticatorFrameworkServiceComponent {
                 log.debug("Web Application Authenticator Framework Bundle has been started successfully");
             }
         } catch (Throwable e) {
-                log.error("Error occurred while initializing the bundle", e);
+            log.error("Error occurred while initializing the bundle", e);
         }
     }
 

features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml

@@ -3,14 +3,6 @@
 		<Authenticator>
 			<Name>OAuth</Name>
 			<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName>
-            <Parameters>
-                <Parameter Name="TokenValidationEndpointUrl">https://localhost:9443</Parameter>
-                <Parameter Name="Username">admin</Parameter>
-                <Parameter Name="Password">admin</Parameter>
-                <Parameter Name="IsRemote">true</Parameter>
-                <Parameter Name="MaxConnectionsPerHost">10000</Parameter>
-                <Parameter Name="MaxTotalConnections">10000</Parameter>
-            </Parameters>
 		</Authenticator>
         <Authenticator>
             <Name>BasicAuth</Name>

pom.xml

@@ -1263,6 +1263,7 @@
                 <artifactId>neethi</artifactId>
                 <version>${neethi.version}</version>
             </dependency>
+
             <dependency>
                 <groupId>commons-pool.wso2</groupId>
                 <artifactId>commons-pool</artifactId>
@@ -1278,6 +1279,7 @@
                 <artifactId>commons-httpclient</artifactId>
                 <version>${commons.httpclient.version}</version>
             </dependency>
+
         </dependencies>
     </dependencyManagement>
 
@@ -1580,6 +1582,7 @@
         <commons.pool.wso2.version>1.5.6.wso2v1</commons.pool.wso2.version>
         <httpcomponents.httpclient.version>4.2.3.wso2v1</httpcomponents.httpclient.version>
         <commons.httpclient.version>3.1.0.wso2v2</commons.httpclient.version>
+
     </properties>
 
 </project>