Merge pull request #1535 from Migara-Pramod/auth-access-token-request…

…-body-fix

Sending access token through request body to oauth2/userinfo

components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/user/OpenIDConnectUserEndpoint.java

@@ -26,13 +26,17 @@
 import org.apache.oltu.oauth2.common.message.OAuthResponse;
 import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes;
 import org.wso2.carbon.identity.oauth.common.OAuthConstants;
+import org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper;
 import org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoEndpointConfig;
 import org.wso2.carbon.identity.oauth.user.UserInfoAccessTokenValidator;
 import org.wso2.carbon.identity.oauth.user.UserInfoEndpointException;
 import org.wso2.carbon.identity.oauth.user.UserInfoRequestValidator;
 import org.wso2.carbon.identity.oauth.user.UserInfoResponseBuilder;
 import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
 
+import java.util.List;
+import java.util.Map;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.Consumes;
@@ -41,6 +45,7 @@
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 
@@ -99,9 +104,10 @@ public Response getUserClaims(@Context HttpServletRequest request) throws OAuthS
     @Path("/")
     @Consumes("application/x-www-form-urlencoded")
     @Produces("application/json")
-    public Response getUserClaimsPost(@Context HttpServletRequest request) throws OAuthSystemException {
+    public Response getUserClaimsPost(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap)
+            throws OAuthSystemException {
 
-        return getUserClaims(request);
+        return getUserClaims(new OAuthRequestWrapper(request, (Map<String, List<String>>) paramMap));
     }
 
     private ResponseBuilder getResponseBuilderWithCacheControlHeaders() {

components/org.wso2.carbon.identity.oauth.endpoint/src/test/java/org/wso2/carbon/identity/oauth/endpoint/user/OpenIDConnectUserEndpointTest.java

@@ -37,9 +37,11 @@
 import org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest;
 
 import java.lang.reflect.Method;
+import java.util.Enumeration;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.MultivaluedHashMap;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
@@ -82,10 +84,14 @@ public class OpenIDConnectUserEndpointTest extends PowerMockIdentityBaseTest {
 
     private OpenIDConnectUserEndpoint openIDConnectUserEndpoint;
 
+    private MultivaluedMap<String, String> paramMap;
+
     @BeforeTest
     public void setUp() throws Exception {
 
         openIDConnectUserEndpoint = new OpenIDConnectUserEndpoint();
+        paramMap = new MultivaluedHashMap<>();
+        paramMap.add("access_token", "ca19a540f544777860e44e75f605d927");
     }
 
     @DataProvider(name = "provideDataForGetUserClaims")
@@ -158,7 +164,18 @@ public void testGetUserClaims(String authResponse, String errorMessage, String e
         assertNotNull(response);
         assertEquals(response.getEntity().toString(), authResponse, "Response values are not same");
 
-        openIDConnectUserEndpoint.getUserClaimsPost(httpServletRequest);
+        when(httpServletRequest.getParameterNames()).thenReturn(new Enumeration<String>() {
+            @Override
+            public boolean hasMoreElements() {
+                return false;
+            }
+
+            @Override
+            public String nextElement() {
+                return null;
+            }
+        });
+        openIDConnectUserEndpoint.getUserClaimsPost(httpServletRequest, paramMap);
     }
 
 }