Merge branch 'master' of https://github.com/wso2/carbon-device-mgt

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/email/EmailConfigurations.java

@@ -28,6 +28,8 @@ public class EmailConfigurations {
     private int maxNumOfThread;
     private int keepAliveTime;
     private int threadQueueCapacity;
+    private String lBHostPortPrefix;
+    private String enrollmentContextPath;
 
     @XmlElement(name = "minimumThread", required = true)
     public int getMinNumOfThread() {
@@ -62,4 +64,22 @@ public class EmailConfigurations {
     public void setThreadQueueCapacity(int threadQueueCapacity) {
         this.threadQueueCapacity = threadQueueCapacity;
     }
+
+    @XmlElement(name = "LBHostPortPrefix", required = true)
+    public String getlBHostPortPrefix() {
+        return lBHostPortPrefix;
+    }
+
+    public void setlBHostPortPrefix(String lBHostPortPrefix) {
+        this.lBHostPortPrefix = lBHostPortPrefix;
+    }
+
+    @XmlElement(name = "enrollmentContextPath", required = true)
+    public String getEnrollmentContextPath() {
+        return enrollmentContextPath;
+    }
+
+    public void setEnrollmentContextPath(String enrollmentContextPath) {
+        this.enrollmentContextPath = enrollmentContextPath;
+    }
 }

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java

@@ -29,6 +29,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementExcept
 import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementPluginRepository;
 import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
+import org.wso2.carbon.device.mgt.core.config.email.EmailConfigurations;
 import org.wso2.carbon.device.mgt.core.config.email.NotificationMessages;
 import org.wso2.carbon.device.mgt.core.dao.*;
 import org.wso2.carbon.device.mgt.core.dto.DeviceType;
@@ -144,7 +145,9 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
                     this.modifyEnrollment(device);
                     status = true;
                 } else {
-                    this.setStatus(deviceIdentifier, existingEnrolmentInfo.getOwner(), EnrolmentInfo.Status.INACTIVE);
+                    if (!EnrolmentInfo.Status.REMOVED.equals(existingEnrolmentInfo.getStatus())) {
+                        this.setStatus(deviceIdentifier, existingEnrolmentInfo.getOwner(), EnrolmentInfo.Status.INACTIVE);
+                    }
                     int enrolmentId;
                     try {
                         DeviceManagementDAOFactory.beginTransaction();
@@ -494,6 +497,13 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
         StringBuilder messageBuilder = new StringBuilder();
 
         try {
+
+            // Reading the download url from the cdm-config.xml file
+            EmailConfigurations emailConfig =
+                    DeviceConfigurationManager.getInstance().getDeviceManagementConfig().
+                            getDeviceManagementConfigRepository().getEmailConfigurations();
+            emailMessageProperties.setEnrolmentUrl(emailConfig.getlBHostPortPrefix()+ emailConfig.getEnrollmentContextPath());
+
             messageHeader = messageHeader.replaceAll("\\{" + EmailConstants.EnrolmentEmailConstants.FIRST_NAME + "\\}",
                     URLEncoder.encode(emailMessageProperties.getFirstName(),
                             EmailConstants.EnrolmentEmailConstants.ENCODED_SCHEME));
@@ -549,6 +559,14 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
         StringBuilder messageBuilder = new StringBuilder();
 
         try {
+
+            // Reading the download url from the cdm-config.xml file
+            EmailConfigurations emailConfig =
+                    DeviceConfigurationManager.getInstance().getDeviceManagementConfig().
+                            getDeviceManagementConfigRepository().getEmailConfigurations();
+            emailMessageProperties.setEnrolmentUrl(emailConfig.getlBHostPortPrefix()+ emailConfig.getEnrollmentContextPath());
+
+
             messageHeader = messageHeader.replaceAll("\\{" + EmailConstants.EnrolmentEmailConstants.FIRST_NAME + "\\}",
                     URLEncoder.encode(emailMessageProperties.getFirstName(),
                             EmailConstants.EnrolmentEmailConstants.ENCODED_SCHEME));

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java

@@ -29,13 +29,14 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthen
 
 import javax.servlet.http.HttpServletResponse;
 import java.util.Arrays;
+import java.util.HashMap;
 import java.util.List;
 import java.util.StringTokenizer;
 
 public class WebappAuthenticationValve extends CarbonTomcatValve {
 
     private static final Log log = LogFactory.getLog(WebappAuthenticationValve.class);
-    private static final String BYPASS_URIS = "bypass-uris";
+    private static HashMap<String, String> nonSecuredEndpoints = new HashMap<>();
 
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
@@ -45,21 +46,6 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
             return;
         }
 
-        String byPassURIs = request.getContext().findParameter(WebappAuthenticationValve.BYPASS_URIS);
-
-        if (byPassURIs != null && !byPassURIs.isEmpty()) {
-            List<String> requestURI = Arrays.asList(byPassURIs.split(","));
-            if (requestURI != null && requestURI.size() > 0) {
-                for (String pathURI : requestURI) {
-                    pathURI = pathURI.replace("\n", "").replace("\r", "").trim();
-                    if (request.getRequestURI().equals(pathURI)) {
-                        this.getNext().invoke(request, response, compositeValve);
-                        return;
-                    }
-                }
-            }
-        }
-
         WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request);
         if (authenticator == null) {
             String msg = "Failed to load an appropriate authenticator to authenticate the request";
@@ -90,7 +76,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
 
     private boolean skipAuthentication(Request request) {
         String param = request.getContext().findParameter("doAuthentication");
-        return (param == null || !Boolean.parseBoolean(param));
+        return (param == null || !Boolean.parseBoolean(param) || isNonSecuredEndPoint(request));
     }
 
     private boolean isContextSkipped(Request request) {
@@ -112,6 +98,36 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
         return (ctx.equalsIgnoreCase("carbon") || ctx.equalsIgnoreCase("services"));
     }
 
+    private boolean isNonSecuredEndPoint(Request request) {
+        String uri = request.getRequestURI();
+        if(!uri.endsWith("/")) {
+            uri = uri + "/";
+        }
+        String ctx = request.getContextPath();
+        //Check the context in nonSecuredEndpoints. If so it means current context is a skippedContext.
+        if (nonSecuredEndpoints.containsKey(uri)) {
+            return true;
+        }
+        String param = request.getContext().findParameter("nonSecuredEndPoints");
+        String skippedEndPoint;
+        if (param != null && !param.isEmpty()) {
+            //Add the nonSecured end-points to cache
+            StringTokenizer tokenizer = new StringTokenizer(param, ",");
+            while (tokenizer.hasMoreTokens()) {
+                skippedEndPoint = ctx + tokenizer.nextToken();
+                skippedEndPoint = skippedEndPoint.replace("\n", "").replace("\r", "").trim();
+                if(!skippedEndPoint.endsWith("/")) {
+                    skippedEndPoint = skippedEndPoint + "/";
+                }
+                nonSecuredEndpoints.put(skippedEndPoint, "true");
+            }
+            if (nonSecuredEndpoints.containsKey(uri)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     private void processRequest(Request request, Response response, CompositeValve compositeValve,
                                 AuthenticationInfo authenticationInfo) {
         switch (authenticationInfo.getStatus()) {
@@ -121,7 +137,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
                 break;
             case FAILURE:
                 String msg = "Failed to authorize incoming request";
-                if(authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
+                if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
                     msg = authenticationInfo.getMessage();
                     response.setHeader("WWW-Authenticate", msg);
                 }
@@ -132,5 +148,4 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
                 break;
         }
     }
-
 }

features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/cdm-config.xml

@@ -29,6 +29,8 @@
             <maximumThread>100</maximumThread>
             <keepAliveTime>20</keepAliveTime>
             <ThreadQueueCapacity>1000</ThreadQueueCapacity>
+            <LBHostPortPrefix>https://localhost:9443</LBHostPortPrefix>
+            <enrollmentContextPath>/mdm/enrollment</enrollmentContextPath>
         </EmailClientConfiguration>
         <IdentityConfiguration>
             <ServerUrl>https://localhost:9443</ServerUrl>