mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
Merge pull request #619 from ayyoob/cloud-3.1.0
added logger trace and made api app registration to be device type specific
This commit is contained in:
Milan Perera
GitHub
commit
2a250371a2
@ -51,12 +51,4 @@ public interface ApiApplicationRegistrationService {
|
|||||||
@Path("register")
|
@Path("register")
|
||||||
Response register(RegistrationProfile registrationProfile);
|
Response register(RegistrationProfile registrationProfile);
|
||||||
|
|
||||||
/**
|
|
||||||
* This method is used to unregister an API application.
|
|
||||||
* @param applicationName name of the application that needs to be unregistered.
|
|
||||||
* @return the response status of request.
|
|
||||||
*/
|
|
||||||
@DELETE
|
|
||||||
@Path("unregister")
|
|
||||||
Response unregister(@QueryParam("applicationName") String applicationName);
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -18,6 +18,7 @@
|
|||||||
|
|
||||||
package org.wso2.carbon.apimgt.application.extension.api;
|
package org.wso2.carbon.apimgt.application.extension.api;
|
||||||
|
|
||||||
|
import org.apache.commons.lang.StringUtils;
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.json.simple.JSONObject;
|
import org.json.simple.JSONObject;
|
||||||
@ -95,6 +96,8 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
|||||||
return Response.status(Response.Status.NOT_ACCEPTABLE).entity("APIs(Tags) are not allowed to this user."
|
return Response.status(Response.Status.NOT_ACCEPTABLE).entity("APIs(Tags) are not allowed to this user."
|
||||||
).build();
|
).build();
|
||||||
}
|
}
|
||||||
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(PrivilegedCarbonContext.
|
||||||
|
getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName());
|
||||||
String username = APIUtil.getAuthenticatedUser();
|
String username = APIUtil.getAuthenticatedUser();
|
||||||
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
||||||
String validityPeriod;
|
String validityPeriod;
|
||||||
@ -103,35 +106,27 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
|||||||
} else {
|
} else {
|
||||||
validityPeriod = registrationProfile.getValidityPeriod();
|
validityPeriod = registrationProfile.getValidityPeriod();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
String applicationName = "devicetype_app_" + StringUtils.join(registrationProfile.getTags(), "_");
|
||||||
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
||||||
registrationProfile.getApplicationName(), registrationProfile.getTags(),
|
applicationName, registrationProfile.getTags(),
|
||||||
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username,
|
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username,
|
||||||
registrationProfile.isAllowedToAllDomains(), validityPeriod);
|
registrationProfile.isAllowedToAllDomains(), validityPeriod);
|
||||||
return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build();
|
return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build();
|
||||||
} catch (APIManagerException e) {
|
} catch (APIManagerException e) {
|
||||||
String msg = "Error occurred while registering an application '"
|
String msg = "Error occurred while registering an application with apis '"
|
||||||
+ registrationProfile.getApplicationName() + "'";
|
+ StringUtils.join(registrationProfile.getTags(), ",") + "'";
|
||||||
log.error(msg, e);
|
log.error(msg, e);
|
||||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("false").build();
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("false").build();
|
||||||
} catch (DeviceManagementException e) {
|
} catch (DeviceManagementException e) {
|
||||||
String msg = "Failed to retrieve the device service";
|
String msg = "Failed to retrieve the device service";
|
||||||
log.error(msg, e);
|
log.error(msg, e);
|
||||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||||
}
|
} catch (UserStoreException e) {
|
||||||
}
|
String msg = "Failed to access user space.";
|
||||||
|
|
||||||
@Path("unregister")
|
|
||||||
@DELETE
|
|
||||||
public Response unregister(@QueryParam("applicationName") String applicationName) {
|
|
||||||
try {
|
|
||||||
String username = APIUtil.getAuthenticatedUser() + "@" + APIUtil.getTenantDomainOftheUser();
|
|
||||||
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
|
||||||
apiManagementProviderService.removeAPIApplication(applicationName, username);
|
|
||||||
return Response.status(Response.Status.ACCEPTED).build();
|
|
||||||
} catch (APIManagerException e) {
|
|
||||||
String msg = "Error occurred while removing the application '" + applicationName;
|
|
||||||
log.error(msg, e);
|
log.error(msg, e);
|
||||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -30,9 +30,6 @@ import javax.xml.bind.annotation.XmlRootElement;
|
|||||||
|
|
||||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||||
public class RegistrationProfile {
|
public class RegistrationProfile {
|
||||||
|
|
||||||
@XmlElement(required = true)
|
|
||||||
private String applicationName;
|
|
||||||
@XmlElement(required = true)
|
@XmlElement(required = true)
|
||||||
private String tags[];
|
private String tags[];
|
||||||
@XmlElement(required = true)
|
@XmlElement(required = true)
|
||||||
@ -40,14 +37,6 @@ public class RegistrationProfile {
|
|||||||
@XmlElement(required = false)
|
@XmlElement(required = false)
|
||||||
private String validityPeriod;
|
private String validityPeriod;
|
||||||
|
|
||||||
public String getApplicationName() {
|
|
||||||
return applicationName;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setApiApplicationName(String apiApplicationName) {
|
|
||||||
this.applicationName = apiApplicationName;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String[] getTags() {
|
public String[] getTags() {
|
||||||
return tags;
|
return tags;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -37,16 +37,9 @@
|
|||||||
</Permission>
|
</Permission>
|
||||||
<Permission>
|
<Permission>
|
||||||
<name>Register application</name>
|
<name>Register application</name>
|
||||||
<path>/manage/api/subscribe</path>
|
<path>/device-mgt/device/api/subscribe</path>
|
||||||
<url>/register</url>
|
<url>/register</url>
|
||||||
<method>POST</method>
|
<method>POST</method>
|
||||||
<scope>application_user</scope>
|
<scope>application_user</scope>
|
||||||
</Permission>
|
</Permission>
|
||||||
<Permission>
|
|
||||||
<name>Delete application</name>
|
|
||||||
<path>/manage/api/subscribe</path>
|
|
||||||
<url>/unregister</url>
|
|
||||||
<method>DELETE</method>
|
|
||||||
<scope>application_user</scope>
|
|
||||||
</Permission>
|
|
||||||
</PermissionConfiguration>
|
</PermissionConfiguration>
|
||||||
@ -15,12 +15,15 @@
|
|||||||
package org.wso2.carbon.apimgt.integration.client;
|
package org.wso2.carbon.apimgt.integration.client;
|
||||||
|
|
||||||
import feign.Feign;
|
import feign.Feign;
|
||||||
|
import feign.Logger;
|
||||||
import feign.RequestInterceptor;
|
import feign.RequestInterceptor;
|
||||||
import feign.RequestTemplate;
|
import feign.RequestTemplate;
|
||||||
import feign.auth.BasicAuthRequestInterceptor;
|
import feign.auth.BasicAuthRequestInterceptor;
|
||||||
import feign.gson.GsonDecoder;
|
import feign.gson.GsonDecoder;
|
||||||
import feign.gson.GsonEncoder;
|
import feign.gson.GsonEncoder;
|
||||||
import feign.jaxrs.JAXRSContract;
|
import feign.jaxrs.JAXRSContract;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.wso2.carbon.apimgt.integration.client.configs.APIMConfigReader;
|
import org.wso2.carbon.apimgt.integration.client.configs.APIMConfigReader;
|
||||||
import org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException;
|
import org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException;
|
||||||
import org.wso2.carbon.apimgt.integration.client.internal.APIIntegrationClientDataHolder;
|
import org.wso2.carbon.apimgt.integration.client.internal.APIIntegrationClientDataHolder;
|
||||||
@ -47,10 +50,12 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
|||||||
private static final String REQUIRED_SCOPE =
|
private static final String REQUIRED_SCOPE =
|
||||||
"apim:api_create apim:api_view apim:api_publish apim:subscribe apim:tier_view apim:tier_manage " +
|
"apim:api_create apim:api_view apim:api_publish apim:subscribe apim:tier_view apim:tier_manage " +
|
||||||
"apim:subscription_view apim:subscription_block";
|
"apim:subscription_view apim:subscription_block";
|
||||||
|
private static final String APIM_SUBSCRIBE_SCOPE = "apim:subscribe";
|
||||||
private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000;
|
private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000;
|
||||||
private DCRClient dcrClient;
|
private DCRClient dcrClient;
|
||||||
private static OAuthApplication oAuthApplication;
|
private static OAuthApplication oAuthApplication;
|
||||||
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new HashMap<>();
|
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new HashMap<>();
|
||||||
|
private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates an interceptor that authenticates all requests.
|
* Creates an interceptor that authenticates all requests.
|
||||||
@ -58,8 +63,8 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
|||||||
public OAuthRequestInterceptor() {
|
public OAuthRequestInterceptor() {
|
||||||
String username = APIMConfigReader.getInstance().getConfig().getUsername();
|
String username = APIMConfigReader.getInstance().getConfig().getUsername();
|
||||||
String password = APIMConfigReader.getInstance().getConfig().getPassword();
|
String password = APIMConfigReader.getInstance().getConfig().getPassword();
|
||||||
dcrClient = Feign.builder().client(Utils.getSSLClient()).requestInterceptor(
|
dcrClient = Feign.builder().client(Utils.getSSLClient()).logger(Utils.getLogger(log)).logLevel(
|
||||||
new BasicAuthRequestInterceptor(username, password))
|
Logger.Level.FULL).requestInterceptor(new BasicAuthRequestInterceptor(username, password))
|
||||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||||
.target(DCRClient.class, Utils.replaceProperties(
|
.target(DCRClient.class, Utils.replaceProperties(
|
||||||
APIMConfigReader.getInstance().getConfig().getDcrEndpoint()));
|
APIMConfigReader.getInstance().getConfig().getDcrEndpoint()));
|
||||||
@ -95,7 +100,9 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
|||||||
REQUIRED_SCOPE);
|
REQUIRED_SCOPE);
|
||||||
tenantBasedAccessTokenInfo.setExpiresIn(
|
tenantBasedAccessTokenInfo.setExpiresIn(
|
||||||
System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000));
|
System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000));
|
||||||
tenantUserTokenMap.put(username, tenantBasedAccessTokenInfo);
|
if (tenantBasedAccessTokenInfo.getScopes().contains(APIM_SUBSCRIBE_SCOPE)) {
|
||||||
|
tenantUserTokenMap.put(username, tenantBasedAccessTokenInfo);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
if (tenantBasedAccessTokenInfo.getAccessToken() != null) {
|
if (tenantBasedAccessTokenInfo.getAccessToken() != null) {
|
||||||
|
|||||||
@ -18,9 +18,11 @@
|
|||||||
package org.wso2.carbon.apimgt.integration.client.publisher;
|
package org.wso2.carbon.apimgt.integration.client.publisher;
|
||||||
|
|
||||||
import feign.Feign;
|
import feign.Feign;
|
||||||
|
import feign.Logger;
|
||||||
import feign.RequestInterceptor;
|
import feign.RequestInterceptor;
|
||||||
import feign.gson.GsonDecoder;
|
import feign.gson.GsonDecoder;
|
||||||
import feign.gson.GsonEncoder;
|
import feign.gson.GsonEncoder;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.wso2.carbon.apimgt.integration.client.configs.APIMConfigReader;
|
import org.wso2.carbon.apimgt.integration.client.configs.APIMConfigReader;
|
||||||
import org.wso2.carbon.apimgt.integration.client.publisher.api.*;
|
import org.wso2.carbon.apimgt.integration.client.publisher.api.*;
|
||||||
@ -31,7 +33,7 @@ import org.wso2.carbon.core.util.Utils;
|
|||||||
*/
|
*/
|
||||||
public class PublisherClient {
|
public class PublisherClient {
|
||||||
|
|
||||||
private static final org.apache.commons.logging.Log log = LogFactory.getLog(PublisherClient.class);
|
private static final Log log = LogFactory.getLog(PublisherClient.class);
|
||||||
private APIsApi api = null;
|
private APIsApi api = null;
|
||||||
private APIDocumentApi document = null;
|
private APIDocumentApi document = null;
|
||||||
private ApplicationsApi application = null;
|
private ApplicationsApi application = null;
|
||||||
@ -46,8 +48,9 @@ public class PublisherClient {
|
|||||||
*/
|
*/
|
||||||
public PublisherClient(RequestInterceptor requestInterceptor) {
|
public PublisherClient(RequestInterceptor requestInterceptor) {
|
||||||
Feign.Builder builder = Feign.builder().client(
|
Feign.Builder builder = Feign.builder().client(
|
||||||
org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor(
|
org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).logger(
|
||||||
requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
|
org.wso2.carbon.apimgt.integration.client.util.Utils.getLogger(log)).logLevel(Logger.Level.FULL)
|
||||||
|
.requestInterceptor(requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
|
||||||
String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getPublisherEndpoint());
|
String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getPublisherEndpoint());
|
||||||
|
|
||||||
api = builder.target(APIsApi.class, basePath);
|
api = builder.target(APIsApi.class, basePath);
|
||||||
|
|||||||
@ -18,6 +18,7 @@
|
|||||||
package org.wso2.carbon.apimgt.integration.client.store;
|
package org.wso2.carbon.apimgt.integration.client.store;
|
||||||
|
|
||||||
import feign.Feign;
|
import feign.Feign;
|
||||||
|
import feign.Logger;
|
||||||
import feign.RequestInterceptor;
|
import feign.RequestInterceptor;
|
||||||
import feign.gson.GsonDecoder;
|
import feign.gson.GsonDecoder;
|
||||||
import feign.gson.GsonEncoder;
|
import feign.gson.GsonEncoder;
|
||||||
@ -46,8 +47,9 @@ public class StoreClient {
|
|||||||
public StoreClient(RequestInterceptor requestInterceptor) {
|
public StoreClient(RequestInterceptor requestInterceptor) {
|
||||||
|
|
||||||
Feign.Builder builder = Feign.builder().client(
|
Feign.Builder builder = Feign.builder().client(
|
||||||
org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor(
|
org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).logger(
|
||||||
requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
|
org.wso2.carbon.apimgt.integration.client.util.Utils.getLogger(log)).logLevel(Logger.Level.FULL)
|
||||||
|
.requestInterceptor(requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
|
||||||
String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getStoreEndpoint());
|
String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getStoreEndpoint());
|
||||||
|
|
||||||
apis = builder.target(ApisAPIApi.class, basePath);
|
apis = builder.target(ApisAPIApi.class, basePath);
|
||||||
|
|||||||
@ -27,10 +27,15 @@ import javax.net.ssl.SSLSession;
|
|||||||
import javax.net.ssl.SSLSocketFactory;
|
import javax.net.ssl.SSLSocketFactory;
|
||||||
import javax.net.ssl.TrustManager;
|
import javax.net.ssl.TrustManager;
|
||||||
import javax.net.ssl.X509TrustManager;
|
import javax.net.ssl.X509TrustManager;
|
||||||
|
import java.io.IOException;
|
||||||
import java.security.KeyManagementException;
|
import java.security.KeyManagementException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.util.regex.Matcher;
|
import java.util.regex.Matcher;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
import feign.Logger;
|
||||||
|
import feign.Request;
|
||||||
|
import feign.Response;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
|
||||||
public class Utils {
|
public class Utils {
|
||||||
|
|
||||||
@ -81,4 +86,31 @@ public class Utils {
|
|||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static Logger getLogger(final Log log) {
|
||||||
|
return new Logger() {
|
||||||
|
@Override
|
||||||
|
protected void log(String configKey, String format, Object... args) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug(String.format(methodTag(configKey) + format, args));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void logRequest(String configKey, Level logLevel, Request request) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
super.logRequest(configKey, logLevel, request);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected Response logAndRebufferResponse(String configKey, Level logLevel, Response response,
|
||||||
|
long elapsedTime) throws IOException {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
return super.logAndRebufferResponse(configKey, logLevel, response, elapsedTime);
|
||||||
|
}
|
||||||
|
return response;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -30,7 +30,7 @@
|
|||||||
"enabled": true,
|
"enabled": true,
|
||||||
"issuer" : "devicemgt",
|
"issuer" : "devicemgt",
|
||||||
"appName" : "devicemgt",
|
"appName" : "devicemgt",
|
||||||
"identityProviderUrl" : "https://%iot.keymanager.host%:%iot.keymanager.https.port%/samlsso",
|
"identityProviderUrl" : "https://%carbon.local.ip%:%iot.keymanager.https.port%/samlsso",
|
||||||
"acs": "https://%iot.manager.host%:%iot.manager.https.port%/devicemgt/uuf/sso/acs",
|
"acs": "https://%iot.manager.host%:%iot.manager.https.port%/devicemgt/uuf/sso/acs",
|
||||||
"identityAlias": "wso2carbon",
|
"identityAlias": "wso2carbon",
|
||||||
"responseSigningEnabled" : true,
|
"responseSigningEnabled" : true,
|
||||||
|
|||||||
@ -30,11 +30,12 @@ application.put("carbonServer", carbonServer);
|
|||||||
|
|
||||||
var permissions = {
|
var permissions = {
|
||||||
"/permission/admin/Login": ["ui.execute"],
|
"/permission/admin/Login": ["ui.execute"],
|
||||||
"/permission/admin/manage/api/subscribe": ["ui.execute"]
|
"/permission/admin/device-mgt/device/api/subscribe": ["ui.execute"]
|
||||||
};
|
};
|
||||||
|
|
||||||
var adminPermissions = {
|
var adminPermissions = {
|
||||||
"/permission/admin": ["ui.execute"]
|
"/permission/admin/device-mgt": ["ui.execute"],
|
||||||
|
"/permission/admin/manage/api": ["ui.execute"]
|
||||||
};
|
};
|
||||||
|
|
||||||
//On Startup, admin user will get both roles: devicemgt-admin and devicemgt-user
|
//On Startup, admin user will get both roles: devicemgt-admin and devicemgt-user
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user