community/device-mgt-core
1
0
Fork 0
mirror of https://repository.entgra.net/community/device-mgt-core.git synced 2025-10-06 02:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://repository.entgra.net:222/community/device-mgt-core

Browse Source
This commit is contained in:
Charitha Goonetilleke 2024-11-01 09:17:43 +05:30
commit 39e16c41f0
8 changed files with 79 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/dao/impl/GenericCertificateDAOImpl.java
View File

@ -139,7 +139,7 @@ public class GenericCertificateDAOImpl extends AbstractCertificateDAOImpl {
isCertificateUsernameProvided = true; isCertificateUsernameProvided = true;
} }
query += "ORDER BY ID LIMIT ?,?"; query += "ORDER BY ID DESC LIMIT ?,?";
try (PreparedStatement stmt = conn.prepareStatement(query)) { try (PreparedStatement stmt = conn.prepareStatement(query)) {
int paramIdx = 1; int paramIdx = 1;

2
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/dao/impl/OracleCertificateDAOImpl.java
View File

@ -78,7 +78,7 @@ public class OracleCertificateDAOImpl extends AbstractCertificateDAOImpl {
isCertificateUsernameProvided = true; isCertificateUsernameProvided = true;
} }
query += "ORDER BY ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY"; query += "ORDER BY ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
try (PreparedStatement stmt = conn.prepareStatement(query)) { try (PreparedStatement stmt = conn.prepareStatement(query)) {
int paramIdx = 1; int paramIdx = 1;

2
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/dao/impl/PostgreSQLCertificateDAOImpl.java
View File

@ -78,7 +78,7 @@ public class PostgreSQLCertificateDAOImpl extends AbstractCertificateDAOImpl {
isCertificateUsernameProvided = true; isCertificateUsernameProvided = true;
} }
query += "ORDER BY ID LIMIT ? OFFSET ?"; query += "ORDER BY ID DESC LIMIT ? OFFSET ?";
try (PreparedStatement stmt = conn.prepareStatement(query)) { try (PreparedStatement stmt = conn.prepareStatement(query)) {
int paramIdx = 1; int paramIdx = 1;

2
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/dao/impl/SQLServerCertificateDAOImpl.java
View File

@ -78,7 +78,7 @@ public class SQLServerCertificateDAOImpl extends AbstractCertificateDAOImpl {
isCertificateUsernameProvided = true; isCertificateUsernameProvided = true;
} }
query += "ORDER BY ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY"; query += "ORDER BY ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
try (PreparedStatement stmt = conn.prepareStatement(query)) { try (PreparedStatement stmt = conn.prepareStatement(query)) {
int paramIdx = 1; int paramIdx = 1;

31
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/impl/CertificateGenerator.java
View File

@ -29,6 +29,7 @@ import io.entgra.device.mgt.core.certificate.mgt.core.util.CertificateManagement
import io.entgra.device.mgt.core.certificate.mgt.core.util.CommonUtil; import io.entgra.device.mgt.core.certificate.mgt.core.util.CommonUtil;
import io.entgra.device.mgt.core.certificate.mgt.core.util.Serializer; import io.entgra.device.mgt.core.certificate.mgt.core.util.Serializer;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Encodable;
@ -429,19 +430,34 @@ public class CertificateGenerator {
generateCertificate(byteArrayInputStream); generateCertificate(byteArrayInputStream);
if (reqCert != null && reqCert.getSerialNumber() != null) { if (reqCert != null && reqCert.getSerialNumber() != null) {
log.debug("looking up certificate for serial: " + reqCert.getSerialNumber().toString()); if (log.isDebugEnabled()) {
CertificateResponse lookUpCertificate = keyStoreReader.getCertificateBySerial( log.debug("looking up certificate for serial: " + reqCert.getSerialNumber().toString());
reqCert.getSerialNumber().toString()); }
String orgUnit = CommonUtil.getSubjectDnAttribute(reqCert,
CertificateManagementConstants.ORG_UNIT_ATTRIBUTE);
CertificateResponse lookUpCertificate;
if (StringUtils.isNotEmpty(orgUnit)) {
int tenantId = Integer.parseInt(orgUnit.split(("_"))[1]);
lookUpCertificate = keyStoreReader.getCertificateBySerial(reqCert.getSerialNumber().toString(),
tenantId);
} else {
lookUpCertificate = keyStoreReader.getCertificateBySerial(
reqCert.getSerialNumber().toString());
}
if (lookUpCertificate != null && lookUpCertificate.getCertificate() != null) { if (lookUpCertificate != null && lookUpCertificate.getCertificate() != null) {
log.debug("certificate found for serial: " + reqCert.getSerialNumber() if (log.isDebugEnabled()) {
.toString()); log.debug("certificate found for serial: " + reqCert.getSerialNumber()
.toString());
}
Certificate certificate = (Certificate) Serializer.deserialize(lookUpCertificate.getCertificate()); Certificate certificate = (Certificate) Serializer.deserialize(lookUpCertificate.getCertificate());
if (certificate instanceof X509Certificate) { if (certificate instanceof X509Certificate) {
return (X509Certificate) certificate; return (X509Certificate) certificate;
} }
} else { } else {
log.debug("certificate not found for serial: " + reqCert.getSerialNumber() if (log.isDebugEnabled()) {
.toString()); log.debug("certificate not found for serial: " + reqCert.getSerialNumber()
.toString());
}
} }
} }
@ -464,7 +480,6 @@ public class CertificateGenerator {
log.error(errorMsg); log.error(errorMsg);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} }
return null; return null;
} }

1
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/util/CertificateManagementConstants.java
View File

@ -35,6 +35,7 @@ public final class CertificateManagementConstants {
public static final String DES_EDE = "DESede"; public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location"; public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK"; public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String ORG_UNIT_ATTRIBUTE = "OU=";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n"; public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----"; public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = ""; public static final String EMPTY_TEXT = "";

26
components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/src/main/java/io/entgra/device/mgt/core/certificate/mgt/core/util/CommonUtil.java
View File

@ -17,7 +17,10 @@
*/ */
package io.entgra.device.mgt.core.certificate.mgt.core.util; package io.entgra.device.mgt.core.certificate.mgt.core.util;
import org.apache.commons.lang.StringUtils;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Calendar; import java.util.Calendar;
import java.util.Date; import java.util.Date;
@ -42,4 +45,27 @@ public class CommonUtil {
public static synchronized BigInteger generateSerialNumber() { public static synchronized BigInteger generateSerialNumber() {
return BigInteger.valueOf(System.currentTimeMillis()); return BigInteger.valueOf(System.currentTimeMillis());
} }
/**
* Returns the value of the given attribute from the subject distinguished name. eg: "entgra.net"
* from "CN=entgra.net"
* @param requestCertificate {@link X509Certificate} that needs to extract an attribute from
* @param attribute the attribute name that needs to be extracted from the cert. eg: "CN="
* @return the value of the attribute
*/
public static String getSubjectDnAttribute(X509Certificate requestCertificate, String attribute) {
String distinguishedName = requestCertificate.getSubjectDN().getName();
if (StringUtils.isNotEmpty(distinguishedName)) {
String[] dnSplits = distinguishedName.split(",");
for (String dnSplit : dnSplits) {
if (dnSplit.contains(attribute)) {
String[] cnSplits = dnSplit.split("=");
if (StringUtils.isNotEmpty(cnSplits[1])) {
return cnSplits[1];
}
}
}
}
return null;
}
} }

55
components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
View File

@ -546,14 +546,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
} }
int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId); int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId);
boolean isEnableDeviceStatusCheck = deviceStatusManagementService.getDeviceStatusCheck(tenantId); addDeviceStatus(deviceStatusManagementService, tenantId, updatedRows, device.getEnrolmentInfo(),
boolean isValidState = deviceStatusManagementService.isDeviceStatusValid(device.getType(), device.getType());
device.getEnrolmentInfo().getStatus().name(),tenantId);
if (updatedRows == 1 && !deviceStatusManagementService.getDeviceStatusCheck(tenantId)){
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
} else if (updatedRows ==1 && isEnableDeviceStatusCheck && isValidState ) {
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
}
DeviceManagementDAOFactory.commitTransaction(); DeviceManagementDAOFactory.commitTransaction();
log.info("Device enrollment modified successfully", log.info("Device enrollment modified successfully",
@ -672,13 +666,7 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder
.getInstance().getDeviceStatusManagementService(); .getInstance().getDeviceStatusManagementService();
int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId); int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId);
boolean isEnableDeviceStatusCheck = deviceStatusManagementService.getDeviceStatusCheck(tenantId); addDeviceStatus(deviceStatusManagementService, tenantId, updatedRows, device.getEnrolmentInfo(), device.getType());
boolean isValidState = deviceStatusManagementService.isDeviceStatusValid(device.getType(),device.getEnrolmentInfo().getStatus().name(),tenantId);
if (updatedRows == 1 && !deviceStatusManagementService.getDeviceStatusCheck(tenantId)){
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
} else if (updatedRows ==1 && isEnableDeviceStatusCheck && isValidState ) {
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
}
DeviceManagementDAOFactory.commitTransaction(); DeviceManagementDAOFactory.commitTransaction();
this.removeDeviceFromCache(deviceId); this.removeDeviceFromCache(deviceId);
@ -3475,17 +3463,11 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
String type = deviceIdentifier.getType(); String type = deviceIdentifier.getType();
DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder
.getInstance().getDeviceStatusManagementService(); .getInstance().getDeviceStatusManagementService();
DeviceManagementDAOFactory.commitTransaction();
if (updatedRows > 0) { if (updatedRows > 0) {
isUpdatedEnrollment = true; isUpdatedEnrollment = true;
} }
boolean isEnableDeviceStatusCheck = deviceStatusManagementService.getDeviceStatusCheck(tenantId); addDeviceStatus(deviceStatusManagementService, tenantId, updatedRows, enrolmentInfo, type);
boolean isValidState = deviceStatusManagementService.isDeviceStatusValid(type, enrolmentInfo.getStatus().name(), tenantId); DeviceManagementDAOFactory.commitTransaction();
if (updatedRows == 1 && !deviceStatusManagementService.getDeviceStatusCheck(tenantId)) {
enrollmentDAO.addDeviceStatus(enrolmentInfo.getId(), enrolmentInfo.getStatus());
} else if (updatedRows == 1 && isEnableDeviceStatusCheck && isValidState) {
enrollmentDAO.addDeviceStatus(enrolmentInfo.getId(), enrolmentInfo.getStatus());
}
} catch (DeviceManagementDAOException e) { } catch (DeviceManagementDAOException e) {
DeviceManagementDAOFactory.rollbackTransaction(); DeviceManagementDAOFactory.rollbackTransaction();
@ -3503,6 +3485,24 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
return isUpdatedEnrollment; return isUpdatedEnrollment;
} }
/**
* Save the status according to status check(allowed device status)
* Before invoking this method the calling function should have started a transaction
* @param deviceStatusManagementService instance of deviceStatusManagementService
* @param tenantId ID of the tenant
* @param updatedRows number of updated rows
* @param enrolmentInfo enrollment info of the device
* @param type type of the device
*/
private void addDeviceStatus(DeviceStatusManagementService deviceStatusManagementService, int tenantId,
int updatedRows,EnrolmentInfo enrolmentInfo,String type)
throws MetadataManagementException, DeviceManagementDAOException {
boolean isEnableDeviceStatusCheck = deviceStatusManagementService.getDeviceStatusCheck(tenantId);
boolean isValidState = deviceStatusManagementService.isDeviceStatusValid(type, enrolmentInfo.getStatus().name(), tenantId);
if (updatedRows == 1 && (!isEnableDeviceStatusCheck || isValidState)) {
enrollmentDAO.addDeviceStatus(enrolmentInfo.getId(), enrolmentInfo.getStatus());
}
}
private int getTenantId() { private int getTenantId() {
return CarbonContext.getThreadLocalCarbonContext().getTenantId(); return CarbonContext.getThreadLocalCarbonContext().getTenantId();
@ -4523,13 +4523,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder DeviceStatusManagementService deviceStatusManagementService = DeviceManagementDataHolder
.getInstance().getDeviceStatusManagementService(); .getInstance().getDeviceStatusManagementService();
int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId); int updatedRows = enrollmentDAO.updateEnrollment(device.getEnrolmentInfo(), tenantId);
boolean isEnableDeviceStatusCheck = deviceStatusManagementService.getDeviceStatusCheck(tenantId); addDeviceStatus(deviceStatusManagementService, tenantId, updatedRows, device.getEnrolmentInfo(),
boolean isValidState = deviceStatusManagementService.isDeviceStatusValid(type, String.valueOf(EnrolmentInfo.Status.REMOVED),tenantId); type);
if (updatedRows == 1 && !deviceStatusManagementService.getDeviceStatusCheck(tenantId)){
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
} else if (updatedRows ==1 && isEnableDeviceStatusCheck && isValidState ) {
enrollmentDAO.addDeviceStatus(device.getEnrolmentInfo().getId(), device.getEnrolmentInfo().getStatus());
}
} catch (DeviceManagementDAOException e) { } catch (DeviceManagementDAOException e) {
DeviceManagementDAOFactory.rollbackTransaction(); DeviceManagementDAOFactory.rollbackTransaction();
String msg = "Error occurred while dis-enrolling device: " + String msg = "Error occurred while dis-enrolling device: " +