From b66e80409157671b293dbafb205bff6247467547 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Fri, 19 Jun 2020 15:22:32 +0530
Subject: [PATCH 01/58] Retrieve enrollment config from general config and
 support serilnumber based config with user based

---
 .../DeviceManagementProviderServiceImpl.java  |  3 +-
 .../mgt/core/util/DeviceManagerUtil.java      | 76 ++++++++++---------
 2 files changed, 40 insertions(+), 39 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
index f89dbce3ad..97125cf386 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
@@ -231,8 +231,7 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
             }
             return false;
         }
-        EnrollmentConfiguration enrollmentConfiguration = DeviceManagerUtil.getEnrollmentConfigurationEntry(
-                this.getConfiguration(device.getType()));
+        EnrollmentConfiguration enrollmentConfiguration = DeviceManagerUtil.getEnrollmentConfigurationEntry();
         String deviceSerialNumber = null;
         if (enrollmentConfiguration != null) {
             deviceSerialNumber = DeviceManagerUtil.getPropertyString(device.getProperties(),
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
index 92fac25875..cb5d305aef 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
@@ -19,7 +19,6 @@ package org.wso2.carbon.device.mgt.core.util;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.gson.Gson;
-import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.http.HttpResponse;
@@ -887,21 +886,15 @@ public final class DeviceManagerUtil {
 
     /**
      * Retrieve the Enrollment Configuration entry added to the Platform Configuration
-     * @param platformConfiguration which has all the platform configurations added to the tenant
      * @return enrollment configuration
      */
-    public static EnrollmentConfiguration getEnrollmentConfigurationEntry(PlatformConfiguration platformConfiguration) {
-        if (platformConfiguration != null) {
-            String enrollmentConfigEntry  = platformConfiguration.getConfiguration().stream()
-                    .filter(configurationEntry -> DeviceManagementConstants.Common.ENROLLMENT_CONFIGURATION
-                            .equals(configurationEntry.getName()))
-                    .findFirst()
-                    .map(configurationEntry -> configurationEntry.getValue().toString()).orElse(null);
-            if (!StringUtils.isBlank(enrollmentConfigEntry)) {
+    public static EnrollmentConfiguration getEnrollmentConfigurationEntry() {
+            Object enrollmentConfigEntry = DeviceManagerUtil.getConfiguration(
+                    DeviceManagementConstants.Common.ENROLLMENT_CONFIGURATION);
+            if (enrollmentConfigEntry != null) {
                 Gson gson = new Gson();
-                return gson.fromJson(enrollmentConfigEntry, EnrollmentConfiguration.class);
+                return gson.fromJson(enrollmentConfigEntry.toString(), EnrollmentConfiguration.class);
             }
-        }
         return null;
     }
 
@@ -911,8 +904,9 @@ public final class DeviceManagerUtil {
      * Validation happens in two ways,
      * 1. List of Serial Numbers - If this is available checks if the device to be enrolled serial number is
      * in the given list of serial numbers
-     * 2. List of Serial Numbers against a User - If [1] is missing and this is available checks if the device
-     * to be enrolled serial number is in the list of serial numbers which are against a User
+     * 2. List of Serial Numbers against a User - If [1] is not configured or the device serial number is not
+     * in the [1] then this checks if the device to be enrolled serial number is in the list of serial numbers
+     * which are against a User
      * @param enrollmentConfiguration which has the enrollment configurations of a tenant
      * @param deviceSerialNumber device serial number to be validated
      * @return a boolean value if the device can be enrolled
@@ -928,36 +922,44 @@ public final class DeviceManagerUtil {
             return true;
         } else {
             List<String> enrollmentConfigSerialNumbers = enrollmentConfiguration.getSerialNumbers();
+            boolean isDeviceEnrollable = false;
             if (enrollmentConfigSerialNumbers != null && !enrollmentConfigSerialNumbers.isEmpty()) {
                 if (log.isDebugEnabled()) {
                     log.debug("List of serial numbers '" + enrollmentConfigSerialNumbers.toString() + "' has been"
                               + " added for enrollment configuration under platform configuration to validate "
                               + "the serial number '" + deviceSerialNumber + "'.");
                 }
-                return enrollmentConfigSerialNumbers.stream().anyMatch(deviceSerialNumber::equals);
-            } else {
-                String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
-                List<EnrollmentConfiguration.UserConfiguration> userConfigurations = enrollmentConfiguration
-                        .getUserConfigurations();
-                if (userConfigurations != null && !userConfigurations.isEmpty()) {
-                    if (log.isDebugEnabled()) {
-                        log.debug("List of serial numbers against users has been added for enrollment "
-                                  + "configuration under platform configuration.");
-                    }
-                    return userConfigurations.stream()
-                            .filter(userConfiguration -> username.equals(userConfiguration.getUsername())).findFirst()
-                            .filter(userConfiguration -> userConfiguration.getSerialNumbers().stream()
-                                    .anyMatch(deviceSerialNumber::equals)).isPresent();
-                } else {
-                    if (log.isDebugEnabled()) {
-                        log.debug("Enrollment configuration has been but configuration does not contain any "
-                                  + "serial number based validation. It may be having the configuration to push "
-                                  + "devices to a specific group after a successful enrollment.");
-                    }
-                    // enrollment configuration has been set only to add device to a specific group and not to
-                    // validate device against serial number
-                    return true;
+                isDeviceEnrollable = enrollmentConfigSerialNumbers.stream().anyMatch(deviceSerialNumber::equals);
+            }
+            if (isDeviceEnrollable) {
+                return true;
+            }
+            String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
+            List<EnrollmentConfiguration.UserConfiguration> userConfigurations = enrollmentConfiguration
+                    .getUserConfigurations();
+            if (userConfigurations != null && !userConfigurations.isEmpty()) {
+                if (log.isDebugEnabled()) {
+                    log.debug("List of serial numbers against users has been added for enrollment "
+                              + "configuration under platform configuration.");
                 }
+                return userConfigurations.stream()
+                        .filter(userConfiguration -> username.equals(userConfiguration.getUsername())).findFirst()
+                        .filter(userConfiguration -> userConfiguration.getSerialNumbers().stream()
+                                .anyMatch(deviceSerialNumber::equals)).isPresent();
+            } else {
+                if (enrollmentConfigSerialNumbers != null && !enrollmentConfigSerialNumbers.isEmpty()) {
+                    // serial number of the device is not in the serial number based configuration nor in the serial
+                    // numbers against user based configuration
+                    return false;
+                }
+                if (log.isDebugEnabled()) {
+                    log.debug("Enrollment configuration has been but configuration does not contain any "
+                              + "serial number based validation. It may be having the configuration to push "
+                              + "devices to a specific group after a successful enrollment.");
+                }
+                // enrollment configuration has been set only to add device to a specific group and not to
+                // validate device against serial number
+                return true;
             }
         }
     }

From e85d3af9c0b79252ad5b0f1e4b7952e1f08faf46 Mon Sep 17 00:00:00 2001
From: anjula-sack <anjulashanaka@gmail.com>
Date: Fri, 19 Jun 2020 18:59:10 +0530
Subject: [PATCH 02/58] Upgrade the npm version of mvn build

---
 .../pom.xml                                                    | 1 -
 .../org.wso2.carbon.device.application.mgt.store.ui/pom.xml    | 1 -
 pom.xml                                                        | 3 +--
 3 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
index 261da4429e..5d7920e6fc 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
@@ -66,7 +66,6 @@
                         <phase>generate-resources</phase>
                         <configuration>
                             <nodeVersion>${node.version}</nodeVersion>
-                            <npmVersion>${npm.version}</npmVersion>
                         </configuration>
                     </execution>
                     <execution>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/pom.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/pom.xml
index f406adc114..09c75ff7ee 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/pom.xml
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/pom.xml
@@ -69,7 +69,6 @@
                         <phase>generate-resources</phase>
                         <configuration>
                             <nodeVersion>${node.version}</nodeVersion>
-                            <npmVersion>${npm.version}</npmVersion>
                         </configuration>
                     </execution>
                     <execution>
diff --git a/pom.xml b/pom.xml
index 861a91c8e6..2fccdc25b3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2249,8 +2249,7 @@
         <googlecode.plist.version>1.21</googlecode.plist.version>
         <net.dongliu.version>2.6.5</net.dongliu.version>
         <frontend.mave.version>1.7.6</frontend.mave.version>
-        <node.version>v10.15.3</node.version>
-        <npm.version>6.9.0</npm.version>
+        <node.version>v12.18.1</node.version>
 
         <maven.checkstyle.vesion>3.1.0</maven.checkstyle.vesion>
         

From 080aeb39e0f783eb144ad237600a7dee895ea651 Mon Sep 17 00:00:00 2001
From: anjula-sack <anjulashanaka@gmail.com>
Date: Thu, 25 Jun 2020 11:58:12 +0530
Subject: [PATCH 03/58] Migrate APPM Store UI from antd v3 to v4

---
 .../react-app/package.json                    |   2 +-
 .../scenes/Home/components/Logout/index.js    |   5 +-
 .../react-app/src/scenes/Home/index.js        |  59 ++--
 .../scenes/Apps/components/AppList/index.js   |  12 +-
 .../components/AddReview/index.js             |   4 +-
 .../ReviewContainer/componets/Rating/index.js |   5 +-
 .../Reviews/components/Review/index.js        |   2 +-
 .../components/SubscriptionDetails/index.js   |   3 +-
 .../components/ReleaseView/index.js           |   6 +-
 .../Release/components/ReleasePage/index.js   |   5 +-
 .../react-app/src/scenes/Login/index.js       | 257 ++++++++----------
 11 files changed, 179 insertions(+), 181 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/package.json b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/package.json
index 56aa61b49b..91b0a4158b 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/package.json
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/package.json
@@ -11,7 +11,7 @@
   "license": "Apache License 2.0",
   "dependencies": {
     "acorn": "^6.2.0",
-    "antd": "^3.23.6",
+    "antd": "^4.0.0",
     "axios": "^0.18.1",
     "babel-eslint": "^9.0.0",
     "d3": "^5.9.7",
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/components/Logout/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/components/Logout/index.js
index a11d1d029a..d2c5e106eb 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/components/Logout/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/components/Logout/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Menu, Icon } from 'antd';
+import { LogoutOutlined } from '@ant-design/icons';
+import { Menu } from 'antd';
 import axios from 'axios';
 import { withConfigContext } from '../../../../components/context/ConfigContext';
 import { handleApiError } from '../../../../services/utils/errorHandler';
@@ -64,7 +65,7 @@ class Logout extends React.Component {
     return (
       <Menu>
         <Menu.Item key="1" onClick={this.handleSubmit}>
-          <Icon type="logout" />
+          <LogoutOutlined />
           Logout
         </Menu.Item>
       </Menu>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/index.js
index b8582bbc3a..c5a8bf47fc 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/index.js
@@ -17,7 +17,17 @@
  */
 
 import React from 'react';
-import { Layout, Menu, Icon, Drawer, Button, Alert } from 'antd';
+import {
+  UploadOutlined,
+  UserOutlined,
+  AndroidFilled,
+  AppleFilled,
+  WindowsFilled,
+  HddFilled,
+  MenuFoldOutlined,
+  MenuUnfoldOutlined,
+} from '@ant-design/icons';
+import { Layout, Menu, Drawer, Button, Alert } from 'antd';
 
 const { Header, Content, Footer } = Layout;
 import { Link } from 'react-router-dom';
@@ -112,23 +122,27 @@ class Dashboard extends React.Component {
   };
 
   render() {
-    const config = this.props.context;
     const { selectedKeys, deviceTypes, forbiddenErrors } = this.state;
-
     const DeviceTypesData = deviceTypes.map(deviceType => {
-      const platform = deviceType.name;
-      const defaultPlatformIcons = config.defaultPlatformIcons;
-      let icon = defaultPlatformIcons.default.icon;
-      let theme = defaultPlatformIcons.default.theme;
-      if (defaultPlatformIcons.hasOwnProperty(platform)) {
-        icon = defaultPlatformIcons[platform].icon;
-        theme = defaultPlatformIcons[platform].theme;
+      let icon;
+      switch (deviceType.name) {
+        case 'android':
+          icon = <AndroidFilled />;
+          break;
+        case 'ios':
+          icon = <AppleFilled />;
+          break;
+        case 'windows':
+          icon = <WindowsFilled />;
+          break;
+        default:
+          icon = <HddFilled />;
       }
       return (
-        <Menu.Item key={platform}>
-          <Link to={'/store/' + platform}>
-            <Icon type={icon} theme={theme} />
-            {platform}
+        <Menu.Item key={deviceType.name}>
+          <Link to={'/store/' + deviceType.name}>
+            {icon}
+            {deviceType.name}
           </Link>
         </Menu.Item>
       );
@@ -161,7 +175,7 @@ class Dashboard extends React.Component {
 
                 <Menu.Item key="web-clip">
                   <Link to="/store/web-clip">
-                    <Icon type="upload" />
+                    <UploadOutlined />
                     Web Clips
                   </Link>
                 </Menu.Item>
@@ -170,7 +184,7 @@ class Dashboard extends React.Component {
                   className="profile"
                   title={
                     <span className="submenu-title-wrapper">
-                      <Icon type="user" />
+                      <UserOutlined />
                       {this.config.user.username}
                     </span>
                   }
@@ -185,10 +199,11 @@ class Dashboard extends React.Component {
         <Layout className="mobile-layout">
           <div className="mobile-menu-button">
             <Button type="link" onClick={this.showMobileNavigationBar}>
-              <Icon
-                type={this.state.collapsed ? 'menu-fold' : 'menu-unfold'}
-                className="bar-icon"
-              />
+              {this.state.collapsed ? (
+                <MenuFoldOutlined />
+              ) : (
+                <MenuUnfoldOutlined />
+              )}
             </Button>
           </div>
         </Layout>
@@ -221,7 +236,7 @@ class Dashboard extends React.Component {
 
             <Menu.Item key="web-clip">
               <Link to="/store/web-clip">
-                <Icon type="upload" />
+                <UploadOutlined />
                 Web Clips
               </Link>
             </Menu.Item>
@@ -236,7 +251,7 @@ class Dashboard extends React.Component {
             <SubMenu
               title={
                 <span className="submenu-title-wrapper">
-                  <Icon type="user" />
+                  <UserOutlined />
                 </span>
               }
             >
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/index.js
index 15f9e0d216..ab43ad7156 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/index.js
@@ -143,11 +143,13 @@ class AppList extends React.Component {
         >
           <Row gutter={16}>
             {apps.length === 0 && (
-              <Result
-                status="404"
-                title="No apps, yet."
-                subTitle="No apps available, yet! When the administration uploads, apps will show up here."
-              />
+              <Col span={24}>
+                <Result
+                  status="404"
+                  title="No apps, yet."
+                  subTitle="No apps available, yet! When the administration uploads, apps will show up here."
+                />
+              </Col>
             )}
             {apps.map(app => (
               <Col key={app.id} xs={12} sm={6} md={6} lg={4} xl={3}>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/CurrentUsersReview/components/AddReview/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/CurrentUsersReview/components/AddReview/index.js
index 7a972a9f15..af24e7dbf5 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/CurrentUsersReview/components/AddReview/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/CurrentUsersReview/components/AddReview/index.js
@@ -17,10 +17,10 @@
  */
 
 import React from 'react';
+import { StarOutlined } from '@ant-design/icons';
 import {
   Drawer,
   Button,
-  Icon,
   Row,
   Col,
   Typography,
@@ -127,7 +127,7 @@ class AddReview extends React.Component {
     return (
       <div>
         <Button type="primary" onClick={this.showDrawer}>
-          <Icon type="star" /> Add a review
+          <StarOutlined /> Add a review
         </Button>
 
         <Drawer
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Rating/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Rating/index.js
index fcd9f85ac1..3c6b5ddc9a 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Rating/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Rating/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Row, Typography, Icon } from 'antd';
+import { TeamOutlined } from '@ant-design/icons';
+import { Row, Typography } from 'antd';
 import StarRatings from 'react-star-ratings';
 import './styles.css';
 import { withConfigContext } from '../../../../../../../../../../../../../../components/context/ConfigContext';
@@ -67,7 +68,7 @@ class Rating extends React.Component {
           />
           <br />
           <Text type="secondary" className="people-count">
-            <Icon type="team" /> {totalCount} total
+            <TeamOutlined /> {totalCount} total
           </Text>
         </div>
         <div className="bar-containers">
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Reviews/components/Review/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Reviews/components/Review/index.js
index 3dac70cf55..2d3ec681d9 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Reviews/components/Review/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/ReviewContainer/componets/Reviews/components/Review/index.js
@@ -170,7 +170,7 @@ class Review extends React.Component {
     );
 
     return (
-      <div>
+      <div style={{ width: '100%' }}>
         <List.Item.Meta
           avatar={
             <Avatar
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/SubscriptionDetails/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/SubscriptionDetails/index.js
index 64960187f7..9a534c79e9 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/SubscriptionDetails/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/components/SubscriptionDetails/index.js
@@ -18,6 +18,7 @@
 
 import React from 'react';
 import axios from 'axios';
+import { SyncOutlined } from '@ant-design/icons';
 import { Tag, Table, Typography, Button, Alert } from 'antd';
 import TimeAgo from 'javascript-time-ago';
 
@@ -235,7 +236,7 @@ class SubscriptionDetails extends React.Component {
               </Text>
             </div>
             <div style={{ textAlign: 'right', paddingBottom: 6 }}>
-              <Button icon="sync" onClick={this.fetch}>
+              <Button icon={<SyncOutlined />} onClick={this.fetch}>
                 Refresh
               </Button>
             </div>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/index.js
index fcdafd7551..fa6307d6b0 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/components/ReleaseView/index.js
@@ -17,6 +17,7 @@
  */
 
 import React from 'react';
+import { DownOutlined } from '@ant-design/icons';
 import {
   Divider,
   Row,
@@ -26,7 +27,6 @@ import {
   Dropdown,
   notification,
   Menu,
-  Icon,
   Tabs,
   Tag,
 } from 'antd';
@@ -216,13 +216,13 @@ class ReleaseView extends React.Component {
                   yes={
                     <Dropdown overlay={menu}>
                       <Button type="primary">
-                        Subscribe <Icon type="down" />
+                        Subscribe <DownOutlined />
                       </Button>
                     </Dropdown>
                   }
                   no={
                     <Button type="primary" disabled={true}>
-                      Subscribe <Icon type="down" />
+                      Subscribe <DownOutlined />
                     </Button>
                   }
                 />
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/index.js
index 7c8b168386..787236598e 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleasePage/index.js
@@ -18,7 +18,8 @@
 
 import React from 'react';
 import '../../../../../../../../App.css';
-import { Skeleton, Typography, Row, Col, Card, Breadcrumb, Icon } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { Skeleton, Typography, Row, Col, Card, Breadcrumb } from 'antd';
 import ReleaseView from './components/ReleaseView';
 import axios from 'axios';
 import { withConfigContext } from '../../../../../../../../components/context/ConfigContext';
@@ -110,7 +111,7 @@ class ReleasePage extends React.Component {
             <Breadcrumb style={{ paddingBottom: 16 }}>
               <Breadcrumb.Item>
                 <Link to={'/store/' + deviceType}>
-                  <Icon type="home" /> {deviceType + ' apps'}{' '}
+                  <HomeOutlined /> {deviceType + ' apps'}{' '}
                 </Link>
               </Breadcrumb.Item>
               <Breadcrumb.Item>{appName}</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Login/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Login/index.js
index b6e9b2ad49..3d0f11d4a8 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Login/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.ui/react-app/src/scenes/Login/index.js
@@ -17,14 +17,14 @@
  */
 
 import React from 'react';
+import { LockOutlined, UserOutlined } from '@ant-design/icons';
 import {
   Typography,
   Row,
   Col,
-  Form,
-  Icon,
   Input,
   Button,
+  Form,
   Checkbox,
   notification,
 } from 'antd';
@@ -36,6 +36,62 @@ const { Title } = Typography;
 const { Text } = Typography;
 
 class Login extends React.Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      inValid: false,
+      loading: false,
+    };
+  }
+
+  handleSubmit = values => {
+    this.setState({
+      loading: true,
+      inValid: false,
+    });
+    const parameters = {
+      username: values.username,
+      password: values.password,
+      platform: 'store',
+    };
+
+    const request = Object.keys(parameters)
+      .map(key => key + '=' + parameters[key])
+      .join('&');
+
+    axios
+      .post(window.location.origin + '/store-ui-request-handler/login', request)
+      .then(res => {
+        if (res.status === 200) {
+          let redirectUrl = window.location.origin + '/store';
+          const searchParams = new URLSearchParams(window.location.search);
+          if (searchParams.has('redirect')) {
+            redirectUrl = searchParams.get('redirect');
+          }
+          window.location = redirectUrl;
+        } else {
+          throw new Error();
+        }
+      })
+      .catch(error => {
+        if (error.hasOwnProperty('response') && error.response.status === 401) {
+          this.setState({
+            loading: false,
+            inValid: true,
+          });
+        } else {
+          notification.error({
+            message: 'There was a problem',
+            duration: 10,
+            description: '',
+          });
+          this.setState({
+            loading: false,
+            inValid: false,
+          });
+        }
+      });
+  };
   render() {
     const config = this.props.context;
     return (
@@ -46,7 +102,13 @@ class Login extends React.Component {
             <Col xs={3} sm={3} md={10}></Col>
             <Col xs={18} sm={18} md={4}>
               <Row style={{ marginBottom: 20 }}>
-                <Col style={{ textAlign: 'center' }}>
+                <Col
+                  style={{
+                    display: 'block',
+                    marginLeft: 'auto',
+                    marginRight: 'auto',
+                  }}
+                >
                   <img
                     style={{
                       marginTop: 36,
@@ -57,7 +119,58 @@ class Login extends React.Component {
                 </Col>
               </Row>
               <Title level={2}>Login</Title>
-              <WrappedNormalLoginForm />
+              <Form
+                initialValues={{ remember: true }}
+                onFinish={this.handleSubmit}
+              >
+                <Form.Item
+                  name="username"
+                  rules={[
+                    { required: true, message: 'Please input your username!' },
+                  ]}
+                >
+                  <Input
+                    name="username"
+                    style={{ height: 32 }}
+                    prefix={
+                      <UserOutlined style={{ color: 'rgba(0,0,0,.25)' }} />
+                    }
+                    placeholder="Username"
+                  />
+                </Form.Item>
+                <Form.Item
+                  name="password"
+                  rules={[
+                    { required: true, message: 'Please input your password!' },
+                  ]}
+                >
+                  <Input.Password
+                    prefix={
+                      <LockOutlined style={{ color: 'rgba(0,0,0,.25)' }} />
+                    }
+                    placeholder="Password"
+                  />
+                </Form.Item>
+                {this.state.loading && <Text type="secondary">Loading..</Text>}
+                {this.state.inValid && (
+                  <Text type="danger">Invalid Login Details</Text>
+                )}
+                <br />
+                <a href="">Forgot password</a>
+                <Form.Item name="remember" valuePropName="checked">
+                  <Checkbox>Remember me</Checkbox>
+                </Form.Item>
+                <Form.Item>
+                  <Button
+                    type="primary"
+                    htmlType="submit"
+                    block
+                    loading={this.state.loading}
+                  >
+                    Log in
+                  </Button>
+                </Form.Item>
+              </Form>
             </Col>
           </Row>
           <Row>
@@ -69,140 +182,4 @@ class Login extends React.Component {
   }
 }
 
-class NormalLoginForm extends React.Component {
-  constructor(props) {
-    super(props);
-    this.state = {
-      inValid: false,
-      loading: false,
-    };
-  }
-
-  handleSubmit = e => {
-    const thisForm = this;
-    const config = this.props.context;
-
-    e.preventDefault();
-    this.props.form.validateFields((err, values) => {
-      thisForm.setState({
-        inValid: false,
-      });
-      if (!err) {
-        thisForm.setState({
-          loading: true,
-        });
-        const parameters = {
-          username: values.username,
-          password: values.password,
-          platform: 'store',
-        };
-
-        const request = Object.keys(parameters)
-          .map(key => key + '=' + parameters[key])
-          .join('&');
-
-        axios
-          .post(window.location.origin + config.serverConfig.loginUri, request)
-          .then(res => {
-            if (res.status === 200) {
-              let redirectUrl = window.location.origin + '/store';
-              const searchParams = new URLSearchParams(window.location.search);
-              if (searchParams.has('redirect')) {
-                redirectUrl = searchParams.get('redirect');
-              }
-              window.location = redirectUrl;
-            }
-          })
-          .catch(function(error) {
-            if (
-              error.hasOwnProperty('response') &&
-              error.response.status === 401
-            ) {
-              thisForm.setState({
-                loading: false,
-                inValid: true,
-              });
-            } else {
-              notification.error({
-                message: 'There was a problem',
-                duration: 10,
-                description: '',
-              });
-              thisForm.setState({
-                loading: false,
-                inValid: false,
-              });
-            }
-          });
-      }
-    });
-  };
-
-  render() {
-    const { getFieldDecorator } = this.props.form;
-    let errorMsg = '';
-    if (this.state.inValid) {
-      errorMsg = <Text type="danger">Invalid Login Details</Text>;
-    }
-    let loading = '';
-    if (this.state.loading) {
-      loading = <Text type="secondary">Loading..</Text>;
-    }
-    return (
-      <Form onSubmit={this.handleSubmit} className="login-form">
-        <Form.Item>
-          {getFieldDecorator('username', {
-            rules: [{ required: true, message: 'Please input your username!' }],
-          })(
-            <Input
-              name="username"
-              style={{ height: 32 }}
-              prefix={<Icon type="user" style={{ color: 'rgba(0,0,0,.25)' }} />}
-              placeholder="Username"
-            />,
-          )}
-        </Form.Item>
-        <Form.Item>
-          {getFieldDecorator('password', {
-            rules: [{ required: true, message: 'Please input your Password!' }],
-          })(
-            <Input
-              name="password"
-              style={{ height: 32 }}
-              prefix={<Icon type="lock" style={{ color: 'rgba(0,0,0,.25)' }} />}
-              type="password"
-              placeholder="Password"
-            />,
-          )}
-        </Form.Item>
-        {loading}
-        {errorMsg}
-        <Form.Item>
-          {getFieldDecorator('remember', {
-            valuePropName: 'checked',
-            initialValue: true,
-          })(<Checkbox>Remember me</Checkbox>)}
-          <br />
-          <a className="login-form-forgot" href="">
-            Forgot password
-          </a>
-          <Button
-            loading={this.state.loading}
-            block
-            type="primary"
-            htmlType="submit"
-            className="login-form-button"
-          >
-            Log in
-          </Button>
-        </Form.Item>
-      </Form>
-    );
-  }
-}
-
-const WrappedNormalLoginForm = withConfigContext(
-  Form.create({ name: 'normal_login' })(NormalLoginForm),
-);
-
 export default withConfigContext(Login);

From 4f8d29456baf3742b751ece8b874014ba0fd8387 Mon Sep 17 00:00:00 2001
From: anjula-sack <anjulashanaka@gmail.com>
Date: Sun, 28 Jun 2020 14:19:23 +0530
Subject: [PATCH 04/58] Migrate APPM Publisher UI from antd v3 to v4

---
 .../react-app/package.json                    |  3 +-
 .../scenes/Home/components/Logout/index.js    |  5 +--
 .../react-app/src/scenes/Home/index.js        | 36 ++++++++++++-------
 .../components/NewAppDetailsForm/index.js     |  4 ++-
 .../components/NewAppUploadForm/index.js      | 13 +++----
 .../components/AddNewAppForm/index.js         |  4 ++-
 .../scenes/AddNewApp/scenes/Custom/index.js   |  5 +--
 .../AddNewApp/scenes/Enterprise/index.js      |  5 +--
 .../scenes/AddNewApp/scenes/Public/index.js   |  5 +--
 .../scenes/AddNewApp/scenes/WebClip/index.js  |  5 +--
 .../components/AddNewReleaseForm/index.js     |  4 ++-
 .../scenes/Home/scenes/AddNewRelease/index.js |  5 +--
 .../ApssTable/AppDetailsDrawer/index.js       | 19 +++++-----
 .../AppList/components/ApssTable/index.js     |  9 ++---
 .../AppList/components/Filters/index.js       | 25 ++++++-------
 .../Apps/components/DetailedRating/index.js   |  5 +--
 .../components/lifeCycleDetailsModal/index.js |  7 +++-
 .../Release/components/LifeCycle/index.js     |  4 +--
 .../components/DeleteRelease/index.js         |  5 +--
 .../components/EditRelease/index.js           | 20 +++++++----
 .../Release/components/ReleaseView/index.js   | 17 +++------
 .../Manage/components/Categories/index.js     | 11 +++---
 .../scenes/Manage/components/Tags/index.js    | 11 +++---
 .../src/scenes/Home/scenes/Manage/index.js    |  5 +--
 .../components/Pages/index.js                 |  6 ++--
 .../components/SyncAndroidApps/index.js       |  3 +-
 .../Manage/scenes/AndroidEnterprise/index.js  |  5 +--
 .../components/AddAppsToClusterModal/index.js |  5 +--
 .../scenes/Page/components/Cluster/index.js   | 21 +++++++----
 .../AndroidEnterprise/scenes/Page/index.js    |  6 ++--
 .../react-app/src/scenes/Login/index.js       |  9 ++---
 31 files changed, 164 insertions(+), 123 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
index df1743f096..593c3c385d 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
@@ -10,11 +10,12 @@
   },
   "license": "Apache License 2.0",
   "dependencies": {
+    "@ant-design/compatible": "^1.0.0",
     "@ant-design/dark-theme": "^0.2.2",
     "@ant-design/icons": "^4.0.6",
     "@babel/polyfill": "^7.6.0",
     "acorn": "^6.2.0",
-    "antd": "^3.23.6",
+    "antd": "^4.0.0",
     "axios": "^0.19.0",
     "babel-eslint": "^9.0.0",
     "d3": "^5.9.7",
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/components/Logout/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/components/Logout/index.js
index 1d94718fd1..f41e654bcc 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/components/Logout/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/components/Logout/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { notification, Menu, Icon } from 'antd';
+import { LogoutOutlined } from '@ant-design/icons';
+import { notification, Menu } from 'antd';
 import axios from 'axios';
 import { withConfigContext } from '../../../../components/ConfigContext';
 
@@ -70,7 +71,7 @@ class Logout extends React.Component {
     return (
       <Menu>
         <Menu.Item key="1" onClick={this.handleSubmit}>
-          <Icon type="logout" />
+          <LogoutOutlined />
           Logout
         </Menu.Item>
       </Menu>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
index 983e74c07b..e585f75b5f 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
@@ -17,7 +17,18 @@
  */
 
 import React from 'react';
-import { Layout, Menu, Icon, Drawer, Button } from 'antd';
+
+import {
+  AndroidFilled,
+  AppstoreOutlined,
+  ControlOutlined,
+  PlusOutlined,
+  SettingOutlined,
+  UserOutlined,
+} from '@ant-design/icons';
+
+import { Icon as LegacyIcon } from '@ant-design/compatible';
+import { Layout, Menu, Drawer, Button } from 'antd';
 import { Switch, Link } from 'react-router-dom';
 import RouteWithSubRoutes from '../../components/RouteWithSubRoutes';
 import { Redirect } from 'react-router';
@@ -81,7 +92,7 @@ class Dashboard extends React.Component {
               >
                 <Menu.Item key="1">
                   <Link to="/publisher/apps">
-                    <Icon type="appstore" />
+                    <AppstoreOutlined />
                     Apps
                   </Link>
                 </Menu.Item>
@@ -92,7 +103,7 @@ class Dashboard extends React.Component {
                   <SubMenu
                     title={
                       <span className="submenu-title-wrapper">
-                        <Icon type="plus" />
+                        <PlusOutlined />
                         Add New App
                       </span>
                     }
@@ -118,21 +129,20 @@ class Dashboard extends React.Component {
                 <SubMenu
                   title={
                     <span className="submenu-title-wrapper">
-                      <Icon type="control" />
+                      <ControlOutlined />
                       Manage
                     </span>
                   }
                 >
                   <Menu.Item key="manage">
                     <Link to="/publisher/manage">
-                      <Icon type="setting" /> General
+                      <SettingOutlined /> General
                     </Link>
                   </Menu.Item>
                   {this.config.androidEnterpriseToken != null && (
                     <Menu.Item key="manage-android-enterprise">
                       <Link to="/publisher/manage/android-enterprise">
-                        <Icon type="android" theme="filled" /> Android
-                        Enterprise
+                        <AndroidFilled /> Android Enterprise
                       </Link>
                     </Menu.Item>
                   )}
@@ -142,7 +152,7 @@ class Dashboard extends React.Component {
                   className="profile"
                   title={
                     <span className="submenu-title-wrapper">
-                      <Icon type="user" />
+                      <UserOutlined />
                       {this.config.username}
                     </span>
                   }
@@ -157,7 +167,7 @@ class Dashboard extends React.Component {
         <Layout className="mobile-layout">
           <div className="mobile-menu-button">
             <Button type="link" onClick={this.showMobileNavigationBar}>
-              <Icon
+              <LegacyIcon
                 type={this.state.collapsed ? 'menu-fold' : 'menu-unfold'}
                 className="bar-icon"
               />
@@ -194,14 +204,14 @@ class Dashboard extends React.Component {
           >
             <Menu.Item key="1">
               <Link to="/publisher/apps">
-                <Icon type="appstore" />
+                <AppstoreOutlined />
                 Apps
               </Link>
             </Menu.Item>
             <SubMenu
               title={
                 <span className="submenu-title-wrapper">
-                  <Icon type="plus" />
+                  <PlusOutlined />
                   Add New App
                 </span>
               }
@@ -223,7 +233,7 @@ class Dashboard extends React.Component {
             </SubMenu>
             <Menu.Item key="2">
               <Link to="/publisher/manage">
-                <Icon type="control" />
+                <ControlOutlined />
                 Manage
               </Link>
             </Menu.Item>
@@ -238,7 +248,7 @@ class Dashboard extends React.Component {
             <SubMenu
               title={
                 <span className="submenu-title-wrapper">
-                  <Icon type="user" />
+                  <UserOutlined />
                 </span>
               }
             >
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppDetailsForm/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppDetailsForm/index.js
index 3be2c38fc6..4219e5fcd6 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppDetailsForm/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppDetailsForm/index.js
@@ -17,7 +17,9 @@
  */
 
 import React from 'react';
-import { Alert, Button, Col, Form, Input, Row, Select, Spin } from 'antd';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
+import { Alert, Button, Col, Input, Row, Select, Spin } from 'antd';
 import axios from 'axios';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
 import { handleApiError } from '../../../../../../../../services/utils/errorHandler';
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppUploadForm/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppUploadForm/index.js
index 1073adbd78..32368cb26a 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppUploadForm/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/components/NewAppUploadForm/index.js
@@ -17,11 +17,12 @@
  */
 
 import React from 'react';
+import { MinusOutlined, PlusOutlined, UploadOutlined } from '@ant-design/icons';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
 import {
   Button,
   Col,
-  Form,
-  Icon,
   Input,
   Row,
   Select,
@@ -280,7 +281,7 @@ class NewAppUploadForm extends React.Component {
     } = this.state;
     const uploadButton = (
       <div>
-        <Icon type="plus" />
+        <PlusOutlined />
         <div className="ant-upload-text">Select</div>
       </div>
     );
@@ -315,7 +316,7 @@ class NewAppUploadForm extends React.Component {
                     >
                       {binaryFiles.length !== 1 && (
                         <Button>
-                          <Icon type="upload" /> Click to upload
+                          <UploadOutlined /> Click to upload
                         </Button>
                       )}
                     </Upload>,
@@ -577,7 +578,7 @@ class NewAppUploadForm extends React.Component {
                               <Button
                                 type="dashed"
                                 shape="circle"
-                                icon="minus"
+                                icon={<MinusOutlined />}
                                 onClick={() => {
                                   metaData.splice(index, 1);
                                   this.setState({
@@ -592,7 +593,7 @@ class NewAppUploadForm extends React.Component {
                     })}
                     <Button
                       type="dashed"
-                      icon="plus"
+                      icon={<PlusOutlined />}
                       onClick={this.addNewMetaData}
                     >
                       Add
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/index.js
index 5fdbe3c5c0..b237a16360 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/components/AddNewAppForm/index.js
@@ -17,7 +17,9 @@
  */
 
 import React from 'react';
-import { Card, Button, Steps, Row, Col, Form, Result, Spin } from 'antd';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
+import { Card, Button, Steps, Row, Col, Result, Spin } from 'antd';
 import axios from 'axios';
 import { withRouter } from 'react-router-dom';
 import NewAppDetailsForm from './components/NewAppDetailsForm';
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Custom/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Custom/index.js
index 19c891a0fe..3a6fa9c24d 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Custom/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Custom/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { PageHeader, Typography, Breadcrumb, Icon, Result } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb, Result } from 'antd';
 import AddNewAppForm from '../../components/AddNewAppForm';
 import { Link } from 'react-router-dom';
 import Authorized from '../../../../../../components/Authorized/Authorized';
@@ -58,7 +59,7 @@ class AddNewCustomApp extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Add New Custom App</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Enterprise/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Enterprise/index.js
index 0e199439d8..38fd3e1341 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Enterprise/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Enterprise/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { PageHeader, Typography, Breadcrumb, Icon, Result } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb, Result } from 'antd';
 import AddNewAppForm from '../../components/AddNewAppForm';
 import { Link } from 'react-router-dom';
 import Authorized from '../../../../../../components/Authorized/Authorized';
@@ -52,7 +53,7 @@ class AddNewEnterpriseApp extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Add New Enterprise App</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Public/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Public/index.js
index 987da9a2ce..8860227d0d 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Public/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/Public/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Icon, PageHeader, Typography, Breadcrumb, Result } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb, Result } from 'antd';
 import AddNewAppForm from '../../components/AddNewAppForm';
 import { Link } from 'react-router-dom';
 import Authorized from '../../../../../../components/Authorized/Authorized';
@@ -59,7 +60,7 @@ class AddNewPublicApp extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Add New Public App</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/WebClip/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/WebClip/index.js
index c002c68756..5423c471eb 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/WebClip/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewApp/scenes/WebClip/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Icon, PageHeader, Typography, Breadcrumb, Result } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb, Result } from 'antd';
 import AddNewAppForm from '../../components/AddNewAppForm';
 import { Link } from 'react-router-dom';
 import Authorized from '../../../../../../components/Authorized/Authorized';
@@ -55,7 +56,7 @@ class AddNewEnterpriseApp extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Add New Web Clip</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/components/AddNewReleaseForm/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/components/AddNewReleaseForm/index.js
index d531c3c9bf..0ae2d7ae59 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/components/AddNewReleaseForm/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/components/AddNewReleaseForm/index.js
@@ -17,7 +17,9 @@
  */
 
 import React from 'react';
-import { Form, notification, Spin, Card, Row, Col } from 'antd';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
+import { notification, Spin, Card, Row, Col } from 'antd';
 import axios from 'axios';
 import { withRouter } from 'react-router-dom';
 import { withConfigContext } from '../../../../../../components/ConfigContext';
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/index.js
index fc335d8465..b15efedfd7 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/AddNewRelease/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Icon, PageHeader, Typography, Breadcrumb } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb } from 'antd';
 import AddNewReleaseForm from './components/AddNewReleaseForm';
 import { Link } from 'react-router-dom';
 
@@ -40,7 +41,7 @@ class AddNewRelease extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Add New Release</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
index 12c38e55b7..29d6756157 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
@@ -17,6 +17,7 @@
  */
 
 import React from 'react';
+import { Icon as LegacyIcon } from '@ant-design/compatible';
 import {
   Drawer,
   Select,
@@ -29,7 +30,6 @@ import {
   Button,
   Spin,
   message,
-  Icon,
   Card,
   Badge,
   Tooltip,
@@ -48,7 +48,11 @@ import ManagedConfigurationsIframe from './components/ManagedConfigurationsIfram
 import { handleApiError } from '../../../../../../../../../services/utils/errorHandler';
 import Authorized from '../../../../../../../../../components/Authorized/Authorized';
 import { isAuthorized } from '../../../../../../../../../services/utils/authorizationHandler';
-import { MoreOutlined } from '@ant-design/icons';
+import {
+  CheckCircleOutlined,
+  EditOutlined,
+  MoreOutlined,
+} from '@ant-design/icons';
 import DeleteApp from './components/DeleteApp';
 import RetireApp from './components/RetireApp';
 
@@ -58,7 +62,7 @@ const { Option } = Select;
 
 const IconText = ({ type, text }) => (
   <span>
-    <Icon type={type} style={{ marginRight: 8 }} />
+    <LegacyIcon type={type} style={{ marginRight: 8 }} />
     {text}
   </span>
 );
@@ -603,13 +607,12 @@ class AppDetailsDrawer extends React.Component {
                                       title="Published"
                                       count={
                                         <Tooltip title="Published">
-                                          <Icon
+                                          <CheckCircleOutlined
                                             style={{
                                               backgroundColor: '#52c41a',
                                               borderRadius: '50%',
                                               color: 'white',
                                             }}
-                                            type="check-circle"
                                           />
                                         </Tooltip>
                                       }
@@ -698,7 +701,7 @@ class AppDetailsDrawer extends React.Component {
                     }}
                     onClick={this.enableDescriptionEdit}
                   >
-                    <Icon type="edit" />
+                    <EditOutlined />
                   </Text>
                 )
               }
@@ -754,7 +757,7 @@ class AppDetailsDrawer extends React.Component {
                     }}
                     onClick={this.enableCategoriesEdit}
                   >
-                    <Icon type="edit" />
+                    <EditOutlined />
                   </Text>
                 )
               }
@@ -821,7 +824,7 @@ class AppDetailsDrawer extends React.Component {
                     }}
                     onClick={this.enableTagsEdit}
                   >
-                    <Icon type="edit" />
+                    <EditOutlined />
                   </Text>
                 )
               }
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
index 5010e23e20..f5d4adbd64 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
@@ -17,7 +17,9 @@
  */
 
 import React from 'react';
-import { Avatar, Table, Tag, Icon, Badge, Alert, Tooltip } from 'antd';
+import { CheckCircleOutlined } from '@ant-design/icons';
+import { Icon as LegacyIcon } from '@ant-design/compatible';
+import { Avatar, Table, Tag, Badge, Alert, Tooltip } from 'antd';
 import axios from 'axios';
 import pSBC from 'shade-blend-color';
 import './styles.css';
@@ -69,13 +71,12 @@ const columns = [
             }}
             count={
               <Tooltip title="Published">
-                <Icon
+                <CheckCircleOutlined
                   style={{
                     backgroundColor: '#52c41a',
                     borderRadius: '50%',
                     color: 'white',
                   }}
-                  type="check-circle"
                 />
               </Tooltip>
             }
@@ -147,7 +148,7 @@ const columns = [
       }
       return (
         <span style={{ fontSize: 20, color: color, textAlign: 'center' }}>
-          <Icon type={icon} theme={theme} />
+          <LegacyIcon type={icon} theme={theme} />
         </span>
       );
     },
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/Filters/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/Filters/index.js
index 8ddbb6e0c4..649f3f8dc6 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/Filters/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/Filters/index.js
@@ -17,16 +17,9 @@
  */
 
 import React from 'react';
-import {
-  Card,
-  Col,
-  Row,
-  Typography,
-  Divider,
-  Select,
-  Button,
-  Form,
-} from 'antd';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
+import { Card, Col, Row, Typography, Divider, Select, Button } from 'antd';
 import axios from 'axios';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
 import { handleApiError } from '../../../../../../../../services/utils/errorHandler';
@@ -196,7 +189,8 @@ class FiltersForm extends React.Component {
             permission="/permission/admin/app-mgt/publisher/application/update"
             yes={
               <div>
-                <Form.Item label="Categories">
+                <p>Categories:</p>
+                <Form.Item>
                   {getFieldDecorator('categories', {
                     rules: [
                       {
@@ -221,7 +215,8 @@ class FiltersForm extends React.Component {
                     </Select>,
                   )}
                 </Form.Item>
-                <Form.Item label="Tags">
+                <p>Tags:</p>
+                <Form.Item>
                   {getFieldDecorator('tags', {
                     rules: [
                       {
@@ -244,10 +239,11 @@ class FiltersForm extends React.Component {
               </div>
             }
           />
+          <p>Device Type:</p>
           <Authorized
             permission="/permission/admin/device-mgt/admin/device-type/view"
             yes={
-              <Form.Item label="Device Type">
+              <Form.Item>
                 {getFieldDecorator('deviceType', {
                   rules: [
                     {
@@ -271,7 +267,8 @@ class FiltersForm extends React.Component {
               </Form.Item>
             }
           />
-          <Form.Item label="App Type">
+          <p>App Type:</p>
+          <Form.Item>
             {getFieldDecorator('appType', {})(
               <Select style={{ width: '100%' }} placeholder="Select app type">
                 <Option value="ENTERPRISE">Enterprise</Option>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/DetailedRating/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/DetailedRating/index.js
index df83a5ab63..282c727665 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/DetailedRating/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/DetailedRating/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Row, Typography, Icon } from 'antd';
+import { TeamOutlined } from '@ant-design/icons';
+import { Row, Typography } from 'antd';
 import StarRatings from 'react-star-ratings';
 import './styles.css';
 import axios from 'axios';
@@ -118,7 +119,7 @@ class DetailedRating extends React.Component {
           />
           <br />
           <Text type="secondary" className="people-count">
-            <Icon type="team" /> {totalCount} total
+            <TeamOutlined /> {totalCount} total
           </Text>
         </div>
         <div className="bar-containers">
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/components/lifeCycleDetailsModal/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/components/lifeCycleDetailsModal/index.js
index b2683751bf..74797e8f23 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/components/lifeCycleDetailsModal/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/components/lifeCycleDetailsModal/index.js
@@ -17,6 +17,7 @@
  */
 
 import React from 'react';
+import { QuestionCircleOutlined } from '@ant-design/icons';
 import { Modal, Button, Tag, List, Typography } from 'antd';
 import pSBC from 'shade-blend-color';
 import { withConfigContext } from '../../../../../../../../../../components/ConfigContext';
@@ -47,7 +48,11 @@ class LifeCycleDetailsModal extends React.Component {
     const { lifecycle } = this.props;
     return (
       <div>
-        <Button size="small" icon="question-circle" onClick={this.showModal}>
+        <Button
+          size="small"
+          icon={<QuestionCircleOutlined />}
+          onClick={this.showModal}
+        >
           Learn more
         </Button>
         <Modal
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
index b5c3b3e035..5e49f8eec2 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
@@ -17,6 +17,7 @@
  */
 
 import React from 'react';
+import { Icon as LegacyIcon } from '@ant-design/compatible';
 import {
   Typography,
   Tag,
@@ -25,7 +26,6 @@ import {
   Modal,
   notification,
   Steps,
-  Icon,
   Alert,
   Tabs,
 } from 'antd';
@@ -239,7 +239,7 @@ class LifeCycle extends React.Component {
                 {lifecycleSteps.map((step, index) => (
                   <Step
                     key={index}
-                    icon={<Icon type={step.icon} />}
+                    icon={<LegacyIcon type={step.icon} />}
                     title={step.title}
                     disabled={current !== step.step}
                     description={
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/DeleteRelease/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/DeleteRelease/index.js
index 7076728097..9ea21c343c 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/DeleteRelease/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/DeleteRelease/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Modal, Button, Icon, notification } from 'antd';
+import { DeleteOutlined } from '@ant-design/icons';
+import { Modal, Button, notification } from 'antd';
 import axios from 'axios';
 import { handleApiError } from '../../../../../../../../../../services/utils/errorHandler';
 import { withConfigContext } from '../../../../../../../../../../components/ConfigContext';
@@ -77,7 +78,7 @@ class DeleteRelease extends React.Component {
           type="danger"
           onClick={this.showModal}
         >
-          <Icon type="delete" /> Delete
+          <DeleteOutlined /> Delete
         </Button>
       </>
     );
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/EditRelease/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/EditRelease/index.js
index 790513658f..9aac12affa 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/EditRelease/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/EditRelease/index.js
@@ -17,16 +17,22 @@
  */
 
 import React from 'react';
+import {
+  EditOutlined,
+  MinusOutlined,
+  PlusOutlined,
+  UploadOutlined,
+} from '@ant-design/icons';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
 import {
   Modal,
   Button,
-  Icon,
   notification,
   Spin,
   Tooltip,
   Upload,
   Input,
-  Form,
   Divider,
   Row,
   Col,
@@ -397,7 +403,7 @@ class EditReleaseModal extends React.Component {
     const config = this.props.context;
     const uploadButton = (
       <div>
-        <Icon type="plus" />
+        <PlusOutlined />
         <div className="ant-upload-text">Select</div>
       </div>
     );
@@ -417,7 +423,7 @@ class EditReleaseModal extends React.Component {
             type="primary"
             onClick={this.showModal}
           >
-            <Icon type="edit" /> Edit
+            <EditOutlined /> Edit
           </Button>
         </Tooltip>
         <Modal
@@ -450,7 +456,7 @@ class EditReleaseModal extends React.Component {
                       >
                         {binaryFiles.length !== 1 && (
                           <Button>
-                            <Icon type="upload" /> Change
+                            <UploadOutlined /> Change
                           </Button>
                         )}
                       </Upload>,
@@ -676,7 +682,7 @@ class EditReleaseModal extends React.Component {
                                 <Button
                                   type="dashed"
                                   shape="circle"
-                                  icon="minus"
+                                  icon={<MinusOutlined />}
                                   onClick={() => {
                                     metaData.splice(index, 1);
                                     this.setState({
@@ -691,7 +697,7 @@ class EditReleaseModal extends React.Component {
                       })}
                       <Button
                         type="dashed"
-                        icon="plus"
+                        icon={<PlusOutlined />}
                         onClick={this.addNewMetaData}
                       >
                         Add
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
index e416d0d8a4..87a4b17a18 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
@@ -17,16 +17,9 @@
  */
 
 import React from 'react';
-import {
-  Divider,
-  Row,
-  Col,
-  Typography,
-  Button,
-  Icon,
-  Tooltip,
-  Alert,
-} from 'antd';
+import { Icon as LegacyIcon } from '@ant-design/compatible';
+import { ShopOutlined } from '@ant-design/icons';
+import { Divider, Row, Col, Typography, Button, Tooltip, Alert } from 'antd';
 import StarRatings from 'react-star-ratings';
 import Reviews from './components/Reviews';
 import '../../../../../../../../App.css';
@@ -98,7 +91,7 @@ class ReleaseView extends React.Component {
               <br />
               <Text>Platform : </Text>
               <span style={{ fontSize: 20, color: color, textAlign: 'center' }}>
-                <Icon type={icon} theme={theme} />
+                <LegacyIcon type={icon} theme={theme} />
               </span>
               <Divider type="vertical" />
               <Text>Version : {release.version}</Text>
@@ -140,7 +133,7 @@ class ReleaseView extends React.Component {
                         style={{ float: 'right' }}
                         htmlType="button"
                         type="primary"
-                        icon="shop"
+                        icon={<ShopOutlined />}
                         disabled={!isAppInstallable}
                         onClick={() => {
                           window.open(
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Categories/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Categories/index.js
index 1251709cd1..0a0ebe0bb8 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Categories/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Categories/index.js
@@ -17,11 +17,11 @@
  */
 
 import React from 'react';
+import { DeleteOutlined, EditOutlined, PlusOutlined } from '@ant-design/icons';
 import {
   Card,
   Tag,
   message,
-  Icon,
   Input,
   notification,
   Divider,
@@ -157,11 +157,10 @@ class ManageCategories extends React.Component {
           <>
             <Divider type="vertical" />
             <Tooltip title="edit">
-              <Icon
+              <EditOutlined
                 onClick={() => {
                   this.openEditModal(categoryName);
                 }}
-                type="edit"
               />
             </Tooltip>
             <Divider type="vertical" />
@@ -182,7 +181,7 @@ class ManageCategories extends React.Component {
                 okText="Yes"
                 cancelText="No"
               >
-                <Icon type="delete" />
+                <DeleteOutlined />
               </Popconfirm>
             </Tooltip>
           </>
@@ -399,7 +398,7 @@ class ManageCategories extends React.Component {
                 {!isAddNewVisible && (
                   <div style={{ float: 'right' }}>
                     <Button
-                      icon="plus"
+                      icon={<PlusOutlined />}
                       // type="primary"
                       size="small"
                       onClick={() => {
@@ -456,7 +455,7 @@ class ManageCategories extends React.Component {
                         onClick={this.showInput}
                         style={{ background: '#fff', borderStyle: 'dashed' }}
                       >
-                        <Icon type="plus" /> New Category
+                        <PlusOutlined /> New Category
                       </Tag>
                     )}
                   </TweenOneGroup>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Tags/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Tags/index.js
index 7acd6f9049..8401b27e60 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Tags/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/components/Tags/index.js
@@ -17,11 +17,11 @@
  */
 
 import React from 'react';
+import { DeleteOutlined, EditOutlined, PlusOutlined } from '@ant-design/icons';
 import {
   Card,
   Tag,
   message,
-  Icon,
   Input,
   notification,
   Divider,
@@ -151,11 +151,10 @@ class ManageTags extends React.Component {
           <>
             <Divider type="vertical" />
             <Tooltip title="edit">
-              <Icon
+              <EditOutlined
                 onClick={() => {
                   this.openEditModal(tagName);
                 }}
-                type="edit"
               />
             </Tooltip>
             <Divider type="vertical" />
@@ -176,7 +175,7 @@ class ManageTags extends React.Component {
                 okText="Yes"
                 cancelText="No"
               >
-                <Icon type="delete" />
+                <DeleteOutlined />
               </Popconfirm>
             </Tooltip>
           </>
@@ -390,7 +389,7 @@ class ManageTags extends React.Component {
                 {!isAddNewVisible && (
                   <div style={{ float: 'right' }}>
                     <Button
-                      icon="plus"
+                      icon={<PlusOutlined />}
                       // type="primary"
                       size="small"
                       onClick={() => {
@@ -447,7 +446,7 @@ class ManageTags extends React.Component {
                         onClick={this.showInput}
                         style={{ background: '#fff', borderStyle: 'dashed' }}
                       >
-                        <Icon type="plus" /> New Tag
+                        <PlusOutlined /> New Tag
                       </Tag>
                     )}
                   </TweenOneGroup>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/index.js
index f0e4bc45af..6a8b8122cf 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { PageHeader, Typography, Breadcrumb, Row, Col, Icon } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Typography, Breadcrumb, Row, Col } from 'antd';
 import ManageCategories from './components/Categories';
 import ManageTags from './components/Tags';
 import { Link } from 'react-router-dom';
@@ -40,7 +41,7 @@ class Manage extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Manage</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/Pages/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/Pages/index.js
index f94ccbce13..33d67ef4ed 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/Pages/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/Pages/index.js
@@ -18,13 +18,13 @@
 
 import React from 'react';
 import axios from 'axios';
+import { DeleteOutlined, HomeOutlined } from '@ant-design/icons';
 import {
   Tag,
   notification,
   Table,
   Typography,
   Divider,
-  Icon,
   Popconfirm,
   Button,
 } from 'antd';
@@ -239,7 +239,7 @@ class Pages extends React.Component {
                 <Button
                   disabled={page.id === this.state.homePageId}
                   className="btn-warning"
-                  icon="home"
+                  icon={<HomeOutlined />}
                   type="link"
                   onClick={() => {
                     this.updateHomePage(page.id);
@@ -259,7 +259,7 @@ class Pages extends React.Component {
               >
                 <span className="action">
                   <Text type="danger">
-                    <Icon type="delete" /> delete
+                    <DeleteOutlined /> delete
                   </Text>
                 </span>
               </Popconfirm>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/SyncAndroidApps/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/SyncAndroidApps/index.js
index 85021dd964..3f681cb6fa 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/SyncAndroidApps/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/components/SyncAndroidApps/index.js
@@ -17,6 +17,7 @@
  */
 
 import React from 'react';
+import { SyncOutlined } from '@ant-design/icons';
 import { Button, notification } from 'antd';
 import axios from 'axios';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
@@ -69,7 +70,7 @@ class SyncAndroidApps extends React.Component {
           loading={loading}
           style={{ marginTop: 16 }}
           type="primary"
-          icon="sync"
+          icon={<SyncOutlined />}
         >
           Sync{loading && 'ing...'}
         </Button>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/index.js
index 09b57429e5..ffdf934e90 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { PageHeader, Breadcrumb, Divider, Icon, Result } from 'antd';
+import { HomeOutlined } from '@ant-design/icons';
+import { PageHeader, Breadcrumb, Divider, Result } from 'antd';
 import { Link } from 'react-router-dom';
 import SyncAndroidApps from './components/SyncAndroidApps';
 import { withConfigContext } from '../../../../../../components/ConfigContext';
@@ -41,7 +42,7 @@ class ManageAndroidEnterprise extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Manage</Breadcrumb.Item>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/components/AddAppsToClusterModal/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/components/AddAppsToClusterModal/index.js
index ad434d9cb7..5b9638142f 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/components/AddAppsToClusterModal/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/components/AddAppsToClusterModal/index.js
@@ -17,7 +17,8 @@
  */
 
 import React from 'react';
-import { Modal, Icon, Table, Avatar } from 'antd';
+import { PlusOutlined } from '@ant-design/icons';
+import { Modal, Table, Avatar } from 'antd';
 import '../../styles.css';
 import { withConfigContext } from '../../../../../../../../../../../../components/ConfigContext';
 
@@ -84,7 +85,7 @@ class AddAppsToClusterModal extends React.Component {
         <div className="btn-add-new-wrapper">
           <div className="btn-add-new">
             <button className="btn" onClick={this.showModal}>
-              <Icon style={{ position: 'relative' }} type="plus" />
+              <PlusOutlined style={{ position: 'relative' }} />
             </button>
           </div>
           <div className="title">Add app</div>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/index.js
index 1c82375207..adc1c47c59 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/components/Cluster/index.js
@@ -17,11 +17,18 @@
  */
 
 import React from 'react';
+import {
+  CaretDownOutlined,
+  CaretLeftFilled,
+  CaretRightFilled,
+  CaretUpOutlined,
+  CloseCircleFilled,
+  DeleteOutlined,
+} from '@ant-design/icons';
 import {
   Button,
   Col,
   Divider,
-  Icon,
   message,
   notification,
   Popconfirm,
@@ -304,7 +311,7 @@ class Cluster extends React.Component {
                   this.swapProduct(index, index - 1);
                 }}
               >
-                <Icon type="caret-left" theme="filled" />
+                <CaretLeftFilled />
               </button>
             )}
           </div>
@@ -324,7 +331,7 @@ class Cluster extends React.Component {
                   }}
                   className="btn btn-right"
                 >
-                  <Icon type="caret-right" theme="filled" />
+                  <CaretRightFilled />
                 </button>
               </div>
               <div className="delete-btn">
@@ -334,7 +341,7 @@ class Cluster extends React.Component {
                     this.removeProduct(index);
                   }}
                 >
-                  <Icon type="close-circle" theme="filled" />
+                  <CloseCircleFilled />
                 </button>
               </div>
             </>
@@ -363,7 +370,7 @@ class Cluster extends React.Component {
                   <Tooltip title="Move Up">
                     <Button
                       type="link"
-                      icon="caret-up"
+                      icon={<CaretUpOutlined />}
                       size="large"
                       onClick={() => {
                         this.props.swapClusters(index, index - 1);
@@ -374,7 +381,7 @@ class Cluster extends React.Component {
                   <Tooltip title="Move Down">
                     <Button
                       type="link"
-                      icon="caret-down"
+                      icon={<CaretDownOutlined />}
                       size="large"
                       onClick={() => {
                         this.props.swapClusters(index, index + 1);
@@ -391,7 +398,7 @@ class Cluster extends React.Component {
                     >
                       <Button
                         type="danger"
-                        icon="delete"
+                        icon={<DeleteOutlined />}
                         shape="circle"
                         htmlType="button"
                       />
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/index.js
index 066e17c6ad..c0d80db1de 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Manage/scenes/AndroidEnterprise/scenes/Page/index.js
@@ -17,12 +17,12 @@
  */
 
 import React from 'react';
+import { HomeOutlined, PlusOutlined } from '@ant-design/icons';
 import {
   PageHeader,
   Typography,
   Breadcrumb,
   Button,
-  Icon,
   Col,
   Row,
   notification,
@@ -326,7 +326,7 @@ class Page extends React.Component {
           <Breadcrumb style={{ paddingBottom: 16 }}>
             <Breadcrumb.Item>
               <Link to="/publisher/apps">
-                <Icon type="home" /> Home
+                <HomeOutlined /> Home
               </Link>
             </Breadcrumb.Item>
             <Breadcrumb.Item>Manage</Breadcrumb.Item>
@@ -406,7 +406,7 @@ class Page extends React.Component {
                       <Button
                         type="dashed"
                         shape="round"
-                        icon="plus"
+                        icon={<PlusOutlined />}
                         size="large"
                         onClick={() => {
                           this.toggleAddNewClusterVisibility(true);
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Login/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Login/index.js
index 8c6c619f43..95e8039c3b 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Login/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Login/index.js
@@ -17,12 +17,13 @@
  */
 
 import React from 'react';
+import { LockOutlined, UserOutlined } from '@ant-design/icons';
+import { Form } from '@ant-design/compatible';
+import '@ant-design/compatible/assets/index.css';
 import {
   Typography,
   Row,
   Col,
-  Form,
-  Icon,
   Input,
   Button,
   message,
@@ -156,7 +157,7 @@ class NormalLoginForm extends React.Component {
           })(
             <Input
               style={{ height: 32 }}
-              prefix={<Icon type="user" style={{ color: 'rgba(0,0,0,.25)' }} />}
+              prefix={<UserOutlined style={{ color: 'rgba(0,0,0,.25)' }} />}
               placeholder="Username"
             />,
           )}
@@ -167,7 +168,7 @@ class NormalLoginForm extends React.Component {
           })(
             <Input
               style={{ height: 32 }}
-              prefix={<Icon type="lock" style={{ color: 'rgba(0,0,0,.25)' }} />}
+              prefix={<LockOutlined style={{ color: 'rgba(0,0,0,.25)' }} />}
               type="password"
               placeholder="Password"
             />,

From 111e32e97d147ab3bbf6b647b3049bcbd62bfa04 Mon Sep 17 00:00:00 2001
From: anjula-sack <anjulashanaka@gmail.com>
Date: Fri, 3 Jul 2020 18:28:41 +0530
Subject: [PATCH 05/58] Change Legacy Icons to antd's v3 icons in APPM
 publisher

---
 .../react-app/.npmrc                          |  1 +
 .../react-app/package.json                    |  2 +
 .../react-app/public/conf/config.json         | 36 +++++-----
 .../react-app/src/scenes/Home/index.js        | 12 ++--
 .../ApssTable/AppDetailsDrawer/index.js       | 28 ++------
 .../AppList/components/ApssTable/index.js     |  6 +-
 .../Release/components/LifeCycle/index.js     | 66 +++++++++----------
 .../Reviews/components/Review/index.js        |  2 +-
 .../Release/components/ReleaseView/index.js   |  8 +--
 9 files changed, 72 insertions(+), 89 deletions(-)
 create mode 100644 components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/.npmrc

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/.npmrc b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/.npmrc
new file mode 100644
index 0000000000..f7425e8e44
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/.npmrc
@@ -0,0 +1 @@
+registry=http://nexus.entgra.io/repository/npm-group/
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
index 593c3c385d..49eae0fc0d 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/package.json
@@ -20,6 +20,7 @@
     "babel-eslint": "^9.0.0",
     "d3": "^5.9.7",
     "dagre": "^0.8.4",
+    "entgra-icons-react": "^1.0.0",
     "eslint": "^5.16.0",
     "eslint-plugin-import": "^2.18.2",
     "eslint-plugin-jsx-a11y": "^6.2.3",
@@ -59,6 +60,7 @@
     "chai": "^4.1.2",
     "cross-env": "^7.0.0",
     "css-loader": "^0.28.11",
+    "entgra-icons": "^1.4.0",
     "eslint": "^5.16.0",
     "eslint-config-prettier": "4.3.0",
     "eslint-plugin-babel": "5.3.0",
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/public/conf/config.json b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/public/conf/config.json
index 93174ff827..de1726ce39 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/public/conf/config.json
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/public/conf/config.json
@@ -18,73 +18,69 @@
   },
   "defaultPlatformIcons": {
     "default": {
-      "icon": "global",
-      "color": "#535c68",
-      "theme": "outlined"
+      "icon": "fw-globe",
+      "color": "#535c68"
     },
     "android": {
-      "icon": "android",
-      "color": "#7db343",
-      "theme": "filled"
+      "icon": "fw-android",
+      "color": "#7db343"
     },
     "ios": {
-      "icon": "apple",
-      "color": "#535c68",
-      "theme": "filled"
+      "icon": "fw-apple",
+      "color": "#535c68"
     },
     "windows": {
-      "icon": "windows",
-      "color": "#008cc4",
-      "theme": "filled"
+      "icon": "fw-windows",
+      "color": "#008cc4"
     }
   },
   "lifecycle": {
     "CREATED": {
       "title": "Created",
       "text": "The initial most state of an application.\n You can only proceed to one of the following states:",
-      "icon": "file-text",
+      "icon": "fw-document",
       "step": 0
     },
     "IN-REVIEW": {
       "title": "In-Review",
       "text": "In this state the application is being reviewed by approvers. You can move from this state to APPROVED state if it is approved by reviewers. Otherwise, you can move the application into either REJECTED state or CREATED state based on the feedback getting by reviewers.",
-      "icon": "audit",
+      "icon": "fw-throttling-policy",
       "step": 1
     },
     "APPROVED": {
       "title": "Approved",
       "text": "The approved state is a compulsory state prior to publishing the application.\n You can only proceed to one of the following states:",
-      "icon": "file-done",
+      "icon": "fw-check",
       "step": 2
     },
     "PUBLISHED": {
       "title": "Published",
       "text": "The state which is applied for applications which are qualified for your Corporate App Store. Only the applications of Published state can be installed to your corporate devices.\n You can only proceed to one of the following states:",
-      "icon": "global",
+      "icon": "fw-globe",
       "step": 3
     },
     "BLOCKED": {
       "title": "Blocked",
       "text": "This state allows you to block your application either to publish or deprecate at a future date.\n You can only proceed to one of the following states:",
-      "icon": "exception",
+      "icon": "fw-lock",
       "step": 4
     },
     "DEPRECATED": {
       "title": "Deprecated",
       "text": "The applications which are outdated and no longer suit your app store.\n You can only proceed to one of the following states:",
-      "icon": "file-excel",
+      "icon": "fw-warning",
       "step": 5
     },
     "REJECTED": {
       "title": "Rejected",
       "text": "The Approvers can reject an application due to a faulty of the app or not being in compliance with company policies.\n You can only proceed to one of the following states:",
-      "icon": "frown",
+      "icon": "fw-error",
       "step": 6
     },
     "RETIRED": {
       "title": "Retired",
       "text": "The final state of an application, where no transition of states will be allowed after this.",
-      "icon": "rest",
+      "icon": "fw-delete",
       "step": 7
     }
   },
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
index e585f75b5f..080ac912b6 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/index.js
@@ -25,9 +25,10 @@ import {
   PlusOutlined,
   SettingOutlined,
   UserOutlined,
+  MenuFoldOutlined,
+  MenuUnfoldOutlined,
 } from '@ant-design/icons';
 
-import { Icon as LegacyIcon } from '@ant-design/compatible';
 import { Layout, Menu, Drawer, Button } from 'antd';
 import { Switch, Link } from 'react-router-dom';
 import RouteWithSubRoutes from '../../components/RouteWithSubRoutes';
@@ -167,10 +168,11 @@ class Dashboard extends React.Component {
         <Layout className="mobile-layout">
           <div className="mobile-menu-button">
             <Button type="link" onClick={this.showMobileNavigationBar}>
-              <LegacyIcon
-                type={this.state.collapsed ? 'menu-fold' : 'menu-unfold'}
-                className="bar-icon"
-              />
+              {this.state.collapsed ? (
+                <MenuFoldOutlined />
+              ) : (
+                <MenuUnfoldOutlined />
+              )}
             </Button>
           </div>
         </Layout>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
index 29d6756157..32b5031d6a 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
@@ -17,7 +17,6 @@
  */
 
 import React from 'react';
-import { Icon as LegacyIcon } from '@ant-design/compatible';
 import {
   Drawer,
   Select,
@@ -52,6 +51,9 @@ import {
   CheckCircleOutlined,
   EditOutlined,
   MoreOutlined,
+  StarOutlined,
+  UploadOutlined,
+  CheckOutlined,
 } from '@ant-design/icons';
 import DeleteApp from './components/DeleteApp';
 import RetireApp from './components/RetireApp';
@@ -60,13 +62,6 @@ const { Meta } = Card;
 const { Text, Title } = Typography;
 const { Option } = Select;
 
-const IconText = ({ type, text }) => (
-  <span>
-    <LegacyIcon type={type} style={{ marginRight: 8 }} />
-    {text}
-  </span>
-);
-
 const modules = {
   toolbar: [
     ['bold', 'italic', 'underline', 'strike', 'blockquote'],
@@ -636,24 +631,15 @@ class AppDetailsDrawer extends React.Component {
                               description={
                                 <div
                                   style={{
-                                    fontSize: '0.7em',
+                                    fontSize: '0.8em',
                                   }}
                                   className="description-view"
                                 >
-                                  <IconText
-                                    type="check"
-                                    text={release.currentStatus}
-                                  />
+                                  <CheckOutlined /> {release.currentStatus}
                                   <Divider type="vertical" />
-                                  <IconText
-                                    type="upload"
-                                    text={release.releaseType}
-                                  />
+                                  <UploadOutlined /> {release.releaseType}
                                   <Divider type="vertical" />
-                                  <IconText
-                                    type="star-o"
-                                    text={release.rating.toFixed(1)}
-                                  />
+                                  <StarOutlined /> {release.rating.toFixed(1)}
                                 </div>
                               }
                             />
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
index f5d4adbd64..48fa42e395 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/index.js
@@ -18,7 +18,6 @@
 
 import React from 'react';
 import { CheckCircleOutlined } from '@ant-design/icons';
-import { Icon as LegacyIcon } from '@ant-design/compatible';
 import { Avatar, Table, Tag, Badge, Alert, Tooltip } from 'antd';
 import axios from 'axios';
 import pSBC from 'shade-blend-color';
@@ -26,6 +25,7 @@ import './styles.css';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
 import AppDetailsDrawer from './AppDetailsDrawer';
 import { handleApiError } from '../../../../../../../../services/utils/errorHandler';
+import { EntgraIcon } from 'entgra-icons-react';
 
 let config = null;
 
@@ -140,15 +140,13 @@ const columns = [
       const defaultPlatformIcons = config.defaultPlatformIcons;
       let icon = defaultPlatformIcons.default.icon;
       let color = defaultPlatformIcons.default.color;
-      let theme = defaultPlatformIcons.default.theme;
       if (defaultPlatformIcons.hasOwnProperty(platform)) {
         icon = defaultPlatformIcons[platform].icon;
         color = defaultPlatformIcons[platform].color;
-        theme = defaultPlatformIcons[platform].theme;
       }
       return (
         <span style={{ fontSize: 20, color: color, textAlign: 'center' }}>
-          <LegacyIcon type={icon} theme={theme} />
+          <EntgraIcon type={icon} />
         </span>
       );
     },
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
index 5e49f8eec2..4e715f0d87 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/LifeCycle/index.js
@@ -17,7 +17,6 @@
  */
 
 import React from 'react';
-import { Icon as LegacyIcon } from '@ant-design/compatible';
 import {
   Typography,
   Tag,
@@ -36,7 +35,7 @@ import './styles.css';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
 import { handleApiError } from '../../../../../../../../services/utils/errorHandler';
 import LifeCycleHistory from './components/LifeCycleHistory';
-
+import { EntgraIcon } from 'entgra-icons-react';
 const { Text, Title, Paragraph } = Typography;
 const { TabPane } = Tabs;
 
@@ -216,7 +215,6 @@ class LifeCycle extends React.Component {
     ) {
       proceedingStates = lifecycle[currentStatus].proceedingStates;
     }
-
     return (
       <div>
         <Title level={4}>Manage Lifecycle</Title>
@@ -236,36 +234,38 @@ class LifeCycle extends React.Component {
                 onChange={this.onChange}
                 size="small"
               >
-                {lifecycleSteps.map((step, index) => (
-                  <Step
-                    key={index}
-                    icon={<LegacyIcon type={step.icon} />}
-                    title={step.title}
-                    disabled={current !== step.step}
-                    description={
-                      current === step.step && (
-                        <div style={{ width: 400 }}>
-                          <p>{step.text}</p>
-                          {proceedingStates.map(lifecycleState => {
-                            return (
-                              <Button
-                                size={'small'}
-                                style={{ marginRight: 3 }}
-                                onClick={() =>
-                                  this.showReasonModal(lifecycleState)
-                                }
-                                key={lifecycleState}
-                                type={'primary'}
-                              >
-                                {lifecycleState}
-                              </Button>
-                            );
-                          })}
-                        </div>
-                      )
-                    }
-                  />
-                ))}
+                {lifecycleSteps.map((step, index) => {
+                  return (
+                    <Step
+                      key={index}
+                      icon={<EntgraIcon type={step.icon} />}
+                      title={step.title}
+                      disabled={current !== step.step}
+                      description={
+                        current === step.step && (
+                          <div style={{ width: 400 }}>
+                            <p>{step.text}</p>
+                            {proceedingStates.map(lifecycleState => {
+                              return (
+                                <Button
+                                  size={'small'}
+                                  style={{ marginRight: 3 }}
+                                  onClick={() =>
+                                    this.showReasonModal(lifecycleState)
+                                  }
+                                  key={lifecycleState}
+                                  type={'primary'}
+                                >
+                                  {lifecycleState}
+                                </Button>
+                              );
+                            })}
+                          </div>
+                        )
+                      }
+                    />
+                  );
+                })}
               </Steps>
             </div>
           </TabPane>
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/Reviews/components/Review/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/Reviews/components/Review/index.js
index 5573bfdd73..7dbd0139b7 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/Reviews/components/Review/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/components/Reviews/components/Review/index.js
@@ -63,7 +63,7 @@ class SingleReview extends React.Component {
     );
 
     return (
-      <div>
+      <div style={{ width: '100%' }}>
         <List.Item.Meta
           avatar={
             <Avatar
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
index 87a4b17a18..1a4e7a943b 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/scenes/Release/components/ReleaseView/index.js
@@ -17,7 +17,6 @@
  */
 
 import React from 'react';
-import { Icon as LegacyIcon } from '@ant-design/compatible';
 import { ShopOutlined } from '@ant-design/icons';
 import { Divider, Row, Col, Typography, Button, Tooltip, Alert } from 'antd';
 import StarRatings from 'react-star-ratings';
@@ -28,6 +27,7 @@ import EditRelease from './components/EditRelease';
 import { withConfigContext } from '../../../../../../../../components/ConfigContext';
 import Authorized from '../../../../../../../../components/Authorized/Authorized';
 import DeleteRelease from './components/DeleteRelease';
+import { EntgraIcon } from 'entgra-icons-react';
 
 const { Title, Text, Paragraph } = Typography;
 
@@ -57,12 +57,10 @@ class ReleaseView extends React.Component {
     const defaultPlatformIcons = config.defaultPlatformIcons;
     let icon = defaultPlatformIcons.default.icon;
     let color = defaultPlatformIcons.default.color;
-    let theme = defaultPlatformIcons.default.theme;
 
     if (defaultPlatformIcons.hasOwnProperty(platform)) {
       icon = defaultPlatformIcons[platform].icon;
       color = defaultPlatformIcons[platform].color;
-      theme = defaultPlatformIcons[platform].theme;
     }
     let metaData = [];
     try {
@@ -91,7 +89,7 @@ class ReleaseView extends React.Component {
               <br />
               <Text>Platform : </Text>
               <span style={{ fontSize: 20, color: color, textAlign: 'center' }}>
-                <LegacyIcon type={icon} theme={theme} />
+                <EntgraIcon type={icon} />
               </span>
               <Divider type="vertical" />
               <Text>Version : {release.version}</Text>
@@ -154,7 +152,7 @@ class ReleaseView extends React.Component {
             </Col>
           </Row>
           <Divider />
-          <Row className="release-images">
+          <Row className="release-images" style={{ flexFlow: 'nowrap' }}>
             {release.screenshots.map((screenshotUrl, index) => {
               return (
                 <div key={index} className="release-screenshot">

From b3278d010f52277d80b0d0368d0407bcdcbbf596 Mon Sep 17 00:00:00 2001
From: Kaveesha <mhkmihirangi@gmail.com>
Date: Tue, 7 Jul 2020 18:46:03 +0530
Subject: [PATCH 06/58] Update Item bean

---
 .../carbon/device/mgt/common/policy/mgt/ui/Item.java   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/policy/mgt/ui/Item.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/policy/mgt/ui/Item.java
index c7e678bf27..99ac1e397f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/policy/mgt/ui/Item.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/policy/mgt/ui/Item.java
@@ -44,6 +44,7 @@ public class Item {
     private Text text;
     private InputList inputList;
     private String nullableValue;
+    private String divider;
 
     @XmlElement(name = "Label")
     public String getLabel() {
@@ -197,4 +198,13 @@ public class Item {
     public void setNullableValue(String nullableValue) {
         this.nullableValue = nullableValue;
     }
+
+    @XmlElement(name = "Divider")
+    public String getDivider() {
+        return divider;
+    }
+
+    public void setDivider(String divider) {
+        this.divider = divider;
+    }
 }

From 3d38bd5570bfec28d7deb3831e3bf03683bd90fd Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Sat, 11 Jul 2020 21:19:00 +0530
Subject: [PATCH 07/58] Create default roles and assign permissions

When adding new tenant and if the server has configured to add default roles and assign permissions, this PR facilitates to achieve it.
---
 .../mgt/common/roles/config/DefaultRoles.java |  49 ++++++
 .../device/mgt/common/roles/config/Role.java  |  49 ++++++
 .../core/config/DeviceManagementConfig.java   |   8 +-
 .../DeviceManagementServiceComponent.java     |   5 +
 .../core/util/DeviceMgtTenantMgtListener.java | 148 ++++++++++++++++++
 .../src/main/resources/conf/cdm-config.xml    |  11 ++
 6 files changed, 269 insertions(+), 1 deletion(-)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/DefaultRoles.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/Role.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceMgtTenantMgtListener.java

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/DefaultRoles.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/DefaultRoles.java
new file mode 100644
index 0000000000..f70e2107c6
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/DefaultRoles.java
@@ -0,0 +1,49 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.common.roles.config;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlElementWrapper;
+import javax.xml.bind.annotation.XmlRootElement;
+import java.util.List;
+
+@XmlRootElement(name = "DefaultRoles")
+public class DefaultRoles {
+
+    private boolean enabled;
+    private List<Role> roles;
+
+    @XmlElement(name = "Enabled", required = true)
+    public boolean isEnabled() {
+        return enabled;
+    }
+
+    public void setEnabled(boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    @XmlElementWrapper(name = "Roles", required = true)
+    @XmlElement(name = "Role", required = true)
+    public List<Role> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(List<Role> roles) {
+        this.roles = roles;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/Role.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/Role.java
new file mode 100644
index 0000000000..f633b9b2d3
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/roles/config/Role.java
@@ -0,0 +1,49 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.common.roles.config;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlElementWrapper;
+import javax.xml.bind.annotation.XmlRootElement;
+import java.util.List;
+
+@XmlRootElement(name = "Role")
+public class Role {
+
+    private String name;
+    private List<String> permissions;
+
+    @XmlElement(name = "Name", required = true)
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    @XmlElementWrapper(name = "Permissions", required = true)
+    @XmlElement(name = "Permission", required = true)
+    public List<String> getPermissions() {
+        return permissions;
+    }
+
+    public void setPermissions(List<String> permissions) {
+        this.permissions = permissions;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/DeviceManagementConfig.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/DeviceManagementConfig.java
index 456de2f2d4..cf58967988 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/DeviceManagementConfig.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/DeviceManagementConfig.java
@@ -18,6 +18,7 @@
 package org.wso2.carbon.device.mgt.core.config;
 
 import org.wso2.carbon.device.mgt.common.enrollment.notification.EnrollmentNotificationConfiguration;
+import org.wso2.carbon.device.mgt.common.roles.config.DefaultRoles;
 import org.wso2.carbon.device.mgt.core.config.analytics.OperationAnalyticsConfiguration;
 import org.wso2.carbon.device.mgt.core.config.archival.ArchivalConfiguration;
 import org.wso2.carbon.device.mgt.core.config.cache.CertificateCacheConfiguration;
@@ -60,7 +61,7 @@ public final class DeviceManagementConfig {
     private RemoteSessionConfiguration remoteSessionConfiguration;
     private ArchivalConfiguration archivalConfiguration;
     private EnrollmentNotificationConfiguration enrollmentNotificationConfiguration;
-
+    private DefaultRoles defaultRoles;
 
     @XmlElement(name = "ManagementRepository", required = true)
     public DeviceManagementConfigRepository getDeviceManagementConfigRepository() {
@@ -215,5 +216,10 @@ public final class DeviceManagementConfig {
             EnrollmentNotificationConfiguration enrollmentNotificationConfiguration) {
         this.enrollmentNotificationConfiguration = enrollmentNotificationConfiguration;
     }
+
+    @XmlElement(name = "DefaultRoles", required = true)
+    public DefaultRoles getDefaultRoles() { return defaultRoles; }
+
+    public void setDefaultRoles(DefaultRoles defaultRoles) { this.defaultRoles = defaultRoles; }
 }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
index b8df6a0071..4158b972f7 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
@@ -72,9 +72,11 @@ import org.wso2.carbon.device.mgt.core.task.DeviceTaskManagerService;
 import org.wso2.carbon.device.mgt.core.config.ui.UIConfigurationManager;
 import org.wso2.carbon.device.mgt.core.util.DeviceManagementSchemaInitializer;
 import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
+import org.wso2.carbon.device.mgt.core.util.DeviceMgtTenantMgtListener;
 import org.wso2.carbon.email.sender.core.service.EmailSenderService;
 import org.wso2.carbon.ndatasource.core.DataSourceService;
 import org.wso2.carbon.registry.core.service.RegistryService;
+import org.wso2.carbon.stratos.common.listeners.TenantMgtListener;
 import org.wso2.carbon.user.core.service.RealmService;
 import org.wso2.carbon.utils.Axis2ConfigurationContextObserver;
 import org.wso2.carbon.utils.ConfigurationContextService;
@@ -245,6 +247,9 @@ public class DeviceManagementServiceComponent {
             componentContext.getBundleContext().registerService(PrivacyComplianceProvider.class.getName(),
                     privacyComplianceProvider, null);
 
+            componentContext.getBundleContext()
+                    .registerService(TenantMgtListener.class.getName(), new DeviceMgtTenantMgtListener(), null);
+
             if (log.isDebugEnabled()) {
                 log.debug("Device management core bundle has been successfully initialized");
             }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceMgtTenantMgtListener.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceMgtTenantMgtListener.java
new file mode 100644
index 0000000000..5e0e0cff93
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceMgtTenantMgtListener.java
@@ -0,0 +1,148 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.util;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
+import org.wso2.carbon.device.mgt.common.roles.config.Role;
+import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
+import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
+import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
+import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
+import org.wso2.carbon.registry.core.exceptions.RegistryException;
+import org.wso2.carbon.stratos.common.beans.TenantInfoBean;
+import org.wso2.carbon.stratos.common.listeners.TenantMgtListener;
+import org.wso2.carbon.user.api.Permission;
+import org.wso2.carbon.user.api.UserStoreException;
+import org.wso2.carbon.user.api.UserStoreManager;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class DeviceMgtTenantMgtListener implements TenantMgtListener {
+    private static final Log log = LogFactory.getLog(DeviceMgtTenantMgtListener.class);
+    private static final int EXEC_ORDER = 10;
+    private static final String PERMISSION_ACTION = "ui.execute";
+
+    @Override
+    public void onTenantCreate(TenantInfoBean tenantInfoBean) {
+        DeviceManagementConfig config = DeviceConfigurationManager.getInstance().getDeviceManagementConfig();
+        if (config.getDefaultRoles().isEnabled()) {
+            Map<String, List<Permission>> roleMap = getValidRoleMap(config);
+            try {
+                PrivilegedCarbonContext.startTenantFlow();
+                PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                        .setTenantDomain(tenantInfoBean.getTenantDomain(), true);
+                UserStoreManager userStoreManager = DeviceManagementDataHolder.getInstance().getRealmService()
+                        .getTenantUserRealm(tenantInfoBean.getTenantId()).getUserStoreManager();
+
+                roleMap.forEach((key, value) -> {
+                    try {
+                        userStoreManager.addRole(key, null, value.toArray(new Permission[0]));
+                    } catch (UserStoreException e) {
+                        log.error("Error occurred while adding default roles into user store.", e);
+                    }
+                });
+            } catch (UserStoreException e) {
+                log.error("Error occurred while getting user store manager.", e);
+            } finally {
+                PrivilegedCarbonContext.endTenantFlow();
+            }
+        }
+    }
+
+    @Override
+    public void onTenantUpdate(TenantInfoBean tenantInfoBean) {
+        // doing nothing
+    }
+
+    @Override
+    public void onTenantDelete(int i) {
+        // doing nothing
+    }
+
+    @Override
+    public void onTenantRename(int i, String s, String s1) {
+        // doing nothing
+    }
+
+    @Override
+    public void onTenantInitialActivation(int i) {
+        // doing nothing
+    }
+
+    @Override
+    public void onTenantActivation(int i) {
+        // doing nothing
+    }
+
+    @Override
+    public void onTenantDeactivation(int i) {
+        // doing nothing
+    }
+
+    @Override
+    public void onSubscriptionPlanChange(int i, String s, String s1) {
+        // doing nothing
+    }
+
+    @Override
+    public int getListenerOrder() {
+        return EXEC_ORDER;
+    }
+
+    @Override
+    public void onPreDelete(int i) {
+        // doing nothing
+    }
+
+    /**
+     * Use the default roles defined in the cdm-config and evaluate the defined permissions. If permissions does not
+     * exist then exclude them and return role map which contains defined roles in the cdm-config and existing
+     * permission list as a roleMap
+     * @param config cdm-config
+     * @return {@link Map} key is role name and value is list of permissions which needs to be assigned to the role
+     * defined in the key.
+     */
+    private Map<String, List<Permission>> getValidRoleMap(DeviceManagementConfig config) {
+        Map<String, List<Permission>> roleMap = new HashMap<>();
+        try {
+            for (Role role : config.getDefaultRoles().getRoles()) {
+                List<Permission> permissionList = new ArrayList<>();
+                for (String permissionPath : role.getPermissions()) {
+                    if (PermissionUtils.checkResourceExists(permissionPath)) {
+                        Permission permission = new Permission(permissionPath, PERMISSION_ACTION);
+
+                        permissionList.add(permission);
+                    } else {
+                        log.warn("Permission  " + permissionPath + " does not exist. Hence it will not add to role "
+                                + role.getName());
+                    }
+                }
+                roleMap.put(role.getName(), permissionList);
+            }
+        } catch (PermissionManagementException | RegistryException e) {
+            log.error("Error occurred while checking permission existence.", e);
+        }
+        return roleMap;
+    }
+}
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
index 925c5da5b4..bef658a615 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
@@ -159,5 +159,16 @@
         <ExtensionClass>org.wso2.carbon.device.mgt.common.enrollment.notification.EnrollmentNotifier</ExtensionClass>
         <NotifyingInternalHost>http://localhost:8280</NotifyingInternalHost>
     </EnrolmentNotificationConfiguration>
+    <DefaultRoles>
+        <Enabled>false</Enabled>
+        <Roles>
+            <Role>
+                <Name>test_role</Name>
+                <Permissions>
+                    <Permission>/permission/admin/Login</Permission>
+                </Permissions>
+            </Role>
+        </Roles>
+    </DefaultRoles>
 </DeviceMgtConfiguration>
 

From adc2f15893fb0190f5530e6ea541831098412977 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Sun, 12 Jul 2020 08:04:49 +0530
Subject: [PATCH 08/58] Update APPM lifecycle permissions

---
 .../src/main/resources/conf/application-mgt.xml  | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.server.feature/src/main/resources/conf/application-mgt.xml b/features/application-mgt/org.wso2.carbon.device.application.mgt.server.feature/src/main/resources/conf/application-mgt.xml
index d0d02a058a..aa48301903 100644
--- a/features/application-mgt/org.wso2.carbon.device.application.mgt.server.feature/src/main/resources/conf/application-mgt.xml
+++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.server.feature/src/main/resources/conf/application-mgt.xml
@@ -77,13 +77,13 @@
             <IsAppUpdatable>true</IsAppUpdatable>
             <IsInitialState>true</IsInitialState>
             <IsDeletableState>true</IsDeletableState>
-            <Permission>/app-mgt/life-cycle/application/create</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/create</Permission>
             <ProceedingStates>
                 <State>In-Review</State>
             </ProceedingStates>
         </LifecycleState>
         <LifecycleState name="In-Review">
-            <Permission>/app-mgt/life-cycle/application/review</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/review</Permission>
             <ProceedingStates>
                 <State>Rejected</State>
                 <State>Approved</State>
@@ -91,7 +91,7 @@
             </ProceedingStates>
         </LifecycleState>
         <LifecycleState name="Approved">
-            <Permission>/app-mgt/life-cycle/application/approve</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/approve</Permission>
             <ProceedingStates>
                 <State>In-Review</State>
                 <State>Published</State>
@@ -99,28 +99,28 @@
         </LifecycleState>
         <LifecycleState name="Rejected">
             <IsDeletableState>true</IsDeletableState>
-            <Permission>/app-mgt/life-cycle/application/reject</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/reject</Permission>
             <ProceedingStates>
                 <State>In-Review</State>
             </ProceedingStates>
         </LifecycleState>
         <LifecycleState name="Published">
             <IsAppInstallable>true</IsAppInstallable>
-            <Permission>/app-mgt/life-cycle/application/publish</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/publish</Permission>
             <ProceedingStates>
                 <State>Blocked</State>
                 <State>Deprecated</State>
             </ProceedingStates>
         </LifecycleState>
         <LifecycleState name="Blocked">
-            <Permission>/app-mgt/life-cycle/application/block</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/block</Permission>
             <ProceedingStates>
                 <State>Published</State>
                 <State>Deprecated</State>
             </ProceedingStates>
         </LifecycleState>
         <LifecycleState name="Deprecated">
-            <Permission>/app-mgt/life-cycle/application/deprecate</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/deprecate</Permission>
             <ProceedingStates>
                 <State>Published</State>
                 <State>Retired</State>
@@ -128,7 +128,7 @@
         </LifecycleState>
         <LifecycleState name="Retired">
             <IsEndState>true</IsEndState>
-            <Permission>/app-mgt/life-cycle/application/retire</Permission>
+            <Permission>/permission/admin/app-mgt/life-cycle/application/retire</Permission>
         </LifecycleState>
     </LifecycleStates>
 

From 211c1e326a5b4864b3ebe66ab9c6d61ff77b6d0c Mon Sep 17 00:00:00 2001
From: Charitha Goonetilleke <charitha@entgra.io>
Date: Tue, 14 Jul 2020 01:54:06 +0000
Subject: [PATCH 09/58] Fix incorrect instantiations of Provider Services

---
 .../provider/fcm/FCMNotificationStrategy.java |   5 +-
 .../DeviceManagementPluginRepository.java     |   3 +-
 .../impl/DeviceInformationManagerImpl.java    |   2 +-
 .../internal/DeviceManagementDataHolder.java  |  20 ++-
 .../DeviceManagementServiceComponent.java     |  13 +-
 .../DeviceManagementProviderServiceImpl.java  |  14 +-
 .../GroupManagementProviderServiceImpl.java   |  47 +++---
 .../DeviceManagementProviderServiceTest.java  |   2 +
 .../mgt/core/PolicyManagerServiceImpl.java    |   6 +-
 .../PolicyEnforcementDelegatorImpl.java       |  20 +--
 .../core/impl/PolicyInformationPointImpl.java |  29 ++--
 .../internal/PolicyManagementDataHolder.java  |  45 +++--
 .../PolicyManagementServiceComponent.java     |   6 +-
 .../mgt/core/mgt/impl/PolicyManagerImpl.java  | 154 ++++++++++--------
 .../policy/mgt/core/task/MonitoringTask.java  |   9 +-
 .../mgt/core/BasePolicyManagementDAOTest.java |   7 +
 .../policy/mgt/core/MonitoringTestCase.java   |   7 +
 .../policy/mgt/core/PolicyDAOTestCase.java    |   2 +
 .../mgt/core/PolicyEvaluationTestCase.java    |   2 +
 .../core/PolicyManagerServiceImplTest.java    |   1 +
 .../framework/WebappAuthenticationValve.java  |  33 +++-
 21 files changed, 255 insertions(+), 172 deletions(-)

diff --git a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm/src/main/java/org/wso2/carbon/device/mgt/extensions/push/notification/provider/fcm/FCMNotificationStrategy.java b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm/src/main/java/org/wso2/carbon/device/mgt/extensions/push/notification/provider/fcm/FCMNotificationStrategy.java
index 432ea0360f..989f4b093c 100644
--- a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm/src/main/java/org/wso2/carbon/device/mgt/extensions/push/notification/provider/fcm/FCMNotificationStrategy.java
+++ b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm/src/main/java/org/wso2/carbon/device/mgt/extensions/push/notification/provider/fcm/FCMNotificationStrategy.java
@@ -95,7 +95,7 @@ public class FCMNotificationStrategy implements NotificationStrategy {
         OutputStream os = null;
         byte[] bytes = getFCMRequest(message, getFCMToken(device.getProperties())).getBytes();
 
-        HttpURLConnection conn;
+        HttpURLConnection conn = null;
         try {
             conn = (HttpURLConnection) new URL(FCM_ENDPOINT).openConnection();
             conn.setRequestProperty("Content-Type", "application/json");
@@ -108,6 +108,9 @@ public class FCMNotificationStrategy implements NotificationStrategy {
             if (os != null) {
                 os.close();
             }
+            if (conn != null) {
+                conn.disconnect();
+            }
         }
         int status = conn.getResponseCode();
         if (log.isDebugEnabled()) {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java
index 462575a90a..0175493525 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java
@@ -270,8 +270,7 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
         return tenantProviders;
     }
 
-    private void registerPushNotificationStrategy(DeviceManagementService deviceManagementService)
-            throws DeviceManagementException {
+    private void registerPushNotificationStrategy(DeviceManagementService deviceManagementService) {
         PrivilegedCarbonContext.startTenantFlow();
         PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
                 deviceManagementService.getProvisioningConfig().getProviderTenantDomain(), true);
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
index 2b4756d0f5..2e791f733d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
@@ -66,7 +66,7 @@ import java.util.Map;
 public class DeviceInformationManagerImpl implements DeviceInformationManager {
 
     private final DeviceDetailsDAO deviceDetailsDAO;
-    private DeviceDAO deviceDAO;
+    private final DeviceDAO deviceDAO;
     private static final Log log = LogFactory.getLog(DeviceInformationManagerImpl.class);
     private static final String LOCATION_EVENT_STREAM_DEFINITION = "org.wso2.iot.LocationStream";
     private static final String DEVICE_INFO_EVENT_STREAM_DEFINITION = "org.wso2.iot.DeviceInfoStream";
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java
index 4f8cd365ab..e65ebe2fa4 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java
@@ -27,6 +27,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager;
 import org.wso2.carbon.device.mgt.common.spi.DeviceTypeGeneratorService;
 import org.wso2.carbon.device.mgt.core.app.mgt.config.AppManagementConfig;
 import org.wso2.carbon.device.mgt.core.config.license.LicenseConfig;
+import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManager;
 import org.wso2.carbon.device.mgt.core.dto.DeviceType;
 import org.wso2.carbon.device.mgt.core.dto.DeviceTypeServiceIdentifier;
 import org.wso2.carbon.device.mgt.core.privacy.PrivacyComplianceProvider;
@@ -48,10 +49,11 @@ import java.util.Map;
 
 public class DeviceManagementDataHolder {
 
-    private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
+    private static final DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
     private RealmService realmService;
     private TenantManager tenantManager;
     private DeviceManagementProviderService deviceManagerProvider;
+    private DeviceInformationManager deviceInformationManager;
     private LicenseManager licenseManager;
     private RegistryService registryService;
     private LicenseConfig licenseConfig;
@@ -59,7 +61,7 @@ public class DeviceManagementDataHolder {
     private AppManagementConfig appManagerConfig;
     private OperationManager operationManager;
     private ConfigurationContextService configurationContextService;
-    private HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
+    private final HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
     private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
     private GroupManagementProviderService groupManagementProviderService;
     private TaskService taskService;
@@ -69,10 +71,10 @@ public class DeviceManagementDataHolder {
     private DeviceStatusTaskManagerService deviceStatusTaskManagerService;
     private DeviceTypeGeneratorService deviceTypeGeneratorService;
     private PrivacyComplianceProvider privacyComplianceProvider;
-    private Map<DeviceType, DeviceStatusTaskPluginConfig> deviceStatusTaskPluginConfigs = Collections.synchronizedMap(
-            new HashMap<DeviceType, DeviceStatusTaskPluginConfig>());
+    private final Map<DeviceType, DeviceStatusTaskPluginConfig> deviceStatusTaskPluginConfigs = Collections.synchronizedMap(
+            new HashMap<>());
 
-    private Map<String, OperationMonitoringTaskConfig> map = new HashMap<>();
+    private final Map<String, OperationMonitoringTaskConfig> map = new HashMap<>();
 
     public Map<String, OperationMonitoringTaskConfig> getMap(){
         return this.map;
@@ -276,4 +278,12 @@ public class DeviceManagementDataHolder {
     public void setPrivacyComplianceProvider(PrivacyComplianceProvider privacyComplianceProvider) {
         this.privacyComplianceProvider = privacyComplianceProvider;
     }
+
+    public DeviceInformationManager getDeviceInformationManager() {
+        return deviceInformationManager;
+    }
+
+    public void setDeviceInformationManager(DeviceInformationManager deviceInformationManager) {
+        this.deviceInformationManager = deviceInformationManager;
+    }
 }
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
index b8df6a0071..edc388f202 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
@@ -133,10 +133,10 @@ import java.util.concurrent.TimeUnit;
 public class DeviceManagementServiceComponent {
 
     private static final Object LOCK = new Object();
-    private static Log log = LogFactory.getLog(DeviceManagementServiceComponent.class);
-    private static List<PluginInitializationListener> listeners = new ArrayList<>();
-    private static List<DeviceManagementService> deviceManagers = new ArrayList<>();
-    private static List<DeviceManagerStartupListener> startupListeners = new ArrayList<>();
+    private static final Log log = LogFactory.getLog(DeviceManagementServiceComponent.class);
+    private static final List<PluginInitializationListener> listeners = new ArrayList<>();
+    private static final List<DeviceManagementService> deviceManagers = new ArrayList<>();
+    private static final List<DeviceManagerStartupListener> startupListeners = new ArrayList<>();
 
     public static void registerPluginInitializationListener(PluginInitializationListener listener) {
         synchronized (LOCK) {
@@ -340,7 +340,10 @@ public class DeviceManagementServiceComponent {
         PermissionManagerService permissionManagerService = PermissionManagerServiceImpl.getInstance();
         bundleContext.registerService(PermissionManagerService.class.getName(), permissionManagerService, null);
 
-        bundleContext.registerService(DeviceInformationManager.class, new DeviceInformationManagerImpl(), null);
+        DeviceInformationManager deviceInformationManager = new DeviceInformationManagerImpl();
+        bundleContext.registerService(DeviceInformationManager.class, deviceInformationManager, null);
+        DeviceManagementDataHolder.getInstance().setDeviceInformationManager(deviceInformationManager);
+
         bundleContext.registerService(SearchManagerService.class, new SearchManagerServiceImpl(), null);
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
index f89dbce3ad..1ad270361b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
@@ -63,7 +63,6 @@ import org.wso2.carbon.device.mgt.common.device.details.DeviceLocationHistorySna
 import org.wso2.carbon.device.mgt.common.enrollment.notification.EnrollmentNotificationConfiguration;
 import org.wso2.carbon.device.mgt.common.enrollment.notification.EnrollmentNotifier;
 import org.wso2.carbon.device.mgt.common.enrollment.notification.EnrollmentNotifierException;
-import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceTypeNotFoundException;
@@ -103,7 +102,6 @@ import org.wso2.carbon.device.mgt.core.dao.EnrollmentDAO;
 import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceDetailsMgtException;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManager;
-import org.wso2.carbon.device.mgt.core.device.details.mgt.impl.DeviceInformationManagerImpl;
 import org.wso2.carbon.device.mgt.core.dto.DeviceType;
 import org.wso2.carbon.device.mgt.core.dto.DeviceTypeServiceIdentifier;
 import org.wso2.carbon.device.mgt.core.dto.DeviceTypeVersion;
@@ -149,7 +147,6 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
 
     private static final String OPERATION_RESPONSE_EVENT_STREAM_DEFINITION = "org.wso2.iot.OperationResponseStream";
     private final DeviceManagementPluginRepository pluginRepository;
-    private final DeviceInformationManager deviceInformationManager;
     private final DeviceDAO deviceDAO;
     private final DeviceTypeDAO deviceTypeDAO;
     private final EnrollmentDAO enrollmentDAO;
@@ -157,8 +154,6 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
 
     public DeviceManagementProviderServiceImpl() {
         this.pluginRepository = new DeviceManagementPluginRepository();
-        this.deviceInformationManager = new DeviceInformationManagerImpl();
-
         this.deviceDAO = DeviceManagementDAOFactory.getDeviceDAO();
         this.applicationDAO = DeviceManagementDAOFactory.getApplicationDAO();
         this.deviceTypeDAO = DeviceManagementDAOFactory.getDeviceTypeDAO();
@@ -399,6 +394,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
         extractDeviceLocationToUpdate(device);
         try {
             if (device.getDeviceInfo() != null) {
+                DeviceInformationManager deviceInformationManager = DeviceManagementDataHolder
+                        .getInstance().getDeviceInformationManager();
                 deviceInformationManager.addDeviceInfo(device, device.getDeviceInfo());
             }
         } catch (DeviceDetailsMgtException e) {
@@ -2838,7 +2835,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
         if (log.isDebugEnabled()) {
             log.debug("Add device:" + deviceIdentifier.getId() + " to default group");
         }
-        GroupManagementProviderService groupManagementProviderService = new GroupManagementProviderServiceImpl();
+        GroupManagementProviderService groupManagementProviderService = DeviceManagementDataHolder
+                .getInstance().getGroupManagementProviderService();
         try {
             DeviceGroup defaultGroup = createDefaultGroup(groupManagementProviderService, ownership.toString());
             if (defaultGroup != null) {
@@ -3103,6 +3101,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
         }
         DeviceInfo info;
         try {
+            DeviceInformationManager deviceInformationManager = DeviceManagementDataHolder
+                    .getInstance().getDeviceInformationManager();
             info = deviceInformationManager.getDeviceInfo(device);
         } catch (DeviceDetailsMgtException e) {
             String msg = "Error occurred while retrieving advance info of '" + device.getType() +
@@ -3402,6 +3402,8 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
      * @param device Device object
      */
     private void extractDeviceLocationToUpdate(Device device) {
+        DeviceInformationManager deviceInformationManager = DeviceManagementDataHolder
+                .getInstance().getDeviceInformationManager();
         List<Device.Property> properties = device.getProperties();
         if (properties != null) {
             String latitude = null;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/GroupManagementProviderServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/GroupManagementProviderServiceImpl.java
index 0fc3e978c9..740f6afd61 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/GroupManagementProviderServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/GroupManagementProviderServiceImpl.java
@@ -55,10 +55,10 @@ import java.util.Map;
 
 public class GroupManagementProviderServiceImpl implements GroupManagementProviderService {
 
-    private static Log log = LogFactory.getLog(GroupManagementProviderServiceImpl.class);
+    private static final Log log = LogFactory.getLog(GroupManagementProviderServiceImpl.class);
 
-    private GroupDAO groupDAO;
-    private DeviceDAO deviceDAO;
+    private final GroupDAO groupDAO;
+    private final DeviceDAO deviceDAO;
 
     /**
      * Set groupDAO from GroupManagementDAOFactory when class instantiate.
@@ -912,9 +912,21 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
             log.debug("Get groups of device " + deviceIdentifier.getId());
         }
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
-        DeviceManagementProviderService managementProviderService = new DeviceManagementProviderServiceImpl();
+        DeviceManagementProviderService managementProviderService = DeviceManagementDataHolder
+                .getInstance().getDeviceManagementProvider();
+        Device device;
+        try {
+            device = managementProviderService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            String msg = "Error occurred while retrieving device groups.";
+            log.error(msg, e);
+            throw new GroupManagementException(msg, e);
+        }
+        return getDeviceGroups(requireGroupProps, tenantId, device);
+    }
+
+    private List<DeviceGroup> getDeviceGroups(boolean requireGroupProps, int tenantId, Device device) throws GroupManagementException {
         try {
-            Device device = managementProviderService.getDevice(deviceIdentifier, false);
             GroupManagementDAOFactory.openConnection();
             List<DeviceGroup> deviceGroups = groupDAO.getGroups(device.getId(), tenantId);
             if (requireGroupProps) {
@@ -925,7 +937,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
                 }
             }
             return deviceGroups;
-        } catch (DeviceManagementException | GroupManagementDAOException | SQLException e) {
+        } catch (GroupManagementDAOException | SQLException e) {
             String msg = "Error occurred while retrieving device groups.";
             log.error(msg, e);
             throw new GroupManagementException(msg, e);
@@ -950,28 +962,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
             log.debug("Get groups of device " + device.getDeviceIdentifier());
         }
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
-        try {
-            GroupManagementDAOFactory.openConnection();
-            List<DeviceGroup> deviceGroups = groupDAO.getGroups(device.getId(), tenantId);
-            if (requireGroupProps) {
-                if (deviceGroups != null && !deviceGroups.isEmpty()) {
-                    for (DeviceGroup group : deviceGroups) {
-                        populateGroupProperties(group, tenantId);
-                    }
-                }
-            }
-            return deviceGroups;
-        } catch (GroupManagementDAOException | SQLException e) {
-            String msg = "Error occurred while retrieving device groups.";
-            log.error(msg, e);
-            throw new GroupManagementException(msg, e);
-        } catch (Exception e) {
-            String msg = "Error occurred in getGroups";
-            log.error(msg, e);
-            throw new GroupManagementException(msg, e);
-        } finally {
-            GroupManagementDAOFactory.closeConnection();
-        }
+        return getDeviceGroups(requireGroupProps, tenantId, device);
     }
 
     /**
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceTest.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceTest.java
index 619ded45e9..80183bbcff 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceTest.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceTest.java
@@ -77,6 +77,7 @@ import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
 import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.dao.DeviceDetailsDAO;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.dao.DeviceDetailsMgtDAOException;
+import org.wso2.carbon.device.mgt.core.device.details.mgt.impl.DeviceInformationManagerImpl;
 import org.wso2.carbon.device.mgt.core.dto.DeviceType;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
@@ -124,6 +125,7 @@ public class DeviceManagementProviderServiceTest extends BaseDeviceManagementTes
         DeviceManagementDataHolder.getInstance().setRegistryService(getRegistryService());
         DeviceManagementDataHolder.getInstance().setDeviceAccessAuthorizationService(new DeviceAccessAuthorizationServiceImpl());
         DeviceManagementDataHolder.getInstance().setGroupManagementProviderService(new GroupManagementProviderServiceImpl());
+        DeviceManagementDataHolder.getInstance().setDeviceInformationManager(new DeviceInformationManagerImpl());
         DeviceManagementDataHolder.getInstance().setDeviceTaskManagerService(null);
         deviceMgtService.registerDeviceType(new TestDeviceManagementService(DEVICE_TYPE,
                 MultitenantConstants.SUPER_TENANT_DOMAIN_NAME));
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImpl.java
index f7ca96c02e..813e7015c4 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImpl.java
@@ -69,9 +69,9 @@ public class PolicyManagerServiceImpl implements PolicyManagerService {
 
     private static final Log log = LogFactory.getLog(PolicyManagerServiceImpl.class);
 
-    PolicyAdministratorPoint policyAdministratorPoint;
-    MonitoringManager monitoringManager;
-    private PolicyManager policyManager;
+    private final PolicyAdministratorPoint policyAdministratorPoint;
+    private final MonitoringManager monitoringManager;
+    private final PolicyManager policyManager;
 
     public PolicyManagerServiceImpl() {
         policyAdministratorPoint = new PolicyAdministratorPointImpl();
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/enforcement/PolicyEnforcementDelegatorImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/enforcement/PolicyEnforcementDelegatorImpl.java
index 9bf9c6023a..12ce24e824 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/enforcement/PolicyEnforcementDelegatorImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/enforcement/PolicyEnforcementDelegatorImpl.java
@@ -41,15 +41,14 @@ import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.exceptions.InvalidDeviceException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
+import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
 import org.wso2.carbon.device.mgt.core.operation.mgt.CommandOperation;
 import org.wso2.carbon.device.mgt.core.operation.mgt.OperationMgtConstants;
-import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
 import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
 import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
 import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.policy.mgt.common.PolicyTransformException;
 import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
-import org.wso2.carbon.policy.mgt.core.PolicyManagerServiceImpl;
 import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
 import org.wso2.carbon.policy.mgt.core.util.PolicyManagerUtil;
 
@@ -60,8 +59,8 @@ public class PolicyEnforcementDelegatorImpl implements PolicyEnforcementDelegato
 
     private static final Log log = LogFactory.getLog(PolicyEnforcementDelegatorImpl.class);
 
-    private List<Device> devices;
-    private List<Integer> updatedPolicyIds;
+    private final List<Device> devices;
+    private final List<Integer> updatedPolicyIds;
 
     public PolicyEnforcementDelegatorImpl(List<Device> devices, List<Integer> updatedPolicyIds) {
 
@@ -75,7 +74,6 @@ public class PolicyEnforcementDelegatorImpl implements PolicyEnforcementDelegato
         }
         this.devices = devices;
         this.updatedPolicyIds = updatedPolicyIds;
-
     }
 
     @Override
@@ -111,7 +109,8 @@ public class PolicyEnforcementDelegatorImpl implements PolicyEnforcementDelegato
     @Override
     public Policy getEffectivePolicy(DeviceIdentifier identifier) throws PolicyDelegationException {
         try {
-            PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
+            PolicyManagerService policyManagerService = PolicyManagementDataHolder.getInstance()
+                    .getPolicyManagerService();
             PolicyAdministratorPoint policyAdministratorPoint;
 
             Policy policy = policyManagerService.getPEP().getEffectivePolicy(identifier);
@@ -124,11 +123,7 @@ public class PolicyEnforcementDelegatorImpl implements PolicyEnforcementDelegato
             }
             return policy;
             //return PolicyManagementDataHolder.getInstance().getPolicyEvaluationPoint().getEffectivePolicy(identifier);
-        } catch (PolicyEvaluationException e) {
-            String msg = "Error occurred while retrieving the effective policy for devices.";
-            log.error(msg, e);
-            throw new PolicyDelegationException(msg, e);
-        } catch (PolicyManagementException e) {
+        } catch (PolicyEvaluationException | PolicyManagementException e) {
             String msg = "Error occurred while retrieving the effective policy for devices.";
             log.error(msg, e);
             throw new PolicyDelegationException(msg, e);
@@ -199,7 +194,8 @@ public class PolicyEnforcementDelegatorImpl implements PolicyEnforcementDelegato
      */
     public Policy getAppliedPolicyToDevice(Device device) throws PolicyDelegationException {
         try {
-            PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
+            PolicyManagerService policyManagerService = PolicyManagementDataHolder.getInstance()
+                    .getPolicyManagerService();
             return policyManagerService.getAppliedPolicyToDevice(device);
         } catch (PolicyManagementException e) {
             String msg = "Error occurred while retrieving the applied policy for devices.";
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyInformationPointImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyInformationPointImpl.java
index 498ccc82f4..1c08b1d5a8 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyInformationPointImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyInformationPointImpl.java
@@ -40,17 +40,19 @@ import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.device.mgt.common.Device;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
+import org.wso2.carbon.device.mgt.common.Feature;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
 import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
 import org.wso2.carbon.device.mgt.core.dto.DeviceType;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
-import org.wso2.carbon.device.mgt.common.Feature;
-import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
-import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderServiceImpl;
-import org.wso2.carbon.policy.mgt.common.*;
+import org.wso2.carbon.policy.mgt.common.FeatureManagementException;
+import org.wso2.carbon.policy.mgt.common.PIPDevice;
+import org.wso2.carbon.policy.mgt.common.PolicyFilter;
+import org.wso2.carbon.policy.mgt.common.PolicyInformationPoint;
+import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
 import org.wso2.carbon.policy.mgt.core.mgt.FeatureManager;
 import org.wso2.carbon.policy.mgt.core.mgt.PolicyManager;
@@ -68,9 +70,9 @@ public class PolicyInformationPointImpl implements PolicyInformationPoint {
 
     private static final Log log = LogFactory.getLog(PolicyInformationPointImpl.class);
 
-    PolicyManager policyManager;
-    FeatureManager featureManager;
-    DeviceManagementProviderService deviceManagementService;
+    private final PolicyManager policyManager;
+    private final FeatureManager featureManager;
+    private final DeviceManagementProviderService deviceManagementService;
 
     public PolicyInformationPointImpl() {
         deviceManagementService =
@@ -85,8 +87,8 @@ public class PolicyInformationPointImpl implements PolicyInformationPoint {
         Device device;
         DeviceType deviceType = new DeviceType();
         deviceType.setName(deviceIdentifier.getType());
-        DeviceManagementProviderService deviceManagementService = new DeviceManagementProviderServiceImpl();
-        GroupManagementProviderService groupManagementProviderService = new GroupManagementProviderServiceImpl();
+        GroupManagementProviderService groupManagementProviderService = PolicyManagementDataHolder
+                .getInstance().getGroupManagementService();
 
         try {
             device = deviceManagementService.getDevice(deviceIdentifier, false);
@@ -184,11 +186,10 @@ public class PolicyInformationPointImpl implements PolicyInformationPoint {
         }
     }
 
-
     private List<Policy> removeDuplicatePolicies(List<List<Policy>> policies) {
 
-        Map<Integer, Policy> map = new HashMap<Integer, Policy>();
-        List<Policy> finalPolicies = new ArrayList<Policy>();
+        Map<Integer, Policy> map = new HashMap<>();
+        List<Policy> finalPolicies = new ArrayList<>();
         for (List<Policy> policyList : policies) {
             for (Policy policy : policyList) {
                 if (!map.containsKey(policy.getId())) {
@@ -200,8 +201,4 @@ public class PolicyInformationPointImpl implements PolicyInformationPoint {
         return finalPolicies;
     }
 
-    private DeviceManagementProviderService getDeviceManagementService() {
-        return new DeviceManagementProviderServiceImpl();
-    }
-
 }
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementDataHolder.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementDataHolder.java
index 15b394442d..4842565861 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementDataHolder.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementDataHolder.java
@@ -18,16 +18,18 @@
 
 package org.wso2.carbon.policy.mgt.core.internal;
 
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
 import org.wso2.carbon.device.mgt.core.config.policy.PolicyConfiguration;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
+import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
 import org.wso2.carbon.ntask.core.service.TaskService;
 import org.wso2.carbon.policy.mgt.common.PolicyEvaluationPoint;
 import org.wso2.carbon.policy.mgt.common.PolicyInformationPoint;
+import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
 import org.wso2.carbon.policy.mgt.core.mgt.MonitoringManager;
 import org.wso2.carbon.policy.mgt.core.mgt.PolicyManager;
 import org.wso2.carbon.user.core.service.RealmService;
-import org.wso2.carbon.user.core.tenant.TenantManager;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -35,16 +37,16 @@ import java.util.Map;
 public class PolicyManagementDataHolder {
 
     private RealmService realmService;
-    private TenantManager tenantManager;
-    private PolicyEvaluationPoint policyEvaluationPoint;
-    private Map<String, PolicyEvaluationPoint> policyEvaluationPoints = new HashMap<>();
+    private final Map<String, PolicyEvaluationPoint> policyEvaluationPoints = new HashMap<>();
     private PolicyInformationPoint policyInformationPoint;
     private DeviceManagementProviderService deviceManagementService;
+    private GroupManagementProviderService groupManagementService;
+    private PolicyManagerService policyManagerService;
     private MonitoringManager monitoringManager;
     private PolicyManager policyManager;
     private TaskService taskService;
 
-    private static PolicyManagementDataHolder thisInstance = new PolicyManagementDataHolder();
+    private static final PolicyManagementDataHolder thisInstance = new PolicyManagementDataHolder();
 
     private PolicyManagementDataHolder() {}
 
@@ -74,18 +76,6 @@ public class PolicyManagementDataHolder {
 
     public void setRealmService(RealmService realmService) {
         this.realmService = realmService;
-        this.setTenantManager(realmService);
-    }
-
-    private void setTenantManager(RealmService realmService) {
-        if (realmService == null) {
-            throw new IllegalStateException("Realm service is not initialized properly");
-        }
-        this.tenantManager = realmService.getTenantManager();
-    }
-
-    public TenantManager getTenantManager() {
-        return tenantManager;
     }
 
     public PolicyEvaluationPoint getPolicyEvaluationPoint() {
@@ -127,4 +117,25 @@ public class PolicyManagementDataHolder {
     public void setTaskService(TaskService taskService) {
         this.taskService = taskService;
     }
+
+    public synchronized GroupManagementProviderService getGroupManagementService() {
+        if (groupManagementService == null) {
+            PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            groupManagementService = (GroupManagementProviderService)
+                    ctx.getOSGiService(GroupManagementProviderService.class, null);
+            if (groupManagementService == null) {
+                String msg = "GroupImpl Management service has not initialized.";
+                throw new IllegalStateException(msg);
+            }
+        }
+        return groupManagementService;
+    }
+
+    public PolicyManagerService getPolicyManagerService() {
+        return policyManagerService;
+    }
+
+    public void setPolicyManagerService(PolicyManagerService policyManagerService) {
+        this.policyManagerService = policyManagerService;
+    }
 }
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementServiceComponent.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementServiceComponent.java
index 7d14db6972..8c5819a2f1 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementServiceComponent.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/internal/PolicyManagementServiceComponent.java
@@ -67,7 +67,7 @@ import org.wso2.carbon.user.core.service.RealmService;
 @SuppressWarnings("unused")
 public class PolicyManagementServiceComponent {
 
-    private static Log log = LogFactory.getLog(PolicyManagementServiceComponent.class);
+    private static final Log log = LogFactory.getLog(PolicyManagementServiceComponent.class);
 
     protected void activate(ComponentContext componentContext) {
 
@@ -77,8 +77,10 @@ public class PolicyManagementServiceComponent {
             DataSourceConfig dsConfig = config.getPolicyManagementRepository().getDataSourceConfig();
             PolicyManagementDAOFactory.init(dsConfig);
 
+            PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
             componentContext.getBundleContext().registerService(
-                    PolicyManagerService.class.getName(), new PolicyManagerServiceImpl(), null);
+                    PolicyManagerService.class.getName(), policyManagerService, null);
+            PolicyManagementDataHolder.getInstance().setPolicyManagerService(policyManagerService);
 
             PolicyConfiguration policyConfiguration =
                     DeviceConfigurationManager.getInstance().getDeviceManagementConfig().getPolicyConfiguration();
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
index afa35e106d..c8737f1468 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
@@ -56,9 +56,7 @@ import org.wso2.carbon.device.mgt.core.config.policy.PolicyConfiguration;
 import org.wso2.carbon.device.mgt.core.operation.mgt.CommandOperation;
 import org.wso2.carbon.device.mgt.core.operation.mgt.OperationMgtConstants;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
-import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
-import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderServiceImpl;
 import org.wso2.carbon.policy.mgt.common.*;
 import org.wso2.carbon.policy.mgt.core.cache.impl.PolicyCacheManagerImpl;
 import org.wso2.carbon.policy.mgt.core.dao.*;
@@ -74,12 +72,12 @@ import java.util.*;
 
 public class PolicyManagerImpl implements PolicyManager {
 
-    private PolicyDAO policyDAO;
-    private ProfileDAO profileDAO;
-    private FeatureDAO featureDAO;
-    private ProfileManager profileManager;
-    private PolicyConfiguration policyConfiguration;
-    private static Log log = LogFactory.getLog(PolicyManagerImpl.class);
+    private final PolicyDAO policyDAO;
+    private final ProfileDAO profileDAO;
+    private final FeatureDAO featureDAO;
+    private final ProfileManager profileManager;
+    private final PolicyConfiguration policyConfiguration;
+    private static final Log log = LogFactory.getLog(PolicyManagerImpl.class);
 
     public PolicyManagerImpl() {
         this.policyDAO = PolicyManagementDAOFactory.getPolicyDAO();
@@ -495,10 +493,11 @@ public class PolicyManagerImpl implements PolicyManager {
                                     Policy policy) throws PolicyManagementException {
 
         List<Device> deviceList = new ArrayList<>();
-        DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
         for (DeviceIdentifier deviceIdentifier : deviceIdentifierList) {
             try {
-                Device device = service.getDevice(deviceIdentifier, false);
+                Device device = deviceManagementService.getDevice(deviceIdentifier, false);
                 deviceList.add(device);
             } catch (DeviceManagementException e) {
                 throw new PolicyManagementException("Error occurred while retrieving device information", e);
@@ -732,19 +731,23 @@ public class PolicyManagerImpl implements PolicyManager {
 
         List<Integer> policyIdList;
         List<Policy> policies = new ArrayList<>();
+
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
         try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            throw new PolicyManagementException("Error occurred while getting device related to device identifier (" +
+                    deviceIdentifier.getId() + " - " + deviceIdentifier.getType() + ")", e);
+        }
 
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
-
+        try {
             PolicyManagementDAOFactory.openConnection();
             policyIdList = policyDAO.getPolicyIdsOfDevice(device);
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while getting the policies for device identifier (" +
                     deviceIdentifier.getId() + " - " + deviceIdentifier.getType() + ")", e);
-        } catch (DeviceManagementException e) {
-            throw new PolicyManagementException("Error occurred while getting device related to device identifier (" +
-                    deviceIdentifier.getId() + " - " + deviceIdentifier.getType() + ")", e);
         } catch (SQLException e) {
             throw new PolicyManagementException("Error occurred while open a data source connection", e);
         } finally {
@@ -814,7 +817,6 @@ public class PolicyManagerImpl implements PolicyManager {
         try {
             PolicyManagementDAOFactory.openConnection();
             policyIdList = policyDAO.getPolicyOfRole(roleName);
-
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while getting the policies.", e);
         } catch (SQLException e) {
@@ -882,9 +884,16 @@ public class PolicyManagerImpl implements PolicyManager {
 
         List<Device> deviceList = new ArrayList<>();
         List<Integer> deviceIds;
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        List<Device> allDevices;
+        try {
+            allDevices = deviceManagementService.getAllDevices();
+        } catch (DeviceManagementException e) {
+            throw new PolicyManagementException("Error occurred while getting the devices related to policy id (" +
+                    policyId + ")", e);
+        }
         try {
-            DeviceManagementProviderService service = PolicyManagementDataHolder.getInstance().getDeviceManagementService();
-            List<Device> allDevices = service.getAllDevices();
             PolicyManagementDAOFactory.openConnection();
             deviceIds = policyDAO.getPolicyAppliedDevicesIds(policyId);
             HashMap<Integer, Device> allDeviceMap = new HashMap<>();
@@ -906,9 +915,6 @@ public class PolicyManagerImpl implements PolicyManager {
                     policyId + ")", e);
         } catch (SQLException e) {
             throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
-        } catch (DeviceManagementException e) {
-            throw new PolicyManagementException("Error occurred while getting the devices related to policy id (" +
-                    policyId + ")", e);
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
@@ -918,12 +924,17 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     public void addAppliedPolicyFeaturesToDevice(DeviceIdentifier deviceIdentifier,
                                                  Policy policy) throws PolicyManagementException {
-        int deviceId = -1;
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
+        try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            throw new PolicyManagementException("Error occurred while getting the device details (" +
+                    deviceIdentifier.getId() + ")", e);
+        }
+        int deviceId = device.getId();
         try {
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
-            deviceId = device.getId();
-
             PolicyManagementDAOFactory.beginTransaction();
             boolean exist = policyDAO.checkPolicyAvailable(deviceId, device.getEnrolmentInfo().getId());
             if (exist) {
@@ -936,9 +947,6 @@ public class PolicyManagerImpl implements PolicyManager {
             PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while adding the evaluated policy to device (" +
                     deviceId + " - " + policy.getId() + ")", e);
-        } catch (DeviceManagementException e) {
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
@@ -997,12 +1005,18 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     public void addAppliedPolicyToDevice(DeviceIdentifier deviceIdentifier, Policy policy)
             throws PolicyManagementException {
-
-        int deviceId = -1;
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
+        try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            PolicyManagementDAOFactory.rollbackTransaction();
+            throw new PolicyManagementException("Error occurred while getting the device details (" +
+                    deviceIdentifier.getId() + ")", e);
+        }
+        int deviceId = device.getId();
         try {
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
-            deviceId = device.getId();
             PolicyManagementDAOFactory.beginTransaction();
 
             Policy policySaved = policyDAO.getAppliedPolicy(deviceId, device.getEnrolmentInfo().getId());
@@ -1016,10 +1030,6 @@ public class PolicyManagerImpl implements PolicyManager {
             PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while adding the evaluated policy to device (" +
                     deviceId + " - " + policy.getId() + ")", e);
-        } catch (DeviceManagementException e) {
-            PolicyManagementDAOFactory.rollbackTransaction();
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
@@ -1027,12 +1037,18 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public void removeAppliedPolicyToDevice(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
-
-        int deviceId = -1;
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
+        try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            PolicyManagementDAOFactory.rollbackTransaction();
+            throw new PolicyManagementException("Error occurred while getting the device details (" +
+                    deviceIdentifier.getId() + ")", e);
+        }
+        int deviceId = device.getId();
         try {
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
-            deviceId = device.getId();
             PolicyManagementDAOFactory.beginTransaction();
 
             Policy policySaved = policyDAO.getAppliedPolicy(deviceId, device.getEnrolmentInfo().getId());
@@ -1044,10 +1060,6 @@ public class PolicyManagerImpl implements PolicyManager {
             PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while removing the applied policy to device (" +
                     deviceId + ")", e);
-        } catch (DeviceManagementException e) {
-            PolicyManagementDAOFactory.rollbackTransaction();
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
@@ -1057,17 +1069,21 @@ public class PolicyManagerImpl implements PolicyManager {
     public boolean checkPolicyAvailable(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
 
         boolean exist;
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
+        try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            throw new PolicyManagementException("Error occurred while getting the device details (" +
+                    deviceIdentifier.getId() + ")", e);
+        }
         try {
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
             PolicyManagementDAOFactory.openConnection();
             exist = policyDAO.checkPolicyAvailable(device.getId(), device.getEnrolmentInfo().getId());
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while checking whether device has a policy " +
                     "to apply.", e);
-        } catch (DeviceManagementException e) {
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
         } catch (SQLException e) {
             throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
         } finally {
@@ -1078,19 +1094,24 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public boolean setPolicyApplied(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
-        try {
-            DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
-            Device device = service.getDevice(deviceIdentifier, false);
 
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
+        Device device;
+        try {
+            device = deviceManagementService.getDevice(deviceIdentifier, false);
+        } catch (DeviceManagementException e) {
+            throw new PolicyManagementException("Error occurred while getting the device details (" +
+                    deviceIdentifier.getId() + ")", e);
+        }
+
+        try {
             PolicyManagementDAOFactory.openConnection();
             policyDAO.setPolicyApplied(device.getId(), device.getEnrolmentInfo().getId());
             return true;
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while setting the policy has applied to device (" +
                     deviceIdentifier.getId() + ")", e);
-        } catch (DeviceManagementException e) {
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
         } catch (SQLException e) {
             throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
         } finally {
@@ -1115,10 +1136,11 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     @Deprecated
     public Policy getAppliedPolicyToDevice(DeviceIdentifier deviceId) throws PolicyManagementException {
-        DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
+        DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                .getInstance().getDeviceManagementService();
         Device device;
         try {
-            device = service.getDevice(deviceId, false);
+            device = deviceManagementService.getDevice(deviceId, false);
             if (device == null) {
                 if (log.isDebugEnabled()) {
                     log.debug("No device is found upon the device identifier '" + deviceId.getId() +
@@ -1163,17 +1185,18 @@ public class PolicyManagerImpl implements PolicyManager {
         }
     }
 
-    private List<DeviceGroupWrapper> getDeviceGroupNames(List<DeviceGroupWrapper> groupWrappers) throws GroupManagementException {
-        GroupManagementProviderService groupManagementProviderService = new GroupManagementProviderServiceImpl();
+    private List<DeviceGroupWrapper> getDeviceGroupNames(List<DeviceGroupWrapper> groupWrappers)
+            throws GroupManagementException {
+        GroupManagementProviderService groupManagementService = PolicyManagementDataHolder
+                .getInstance().getGroupManagementService();
         for (DeviceGroupWrapper wrapper : groupWrappers) {
-            DeviceGroup deviceGroup = groupManagementProviderService.getGroup(wrapper.getId(), false);
+            DeviceGroup deviceGroup = groupManagementService.getGroup(wrapper.getId(), false);
             wrapper.setName(deviceGroup.getName());
             wrapper.setOwner(deviceGroup.getOwner());
         }
         return groupWrappers;
     }
 
-
     private List<DeviceIdentifier> convertDevices(List<Device> devices) {
         List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
         for (Device device : devices) {
@@ -1185,7 +1208,6 @@ public class PolicyManagerImpl implements PolicyManager {
         return deviceIdentifiers;
     }
 
-
     private void addPolicyRevokeOperation(List<DeviceIdentifier> deviceIdentifiers) throws PolicyManagementException {
         try {
             String type = null;
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/task/MonitoringTask.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/task/MonitoringTask.java
index f75995179b..0acbac6a60 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/task/MonitoringTask.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/task/MonitoringTask.java
@@ -16,7 +16,6 @@
  * under the License.
  */
 
-
 package org.wso2.carbon.policy.mgt.core.task;
 
 import org.apache.commons.logging.Log;
@@ -29,11 +28,9 @@ import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
 import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.PolicyComplianceException;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
-import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.ntask.core.Task;
 import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
 import org.wso2.carbon.policy.mgt.core.mgt.MonitoringManager;
-import org.wso2.carbon.user.api.UserStoreException;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -43,11 +40,8 @@ public class MonitoringTask implements Task {
 
     private static final Log log = LogFactory.getLog(MonitoringTask.class);
 
-    Map<String, String> properties;
-
     @Override
     public void setProperties(Map<String, String> map) {
-        this.properties = map;
     }
 
     @Override
@@ -84,7 +78,8 @@ public class MonitoringTask implements Task {
             log.debug("Monitoring task started to run for all tenants.");
         }
         try {
-            DeviceManagementProviderService deviceManagementService = new DeviceManagementProviderServiceImpl();
+            DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
+                    .getInstance().getDeviceManagementService();
             List<Integer> tenants = deviceManagementService.getDeviceEnrolledTenants();
             for (Integer tenant : tenants) {
                 if (MultitenantConstants.SUPER_TENANT_ID == tenant) {
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/BasePolicyManagementDAOTest.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/BasePolicyManagementDAOTest.java
index d487d35a25..450313aac0 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/BasePolicyManagementDAOTest.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/BasePolicyManagementDAOTest.java
@@ -39,6 +39,7 @@ import org.wso2.carbon.device.mgt.core.authorization.DeviceAccessAuthorizationSe
 import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
 import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOFactory;
+import org.wso2.carbon.device.mgt.core.device.details.mgt.impl.DeviceInformationManagerImpl;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
 import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory;
@@ -112,11 +113,17 @@ public abstract class BasePolicyManagementDAOTest {
         DeviceManagementDataHolder.getInstance().setDeviceAccessAuthorizationService(
                 new DeviceAccessAuthorizationServiceImpl());
         DeviceManagementDataHolder.getInstance().setGroupManagementProviderService(groupMgtService);
+        DeviceManagementDataHolder.getInstance().setDeviceInformationManager(new DeviceInformationManagerImpl());
         DeviceManagementDataHolder.getInstance().setDeviceTaskManagerService(null);
 
         PolicyEvaluationPoint policyEvaluationPoint = new SimplePolicyEvaluationTest();
         PolicyManagementDataHolder.getInstance().setPolicyEvaluationPoint("Simple", policyEvaluationPoint);
         PolicyManagementDataHolder.getInstance().setDeviceManagementService(deviceMgtService);
+        PolicyManagementDataHolder.getInstance().setPolicyManagerService(new PolicyManagerServiceImpl());
+
+        Field groupManagementService = PolicyManagementDataHolder.class.getDeclaredField("groupManagementService");
+        groupManagementService.setAccessible(true);
+        groupManagementService.set(PolicyManagementDataHolder.getInstance(), groupMgtService);
 
         profileManager = new ProfileManagerImpl();
     }
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/MonitoringTestCase.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/MonitoringTestCase.java
index 58fadeef8d..6bb6a1fe6b 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/MonitoringTestCase.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/MonitoringTestCase.java
@@ -22,16 +22,19 @@ package org.wso2.carbon.policy.mgt.core;
 import junit.framework.Assert;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.testng.annotations.BeforeClass;
 import org.testng.annotations.Test;
 import org.wso2.carbon.device.mgt.common.Device;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager;
+import org.wso2.carbon.device.mgt.core.device.details.mgt.impl.DeviceInformationManagerImpl;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.operation.mgt.OperationManagerImpl;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
+import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderServiceImpl;
 import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.PolicyComplianceException;
 import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
@@ -55,7 +58,11 @@ public class MonitoringTestCase extends BasePolicyManagementDAOTest {
     public void testMonitorDao() {
 
         DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
+        DeviceManagementDataHolder.getInstance().setDeviceManagementProvider(service);
+        DeviceManagementDataHolder.getInstance().setDeviceInformationManager(new DeviceInformationManagerImpl());
+        DeviceManagementDataHolder.getInstance().setGroupManagementProviderService(new GroupManagementProviderServiceImpl());
         PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
+        PolicyManagementDataHolder.getInstance().setPolicyManagerService(policyManagerService);
 
         List<Policy> policies = null;
         List<Device> devices = null;
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyDAOTestCase.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyDAOTestCase.java
index 9142aa45b4..98b5940e4c 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyDAOTestCase.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyDAOTestCase.java
@@ -55,6 +55,8 @@ public class PolicyDAOTestCase extends BasePolicyManagementDAOTest {
 
     @BeforeClass
     public void init() throws Exception {
+        log.info("Initializing policy tests");
+        super.initializeServices();
         initDatSource();
         // System.setProperty("GetTenantIDForTest", "Super");
         initiatePrivilegedCaronContext();
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyEvaluationTestCase.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyEvaluationTestCase.java
index ac7fa971f4..bf7a5bb760 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyEvaluationTestCase.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyEvaluationTestCase.java
@@ -46,6 +46,8 @@ public class PolicyEvaluationTestCase extends BasePolicyManagementDAOTest {
 
     @BeforeClass
     public void init() throws Exception {
+        log.info("Initializing policy tests");
+        super.initializeServices();
         PolicyEvaluationPoint evaluationPoint = new SimplePolicyEvaluationTest();
         PolicyManagementDataHolder.getInstance().setPolicyEvaluationPoint(evaluationPoint.getName(), evaluationPoint);
     }
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImplTest.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImplTest.java
index 2ffacebbac..d372eb63d8 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImplTest.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/PolicyManagerServiceImplTest.java
@@ -89,6 +89,7 @@ public class  PolicyManagerServiceImplTest extends BasePolicyManagementDAOTest {
     public void addPolicy() throws DeviceManagementException, GroupManagementException, PolicyManagementException {
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
         policyManagerService = new PolicyManagerServiceImpl();
+        PolicyManagementDataHolder.getInstance().setPolicyManagerService(policyManagerService);
         DeviceManagementService deviceManagementService = new TypeXDeviceManagementService(DEVICE_TYPE_A);
         deviceMgtService.registerDeviceType(deviceManagementService);
         operationManager = new OperationManagerImpl(DEVICE_TYPE_A, deviceManagementService);
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
index 1370482cd2..897bba0812 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
@@ -36,6 +36,10 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthen
 import org.wso2.carbon.webapp.authenticator.framework.authorizer.WebappTenantAuthorizer;
 
 import javax.servlet.http.HttpServletResponse;
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.net.SocketException;
+import java.util.Enumeration;
 import java.util.StringTokenizer;
 import java.util.TreeMap;
 import java.util.regex.Pattern;
@@ -43,12 +47,39 @@ import java.util.regex.Pattern;
 public class WebappAuthenticationValve extends CarbonTomcatValve {
 
     private static final Log log = LogFactory.getLog(WebappAuthenticationValve.class);
-    private static TreeMap<String, String> nonSecuredEndpoints = new TreeMap<>();
+    private static final TreeMap<String, String> nonSecuredEndpoints = new TreeMap<>();
     private static final String PERMISSION_PREFIX = "/permission/admin";
     public static final String AUTHORIZE_PERMISSION = "Authorize-Permission";
 
+    private static InetAddress inetAddress = null;
+
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
+        if (response != null) {
+            if (inetAddress == null) {
+                try {
+                    Enumeration<NetworkInterface> ifaces = NetworkInterface.getNetworkInterfaces();
+                    while (ifaces.hasMoreElements()) {
+                        NetworkInterface iface = ifaces.nextElement();
+                        if (!iface.isLoopback() && iface.isUp()) {
+                            Enumeration<InetAddress> addresses = iface.getInetAddresses();
+                            while (addresses.hasMoreElements()) {
+                                inetAddress = addresses.nextElement();
+                                break;
+                            }
+                        }
+                        break;
+                    }
+                } catch (SocketException e) {
+                    if (log.isDebugEnabled()) {
+                        log.debug("Unable to get IP address of the node.", e);
+                    }
+                }
+            }
+            if (inetAddress != null) {
+                response.setHeader("IoT-Node-IP", inetAddress.getHostAddress());
+            }
+        }
 
         if ((this.isContextSkipped(request) ||  this.skipAuthentication(request))
                 && (StringUtils.isEmpty(request.getHeader(AUTHORIZE_PERMISSION)))) {

From e0eb4316f4154348522ea9443bee93f4f13621af Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Fri, 17 Jul 2020 06:24:15 +0530
Subject: [PATCH 10/58] Add Default Token Handling Servlet

---
 .../interceptor/DefaultTokenHandler.java      | 139 ++++++++++++++++++
 .../ui/request/interceptor/LoginHandler.java  |   2 +-
 .../ui/request/interceptor/UserHandler.java   |  20 +--
 .../interceptor/util/HandlerConstants.java    |   1 +
 .../request/interceptor/util/HandlerUtil.java |  16 +-
 5 files changed, 157 insertions(+), 21 deletions(-)
 create mode 100644 components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java

diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
new file mode 100644
index 0000000000..c8db2cbc19
--- /dev/null
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
@@ -0,0 +1,139 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.ui.request.interceptor;
+
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import io.entgra.ui.request.interceptor.beans.AuthData;
+import io.entgra.ui.request.interceptor.util.HandlerConstants;
+import io.entgra.ui.request.interceptor.util.HandlerUtil;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.http.HttpHeaders;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.entity.ContentType;
+import org.wso2.carbon.device.application.mgt.common.ProxyResponse;
+
+import javax.servlet.annotation.MultipartConfig;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+@MultipartConfig
+@WebServlet(
+        name = "DefaultTokenHandlerServlet",
+        description = "This servlet intercepts the api requests initiated from the user interface to get the default "
+                + "token",
+        urlPatterns = { "/default-credentials/*" }
+        )
+public class DefaultTokenHandler extends HttpServlet {
+    private static final Log log = LogFactory.getLog(DefaultTokenHandler.class);
+
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            HttpSession httpSession = req.getSession(false);
+
+            if (httpSession != null) {
+                AuthData authData = (AuthData) httpSession.getAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY);
+                if (authData == null) {
+                    HandlerUtil.sendUnAuthorizeResponse(resp);
+                    return;
+                }
+
+                AuthData defaultAuthData = (AuthData) httpSession
+                        .getAttribute(HandlerConstants.SESSION_DEFAULT_AUTH_DATA_KEY);
+                if (defaultAuthData != null) {
+                    HandlerUtil.handleSuccess(resp, constructSuccessProxyResponse(defaultAuthData.getAccessToken()));
+                    return;
+                }
+
+                String clientId = authData.getClientId();
+                String clientSecret = authData.getClientSecret();
+
+                String iotsCorePort = System.getProperty("iot.core.https.port");
+                if (HandlerConstants.HTTP_PROTOCOL.equals(req.getScheme())) {
+                    iotsCorePort = System.getProperty("iot.core.http.port");
+                }
+                String tokenUrl =
+                        req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + System.getProperty("iot.core.host")
+                                + HandlerConstants.COLON + iotsCorePort + "/api/device-mgt/v1.0/devices" + clientId
+                                + HandlerConstants.SCHEME_SEPARATOR + clientSecret + HandlerConstants.SCHEME_SEPARATOR
+                                + "default-token";
+
+                HttpGet defaultTokenRequest = new HttpGet(tokenUrl);
+                defaultTokenRequest
+                        .setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken());
+                defaultTokenRequest
+                        .setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());
+                ProxyResponse tokenResultResponse = HandlerUtil.execute(defaultTokenRequest);
+
+                if (tokenResultResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the API to get default token data.");
+                    HandlerUtil.handleError(resp, tokenResultResponse);
+                    return;
+                }
+                String tokenResult = tokenResultResponse.getData();
+                if (tokenResult == null) {
+                    log.error("Invalid default token response is received.");
+                    HandlerUtil.handleError(resp, tokenResultResponse);
+                    return;
+                }
+
+                JsonParser jsonParser = new JsonParser();
+                JsonElement jTokenResult = jsonParser.parse(tokenResult);
+                if (jTokenResult.isJsonObject()) {
+                    JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
+                    AuthData newDefaultAuthData = new AuthData();
+                    newDefaultAuthData.setClientId(clientId);
+                    newDefaultAuthData.setClientSecret(clientSecret);
+
+                    String defaultToken = jTokenResultAsJsonObject.get("access_token").getAsString();
+                    newDefaultAuthData.setAccessToken(defaultToken);
+                    newDefaultAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
+                    newDefaultAuthData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
+                    httpSession.setAttribute(HandlerConstants.SESSION_DEFAULT_AUTH_DATA_KEY, newDefaultAuthData);
+
+                    HandlerUtil.handleSuccess(resp, constructSuccessProxyResponse(defaultToken));
+                }
+            } else {
+                HandlerUtil.sendUnAuthorizeResponse(resp);
+            }
+        } catch (IOException e) {
+            log.error("Error occurred when processing GET request to get default token.", e);
+        }
+    }
+
+    /**
+     * Get Success Proxy Response
+     * @param responseString Response String
+     * @return {@link ProxyResponse}
+     */
+    private ProxyResponse constructSuccessProxyResponse (String responseString) {
+        ProxyResponse proxyResponse = new ProxyResponse();
+        proxyResponse.setCode(HttpStatus.SC_OK);
+        proxyResponse.setData(responseString);
+        return proxyResponse;
+    }
+}
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java
index b9f5403acc..53faa63eda 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java
@@ -72,7 +72,6 @@ public class LoginHandler extends HttpServlet {
             httpSession.setMaxInactiveInterval(Math.toIntExact(HandlerConstants.TIMEOUT));
 
             HttpGet uiConfigEndpoint = new HttpGet(uiConfigUrl);
-            JsonParser jsonParser = new JsonParser();
             ProxyResponse uiConfigResponse = HandlerUtil.execute(uiConfigEndpoint);
             String executorResponse = uiConfigResponse.getExecutorResponse();
             if (!StringUtils.isEmpty(executorResponse) && executorResponse
@@ -88,6 +87,7 @@ public class LoginHandler extends HttpServlet {
                 HandlerUtil.handleError(resp, null);
                 return;
             }
+            JsonParser jsonParser = new JsonParser();
             JsonElement uiConfigJsonElement = jsonParser.parse(uiConfigResponse.getData());
             JsonObject uiConfigJsonObject = null;
             if (uiConfigJsonElement.isJsonObject()) {
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/UserHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/UserHandler.java
index 0464488e56..d35e495835 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/UserHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/UserHandler.java
@@ -56,13 +56,13 @@ public class UserHandler extends HttpServlet {
                             + HandlerConstants.COLON + HandlerUtil.getGatewayPort(req.getScheme());
             HttpSession httpSession = req.getSession(false);
             if (httpSession == null) {
-                sendUnAuthorizeResponse(resp);
+                HandlerUtil.sendUnAuthorizeResponse(resp);
                 return;
             }
 
             AuthData authData = (AuthData) httpSession.getAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY);
             if (authData == null) {
-                sendUnAuthorizeResponse(resp);
+                HandlerUtil.sendUnAuthorizeResponse(resp);
                 return;
             }
 
@@ -91,7 +91,7 @@ public class UserHandler extends HttpServlet {
             if (jTokenResult.isJsonObject()) {
                 JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
                 if (!jTokenResultAsJsonObject.get("active").getAsBoolean()) {
-                    sendUnAuthorizeResponse(resp);
+                    HandlerUtil.sendUnAuthorizeResponse(resp);
                     return;
                 }
                 ProxyResponse proxyResponse = new ProxyResponse();
@@ -106,18 +106,4 @@ public class UserHandler extends HttpServlet {
             log.error("Error occurred while parsing the response. ", e);
         }
     }
-
-    /**
-     * Send UnAuthorized Response to the user
-     * 
-     * @param resp HttpServletResponse object
-     */
-    private void sendUnAuthorizeResponse(HttpServletResponse resp)
-            throws IOException {
-        ProxyResponse proxyResponse = new ProxyResponse();
-        proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED);
-        proxyResponse.setExecutorResponse(
-                HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED));
-        HandlerUtil.handleError(resp, proxyResponse);
-    }
 }
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
index 261a28bb4b..a335f224c7 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
@@ -30,6 +30,7 @@ public class HandlerConstants {
     public static final String TAGS_KEY = "tags";
     public static final String APP_NAME_KEY = "applicationName";
     public static final String SESSION_AUTH_DATA_KEY = "authInfo";
+    public static final String SESSION_DEFAULT_AUTH_DATA_KEY = "defaultAuthInfo";
     public static final String UI_CONFIG_KEY = "ui-config";
     public static final String PLATFORM = "platform";
     public static final String USERNAME = "username";
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
index f35c0700ee..82685daa43 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
@@ -19,7 +19,6 @@
 package io.entgra.ui.request.interceptor.util;
 
 import com.google.gson.Gson;
-import com.google.gson.JsonObject;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -35,9 +34,7 @@ import org.json.JSONException;
 import org.json.JSONObject;
 import org.wso2.carbon.device.application.mgt.common.ProxyResponse;
 
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
@@ -232,4 +229,17 @@ public class HandlerUtil {
         }
     }
 
+    /**
+     * Send UnAuthorized Response to the user
+     *
+     * @param resp HttpServletResponse object
+     */
+    public static void sendUnAuthorizeResponse(HttpServletResponse resp)
+            throws IOException {
+        ProxyResponse proxyResponse = new ProxyResponse();
+        proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED);
+        proxyResponse.setExecutorResponse(
+                HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED));
+        handleError(resp, proxyResponse);
+    }
 }

From 43a6c710add55462a23efcef4ed30b2a85c721b5 Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Fri, 17 Jul 2020 08:11:44 +0530
Subject: [PATCH 11/58] Handle change of device name

---
 .../mgt/core/DeviceManagementConstants.java   |  9 +++++++++
 .../impl/DeviceInformationManagerImpl.java    | 20 +++++++++++++++++--
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
index 7f7610126b..1b402560b7 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
@@ -169,4 +169,13 @@ public final class DeviceManagementConstants {
         public static final String DEVICE_INFO_PARAM =  "device-info";
         public static final String APP_USAGE_ENDPOINT = REPORTING_CONTEXT + "/app-usage";
     }
+
+    public static final class Payload {
+        private Payload() {
+            throw new AssertionError();
+        }
+        public static final String DEVICE_INFO_DEVICE_NAME = "DEVICE_NAME";
+        public static final String DEVICE_INFO_IMEI = "IMEI";
+        public static final String DEVICE_INFO_IMSI =  "IMSI";;
+    }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
index 2b4756d0f5..c111f02f3b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/device/details/mgt/impl/DeviceInformationManagerImpl.java
@@ -134,6 +134,20 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
                 deviceDetailsDAO.addDeviceProperties(injectableProps, device.getId(),
                         device.getEnrolmentInfo().getId());
             }
+
+            if (deviceInfo.getDeviceDetailsMap().containsKey(DeviceManagementConstants
+                    .Payload.DEVICE_INFO_DEVICE_NAME) &&
+                    StringUtils.isNotEmpty(deviceInfo.getDeviceDetailsMap()
+                            .get(DeviceManagementConstants.Payload.DEVICE_INFO_DEVICE_NAME))
+                    && !device.getName().equals(deviceInfo.getDeviceDetailsMap()
+                    .get(DeviceManagementConstants.Payload.DEVICE_INFO_DEVICE_NAME))) {
+                String name = deviceInfo.getDeviceDetailsMap()
+                        .get(DeviceManagementConstants.Payload.DEVICE_INFO_DEVICE_NAME);
+                log.info("Device identifier " + device.getDeviceIdentifier() + ", Device name " +
+                        "changed by user from " + device.getName() + " to " + name);
+                device.setName(name);
+            }
+
             deviceDAO.updateDevice(device, CarbonContext.getThreadLocalCarbonContext().getTenantId());
             DeviceManagementDAOFactory.commitTransaction();
 
@@ -142,8 +156,10 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
                 Object[] metaData = {device.getDeviceIdentifier(), device.getType()};
                 Object[] payload = new Object[]{
                         Calendar.getInstance().getTimeInMillis(),
-                        deviceInfo.getDeviceDetailsMap().get("IMEI"),
-                        deviceInfo.getDeviceDetailsMap().get("IMSI"),
+                        deviceInfo.getDeviceDetailsMap().get(DeviceManagementConstants.Payload
+                                .DEVICE_INFO_IMEI),
+                        deviceInfo.getDeviceDetailsMap().get(DeviceManagementConstants.Payload
+                                        .DEVICE_INFO_IMSI),
                         deviceInfo.getDeviceModel(),
                         deviceInfo.getVendor(),
                         deviceInfo.getOsVersion(),

From 1f94415f7f793233bacc81351ccac33ef92b2f61 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Thu, 16 Jul 2020 20:43:50 +0530
Subject: [PATCH 12/58] Add API to get default token by using client ID and
 secret

---
 .../pom.xml                                   | 40 --------------
 .../service/api/DeviceManagementService.java  | 54 +++++++++++++++++++
 .../impl/DeviceManagementServiceImpl.java     | 23 ++++++++
 3 files changed, 77 insertions(+), 40 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
index a8f9f24ae4..d5af449477 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/pom.xml
@@ -100,46 +100,6 @@
                     </execution>
                 </executions>
             </plugin>
-<!--            <plugin>-->
-<!--                <groupId>org.codehaus.mojo</groupId>-->
-<!--                <artifactId>exec-maven-plugin</artifactId>-->
-<!--                <version>1.5.0</version>-->
-<!--                <executions>-->
-<!--                    <execution>-->
-<!--                        <id>npm install (initialize)</id>-->
-<!--                        <goals>-->
-<!--                            <goal>exec</goal>-->
-<!--                        </goals>-->
-<!--                        <phase>initialize</phase>-->
-<!--                        <configuration>-->
-<!--                            <workingDirectory>react-app</workingDirectory>-->
-<!--                            <executable>${npm.executable}</executable>-->
-<!--                            <arguments>-->
-<!--                                <argument>install</argument>-->
-<!--                                <argument>&#45;&#45;silent</argument>-->
-<!--                            </arguments>-->
-<!--                        </configuration>-->
-<!--                    </execution>-->
-<!--                    <execution>-->
-<!--                        <id>npm run build (compile)</id>-->
-<!--                        <goals>-->
-<!--                            <goal>exec</goal>-->
-<!--                        </goals>-->
-<!--                        <phase>compile</phase>-->
-<!--                        <configuration>-->
-<!--                            <workingDirectory>react-app</workingDirectory>-->
-<!--                            <executable>${npm.executable}</executable>-->
-<!--                            <arguments>-->
-<!--                                <argument>run</argument>-->
-<!--                                <argument>${npm.build.command}</argument>-->
-<!--                            </arguments>-->
-<!--                        </configuration>-->
-<!--                    </execution>-->
-<!--                </executions>-->
-<!--                <configuration>-->
-<!--                    <workingDirectory>${npm.working.dir}</workingDirectory>-->
-<!--                </configuration>-->
-<!--            </plugin>-->
         </plugins>
     </build>
     <profiles>
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java
index 02ded254df..60799bf5a2 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java
@@ -2273,4 +2273,58 @@ public interface DeviceManagementService {
                             response = ErrorResponse.class)
             })
     Response getDeviceFilters();
+
+    @GET
+    @Produces(MediaType.APPLICATION_JSON)
+    @Path("/{clientId}/{clientSecret}/default-token")
+    @ApiOperation(
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = "GET",
+            value = "Getting the default token",
+            notes = "Getting the default access token by using given client ID and the client secret value.",
+            extensions = {
+                    @Extension(properties = {
+                            @ExtensionProperty(name = Constants.SCOPE, value = "perm:device:enroll")
+                    })
+            }
+    )
+    @ApiResponses(
+            value = {
+                    @ApiResponse(
+                            code = 200,
+                            message = "OK. \n Successfully returned the default token details.",
+                            response = Policy.class,
+                            responseHeaders = {
+                                    @ResponseHeader(
+                                            name = "Content-Type",
+                                            description = "The content type of the body"),
+                                    @ResponseHeader(
+                                            name = "ETag",
+                                            description = "Entity Tag of the response resource.\n" +
+                                                    "Used by caches, or in conditional requests."),
+                                    @ResponseHeader(
+                                            name = "Last-Modified",
+                                            description = "Date and time the resource was last modified.\n" +
+                                                    "Used by caches, or in conditional requests.")}),
+                    @ApiResponse(
+                            code = 500,
+                            message = "Internal Server Error. \n " +
+                                    "Server error occurred while retrieving the default token.",
+                            response = ErrorResponse.class)
+            }
+    )
+    Response getDefaultToken(
+            @ApiParam(
+                    name = "client ID",
+                    value = "Client Id.",
+                    required = true)
+            @PathParam("clientId")
+                    String clientId,
+            @ApiParam(
+                    name = "client secret",
+                    value = "Client Secret",
+                    required = true)
+            @PathParam("clientSecret")
+                    String clientSecret
+    );
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
index 3600ffb3ab..4df23a511b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
@@ -38,11 +38,13 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
 
 import java.util.LinkedList;
 import java.util.Queue;
+
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.Device;
 import org.wso2.carbon.device.mgt.common.DeviceFilters;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
@@ -102,6 +104,10 @@ import org.wso2.carbon.device.mgt.jaxrs.service.api.DeviceManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.InputValidationException;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
+import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
+import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
+import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
 import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
 import org.wso2.carbon.user.api.UserStoreException;
@@ -1328,4 +1334,21 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
         }
     }
+
+    @GET
+    @Path("/{clientId}/{clientSecret}/default-token")
+    @Override
+    public Response getDefaultToken(String clientId, String clientSecret) {
+        JWTClientManagerService jwtClientManagerService = DeviceMgtAPIUtils.getJWTClientManagerService();
+        try {
+            JWTClient jwtClient = jwtClientManagerService.getJWTClient();
+            AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(clientId, clientSecret,
+                    PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(), "default");
+            return Response.status(Response.Status.OK).entity(accessTokenInfo).build();
+        } catch (JWTClientException e) {
+            String msg = "Error occurred while getting default access token by using given client Id and client secret.";
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        }
+    }
 }

From 44ba40fe7d4c2e4425490f765b6c5be9dfcc6664 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Fri, 17 Jul 2020 17:13:12 +0530
Subject: [PATCH 13/58] Improve proxy handler

---
 .../entgra/ui/request/interceptor/DefaultTokenHandler.java | 7 +------
 .../io/entgra/ui/request/interceptor/LogoutHandler.java    | 1 -
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
index c8db2cbc19..7d89550ef1 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
@@ -40,12 +40,7 @@ import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
 @MultipartConfig
-@WebServlet(
-        name = "DefaultTokenHandlerServlet",
-        description = "This servlet intercepts the api requests initiated from the user interface to get the default "
-                + "token",
-        urlPatterns = { "/default-credentials/*" }
-        )
+@WebServlet("/default-credentials")
 public class DefaultTokenHandler extends HttpServlet {
     private static final Log log = LogFactory.getLog(DefaultTokenHandler.class);
 
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java
index 771341cb41..8ebacf1cb7 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java
@@ -18,7 +18,6 @@
 
 package io.entgra.ui.request.interceptor;
 
-import io.entgra.ui.request.interceptor.util.HandlerConstants;
 import io.entgra.ui.request.interceptor.util.HandlerUtil;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;

From 45e753f68fdfd51ad5cb058605e7e0c34cf4a13e Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Fri, 17 Jul 2020 19:31:38 +0530
Subject: [PATCH 14/58] Construct API endpoint to get default token

---
 .../entgra/ui/request/interceptor/DefaultTokenHandler.java  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
index 7d89550ef1..a500c0027b 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
@@ -71,11 +71,11 @@ public class DefaultTokenHandler extends HttpServlet {
                 if (HandlerConstants.HTTP_PROTOCOL.equals(req.getScheme())) {
                     iotsCorePort = System.getProperty("iot.core.http.port");
                 }
+
                 String tokenUrl =
                         req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + System.getProperty("iot.core.host")
-                                + HandlerConstants.COLON + iotsCorePort + "/api/device-mgt/v1.0/devices" + clientId
-                                + HandlerConstants.SCHEME_SEPARATOR + clientSecret + HandlerConstants.SCHEME_SEPARATOR
-                                + "default-token";
+                                + HandlerConstants.COLON + iotsCorePort + "/api/device-mgt/v1.0/devices/" + clientId
+                                + "/" + clientSecret + "/default-token";
 
                 HttpGet defaultTokenRequest = new HttpGet(tokenUrl);
                 defaultTokenRequest

From 2ec29701a1422145e55c075c47bde243a1241546 Mon Sep 17 00:00:00 2001
From: shamalka <shamalkanavod95@gmail.com>
Date: Fri, 17 Jul 2020 23:52:25 +0530
Subject: [PATCH 15/58] Fix get default token issues

---
 .../mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java | 2 +-
 .../entgra/ui/request/interceptor/DefaultTokenHandler.java  | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
index 4df23a511b..a4ca3f026d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
@@ -1338,7 +1338,7 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
     @GET
     @Path("/{clientId}/{clientSecret}/default-token")
     @Override
-    public Response getDefaultToken(String clientId, String clientSecret) {
+    public Response getDefaultToken(@PathParam("clientId") String clientId, @PathParam("clientSecret") String clientSecret) {
         JWTClientManagerService jwtClientManagerService = DeviceMgtAPIUtils.getJWTClientManagerService();
         try {
             JWTClient jwtClient = jwtClientManagerService.getJWTClient();
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
index a500c0027b..1cff1d9d11 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/DefaultTokenHandler.java
@@ -104,10 +104,10 @@ public class DefaultTokenHandler extends HttpServlet {
                     newDefaultAuthData.setClientId(clientId);
                     newDefaultAuthData.setClientSecret(clientSecret);
 
-                    String defaultToken = jTokenResultAsJsonObject.get("access_token").getAsString();
+                    String defaultToken = jTokenResultAsJsonObject.get("accessToken").getAsString();
                     newDefaultAuthData.setAccessToken(defaultToken);
-                    newDefaultAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
-                    newDefaultAuthData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
+                    newDefaultAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refreshToken").getAsString());
+                    newDefaultAuthData.setScope(jTokenResultAsJsonObject.get("scopes").getAsString());
                     httpSession.setAttribute(HandlerConstants.SESSION_DEFAULT_AUTH_DATA_KEY, newDefaultAuthData);
 
                     HandlerUtil.handleSuccess(resp, constructSuccessProxyResponse(defaultToken));

From 3ea16eaf7de96796007579c8ed46a7ebf53577de Mon Sep 17 00:00:00 2001
From: Ace <ruwany.ace@gmail.com>
Date: Sat, 18 Jul 2020 15:52:41 +0530
Subject: [PATCH 16/58] Adding capability for policies to be added/removed
 automatically when devices are added/removed from a group

---
 .../service/impl/DeviceAgentServiceImpl.java  | 17 +++++
 .../impl/GroupManagementServiceImpl.java      | 68 ++++++++++++++++++-
 .../service/impl/DeviceAgentServiceTest.java  |  4 ++
 .../impl/GroupManagementServiceImplTest.java  | 19 ++++++
 4 files changed, 105 insertions(+), 3 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
index ca034edec3..5c59a48982 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
@@ -36,6 +36,7 @@ import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.InvalidConfigurationException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
+import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
 import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.ComplianceFeature;
 import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.PolicyComplianceException;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
@@ -50,6 +51,9 @@ import org.wso2.carbon.event.stream.stub.EventStreamAdminServiceStub;
 import org.wso2.carbon.event.stream.stub.types.EventStreamAttributeDto;
 import org.wso2.carbon.event.stream.stub.types.EventStreamDefinitionDto;
 import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
+import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
+import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
+import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.user.api.UserStoreException;
 
 import javax.validation.Valid;
@@ -95,6 +99,13 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
             device.getEnrolmentInfo().setDateOfEnrolment(System.currentTimeMillis());
             device.getEnrolmentInfo().setDateOfLastUpdate(System.currentTimeMillis());
             boolean status = dms.enrollDevice(device);
+            PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
+            List<DeviceIdentifier> deviceIdentifierList = new ArrayList<>();
+            DeviceIdentifier deviceId = new DeviceIdentifier(device.getDeviceIdentifier(), device.getType());
+            deviceIdentifierList.add(deviceId);
+            Policy effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceId);
+            pap.addPolicyToDevice(deviceIdentifierList, effectivePolicy);
+            pap.publishChanges();
             return Response.status(Response.Status.OK).entity(status).build();
         } catch (DeviceManagementException e) {
             String msg = "Error occurred while enrolling the device, which carries the id '" +
@@ -104,6 +115,12 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
         } catch (InvalidConfigurationException e) {
             log.error("failed to add operation", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (PolicyManagementException e) {
+            log.error("failed to add designated policies against newly enrolled device.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (PolicyEvaluationException e) {
+            log.error("failed while retrieving policies for newly enrolled device.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
index 3b10b8681d..9d15dfe362 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
@@ -25,15 +25,19 @@ import org.wso2.carbon.CarbonConstants;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.Device;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
-import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
+import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
 import org.wso2.carbon.device.mgt.common.GroupPaginationRequest;
 import org.wso2.carbon.device.mgt.common.PaginationResult;
+import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
 import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
 import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
-import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupNotExistException;
+import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
+import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
+import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
 import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList;
 import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList;
@@ -42,6 +46,9 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
 import org.wso2.carbon.device.mgt.jaxrs.service.api.GroupManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
+import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
+import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 
 import javax.ws.rs.core.Response;
 import java.util.ArrayList;
@@ -259,6 +266,17 @@ public class GroupManagementServiceImpl implements GroupManagementService {
     public Response addDevicesToGroup(int groupId, List<DeviceIdentifier> deviceIdentifiers) {
         try {
             DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
+            PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
+            DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
+            Policy effectivePolicy = null;
+            for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
+                Device device = dms.getDevice(deviceIdentifier, false);
+                if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
+                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
+                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                }
+            }
+            pap.publishChanges();
             return Response.status(Response.Status.OK).build();
         } catch (GroupManagementException e) {
             String msg = "Error occurred while adding devices to group.";
@@ -266,6 +284,15 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
         } catch (DeviceNotFoundException e) {
             return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
+        } catch (PolicyManagementException e) {
+            log.error("Error occurred while adding policies against device(s).", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (PolicyEvaluationException e) {
+            log.error("Error occurred while retrieving policies against device(s).", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (DeviceManagementException e) {
+            log.error("Error occurred while retrieving device information.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
@@ -273,6 +300,17 @@ public class GroupManagementServiceImpl implements GroupManagementService {
     public Response removeDevicesFromGroup(int groupId, List<DeviceIdentifier> deviceIdentifiers) {
         try {
             DeviceMgtAPIUtils.getGroupManagementProviderService().removeDevice(groupId, deviceIdentifiers);
+            PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
+            DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
+            Policy effectivePolicy = null;
+            for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
+                Device device = dms.getDevice(deviceIdentifier, false);
+                if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
+                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
+                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                }
+            }
+            pap.publishChanges();
             return Response.status(Response.Status.OK).build();
         } catch (GroupManagementException e) {
             String msg = "Error occurred while removing devices from group.";
@@ -280,6 +318,15 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
         } catch (DeviceNotFoundException e) {
             return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
+        }catch (PolicyManagementException e) {
+            log.error("Error occurred while adding policies against device(s).", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (PolicyEvaluationException e) {
+            log.error("Error occurred while retrieving policies against device(s).", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (DeviceManagementException e) {
+            log.error("Error occurred while retrieving device information.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
@@ -290,6 +337,10 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             deviceIdentifiers.add(deviceToGroupsAssignment.getDeviceIdentifier());
             GroupManagementProviderService service = DeviceMgtAPIUtils.getGroupManagementProviderService();
             List<DeviceGroup> deviceGroups = service.getGroups(deviceToGroupsAssignment.getDeviceIdentifier(), false);
+            PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
+            DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
+            Device device = null;
+            Policy effectivePolicy = null;
             for (DeviceGroup group : deviceGroups) {
                 Integer groupId = group.getGroupId();
                 if (deviceToGroupsAssignment.getDeviceGroupIds().contains(groupId)) {
@@ -300,7 +351,12 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             }
             for (int groupId : deviceToGroupsAssignment.getDeviceGroupIds()) {
                 DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
+                for (DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
+                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
+                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                }
             }
+            pap.publishChanges();
             return Response.status(Response.Status.OK).build();
         } catch (GroupManagementException e) {
             String msg = "Error occurred while assigning device to groups.";
@@ -308,6 +364,12 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
         } catch (DeviceNotFoundException e) {
             return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
+        } catch (PolicyManagementException e) {
+            log.error("Failed to add policies for device assigned to group.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+        } catch (PolicyEvaluationException e) {
+            log.error("Failed while retrieving policies device assigned to group.", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
@@ -325,4 +387,4 @@ public class GroupManagementServiceImpl implements GroupManagementService {
         }
     }
 
-}
\ No newline at end of file
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceTest.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceTest.java
index c1aa2d41bf..729b1827cd 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceTest.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceTest.java
@@ -93,6 +93,7 @@ public class DeviceAgentServiceTest {
     private static final String AUTHENTICATED_USER = "admin";
     private static final String MONITOR_OPERATION = "POLICY_MONITOR";
     private static Device demoDevice;
+    private PolicyManagerService policyManagerService;
 
     @ObjectFactory
     public IObjectFactory getObjectFactory() {
@@ -108,6 +109,7 @@ public class DeviceAgentServiceTest {
         this.deviceAgentService = new DeviceAgentServiceImpl();
         this.deviceAccessAuthorizationService = Mockito.mock(DeviceAccessAuthorizationServiceImpl.class,
                 Mockito.RETURNS_MOCKS);
+        this.policyManagerService = Mockito.mock(PolicyManagerService.class, Mockito.RETURNS_MOCKS);
         this.privilegedCarbonContext = Mockito.mock(PrivilegedCarbonContext.class, Mockito.RETURNS_MOCKS);
         this.eventStreamAdminServiceStub = Mockito.mock(EventStreamAdminServiceStub.class, Mockito.RETURNS_MOCKS);
         demoDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
@@ -167,6 +169,8 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.deviceManagementProviderService);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getAuthenticatedUser"))
                 .toReturn(AUTHENTICATED_USER);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
+                .toReturn(policyManagerService);
         EnrolmentInfo enrolmentInfo = demoDevice.getEnrolmentInfo();
         enrolmentInfo.setStatus(EnrolmentInfo.Status.INACTIVE);
         demoDevice.setEnrolmentInfo(enrolmentInfo);
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImplTest.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImplTest.java
index d1bcbb27eb..20136b172d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImplTest.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImplTest.java
@@ -19,6 +19,7 @@
 
 package org.wso2.carbon.device.mgt.jaxrs.service.impl;
 
+import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.powermock.api.mockito.PowerMockito;
 import org.powermock.core.classloader.annotations.PowerMockIgnore;
@@ -42,10 +43,12 @@ import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupNotExistException;
 import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
+import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
 import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceToGroupsAssignment;
 import org.wso2.carbon.device.mgt.jaxrs.service.api.GroupManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
 
 import javax.ws.rs.core.Response;
 import java.util.ArrayList;
@@ -61,6 +64,8 @@ import java.util.List;
 public class GroupManagementServiceImplTest {
     private GroupManagementService groupManagementService;
     private GroupManagementProviderService groupManagementProviderService;
+    private PolicyManagerService policyManagerService;
+    private DeviceManagementProviderService deviceManagementProviderService;
     private PrivilegedCarbonContext context;
 
     @ObjectFactory
@@ -72,6 +77,8 @@ public class GroupManagementServiceImplTest {
     public void init() {
         groupManagementService = new GroupManagementServiceImpl();
         groupManagementProviderService = Mockito.mock(GroupManagementProviderService.class);
+        this.policyManagerService = Mockito.mock(PolicyManagerService.class, Mockito.RETURNS_MOCKS);
+        this.deviceManagementProviderService = Mockito.mock(DeviceManagementProviderService.class, Mockito.RETURNS_MOCKS);
         context = Mockito.mock(PrivilegedCarbonContext.class);
         Mockito.doReturn("admin").when(context).getUsername();
     }
@@ -298,6 +305,10 @@ public class GroupManagementServiceImplTest {
     public void testAddDevicesToGroup() throws GroupManagementException, DeviceNotFoundException {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
                 .toReturn(groupManagementProviderService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
+                .toReturn(policyManagerService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
+                .toReturn(deviceManagementProviderService);
         List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
         Mockito.doNothing().when(groupManagementProviderService).addDevices(1, deviceIdentifiers);
         Mockito.doThrow(new GroupManagementException()).when(groupManagementProviderService).addDevices(2,
@@ -319,6 +330,10 @@ public class GroupManagementServiceImplTest {
     public void testRemoveDevicesFromGroup() throws GroupManagementException, DeviceNotFoundException {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
                 .toReturn(groupManagementProviderService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
+                .toReturn(policyManagerService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
+                .toReturn(deviceManagementProviderService);
         List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
         Mockito.doNothing().when(groupManagementProviderService).removeDevice(1, deviceIdentifiers);
         Mockito.doThrow(new GroupManagementException()).when(groupManagementProviderService).removeDevice(2,
@@ -357,6 +372,10 @@ public class GroupManagementServiceImplTest {
     public void testUpdateDeviceAssigningToGroups() throws GroupManagementException, DeviceNotFoundException {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
                 .toReturn(groupManagementProviderService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
+                .toReturn(policyManagerService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
+                .toReturn(deviceManagementProviderService);
         Mockito.reset(groupManagementProviderService);
         DeviceToGroupsAssignment deviceToGroupsAssignment = new DeviceToGroupsAssignment();
         List<Integer> groupIds = new ArrayList<>();

From 854714e827784f60c5143339f2d72819b937fbed Mon Sep 17 00:00:00 2001
From: Kaveesha <mhkmihirangi@gmail.com>
Date: Sun, 19 Jul 2020 00:05:11 +0530
Subject: [PATCH 17/58] Add scope for Send notification

---
 .../src/main/resources/conf/mdm-ui-config.xml                    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
index 1a39fe704e..e9c88e3321 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
@@ -169,6 +169,7 @@
         <Scope>perm:android:set-password-policy</Scope>
         <Scope>perm:android:change-lock-code</Scope>
         <Scope>perm:android:upgrade-firmware</Scope>
+        <Scope>perm:android:send-notification</Scope>
     </Scopes>
     <SSOConfiguration>
         <Issuer>device-mgt</Issuer>

From c1c736b6079b200599cc795100b56eff13fb0e6f Mon Sep 17 00:00:00 2001
From: Ace <ruwany.ace@gmail.com>
Date: Tue, 21 Jul 2020 08:23:30 +0530
Subject: [PATCH 18/58] Adding fix for policy application upon adding devices
 to group

---
 .../service/impl/DeviceAgentServiceImpl.java  |  8 +----
 .../impl/GroupManagementServiceImpl.java      | 31 +++++++------------
 .../mgt/core/mgt/impl/PolicyManagerImpl.java  |  1 +
 3 files changed, 13 insertions(+), 27 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
index 5c59a48982..f759ed13a9 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceAgentServiceImpl.java
@@ -100,11 +100,8 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
             device.getEnrolmentInfo().setDateOfLastUpdate(System.currentTimeMillis());
             boolean status = dms.enrollDevice(device);
             PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
-            List<DeviceIdentifier> deviceIdentifierList = new ArrayList<>();
             DeviceIdentifier deviceId = new DeviceIdentifier(device.getDeviceIdentifier(), device.getType());
-            deviceIdentifierList.add(deviceId);
-            Policy effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceId);
-            pap.addPolicyToDevice(deviceIdentifierList, effectivePolicy);
+            DeviceMgtAPIUtils.getPolicyManagementService().getEffectivePolicy(deviceId);
             pap.publishChanges();
             return Response.status(Response.Status.OK).entity(status).build();
         } catch (DeviceManagementException e) {
@@ -118,9 +115,6 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
         } catch (PolicyManagementException e) {
             log.error("failed to add designated policies against newly enrolled device.", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
-        } catch (PolicyEvaluationException e) {
-            log.error("failed while retrieving policies for newly enrolled device.", e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
index 9d15dfe362..0502f37ab3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/GroupManagementServiceImpl.java
@@ -48,6 +48,7 @@ import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
 import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
 import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
+import org.wso2.carbon.policy.mgt.common.PolicyEvaluationPoint;
 import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 
 import javax.ws.rs.core.Response;
@@ -268,12 +269,11 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
             PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
             DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
-            Policy effectivePolicy = null;
             for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
                 Device device = dms.getDevice(deviceIdentifier, false);
                 if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
-                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
-                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                    pap.removePolicyUsed(deviceIdentifier);
+                    DeviceMgtAPIUtils.getPolicyManagementService().getEffectivePolicy(deviceIdentifier);
                 }
             }
             pap.publishChanges();
@@ -287,9 +287,9 @@ public class GroupManagementServiceImpl implements GroupManagementService {
         } catch (PolicyManagementException e) {
             log.error("Error occurred while adding policies against device(s).", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
-        } catch (PolicyEvaluationException e) {
-            log.error("Error occurred while retrieving policies against device(s).", e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
+//        } catch (PolicyEvaluationException e) {
+//            log.error("Error occurred while retrieving policies against device(s).", e);
+//            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         } catch (DeviceManagementException e) {
             log.error("Error occurred while retrieving device information.", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
@@ -302,12 +302,11 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             DeviceMgtAPIUtils.getGroupManagementProviderService().removeDevice(groupId, deviceIdentifiers);
             PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
             DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
-            Policy effectivePolicy = null;
             for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
                 Device device = dms.getDevice(deviceIdentifier, false);
                 if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
-                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
-                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                    pap.removePolicyUsed(deviceIdentifier);
+                    DeviceMgtAPIUtils.getPolicyManagementService().getEffectivePolicy(deviceIdentifier);
                 }
             }
             pap.publishChanges();
@@ -321,10 +320,7 @@ public class GroupManagementServiceImpl implements GroupManagementService {
         }catch (PolicyManagementException e) {
             log.error("Error occurred while adding policies against device(s).", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
-        } catch (PolicyEvaluationException e) {
-            log.error("Error occurred while retrieving policies against device(s).", e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
-        } catch (DeviceManagementException e) {
+        }catch (DeviceManagementException e) {
             log.error("Error occurred while retrieving device information.", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
@@ -339,8 +335,6 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             List<DeviceGroup> deviceGroups = service.getGroups(deviceToGroupsAssignment.getDeviceIdentifier(), false);
             PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
             DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
-            Device device = null;
-            Policy effectivePolicy = null;
             for (DeviceGroup group : deviceGroups) {
                 Integer groupId = group.getGroupId();
                 if (deviceToGroupsAssignment.getDeviceGroupIds().contains(groupId)) {
@@ -352,8 +346,8 @@ public class GroupManagementServiceImpl implements GroupManagementService {
             for (int groupId : deviceToGroupsAssignment.getDeviceGroupIds()) {
                 DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
                 for (DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
-                    effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
-                    pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
+                    pap.removePolicyUsed(deviceIdentifier);
+                    DeviceMgtAPIUtils.getPolicyManagementService().getEffectivePolicy(deviceIdentifier);
                 }
             }
             pap.publishChanges();
@@ -367,9 +361,6 @@ public class GroupManagementServiceImpl implements GroupManagementService {
         } catch (PolicyManagementException e) {
             log.error("Failed to add policies for device assigned to group.", e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
-        } catch (PolicyEvaluationException e) {
-            log.error("Failed while retrieving policies device assigned to group.", e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
     }
 
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
index c8737f1468..ffacfe8787 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
@@ -930,6 +930,7 @@ public class PolicyManagerImpl implements PolicyManager {
         try {
             device = deviceManagementService.getDevice(deviceIdentifier, false);
         } catch (DeviceManagementException e) {
+            PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while getting the device details (" +
                     deviceIdentifier.getId() + ")", e);
         }

From 32088708407c7eadca1a02495e86b7df4d19bf50 Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Wed, 22 Jul 2020 21:27:56 +0530
Subject: [PATCH 19/58] Add one time token bean

---
 .../common/general/OneTimeTokenDetails.java   | 96 +++++++++++++++++++
 1 file changed, 96 insertions(+)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/general/OneTimeTokenDetails.java

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/general/OneTimeTokenDetails.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/general/OneTimeTokenDetails.java
new file mode 100644
index 0000000000..f204a1f390
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/general/OneTimeTokenDetails.java
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.general;
+
+import java.util.Map;
+
+public class OneTimeTokenDetails extends TenantDetail {
+
+    String password;
+    String token;
+    long createdDate;
+    long updatedDate;
+    boolean isExpired;
+    String metaInfo;
+    Map<String, String> replaceValue;
+    String emailType;
+
+    public long getCreatedDate() {
+        return createdDate;
+    }
+
+    public void setCreatedDate(long createdDate) {
+        this.createdDate = createdDate;
+    }
+
+    public long getUpdatedDate() {
+        return updatedDate;
+    }
+
+    public void setUpdatedDate(long updatedDate) {
+        this.updatedDate = updatedDate;
+    }
+
+    public boolean isExpired() {
+        return isExpired;
+    }
+
+    public void setExpired(boolean expired) {
+        isExpired = expired;
+    }
+
+    public String getMetaInfo() {
+        return metaInfo;
+    }
+
+    public void setMetaInfo(String metaInfo) {
+        this.metaInfo = metaInfo;
+    }
+
+    public Map<String, String> getReplaceValue() {
+        return replaceValue;
+    }
+
+    public void setReplaceValue(Map<String, String> replaceValue) {
+        this.replaceValue = replaceValue;
+    }
+
+    public String getEmailType() {
+        return emailType;
+    }
+
+    public void setEmailType(String emailType) {
+        this.emailType = emailType;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+}

From a7af88396247f39a603533df30cd235e203cf29f Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Thu, 23 Jul 2020 20:45:30 +0530
Subject: [PATCH 20/58] Add tenant create API

---
 .../pom.xml                                   |  4 +
 .../DeviceManagementConfigServiceImpl.java    | 90 +++++++++++++++++++
 .../src/main/webapp/WEB-INF/web.xml           |  3 +-
 3 files changed, 96 insertions(+), 1 deletion(-)

diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/pom.xml b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/pom.xml
index 8ffc22a4ec..fe1ff78a87 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/pom.xml
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/pom.xml
@@ -273,5 +273,9 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.multitenancy</groupId>
+            <artifactId>org.wso2.carbon.tenant.mgt</artifactId>
+        </dependency>
     </dependencies>
 </project>
diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
index 9ccbecda3d..bb1a04bba7 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
@@ -24,6 +24,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import io.entgra.carbon.device.mgt.config.jaxrs.beans.ErrorResponse;
 import io.entgra.carbon.device.mgt.config.jaxrs.service.DeviceManagementConfigService;
 import io.entgra.carbon.device.mgt.config.jaxrs.util.DeviceMgtAPIUtils;
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.base.MultitenantConstants;
@@ -35,6 +36,7 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.AmbiguousConfiguratio
 import org.wso2.carbon.device.mgt.common.configuration.mgt.DeviceConfiguration;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
+import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails;
 import org.wso2.carbon.device.mgt.common.general.TenantDetail;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
@@ -48,22 +50,29 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
 import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
 import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
+import org.wso2.carbon.stratos.common.beans.TenantInfoBean;
+import org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService;
 import org.wso2.carbon.user.api.Tenant;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.user.core.service.RealmService;
 
+import javax.validation.constraints.Size;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.HeaderParam;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.GregorianCalendar;
 import java.util.List;
 import java.util.Map;
 
@@ -270,6 +279,87 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig
         return tenantDetail;
     }
 
+    /**
+     * This API will add a tenant to the system and can be called by the super tenant only.
+     * @return Returns the
+     */
+    @Path("/tenant")
+    @POST
+    @Produces(MediaType.APPLICATION_JSON)
+    public Response addTenant(@HeaderParam("one-time-token") String token) {
+
+        TenantMgtAdminService tenantMgtAdminService = null;
+        OneTimeTokenDetails tenantWrapper = null;
+
+        // Request validation
+        String errorMsg = null;
+        Response.Status errorStatus = Response.Status.BAD_REQUEST;
+        if (StringUtils.isEmpty(token)) {
+            errorMsg = "Authentication failure when creating tenant";
+        } else {
+            tenantWrapper = new OneTimeTokenDetails(); //TODO: Call one time token validation API
+            if (tenantWrapper == null) {
+                errorMsg = "One time token is not present in the database";
+            } else {
+                try {
+                    tenantMgtAdminService = new TenantMgtAdminService();
+                    if (tenantMgtAdminService == null) {
+                        errorMsg = "Request can only be made by super admin";
+                        errorStatus = Response.Status.INTERNAL_SERVER_ERROR;
+                    } else {
+                        TenantInfoBean[] tenant = tenantMgtAdminService.retrievePartialSearchTenants(tenantWrapper.getDomain());
+                        if (!PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                                .getTenantDomain().equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
+                            errorMsg = "Request can only be made by super admin";
+                        } else if (tenant != null && tenant.length > 0) {
+                            for (TenantInfoBean tenantInfoBean : tenant) {
+                                if (tenantInfoBean.getTenantDomain().equals(tenantWrapper.getDomain())) {
+                                    errorMsg = "Tenant domain is already in use";
+                                    break;
+                                }
+                            }
+                        }
+                    }
+
+                } catch (Exception e) { // Carbon multi-tenancy is throwing generic exceptions.
+                    errorMsg = "Could not create tenant domain " + tenantWrapper.getDomain();
+                    errorStatus = Response.Status.INTERNAL_SERVER_ERROR;
+                }
+            }
+        }
+
+        if (errorMsg != null) {
+            log.error(errorMsg);
+            return Response.status(errorStatus).entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()
+            ).build();
+        }
+
+        try {
+            TenantInfoBean tenantInfoBean = new TenantInfoBean();
+            tenantInfoBean.setActive(true);
+            tenantInfoBean.setAdminPassword(tenantWrapper.getPassword());
+            tenantInfoBean.setAdmin(tenantWrapper.getAdminName());
+            tenantInfoBean.setFirstname(tenantWrapper.getAdminFirstName());
+            tenantInfoBean.setLastname(tenantWrapper.getAdminLastName());
+            tenantInfoBean.setEmail(tenantWrapper.getEmail());
+            Calendar calendar = new GregorianCalendar();
+            calendar.setTime(new Date());
+            tenantInfoBean.setCreatedDate(calendar);
+            tenantInfoBean.setTenantDomain(tenantWrapper.getDomain());
+
+            String response = tenantMgtAdminService.addTenant(tenantInfoBean);
+            return Response.status(Response.Status.OK).entity(response).build();
+
+        } catch (Exception e) { // The underlying API is throwing a generic exception.
+            String msg = "Error while adding tenant";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        }
+
+    }
+
     @POST
     @Path("/permissions")
     @Produces({MediaType.APPLICATION_JSON})
diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
index 6b397c9fbe..3b97a83bbc 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
@@ -49,7 +49,8 @@
         <param-name>nonSecuredEndPoints</param-name>
         <param-value>
             /api/device-mgt-config/v1.0/configurations,
-            /api/device-mgt-config/v1.0/configurations/ui-config
+            /api/device-mgt-config/v1.0/configurations/ui-config,
+            /api/device-mgt-config/v1.0/tenant
         </param-value>
     </context-param>
 

From 709a7ab5924dc4ada2d19f83ce2955363a60d412 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Fri, 24 Jul 2020 01:07:59 +0530
Subject: [PATCH 21/58] Add OTP managing functionality

---
 .../service/api/UserManagementService.java    |  48 +++-
 .../impl/UserManagementServiceImpl.java       |  50 ++++
 .../mgt/jaxrs/util/DeviceMgtAPIUtils.java     |  27 +-
 .../src/main/webapp/WEB-INF/web.xml           |   3 +-
 .../exceptions/DBConnectionException.java     |  33 +++
 .../exceptions/OTPManagementException.java    |  44 ++++
 .../mgt/common/otp/mgt/dto/OTPMailDTO.java    | 104 ++++++++
 .../otp/mgt/wrapper/OTPMailWrapper.java       |  84 +++++++
 .../mgt/common/spi/OTPManagementService.java  |  34 +++
 .../mgt/core/DeviceManagementConstants.java   |   1 +
 .../DeviceManagementServiceComponent.java     |   9 +-
 .../mgt/core/otp/mgt/dao/AbstractDAOImpl.java |  33 +++
 .../core/otp/mgt/dao/OTPManagementDAO.java    |  32 +++
 .../otp/mgt/dao/OTPManagementDAOFactory.java  |  76 ++++++
 .../dao/impl/GenericOTPManagementDAOImpl.java |  85 +++++++
 .../dao/impl/OracleOTPManagementDAOImpl.java  |  24 ++
 .../impl/PostgreSQLOTPManagementDAOImpl.java  |  25 ++
 .../impl/SQLServerOTPManagementDAOImpl.java   |  24 ++
 .../exception/OTPManagementDAOException.java  |  31 +++
 .../mgt/service/OTPManagementServiceImpl.java | 132 ++++++++++
 .../otp/mgt/util/ConnectionManagerUtil.java   | 211 ++++++++++++++++
 .../src/main/resources/dbscripts/cdm/h2.sql   |  17 ++
 .../main/resources/dbscripts/cdm/mssql.sql    |  17 ++
 .../main/resources/dbscripts/cdm/mysql.sql    |  17 ++
 .../main/resources/dbscripts/cdm/oracle.sql   |  28 +++
 .../resources/dbscripts/cdm/postgresql.sql    |  20 ++
 .../resources/email/templates/user-verify.vm  | 230 ++++++++++++++++++
 27 files changed, 1435 insertions(+), 4 deletions(-)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/DBConnectionException.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/OTPManagementException.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/AbstractDAOImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAOFactory.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/OracleOTPManagementDAOImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/PostgreSQLOTPManagementDAOImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/SQLServerOTPManagementDAOImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/exception/OTPManagementDAOException.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/util/ConnectionManagerUtil.java
 create mode 100644 features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
index 397c35b336..a133ffd4ec 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
@@ -35,7 +35,6 @@
 package org.wso2.carbon.device.mgt.jaxrs.service.api;
 
 import com.google.gson.JsonArray;
-import com.google.gson.JsonObject;
 import io.swagger.annotations.SwaggerDefinition;
 import io.swagger.annotations.Info;
 import io.swagger.annotations.ExtensionProperty;
@@ -50,6 +49,7 @@ import io.swagger.annotations.ResponseHeader;
 import org.apache.axis2.transport.http.HTTPConstants;
 import org.wso2.carbon.apimgt.annotations.api.Scopes;
 import org.wso2.carbon.apimgt.annotations.api.Scope;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfoList;
@@ -1221,4 +1221,50 @@ public interface UserManagementService {
                     response = ErrorResponse.class)
     })
     Response getPermissionsOfUser();
+
+    @POST
+    @Path("/one-time-pin")
+    @ApiOperation(
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = "GET",
+            value = "Getting the permission details of the current user",
+            notes = "A user may granted more than one permission in IoTS. Using this REST API "
+                    + "you can get the permission/permission the current user has granted. ",
+            tags = "User Management",
+            extensions = {
+                    @Extension(properties = {
+                            @ExtensionProperty(name = Constants.SCOPE, value = "perm:user:permission-view")
+                    })
+            }
+    )
+    @ApiResponses(value = {
+            @ApiResponse(
+                    code = 200,
+                    message = "OK. \n Successfully fetched the list of permissions the user "
+                            + "has granted.",
+                    response = PermissionList.class,
+                    responseHeaders = {
+                            @ResponseHeader(
+                                    name = "Content-Type",
+                                    description = "The content type of the body"),
+                            @ResponseHeader(
+                                    name = "ETag",
+                                    description = "Entity Tag of the response resource.\n" +
+                                            "Used by caches, or in conditional requests."),
+                            @ResponseHeader(
+                                    name = "Last-Modified",
+                                    description = "Date and time the resource was last modified.\n" +
+                                            "Used by caches, or in conditional requests."),
+                    }),
+            @ApiResponse(
+                    code = 404,
+                    message = "Not Found. \n The specified resource does not exist.\n",
+                    response = ErrorResponse.class),
+            @ApiResponse(
+                    code = 500,
+                    message = "Internal Server Error. \n Server error occurred while fetching the "
+                            + "list of roles assigned to the specified user.",
+                    response = ErrorResponse.class)
+    })
+    Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper);
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
index 81233092f3..8b9dbe6e65 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
@@ -45,8 +45,11 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
@@ -1115,6 +1118,53 @@ public class UserManagementServiceImpl implements UserManagementService {
         }
     }
 
+    /**
+     * Method used to send an invitation email to a existing user to enroll a device.
+     *
+     * @param otpMailWrapper Username list of the users to be invited
+     */
+    @POST
+    @Path("/one-time-pin")
+    @Produces({MediaType.APPLICATION_JSON})
+    public Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper) {
+        if (log.isDebugEnabled()) {
+            log.debug("Sending enrollment invitation mail to existing user.");
+        }
+        DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
+        OTPManagementService oms = DeviceMgtAPIUtils.getOTPManagementService();
+        try {
+            String otpToken = oms.createOTPToken(otpMailWrapper);
+            Properties props = new Properties();
+            props.setProperty("first-name", otpMailWrapper.getFirstName());
+            props.setProperty("otp-token", otpToken);
+
+            EmailMetaInfo metaInfo = new EmailMetaInfo(otpMailWrapper.getEmail(), props);
+            dms.sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE,
+                    metaInfo);
+        } catch (DeviceManagementException e) {
+            String msg = "Error occurred while inviting user to enrol their device";
+            if (e.getMessage() != null && !e.getMessage().isEmpty()) {
+                msg = e.getMessage();
+            }
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (ConfigurationManagementException e) {
+            String msg = "Error occurred while sending the email invitations. Mail server not configured.";
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (OTPManagementException e) {
+            String msg = "Error occurred while generating and storing the OTP data";
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        } catch (org.wso2.carbon.device.mgt.common.exceptions.BadRequestException e) {
+            String msg = "Bad Request : Found invalid request payload to create OTP toke.";
+            log.error(msg, e);
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+        return Response.status(Response.Status.OK).entity("Invitation mails have been sent.").build();
+    }
+
     private Map<String, String> buildDefaultUserClaims(String firstName, String lastName, String emailAddress,
                                                        boolean isFresh) {
         Map<String, String> defaultUserClaims = new HashMap<>();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
index 31b9543d08..fa5eeaf2c7 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
@@ -52,6 +52,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
 import org.wso2.carbon.device.mgt.common.report.mgt.ReportManagementService;
 import org.wso2.carbon.device.mgt.common.spi.DeviceTypeGeneratorService;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.app.mgt.ApplicationManagementProviderService;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManager;
 import org.wso2.carbon.device.mgt.core.dto.DeviceTypeVersion;
@@ -134,13 +135,14 @@ public class DeviceMgtAPIUtils {
     public static final String DAS_ADMIN_SERVICE_EP = "https://" + DAS_HOST_NAME + ":" + DAS_PORT + "/services/";
     private static SSLContext sslContext;
 
-    private static Log log = LogFactory.getLog(DeviceMgtAPIUtils.class);
+    private static final Log log = LogFactory.getLog(DeviceMgtAPIUtils.class);
     private static KeyStore keyStore;
     private static KeyStore trustStore;
     private static char[] keyStorePassword;
 
     private static IntegrationClientService integrationClientService;
     private static MetadataManagementService metadataManagementService;
+    private static volatile OTPManagementService otpManagementService;
 
     static {
         String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
@@ -459,6 +461,29 @@ public class DeviceMgtAPIUtils {
         return metadataManagementService;
     }
 
+    /**
+     * Initializing and accessing method for OTPManagementService.
+     *
+     * @return OTPManagementService instance
+     * @throws IllegalStateException if OTPManagementService cannot be initialized
+     */
+    public static OTPManagementService getOTPManagementService() {
+        if (otpManagementService == null) {
+            synchronized (DeviceMgtAPIUtils.class) {
+                if (otpManagementService == null) {
+                    PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                    otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
+                    if (otpManagementService == null) {
+                        String msg = "OTP Management service not initialized.";
+                        log.error(msg);
+                        throw new IllegalStateException(msg);
+                    }
+                }
+            }
+        }
+        return otpManagementService;
+    }
+
     /**
      * Method for initializing ReportManagementService
      * @return ReportManagementServie Instance
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
index fffbfbdb24..4d7c9c915f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -48,7 +48,8 @@
     <context-param>
         <param-name>nonSecuredEndPoints</param-name>
         <param-value>
-            /api/device-mgt/v1.0/users/validate
+            /api/device-mgt/v1.0/users/validate,
+            /api/device-mgt/v1.0/users/one-time-pin,
         </param-value>
     </context-param>
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/DBConnectionException.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/DBConnectionException.java
new file mode 100644
index 0000000000..a47449c060
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/DBConnectionException.java
@@ -0,0 +1,33 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.exceptions;
+
+/**
+ * Exception thrown due to Database Connection issues.
+ */
+public class DBConnectionException extends Exception {
+
+    private static final long serialVersionUID = -6779125067467878014L;
+
+    public DBConnectionException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public DBConnectionException(String msg) {
+        super(msg);
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/OTPManagementException.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/OTPManagementException.java
new file mode 100644
index 0000000000..3dd3bee07f
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/OTPManagementException.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.exceptions;
+
+public class OTPManagementException extends Exception {
+
+    private static final long serialVersionUID = 397485329551276175L;
+
+    public OTPManagementException(String msg, Exception nestedEx) {
+        super(msg, nestedEx);
+    }
+
+    public OTPManagementException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public OTPManagementException(String msg) {
+        super(msg);
+    }
+
+    public OTPManagementException() {
+        super();
+    }
+
+    public OTPManagementException(Throwable cause) {
+        super(cause);
+    }
+
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
new file mode 100644
index 0000000000..ee582b8288
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
@@ -0,0 +1,104 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.common.otp.mgt.dto;
+
+import java.sql.Timestamp;
+
+public class OTPMailDTO {
+
+    int id;
+    String otpToken;
+    String tenantDomain;
+    String email;
+    String emailType;
+    String metaInfo;
+    Timestamp createdAt;
+    int expiryTime;
+    boolean isExpired;
+    boolean isTenantCreated;
+
+    public int getId() {
+        return id;
+    }
+
+    public void setId(int id) {
+        this.id = id;
+    }
+
+    public String getOtpToken() {
+        return otpToken;
+    }
+
+    public void setOtpToken(String otpToken) {
+        this.otpToken = otpToken;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getEmailType() {
+        return emailType;
+    }
+
+    public void setEmailType(String emailType) {
+        this.emailType = emailType;
+    }
+
+    public String getMetaInfo() { return metaInfo; }
+
+    public void setMetaInfo(String metaInfo) {
+        this.metaInfo = metaInfo;
+    }
+
+    public Timestamp getCreatedAt() {
+        return createdAt;
+    }
+
+    public void setCreatedAt(Timestamp createdAt) {
+        this.createdAt = createdAt;
+    }
+
+    public int getExpiryTime() {
+        return expiryTime;
+    }
+
+    public void setExpiryTime(int expiryTime) {
+        this.expiryTime = expiryTime;
+    }
+
+    public boolean isExpired() {
+        return isExpired;
+    }
+
+    public void setExpired(boolean expired) {
+        isExpired = expired;
+    }
+
+    public String getTenantDomain() { return tenantDomain; }
+
+    public void setTenantDomain(String tenantDomain) { this.tenantDomain = tenantDomain; }
+
+    public boolean isTenantCreated() { return isTenantCreated; }
+
+    public void setTenantCreated(boolean tenantCreated) { isTenantCreated = tenantCreated; }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
new file mode 100644
index 0000000000..35f255ef6b
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
@@ -0,0 +1,84 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.otp.mgt.wrapper;
+
+public class OTPMailWrapper {
+
+    private String firstName;
+    private String lastName;
+    private String tenantDomain;
+    private String adminUsername;
+    private String adminPassword;
+    private String email;
+    private String emailType;
+
+    public String getTenantDomain() {
+        return tenantDomain;
+    }
+
+    public void setTenantDomain(String tenantDomain) {
+        this.tenantDomain = tenantDomain;
+    }
+
+    public String getAdminUsername() {
+        return adminUsername;
+    }
+
+    public void setAdminUsername(String adminUsername) {
+        this.adminUsername = adminUsername;
+    }
+
+    public String getAdminPassword() {
+        return adminPassword;
+    }
+
+    public void setAdminPassword(String adminPassword) {
+        this.adminPassword = adminPassword;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getEmailType() {
+        return emailType;
+    }
+
+    public void setEmailType(String emailType) {
+        this.emailType = emailType;
+    }
+
+    public String getFirstName() {
+        return firstName;
+    }
+
+    public void setFirstName(String firstName) {
+        this.firstName = firstName;
+    }
+
+    public String getLastName() {
+        return lastName;
+    }
+
+    public void setLastName(String lastName) {
+        this.lastName = lastName;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
new file mode 100644
index 0000000000..a8d5737963
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -0,0 +1,34 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.common.spi;
+
+import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
+
+public interface OTPManagementService {
+
+    /**
+     * Cretae OTP token and store tenant details in the DB
+     * @param otpMailWrapper OTP Mail Wrapper object which contains tenant details of registering user
+     * @return OTPToken
+     * @throws OTPManagementException if error occurs while creating OTP token and storing tenant details.
+     * @throws BadRequestException if found and incompatible payload to create OTP token.
+     */
+    String createOTPToken (OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException;
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
index 1b402560b7..21b19b7a83 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
@@ -116,6 +116,7 @@ public final class DeviceManagementConstants {
 
         public static final String USER_REGISTRATION_TEMPLATE = "user-registration";
         public static final String USER_ENROLLMENT_TEMPLATE = "user-enrollment";
+        public static final String USER_VERIFY_TEMPLATE = "user-verify";
         public static final String DEFAULT_ENROLLMENT_TEMPLATE = "default-enrollment-invitation";
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
index daf740fa60..60b309ad76 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java
@@ -35,6 +35,7 @@ import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService
 import org.wso2.carbon.device.mgt.common.report.mgt.ReportManagementService;
 import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
 import org.wso2.carbon.device.mgt.common.spi.DeviceTypeGeneratorService;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.app.mgt.ApplicationManagementProviderService;
 import org.wso2.carbon.device.mgt.core.app.mgt.ApplicationManagerProviderServiceImpl;
@@ -56,6 +57,8 @@ import org.wso2.carbon.device.mgt.core.notification.mgt.NotificationManagementSe
 import org.wso2.carbon.device.mgt.core.notification.mgt.dao.NotificationManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.operation.mgt.OperationManagerImpl;
 import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
+import org.wso2.carbon.device.mgt.core.otp.mgt.service.OTPManagementServiceImpl;
 import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.wso2.carbon.device.mgt.core.privacy.PrivacyComplianceProvider;
 import org.wso2.carbon.device.mgt.core.privacy.impl.PrivacyComplianceProviderImpl;
@@ -178,6 +181,7 @@ public class DeviceManagementServiceComponent {
             NotificationManagementDAOFactory.init(dsConfig);
             OperationManagementDAOFactory.init(dsConfig);
             MetadataManagementDAOFactory.init(dsConfig);
+            OTPManagementDAOFactory.init(dsConfig.getJndiLookupDefinition().getJndiName());
             /*Initialize the device cache*/
             DeviceManagerUtil.initializeDeviceCache();
 
@@ -330,7 +334,10 @@ public class DeviceManagementServiceComponent {
         MetadataManagementService metadataManagementService = new MetadataManagementServiceImpl();
         bundleContext.registerService(MetadataManagementService.class.getName(), metadataManagementService, null);
 
-	     /* Registering App Management service */
+        OTPManagementService otpManagementService = new OTPManagementServiceImpl();
+        bundleContext.registerService(OTPManagementService.class.getName(), otpManagementService, null);
+
+        /* Registering App Management service */
         try {
             AppManagementConfigurationManager.getInstance().initConfig();
             AppManagementConfig appConfig =
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/AbstractDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/AbstractDAOImpl.java
new file mode 100644
index 0000000000..ea9faf7ee0
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/AbstractDAOImpl.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2019, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
+ *
+ * Entgra (pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao;
+
+import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
+import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
+
+import java.sql.Connection;
+
+/**
+ * This class deals with getting the DB connection.
+ */
+public abstract class AbstractDAOImpl {
+
+    protected Connection getDBConnection() throws DBConnectionException {
+        return ConnectionManagerUtil.getDBConnection();
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
new file mode 100644
index 0000000000..5d92d435c8
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
@@ -0,0 +1,32 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao;
+
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
+
+public interface OTPManagementDAO {
+
+    /**
+     * Save OTP token data and tenant details of registering user
+     * @param otpMailDTO OTPMailDTO
+     * @return  Primary key of the newly adding data raw
+     * @throws OTPManagementDAOException if error occurred whule storing data
+     */
+    int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException;
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAOFactory.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAOFactory.java
new file mode 100644
index 0000000000..5d7ca6c585
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAOFactory.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2020, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
+ *
+ * Entgra (pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
+import org.wso2.carbon.device.mgt.common.exceptions.UnsupportedDatabaseEngineException;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl.GenericOTPManagementDAOImpl;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl.OracleOTPManagementDAOImpl;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl.PostgreSQLOTPManagementDAOImpl;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl.SQLServerOTPManagementDAOImpl;
+import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
+
+import javax.sql.DataSource;
+import java.sql.Connection;
+import java.sql.SQLException;
+
+/**
+ * This class intends to act as the primary entity that hides all DAO instantiation related complexities and logic so
+ * that the business objection handling layer doesn't need to be aware of the same providing seamless plug-ability of
+ * different data sources, connection acquisition mechanisms as well as different forms of DAO implementations to the
+ * high-level implementations that require Application management related metadata persistence.
+ */
+public class OTPManagementDAOFactory {
+
+    private static String databaseEngine;
+    private static final Log log = LogFactory.getLog(OTPManagementDAOFactory.class);
+
+    public static void init(String datasourceName) {
+        ConnectionManagerUtil.resolveDataSource(datasourceName);
+        databaseEngine = ConnectionManagerUtil.getDatabaseType();
+    }
+
+    public static void init(DataSource dtSource) {
+        try (Connection connection = dtSource.getConnection()) {
+            databaseEngine = connection.getMetaData().getDatabaseProductName();
+        } catch (SQLException e) {
+            log.error("Error occurred while retrieving config.datasource connection", e);
+        }
+    }
+
+    public static OTPManagementDAO getOTPManagementDAO() {
+        if (databaseEngine != null) {
+            switch (databaseEngine) {
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_H2:
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
+                    return new GenericOTPManagementDAOImpl();
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
+                    return new PostgreSQLOTPManagementDAOImpl();
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MSSQL:
+                    return new SQLServerOTPManagementDAOImpl();
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_ORACLE:
+                    return new OracleOTPManagementDAOImpl();
+                default:
+                    throw new UnsupportedDatabaseEngineException("Unsupported database engine : " + databaseEngine);
+            }
+        }
+        throw new IllegalStateException("Database engine has not initialized properly.");
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
new file mode 100644
index 0000000000..9149a7450b
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -0,0 +1,85 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.AbstractDAOImpl;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
+import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.sql.Timestamp;
+import java.util.Calendar;
+
+public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPManagementDAO {
+
+    private static final Log log = LogFactory.getLog(GenericOTPManagementDAOImpl.class);
+
+    @Override
+    public int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to create an OTP data entry");
+            log.debug("OTP Details : ");
+            log.debug("OTP key : " + otpMailDTO.getOtpToken() + " Email : " + otpMailDTO.getEmail());
+        }
+
+        String sql = "INSERT INTO DM_OTP_DATA "
+                + "(OTP_TOKEN, "
+                + "TENANT_DOMAIN,"
+                + "EMAIL, "
+                + "EMAIL_TYPE, "
+                + "META_INFO, "
+                + "CREATED_AT) VALUES (?, ?, ?, ?, ?, ?)";
+        try {
+            Connection conn = this.getDBConnection();
+            Calendar calendar = Calendar.getInstance();
+            Timestamp timestamp = new Timestamp(calendar.getTime().getTime());
+            try (PreparedStatement stmt = conn.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) {
+                stmt.setString(1, otpMailDTO.getOtpToken());
+                stmt.setString(2, otpMailDTO.getTenantDomain());
+                stmt.setString(3, otpMailDTO.getEmail());
+                stmt.setString(4, otpMailDTO.getEmailType());
+                stmt.setString(5, otpMailDTO.getMetaInfo());
+                stmt.setTimestamp(6, timestamp);
+                stmt.executeUpdate();
+                try (ResultSet rs = stmt.getGeneratedKeys()) {
+                    if (rs.next()) {
+                        return rs.getInt(1);
+                    }
+                    return -1;
+                }
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to create an opt entry for email "
+                    + otpMailDTO.getEmail();
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to create an otp entry for email " + otpMailDTO.getEmail();
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        }
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/OracleOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/OracleOTPManagementDAOImpl.java
new file mode 100644
index 0000000000..c3feb1262d
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/OracleOTPManagementDAOImpl.java
@@ -0,0 +1,24 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl;
+
+/**
+ * This handles OTP managing DAO methods which are specific to Oracle.
+ */
+public class OracleOTPManagementDAOImpl extends  GenericOTPManagementDAOImpl{
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/PostgreSQLOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/PostgreSQLOTPManagementDAOImpl.java
new file mode 100644
index 0000000000..52d705736b
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/PostgreSQLOTPManagementDAOImpl.java
@@ -0,0 +1,25 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl;
+
+/**
+ * This handles OTP managing DAO methods which are specific to PostgreSQL.
+ */
+public class PostgreSQLOTPManagementDAOImpl extends GenericOTPManagementDAOImpl{
+
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/SQLServerOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/SQLServerOTPManagementDAOImpl.java
new file mode 100644
index 0000000000..222fc9fd7c
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/SQLServerOTPManagementDAOImpl.java
@@ -0,0 +1,24 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl;
+
+/**
+ * This handles OTP managing DAO methods which are specific to MSSQL.
+ */
+public class SQLServerOTPManagementDAOImpl extends GenericOTPManagementDAOImpl{
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/exception/OTPManagementDAOException.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/exception/OTPManagementDAOException.java
new file mode 100644
index 0000000000..6815823bab
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/exception/OTPManagementDAOException.java
@@ -0,0 +1,31 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.otp.mgt.exception;
+
+/**
+ * Exception thrown during the ApplicationDTO Management DAO operations.
+ */
+public class OTPManagementDAOException extends Exception {
+
+    public OTPManagementDAOException(String message, Throwable throwable) {
+        super(message, throwable);
+    }
+
+    public OTPManagementDAOException(String message) {
+        super(message, new Exception());
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
new file mode 100644
index 0000000000..16c21396a8
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -0,0 +1,132 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.otp.mgt.service;
+
+import com.google.gson.Gson;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
+import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
+import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
+import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
+import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
+
+import java.util.UUID;
+
+public class OTPManagementServiceImpl implements OTPManagementService {
+
+    private static final Log log = LogFactory.getLog(OTPManagementServiceImpl.class);
+    private OTPManagementDAO otpManagementDAO;
+
+    public OTPManagementServiceImpl() {
+        initDataAccessObjects();
+    }
+
+    private void initDataAccessObjects() {
+        otpManagementDAO = OTPManagementDAOFactory.getOTPManagementDAO();
+    }
+
+    @Override
+    public String createOTPToken(OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException {
+
+        if (!isValidOTPTokenCreatingRequest(otpMailWrapper)){
+            String msg = "Found invalid payload with OTP creating request";
+            log.error(msg);
+            throw new BadRequestException(msg);
+        }
+
+        Gson gson = new Gson();
+        String metaInfo = gson.toJson(otpMailWrapper);
+        String otpValue = UUID.randomUUID().toString();
+
+        OTPMailDTO otpMailDTO = new OTPMailDTO();
+        otpMailDTO.setEmail(otpMailWrapper.getEmail());
+        otpMailDTO.setTenantDomain(otpMailWrapper.getTenantDomain());
+        otpMailDTO.setEmailType(otpMailWrapper.getEmailType());
+        otpMailDTO.setMetaInfo(metaInfo);
+        otpMailDTO.setOtpToken(otpValue);
+
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+            if (this.otpManagementDAO.addOTPData(otpMailDTO) == -1) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                String msg = "OTP data saving failed. Please, contact Administrator";
+                log.error(msg);
+                throw new OTPManagementException(msg);
+            }
+            ConnectionManagerUtil.commitDBTransaction();
+            return otpValue;
+        } catch (TransactionManagementException e) {
+            String msg = "Error occurred while disabling AutoCommit.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while getting database connection.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (OTPManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while saving the OTP data. Email address: " + otpMailDTO.getEmail();
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        }
+    }
+
+    /**
+     * Validate OTP token creating payload
+     * @param otpMailWrapper OTPMailWrapper
+     * @return true if its valid payload otherwise returns false
+     */
+    private boolean isValidOTPTokenCreatingRequest(OTPMailWrapper otpMailWrapper) {
+        if (StringUtils.isBlank(otpMailWrapper.getFirstName())) {
+            log.error("Received empty or blank first name field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getLastName())) {
+            log.error("Received empty or blank last name field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getAdminUsername())) {
+            log.error("Received empty or blank admin username field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getAdminPassword())) {
+            log.error("Received empty or blank admin password field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getEmail())) {
+            log.error("Received empty or blank email field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getEmailType())) {
+            log.error("Received empty or blank email type field with OTP creating payload.");
+            return false;
+        }
+        if (StringUtils.isBlank(otpMailWrapper.getTenantDomain())) {
+            log.error("Received empty or blank tenant domain field with OTP creating payload.");
+            return false;
+        }
+        return true;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/util/ConnectionManagerUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/util/ConnectionManagerUtil.java
new file mode 100644
index 0000000000..9db3784dd5
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/util/ConnectionManagerUtil.java
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2020, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
+ *
+ * Entgra (pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.otp.mgt.util;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
+import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.IllegalTransactionStateException;
+
+import javax.naming.InitialContext;
+import javax.sql.DataSource;
+import java.sql.Connection;
+import java.sql.SQLException;
+
+/**
+ * ConnectionManagerUtil is responsible for handling all the datasource connections utilities.
+ */
+public class ConnectionManagerUtil {
+
+    private static final Log log = LogFactory.getLog(ConnectionManagerUtil.class);
+    private static final ThreadLocal<Connection> currentConnection = new ThreadLocal<>();
+    private static DataSource dataSource;
+
+    public static void openDBConnection() throws DBConnectionException {
+        Connection conn = currentConnection.get();
+        if (conn != null) {
+            String msg = "Database connection has already been obtained.";
+            log.error(msg);
+            throw new IllegalTransactionStateException(msg);
+        }
+        try {
+            conn = dataSource.getConnection();
+        } catch (SQLException e) {
+            String msg = "Failed to get a database connection.";
+            log.error(msg, e);
+            throw new DBConnectionException(msg, e);
+        }
+        currentConnection.set(conn);
+    }
+
+    public static Connection getDBConnection() throws DBConnectionException {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            try {
+                conn = dataSource.getConnection();
+                currentConnection.set(conn);
+            } catch (SQLException e) {
+                throw new DBConnectionException("Failed to get database connection.", e);
+            }
+        }
+        return conn;
+    }
+
+    public static void beginDBTransaction() throws TransactionManagementException, DBConnectionException {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            conn = getDBConnection();
+        } else if (inTransaction(conn)) {
+            String msg = "Transaction has already been started.";
+            log.error(msg);
+            throw new IllegalTransactionStateException(msg);
+        }
+
+        try {
+            conn.setAutoCommit(false);
+        } catch (SQLException e) {
+            String msg = "Error occurred while starting a database transaction.";
+            log.error(msg, e);
+            throw new TransactionManagementException(msg, e);
+        }
+    }
+
+    public static void endDBTransaction() throws TransactionManagementException {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            throw new IllegalTransactionStateException("Database connection is not active.");
+        }
+
+        if (!inTransaction(conn)) {
+            throw new IllegalTransactionStateException("Transaction has not been started.");
+        }
+
+        try {
+            conn.setAutoCommit(true);
+        } catch (SQLException e) {
+            throw new TransactionManagementException("Error occurred while ending database transaction.", e);
+        }
+    }
+
+    public static void commitDBTransaction() {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            throw new IllegalTransactionStateException("Database connection is not active.");
+        }
+
+        if (!inTransaction(conn)) {
+            throw new IllegalTransactionStateException("Transaction has not been started.");
+        }
+
+        try {
+            conn.commit();
+        } catch (SQLException e) {
+            log.error("Error occurred while committing the transaction", e);
+        }
+    }
+
+    public static void rollbackDBTransaction() {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            throw new IllegalTransactionStateException("Database connection is not active.");
+        }
+
+        if (!inTransaction(conn)) {
+            throw new IllegalTransactionStateException("Transaction has not been started.");
+        }
+
+        try {
+            conn.rollback();
+        } catch (SQLException e) {
+            log.warn("Error occurred while roll-backing the transaction", e);
+        }
+    }
+
+    public static void closeDBConnection() {
+        Connection conn = currentConnection.get();
+        if (conn == null) {
+            throw new IllegalTransactionStateException("Database connection is not active.");
+        }
+        try {
+            conn.close();
+        } catch (SQLException e) {
+            log.error("Error occurred while closing the connection", e);
+        }
+        currentConnection.remove();
+    }
+
+    private static boolean inTransaction(Connection conn) {
+        boolean inTransaction = true;
+        try {
+            if (conn.getAutoCommit()) {
+                inTransaction = false;
+            }
+        } catch (SQLException e) {
+            throw new IllegalTransactionStateException("Failed to get transaction state.");
+        }
+        return inTransaction;
+    }
+
+    public static boolean isTransactionStarted() throws DBConnectionException {
+        Connection connection = getDBConnection();
+        return inTransaction(connection);
+    }
+
+    /**
+     * Resolve the datasource from the datasource definition.
+     *
+     * @param dataSourceName Name of the datasource
+     * @return DataSource resolved by the datasource name
+     */
+    public static DataSource resolveDataSource(String dataSourceName) {
+        try {
+            dataSource = InitialContext.doLookup(dataSourceName);
+        } catch (Exception e) {
+            throw new RuntimeException("Error in looking up data source: " + e.getMessage(), e);
+        }
+        return dataSource;
+    }
+
+    public static String getDatabaseType() {
+        try (Connection connection = dataSource.getConnection()) {
+            return connection.getMetaData().getDatabaseProductName();
+        } catch (SQLException e) {
+            log.error("Error occurred while retrieving config.datasource connection", e);
+        }
+        return null;
+    }
+
+    /**
+     * To check whether particular database that is used for application management supports batch query execution.
+     *
+     * @return true if batch query is supported, otherwise false.
+     */
+    public static boolean isBatchQuerySupported() {
+        try (Connection connection = dataSource.getConnection()) {
+            return connection.getMetaData().supportsBatchUpdates();
+        } catch (SQLException e) {
+            log.error("Error occurred while checking whether database supports batch updates", e);
+        }
+        return false;
+    }
+
+    public static void init(DataSource dtSource) {
+        dataSource = dtSource;
+    }
+}
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
index 4d16db5abe..adf4044962 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
@@ -572,6 +572,23 @@ CREATE TABLE IF NOT EXISTS DM_METADATA (
 );
 -- END OF METADATA TABLE --
 
+-- DM_OTP_DATA TABLE --
+CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
+   ID INT AUTO_INCREMENT NOT NULL,
+   OTP_TOKEN VARCHAR(100) NOT NULL,
+   TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   EMAIL VARCHAR(100) NOT NULL,
+   EMAIL_TYPE VARCHAR(20) NOT NULL,
+   META_INFO VARCHAR(20000) NOT NULL,
+   CREATED_AT TIMESTAMP NOT NULL,
+   EXPIRY_TIME INT NOT NULL DEFAULT 3600,
+   IS_EXPIRED BOOLEAN DEFAULT false,
+   TENANT_CREATED BOOLEAN DEFAULT false,
+   PRIMARY KEY (ID),
+   CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
+);
+-- END OF DM_OTP_DATA TABLE --
+
 -- DASHBOARD RELATED VIEWS --
 CREATE VIEW POLICY_COMPLIANCE_INFO AS
 SELECT
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
index 8739701915..cbed63388d 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
@@ -614,6 +614,23 @@ CREATE TABLE DM_METADATA (
 );
 -- END OF METADATA TABLE --
 
+-- DM_OTP_DATA TABLE --
+CREATE TABLE DM_OTP_DATA (
+     ID INT IDENTITY NOT NULL,
+     OTP_TOKEN VARCHAR(100) NOT NULL,
+     TENANT_DOMAIN VARCHAR(20) NOT NULL,
+     EMAIL VARCHAR(100) NOT NULL,
+     EMAIL_TYPE VARCHAR(20) NOT NULL,
+     META_INFO VARCHAR(20000) NOT NULL,
+     CREATED_AT DATETIME2(0) NOT NULL,
+     EXPIRY_TIME INT NOT NULL DEFAULT 3600,
+     IS_EXPIRED BIT DEFAULT false,
+     TENANT_CREATED BOOLEAN DEFAULT false,
+     PRIMARY KEY (ID),
+     CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
+);
+-- END OF DM_OTP_DATA TABLE --
+
 -- DASHBOARD RELATED VIEWS --
 
 IF NOT  EXISTS (SELECT * FROM SYS.VIEWS WHERE NAME = 'POLICY_COMPLIANCE_INFO')
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
index ba57c26757..a3dff752c3 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
@@ -630,6 +630,23 @@ CREATE TABLE IF NOT EXISTS DM_METADATA (
 ) ENGINE=InnoDB;
 -- END OF METADATA TABLE --
 
+-- DM_OTP_DATA TABLE --
+CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
+   ID INT AUTO_INCREMENT NOT NULL,
+   OTP_TOKEN VARCHAR(100) NOT NULL,
+   TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   EMAIL VARCHAR(100) NOT NULL,
+   EMAIL_TYPE VARCHAR(20) NOT NULL,
+   META_INFO VARCHAR(20000) NOT NULL,
+   CREATED_AT TIMESTAMP NOT NULL,
+   EXPIRY_TIME INT NOT NULL DEFAULT 3600,
+   IS_EXPIRED BOOLEAN DEFAULT false,
+   TENANT_CREATED BOOLEAN DEFAULT false,
+   PRIMARY KEY (ID),
+   CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
+);
+-- END OF DM_OTP_DATA TABLE --
+
 -- DASHBOARD RELATED VIEWS --
 
 CREATE VIEW DEVICE_INFO_VIEW AS
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
index 3ca15d3f38..41a10d8ffe 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
@@ -978,6 +978,34 @@ END;
 /
 -- END OF METADATA TABLE --
 
+-- OPT-DATA TABLE --
+CREATE TABLE DM_OTP_DATA (
+     ID NUMBER(10) NOT NULL,
+     OTP_TOKEN VARCHAR2(100) NOT NULL,
+     TENANT_DOMAIN VARCHAR(20) NOT NULL,
+     EMAIL VARCHAR2(100) NOT NULL,
+     EMAIL_TYPE VARCHAR2(20) NOT NULL,
+     META_INFO VARCHAR2(20000) NOT NULL,
+     CREATED_AT TIMESTAMP(0) NOT NULL,
+     EXPIRY_TIME NUMBER(10) DEFAULT 3600 NOT NULL,
+     IS_EXPIRED CHAR(1) DEFAULT false,
+     TENANT_CREATED BOOLEAN DEFAULT false,
+     PRIMARY KEY (ID),
+     CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
+);
+
+-- Generate ID using sequence and trigger
+CREATE SEQUENCE DM_OTP_DATA_seq START WITH 1 INCREMENT BY 1;
+
+CREATE OR REPLACE TRIGGER DM_OTP_DATA_seq_tr
+ BEFORE INSERT ON DM_OTP_DATA FOR EACH ROW
+ WHEN (NEW.ID IS NULL)
+BEGIN
+SELECT DM_OTP_DATA_seq.NEXTVAL INTO :NEW.ID FROM DUAL;
+END;
+/
+-- END OF OTP-DATA TABLE --
+
 -- DASHBOARD RELATED VIEWS --
 
 CREATE VIEW POLICY_COMPLIANCE_INFO AS
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
index dc3d264cfd..c8c25534ae 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
@@ -617,6 +617,26 @@ CREATE TABLE IF NOT EXISTS DM_METADATA (
 );
 -- END OF METADATA TABLE --
 
+-- OPT-DATA TABLE --
+CREATE SEQUENCE DM_OTP_DATA_seq;
+
+CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
+   ID INT DEFAULT NEXTVAL ('DM_OTP_DATA_seq') NOT NULL,
+   OTP_TOKEN VARCHAR(100) NOT NULL,
+   TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   EMAIL VARCHAR(100) NOT NULL,
+   EMAIL_TYPE VARCHAR(20) NOT NULL,
+   META_INFO VARCHAR(20000) NOT NULL,
+   CREATED_AT TIMESTAMP(0) NOT NULL,
+   EXPIRY_TIME INT NOT NULL DEFAULT 3600,
+   IS_EXPIRED BOOLEAN DEFAULT false,
+   TENANT_CREATED BOOLEAN DEFAULT false,
+   PRIMARY KEY (ID),
+   CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
+);
+
+-- END OF OPT-DATA TABLE --
+
 -- DASHBOARD RELATED VIEWS --
 
 CREATE VIEW DEVICE_INFO_VIEW AS
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
new file mode 100644
index 0000000000..ee0747c64d
--- /dev/null
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
@@ -0,0 +1,230 @@
+#*
+    Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+
+    Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+    Version 2.0 (the "License"); you may not use this file except
+    in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied. See the License for the
+    specific language governing permissions and limitations
+    under the License.
+*#
+<EmailConfig>
+    <Subject>You have been invited to enroll your device in Entgra IoT</Subject>
+    <Body>
+    <![CDATA[
+    <html>
+    <head>
+        <title>Entgra IoT Server</title>
+    </head>
+    <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
+    <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
+        <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
+            <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
+                <div style="display: inline-block; line-height: 0px;">
+                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
+UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
+Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
+fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
+KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
+O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
+piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
+W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
+dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
+/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
+nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
+wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
+D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
+CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
+sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
+BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
+T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
+DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
+eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
+cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
+kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
+MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
+jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
+IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
+SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
+GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
+1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
+LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
+D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
+ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
+rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
+zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
+aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
+RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
+jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
+XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
+w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
+G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
+WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
+uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
+UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
+chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
+6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
+V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
+HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
+YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
+w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
+AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
+/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
+d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
+PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
+O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
+ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
+6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
+yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
+ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
+CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
+qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
+BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
+dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
+S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
+8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
+0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
+9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
+00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
+Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
+VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
+dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
+fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
+FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
++/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
+YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
+BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
+Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
+EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
+BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
+wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
+1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
+jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
+BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
+EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
+gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
+tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
+sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
+OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
+wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
+PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
+ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
+XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
+QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
+Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
+mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
+XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
+QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
+/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
+DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
+keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
+ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
+sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
+TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
+l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
+zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
+3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
+Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
+DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
+ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
+QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
+Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
+Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
+ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
+uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
+kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
+OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
+ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
+VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
+tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
+yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
+tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
+nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
+pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
+Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
+FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
+cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
+kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
+Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
+M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
+AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
+fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
+dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
+gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
+mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
+YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
+fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
+8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
+y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
+cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
+1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
+i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
+s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
+VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
+2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
+zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
+ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
+8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
+win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
+Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
+5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
+9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
+os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
+GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
+DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
+/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
+25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
+hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
+6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
+VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
+6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
+Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
+7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
+/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
+v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
+ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
+Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
+8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
+dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
+uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
+pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
+g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
+TkSuQmCC"
+                         alt="entgra.io"/>
+                </div>
+            </div>
+            <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
+                <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px 20px;">
+                    Hi $first-name,
+                </p>
+                <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                    Congratulations!!! Thank you for registering with Entgra cloud. Please click and log in to the
+                    following link to complete your registration with us. Click <a href="$base-url-https/self-register?token=$otp-token">here</a>.
+                </p>
+
+                <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                    If you need further assistance, please contact your administrator.
+                </p>
+
+                <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                    Regards,
+                </p>
+
+                <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                    Entgra IoT Administrator
+                </p>
+            </div>
+        </div>
+    </div>
+    </body>
+    </html>
+    ]]>
+    </Body>
+</EmailConfig>

From 160c463672034ff3978795234fecd9f695391879 Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Sun, 26 Jul 2020 23:05:01 +0530
Subject: [PATCH 22/58] Add token validation with one time token

This is to validate one time tokens in the APIM handlers and in the valve
---
 .../handlers/AuthenticationHandler.java       |  9 ++
 .../apimgt/handlers/utils/AuthConstants.java  |  1 +
 .../authenticator/framework/Constants.java    |  1 +
 .../OneTimeTokenAuthenticator.java            | 93 +++++++++++++++++++
 .../AuthenticatorFrameworkDataHolder.java     | 11 +++
 ...uthenticatorFrameworkServiceComponent.java | 23 +++++
 6 files changed, 138 insertions(+)
 create mode 100644 components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java

diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
index c9873629b7..415ec06304 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
@@ -182,6 +182,15 @@ public class AuthenticationHandler extends AbstractHandler {
                 if (log.isDebugEnabled()) {
                     log.debug("Verify response:" + response.getContent());
                 }
+            } else if (headers.containsKey(AuthConstants.ONE_TIME_TOKEN_HEADER)) {
+                String token = headers.get(AuthConstants.ONE_TIME_TOKEN_HEADER);
+                //TODO: validate token service. Since this is getting validated in the valve,
+                // this may not even be necessery
+//                if (log.isDebugEnabled()) {
+//                    log.debug("One time time :" + token + ", status : "  + );
+//                }
+                return true;
+
             } else {
                 log.warn("Unauthorized request for api: " + ctxPath);
                 return false;
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java
index f2a9f7a42b..d9a9ef8a7b 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java
@@ -24,6 +24,7 @@ public class AuthConstants {
     public static final String MDM_SIGNATURE = "mdm-signature";
     public static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header";
     public static final String MUTUAL_AUTH_HEADER = "mutual-auth-header";
+    public static final String ONE_TIME_TOKEN_HEADER = "one-time-token";
     public static final String ENCODED_PEM = "encoded-pem";
     public static final String CALLBACK_URL = "";
     public static final String CLIENT_NAME = "IOT-API-MANAGER";
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
index 2694ea069a..6426c53f47 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
@@ -31,6 +31,7 @@ public final class Constants {
 
         public static final String HEADER_HTTP_ACCEPT = "Accept";
         public static final String HEADER_HTTP_AUTHORIZATION = "Authorization";
+        public static final String ONE_TIME_TOKEN_HEADER = "one-time-token";
     }
 
     public static final class ContentTypes {
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
new file mode 100644
index 0000000000..7b207aa034
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -0,0 +1,93 @@
+/*
+ *   Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ *   Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ */
+package org.wso2.carbon.webapp.authenticator.framework.authenticator;
+
+import org.apache.catalina.connector.Response;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.buf.MessageBytes;
+import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
+import org.wso2.carbon.webapp.authenticator.framework.Constants;
+import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
+
+import java.util.Properties;
+import java.util.StringTokenizer;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class OneTimeTokenAuthenticator implements WebappAuthenticator {
+    private static final Log log = LogFactory.getLog(OneTimeTokenAuthenticator.class);
+
+
+    @Override
+    public void init() {
+
+    }
+
+    public boolean canHandle(org.apache.catalina.connector.Request request) {
+        return request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER) != null;
+    }
+
+    public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
+
+        String token = request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER);
+//        DeviceMgtAPIUtils.getDeviceManagementService();//TODO: call token validate service in core
+        OneTimeTokenDetails tokenDetails = new OneTimeTokenDetails();//TODO: use token details
+
+        AuthenticationInfo authenticationInfo = new AuthenticationInfo();
+
+        try {
+            authenticationInfo.setTenantDomain(tokenDetails.getDomain());
+            authenticationInfo.setStatus(Status.CONTINUE);
+            //authenticationInfo.setUsername(tokenDetails.get); //TODO: set username
+            //authenticationInfo.setTenantId();//TODO: set tenant Id
+        } catch (Exception e) { // TODO: remove this if not needed
+            authenticationInfo.setStatus(Status.FAILURE);
+            authenticationInfo.setMessage("Could not identify tenant domain.");
+        }
+
+        return null;
+    }
+
+    public String getName() {
+        return "One-Time-Token";
+    }
+
+    @Override
+    public void setProperties(Properties properties) {
+
+    }
+
+    @Override
+    public Properties getProperties() {
+        return null;
+    }
+
+    @Override
+    public String getProperty(String name) {
+        return null;
+    }
+
+
+}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
index 8607d02239..0bfbcc8f43 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
@@ -20,6 +20,7 @@ package org.wso2.carbon.webapp.authenticator.framework.internal;
 
 import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
+import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
 import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
@@ -35,6 +36,7 @@ public class AuthenticatorFrameworkDataHolder {
     private OAuth2TokenValidationService oAuth2TokenValidationService;
     private TenantIndexingLoader tenantIndexingLoader;
     private TenantRegistryLoader tenantRegistryLoader;
+    private DeviceManagementProviderService deviceManagementService;
 
     private static AuthenticatorFrameworkDataHolder
             thisInstance = new AuthenticatorFrameworkDataHolder();
@@ -114,4 +116,13 @@ public class AuthenticatorFrameworkDataHolder {
     public TenantRegistryLoader getTenantRegistryLoader() {
         return  tenantRegistryLoader;
     }
+
+
+    public DeviceManagementProviderService getDeviceManagementService() {
+        return deviceManagementService;
+    }
+
+    public void setDeviceManagementService(DeviceManagementProviderService deviceManagementService) {
+        this.deviceManagementService = deviceManagementService;
+    }
 }
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
index 36dd1c09c6..1fc7ba2bb9 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
@@ -25,6 +25,7 @@ import org.osgi.framework.BundleContext;
 import org.osgi.service.component.ComponentContext;
 import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
+import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
 import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
@@ -80,6 +81,12 @@ import java.util.Properties;
  * cardinality="1..1" policy="dynamic"
  * bind="setTenantRegistryLoader"
  * unbind="unsetTenantRegistryLoader"
+ * @scr.reference name="org.wso2.carbon.device.manager"
+ * interface="org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService"
+ * cardinality="1..1"
+ * policy="dynamic"
+ * bind="setDeviceManagementService"
+ * unbind="unsetDeviceManagementService"
  */
 public class WebappAuthenticatorFrameworkServiceComponent {
     private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkServiceComponent.class);
@@ -211,4 +218,20 @@ public class WebappAuthenticatorFrameworkServiceComponent {
     protected void unsetTenantRegistryLoader(TenantRegistryLoader tenantRegistryLoader) {
         AuthenticatorFrameworkDataHolder.getInstance().setTenantRegistryLoader(null);
     }
+
+    @SuppressWarnings("unused")
+    protected void setDeviceManagementService(DeviceManagementProviderService deviceManagementProviderService) {
+        if (log.isDebugEnabled()) {
+            log.debug("Setting ApplicationDTO Management OSGI Manager");
+        }
+        AuthenticatorFrameworkDataHolder.getInstance().setDeviceManagementService(deviceManagementProviderService);
+    }
+
+    @SuppressWarnings("unused")
+    protected void unsetDeviceManagementService(DeviceManagementProviderService deviceManagementProviderService) {
+        if (log.isDebugEnabled()) {
+            log.debug("Removing ApplicationDTO Management OSGI Manager");
+        }
+        AuthenticatorFrameworkDataHolder.getInstance().setDeviceManagementService(null);
+    }
 }

From 0d48f9d38c4bb3657d9f3ff124ea8433bb2be7c0 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Thu, 30 Jul 2020 03:06:57 +0530
Subject: [PATCH 23/58] Improve One Time Token Authenticator

---
 .../handlers/AuthenticationHandler.java       | 11 +---
 .../DeviceManagementConfigServiceImpl.java    |  2 -
 .../src/main/webapp/WEB-INF/web.xml           |  2 +-
 .../mgt/common/spi/OTPManagementService.java  |  2 +
 .../core/otp/mgt/dao/OTPManagementDAO.java    | 10 +++
 .../dao/impl/GenericOTPManagementDAOImpl.java | 61 +++++++++++++++++++
 .../mgt/service/OTPManagementServiceImpl.java | 55 +++++++++++++++++
 .../DeviceManagementProviderService.java      |  1 -
 .../OneTimeTokenAuthenticator.java            | 16 ++---
 .../AuthenticatorFrameworkDataHolder.java     | 13 ++--
 ...uthenticatorFrameworkServiceComponent.java | 24 ++++----
 11 files changed, 153 insertions(+), 44 deletions(-)

diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
index 415ec06304..464dfc248d 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java
@@ -182,15 +182,6 @@ public class AuthenticationHandler extends AbstractHandler {
                 if (log.isDebugEnabled()) {
                     log.debug("Verify response:" + response.getContent());
                 }
-            } else if (headers.containsKey(AuthConstants.ONE_TIME_TOKEN_HEADER)) {
-                String token = headers.get(AuthConstants.ONE_TIME_TOKEN_HEADER);
-                //TODO: validate token service. Since this is getting validated in the valve,
-                // this may not even be necessery
-//                if (log.isDebugEnabled()) {
-//                    log.debug("One time time :" + token + ", status : "  + );
-//                }
-                return true;
-
             } else {
                 log.warn("Unauthorized request for api: " + ctxPath);
                 return false;
@@ -241,4 +232,4 @@ public class AuthenticationHandler extends AbstractHandler {
         map.put(CONTENT_TYPE, "application/json");
         return map;
     }
-}
\ No newline at end of file
+}
diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
index bb1a04bba7..2541577698 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
@@ -56,14 +56,12 @@ import org.wso2.carbon.user.api.Tenant;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.user.core.service.RealmService;
 
-import javax.validation.constraints.Size;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.HeaderParam;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
index 4d7c9c915f..d24eeb72b3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -49,7 +49,7 @@
         <param-name>nonSecuredEndPoints</param-name>
         <param-value>
             /api/device-mgt/v1.0/users/validate,
-            /api/device-mgt/v1.0/users/one-time-pin,
+            /api/device-mgt/v1.0/users/one-time-pin
         </param-value>
     </context-param>
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index a8d5737963..24ec41d229 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -31,4 +31,6 @@ public interface OTPManagementService {
      * @throws BadRequestException if found and incompatible payload to create OTP token.
      */
     String createOTPToken (OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException;
+
+    boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
index 5d92d435c8..64288ced22 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
@@ -29,4 +29,14 @@ public interface OTPManagementDAO {
      * @throws OTPManagementDAOException if error occurred whule storing data
      */
     int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException;
+
+    /**
+     * Get OTP data for requesting One Time Token
+     * @param oneTimeToken One Time Token
+     * @return {@link OTPMailDTO}
+     * @throws OTPManagementDAOException if error ocured while getting OTP data for requesting one time token
+     */
+    OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException;
+
+    void ExpireOneTimeToken (String oneTimeToken);
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index 9149a7450b..b8ec791faf 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -82,4 +82,65 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
             throw new OTPManagementDAOException(msg, e);
         }
     }
+
+    @Override
+    public OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException {
+
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to get an OTP data entry for OTP");
+            log.debug("OTP Details : OTP key : " + oneTimeToken );
+        }
+
+        String sql = "SELECT "
+                + "ID, "
+                + "OTP_TOKEN, "
+                + "TENANT_DOMAIN,"
+                + "EMAIL, "
+                + "EMAIL_TYPE, "
+                + "META_INFO, "
+                + "CREATED_AT, "
+                + "EXPIRY_TIME, "
+                + "IS_EXPIRED, "
+                + "TENANT_CREATED FROM DM_OTP_DATA "
+                + "WHERE OTP_TOKEN = ?";
+
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setString(1, oneTimeToken);
+
+                try (ResultSet rs = stmt.executeQuery()) {
+                    if (rs.next()) {
+                        OTPMailDTO otpMailDTO = new OTPMailDTO();
+                        otpMailDTO.setId(rs.getInt("ID"));
+                        otpMailDTO.setOtpToken(rs.getString("OTP_TOKEN"));
+                        otpMailDTO.setTenantDomain(rs.getString("TENANT_DOMAIN"));
+                        otpMailDTO.setEmail(rs.getString("EMAIL"));
+                        otpMailDTO.setEmailType(rs.getString("EMAIL_TYPE"));
+                        otpMailDTO.setMetaInfo(rs.getString("META_INFO"));
+                        otpMailDTO.setCreatedAt(rs.getTimestamp("CREATED_AT"));
+                        otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME"));
+                        otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED"));
+                        otpMailDTO.setTenantCreated(rs.getBoolean("TENANT_CREATED"));
+                        return otpMailDTO;
+                    }
+                    return null;
+                }
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to get OPT data for given OTP. OTP:  "
+                    + oneTimeToken;
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to get OTP data for OTP. One time token: " + oneTimeToken;
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void ExpireOneTimeToken (String oneTimeToken) {
+
+    }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 16c21396a8..464c2da922 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -32,6 +32,9 @@ import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
 
+import java.sql.Time;
+import java.sql.Timestamp;
+import java.util.Calendar;
 import java.util.UUID;
 
 public class OTPManagementServiceImpl implements OTPManagementService {
@@ -90,6 +93,58 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             String msg = "Error occurred while saving the OTP data. Email address: " + otpMailDTO.getEmail();
             log.error(msg, e);
             throw new OTPManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+    }
+
+    @Override
+    public boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
+        OTPMailDTO otpMailDTO = getOTPDataByToken(oneTimeToken);
+        if (otpMailDTO == null) {
+            String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system.";
+            log.error(msg);
+            throw new BadRequestException(msg);
+        }
+
+        if (otpMailDTO.isExpired()) {
+            return false;
+        }
+
+        Calendar calendar = Calendar.getInstance();
+        Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime());
+        Timestamp expiredTimestamp = new Timestamp(
+                otpMailDTO.getCreatedAt().getTime() + otpMailDTO.getExpiryTime() * 1000);
+
+        if (currentTimestamp.after(expiredTimestamp)) {
+            //todo update the DB
+            return false;
+        }
+
+        return true;
+
+    }
+
+    /**
+     * Get OTPData from DB
+     * @param oneTimeToken One Time Token
+     * @return {@link OTPMailDTO}
+     * @throws OTPManagementException if error occurred while getting OTP data for given OTP in DB
+     */
+    private OTPMailDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException {
+        try {
+            ConnectionManagerUtil.openDBConnection();
+            return otpManagementDAO.getOTPDataByToken(oneTimeToken);
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while getting database connection to validate the given OTP.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (OTPManagementDAOException e) {
+            String msg = "Error occurred while getting OTP data from DB. OTP: " + oneTimeToken;
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
index 54c7c04805..ad677b1bf0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
@@ -89,7 +89,6 @@ import org.wso2.carbon.device.mgt.core.dto.DeviceType;
 import org.wso2.carbon.device.mgt.core.dto.DeviceTypeVersion;
 import org.wso2.carbon.device.mgt.core.geo.GeoCluster;
 import org.wso2.carbon.device.mgt.core.geo.geoHash.GeoCoordinate;
-import org.wso2.carbon.device.mgt.core.operation.mgt.CommandOperation;
 
 import java.sql.SQLException;
 import java.util.Date;
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index 7b207aa034..636b0052a4 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -20,21 +20,13 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.apache.tomcat.util.buf.ByteChunk;
-import org.apache.tomcat.util.buf.MessageBytes;
 import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails;
-import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 import org.wso2.carbon.webapp.authenticator.framework.Constants;
-import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthValidationResponse;
+import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
 
 import java.util.Properties;
-import java.util.StringTokenizer;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
 public class OneTimeTokenAuthenticator implements WebappAuthenticator {
     private static final Log log = LogFactory.getLog(OneTimeTokenAuthenticator.class);
@@ -51,6 +43,10 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
 
     public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
 
+        OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
+                .getOtpManagementService();
+
+
         String token = request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER);
 //        DeviceMgtAPIUtils.getDeviceManagementService();//TODO: call token validate service in core
         OneTimeTokenDetails tokenDetails = new OneTimeTokenDetails();//TODO: use token details
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
index 0bfbcc8f43..a95b4fadb6 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
@@ -20,7 +20,7 @@ package org.wso2.carbon.webapp.authenticator.framework.internal;
 
 import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
-import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
 import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
@@ -36,7 +36,7 @@ public class AuthenticatorFrameworkDataHolder {
     private OAuth2TokenValidationService oAuth2TokenValidationService;
     private TenantIndexingLoader tenantIndexingLoader;
     private TenantRegistryLoader tenantRegistryLoader;
-    private DeviceManagementProviderService deviceManagementService;
+    private OTPManagementService otpManagementService;
 
     private static AuthenticatorFrameworkDataHolder
             thisInstance = new AuthenticatorFrameworkDataHolder();
@@ -117,12 +117,9 @@ public class AuthenticatorFrameworkDataHolder {
         return  tenantRegistryLoader;
     }
 
+    public OTPManagementService getOtpManagementService() { return otpManagementService; }
 
-    public DeviceManagementProviderService getDeviceManagementService() {
-        return deviceManagementService;
-    }
-
-    public void setDeviceManagementService(DeviceManagementProviderService deviceManagementService) {
-        this.deviceManagementService = deviceManagementService;
+    public void setOtpManagementService(OTPManagementService otpManagementService) {
+        this.otpManagementService = otpManagementService;
     }
 }
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
index 1fc7ba2bb9..ef71b78718 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
@@ -25,6 +25,7 @@ import org.osgi.framework.BundleContext;
 import org.osgi.service.component.ComponentContext;
 import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
@@ -81,13 +82,14 @@ import java.util.Properties;
  * cardinality="1..1" policy="dynamic"
  * bind="setTenantRegistryLoader"
  * unbind="unsetTenantRegistryLoader"
- * @scr.reference name="org.wso2.carbon.device.manager"
- * interface="org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService"
+ * @scr.reference name="org.wso2.carbon.otp.manager"
+ * interface="org.wso2.carbon.device.mgt.common.spi.OTPManagementService"
  * cardinality="1..1"
  * policy="dynamic"
- * bind="setDeviceManagementService"
- * unbind="unsetDeviceManagementService"
+ * bind="setOTPManagementService"
+ * unbind="unsetOTPManagementService"
  */
+
 public class WebappAuthenticatorFrameworkServiceComponent {
     private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkServiceComponent.class);
 
@@ -219,19 +221,17 @@ public class WebappAuthenticatorFrameworkServiceComponent {
         AuthenticatorFrameworkDataHolder.getInstance().setTenantRegistryLoader(null);
     }
 
-    @SuppressWarnings("unused")
-    protected void setDeviceManagementService(DeviceManagementProviderService deviceManagementProviderService) {
+    protected void setOTPManagementService(OTPManagementService otpManagementService) {
         if (log.isDebugEnabled()) {
-            log.debug("Setting ApplicationDTO Management OSGI Manager");
+            log.debug("Setting OTP Management OSGI Service");
         }
-        AuthenticatorFrameworkDataHolder.getInstance().setDeviceManagementService(deviceManagementProviderService);
+        AuthenticatorFrameworkDataHolder.getInstance().setOtpManagementService(otpManagementService);
     }
 
-    @SuppressWarnings("unused")
-    protected void unsetDeviceManagementService(DeviceManagementProviderService deviceManagementProviderService) {
+    protected void unsetOTPManagementService(OTPManagementService otpManagementService) {
         if (log.isDebugEnabled()) {
-            log.debug("Removing ApplicationDTO Management OSGI Manager");
+            log.debug("Removing OTP Management OSGI Service");
         }
-        AuthenticatorFrameworkDataHolder.getInstance().setDeviceManagementService(null);
+        AuthenticatorFrameworkDataHolder.getInstance().setOtpManagementService(null);
     }
 }

From 3d2f474e75b5fb539fba4206b7508eaf9f05953b Mon Sep 17 00:00:00 2001
From: Dharmakeerthi Lasantha <tcdlpds@gmail.com>
Date: Thu, 30 Jul 2020 12:54:35 +0000
Subject: [PATCH 24/58] Improve OTP creating functionality

---
 .../mgt/common/spi/OTPManagementService.java  |  9 ++-
 .../core/otp/mgt/dao/OTPManagementDAO.java    | 16 +++-
 .../dao/impl/GenericOTPManagementDAOImpl.java | 61 ++++++++++++++-
 .../mgt/service/OTPManagementServiceImpl.java | 74 ++++++++++++++++++-
 .../OneTimeTokenAuthenticator.java            | 25 +++----
 5 files changed, 163 insertions(+), 22 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 24ec41d229..6ce92c27c9 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -24,7 +24,7 @@ import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 public interface OTPManagementService {
 
     /**
-     * Cretae OTP token and store tenant details in the DB
+     * Create OTP token and store tenant details in the DB
      * @param otpMailWrapper OTP Mail Wrapper object which contains tenant details of registering user
      * @return OTPToken
      * @throws OTPManagementException if error occurs while creating OTP token and storing tenant details.
@@ -32,5 +32,12 @@ public interface OTPManagementService {
      */
     String createOTPToken (OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException;
 
+    /**
+     * Check the validity of the OTP
+     * @param oneTimeToken OTP
+     * @return Ture if OTP is valid one, otherise returns false
+     * @throws OTPManagementException if error occurred whle verifying validity of the OPT
+     * @throws BadRequestException if found an null value for OTP
+     */
     boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
index 64288ced22..9a9ae3eefb 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
@@ -38,5 +38,19 @@ public interface OTPManagementDAO {
      */
     OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException;
 
-    void ExpireOneTimeToken (String oneTimeToken);
+    /**
+     * Expire the OTP
+     * @param oneTimeToken OTP
+     * @throws OTPManagementDAOException if error occurred while updating the OTP validity.
+     */
+    void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException;
+
+    /**
+     * Update OTP with renewed OTP
+     * @param id ID
+     * @param oneTimeToken One Time Token
+     * @throws OTPManagementDAOException if error occured while updating OTP
+     */
+    void renewOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException;
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index b8ec791faf..7cc27618a1 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -140,7 +140,66 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
     }
 
     @Override
-    public void ExpireOneTimeToken (String oneTimeToken) {
+    public void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to update an OTP data entry for OTP");
+            log.debug("OTP Details : OTP key : " + oneTimeToken );
+        }
 
+        String sql = "UPDATE DM_OTP_DATA "
+                + "SET "
+                + "IS_EXPIRED = ? "
+                + "WHERE OTP_TOKEN = ?";
+
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setBoolean(1, true);
+                stmt.setString(2, oneTimeToken);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to update the OTP token validity.";
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred when obtaining database connection for updating the OTP token validity.";
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void renewOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to update an OTP data entry for OTP");
+            log.debug("OTP Details : OTP key : " + oneTimeToken );
+        }
+
+        String sql = "UPDATE DM_OTP_DATA "
+                + "SET "
+                + "OTP_TOKEN = ? "
+                + "CREATED_AT = ? "
+                + "WHERE ID = ?";
+
+        try {
+            Connection conn = this.getDBConnection();
+            Calendar calendar = Calendar.getInstance();
+            Timestamp timestamp = new Timestamp(calendar.getTime().getTime());
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setString(1, oneTimeToken);
+                stmt.setTimestamp(2, timestamp);
+                stmt.setInt(3, id);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to update the OTP token validity.";
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred when obtaining database connection for updating the OTP token validity.";
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        }
     }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 464c2da922..47ef466114 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -20,21 +20,26 @@ import com.google.gson.Gson;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
+import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
+import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
+import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
 import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
+import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
 
-import java.sql.Time;
 import java.sql.Timestamp;
 import java.util.Calendar;
+import java.util.Properties;
 import java.util.UUID;
 
 public class OTPManagementServiceImpl implements OTPManagementService {
@@ -108,6 +113,11 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         }
 
         if (otpMailDTO.isExpired()) {
+            log.warn("Token is expired. OTP: " + oneTimeToken);
+            return false;
+        }
+        if (otpMailDTO.isTenantCreated()) {
+            log.warn("Tenant is already created for the token. OTP: " + oneTimeToken);
             return false;
         }
 
@@ -117,12 +127,14 @@ public class OTPManagementServiceImpl implements OTPManagementService {
                 otpMailDTO.getCreatedAt().getTime() + otpMailDTO.getExpiryTime() * 1000);
 
         if (currentTimestamp.after(expiredTimestamp)) {
-            //todo update the DB
+            String renewedOTP = UUID.randomUUID().toString();
+            renewOTP(otpMailDTO, renewedOTP);
+            Gson gson = new Gson();
+            OTPMailWrapper otpMailWrapper = gson.fromJson(otpMailDTO.getMetaInfo(), OTPMailWrapper.class);
+            resendUserVerifyingMail(otpMailWrapper.getFirstName(), renewedOTP, otpMailDTO.getEmail());
             return false;
         }
-
         return true;
-
     }
 
     /**
@@ -184,4 +196,58 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         }
         return true;
     }
+
+    /**
+     * If OTP expired, resend the user verifying mail with renewed OTP
+     * @param firstName First Name of the User
+     * @param renewedOTP Renewed OTP
+     * @param mailAddress Mail Address of the User
+     * @throws OTPManagementException if error occurred while resend the user verifying mail
+     */
+    private void resendUserVerifyingMail(String firstName, String renewedOTP, String mailAddress)
+            throws OTPManagementException {
+        Properties props = new Properties();
+        props.setProperty("first-name", firstName);
+        props.setProperty("otp-token", renewedOTP);
+
+        EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props);
+        try {
+            DeviceManagementDataHolder.getInstance().getDeviceManagementProvider()
+                    .sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, metaInfo);
+        } catch (DeviceManagementException e) {
+            e.printStackTrace();
+            throw new OTPManagementException(e);
+        } catch (ConfigurationManagementException e) {
+            throw new OTPManagementException(e);
+        }
+    }
+
+    /**
+     * Renew the OTP
+     * @param otpMailDTO {@link OTPMailDTO}
+     * @param renewedOTP Renewed OTP
+     * @throws OTPManagementException if error occurred while renew the OTP
+     */
+    private void renewOTP(OTPMailDTO otpMailDTO, String renewedOTP) throws OTPManagementException {
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+            this.otpManagementDAO.renewOneTimeToken(otpMailDTO.getId(), renewedOTP);
+            ConnectionManagerUtil.commitDBTransaction();
+        } catch (TransactionManagementException e) {
+            String msg = "Error occurred while disabling AutoCommit to renew the OTP.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while getting database connection to renew the OTP.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (OTPManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while renew the OTP. OTP: " + renewedOTP;
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+    }
 }
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index 636b0052a4..d150f6ee3f 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -20,7 +20,6 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 import org.wso2.carbon.webapp.authenticator.framework.Constants;
@@ -45,25 +44,21 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
 
         OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
                 .getOtpManagementService();
-
-
-        String token = request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER);
-//        DeviceMgtAPIUtils.getDeviceManagementService();//TODO: call token validate service in core
-        OneTimeTokenDetails tokenDetails = new OneTimeTokenDetails();//TODO: use token details
-
         AuthenticationInfo authenticationInfo = new AuthenticationInfo();
 
         try {
-            authenticationInfo.setTenantDomain(tokenDetails.getDomain());
-            authenticationInfo.setStatus(Status.CONTINUE);
-            //authenticationInfo.setUsername(tokenDetails.get); //TODO: set username
-            //authenticationInfo.setTenantId();//TODO: set tenant Id
-        } catch (Exception e) { // TODO: remove this if not needed
+            if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) {
+                authenticationInfo.setStatus(Status.CONTINUE);
+                authenticationInfo.setTenantId(-1);
+            } else {
+                authenticationInfo.setStatus(Status.FAILURE);
+                authenticationInfo.setMessage("Invalid OTP token.");
+            }
+        } catch (Exception e) {
             authenticationInfo.setStatus(Status.FAILURE);
-            authenticationInfo.setMessage("Could not identify tenant domain.");
+            authenticationInfo.setMessage("CToken Validation Failed.");
         }
-
-        return null;
+        return authenticationInfo;
     }
 
     public String getName() {

From efee2b01bf6f602007ba14f10460a56fb512ab35 Mon Sep 17 00:00:00 2001
From: Dharmakeerthi Lasantha <tcdlpds@gmail.com>
Date: Thu, 30 Jul 2020 12:54:35 +0000
Subject: [PATCH 25/58] Improve OTP creating functionality

---
 .../service/api/UserManagementService.java    | 46 ------------------
 .../impl/UserManagementServiceImpl.java       | 47 -------------------
 .../mgt/jaxrs/util/DeviceMgtAPIUtils.java     | 24 ----------
 .../src/main/webapp/WEB-INF/web.xml           |  3 +-
 .../pom.xml                                   |  1 +
 .../OneTimeTokenAuthenticator.java            |  8 ++--
 .../etc/webapp-authenticator-config.xml       |  4 ++
 .../conf/webapp-authenticator-config.xml      |  4 ++
 8 files changed, 15 insertions(+), 122 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
index a133ffd4ec..d68ba8fc09 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
@@ -1221,50 +1221,4 @@ public interface UserManagementService {
                     response = ErrorResponse.class)
     })
     Response getPermissionsOfUser();
-
-    @POST
-    @Path("/one-time-pin")
-    @ApiOperation(
-            produces = MediaType.APPLICATION_JSON,
-            httpMethod = "GET",
-            value = "Getting the permission details of the current user",
-            notes = "A user may granted more than one permission in IoTS. Using this REST API "
-                    + "you can get the permission/permission the current user has granted. ",
-            tags = "User Management",
-            extensions = {
-                    @Extension(properties = {
-                            @ExtensionProperty(name = Constants.SCOPE, value = "perm:user:permission-view")
-                    })
-            }
-    )
-    @ApiResponses(value = {
-            @ApiResponse(
-                    code = 200,
-                    message = "OK. \n Successfully fetched the list of permissions the user "
-                            + "has granted.",
-                    response = PermissionList.class,
-                    responseHeaders = {
-                            @ResponseHeader(
-                                    name = "Content-Type",
-                                    description = "The content type of the body"),
-                            @ResponseHeader(
-                                    name = "ETag",
-                                    description = "Entity Tag of the response resource.\n" +
-                                            "Used by caches, or in conditional requests."),
-                            @ResponseHeader(
-                                    name = "Last-Modified",
-                                    description = "Date and time the resource was last modified.\n" +
-                                            "Used by caches, or in conditional requests."),
-                    }),
-            @ApiResponse(
-                    code = 404,
-                    message = "Not Found. \n The specified resource does not exist.\n",
-                    response = ErrorResponse.class),
-            @ApiResponse(
-                    code = 500,
-                    message = "Internal Server Error. \n Server error occurred while fetching the "
-                            + "list of roles assigned to the specified user.",
-                    response = ErrorResponse.class)
-    })
-    Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper);
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
index 8b9dbe6e65..ec28453188 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
@@ -1118,53 +1118,6 @@ public class UserManagementServiceImpl implements UserManagementService {
         }
     }
 
-    /**
-     * Method used to send an invitation email to a existing user to enroll a device.
-     *
-     * @param otpMailWrapper Username list of the users to be invited
-     */
-    @POST
-    @Path("/one-time-pin")
-    @Produces({MediaType.APPLICATION_JSON})
-    public Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper) {
-        if (log.isDebugEnabled()) {
-            log.debug("Sending enrollment invitation mail to existing user.");
-        }
-        DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
-        OTPManagementService oms = DeviceMgtAPIUtils.getOTPManagementService();
-        try {
-            String otpToken = oms.createOTPToken(otpMailWrapper);
-            Properties props = new Properties();
-            props.setProperty("first-name", otpMailWrapper.getFirstName());
-            props.setProperty("otp-token", otpToken);
-
-            EmailMetaInfo metaInfo = new EmailMetaInfo(otpMailWrapper.getEmail(), props);
-            dms.sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE,
-                    metaInfo);
-        } catch (DeviceManagementException e) {
-            String msg = "Error occurred while inviting user to enrol their device";
-            if (e.getMessage() != null && !e.getMessage().isEmpty()) {
-                msg = e.getMessage();
-            }
-            log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        } catch (ConfigurationManagementException e) {
-            String msg = "Error occurred while sending the email invitations. Mail server not configured.";
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        } catch (OTPManagementException e) {
-            String msg = "Error occurred while generating and storing the OTP data";
-            log.error(msg, e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
-        } catch (org.wso2.carbon.device.mgt.common.exceptions.BadRequestException e) {
-            String msg = "Bad Request : Found invalid request payload to create OTP toke.";
-            log.error(msg, e);
-            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
-        }
-        return Response.status(Response.Status.OK).entity("Invitation mails have been sent.").build();
-    }
-
     private Map<String, String> buildDefaultUserClaims(String firstName, String lastName, String emailAddress,
                                                        boolean isFresh) {
         Map<String, String> defaultUserClaims = new HashMap<>();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
index fa5eeaf2c7..91161ced0d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
@@ -142,7 +142,6 @@ public class DeviceMgtAPIUtils {
 
     private static IntegrationClientService integrationClientService;
     private static MetadataManagementService metadataManagementService;
-    private static volatile OTPManagementService otpManagementService;
 
     static {
         String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
@@ -461,29 +460,6 @@ public class DeviceMgtAPIUtils {
         return metadataManagementService;
     }
 
-    /**
-     * Initializing and accessing method for OTPManagementService.
-     *
-     * @return OTPManagementService instance
-     * @throws IllegalStateException if OTPManagementService cannot be initialized
-     */
-    public static OTPManagementService getOTPManagementService() {
-        if (otpManagementService == null) {
-            synchronized (DeviceMgtAPIUtils.class) {
-                if (otpManagementService == null) {
-                    PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
-                    otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
-                    if (otpManagementService == null) {
-                        String msg = "OTP Management service not initialized.";
-                        log.error(msg);
-                        throw new IllegalStateException(msg);
-                    }
-                }
-            }
-        }
-        return otpManagementService;
-    }
-
     /**
      * Method for initializing ReportManagementService
      * @return ReportManagementServie Instance
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
index d24eeb72b3..fffbfbdb24 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -48,8 +48,7 @@
     <context-param>
         <param-name>nonSecuredEndPoints</param-name>
         <param-value>
-            /api/device-mgt/v1.0/users/validate,
-            /api/device-mgt/v1.0/users/one-time-pin
+            /api/device-mgt/v1.0/users/validate
         </param-value>
     </context-param>
 
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
index d2c8bb4dec..ee7fd305f2 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
@@ -94,6 +94,7 @@
                             org.wso2.carbon.certificate.mgt.core.*,
                             org.wso2.carbon.device.mgt.core.permission.mgt,
                             org.wso2.carbon.device.mgt.common,
+                            org.wso2.carbon.device.mgt.core.*,
                             org.wso2.carbon.device.mgt.common.permission.mgt,
                             org.apache.axis2,
                             org.apache.axis2.client,
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index d150f6ee3f..41f43eea9d 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -42,11 +42,11 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
 
     public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) {
 
-        OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
-                .getOtpManagementService();
         AuthenticationInfo authenticationInfo = new AuthenticationInfo();
 
         try {
+            OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
+                    .getOtpManagementService();
             if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) {
                 authenticationInfo.setStatus(Status.CONTINUE);
                 authenticationInfo.setTenantId(-1);
@@ -55,8 +55,10 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
                 authenticationInfo.setMessage("Invalid OTP token.");
             }
         } catch (Exception e) {
+            String msg = "OTP Token Validation Failed.";
+            log.error(msg, e);
             authenticationInfo.setStatus(Status.FAILURE);
-            authenticationInfo.setMessage("CToken Validation Failed.");
+            authenticationInfo.setMessage(msg);
         }
         return authenticationInfo;
     }
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml
index 5099328df7..93830ca169 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml
@@ -24,5 +24,9 @@
             <Name>CertificateAuth</Name>
             <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator</ClassName>
         </Authenticator>
+        <Authenticator>
+            <Name>OTPAuth</Name>
+            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator</ClassName>
+        </Authenticator>
 	</Authenticators>
 </WebappAuthenticatorConfig>
diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
index 4b727a28c2..dfea5c07ac 100644
--- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
+++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
@@ -31,6 +31,10 @@
             <Name>CertificateAuth</Name>
             <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator</ClassName>
         </Authenticator>
+        <Authenticator>
+            <Name>OTPAuth</Name>
+            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator</ClassName>
+        </Authenticator>
         <Authenticator>
             <Name>BST</Name>
             <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.BSTAuthenticator</ClassName>

From f86837996f97a51828e6c381ebe11754f134cffd Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Mon, 3 Aug 2020 09:08:32 +0530
Subject: [PATCH 26/58] Add OTP authenticator into config

---
 .../src/main/resources/conf/webapp-authenticator-config.xml     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
index dfea5c07ac..cd376469ef 100644
--- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
+++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
@@ -29,7 +29,7 @@
         </Authenticator>
         <Authenticator>
             <Name>CertificateAuth</Name>
-            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator</ClassName>
+            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.gitCertificateAuthenticator</ClassName>
         </Authenticator>
         <Authenticator>
             <Name>OTPAuth</Name>

From 59eeec55d6f05fb388fdffe07e88055502c808a0 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Tue, 4 Aug 2020 07:47:53 +0530
Subject: [PATCH 27/58] Fix OSGI loading issue in web app authenticator

---
 .../DeviceManagementConfigServiceImpl.java    | 88 -------------------
 .../pom.xml                                   |  3 +-
 ...uthenticatorFrameworkServiceComponent.java |  3 +-
 3 files changed, 2 insertions(+), 92 deletions(-)

diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
index 2541577698..9ccbecda3d 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java
@@ -24,7 +24,6 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import io.entgra.carbon.device.mgt.config.jaxrs.beans.ErrorResponse;
 import io.entgra.carbon.device.mgt.config.jaxrs.service.DeviceManagementConfigService;
 import io.entgra.carbon.device.mgt.config.jaxrs.util.DeviceMgtAPIUtils;
-import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.base.MultitenantConstants;
@@ -36,7 +35,6 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.AmbiguousConfiguratio
 import org.wso2.carbon.device.mgt.common.configuration.mgt.DeviceConfiguration;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
-import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails;
 import org.wso2.carbon.device.mgt.common.general.TenantDetail;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
@@ -50,8 +48,6 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
 import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
 import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
-import org.wso2.carbon.stratos.common.beans.TenantInfoBean;
-import org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService;
 import org.wso2.carbon.user.api.Tenant;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.user.core.service.RealmService;
@@ -68,9 +64,6 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.io.IOException;
 import java.util.ArrayList;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.GregorianCalendar;
 import java.util.List;
 import java.util.Map;
 
@@ -277,87 +270,6 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig
         return tenantDetail;
     }
 
-    /**
-     * This API will add a tenant to the system and can be called by the super tenant only.
-     * @return Returns the
-     */
-    @Path("/tenant")
-    @POST
-    @Produces(MediaType.APPLICATION_JSON)
-    public Response addTenant(@HeaderParam("one-time-token") String token) {
-
-        TenantMgtAdminService tenantMgtAdminService = null;
-        OneTimeTokenDetails tenantWrapper = null;
-
-        // Request validation
-        String errorMsg = null;
-        Response.Status errorStatus = Response.Status.BAD_REQUEST;
-        if (StringUtils.isEmpty(token)) {
-            errorMsg = "Authentication failure when creating tenant";
-        } else {
-            tenantWrapper = new OneTimeTokenDetails(); //TODO: Call one time token validation API
-            if (tenantWrapper == null) {
-                errorMsg = "One time token is not present in the database";
-            } else {
-                try {
-                    tenantMgtAdminService = new TenantMgtAdminService();
-                    if (tenantMgtAdminService == null) {
-                        errorMsg = "Request can only be made by super admin";
-                        errorStatus = Response.Status.INTERNAL_SERVER_ERROR;
-                    } else {
-                        TenantInfoBean[] tenant = tenantMgtAdminService.retrievePartialSearchTenants(tenantWrapper.getDomain());
-                        if (!PrivilegedCarbonContext.getThreadLocalCarbonContext()
-                                .getTenantDomain().equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
-                            errorMsg = "Request can only be made by super admin";
-                        } else if (tenant != null && tenant.length > 0) {
-                            for (TenantInfoBean tenantInfoBean : tenant) {
-                                if (tenantInfoBean.getTenantDomain().equals(tenantWrapper.getDomain())) {
-                                    errorMsg = "Tenant domain is already in use";
-                                    break;
-                                }
-                            }
-                        }
-                    }
-
-                } catch (Exception e) { // Carbon multi-tenancy is throwing generic exceptions.
-                    errorMsg = "Could not create tenant domain " + tenantWrapper.getDomain();
-                    errorStatus = Response.Status.INTERNAL_SERVER_ERROR;
-                }
-            }
-        }
-
-        if (errorMsg != null) {
-            log.error(errorMsg);
-            return Response.status(errorStatus).entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()
-            ).build();
-        }
-
-        try {
-            TenantInfoBean tenantInfoBean = new TenantInfoBean();
-            tenantInfoBean.setActive(true);
-            tenantInfoBean.setAdminPassword(tenantWrapper.getPassword());
-            tenantInfoBean.setAdmin(tenantWrapper.getAdminName());
-            tenantInfoBean.setFirstname(tenantWrapper.getAdminFirstName());
-            tenantInfoBean.setLastname(tenantWrapper.getAdminLastName());
-            tenantInfoBean.setEmail(tenantWrapper.getEmail());
-            Calendar calendar = new GregorianCalendar();
-            calendar.setTime(new Date());
-            tenantInfoBean.setCreatedDate(calendar);
-            tenantInfoBean.setTenantDomain(tenantWrapper.getDomain());
-
-            String response = tenantMgtAdminService.addTenant(tenantInfoBean);
-            return Response.status(Response.Status.OK).entity(response).build();
-
-        } catch (Exception e) { // The underlying API is throwing a generic exception.
-            String msg = "Error while adding tenant";
-            log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        }
-
-    }
-
     @POST
     @Path("/permissions")
     @Produces({MediaType.APPLICATION_JSON})
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
index ee7fd305f2..24cbfecefb 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
@@ -93,8 +93,7 @@
                             org.apache.axis2.transport.http,
                             org.wso2.carbon.certificate.mgt.core.*,
                             org.wso2.carbon.device.mgt.core.permission.mgt,
-                            org.wso2.carbon.device.mgt.common,
-                            org.wso2.carbon.device.mgt.core.*,
+                            org.wso2.carbon.device.mgt.common.*,
                             org.wso2.carbon.device.mgt.common.permission.mgt,
                             org.apache.axis2,
                             org.apache.axis2.client,
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
index ef71b78718..49eff0503b 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
@@ -26,7 +26,6 @@ import org.osgi.service.component.ComponentContext;
 import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
-import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
 import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
@@ -82,7 +81,7 @@ import java.util.Properties;
  * cardinality="1..1" policy="dynamic"
  * bind="setTenantRegistryLoader"
  * unbind="unsetTenantRegistryLoader"
- * @scr.reference name="org.wso2.carbon.otp.manager"
+ * @scr.reference name="org.wso2.carbon.device.manager"
  * interface="org.wso2.carbon.device.mgt.common.spi.OTPManagementService"
  * cardinality="1..1"
  * policy="dynamic"

From b91dcdbfc9622e4f4b5773fcb7624dcdeb52684d Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Tue, 4 Aug 2020 19:00:14 +0530
Subject: [PATCH 28/58] Add Db changes for tenant ID and username

---
 .../src/main/resources/dbscripts/cdm/h2.sql                     | 2 ++
 .../src/main/resources/dbscripts/cdm/mssql.sql                  | 2 ++
 .../src/main/resources/dbscripts/cdm/mysql.sql                  | 2 ++
 .../src/main/resources/dbscripts/cdm/oracle.sql                 | 2 ++
 .../src/main/resources/dbscripts/cdm/postgresql.sql             | 2 ++
 5 files changed, 10 insertions(+)

diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
index adf4044962..b75cbd2295 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
@@ -577,6 +577,8 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT AUTO_INCREMENT NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
    TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   TENANT_ID INT NOT NULL,
+   USERNAME  VARCHAR(500) DEFAULT NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,
    EMAIL_TYPE VARCHAR(20) NOT NULL,
    META_INFO VARCHAR(20000) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
index cbed63388d..90171e6735 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
@@ -619,6 +619,8 @@ CREATE TABLE DM_OTP_DATA (
      ID INT IDENTITY NOT NULL,
      OTP_TOKEN VARCHAR(100) NOT NULL,
      TENANT_DOMAIN VARCHAR(20) NOT NULL,
+     TENANT_ID INTEGER NOT NULL,
+     USERNAME VARCHAR(500) NOT NULL,
      EMAIL VARCHAR(100) NOT NULL,
      EMAIL_TYPE VARCHAR(20) NOT NULL,
      META_INFO VARCHAR(20000) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
index a3dff752c3..42e103963b 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
@@ -635,6 +635,8 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT AUTO_INCREMENT NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
    TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   TENANT_ID INT NOT NULL,
+   USERNAME VARCHAR(500) NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,
    EMAIL_TYPE VARCHAR(20) NOT NULL,
    META_INFO VARCHAR(20000) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
index 41a10d8ffe..da01528e68 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
@@ -983,6 +983,8 @@ CREATE TABLE DM_OTP_DATA (
      ID NUMBER(10) NOT NULL,
      OTP_TOKEN VARCHAR2(100) NOT NULL,
      TENANT_DOMAIN VARCHAR(20) NOT NULL,
+     TENANT_ID INTEGER NOT NULL,
+     USERNAME VARCHAR(500) NOT NULL,
      EMAIL VARCHAR2(100) NOT NULL,
      EMAIL_TYPE VARCHAR2(20) NOT NULL,
      META_INFO VARCHAR2(20000) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
index c8c25534ae..279494c5da 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
@@ -624,6 +624,8 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT DEFAULT NEXTVAL ('DM_OTP_DATA_seq') NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
    TENANT_DOMAIN VARCHAR(20) NOT NULL,
+   TENANT_ID INTEGER NOT NULL,
+   USERNAME VARCHAR(500) NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,
    EMAIL_TYPE VARCHAR(20) NOT NULL,
    META_INFO VARCHAR(20000) NOT NULL,

From 18531d0500221e2d1072d314c9a850bd554fc893 Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Tue, 4 Aug 2020 19:39:05 +0530
Subject: [PATCH 29/58] Add tenant ID and username to all layers

---
 .../mgt/common/otp/mgt/dto/OTPMailDTO.java    | 23 ++++++++++++++----
 .../otp/mgt/wrapper/OTPMailWrapper.java       | 10 ++++----
 .../dao/impl/GenericOTPManagementDAOImpl.java | 24 +++++++++++--------
 .../mgt/service/OTPManagementServiceImpl.java |  7 +++---
 .../src/main/resources/dbscripts/cdm/h2.sql   |  1 -
 .../main/resources/dbscripts/cdm/mssql.sql    |  1 -
 .../main/resources/dbscripts/cdm/mysql.sql    |  1 -
 .../main/resources/dbscripts/cdm/oracle.sql   |  1 -
 .../resources/dbscripts/cdm/postgresql.sql    |  1 -
 9 files changed, 41 insertions(+), 28 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
index ee582b8288..87c347419e 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
@@ -23,7 +23,8 @@ public class OTPMailDTO {
 
     int id;
     String otpToken;
-    String tenantDomain;
+    int tenantId;
+    String username;
     String email;
     String emailType;
     String metaInfo;
@@ -32,6 +33,22 @@ public class OTPMailDTO {
     boolean isExpired;
     boolean isTenantCreated;
 
+    public int getTenantId() {
+        return tenantId;
+    }
+
+    public void setTenantId(int tenantId) {
+        this.tenantId = tenantId;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
     public int getId() {
         return id;
     }
@@ -94,10 +111,6 @@ public class OTPMailDTO {
         isExpired = expired;
     }
 
-    public String getTenantDomain() { return tenantDomain; }
-
-    public void setTenantDomain(String tenantDomain) { this.tenantDomain = tenantDomain; }
-
     public boolean isTenantCreated() { return isTenantCreated; }
 
     public void setTenantCreated(boolean tenantCreated) { isTenantCreated = tenantCreated; }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
index 35f255ef6b..176e899a86 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
@@ -20,18 +20,18 @@ public class OTPMailWrapper {
 
     private String firstName;
     private String lastName;
-    private String tenantDomain;
     private String adminUsername;
+    int tenantId;
     private String adminPassword;
     private String email;
     private String emailType;
 
-    public String getTenantDomain() {
-        return tenantDomain;
+    public int getTenantId() {
+        return tenantId;
     }
 
-    public void setTenantDomain(String tenantDomain) {
-        this.tenantDomain = tenantDomain;
+    public void setTenantId(int tenantId) {
+        this.tenantId = tenantId;
     }
 
     public String getAdminUsername() {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index 7cc27618a1..076f5f820f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -47,22 +47,24 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
 
         String sql = "INSERT INTO DM_OTP_DATA "
                 + "(OTP_TOKEN, "
-                + "TENANT_DOMAIN,"
                 + "EMAIL, "
                 + "EMAIL_TYPE, "
                 + "META_INFO, "
-                + "CREATED_AT) VALUES (?, ?, ?, ?, ?, ?)";
+                + "CREATED_AT,"
+                + "TENANT_ID,"
+                + "USERNAME) VALUES (?, ?, ?, ?, ?, ?, ?)";
         try {
             Connection conn = this.getDBConnection();
             Calendar calendar = Calendar.getInstance();
             Timestamp timestamp = new Timestamp(calendar.getTime().getTime());
             try (PreparedStatement stmt = conn.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) {
                 stmt.setString(1, otpMailDTO.getOtpToken());
-                stmt.setString(2, otpMailDTO.getTenantDomain());
-                stmt.setString(3, otpMailDTO.getEmail());
-                stmt.setString(4, otpMailDTO.getEmailType());
-                stmt.setString(5, otpMailDTO.getMetaInfo());
-                stmt.setTimestamp(6, timestamp);
+                stmt.setString(2, otpMailDTO.getEmail());
+                stmt.setString(3, otpMailDTO.getEmailType());
+                stmt.setString(4, otpMailDTO.getMetaInfo());
+                stmt.setTimestamp(5, timestamp);
+                stmt.setInt(6, otpMailDTO.getTenantId());
+                stmt.setString(7, otpMailDTO.getUsername());
                 stmt.executeUpdate();
                 try (ResultSet rs = stmt.getGeneratedKeys()) {
                     if (rs.next()) {
@@ -94,14 +96,15 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
         String sql = "SELECT "
                 + "ID, "
                 + "OTP_TOKEN, "
-                + "TENANT_DOMAIN,"
                 + "EMAIL, "
                 + "EMAIL_TYPE, "
                 + "META_INFO, "
                 + "CREATED_AT, "
                 + "EXPIRY_TIME, "
                 + "IS_EXPIRED, "
-                + "TENANT_CREATED FROM DM_OTP_DATA "
+                + "TENANT_CREATED,"
+                + "TENANT_ID, "
+                + "USERNAME FROM DM_OTP_DATA "
                 + "WHERE OTP_TOKEN = ?";
 
         try {
@@ -114,7 +117,6 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
                         OTPMailDTO otpMailDTO = new OTPMailDTO();
                         otpMailDTO.setId(rs.getInt("ID"));
                         otpMailDTO.setOtpToken(rs.getString("OTP_TOKEN"));
-                        otpMailDTO.setTenantDomain(rs.getString("TENANT_DOMAIN"));
                         otpMailDTO.setEmail(rs.getString("EMAIL"));
                         otpMailDTO.setEmailType(rs.getString("EMAIL_TYPE"));
                         otpMailDTO.setMetaInfo(rs.getString("META_INFO"));
@@ -122,6 +124,8 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
                         otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME"));
                         otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED"));
                         otpMailDTO.setTenantCreated(rs.getBoolean("TENANT_CREATED"));
+                        otpMailDTO.setTenantId(rs.getInt("TENANT_ID"));
+                        otpMailDTO.setUsername(rs.getString("USERNAME"));
                         return otpMailDTO;
                     }
                     return null;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 47ef466114..1df9b13b32 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -70,7 +70,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
         OTPMailDTO otpMailDTO = new OTPMailDTO();
         otpMailDTO.setEmail(otpMailWrapper.getEmail());
-        otpMailDTO.setTenantDomain(otpMailWrapper.getTenantDomain());
+        otpMailDTO.setTenantId(otpMailDTO.getTenantId());
+        otpMailDTO.setUsername(otpMailWrapper.getAdminUsername());
         otpMailDTO.setEmailType(otpMailWrapper.getEmailType());
         otpMailDTO.setMetaInfo(metaInfo);
         otpMailDTO.setOtpToken(otpValue);
@@ -190,8 +191,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             log.error("Received empty or blank email type field with OTP creating payload.");
             return false;
         }
-        if (StringUtils.isBlank(otpMailWrapper.getTenantDomain())) {
-            log.error("Received empty or blank tenant domain field with OTP creating payload.");
+        if (otpMailWrapper.getTenantId() != -1234 && otpMailWrapper.getTenantId() < 1) {
+            log.error("Invalid tenant Id field with OTP creating payload.");
             return false;
         }
         return true;
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
index b75cbd2295..5ff3b1c08c 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
@@ -576,7 +576,6 @@ CREATE TABLE IF NOT EXISTS DM_METADATA (
 CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT AUTO_INCREMENT NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
-   TENANT_DOMAIN VARCHAR(20) NOT NULL,
    TENANT_ID INT NOT NULL,
    USERNAME  VARCHAR(500) DEFAULT NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
index 90171e6735..5c82436ff1 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
@@ -618,7 +618,6 @@ CREATE TABLE DM_METADATA (
 CREATE TABLE DM_OTP_DATA (
      ID INT IDENTITY NOT NULL,
      OTP_TOKEN VARCHAR(100) NOT NULL,
-     TENANT_DOMAIN VARCHAR(20) NOT NULL,
      TENANT_ID INTEGER NOT NULL,
      USERNAME VARCHAR(500) NOT NULL,
      EMAIL VARCHAR(100) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
index 42e103963b..b2c64ebb3a 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
@@ -634,7 +634,6 @@ CREATE TABLE IF NOT EXISTS DM_METADATA (
 CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT AUTO_INCREMENT NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
-   TENANT_DOMAIN VARCHAR(20) NOT NULL,
    TENANT_ID INT NOT NULL,
    USERNAME VARCHAR(500) NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
index da01528e68..16139722fb 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
@@ -982,7 +982,6 @@ END;
 CREATE TABLE DM_OTP_DATA (
      ID NUMBER(10) NOT NULL,
      OTP_TOKEN VARCHAR2(100) NOT NULL,
-     TENANT_DOMAIN VARCHAR(20) NOT NULL,
      TENANT_ID INTEGER NOT NULL,
      USERNAME VARCHAR(500) NOT NULL,
      EMAIL VARCHAR2(100) NOT NULL,
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
index 279494c5da..d5db624796 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
@@ -623,7 +623,6 @@ CREATE SEQUENCE DM_OTP_DATA_seq;
 CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    ID INT DEFAULT NEXTVAL ('DM_OTP_DATA_seq') NOT NULL,
    OTP_TOKEN VARCHAR(100) NOT NULL,
-   TENANT_DOMAIN VARCHAR(20) NOT NULL,
    TENANT_ID INTEGER NOT NULL,
    USERNAME VARCHAR(500) NOT NULL,
    EMAIL VARCHAR(100) NOT NULL,

From b61e9a667b389f2f045e0d1bc0a5a1ac1e2b7dd3 Mon Sep 17 00:00:00 2001
From: inoshperera <inoshperera@gmail.com>
Date: Tue, 4 Aug 2020 20:12:37 +0530
Subject: [PATCH 30/58] Improve token validation login in valve

---
 .../device/mgt/common/spi/OTPManagementService.java    |  5 +++--
 .../core/otp/mgt/service/OTPManagementServiceImpl.java | 10 +++++-----
 .../authenticator/OneTimeTokenAuthenticator.java       | 10 ++++++++--
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 6ce92c27c9..1d23b20b03 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -19,6 +19,7 @@ package org.wso2.carbon.device.mgt.common.spi;
 
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
 import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 
 public interface OTPManagementService {
@@ -35,9 +36,9 @@ public interface OTPManagementService {
     /**
      * Check the validity of the OTP
      * @param oneTimeToken OTP
-     * @return Ture if OTP is valid one, otherise returns false
+     * @return The OTP data
      * @throws OTPManagementException if error occurred whle verifying validity of the OPT
      * @throws BadRequestException if found an null value for OTP
      */
-    boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
+    OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 1df9b13b32..78276c45b5 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -105,7 +105,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
     @Override
-    public boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
+    public OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
         OTPMailDTO otpMailDTO = getOTPDataByToken(oneTimeToken);
         if (otpMailDTO == null) {
             String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system.";
@@ -115,11 +115,11 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
         if (otpMailDTO.isExpired()) {
             log.warn("Token is expired. OTP: " + oneTimeToken);
-            return false;
+            return null;
         }
         if (otpMailDTO.isTenantCreated()) {
             log.warn("Tenant is already created for the token. OTP: " + oneTimeToken);
-            return false;
+            return null;
         }
 
         Calendar calendar = Calendar.getInstance();
@@ -133,9 +133,9 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             Gson gson = new Gson();
             OTPMailWrapper otpMailWrapper = gson.fromJson(otpMailDTO.getMetaInfo(), OTPMailWrapper.class);
             resendUserVerifyingMail(otpMailWrapper.getFirstName(), renewedOTP, otpMailDTO.getEmail());
-            return false;
+            return null;
         }
-        return true;
+        return otpMailDTO;
     }
 
     /**
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index 41f43eea9d..c5e9d90824 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -20,9 +20,11 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 import org.wso2.carbon.webapp.authenticator.framework.Constants;
+import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
 import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
 
 import java.util.Properties;
@@ -47,9 +49,13 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
         try {
             OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
                     .getOtpManagementService();
-            if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) {
+            OTPMailDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders
+                    .ONE_TIME_TOKEN_HEADER));
+            if (validOTP != null) {
                 authenticationInfo.setStatus(Status.CONTINUE);
-                authenticationInfo.setTenantId(-1);
+                authenticationInfo.setTenantId(validOTP.getTenantId());
+                authenticationInfo.setTenantDomain(Utils.getTenantDomain(validOTP.getTenantId()));
+                authenticationInfo.setUsername(validOTP.getUsername());
             } else {
                 authenticationInfo.setStatus(Status.FAILURE);
                 authenticationInfo.setMessage("Invalid OTP token.");

From 1ff61da1c48fe46311e18b99302baa86f6d24a6b Mon Sep 17 00:00:00 2001
From: Shamalka Navod <shamalkanavod95@gmail.com>
Date: Thu, 6 Aug 2020 18:09:35 +0000
Subject: [PATCH 31/58] Sort getAllNotifications API in DESC order

---
 .../impl/NotificationManagementServiceImpl.java     |  9 ++++++++-
 .../mgt/NotificationManagementService.java          |  1 -
 .../mgt/NotificationManagementServiceImpl.java      |  1 -
 .../core/notification/mgt/dao/NotificationDAO.java  |  1 -
 .../mgt/dao/impl/AbstractNotificationDAOImpl.java   |  8 ++++++--
 .../mgt/dao/impl/GenericNotificationDAOImpl.java    |  4 ++--
 .../mgt/dao/impl/OracleNotificationDAOImpl.java     | 13 +++++++++----
 .../mgt/dao/impl/PostgreSQLNotificationDAOImpl.java |  4 ++--
 .../mgt/dao/impl/SQLServerNotificationDAOImpl.java  |  4 ++--
 9 files changed, 29 insertions(+), 16 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/NotificationManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/NotificationManagementServiceImpl.java
index 3a7023796e..f5d8c7724f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/NotificationManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/NotificationManagementServiceImpl.java
@@ -32,7 +32,14 @@ import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
 
 import javax.validation.constraints.Size;
-import javax.ws.rs.*;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.HeaderParam;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.util.List;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/notification/mgt/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/notification/mgt/NotificationManagementService.java
index ab048c1db5..e071ff6153 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/notification/mgt/NotificationManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/notification/mgt/NotificationManagementService.java
@@ -102,5 +102,4 @@ public interface NotificationManagementService {
 
     PaginationResult getNotificationsByStatus(Notification.Status status,
                                    PaginationRequest request) throws NotificationManagementException;
-
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/NotificationManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/NotificationManagementServiceImpl.java
index 41686a4646..3371f8d804 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/NotificationManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/NotificationManagementServiceImpl.java
@@ -234,7 +234,6 @@ public class NotificationManagementServiceImpl implements NotificationManagement
         }
     }
 
-
     @Override
     public List<Notification> getNotificationsByStatus(Notification.Status status)
             throws NotificationManagementException {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/NotificationDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/NotificationDAO.java
index 4c47d7c90e..4e39af6f0b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/NotificationDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/NotificationDAO.java
@@ -100,5 +100,4 @@ public interface NotificationDAO {
 
 	List<Notification> getNotificationsByStatus(PaginationRequest request, Notification.Status status, int tenantId) throws
 			NotificationManagementException;
-
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/AbstractNotificationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/AbstractNotificationDAOImpl.java
index c16c05ef3a..8b0a37b7c1 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/AbstractNotificationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/AbstractNotificationDAOImpl.java
@@ -24,7 +24,12 @@ import org.wso2.carbon.device.mgt.core.notification.mgt.dao.NotificationDAO;
 import org.wso2.carbon.device.mgt.core.notification.mgt.dao.NotificationManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.notification.mgt.dao.util.NotificationDAOUtil;
 
-import java.sql.*;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.sql.Timestamp;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
@@ -94,7 +99,6 @@ public abstract class AbstractNotificationDAOImpl implements NotificationDAO {
             NotificationDAOUtil.cleanupResources(stmt, rs);
         }
         return notification;
-
     }
 
     @Override
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/GenericNotificationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/GenericNotificationDAOImpl.java
index 0a57f761a5..b69a77ac42 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/GenericNotificationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/GenericNotificationDAOImpl.java
@@ -49,7 +49,7 @@ public class GenericNotificationDAOImpl extends AbstractNotificationDAOImpl {
                     "SELECT n1.NOTIFICATION_ID, n1.DEVICE_ID, n1.OPERATION_ID, n1.STATUS, n1.DESCRIPTION," +
                     " d.DEVICE_IDENTIFICATION, d.NAME as DEVICE_NAME, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, DM_DEVICE_TYPE t, (SELECT " +
                     "NOTIFICATION_ID, DEVICE_ID, OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
-                    "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ?";
+                    "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ? ORDER BY n1.NOTIFICATION_ID DESC";
 
             sql = sql + " LIMIT ?,?";
 
@@ -90,7 +90,7 @@ public class GenericNotificationDAOImpl extends AbstractNotificationDAOImpl {
                          "DM_DEVICE d, DM_DEVICE_TYPE t, (SELECT NOTIFICATION_ID, DEVICE_ID, " +
                          "OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
                          "TENANT_ID = ? AND STATUS = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID " +
-                         "AND TENANT_ID = ?";
+                         "AND TENANT_ID = ? ORDER BY n1.NOTIFICATION_ID DESC";
 
             sql = sql + " LIMIT ?,?";
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/OracleNotificationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/OracleNotificationDAOImpl.java
index bf6360ed6e..026285dd10 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/OracleNotificationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/OracleNotificationDAOImpl.java
@@ -24,7 +24,11 @@ import org.wso2.carbon.device.mgt.common.notification.mgt.NotificationManagement
 import org.wso2.carbon.device.mgt.core.notification.mgt.dao.NotificationManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.notification.mgt.dao.util.NotificationDAOUtil;
 
-import java.sql.*;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Timestamp;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
@@ -33,6 +37,7 @@ import java.util.List;
  * This class holds the Oracle implementation of NotificationDAO which can be used to support Oracle db syntax.
  */
 public class OracleNotificationDAOImpl extends AbstractNotificationDAOImpl {
+
     @Override
     public int addNotification(int deviceId, int tenantId, Notification notification) throws
             NotificationManagementException {
@@ -81,7 +86,7 @@ public class OracleNotificationDAOImpl extends AbstractNotificationDAOImpl {
                     "NOTIFICATION_ID, DEVICE_ID, OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
                     "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ?";
 
-            sql = sql + " ORDER BY n1.NOTIFICATION_ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
+            sql = sql + " ORDER BY n1.NOTIFICATION_ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
 
             stmt = conn.prepareStatement(sql);
             stmt.setInt(1, tenantId);
@@ -122,7 +127,7 @@ public class OracleNotificationDAOImpl extends AbstractNotificationDAOImpl {
                     + "TENANT_ID = ? AND STATUS = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID "
                     + "AND TENANT_ID = ?";
 
-            sql = sql + " ORDER BY n1.NOTIFICATION_ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
+            sql = sql + " ORDER BY n1.NOTIFICATION_ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
 
             stmt = conn.prepareStatement(sql);
             stmt.setInt(1, tenantId);
@@ -149,4 +154,4 @@ public class OracleNotificationDAOImpl extends AbstractNotificationDAOImpl {
         }
         return notifications;
     }
-}
\ No newline at end of file
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/PostgreSQLNotificationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/PostgreSQLNotificationDAOImpl.java
index 744e128716..8b668064f1 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/PostgreSQLNotificationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/PostgreSQLNotificationDAOImpl.java
@@ -49,7 +49,7 @@ public class PostgreSQLNotificationDAOImpl extends AbstractNotificationDAOImpl {
                     "SELECT n1.NOTIFICATION_ID, n1.DEVICE_ID, n1.OPERATION_ID, n1.STATUS, n1.DESCRIPTION," +
                     " d.DEVICE_IDENTIFICATION, d.NAME as DEVICE_NAME, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, DM_DEVICE_TYPE t, (SELECT " +
                     "NOTIFICATION_ID, DEVICE_ID, OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
-                    "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ?";
+                    "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ? ORDER BY n1.NOTIFICATION_ID DESC";
 
             sql = sql + " LIMIT ? OFFSET ?";
 
@@ -90,7 +90,7 @@ public class PostgreSQLNotificationDAOImpl extends AbstractNotificationDAOImpl {
                          "DM_DEVICE d, DM_DEVICE_TYPE t, (SELECT NOTIFICATION_ID, DEVICE_ID, " +
                          "OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
                          "TENANT_ID = ? AND STATUS = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID " +
-                         "AND TENANT_ID = ?";
+                         "AND TENANT_ID = ? ORDER BY n1.NOTIFICATION_ID DESC";
 
             sql = sql + " LIMIT ? OFFSET ?";
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/SQLServerNotificationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/SQLServerNotificationDAOImpl.java
index b87ee63f32..43d5969c4b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/SQLServerNotificationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/notification/mgt/dao/impl/SQLServerNotificationDAOImpl.java
@@ -51,7 +51,7 @@ public class SQLServerNotificationDAOImpl extends AbstractNotificationDAOImpl {
                     "NOTIFICATION_ID, DEVICE_ID, OPERATION_ID, STATUS, DESCRIPTION FROM DM_NOTIFICATION WHERE " +
                     "TENANT_ID = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID AND TENANT_ID = ?";
 
-            sql = sql + " ORDER BY n1.NOTIFICATION_ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
+            sql = sql + " ORDER BY n1.NOTIFICATION_ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
 
             stmt = conn.prepareStatement(sql);
             stmt.setInt(1, tenantId);
@@ -92,7 +92,7 @@ public class SQLServerNotificationDAOImpl extends AbstractNotificationDAOImpl {
                          "TENANT_ID = ? AND STATUS = ?) n1 WHERE n1.DEVICE_ID = d.ID AND d.DEVICE_TYPE_ID=t.ID " +
                          "AND TENANT_ID = ?";
 
-            sql = sql + " ORDER BY n1.NOTIFICATION_ID OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
+            sql = sql + " ORDER BY n1.NOTIFICATION_ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
 
             stmt = conn.prepareStatement(sql);
             stmt.setInt(1, tenantId);

From 8494f0bc58d06c6f55d00150b845581099a9af3e Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Mon, 10 Aug 2020 02:38:51 +0530
Subject: [PATCH 32/58] Improve OTP creating logic

---
 .../service/api/UserManagementService.java    |   1 -
 .../impl/DeviceManagementServiceImpl.java     |   8 +-
 .../impl/UserManagementServiceImpl.java       |   3 -
 .../mgt/common/DeviceManagementConstants.java |  10 ++
 .../exceptions/BadRequestException.java       |   2 +-
 .../exceptions/UnAuthorizedException.java     |  45 ++++++
 .../mgt/common/otp/mgt/dto/OTPMailDTO.java    |   4 -
 .../{OTPMailWrapper.java => OTPWrapper.java}  |  53 ++-----
 .../mgt/common/spi/OTPManagementService.java  |   8 +-
 .../dao/impl/GenericOTPManagementDAOImpl.java |   2 -
 .../mgt/service/OTPManagementServiceImpl.java | 130 ++++++++++++------
 .../src/main/resources/dbscripts/cdm/h2.sql   |   1 -
 .../main/resources/dbscripts/cdm/mssql.sql    |   1 -
 .../main/resources/dbscripts/cdm/mysql.sql    |   1 -
 .../main/resources/dbscripts/cdm/oracle.sql   |   1 -
 .../resources/dbscripts/cdm/postgresql.sql    |   1 -
 .../conf/webapp-authenticator-config.xml      |   2 +-
 17 files changed, 162 insertions(+), 111 deletions(-)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/UnAuthorizedException.java
 rename components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/{OTPMailWrapper.java => OTPWrapper.java} (52%)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
index d68ba8fc09..432b752a66 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
@@ -49,7 +49,6 @@ import io.swagger.annotations.ResponseHeader;
 import org.apache.axis2.transport.http.HTTPConstants;
 import org.wso2.carbon.apimgt.annotations.api.Scopes;
 import org.wso2.carbon.apimgt.annotations.api.Scope;
-import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfoList;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
index a4ca3f026d..73a07b7aad 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
@@ -1288,6 +1288,10 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             operation.setId(operationStatusBean.getOperationId());
             DeviceMgtAPIUtils.getDeviceManagementService().updateOperation(device, operation);
             return Response.status(Response.Status.OK).entity("OperationStatus updated successfully.").build();
+        } catch (BadRequestException e) {
+            String msg = "Error occured due to invalid request";
+            log.error(msg, e);
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
         } catch (DeviceManagementException e) {
             String msg = "Error occurred when fetching device " + deviceIdentifier.toString();
             log.error(msg, e);
@@ -1296,10 +1300,6 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             String msg = "Error occurred when updating operation of device " + deviceIdentifier;
             log.error(msg, e);
             return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
-        } catch (BadRequestException e) {
-            String msg = "Error occured due to invalid request";
-            log.error(msg, e);
-            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
         }
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
index ec28453188..81233092f3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
@@ -45,11 +45,8 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
-import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
-import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
-import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManagementConstants.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManagementConstants.java
index 20b4f5b626..492288febb 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManagementConstants.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManagementConstants.java
@@ -125,4 +125,14 @@ public final class DeviceManagementConstants {
         public static final String DEFAULT_HTTP_PROTOCOL = "https";
         public static final String DAS_URL = DEFAULT_HTTP_PROTOCOL + "://" + DAS_HOST_NAME + ":" + DAS_PORT;
     }
+
+    public static final class OTPProperties {
+        private OTPProperties() { throw new AssertionError(); }
+
+        public static final String FIRST_NAME = "first-name";
+        public static final String LAST_NAME = "last-name";
+        public static final String TENANT_ADMIN_USERNAME = "tenant-admin-username";
+        public static final String TENANT_ADMIN_PASSWORD = "tenant-admin-password";
+    }
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/BadRequestException.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/BadRequestException.java
index b7d99da0e0..ed681b8140 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/BadRequestException.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/BadRequestException.java
@@ -19,7 +19,7 @@
 
 package org.wso2.carbon.device.mgt.common.exceptions;
 
-public class BadRequestException extends Exception {
+public class BadRequestException extends DeviceManagementException {
     private static final long serialVersionUID = 2304023531260840549L;
 
     public BadRequestException() {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/UnAuthorizedException.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/UnAuthorizedException.java
new file mode 100644
index 0000000000..6c3d5c6346
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/exceptions/UnAuthorizedException.java
@@ -0,0 +1,45 @@
+/*
+ *  Copyright (c) 2020, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
+ *
+ *  Entgra (pvt) Ltd. licenses this file to you under the Apache License,
+ *  Version 2.0 (the "License"); you may not use this file except
+ *  in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied. See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+
+package org.wso2.carbon.device.mgt.common.exceptions;
+
+public class UnAuthorizedException extends DeviceManagementException {
+    private static final long serialVersionUID = 2304023531260840549L;
+
+    public UnAuthorizedException() {
+        super();
+    }
+
+    public UnAuthorizedException(String msg) {
+        super(msg);
+    }
+
+    public UnAuthorizedException(Throwable cause) {
+        super(cause);
+    }
+
+    public UnAuthorizedException(String msg, Exception nestedEx) {
+        super(msg, nestedEx);
+    }
+
+    public UnAuthorizedException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
+
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
index 87c347419e..bd8698206c 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
@@ -31,7 +31,6 @@ public class OTPMailDTO {
     Timestamp createdAt;
     int expiryTime;
     boolean isExpired;
-    boolean isTenantCreated;
 
     public int getTenantId() {
         return tenantId;
@@ -111,7 +110,4 @@ public class OTPMailDTO {
         isExpired = expired;
     }
 
-    public boolean isTenantCreated() { return isTenantCreated; }
-
-    public void setTenantCreated(boolean tenantCreated) { isTenantCreated = tenantCreated; }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPWrapper.java
similarity index 52%
rename from components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
rename to components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPWrapper.java
index 176e899a86..319da774d1 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPWrapper.java
@@ -16,39 +16,16 @@
  */
 package org.wso2.carbon.device.mgt.common.otp.mgt.wrapper;
 
-public class OTPMailWrapper {
+import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
+
+import java.util.List;
+
+public class OTPWrapper {
 
-    private String firstName;
-    private String lastName;
-    private String adminUsername;
-    int tenantId;
-    private String adminPassword;
     private String email;
     private String emailType;
-
-    public int getTenantId() {
-        return tenantId;
-    }
-
-    public void setTenantId(int tenantId) {
-        this.tenantId = tenantId;
-    }
-
-    public String getAdminUsername() {
-        return adminUsername;
-    }
-
-    public void setAdminUsername(String adminUsername) {
-        this.adminUsername = adminUsername;
-    }
-
-    public String getAdminPassword() {
-        return adminPassword;
-    }
-
-    public void setAdminPassword(String adminPassword) {
-        this.adminPassword = adminPassword;
-    }
+    private String username;
+    private List<Metadata> properties;
 
     public String getEmail() {
         return email;
@@ -66,19 +43,11 @@ public class OTPMailWrapper {
         this.emailType = emailType;
     }
 
-    public String getFirstName() {
-        return firstName;
-    }
+    public String getUsername() { return username; }
 
-    public void setFirstName(String firstName) {
-        this.firstName = firstName;
-    }
+    public void setUsername(String username) { this.username = username; }
 
-    public String getLastName() {
-        return lastName;
-    }
+    public List<Metadata> getProperties() { return properties; }
 
-    public void setLastName(String lastName) {
-        this.lastName = lastName;
-    }
+    public void setProperties(List<Metadata> properties) { this.properties = properties; }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 1d23b20b03..00e6ce3d93 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -18,20 +18,20 @@
 package org.wso2.carbon.device.mgt.common.spi;
 
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
+import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
-import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 
 public interface OTPManagementService {
 
     /**
      * Create OTP token and store tenant details in the DB
-     * @param otpMailWrapper OTP Mail Wrapper object which contains tenant details of registering user
-     * @return OTPToken
+     * @param otpWrapper OTP Mail Wrapper object which contains tenant details of registering user
      * @throws OTPManagementException if error occurs while creating OTP token and storing tenant details.
      * @throws BadRequestException if found and incompatible payload to create OTP token.
      */
-    String createOTPToken (OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException;
+    void sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException;
 
     /**
      * Check the validity of the OTP
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index 076f5f820f..a923756c88 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -102,7 +102,6 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
                 + "CREATED_AT, "
                 + "EXPIRY_TIME, "
                 + "IS_EXPIRED, "
-                + "TENANT_CREATED,"
                 + "TENANT_ID, "
                 + "USERNAME FROM DM_OTP_DATA "
                 + "WHERE OTP_TOKEN = ?";
@@ -123,7 +122,6 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
                         otpMailDTO.setCreatedAt(rs.getTimestamp("CREATED_AT"));
                         otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME"));
                         otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED"));
-                        otpMailDTO.setTenantCreated(rs.getBoolean("TENANT_CREATED"));
                         otpMailDTO.setTenantId(rs.getInt("TENANT_ID"));
                         otpMailDTO.setUsername(rs.getString("USERNAME"));
                         return otpMailDTO;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 78276c45b5..de013ce4ae 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -26,19 +26,28 @@ import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.UnAuthorizedException;
+import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
+import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
+import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
+import org.wso2.carbon.device.mgt.core.config.keymanager.KeyManagerConfigurations;
 import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
-import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper;
+import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
+import org.wso2.carbon.user.api.Tenant;
+
+import static org.wso2.carbon.device.mgt.common.DeviceManagementConstants.OTPProperties;
 
 import java.sql.Timestamp;
 import java.util.Calendar;
+import java.util.List;
 import java.util.Properties;
 import java.util.UUID;
 
@@ -56,23 +65,35 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
     @Override
-    public String createOTPToken(OTPMailWrapper otpMailWrapper) throws OTPManagementException, BadRequestException {
+    public void sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException {
 
-        if (!isValidOTPTokenCreatingRequest(otpMailWrapper)){
+        Tenant tenant = validateOTPTokenCreatingRequest(otpWrapper);
+        if (tenant == null){
             String msg = "Found invalid payload with OTP creating request";
             log.error(msg);
             throw new BadRequestException(msg);
         }
 
+        DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance()
+                .getDeviceManagementConfig();
+        KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations();
+        String superTenantUsername = kmConfig.getAdminUsername();
+
+        if (!otpWrapper.getUsername().equals(superTenantUsername)) {
+            String msg = "You don't have required permission to create OTP";
+            log.error(msg);
+            throw new UnAuthorizedException(msg);
+        }
+
         Gson gson = new Gson();
-        String metaInfo = gson.toJson(otpMailWrapper);
+        String metaInfo = gson.toJson(tenant);
         String otpValue = UUID.randomUUID().toString();
 
         OTPMailDTO otpMailDTO = new OTPMailDTO();
-        otpMailDTO.setEmail(otpMailWrapper.getEmail());
-        otpMailDTO.setTenantId(otpMailDTO.getTenantId());
-        otpMailDTO.setUsername(otpMailWrapper.getAdminUsername());
-        otpMailDTO.setEmailType(otpMailWrapper.getEmailType());
+        otpMailDTO.setEmail(otpWrapper.getEmail());
+        otpMailDTO.setTenantId(-1234);
+        otpMailDTO.setUsername(otpWrapper.getUsername());
+        otpMailDTO.setEmailType(otpWrapper.getEmailType());
         otpMailDTO.setMetaInfo(metaInfo);
         otpMailDTO.setOtpToken(otpValue);
 
@@ -84,8 +105,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
                 log.error(msg);
                 throw new OTPManagementException(msg);
             }
+            sendMail(tenant.getAdminFirstName(), otpValue, tenant.getEmail());
             ConnectionManagerUtil.commitDBTransaction();
-            return otpValue;
         } catch (TransactionManagementException e) {
             String msg = "Error occurred while disabling AutoCommit.";
             log.error(msg, e);
@@ -117,10 +138,6 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             log.warn("Token is expired. OTP: " + oneTimeToken);
             return null;
         }
-        if (otpMailDTO.isTenantCreated()) {
-            log.warn("Tenant is already created for the token. OTP: " + oneTimeToken);
-            return null;
-        }
 
         Calendar calendar = Calendar.getInstance();
         Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime());
@@ -131,8 +148,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             String renewedOTP = UUID.randomUUID().toString();
             renewOTP(otpMailDTO, renewedOTP);
             Gson gson = new Gson();
-            OTPMailWrapper otpMailWrapper = gson.fromJson(otpMailDTO.getMetaInfo(), OTPMailWrapper.class);
-            resendUserVerifyingMail(otpMailWrapper.getFirstName(), renewedOTP, otpMailDTO.getEmail());
+            Tenant tenant = gson.fromJson(otpMailDTO.getMetaInfo(), Tenant.class);
+            sendMail(tenant.getAdminFirstName(), renewedOTP, otpMailDTO.getEmail());
             return null;
         }
         return otpMailDTO;
@@ -163,39 +180,63 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
     /**
      * Validate OTP token creating payload
-     * @param otpMailWrapper OTPMailWrapper
+     * @param otpWrapper OTP-Wrapper
      * @return true if its valid payload otherwise returns false
      */
-    private boolean isValidOTPTokenCreatingRequest(OTPMailWrapper otpMailWrapper) {
-        if (StringUtils.isBlank(otpMailWrapper.getFirstName())) {
-            log.error("Received empty or blank first name field with OTP creating payload.");
-            return false;
+    private Tenant validateOTPTokenCreatingRequest(OTPWrapper otpWrapper) {
+
+        Tenant tenant = new Tenant();
+        List<Metadata> properties = otpWrapper.getProperties();
+        for (Metadata property : properties) {
+            switch (property.getMetaKey()) {
+                case OTPProperties.FIRST_NAME:
+                    String firstName = property.getMetaValue();
+                    if (StringUtils.isBlank(firstName)) {
+                        log.error("Received empty or blank first name field with OTP creating payload.");
+                        return null;
+                    }
+                    tenant.setAdminFirstName(firstName);
+                    break;
+                case OTPProperties.LAST_NAME:
+                    String lastName = property.getMetaValue();
+                    if (StringUtils.isBlank(lastName)) {
+                        log.error("Received empty or blank last name field with OTP creating payload.");
+                        return null;
+                    }
+                    tenant.setAdminLastName(lastName);
+                    break;
+                case OTPProperties.TENANT_ADMIN_USERNAME:
+                    String username = property.getMetaValue();
+                    if (StringUtils.isBlank(username)) {
+                        log.error("Received empty or blank admin username field with OTP creating payload.");
+                        return null;
+                    }
+                    tenant.setAdminName(username);
+                    break;
+                case OTPProperties.TENANT_ADMIN_PASSWORD:
+                    String pwd = property.getMetaValue();
+                    if (StringUtils.isBlank(pwd)) {
+                        log.error("Received empty or blank admin password field with OTP creating payload.");
+                        return null;
+                    }
+                    tenant.setAdminPassword(pwd);
+                    break;
+                default:
+                    log.error("Received invalid key with OTP properties for creating OTP.");
+                    return null;
+            }
         }
-        if (StringUtils.isBlank(otpMailWrapper.getLastName())) {
-            log.error("Received empty or blank last name field with OTP creating payload.");
-            return false;
-        }
-        if (StringUtils.isBlank(otpMailWrapper.getAdminUsername())) {
-            log.error("Received empty or blank admin username field with OTP creating payload.");
-            return false;
-        }
-        if (StringUtils.isBlank(otpMailWrapper.getAdminPassword())) {
-            log.error("Received empty or blank admin password field with OTP creating payload.");
-            return false;
-        }
-        if (StringUtils.isBlank(otpMailWrapper.getEmail())) {
+
+        if (StringUtils.isBlank(otpWrapper.getEmail())) {
             log.error("Received empty or blank email field with OTP creating payload.");
-            return false;
+            return null;
         }
-        if (StringUtils.isBlank(otpMailWrapper.getEmailType())) {
+        if (StringUtils.isBlank(otpWrapper.getEmailType())) {
             log.error("Received empty or blank email type field with OTP creating payload.");
-            return false;
+            return null;
         }
-        if (otpMailWrapper.getTenantId() != -1234 && otpMailWrapper.getTenantId() < 1) {
-            log.error("Invalid tenant Id field with OTP creating payload.");
-            return false;
-        }
-        return true;
+        tenant.setEmail(otpWrapper.getEmail());
+        return tenant;
     }
 
     /**
@@ -205,7 +246,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
      * @param mailAddress Mail Address of the User
      * @throws OTPManagementException if error occurred while resend the user verifying mail
      */
-    private void resendUserVerifyingMail(String firstName, String renewedOTP, String mailAddress)
+    private void sendMail(String firstName, String renewedOTP, String mailAddress)
             throws OTPManagementException {
         Properties props = new Properties();
         props.setProperty("first-name", firstName);
@@ -216,8 +257,9 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             DeviceManagementDataHolder.getInstance().getDeviceManagementProvider()
                     .sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, metaInfo);
         } catch (DeviceManagementException e) {
-            e.printStackTrace();
-            throw new OTPManagementException(e);
+            String msg = "Error occurred while inviting user to enrol their device";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
         } catch (ConfigurationManagementException e) {
             throw new OTPManagementException(e);
         }
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
index 5ff3b1c08c..623bd6b374 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql
@@ -584,7 +584,6 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    CREATED_AT TIMESTAMP NOT NULL,
    EXPIRY_TIME INT NOT NULL DEFAULT 3600,
    IS_EXPIRED BOOLEAN DEFAULT false,
-   TENANT_CREATED BOOLEAN DEFAULT false,
    PRIMARY KEY (ID),
    CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
 );
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
index 5c82436ff1..058bceb53b 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql
@@ -626,7 +626,6 @@ CREATE TABLE DM_OTP_DATA (
      CREATED_AT DATETIME2(0) NOT NULL,
      EXPIRY_TIME INT NOT NULL DEFAULT 3600,
      IS_EXPIRED BIT DEFAULT false,
-     TENANT_CREATED BOOLEAN DEFAULT false,
      PRIMARY KEY (ID),
      CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
 );
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
index b2c64ebb3a..f1244dd87e 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql
@@ -642,7 +642,6 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    CREATED_AT TIMESTAMP NOT NULL,
    EXPIRY_TIME INT NOT NULL DEFAULT 3600,
    IS_EXPIRED BOOLEAN DEFAULT false,
-   TENANT_CREATED BOOLEAN DEFAULT false,
    PRIMARY KEY (ID),
    CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
 );
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
index 16139722fb..325bb770b3 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql
@@ -990,7 +990,6 @@ CREATE TABLE DM_OTP_DATA (
      CREATED_AT TIMESTAMP(0) NOT NULL,
      EXPIRY_TIME NUMBER(10) DEFAULT 3600 NOT NULL,
      IS_EXPIRED CHAR(1) DEFAULT false,
-     TENANT_CREATED BOOLEAN DEFAULT false,
      PRIMARY KEY (ID),
      CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
 );
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
index d5db624796..d695625575 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql
@@ -631,7 +631,6 @@ CREATE TABLE IF NOT EXISTS DM_OTP_DATA (
    CREATED_AT TIMESTAMP(0) NOT NULL,
    EXPIRY_TIME INT NOT NULL DEFAULT 3600,
    IS_EXPIRED BOOLEAN DEFAULT false,
-   TENANT_CREATED BOOLEAN DEFAULT false,
    PRIMARY KEY (ID),
    CONSTRAINT email_type_uk UNIQUE (EMAIL, EMAIL_TYPE)
 );
diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
index cd376469ef..dfea5c07ac 100644
--- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
+++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml
@@ -29,7 +29,7 @@
         </Authenticator>
         <Authenticator>
             <Name>CertificateAuth</Name>
-            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.gitCertificateAuthenticator</ClassName>
+            <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator</ClassName>
         </Authenticator>
         <Authenticator>
             <Name>OTPAuth</Name>

From 648cffaa172633ea6604f8ec0fa28a21c0979d19 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Mon, 10 Aug 2020 13:23:28 +0530
Subject: [PATCH 33/58] Generalize OTP creation

---
 .../{OTPMailDTO.java => OneTimePinDTO.java}   |   2 +-
 .../mgt/common/spi/OTPManagementService.java  |   4 +-
 .../core/otp/mgt/dao/OTPManagementDAO.java    |  10 +-
 .../dao/impl/GenericOTPManagementDAOImpl.java |  48 ++---
 .../mgt/service/OTPManagementServiceImpl.java | 180 ++++++++++--------
 .../OneTimeTokenAuthenticator.java            |   4 +-
 6 files changed, 138 insertions(+), 110 deletions(-)
 rename components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/{OTPMailDTO.java => OneTimePinDTO.java} (98%)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java
similarity index 98%
rename from components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
rename to components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java
index bd8698206c..11923947c1 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java
@@ -19,7 +19,7 @@ package org.wso2.carbon.device.mgt.common.otp.mgt.dto;
 
 import java.sql.Timestamp;
 
-public class OTPMailDTO {
+public class OneTimePinDTO {
 
     int id;
     String otpToken;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 00e6ce3d93..2844be1f07 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.common.spi;
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
-import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 
 public interface OTPManagementService {
@@ -40,5 +40,5 @@ public interface OTPManagementService {
      * @throws OTPManagementException if error occurred whle verifying validity of the OPT
      * @throws BadRequestException if found an null value for OTP
      */
-    OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
+    OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
index 9a9ae3eefb..86eb5e4ccf 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
@@ -17,26 +17,26 @@
 
 package org.wso2.carbon.device.mgt.core.otp.mgt.dao;
 
-import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 
 public interface OTPManagementDAO {
 
     /**
      * Save OTP token data and tenant details of registering user
-     * @param otpMailDTO OTPMailDTO
+     * @param oneTimePinDTO OTPMailDTO
      * @return  Primary key of the newly adding data raw
      * @throws OTPManagementDAOException if error occurred whule storing data
      */
-    int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException;
+    int addOTPData(OneTimePinDTO oneTimePinDTO) throws OTPManagementDAOException;
 
     /**
      * Get OTP data for requesting One Time Token
      * @param oneTimeToken One Time Token
-     * @return {@link OTPMailDTO}
+     * @return {@link OneTimePinDTO}
      * @throws OTPManagementDAOException if error ocured while getting OTP data for requesting one time token
      */
-    OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException;
+    OneTimePinDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException;
 
     /**
      * Expire the OTP
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index a923756c88..515b2fc727 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
-import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.AbstractDAOImpl;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
@@ -38,11 +38,11 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
     private static final Log log = LogFactory.getLog(GenericOTPManagementDAOImpl.class);
 
     @Override
-    public int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException {
+    public int addOTPData(OneTimePinDTO oneTimePinDTO) throws OTPManagementDAOException {
         if (log.isDebugEnabled()) {
             log.debug("Request received in DAO Layer to create an OTP data entry");
             log.debug("OTP Details : ");
-            log.debug("OTP key : " + otpMailDTO.getOtpToken() + " Email : " + otpMailDTO.getEmail());
+            log.debug("OTP key : " + oneTimePinDTO.getOtpToken() + " Email : " + oneTimePinDTO.getEmail());
         }
 
         String sql = "INSERT INTO DM_OTP_DATA "
@@ -58,13 +58,13 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
             Calendar calendar = Calendar.getInstance();
             Timestamp timestamp = new Timestamp(calendar.getTime().getTime());
             try (PreparedStatement stmt = conn.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) {
-                stmt.setString(1, otpMailDTO.getOtpToken());
-                stmt.setString(2, otpMailDTO.getEmail());
-                stmt.setString(3, otpMailDTO.getEmailType());
-                stmt.setString(4, otpMailDTO.getMetaInfo());
+                stmt.setString(1, oneTimePinDTO.getOtpToken());
+                stmt.setString(2, oneTimePinDTO.getEmail());
+                stmt.setString(3, oneTimePinDTO.getEmailType());
+                stmt.setString(4, oneTimePinDTO.getMetaInfo());
                 stmt.setTimestamp(5, timestamp);
-                stmt.setInt(6, otpMailDTO.getTenantId());
-                stmt.setString(7, otpMailDTO.getUsername());
+                stmt.setInt(6, oneTimePinDTO.getTenantId());
+                stmt.setString(7, oneTimePinDTO.getUsername());
                 stmt.executeUpdate();
                 try (ResultSet rs = stmt.getGeneratedKeys()) {
                     if (rs.next()) {
@@ -75,18 +75,18 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
             }
         } catch (DBConnectionException e) {
             String msg = "Error occurred while obtaining the DB connection to create an opt entry for email "
-                    + otpMailDTO.getEmail();
+                    + oneTimePinDTO.getEmail();
             log.error(msg, e);
             throw new OTPManagementDAOException(msg, e);
         } catch (SQLException e) {
-            String msg = "Error occurred while executing SQL to create an otp entry for email " + otpMailDTO.getEmail();
+            String msg = "Error occurred while executing SQL to create an otp entry for email " + oneTimePinDTO.getEmail();
             log.error(msg, e);
             throw new OTPManagementDAOException(msg, e);
         }
     }
 
     @Override
-    public OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException {
+    public OneTimePinDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException {
 
         if (log.isDebugEnabled()) {
             log.debug("Request received in DAO Layer to get an OTP data entry for OTP");
@@ -113,18 +113,18 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
 
                 try (ResultSet rs = stmt.executeQuery()) {
                     if (rs.next()) {
-                        OTPMailDTO otpMailDTO = new OTPMailDTO();
-                        otpMailDTO.setId(rs.getInt("ID"));
-                        otpMailDTO.setOtpToken(rs.getString("OTP_TOKEN"));
-                        otpMailDTO.setEmail(rs.getString("EMAIL"));
-                        otpMailDTO.setEmailType(rs.getString("EMAIL_TYPE"));
-                        otpMailDTO.setMetaInfo(rs.getString("META_INFO"));
-                        otpMailDTO.setCreatedAt(rs.getTimestamp("CREATED_AT"));
-                        otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME"));
-                        otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED"));
-                        otpMailDTO.setTenantId(rs.getInt("TENANT_ID"));
-                        otpMailDTO.setUsername(rs.getString("USERNAME"));
-                        return otpMailDTO;
+                        OneTimePinDTO oneTimePinDTO = new OneTimePinDTO();
+                        oneTimePinDTO.setId(rs.getInt("ID"));
+                        oneTimePinDTO.setOtpToken(rs.getString("OTP_TOKEN"));
+                        oneTimePinDTO.setEmail(rs.getString("EMAIL"));
+                        oneTimePinDTO.setEmailType(rs.getString("EMAIL_TYPE"));
+                        oneTimePinDTO.setMetaInfo(rs.getString("META_INFO"));
+                        oneTimePinDTO.setCreatedAt(rs.getTimestamp("CREATED_AT"));
+                        oneTimePinDTO.setExpiryTime(rs.getInt("EXPIRY_TIME"));
+                        oneTimePinDTO.setExpired(rs.getBoolean("IS_EXPIRED"));
+                        oneTimePinDTO.setTenantId(rs.getInt("TENANT_ID"));
+                        oneTimePinDTO.setUsername(rs.getString("USERNAME"));
+                        return oneTimePinDTO;
                     }
                     return null;
                 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index de013ce4ae..68297a5554 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -28,7 +28,7 @@ import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.UnAuthorizedException;
 import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
-import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
@@ -66,46 +66,21 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
     @Override
     public void sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException {
-
-        Tenant tenant = validateOTPTokenCreatingRequest(otpWrapper);
-        if (tenant == null){
-            String msg = "Found invalid payload with OTP creating request";
-            log.error(msg);
-            throw new BadRequestException(msg);
-        }
-
-        DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance()
-                .getDeviceManagementConfig();
-        KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations();
-        String superTenantUsername = kmConfig.getAdminUsername();
-
-        if (!otpWrapper.getUsername().equals(superTenantUsername)) {
-            String msg = "You don't have required permission to create OTP";
-            log.error(msg);
-            throw new UnAuthorizedException(msg);
-        }
-
-        Gson gson = new Gson();
-        String metaInfo = gson.toJson(tenant);
-        String otpValue = UUID.randomUUID().toString();
-
-        OTPMailDTO otpMailDTO = new OTPMailDTO();
-        otpMailDTO.setEmail(otpWrapper.getEmail());
-        otpMailDTO.setTenantId(-1234);
-        otpMailDTO.setUsername(otpWrapper.getUsername());
-        otpMailDTO.setEmailType(otpWrapper.getEmailType());
-        otpMailDTO.setMetaInfo(metaInfo);
-        otpMailDTO.setOtpToken(otpValue);
-
+        Tenant tenant = validateTenantCreatingDetails(otpWrapper);
+        OneTimePinDTO oneTimePinDTO = createOneTimePin(otpWrapper.getEmail(), otpWrapper.getEmailType(),
+                otpWrapper.getUsername(), tenant, -1234);
         try {
             ConnectionManagerUtil.beginDBTransaction();
-            if (this.otpManagementDAO.addOTPData(otpMailDTO) == -1) {
+            if (this.otpManagementDAO.addOTPData(oneTimePinDTO) == -1) {
                 ConnectionManagerUtil.rollbackDBTransaction();
                 String msg = "OTP data saving failed. Please, contact Administrator";
                 log.error(msg);
                 throw new OTPManagementException(msg);
             }
-            sendMail(tenant.getAdminFirstName(), otpValue, tenant.getEmail());
+            Properties props = new Properties();
+            props.setProperty("first-name", tenant.getAdminFirstName());
+            props.setProperty("otp-token", oneTimePinDTO.getOtpToken());
+            sendMail(props, tenant.getEmail());
             ConnectionManagerUtil.commitDBTransaction();
         } catch (TransactionManagementException e) {
             String msg = "Error occurred while disabling AutoCommit.";
@@ -117,7 +92,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             throw new OTPManagementException(msg, e);
         } catch (OTPManagementDAOException e) {
             ConnectionManagerUtil.rollbackDBTransaction();
-            String msg = "Error occurred while saving the OTP data. Email address: " + otpMailDTO.getEmail();
+            String msg = "Error occurred while saving the OTP data. Email address: " + oneTimePinDTO.getEmail();
             log.error(msg, e);
             throw new OTPManagementException(msg, e);
         } finally {
@@ -126,15 +101,15 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
     @Override
-    public OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
-        OTPMailDTO otpMailDTO = getOTPDataByToken(oneTimeToken);
-        if (otpMailDTO == null) {
+    public OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
+        OneTimePinDTO oneTimePinDTO = getOTPDataByToken(oneTimeToken);
+        if (oneTimePinDTO == null) {
             String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system.";
             log.error(msg);
             throw new BadRequestException(msg);
         }
 
-        if (otpMailDTO.isExpired()) {
+        if (oneTimePinDTO.isExpired()) {
             log.warn("Token is expired. OTP: " + oneTimeToken);
             return null;
         }
@@ -142,26 +117,59 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         Calendar calendar = Calendar.getInstance();
         Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime());
         Timestamp expiredTimestamp = new Timestamp(
-                otpMailDTO.getCreatedAt().getTime() + otpMailDTO.getExpiryTime() * 1000);
+                oneTimePinDTO.getCreatedAt().getTime() + oneTimePinDTO.getExpiryTime() * 1000);
 
         if (currentTimestamp.after(expiredTimestamp)) {
             String renewedOTP = UUID.randomUUID().toString();
-            renewOTP(otpMailDTO, renewedOTP);
+            renewOTP(oneTimePinDTO, renewedOTP);
             Gson gson = new Gson();
-            Tenant tenant = gson.fromJson(otpMailDTO.getMetaInfo(), Tenant.class);
-            sendMail(tenant.getAdminFirstName(), renewedOTP, otpMailDTO.getEmail());
+            Tenant tenant = gson.fromJson(oneTimePinDTO.getMetaInfo(), Tenant.class);
+
+            Properties props = new Properties();
+            props.setProperty("first-name", tenant.getAdminFirstName());
+            props.setProperty("otp-token", renewedOTP);
+            sendMail(props, oneTimePinDTO.getEmail());
             return null;
         }
-        return otpMailDTO;
+        return oneTimePinDTO;
+    }
+
+
+    /**
+     * Create One Time Token
+     * @param email email
+     * @param emailType email type
+     * @param userName username
+     * @param metaDataObj meta data object
+     * @param tenantId tenant Id
+     * @return {@link OneTimePinDTO}
+     */
+    private OneTimePinDTO createOneTimePin(String email, String emailType, String userName, Object metaDataObj,
+            int tenantId) {
+
+        String otpValue = UUID.randomUUID().toString();
+
+        Gson gson = new Gson();
+        String metaInfo = gson.toJson(metaDataObj);
+
+        OneTimePinDTO oneTimePinDTO = new OneTimePinDTO();
+        oneTimePinDTO.setEmail(email);
+        oneTimePinDTO.setTenantId(tenantId);
+        oneTimePinDTO.setUsername(userName);
+        oneTimePinDTO.setEmailType(emailType);
+        oneTimePinDTO.setMetaInfo(metaInfo);
+        oneTimePinDTO.setOtpToken(otpValue);
+
+        return oneTimePinDTO;
     }
 
     /**
      * Get OTPData from DB
      * @param oneTimeToken One Time Token
-     * @return {@link OTPMailDTO}
+     * @return {@link OneTimePinDTO}
      * @throws OTPManagementException if error occurred while getting OTP data for given OTP in DB
      */
-    private OTPMailDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException {
+    private OneTimePinDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException {
         try {
             ConnectionManagerUtil.openDBConnection();
             return otpManagementDAO.getOTPDataByToken(oneTimeToken);
@@ -179,61 +187,85 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
     /**
-     * Validate OTP token creating payload
+     * Validate Tenant details
      * @param otpWrapper OTP-Wrapper
-     * @return true if its valid payload otherwise returns false
+     * @return {@link Tenant} if its valid payload otherwise throws {@link DeviceManagementException}
+     * @throws DeviceManagementException if invalid payload or unauthorized request received
      */
-    private Tenant validateOTPTokenCreatingRequest(OTPWrapper otpWrapper) {
+    private Tenant validateTenantCreatingDetails(OTPWrapper otpWrapper) throws DeviceManagementException {
+
+        DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance()
+                .getDeviceManagementConfig();
+        KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations();
+        String superTenantUsername = kmConfig.getAdminUsername();
+
+        if (!otpWrapper.getUsername().equals(superTenantUsername)) {
+            String msg = "You don't have required permission to create OTP";
+            log.error(msg);
+            throw new UnAuthorizedException(msg);
+        }
 
         Tenant tenant = new Tenant();
         List<Metadata> properties = otpWrapper.getProperties();
         for (Metadata property : properties) {
+            if (property == null) {
+                String msg = "Received invalid property to create OTP.";
+                log.error(msg);
+                throw new BadRequestException(msg);
+            }
             switch (property.getMetaKey()) {
                 case OTPProperties.FIRST_NAME:
                     String firstName = property.getMetaValue();
                     if (StringUtils.isBlank(firstName)) {
-                        log.error("Received empty or blank first name field with OTP creating payload.");
-                        return null;
+                        String msg = "Received empty or blank first name field with OTP creating payload.";
+                        log.error(msg);
+                        throw new BadRequestException(msg);
                     }
                     tenant.setAdminFirstName(firstName);
                     break;
                 case OTPProperties.LAST_NAME:
                     String lastName = property.getMetaValue();
                     if (StringUtils.isBlank(lastName)) {
-                        log.error("Received empty or blank last name field with OTP creating payload.");
-                        return null;
+                        String msg = "Received empty or blank last name field with OTP creating payload.";
+                        log.error(msg);
+                        throw new BadRequestException(msg);
                     }
                     tenant.setAdminLastName(lastName);
                     break;
                 case OTPProperties.TENANT_ADMIN_USERNAME:
                     String username = property.getMetaValue();
                     if (StringUtils.isBlank(username)) {
-                        log.error("Received empty or blank admin username field with OTP creating payload.");
-                        return null;
+                        String msg = "Received empty or blank admin username field with OTP creating payload.";
+                        log.error(msg);
+                        throw new BadRequestException(msg);
                     }
                     tenant.setAdminName(username);
                     break;
                 case OTPProperties.TENANT_ADMIN_PASSWORD:
                     String pwd = property.getMetaValue();
                     if (StringUtils.isBlank(pwd)) {
-                        log.error("Received empty or blank admin password field with OTP creating payload.");
-                        return null;
+                        String msg = "Received empty or blank admin password field with OTP creating payload.";
+                        log.error(msg);
+                        throw new BadRequestException(msg);
                     }
                     tenant.setAdminPassword(pwd);
                     break;
                 default:
-                    log.error("Received invalid key with OTP properties for creating OTP.");
-                    return null;
+                    String msg = "Received invalid key with OTP properties for creating OTP.";
+                    log.error(msg);
+                    throw new BadRequestException(msg);
             }
         }
 
         if (StringUtils.isBlank(otpWrapper.getEmail())) {
-            log.error("Received empty or blank email field with OTP creating payload.");
-            return null;
+            String msg = "Received empty or blank email field with OTP creating payload.";
+            log.error(msg);
+            throw new BadRequestException(msg);
         }
         if (StringUtils.isBlank(otpWrapper.getEmailType())) {
-            log.error("Received empty or blank email type field with OTP creating payload.");
-            return null;
+            String msg = "Received empty or blank email type field with OTP creating payload.";
+            log.error(msg);
+            throw new BadRequestException(msg);
         }
         tenant.setEmail(otpWrapper.getEmail());
         return tenant;
@@ -241,19 +273,13 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
     /**
      * If OTP expired, resend the user verifying mail with renewed OTP
-     * @param firstName First Name of the User
-     * @param renewedOTP Renewed OTP
+     * @param props Mail body properties
      * @param mailAddress Mail Address of the User
      * @throws OTPManagementException if error occurred while resend the user verifying mail
      */
-    private void sendMail(String firstName, String renewedOTP, String mailAddress)
-            throws OTPManagementException {
-        Properties props = new Properties();
-        props.setProperty("first-name", firstName);
-        props.setProperty("otp-token", renewedOTP);
-
-        EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props);
+    private void sendMail(Properties props, String mailAddress) throws OTPManagementException {
         try {
+            EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props);
             DeviceManagementDataHolder.getInstance().getDeviceManagementProvider()
                     .sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, metaInfo);
         } catch (DeviceManagementException e) {
@@ -261,20 +287,22 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             log.error(msg, e);
             throw new OTPManagementException(msg, e);
         } catch (ConfigurationManagementException e) {
-            throw new OTPManagementException(e);
+            String msg = "Configuration error occurred. Hence  mail sending failed.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
         }
     }
 
     /**
      * Renew the OTP
-     * @param otpMailDTO {@link OTPMailDTO}
+     * @param oneTimePinDTO {@link OneTimePinDTO}
      * @param renewedOTP Renewed OTP
      * @throws OTPManagementException if error occurred while renew the OTP
      */
-    private void renewOTP(OTPMailDTO otpMailDTO, String renewedOTP) throws OTPManagementException {
+    private void renewOTP(OneTimePinDTO oneTimePinDTO, String renewedOTP) throws OTPManagementException {
         try {
             ConnectionManagerUtil.beginDBTransaction();
-            this.otpManagementDAO.renewOneTimeToken(otpMailDTO.getId(), renewedOTP);
+            this.otpManagementDAO.renewOneTimeToken(oneTimePinDTO.getId(), renewedOTP);
             ConnectionManagerUtil.commitDBTransaction();
         } catch (TransactionManagementException e) {
             String msg = "Error occurred while disabling AutoCommit to renew the OTP.";
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index c5e9d90824..472fb6d302 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -20,7 +20,7 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 import org.wso2.carbon.webapp.authenticator.framework.Constants;
@@ -49,7 +49,7 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
         try {
             OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance()
                     .getOtpManagementService();
-            OTPMailDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders
+            OneTimePinDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders
                     .ONE_TIME_TOKEN_HEADER));
             if (validOTP != null) {
                 authenticationInfo.setStatus(Status.CONTINUE);

From 0a2836c59942a49b5d607ba639f114b488b040a6 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Tue, 11 Aug 2020 13:32:17 +0530
Subject: [PATCH 34/58] Add OTP invoker

---
 .../interceptor/OTPInvokerHandler.java        | 270 ++++++++++++++++++
 .../interceptor/util/HandlerConstants.java    |   2 +
 .../request/interceptor/util/HandlerUtil.java |  33 ++-
 3 files changed, 304 insertions(+), 1 deletion(-)
 create mode 100644 components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java

diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java
new file mode 100644
index 0000000000..1378f5af4c
--- /dev/null
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java
@@ -0,0 +1,270 @@
+/*
+ * Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.ui.request.interceptor;
+
+import io.entgra.ui.request.interceptor.util.HandlerConstants;
+import io.entgra.ui.request.interceptor.util.HandlerUtil;
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.http.HttpHeaders;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.methods.HttpDelete;
+import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpHead;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.client.methods.HttpPut;
+import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.cookie.SM;
+import org.apache.http.entity.ContentType;
+import org.apache.http.entity.InputStreamEntity;
+import org.apache.http.entity.mime.HttpMultipartMode;
+import org.apache.http.entity.mime.MultipartEntityBuilder;
+import org.apache.http.entity.mime.content.InputStreamBody;
+import org.wso2.carbon.device.application.mgt.common.ProxyResponse;
+
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.List;
+
+@WebServlet(
+        name = "RequestHandlerServlet",
+        description = "This servlet intercepts the otp-api requests initiated from the user interface and validate "
+                + "before forwarding to the backend",
+        urlPatterns = {
+                "/otp-invoke/*"
+        }
+)
+public class OTPInvokerHandler extends HttpServlet {
+    private static final Log log = LogFactory.getLog(OTPInvokerHandler.class);
+    private static final long serialVersionUID = 3109569827313066220L;
+    private static String apiEndpoint;
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            if (validateRequest(req, resp)) {
+                HttpPost postRequest = new HttpPost(HandlerUtil.generateBackendRequestURL(req, apiEndpoint));
+                generateRequestEntity(req, postRequest);
+                ProxyResponse proxyResponse = HandlerUtil.execute(postRequest);
+
+                if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the POST API endpoint.");
+                    HandlerUtil.handleError(resp, proxyResponse);
+                    return;
+                }
+                HandlerUtil.handleSuccess(resp, proxyResponse);
+            }
+        } catch (FileUploadException e) {
+            log.error("Error occurred when processing Multipart POST request.", e);
+        } catch (IOException e) {
+            log.error("Error occurred when processing POST request.", e);
+        }
+    }
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            if (validateRequest(req, resp)) {
+                HttpGet getRequest = new HttpGet(HandlerUtil.generateBackendRequestURL(req, apiEndpoint));
+                copyRequestHeaders(req, getRequest, false);
+                ProxyResponse proxyResponse = HandlerUtil.execute(getRequest);
+
+                if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the GET API endpoint.");
+                    HandlerUtil.handleError(resp, proxyResponse);
+                    return;
+                }
+                HandlerUtil.handleSuccess(resp, proxyResponse);
+            }
+        } catch (IOException e) {
+            log.error("Error occurred when processing GET request.", e);
+        }
+    }
+
+    @Override
+    protected void doHead(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            if (validateRequest(req, resp)) {
+                HttpHead headRequest = new HttpHead(HandlerUtil.generateBackendRequestURL(req, apiEndpoint));
+                copyRequestHeaders(req, headRequest, false);
+                ProxyResponse proxyResponse = HandlerUtil.execute(headRequest);
+
+                if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the HEAD API endpoint.");
+                    HandlerUtil.handleError(resp, proxyResponse);
+                    return;
+                }
+                HandlerUtil.handleSuccess(resp, proxyResponse);
+            }
+        } catch (IOException e) {
+            log.error("Error occurred when processing HEAD request.", e);
+        }
+    }
+
+    @Override
+    protected void doPut(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            if (validateRequest(req, resp)) {
+                HttpPut putRequest = new HttpPut(HandlerUtil.generateBackendRequestURL(req, apiEndpoint));
+                generateRequestEntity(req, putRequest);
+                ProxyResponse proxyResponse = HandlerUtil.execute(putRequest);
+
+                if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the PUT API endpoint.");
+                    HandlerUtil.handleError(resp, proxyResponse);
+                    return;
+                }
+                HandlerUtil.handleSuccess(resp, proxyResponse);
+            }
+        } catch (FileUploadException e) {
+            log.error("Error occurred when processing Multipart PUT request.", e);
+        } catch (IOException e) {
+            log.error("Error occurred when processing PUT request.", e);
+        }
+    }
+
+    @Override
+    protected void doDelete(HttpServletRequest req, HttpServletResponse resp) {
+        try {
+            if (validateRequest(req, resp)) {
+                HttpDelete deleteRequest = new HttpDelete(HandlerUtil.generateBackendRequestURL(req, apiEndpoint));
+                copyRequestHeaders(req, deleteRequest, false);
+                ProxyResponse proxyResponse = HandlerUtil.execute(deleteRequest);
+
+                if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) {
+                    log.error("Error occurred while invoking the DELETE API endpoint.");
+                    HandlerUtil.handleError(resp, proxyResponse);
+                    return;
+                }
+                HandlerUtil.handleSuccess(resp, proxyResponse);
+            }
+        } catch (IOException e) {
+            log.error("Error occurred when processing DELETE request.", e);
+        }
+    }
+
+    /**
+     * Generate te request entity for POST and PUT requests from the incoming request.
+     *
+     * @param req incoming {@link HttpServletRequest}.
+     * @param proxyRequest proxy request instance.
+     * @throws FileUploadException If unable to parse the incoming request for multipart content extraction.
+     * @throws IOException If error occurred while generating the request body.
+     */
+    private void generateRequestEntity(HttpServletRequest req, HttpEntityEnclosingRequestBase proxyRequest)
+            throws FileUploadException, IOException {
+        if (ServletFileUpload.isMultipartContent(req)) {
+            ServletFileUpload servletFileUpload = new ServletFileUpload(new DiskFileItemFactory());
+            List<FileItem> fileItemList = servletFileUpload.parseRequest(req);
+            MultipartEntityBuilder entityBuilder = MultipartEntityBuilder.create();
+            entityBuilder.setMode(HttpMultipartMode.BROWSER_COMPATIBLE);
+            for (FileItem item: fileItemList) {
+                if (!item.isFormField()) {
+                    entityBuilder.addPart(item.getFieldName(), new InputStreamBody(item.getInputStream(),
+                            ContentType.create(item.getContentType()), item.getName()));
+                } else {
+                    entityBuilder.addTextBody(item.getFieldName(), item.getString());
+                }
+            }
+            proxyRequest.setEntity(entityBuilder.build());
+            copyRequestHeaders(req, proxyRequest, false);
+        } else {
+            if (StringUtils.isNotEmpty(req.getHeader(HttpHeaders.CONTENT_LENGTH)) ||
+                StringUtils.isNotEmpty(req.getHeader(HttpHeaders.TRANSFER_ENCODING))) {
+                InputStreamEntity entity = new InputStreamEntity(req.getInputStream(),
+                        Long.parseLong(req.getHeader(HttpHeaders.CONTENT_LENGTH)));
+                proxyRequest.setEntity(entity);
+            }
+            copyRequestHeaders(req, proxyRequest, true);
+        }
+    }
+
+    /**
+     * Copy incoming request headers to the proxy request.
+     *
+     * @param req incoming {@link HttpServletRequest}
+     * @param httpRequest proxy request instance.
+     * @param preserveContentType <code>true</code> if content type header needs to be preserved.
+     *                            This should be set to <code>false</code> when handling multipart requests as Http
+     *                            client will generate the Content-Type header automatically.
+     */
+    private void copyRequestHeaders(HttpServletRequest req, HttpRequestBase httpRequest, boolean preserveContentType) {
+        Enumeration<String> headerNames = req.getHeaderNames();
+        while (headerNames.hasMoreElements()) {
+            String headerName = headerNames.nextElement();
+            if (headerName.equalsIgnoreCase(HttpHeaders.CONTENT_LENGTH) ||
+                headerName.equalsIgnoreCase(SM.COOKIE) ||
+                (!preserveContentType && headerName.equalsIgnoreCase(HttpHeaders.CONTENT_TYPE))) {
+                continue;
+            }
+            Enumeration<String> headerValues = req.getHeaders(headerName);
+            while (headerValues.hasMoreElements()) {
+                httpRequest.setHeader(headerName, headerValues.nextElement());
+            }
+        }
+    }
+
+    /***
+     * Validates the incoming request.
+     *
+     * @param req {@link HttpServletRequest}
+     * @param resp {@link HttpServletResponse}
+     * @return If request is a valid one, returns TRUE, otherwise return FALSE
+     * @throws IOException If and error occurs while witting error response to client side
+     */
+    private static boolean validateRequest(HttpServletRequest req, HttpServletResponse resp)
+            throws IOException {
+        String schema = req.getScheme();
+        apiEndpoint = schema + HandlerConstants.SCHEME_SEPARATOR + System.getProperty("iot.core.host")
+                + HandlerConstants.COLON + HandlerUtil.getCorePort(schema);
+
+        if (StringUtils.isBlank(req.getHeader(HandlerConstants.OTP_HEADER))) {
+            log.error("Unauthorized, Please provide OTP token.");
+            handleError(resp, HttpStatus.SC_UNAUTHORIZED);
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * Handle error requests
+     *
+     * @param resp {@link HttpServletResponse}
+     * @param errorCode HTTP error status code
+     * @throws IOException If error occurred when trying to send the error response.
+     */
+    private static void handleError(HttpServletResponse resp, int errorCode)
+            throws IOException {
+        ProxyResponse proxyResponse = new ProxyResponse();
+        proxyResponse.setCode(errorCode);
+        proxyResponse.setExecutorResponse(
+                HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(errorCode));
+        HandlerUtil.handleError(resp, proxyResponse);
+    }
+}
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
index a335f224c7..b691eaa315 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java
@@ -47,4 +47,6 @@ public class HandlerConstants {
 
     public static final int INTERNAL_ERROR_CODE = 500;
     public static final long TIMEOUT = 1200;
+
+    public static final String OTP_HEADER = "one-time-token";
 }
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
index 82685daa43..592806f338 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java
@@ -34,6 +34,7 @@ import org.json.JSONException;
 import org.json.JSONObject;
 import org.wso2.carbon.device.application.mgt.common.ProxyResponse;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.BufferedReader;
 import java.io.IOException;
@@ -203,7 +204,7 @@ public class HandlerUtil {
     }
 
     /**
-     * Get gatway port according to request recieved scheme
+     * Get gateway port according to request received scheme
      * @param scheme https or https
      * @return {@link String} gateway port
      */
@@ -215,6 +216,19 @@ public class HandlerUtil {
         return gatewayPort;
     }
 
+    /**
+     * Get core port according to request received scheme
+     * @param scheme https or https
+     * @return {@link String} gateway port
+     */
+    public static String getCorePort(String scheme) {
+        String productCorePort = System.getProperty("iot.core.https.port");
+        if (HandlerConstants.HTTP_PROTOCOL.equals(scheme)) {
+            productCorePort = System.getProperty("iot.core.https.por");
+        }
+        return productCorePort;
+    }
+
     /**
      * Retrieve Http client based on hostname verification.
      * @return {@link CloseableHttpClient} http client
@@ -242,4 +256,21 @@ public class HandlerUtil {
                 HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED));
         handleError(resp, proxyResponse);
     }
+
+    /**
+     * Generates the target URL for the proxy request.
+     *
+     * @param req incoming {@link HttpServletRequest}
+     * @param apiEndpoint API Endpoint URL
+     * @return Target URL
+     */
+    public static String generateBackendRequestURL(HttpServletRequest req, String apiEndpoint) {
+        StringBuilder urlBuilder = new StringBuilder();
+        urlBuilder.append(apiEndpoint).append(HandlerConstants.API_COMMON_CONTEXT)
+                .append(req.getPathInfo().replace(" ", "%20"));
+        if (StringUtils.isNotEmpty(req.getQueryString())) {
+            urlBuilder.append("?").append(req.getQueryString());
+        }
+        return urlBuilder.toString();
+    }
 }

From d8e234c6daf08fb436d552a8e8497f6c379a5d85 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Tue, 11 Aug 2020 14:03:44 +0530
Subject: [PATCH 35/58] Change user verifying mail body

---
 .../src/main/resources/email/templates/user-verify.vm           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
index ee0747c64d..7b0d617fc6 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
@@ -206,7 +206,7 @@ TkSuQmCC"
                 </p>
                 <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     Congratulations!!! Thank you for registering with Entgra cloud. Please click and log in to the
-                    following link to complete your registration with us. Click <a href="$base-url-https/self-register?token=$otp-token">here</a>.
+                    following link to complete your registration with us. Click <a href="$base-url-https/self-register/sign-up?token=$otp-token">here</a>.
                 </p>
 
                 <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">

From 9759e7d57ae837708654756abd29767417ca6972 Mon Sep 17 00:00:00 2001
From: Turcy <turcy.kumarapeli@gmail.com>
Date: Tue, 11 Aug 2020 14:43:52 +0530
Subject: [PATCH 36/58] Fix user-invitation email issues

---
 .../cdmf.page.users/public/js/listing.js      |   9 +-
 .../email/templates/user-enrollment.vm        |  16 +-
 .../email/templates/user-registration.vm      |  16 +-
 .../default-enrollment-invitation.vm          | 173 +-----------------
 .../email/templates/user-enrollment.vm        | 173 +-----------------
 .../email/templates/user-registration.vm      | 173 +-----------------
 6 files changed, 17 insertions(+), 543 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
index 05f582844a..9e3733481e 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
@@ -112,10 +112,11 @@ $("a#invite-user-link").click(function () {
  * Function to get selected usernames.
  */
 function getSelectedUsernames() {
-    var usernameList = [];
-    var userList = $("#user-grid").find("tr.DTTT_selected");
-    userList.each(function () {
-        usernameList.push($(this).data('username'));
+    const tbl = $('#user-grid').DataTable();
+    let usernameList = [];
+    let userList = $("#user-grid").find("tr.DTTT_selected");
+    userList.each(function (idx, el) {
+        usernameList.push(tbl.row(el).data().username);
     });
     return usernameList;
 }
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-enrollment.vm b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-enrollment.vm
index 69aad7b830..d74e28ab7b 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-enrollment.vm
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-enrollment.vm
@@ -26,10 +26,9 @@
     <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
     <div style="background-color:#cdcdcd; font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
-            <div style="background-color: #49c8f5; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 0px 10px 0px 0px;">
+            <div style="line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="http://b.content.wso2.com/sites/all/2015-june-theme/navigation/wso2-nav-logo.png"
-                         alt="WSO2" style="margin: 0px 20px 0px 25px; width: 100%; max-width: 251px;"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
@@ -50,18 +49,9 @@
                 </p>
 
                 <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
-                    WSO2 IoT Server Administrator
+                    Entgra IoT Administrator
                 </p>
             </div>
-            <div style="background-color: #333333; border-bottom-left-radius: 10px; border-bottom-right-radius: 10px;">
-                <table cellpadding="0" cellspacing="0" border="0" width="100%">
-                    <tr>
-                        <td style="padding: 0px 20px 0px 0px;"><img
-                                src="http://b.content.wso2.com/newsletter/images/wso2-logo-cloud-footer.png" alt="WSO2"
-                                style="margin: 15px 0px 15px 25px; width: 100%; max-width: 258px;"/></td>
-                    </tr>
-                </table>
-            </div>
         </div>
     </div>
     </body>
diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-registration.vm b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-registration.vm
index ca20e42d7f..906869a286 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-registration.vm
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/email/templates/user-registration.vm
@@ -26,10 +26,9 @@
     <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
     <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
-            <div style="background-color: #49c8f5; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 0px 10px 0px 0px;">
+            <div style="line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="http://b.content.wso2.com/sites/all/2015-june-theme/navigation/wso2-nav-logo.png"
-                         alt="WSO2" style="margin: 0px 20px 0px 25px; width: 100%; max-width: 251px;"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
@@ -60,18 +59,9 @@
                 </p>
 
                 <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
-                    WSO2 IoT Server Administrator
+                    Entgra IoT Administrator
                 </p>
             </div>
-            <div style="background-color: #333333; border-bottom-left-radius: 10px; border-bottom-right-radius: 10px;">
-                <table cellpadding="0" cellspacing="0" border="0" width="100%">
-                    <tr>
-                        <td style="padding: 0px 20px 0px 0px;"><img
-                                src="http://b.content.wso2.com/newsletter/images/wso2-logo-cloud-footer.png" alt="WSO2"
-                                style="margin: 15px 0px 15px 25px; width: 100%; max-width: 258px;"/></td>
-                    </tr>
-                </table>
-            </div>
         </div>
     </div>
     </body>
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/default-enrollment-invitation.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/default-enrollment-invitation.vm
index 6084f37ec1..fff7afa9de 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/default-enrollment-invitation.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/default-enrollment-invitation.vm
@@ -26,178 +26,9 @@
     <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
     <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
-            <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
+            <div style="line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
-UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
-Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
-fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
-KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
-O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
-piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
-W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
-dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
-/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
-nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
-wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
-D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
-CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
-sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
-BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
-T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
-DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
-eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
-cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
-kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
-MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
-jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
-IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
-SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
-GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
-1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
-LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
-D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
-ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
-rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
-zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
-aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
-RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
-jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
-XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
-w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
-G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
-WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
-uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
-UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
-chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
-6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
-V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
-HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
-YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
-w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
-AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
-/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
-d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
-PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
-O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
-ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
-6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
-yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
-ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
-CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
-qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
-BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
-dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
-S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
-8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
-0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
-9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
-00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
-Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
-VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
-dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
-fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
-FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
-+/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
-YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
-BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
-Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
-EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
-BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
-wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
-1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
-jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
-BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
-EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
-gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
-tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
-sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
-OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
-wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
-PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
-ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
-XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
-QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
-Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
-mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
-XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
-QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
-/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
-DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
-keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
-ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
-sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
-TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
-l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
-zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
-3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
-Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
-DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
-ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
-QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
-Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
-Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
-ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
-uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
-kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
-OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
-ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
-VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
-tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
-yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
-tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
-nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
-pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
-Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
-FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
-cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
-kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
-Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
-M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
-AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
-fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
-dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
-gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
-mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
-YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
-fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
-8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
-y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
-cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
-1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
-i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
-s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
-VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
-2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
-zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
-ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
-8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
-win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
-Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
-5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
-9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
-os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
-GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
-DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
-/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
-25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
-hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
-6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
-VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
-6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
-Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
-7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
-/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
-v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
-ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
-Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
-8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
-dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
-uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
-pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
-g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
-TkSuQmCC"
-                         alt="entgra.io"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
index 0c29e86b4b..20bcf6e768 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
@@ -26,178 +26,9 @@
     <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
     <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
-            <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
+            <div style="line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
-UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
-Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
-fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
-KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
-O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
-piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
-W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
-dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
-/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
-nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
-wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
-D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
-CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
-sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
-BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
-T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
-DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
-eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
-cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
-kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
-MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
-jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
-IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
-SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
-GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
-1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
-LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
-D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
-ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
-rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
-zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
-aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
-RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
-jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
-XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
-w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
-G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
-WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
-uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
-UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
-chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
-6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
-V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
-HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
-YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
-w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
-AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
-/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
-d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
-PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
-O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
-ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
-6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
-yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
-ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
-CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
-qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
-BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
-dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
-S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
-8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
-0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
-9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
-00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
-Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
-VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
-dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
-fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
-FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
-+/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
-YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
-BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
-Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
-EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
-BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
-wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
-1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
-jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
-BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
-EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
-gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
-tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
-sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
-OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
-wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
-PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
-ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
-XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
-QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
-Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
-mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
-XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
-QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
-/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
-DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
-keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
-ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
-sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
-TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
-l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
-zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
-3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
-Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
-DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
-ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
-QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
-Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
-Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
-ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
-uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
-kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
-OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
-ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
-VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
-tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
-yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
-tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
-nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
-pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
-Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
-FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
-cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
-kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
-Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
-M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
-AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
-fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
-dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
-gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
-mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
-YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
-fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
-8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
-y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
-cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
-1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
-i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
-s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
-VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
-2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
-zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
-ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
-8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
-win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
-Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
-5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
-9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
-os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
-GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
-DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
-/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
-25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
-hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
-6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
-VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
-6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
-Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
-7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
-/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
-v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
-ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
-Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
-8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
-dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
-uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
-pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
-g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
-TkSuQmCC"
-                         alt="entgra.io"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-registration.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-registration.vm
index 5d4592007e..0593f32166 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-registration.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-registration.vm
@@ -26,178 +26,9 @@
     <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
     <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
-            <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
+            <div style="line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
-UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
-Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
-fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
-KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
-O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
-piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
-W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
-dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
-/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
-nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
-wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
-D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
-CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
-sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
-BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
-T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
-DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
-eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
-cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
-kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
-MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
-jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
-IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
-SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
-GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
-1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
-LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
-D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
-ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
-rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
-zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
-aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
-RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
-jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
-XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
-w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
-G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
-WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
-uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
-UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
-chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
-6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
-V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
-HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
-YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
-w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
-AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
-/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
-d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
-PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
-O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
-ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
-6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
-yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
-ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
-CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
-qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
-BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
-dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
-S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
-8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
-0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
-9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
-00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
-Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
-VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
-dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
-fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
-FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
-+/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
-YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
-BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
-Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
-EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
-BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
-wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
-1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
-jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
-BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
-EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
-gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
-tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
-sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
-OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
-wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
-PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
-ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
-XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
-QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
-Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
-mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
-XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
-QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
-/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
-DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
-keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
-ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
-sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
-TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
-l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
-zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
-3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
-Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
-DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
-ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
-QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
-Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
-Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
-ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
-uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
-kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
-OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
-ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
-VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
-tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
-yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
-tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
-nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
-pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
-Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
-FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
-cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
-kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
-Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
-M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
-AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
-fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
-dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
-gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
-mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
-YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
-fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
-8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
-y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
-cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
-1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
-i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
-s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
-VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
-2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
-zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
-ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
-8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
-win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
-Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
-5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
-9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
-os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
-GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
-DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
-/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
-25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
-hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
-6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
-VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
-6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
-Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
-7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
-/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
-v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
-ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
-Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
-8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
-dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
-uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
-pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
-g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
-TkSuQmCC"
-                         alt="entgra.io"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">

From e2a143cde09694ef27c6b6b365c6e229bdb0db20 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Wed, 12 Aug 2020 12:21:58 +0530
Subject: [PATCH 37/58] Improve user verifying mail sending logic

---
 .../org.wso2.carbon.device.mgt.core/pom.xml   |  4 +++
 .../mgt/service/OTPManagementServiceImpl.java | 31 +++++++++++++++++--
 pom.xml                                       | 10 +++++-
 3 files changed, 41 insertions(+), 4 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml
index 4d1c23ba6c..347c710be6 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml
@@ -360,6 +360,10 @@
             <groupId>org.wso2.carbon.multitenancy</groupId>
             <artifactId>org.wso2.carbon.tenant.mgt</artifactId>
         </dependency>
+        <dependency>
+            <groupId>commons-validator</groupId>
+            <artifactId>commons-validator</artifactId>
+        </dependency>
     </dependencies>
 
 </project>
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 68297a5554..ee649baf1d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -20,6 +20,7 @@ import com.google.gson.Gson;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.base.MultitenantConstants;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
@@ -41,6 +42,7 @@ import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
+import org.apache.commons.validator.routines.EmailValidator;
 import org.wso2.carbon.user.api.Tenant;
 
 import static org.wso2.carbon.device.mgt.common.DeviceManagementConstants.OTPProperties;
@@ -102,13 +104,18 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
     @Override
     public OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException {
+        if (StringUtils.isBlank(oneTimeToken)){
+            String msg = "Received blank OTP to verify. OTP: " + oneTimeToken;
+            log.error(msg);
+            throw new BadRequestException(msg);
+        }
+
         OneTimePinDTO oneTimePinDTO = getOTPDataByToken(oneTimeToken);
         if (oneTimePinDTO == null) {
             String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system.";
             log.error(msg);
             throw new BadRequestException(msg);
         }
-
         if (oneTimePinDTO.isExpired()) {
             log.warn("Token is expired. OTP: " + oneTimeToken);
             return null;
@@ -197,9 +204,17 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance()
                 .getDeviceManagementConfig();
         KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations();
-        String superTenantUsername = kmConfig.getAdminUsername();
 
-        if (!otpWrapper.getUsername().equals(superTenantUsername)) {
+        if (StringUtils.isBlank(otpWrapper.getUsername())) {
+            String msg = "Received Blank username to create OTP. Username: " + otpWrapper.getUsername();
+            log.error(msg);
+            throw new BadRequestException(msg);
+        }
+
+        String[] superTenantDetails = otpWrapper.getUsername().split("@");
+
+        if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[1]) || !superTenantDetails[0]
+                .equals(kmConfig.getAdminUsername())) {
             String msg = "You don't have required permission to create OTP";
             log.error(msg);
             throw new UnAuthorizedException(msg);
@@ -262,11 +277,21 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             log.error(msg);
             throw new BadRequestException(msg);
         }
+
+        EmailValidator validator = EmailValidator.getInstance();
+        if (!validator.isValid(otpWrapper.getEmail())) {
+            String msg = "Found invalid email. Hence please verify the email address and re-try. Email: " + otpWrapper
+                    .getEmail();
+            log.error(msg);
+            throw new BadRequestException(msg);
+        }
+
         if (StringUtils.isBlank(otpWrapper.getEmailType())) {
             String msg = "Received empty or blank email type field with OTP creating payload.";
             log.error(msg);
             throw new BadRequestException(msg);
         }
+        tenant.setDomain(otpWrapper.getEmail().split("@")[1]);
         tenant.setEmail(otpWrapper.getEmail());
         return tenant;
     }
diff --git a/pom.xml b/pom.xml
index d522b61dab..d12b76d9f4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1772,6 +1772,11 @@
                 <artifactId>maven-checkstyle-plugin</artifactId>
                 <version>${maven.checkstyle.vesion}</version>
             </dependency>
+            <dependency>
+                <groupId>commons-validator</groupId>
+                <artifactId>commons-validator</artifactId>
+                <version>${apache.validator.version}</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -2219,6 +2224,9 @@
         <!--apache osgi mock version-->
         <apache.osgi.mock.version>2.3.2</apache.osgi.mock.version>
 
+        <!--apache validator version-->
+        <apache.validator.version>1.7</apache.validator.version>
+
         <!-- api-mgt handler version properties -->
         <org.apache.synapse.version>2.1.7-wso2v7</org.apache.synapse.version>
         <org.apache.ws.security.wso2.version>1.5.11.wso2v15</org.apache.ws.security.wso2.version>
@@ -2252,7 +2260,7 @@
         <node.version>v12.18.1</node.version>
 
         <maven.checkstyle.vesion>3.1.0</maven.checkstyle.vesion>
-        
+
         <!--websocket related lib versions-->
         <tomcat.websocket.version>7.0.85</tomcat.websocket.version>
         <javax.websocket.version>1.0</javax.websocket.version>

From 86912915fd2a26b6c5a3aa74e0661b3b67acdc09 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Wed, 12 Aug 2020 20:17:17 +0530
Subject: [PATCH 38/58] Fix user verifying functionality in OTP

---
 .../mgt/core/otp/mgt/service/OTPManagementServiceImpl.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index ee649baf1d..1ec1bb3dce 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -213,8 +213,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
         String[] superTenantDetails = otpWrapper.getUsername().split("@");
 
-        if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[1]) || !superTenantDetails[0]
-                .equals(kmConfig.getAdminUsername())) {
+        if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[superTenantDetails.length - 1])
+                || !superTenantDetails[0].equals(kmConfig.getAdminUsername())) {
             String msg = "You don't have required permission to create OTP";
             log.error(msg);
             throw new UnAuthorizedException(msg);

From a3510cbee12e92d615add10a291edb870149c368 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Thu, 13 Aug 2020 12:15:06 +0530
Subject: [PATCH 39/58] Add email enum

---
 .../mgt/common/otp/mgt/OTPEmailTypes.java     | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java
new file mode 100644
index 0000000000..c4f7ef0689
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java
@@ -0,0 +1,22 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.common.otp.mgt;
+
+public enum OTPEmailTypes {
+    USER_VERIFY, ENROLLMENT
+}

From a55a3b6ebd2936726c0752164c46b3224dd1129d Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Thu, 13 Aug 2020 23:46:53 +0530
Subject: [PATCH 40/58] Improve OTP service

---
 .../mgt/common/spi/OTPManagementService.java  |   7 +
 .../core/otp/mgt/dao/OTPManagementDAO.java    |  10 +-
 .../dao/impl/GenericOTPManagementDAOImpl.java |  46 ++++-
 .../mgt/service/OTPManagementServiceImpl.java |  63 +++++--
 .../resources/email/templates/user-verify.vm  | 171 +-----------------
 5 files changed, 110 insertions(+), 187 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 2844be1f07..31948772e2 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -41,4 +41,11 @@ public interface OTPManagementService {
      * @throws BadRequestException if found an null value for OTP
      */
     OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
+
+    /**
+     * Invalidate the OTP
+     * @param oneTimeToken OTP
+     * @throws OTPManagementException If error occurred while invalidating the OTP
+     */
+    void invalidateOTP(String oneTimeToken) throws OTPManagementException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
index 86eb5e4ccf..4c3690f5d0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java
@@ -43,7 +43,7 @@ public interface OTPManagementDAO {
      * @param oneTimeToken OTP
      * @throws OTPManagementDAOException if error occurred while updating the OTP validity.
      */
-    void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException;
+    boolean expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException;
 
     /**
      * Update OTP with renewed OTP
@@ -53,4 +53,12 @@ public interface OTPManagementDAO {
      */
     void renewOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException;
 
+    /**
+     * To veify whether email and email type exists or not
+     * @param email email
+     * @param emailType email type
+     * @return true if email and email type exists otherwise returns false
+     * @throws OTPManagementDAOException if error occurred while verify existance of the email and email type
+     */
+    boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
index 515b2fc727..273cf6c1a5 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java
@@ -142,7 +142,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
     }
 
     @Override
-    public void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException {
+    public boolean expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException {
         if (log.isDebugEnabled()) {
             log.debug("Request received in DAO Layer to update an OTP data entry for OTP");
             log.debug("OTP Details : OTP key : " + oneTimeToken );
@@ -158,7 +158,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
             try (PreparedStatement stmt = conn.prepareStatement(sql)) {
                 stmt.setBoolean(1, true);
                 stmt.setString(2, oneTimeToken);
-                stmt.executeUpdate();
+                return stmt.executeUpdate() == 1;
             }
         } catch (DBConnectionException e) {
             String msg = "Error occurred while obtaining the DB connection to update the OTP token validity.";
@@ -180,7 +180,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
 
         String sql = "UPDATE DM_OTP_DATA "
                 + "SET "
-                + "OTP_TOKEN = ? "
+                + "OTP_TOKEN = ?, "
                 + "CREATED_AT = ? "
                 + "WHERE ID = ?";
 
@@ -195,11 +195,47 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM
                 stmt.executeUpdate();
             }
         } catch (DBConnectionException e) {
-            String msg = "Error occurred while obtaining the DB connection to update the OTP token validity.";
+            String msg = "Error occurred while obtaining the DB connection to update the OTP token.";
             log.error(msg, e);
             throw new OTPManagementDAOException(msg, e);
         } catch (SQLException e) {
-            String msg = "Error occurred when obtaining database connection for updating the OTP token validity.";
+            String msg = "Error occurred when executing sql query to update the OTP token.";
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException {
+
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to verify whether email was registed with emai type in OTP");
+            log.debug("OTP Details : email : " + email + " email type: " + emailType );
+        }
+
+        String sql = "SELECT "
+                + "ID "
+                + "FROM DM_OTP_DATA "
+                + "WHERE EMAIL = ? AND "
+                + "EMAIL_TYPE = ?";
+
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setString(1, email);
+                stmt.setString(2, emailType);
+                try (ResultSet rs = stmt.executeQuery()) {
+                    return rs.next();
+                }
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to verify email and email type exist in OTP."
+                    + " Email: " + email + "Email Type: " + emailType;
+            log.error(msg, e);
+            throw new OTPManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to verify email and email type exist in OTP. Email: "
+                    + email + "Email Type: " + emailType;
             log.error(msg, e);
             throw new OTPManagementDAOException(msg, e);
         }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 1ec1bb3dce..b326f141cc 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -141,6 +141,35 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         return oneTimePinDTO;
     }
 
+    @Override
+    public void invalidateOTP(String oneTimeToken) throws OTPManagementException {
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+            if (!otpManagementDAO.expireOneTimeToken(oneTimeToken)) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                String msg = "Couldn't find OTP entry for OTP: " + oneTimeToken;
+                log.error(msg);
+                throw new OTPManagementException(msg);
+            }
+            ConnectionManagerUtil.commitDBTransaction();
+        } catch (OTPManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while invalidate the OTP: " + oneTimeToken;
+            log.error(msg);
+            throw new OTPManagementException(msg);
+        } catch (TransactionManagementException e) {
+            String msg = "Error occurred while disabling AutoCommit to invalidate OTP.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while getting database connection to invalidate OPT.";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+    }
+
 
     /**
      * Create One Time Token
@@ -212,7 +241,6 @@ public class OTPManagementServiceImpl implements OTPManagementService {
         }
 
         String[] superTenantDetails = otpWrapper.getUsername().split("@");
-
         if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[superTenantDetails.length - 1])
                 || !superTenantDetails[0].equals(kmConfig.getAdminUsername())) {
             String msg = "You don't have required permission to create OTP";
@@ -247,15 +275,6 @@ public class OTPManagementServiceImpl implements OTPManagementService {
                     }
                     tenant.setAdminLastName(lastName);
                     break;
-                case OTPProperties.TENANT_ADMIN_USERNAME:
-                    String username = property.getMetaValue();
-                    if (StringUtils.isBlank(username)) {
-                        String msg = "Received empty or blank admin username field with OTP creating payload.";
-                        log.error(msg);
-                        throw new BadRequestException(msg);
-                    }
-                    tenant.setAdminName(username);
-                    break;
                 case OTPProperties.TENANT_ADMIN_PASSWORD:
                     String pwd = property.getMetaValue();
                     if (StringUtils.isBlank(pwd)) {
@@ -291,7 +310,29 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             log.error(msg);
             throw new BadRequestException(msg);
         }
-        tenant.setDomain(otpWrapper.getEmail().split("@")[1]);
+
+        try {
+            ConnectionManagerUtil.openDBConnection();
+            if (otpManagementDAO.isEmailExist(otpWrapper.getEmail(), otpWrapper.getEmailType())) {
+                String msg = "Email is registered to execute the same action. Hence can't proceed.";
+                log.error(msg);
+                throw new BadRequestException(msg);
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while getting database connection to validate the given email and email type.";
+            log.error(msg);
+            throw new DeviceManagementException(msg);
+        } catch (OTPManagementDAOException e) {
+            String msg = "Error occurred while executing SQL query to validate the given email and email type.";
+            log.error(msg);
+            throw new DeviceManagementException(msg);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+
+        String[] tenantUsernameDetails = otpWrapper.getEmail().split("@");
+        tenant.setAdminName(tenantUsernameDetails[0]);
+        tenant.setDomain(tenantUsernameDetails[tenantUsernameDetails.length - 1]);
         tenant.setEmail(otpWrapper.getEmail());
         return tenant;
     }
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
index 7b0d617fc6..18e3a66a01 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
@@ -28,176 +28,7 @@
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
             <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
-UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
-Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
-fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
-KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
-O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
-piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
-W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
-dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
-/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
-nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
-wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
-D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
-CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
-sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
-BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
-T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
-DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
-eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
-cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
-kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
-MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
-jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
-IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
-SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
-GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
-1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
-LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
-D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
-ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
-rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
-zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
-aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
-RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
-jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
-XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
-w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
-G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
-WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
-uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
-UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
-chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
-6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
-V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
-HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
-YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
-w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
-AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
-/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
-d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
-PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
-O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
-ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
-6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
-yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
-ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
-CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
-qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
-BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
-dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
-S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
-8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
-0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
-9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
-00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
-Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
-VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
-dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
-fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
-FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
-+/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
-YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
-BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
-Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
-EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
-BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
-wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
-1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
-jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
-BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
-EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
-gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
-tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
-sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
-OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
-wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
-PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
-ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
-XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
-QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
-Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
-mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
-XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
-QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
-/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
-DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
-keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
-ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
-sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
-TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
-l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
-zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
-3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
-Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
-DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
-ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
-QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
-Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
-Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
-ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
-uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
-kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
-OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
-ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
-VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
-tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
-yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
-tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
-nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
-pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
-Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
-FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
-cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
-kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
-Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
-M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
-AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
-fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
-dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
-gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
-mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
-YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
-fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
-8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
-y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
-cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
-1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
-i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
-s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
-VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
-2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
-zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
-ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
-8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
-win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
-Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
-5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
-9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
-os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
-GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
-DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
-/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
-25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
-hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
-6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
-VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
-6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
-Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
-7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
-/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
-v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
-ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
-Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
-8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
-dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
-uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
-pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
-g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
-TkSuQmCC"
-                         alt="entgra.io"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">

From ea6b8c753681ae3626f7913b4ddd5f4abf094b36 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Mon, 17 Aug 2020 01:03:55 +0530
Subject: [PATCH 41/58] Fix invoker loading issue

---
 .../src/main/webapp/WEB-INF/web.xml                          | 5 ++---
 .../io/entgra/ui/request/interceptor/OTPInvokerHandler.java  | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
index 3b97a83bbc..aafbcec0e0 100644
--- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/webapp/WEB-INF/web.xml
@@ -49,8 +49,7 @@
         <param-name>nonSecuredEndPoints</param-name>
         <param-value>
             /api/device-mgt-config/v1.0/configurations,
-            /api/device-mgt-config/v1.0/configurations/ui-config,
-            /api/device-mgt-config/v1.0/tenant
+            /api/device-mgt-config/v1.0/configurations/ui-config
         </param-value>
     </context-param>
 
@@ -125,4 +124,4 @@
         <url-pattern>/*</url-pattern>
     </filter-mapping>
 
-</web-app>
\ No newline at end of file
+</web-app>
diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java
index 1378f5af4c..624814f327 100644
--- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java
+++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/OTPInvokerHandler.java
@@ -53,7 +53,7 @@ import java.util.Enumeration;
 import java.util.List;
 
 @WebServlet(
-        name = "RequestHandlerServlet",
+        name = "OTPRequestHandlerServlet",
         description = "This servlet intercepts the otp-api requests initiated from the user interface and validate "
                 + "before forwarding to the backend",
         urlPatterns = {

From 58217ac77a35820f9d544755ad3729f605cd35c8 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:22:59 +0530
Subject: [PATCH 42/58] Implement service to create OTP and to send device
 enrollment invitation

---
 .../mgt/common/spi/OTPManagementService.java  |  9 +++
 .../mgt/core/DeviceManagementConstants.java   |  3 +
 .../mgt/service/OTPManagementServiceImpl.java | 59 +++++++++++++++++--
 3 files changed, 66 insertions(+), 5 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 31948772e2..8ecb4de4fd 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.common.spi;
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 
@@ -48,4 +49,12 @@ public interface OTPManagementService {
      * @throws OTPManagementException If error occurred while invalidating the OTP
      */
     void invalidateOTP(String oneTimeToken) throws OTPManagementException;
+
+    /**
+     * Create OTP token and send device enrollment invitation
+     * @param deviceEnrollmentInvitation object which contains device enrollment invitation related details
+     * @throws OTPManagementException if error occurred while creating OTP token &/ sending mail
+     */
+    void sendDeviceEnrollmentInvitationMail(DeviceEnrollmentInvitation deviceEnrollmentInvitation)
+            throws OTPManagementException;
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
index 21b19b7a83..afa9dfd767 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
@@ -143,6 +143,9 @@ public final class DeviceManagementConstants {
         public static final String DEFAULT_DEVICE_USER = "Internal/devicemgt-user";
         public static final String DEFAULT_DEVICE_ADMIN = "Internal/devicemgt-admin";
 
+        public static final String CLAIM_EMAIL_ADDRESS = "http://wso2.org/claims/emailaddress";
+        public static final String CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
+
         // Permissions that are given for a normal device user.
         public static final Permission[] PERMISSIONS_FOR_DEVICE_USER = {
                 new Permission("/permission/admin/Login", "ui.execute"),
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index b326f141cc..8be27f0ec2 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -21,6 +21,7 @@ import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
 import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
@@ -28,6 +29,9 @@ import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.UnAuthorizedException;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentType;
 import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
@@ -41,9 +45,12 @@ import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
 import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
+import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
 import org.apache.commons.validator.routines.EmailValidator;
+import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
 import org.wso2.carbon.user.api.Tenant;
+import org.wso2.carbon.user.api.UserStoreException;
 
 import static org.wso2.carbon.device.mgt.common.DeviceManagementConstants.OTPProperties;
 
@@ -82,7 +89,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             Properties props = new Properties();
             props.setProperty("first-name", tenant.getAdminFirstName());
             props.setProperty("otp-token", oneTimePinDTO.getOtpToken());
-            sendMail(props, tenant.getEmail());
+            sendMail(props, tenant.getEmail(), DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE);
             ConnectionManagerUtil.commitDBTransaction();
         } catch (TransactionManagementException e) {
             String msg = "Error occurred while disabling AutoCommit.";
@@ -135,7 +142,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             Properties props = new Properties();
             props.setProperty("first-name", tenant.getAdminFirstName());
             props.setProperty("otp-token", renewedOTP);
-            sendMail(props, oneTimePinDTO.getEmail());
+            sendMail(props, oneTimePinDTO.getEmail(), DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE);
             return null;
         }
         return oneTimePinDTO;
@@ -171,6 +178,47 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
 
+    @Override
+    public void sendDeviceEnrollmentInvitationMail(DeviceEnrollmentInvitation deviceEnrollmentInvitation)
+            throws OTPManagementException {
+        DeviceManagementProviderService dms = DeviceManagementDataHolder.getInstance().getDeviceManagementProvider();
+        StringBuilder enrollmentSteps = new StringBuilder();
+        DeviceEnrollmentInvitationDetails deviceEnrollmentInvitationDetails;
+        for (DeviceEnrollmentType deviceEnrollmentType : deviceEnrollmentInvitation.getDeviceEnrollmentTypes()) {
+            deviceEnrollmentInvitationDetails = dms.getDeviceEnrollmentInvitationDetails(
+                    deviceEnrollmentType.getDeviceType());
+            if (deviceEnrollmentInvitationDetails != null &&
+                deviceEnrollmentInvitationDetails.getEnrollmentDetails() != null) {
+                for (String enrollmentType : deviceEnrollmentType.getEnrollmentType()) {
+                    deviceEnrollmentInvitationDetails.getEnrollmentDetails().stream()
+                            .filter(details -> enrollmentType.equals(details.getEnrollmentType())).findFirst()
+                            .ifPresent(details -> enrollmentSteps.append(details.getEnrollmentSteps()));
+                }
+            }
+        }
+        int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+        OneTimePinDTO oneTimePinDTO;
+        Properties props = new Properties();
+        props.setProperty("enrollment-steps", enrollmentSteps.toString());
+        try {
+            for (String username : deviceEnrollmentInvitation.getUsernames()) {
+                String emailAddress = DeviceManagerUtil.getUserClaimValue(
+                        username, DeviceManagementConstants.User.CLAIM_EMAIL_ADDRESS);
+                oneTimePinDTO = createOneTimePin(emailAddress, "test-type", username, null, tenantId);
+                props.setProperty("first-name", DeviceManagerUtil.
+                        getUserClaimValue(username, DeviceManagementConstants.User.CLAIM_FIRST_NAME));
+                props.setProperty("username", username);
+                props.setProperty("otp-token", oneTimePinDTO.getOtpToken());
+                sendMail(props, emailAddress, DeviceManagementConstants.EmailAttributes.USER_ENROLLMENT_TEMPLATE);
+            }
+        } catch (UserStoreException e) {
+            String msg = "Error occurred while getting claim values to invite user";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        }
+    }
+
+
     /**
      * Create One Time Token
      * @param email email
@@ -341,15 +389,16 @@ public class OTPManagementServiceImpl implements OTPManagementService {
      * If OTP expired, resend the user verifying mail with renewed OTP
      * @param props Mail body properties
      * @param mailAddress Mail Address of the User
+     * @param template Mail template to be used
      * @throws OTPManagementException if error occurred while resend the user verifying mail
      */
-    private void sendMail(Properties props, String mailAddress) throws OTPManagementException {
+    private void sendMail(Properties props, String mailAddress, String template) throws OTPManagementException {
         try {
             EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props);
             DeviceManagementDataHolder.getInstance().getDeviceManagementProvider()
-                    .sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, metaInfo);
+                    .sendEnrolmentInvitation(template, metaInfo);
         } catch (DeviceManagementException e) {
-            String msg = "Error occurred while inviting user to enrol their device";
+            String msg = "Error occurred while sending email using email template '" + template + "'.";
             log.error(msg, e);
             throw new OTPManagementException(msg, e);
         } catch (ConfigurationManagementException e) {

From d97de23ece9c757210e4072b7e0dd05cb8014477 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:25:26 +0530
Subject: [PATCH 43/58] Modify send-invitation API to send enrollment steps and
 OTP token

---
 .../service/api/UserManagementService.java    |  5 +-
 .../impl/UserManagementServiceImpl.java       | 52 +++++++------------
 .../mgt/jaxrs/util/DeviceMgtAPIUtils.java     | 41 +++++++++++++++
 .../mgt/core/util/DeviceManagerUtil.java      | 31 +++++++++++
 4 files changed, 93 insertions(+), 36 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
index 432b752a66..5e580f6a06 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
@@ -49,6 +49,7 @@ import io.swagger.annotations.ResponseHeader;
 import org.apache.axis2.transport.http.HTTPConstants;
 import org.wso2.carbon.apimgt.annotations.api.Scopes;
 import org.wso2.carbon.apimgt.annotations.api.Scope;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfoList;
@@ -74,7 +75,6 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.util.List;
 
 @SwaggerDefinition(
         info = @Info(
@@ -893,7 +893,8 @@ public interface UserManagementService {
             @ApiParam(
                     name = "users",
                     value = "List of users",
-                    required = true) List<String> usernames);
+                    required = true)
+            @Valid DeviceEnrollmentInvitation deviceEnrollmentInvitation);
 
     @POST
     @Path("/enrollment-invite")
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
index 81233092f3..6f240093ec 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
@@ -45,8 +45,11 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
@@ -716,48 +719,29 @@ public class UserManagementServiceImpl implements UserManagementService {
         return CredentialManagementResponseBuilder.buildChangePasswordResponse(credentials);
     }
 
-    /**
-     * Method used to send an invitation email to a existing user to enroll a device.
-     *
-     * @param usernames Username list of the users to be invited
-     */
+
     @POST
     @Path("/send-invitation")
     @Produces({MediaType.APPLICATION_JSON})
-    public Response inviteExistingUsersToEnrollDevice(List<String> usernames) {
-        if (log.isDebugEnabled()) {
-            log.debug("Sending enrollment invitation mail to existing user.");
+    public Response inviteExistingUsersToEnrollDevice(DeviceEnrollmentInvitation deviceEnrollmentInvitation) {
+        if (deviceEnrollmentInvitation.getUsernames() == null || deviceEnrollmentInvitation.getUsernames().isEmpty()) {
+            String msg = "Error occurred while validating list of user-names. User-names cannot be empty.";
+            log.error(msg);
+            throw new BadRequestException(
+                    new ErrorResponse.ErrorResponseBuilder().setCode(HttpStatus.SC_BAD_REQUEST).setMessage(msg)
+                            .build());
         }
-        DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
+        if (log.isDebugEnabled()) {
+            log.debug("Sending device enrollment invitation mail to existing user/s.");
+        }
+        OTPManagementService oms = DeviceMgtAPIUtils.getOTPManagementService();
         try {
-            for (String username : usernames) {
-                String recipient = getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS);
-
-                Properties props = new Properties();
-                props.setProperty("first-name", getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME));
-                props.setProperty("username", username);
-
-                EmailMetaInfo metaInfo = new EmailMetaInfo(recipient, props);
-                dms.sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_ENROLLMENT_TEMPLATE,
-                        metaInfo);
-            }
-        } catch (DeviceManagementException e) {
-            String msg = "Error occurred while inviting user to enrol their device";
-            if (e.getMessage() != null && !e.getMessage().isEmpty()) {
-                msg = e.getMessage();
-            }
+            oms.sendDeviceEnrollmentInvitationMail(deviceEnrollmentInvitation);
+        } catch (OTPManagementException e) {
+            String msg = "Error occurred while generating OTP and inviting user/s to enroll their device/s.";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        } catch (UserStoreException e) {
-            String msg = "Error occurred while getting claim values to invite user";
-            log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        } catch (ConfigurationManagementException e) {
-            String msg = "Error occurred while sending the email invitations. Mail server not configured.";
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
         return Response.status(Response.Status.OK).entity("Invitation mails have been sent.").build();
     }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
index 91161ced0d..e3a166dc2b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
@@ -14,6 +14,23 @@
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
+ *
+ *
+ * Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 
 package org.wso2.carbon.device.mgt.jaxrs.util;
@@ -142,6 +159,7 @@ public class DeviceMgtAPIUtils {
 
     private static IntegrationClientService integrationClientService;
     private static MetadataManagementService metadataManagementService;
+    private static OTPManagementService otpManagementService;
 
     static {
         String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
@@ -338,6 +356,29 @@ public class DeviceMgtAPIUtils {
         return integrationClientService;
     }
 
+    /**
+     * Initializing and accessing method for OTPManagementService.
+     *
+     * @return OTPManagementService instance
+     * @throws IllegalStateException if OTPManagementService cannot be initialized
+     */
+    public static synchronized OTPManagementService getOTPManagementService() {
+        if (otpManagementService == null) {
+            synchronized (DeviceMgtAPIUtils.class) {
+                if (otpManagementService == null) {
+                    PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                    otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
+                    if (otpManagementService == null) {
+                        String msg = "OTP Management service has not initialized.";
+                        log.error(msg);
+                        throw new IllegalStateException(msg);
+                    }
+                }
+            }
+        }
+        return otpManagementService;
+    }
+
     public static RegistryService getRegistryService() {
         RegistryService registryService;
         PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
index cb5d305aef..9404e5de86 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java
@@ -14,6 +14,23 @@
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
+ *
+ *
+ * Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.wso2.carbon.device.mgt.core.util;
 
@@ -79,6 +96,7 @@ import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerSer
 import org.wso2.carbon.user.api.TenantManager;
 import org.wso2.carbon.user.api.UserRealm;
 import org.wso2.carbon.user.api.UserStoreException;
+import org.wso2.carbon.user.api.UserStoreManager;
 import org.wso2.carbon.utils.CarbonUtils;
 import org.wso2.carbon.utils.ConfigurationContextService;
 import org.wso2.carbon.utils.NetworkUtils;
@@ -1047,4 +1065,17 @@ public final class DeviceManagerUtil {
         }
         return roleList;
     }
+
+    /**
+     * Retrieve the value of the user property from the user profile
+     * @param username of the user
+     * @param claimUri name of the claim
+     * @return value for the claim uri of user
+     * @throws UserStoreException when there is error in retrieving the user store manager
+     */
+    public static String getUserClaimValue(String username, String claimUri) throws UserStoreException {
+        UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm()
+                .getUserStoreManager();
+        return userStoreManager.getUserClaimValue(username, claimUri, null);
+    }
 }

From d2ab4c67100b3425b52377b95599ad0b88102d3d Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:30:06 +0530
Subject: [PATCH 44/58] Implement retrieval of
 DeviceEnrollmentInvitationDetails from device type xml files

---
 .../DeviceEnrollmentInvitationDetails.java    | 25 +++++++++++++
 .../invitation/mgt/EnrollmentDetails.java     | 36 +++++++++++++++++++
 .../common/spi/DeviceManagementService.java   |  3 ++
 .../template/DeviceTypeManagerService.java    | 18 ++++++++++
 .../config/DeviceTypeConfiguration.java       | 20 +++++++++++
 5 files changed, 102 insertions(+)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitationDetails.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/EnrollmentDetails.java

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitationDetails.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitationDetails.java
new file mode 100644
index 0000000000..3882d47293
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitationDetails.java
@@ -0,0 +1,25 @@
+package org.wso2.carbon.device.mgt.common.invitation.mgt;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+import java.util.List;
+
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "DeviceEnrollmentInvitationDetails", propOrder = {
+        "enrollmentDetails"
+})
+public class DeviceEnrollmentInvitationDetails {
+
+    @XmlElement(name = "EnrollmentDetails")
+    private List<EnrollmentDetails> enrollmentDetails;
+
+    public List<EnrollmentDetails> getEnrollmentDetails() {
+        return enrollmentDetails;
+    }
+
+    public void setEnrollmentDetails(List<EnrollmentDetails> enrollmentDetails) {
+        this.enrollmentDetails = enrollmentDetails;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/EnrollmentDetails.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/EnrollmentDetails.java
new file mode 100644
index 0000000000..905022440b
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/EnrollmentDetails.java
@@ -0,0 +1,36 @@
+package org.wso2.carbon.device.mgt.common.invitation.mgt;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
+
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "EnrollmentDetails", propOrder = {
+        "enrollmentType",
+        "enrollmentSteps"
+})
+public class EnrollmentDetails {
+
+    @XmlElement(name = "EnrollmentType")
+    private String enrollmentType;
+
+    @XmlElement(name = "EnrollmentSteps")
+    private String enrollmentSteps;
+
+    public String getEnrollmentType() {
+        return enrollmentType;
+    }
+
+    public void setEnrollmentType(String enrollmentType) {
+        this.enrollmentType = enrollmentType;
+    }
+
+    public String getEnrollmentSteps() {
+        return enrollmentSteps;
+    }
+
+    public void setEnrollmentSteps(String enrollmentSteps) {
+        this.enrollmentSteps = enrollmentSteps;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/DeviceManagementService.java
index 25303cf966..e6f33f85de 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/DeviceManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/DeviceManagementService.java
@@ -38,6 +38,7 @@ import org.wso2.carbon.device.mgt.common.*;
 import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManager;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.general.GeneralConfig;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
 import org.wso2.carbon.device.mgt.common.pull.notification.PullNotificationSubscriber;
 import org.wso2.carbon.device.mgt.common.push.notification.PushNotificationConfig;
@@ -77,4 +78,6 @@ public interface DeviceManagementService {
 
     DeviceTypePlatformDetails getDeviceTypePlatformDetails();
 
+    DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails();
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/DeviceTypeManagerService.java b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/DeviceTypeManagerService.java
index 67b79bfeb4..5896039d99 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/DeviceTypeManagerService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/DeviceTypeManagerService.java
@@ -48,6 +48,7 @@ import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManager;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationEntry;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
 import org.wso2.carbon.device.mgt.common.general.GeneralConfig;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
 import org.wso2.carbon.device.mgt.common.pull.notification.PullNotificationSubscriber;
 import org.wso2.carbon.device.mgt.common.push.notification.PushNotificationConfig;
@@ -92,6 +93,7 @@ public class DeviceTypeManagerService implements DeviceManagementService {
     private PullNotificationSubscriber pullNotificationSubscriber;
     private final DeviceStatusTaskPluginConfig deviceStatusTaskPluginConfig;
     private DeviceTypePlatformDetails deviceTypePlatformDetails;
+    private DeviceEnrollmentInvitationDetails deviceEnrollmentInvitationDetails;
     private GeneralConfig generalConfig;
     private boolean isRegistryBasedConfigs = false;
     private boolean isScheduled = false;
@@ -116,6 +118,8 @@ public class DeviceTypeManagerService implements DeviceManagementService {
         this.setPolicyMonitoringManager(deviceTypeConfiguration.getPolicyMonitoring());
         this.setPullNotificationSubscriber(deviceTypeConfiguration.getPullNotificationSubscriberConfig());
         this.setGeneralConfig(deviceTypeConfiguration);
+        this.deviceEnrollmentInvitationDetails = new DeviceEnrollmentInvitationDetails();
+        this.setDeviceEnrollmentInvitationDetails(deviceTypeConfiguration);
     }
 
     @Override
@@ -259,6 +263,11 @@ public class DeviceTypeManagerService implements DeviceManagementService {
         return generalConfig;
     }
 
+    @Override
+    public DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails() {
+        return deviceEnrollmentInvitationDetails;
+    }
+
     private void setProvisioningConfig(String tenantDomain, DeviceTypeConfiguration deviceTypeConfiguration) {
         if (deviceTypeConfiguration.getProvisioningConfig() != null) {
             boolean sharedWithAllTenants = deviceTypeConfiguration.getProvisioningConfig().isSharedWithAllTenants();
@@ -354,4 +363,13 @@ public class DeviceTypeManagerService implements DeviceManagementService {
             deviceTypePlatformDetails.setDeviceTypePlatformVersion(deviceTypeVersions.getDeviceTypePlatformVersion());
         }
     }
+
+    public void setDeviceEnrollmentInvitationDetails(DeviceTypeConfiguration deviceTypeConfiguration) {
+        DeviceEnrollmentInvitationDetails deviceEnrollmentInvitationDetailsFromConfig = deviceTypeConfiguration
+                .getDeviceEnrollmentInvitationDetails();
+        if (deviceEnrollmentInvitationDetailsFromConfig != null) {
+            deviceEnrollmentInvitationDetails.setEnrollmentDetails(
+                    deviceEnrollmentInvitationDetailsFromConfig.getEnrollmentDetails());
+        }
+    }
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/config/DeviceTypeConfiguration.java b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/config/DeviceTypeConfiguration.java
index f1c470829e..098baec3e3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/config/DeviceTypeConfiguration.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.extensions/src/main/java/org/wso2/carbon/device/mgt/extensions/device/type/template/config/DeviceTypeConfiguration.java
@@ -34,6 +34,7 @@
  */
 package org.wso2.carbon.device.mgt.extensions.device.type.template.config;
 
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.type.mgt.DeviceTypePlatformDetails;
 
 import javax.xml.bind.annotation.XmlElement;
@@ -107,6 +108,8 @@ public class DeviceTypeConfiguration {
     protected List<String> operations;
     @XmlElement(name = "DeviceTypePlatformDetails", required = true)
     protected DeviceTypePlatformDetails deviceTypePlatformDetails;
+    @XmlElement(name = "DeviceEnrollmentInvitationDetails", required = true)
+    protected DeviceEnrollmentInvitationDetails deviceEnrollmentInvitationDetails;
 
     public DeviceTypePlatformDetails getDeviceTypePlatformDetails() {
         return deviceTypePlatformDetails;
@@ -414,4 +417,21 @@ public class DeviceTypeConfiguration {
     public void setStartupOperations(List<String> startupOperations) {
         this.startupOperations = startupOperations;
     }
+
+    /**
+     * Gets the value of device enrollment invitation details which has enrollment steps of enrollment types
+     * @return device enrollment invitation details
+     */
+    public DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails() {
+        return deviceEnrollmentInvitationDetails;
+    }
+
+    /**
+     * Sets the value of device enrollment invitation details from the relevant device type xml file
+     * @param deviceEnrollmentInvitationDetails {@link DeviceEnrollmentInvitationDetails} object
+     */
+    public void setDeviceEnrollmentInvitationDetails(
+            DeviceEnrollmentInvitationDetails deviceEnrollmentInvitationDetails) {
+        this.deviceEnrollmentInvitationDetails = deviceEnrollmentInvitationDetails;
+    }
 }

From ff00f26c8382d568e106db98c2613e437842127a Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:32:04 +0530
Subject: [PATCH 45/58] Implement retrieval of
 DeviceEnrollmentInvitationDetails from the device management service

---
 .../DeviceManagementProviderService.java      | 30 +++++++------------
 .../DeviceManagementProviderServiceImpl.java  | 25 ++++++++++++++++
 2 files changed, 36 insertions(+), 19 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
index ad677b1bf0..3a79a9cd42 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderService.java
@@ -14,8 +14,8 @@
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
- */
-/*
+ *
+ *
  *   Copyright (c) 2019, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
  *
  *   Entgra (pvt) Ltd. licenses this file to you under the Apache License,
@@ -32,23 +32,6 @@
  *   specific language governing permissions and limitations
  *   under the License.
  */
-/*
- *  Copyright (c) 2020, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
- *
- *  Entgra (pvt) Ltd. licenses this file to you under the Apache License,
- *  Version 2.0 (the "License"); you may not use this file except
- *  in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing,
- *  software distributed under the License is distributed on an
- *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *  KIND, either express or implied. See the License for the
- *  specific language governing permissions and limitations
- *  under the License.
- */
 
 package org.wso2.carbon.device.mgt.core.service;
 
@@ -76,6 +59,7 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManageme
 import org.wso2.carbon.device.mgt.common.configuration.mgt.DeviceConfiguration;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
 import org.wso2.carbon.device.mgt.common.device.details.DeviceData;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.license.mgt.License;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
@@ -926,4 +910,12 @@ public interface DeviceManagementProviderService {
      */
     List<Device> getDeviceByIdList(List<String> deviceIdentifiers)
             throws DeviceManagementException;
+
+    /**
+     * Retrieve device enrollment details to be sent device enrollment invitation.
+     * This has the relevant enrollment steps of each enrollment types.
+     * @param deviceType Device type of the required device enrollment details
+     * @return enrollment steps of each enrollment types which are provided in the device type xml file
+     */
+    DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails(String deviceType);
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
index 55787e37fc..5e28129390 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java
@@ -14,6 +14,23 @@
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
+ *
+ *
+ * Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.wso2.carbon.device.mgt.core.service;
 
@@ -74,6 +91,7 @@ import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
 import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException;
 import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.license.mgt.License;
 import org.wso2.carbon.device.mgt.common.license.mgt.LicenseManagementException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
@@ -4187,4 +4205,11 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
             DeviceManagementDAOFactory.closeConnection();
         }
     }
+
+    @Override
+    public DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails(String deviceType) {
+        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
+        DeviceManagementService dms = pluginRepository.getDeviceManagementService(deviceType, tenantId);
+        return dms.getDeviceEnrollmentInvitationDetails();
+    }
 }

From 1b0c19cb0201f6120e0901ea62352268ab966262 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:32:29 +0530
Subject: [PATCH 46/58] Add device enrollment invitation beans

---
 .../mgt/DeviceEnrollmentInvitation.java       | 59 +++++++++++++++++++
 .../invitation/mgt/DeviceEnrollmentType.java  | 59 +++++++++++++++++++
 2 files changed, 118 insertions(+)
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitation.java
 create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentType.java

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitation.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitation.java
new file mode 100644
index 0000000000..0bdb03e921
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentInvitation.java
@@ -0,0 +1,59 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.invitation.mgt;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+import java.util.List;
+
+@ApiModel(
+        value = "DeviceEnrollmentInvitation",
+        description = "Holds data to send  device enrollment invitation to list of existing users.")
+public class DeviceEnrollmentInvitation implements Serializable {
+
+    private static final long serialVersionUID = 6933837278652532052L;
+
+    @ApiModelProperty(
+            name = "usernames",
+            value = "List of usernames of users.",
+            required = true)
+    private List<String> usernames;
+
+    @ApiModelProperty(
+            name = "deviceEnrollmentTypes",
+            value = "List of enrollment types against device types.")
+    private List<DeviceEnrollmentType> deviceEnrollmentTypes;
+
+    public List<String> getUsernames() {
+        return usernames;
+    }
+
+    public void setUsernames(List<String> usernames) {
+        this.usernames = usernames;
+    }
+
+    public List<DeviceEnrollmentType> getDeviceEnrollmentTypes() {
+        return deviceEnrollmentTypes;
+    }
+
+    public void setDeviceEnrollmentTypes(
+            List<DeviceEnrollmentType> deviceEnrollmentTypes) {
+        this.deviceEnrollmentTypes = deviceEnrollmentTypes;
+    }
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentType.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentType.java
new file mode 100644
index 0000000000..0124fde36d
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/invitation/mgt/DeviceEnrollmentType.java
@@ -0,0 +1,59 @@
+/* Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.common.invitation.mgt;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+import java.util.List;
+
+@ApiModel(
+        value = "DeviceEnrollmentType",
+        description = "Holds data of enrollment types against device types.")
+public class DeviceEnrollmentType implements Serializable {
+
+    private static final long serialVersionUID = 6563596191450032613L;
+
+    @ApiModelProperty(
+            name = "deviceType",
+            value = "Device type (i.e: android, ios, windows)",
+            required = true)
+    private String deviceType;
+
+    @ApiModelProperty(
+            name = "enrollmentType",
+            value = "Enrollment type (i.e: BYOD, COPE, COSU)",
+            required = true)
+    private List<String> enrollmentType;
+
+    public String getDeviceType() {
+        return deviceType;
+    }
+
+    public void setDeviceType(String deviceType) {
+        this.deviceType = deviceType;
+    }
+
+    public List<String> getEnrollmentType() {
+        return enrollmentType;
+    }
+
+    public void setEnrollmentType(List<String> enrollmentType) {
+        this.enrollmentType = enrollmentType;
+    }
+}

From 0e018679b8734d4081f11a2d63544bd311e67982 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 12 Aug 2020 18:34:20 +0530
Subject: [PATCH 47/58] Modify test cases related to device enrollment
 invitation

---
 .../impl/UserManagementServiceImplTest.java   | 55 +++++++++++++++----
 .../mgt/core/TestDeviceManagementService.java |  6 ++
 .../mock/TypeXDeviceManagementService.java    |  6 ++
 3 files changed, 56 insertions(+), 11 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImplTest.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImplTest.java
index 13942afb25..aa2f84733f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImplTest.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/test/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImplTest.java
@@ -15,6 +15,23 @@
  *   specific language governing permissions and limitations
  *   under the License.
  *
+ *
+ *   Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ *   Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied. See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
  */
 
 package org.wso2.carbon.device.mgt.jaxrs.service.impl;
@@ -34,6 +51,10 @@ import org.testng.annotations.Test;
 import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
+import org.wso2.carbon.device.mgt.core.otp.mgt.service.OTPManagementServiceImpl;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo;
@@ -66,9 +87,11 @@ public class UserManagementServiceImplTest {
     private UserStoreManager userStoreManager;
     private UserManagementService userManagementService;
     private DeviceManagementProviderService deviceManagementProviderService;
+    private OTPManagementService otpManagementService;
     private static final String DEFAULT_DEVICE_USER = "Internal/devicemgt-user";
     private UserRealm userRealm;
     private EnrollmentInvitation enrollmentInvitation;
+    private DeviceEnrollmentInvitation deviceEnrollmentInvitation;
     private List<String> userList;
     private static final String TEST_USERNAME = "test";
     private static final String TEST2_USERNAME = "test2";
@@ -86,6 +109,7 @@ public class UserManagementServiceImplTest {
         userStoreManager = Mockito.mock(UserStoreManager.class, Mockito.RETURNS_MOCKS);
         deviceManagementProviderService = Mockito
                 .mock(DeviceManagementProviderServiceImpl.class, Mockito.CALLS_REAL_METHODS);
+        otpManagementService = Mockito.mock(OTPManagementServiceImpl.class, Mockito.CALLS_REAL_METHODS);
         userRealm = Mockito.mock(UserRealm.class);
         RealmConfiguration realmConfiguration = Mockito.mock(RealmConfiguration.class);
         Mockito.doReturn(null).when(realmConfiguration).getSecondaryRealmConfig();
@@ -97,6 +121,8 @@ public class UserManagementServiceImplTest {
         enrollmentInvitation.setRecipients(recipients);
         userList = new ArrayList<>();
         userList.add(TEST_USERNAME);
+        deviceEnrollmentInvitation = new DeviceEnrollmentInvitation();
+        deviceEnrollmentInvitation.setUsernames(userList);
     }
 
     @Test(description = "This method tests the addUser method of UserManagementService")
@@ -205,13 +231,11 @@ public class UserManagementServiceImplTest {
 
     @Test(description = "This method tests the send invitation method of UserManagementService", dependsOnMethods =
             {"testIsUserExists"})
-    public void testSendInvitation() throws ConfigurationManagementException, DeviceManagementException {
-        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getUserStoreManager"))
-                .toReturn(this.userStoreManager);
-        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
-                .toReturn(this.deviceManagementProviderService);
-        Mockito.doNothing().when(deviceManagementProviderService).sendEnrolmentInvitation(Mockito.any(), Mockito.any());
-        Response response = userManagementService.inviteExistingUsersToEnrollDevice(userList);
+    public void testSendInvitation() throws OTPManagementException {
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getOTPManagementService"))
+                .toReturn(this.otpManagementService);
+        Mockito.doNothing().when(otpManagementService).sendDeviceEnrollmentInvitationMail(Mockito.any());
+        Response response = userManagementService.inviteExistingUsersToEnrollDevice(deviceEnrollmentInvitation);
         Assert.assertEquals(response.getStatus(), Response.Status.OK.getStatusCode(),
                 "Inviting existing users to enroll device failed");
     }
@@ -240,7 +264,7 @@ public class UserManagementServiceImplTest {
 
     @Test(description = "This method tests the inviteToEnrollDevice method of UserManagementService",
             dependsOnMethods = "testGetUsers")
-    public void testInviteToEnrollDevice() {
+    public void testInviteToEnrollDevice() throws ConfigurationManagementException, DeviceManagementException {
         URL resourceUrl = ClassLoader.getSystemResource("testng.xml");
         System.setProperty("carbon.home", resourceUrl.getPath());
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getUserStoreManager"))
@@ -248,6 +272,7 @@ public class UserManagementServiceImplTest {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getAuthenticatedUser")).toReturn(TEST_USERNAME);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
                 .toReturn(this.deviceManagementProviderService);
+        Mockito.doNothing().when(deviceManagementProviderService).sendEnrolmentInvitation(Mockito.any(), Mockito.any());
         EnrollmentInvitation enrollmentInvitation = new EnrollmentInvitation();
         List<String> recipients = new ArrayList<>();
         recipients.add(TEST_USERNAME);
@@ -289,16 +314,22 @@ public class UserManagementServiceImplTest {
 
     @Test(description = "This method tests the behaviour of methods when there is an issue with "
             + "DeviceManagementProviderService", dependsOnMethods = {"testGetUserCount"})
-    public void testNegativeScenarios1() throws ConfigurationManagementException, DeviceManagementException {
+    public void testNegativeScenarios1()
+            throws ConfigurationManagementException, DeviceManagementException, OTPManagementException {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getUserStoreManager"))
                 .toReturn(this.userStoreManager);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
                 .toReturn(this.deviceManagementProviderService);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getAuthenticatedUser")).toReturn(TEST_USERNAME);
         Mockito.reset(deviceManagementProviderService);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getOTPManagementService"))
+                .toReturn(this.otpManagementService);
+        Mockito.reset(otpManagementService);
         Mockito.doThrow(new DeviceManagementException()).when(deviceManagementProviderService)
                 .sendEnrolmentInvitation(Mockito.any(), Mockito.any());
-        Response response = userManagementService.inviteExistingUsersToEnrollDevice(userList);
+        Mockito.doThrow(new OTPManagementException()).when(otpManagementService)
+                .sendDeviceEnrollmentInvitationMail(Mockito.any());
+        Response response = userManagementService.inviteExistingUsersToEnrollDevice(deviceEnrollmentInvitation);
         Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
                 "Invite existing users to enroll device succeeded under erroneous conditions");
         response = userManagementService.inviteToEnrollDevice(enrollmentInvitation);
@@ -346,6 +377,8 @@ public class UserManagementServiceImplTest {
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
                 .toReturn(this.deviceManagementProviderService);
         Mockito.reset(this.userStoreManager);
+        PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getOTPManagementService"))
+                .toReturn(this.otpManagementService);
         Mockito.doThrow(new UserStoreException()).when(userStoreManager)
                 .getUserClaimValue(Mockito.any(), Mockito.any(), Mockito.any());
         Mockito.doThrow(new UserStoreException()).when(userStoreManager)
@@ -362,7 +395,7 @@ public class UserManagementServiceImplTest {
         response = userManagementService.inviteToEnrollDevice(enrollmentInvitation);
         Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
                 "Invite existing users to enroll device succeeded under erroneous conditions");
-        response = userManagementService.inviteExistingUsersToEnrollDevice(userList);
+        response = userManagementService.inviteExistingUsersToEnrollDevice(deviceEnrollmentInvitation);
         Assert.assertEquals(response.getStatus(), Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
                 "Invite existing users to enroll device succeeded under erroneous conditions");
     }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManagementService.java
index 580ed77161..c3789d47fa 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManagementService.java
@@ -37,6 +37,7 @@ import org.wso2.carbon.device.mgt.common.*;
 import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManager;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.general.GeneralConfig;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
 import org.wso2.carbon.device.mgt.common.pull.notification.PullNotificationSubscriber;
 import org.wso2.carbon.device.mgt.common.push.notification.PushNotificationConfig;
@@ -142,4 +143,9 @@ public class TestDeviceManagementService implements DeviceManagementService {
     public DeviceTypePlatformDetails getDeviceTypePlatformDetails() {
         return null;
     }
+
+    @Override
+    public DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails() {
+        return null;
+    }
 }
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/mock/TypeXDeviceManagementService.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/mock/TypeXDeviceManagementService.java
index 9bcd089eb0..de7a16c0b1 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/mock/TypeXDeviceManagementService.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/test/java/org/wso2/carbon/policy/mgt/core/mock/TypeXDeviceManagementService.java
@@ -44,6 +44,7 @@ import org.wso2.carbon.device.mgt.common.ProvisioningConfig;
 import org.wso2.carbon.device.mgt.common.StartupOperationConfig;
 import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManager;
 import org.wso2.carbon.device.mgt.common.general.GeneralConfig;
+import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
 import org.wso2.carbon.device.mgt.common.pull.notification.PullNotificationSubscriber;
 import org.wso2.carbon.device.mgt.common.push.notification.PushNotificationConfig;
@@ -131,4 +132,9 @@ public class TypeXDeviceManagementService implements DeviceManagementService {
     public DeviceTypePlatformDetails getDeviceTypePlatformDetails() {
         return null;
     }
+
+    @Override
+    public DeviceEnrollmentInvitationDetails getDeviceEnrollmentInvitationDetails() {
+        return null;
+    }
 }

From 322981fe5a92bb49c423cb554a9a92ea52c63743 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Thu, 13 Aug 2020 12:37:22 +0530
Subject: [PATCH 48/58] Use DEVICE_ENROLLMENT email type to create OTP

---
 .../device/mgt/jaxrs/util/DeviceMgtAPIUtils.java | 16 ++++++----------
 .../device/mgt/common/otp/mgt/OTPEmailTypes.java |  2 +-
 .../mgt/service/OTPManagementServiceImpl.java    |  4 +++-
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
index e3a166dc2b..56f2a76e36 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
@@ -364,16 +364,12 @@ public class DeviceMgtAPIUtils {
      */
     public static synchronized OTPManagementService getOTPManagementService() {
         if (otpManagementService == null) {
-            synchronized (DeviceMgtAPIUtils.class) {
-                if (otpManagementService == null) {
-                    PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
-                    otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
-                    if (otpManagementService == null) {
-                        String msg = "OTP Management service has not initialized.";
-                        log.error(msg);
-                        throw new IllegalStateException(msg);
-                    }
-                }
+            PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
+            if (otpManagementService == null) {
+                String msg = "OTP Management service has not initialized.";
+                log.error(msg);
+                throw new IllegalStateException(msg);
             }
         }
         return otpManagementService;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java
index c4f7ef0689..72bbea982e 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/OTPEmailTypes.java
@@ -18,5 +18,5 @@
 package org.wso2.carbon.device.mgt.common.otp.mgt;
 
 public enum OTPEmailTypes {
-    USER_VERIFY, ENROLLMENT
+    USER_VERIFY, DEVICE_ENROLLMENT
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 8be27f0ec2..ee7db06f15 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -33,6 +33,7 @@ import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitati
 import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
 import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentType;
 import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
+import org.wso2.carbon.device.mgt.common.otp.mgt.OTPEmailTypes;
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
@@ -204,7 +205,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             for (String username : deviceEnrollmentInvitation.getUsernames()) {
                 String emailAddress = DeviceManagerUtil.getUserClaimValue(
                         username, DeviceManagementConstants.User.CLAIM_EMAIL_ADDRESS);
-                oneTimePinDTO = createOneTimePin(emailAddress, "test-type", username, null, tenantId);
+                oneTimePinDTO = createOneTimePin(emailAddress, OTPEmailTypes.DEVICE_ENROLLMENT.toString(), username,
+                        null, tenantId);
                 props.setProperty("first-name", DeviceManagerUtil.
                         getUserClaimValue(username, DeviceManagementConstants.User.CLAIM_FIRST_NAME));
                 props.setProperty("username", username);

From d1c894abfe799e2905dcae5e3fdf1aabee85683b Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Thu, 13 Aug 2020 13:03:43 +0530
Subject: [PATCH 49/58] Modify user enrollment mail template to have enrollment
 steps

---
 .../email/templates/user-enrollment.vm        | 24 ++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
index 0c29e86b4b..1093bad675 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
@@ -14,6 +14,22 @@
    KIND, either express or implied.  See the License for the
    specific language governing permissions and limitations
    under the License.
+
+   Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+
+   Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+   Version 2.0 (the "License"); you may not use this file except
+   in compliance with the License.
+   You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing,
+   software distributed under the License is distributed on an
+   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+   KIND, either express or implied.  See the License for the
+   specific language governing permissions and limitations
+   under the License.
 *#
 <EmailConfig>
     <Subject>You have been invited to enroll your device in Entgra IoT</Subject>
@@ -206,7 +222,13 @@ TkSuQmCC"
                 </p>
                 <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     You have been invited to enrol your device in Entgra IoT Server.
-                    Click <a href="$base-url-https/devicemgt/device/enroll">here</a> to begin device enrolment.</p>
+                    Click <a href="$base-url-https/endpoint-mgt/device/enroll?otp=$otp-token">here</a> to begin device enrolment.</p>
+
+                <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                    Enrollment Steps are as below,
+                </p>
+
+                $enrollment-steps
 
                 <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     Should you need assistance, please contact your administrator.

From d53f56c96b2323c396c9c85b3b93574a42ed4b9a Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Tue, 18 Aug 2020 08:09:39 +0530
Subject: [PATCH 50/58] Complete self registration via OTP service

---
 .../mgt/common/spi/OTPManagementService.java  |  11 +-
 .../mgt/service/OTPManagementServiceImpl.java |  22 +++-
 .../resources/email/templates/user-verify.vm  |   2 +-
 .../resources/email/templates/user-welcome.vm | 101 ++++++++++++++++++
 4 files changed, 131 insertions(+), 5 deletions(-)
 create mode 100644 features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
index 8ecb4de4fd..f63a95ca32 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java
@@ -24,6 +24,8 @@ import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitati
 import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
 
+import java.util.Map;
+
 public interface OTPManagementService {
 
     /**
@@ -44,11 +46,14 @@ public interface OTPManagementService {
     OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException;
 
     /**
-     * Invalidate the OTP
+     * Invalidate the OTP and send welcome mail
      * @param oneTimeToken OTP
-     * @throws OTPManagementException If error occurred while invalidating the OTP
+     * @param email email address
+     * @param properties email properties to add to email body
+     * @throws OTPManagementException if error occurred while invalidate the OTP or send welcome email
      */
-    void invalidateOTP(String oneTimeToken) throws OTPManagementException;
+    void completeSelfRegistration(String oneTimeToken, String email, Map<String, String> properties)
+            throws OTPManagementException;
 
     /**
      * Create OTP token and send device enrollment invitation
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index ee7db06f15..111f9e3591 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -58,6 +58,7 @@ import static org.wso2.carbon.device.mgt.common.DeviceManagementConstants.OTPPro
 import java.sql.Timestamp;
 import java.util.Calendar;
 import java.util.List;
+import java.util.Map;
 import java.util.Properties;
 import java.util.UUID;
 
@@ -150,7 +151,26 @@ public class OTPManagementServiceImpl implements OTPManagementService {
     }
 
     @Override
-    public void invalidateOTP(String oneTimeToken) throws OTPManagementException {
+    public void completeSelfRegistration(String oneTimeToken, String email, Map<String, String> properties)
+            throws OTPManagementException {
+        try {
+            invalidateOTP(oneTimeToken);
+            Properties props = new Properties();
+            properties.forEach(props::setProperty);
+            sendMail(props, email);
+        } catch (OTPManagementException e) {
+            String msg = "Error occurred while completing the self registration via OTP";
+            log.error(msg, e);
+            throw new OTPManagementException(msg, e);
+        }
+    }
+
+    /**
+     * Invalidate the OTP
+     * @param oneTimeToken OTP
+     * @throws OTPManagementException If error occurred while invalidating the OTP
+     */
+    private void invalidateOTP(String oneTimeToken) throws OTPManagementException {
         try {
             ConnectionManagerUtil.beginDBTransaction();
             if (!otpManagementDAO.expireOneTimeToken(oneTimeToken)) {
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
index 18e3a66a01..858503fd8a 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm
@@ -16,7 +16,7 @@
     under the License.
 *#
 <EmailConfig>
-    <Subject>You have been invited to enroll your device in Entgra IoT</Subject>
+    <Subject>Verify email to register with Entgra IoTS</Subject>
     <Body>
     <![CDATA[
     <html>
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm
new file mode 100644
index 0000000000..dfaab5c559
--- /dev/null
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm
@@ -0,0 +1,101 @@
+#*
+    Copyright (c) 2020, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+
+    Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+    Version 2.0 (the "License"); you may not use this file except
+    in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied. See the License for the
+    specific language governing permissions and limitations
+    under the License.
+*#
+<EmailConfig>
+    <Subject>Welcome to Entgra Evaluation Cloud</Subject>
+    <Body>
+    <![CDATA[
+    <html>
+    <head>
+        <title>Entgra IoT Server</title>
+    </head>
+    <body style="color: #666666; background-color:#cdcdcd; padding: 0px; margin: 0px;">
+    <div style="background-color:#cdcdcd; font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; padding: 20px 0px; margin: 0px;">
+        <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
+            <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
+                <div style="display: inline-block; line-height: 0px;">
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
+                </div>
+            </div>
+            <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
+                <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px 20px;">
+                    Hi $first-name,
+                </p>
+                <div>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        Welcome to Entgra Evaluation Cloud!! Entgra server support offers managing Android, iOS and Windows
+                        devices along with a wide range of features that support cooperate (COPE) or personal device (BYOD)
+                        enrollments.
+                    </p>
+                </div>
+                <div>
+                    <h2>Access different portals</h2>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                        Your log-in credentials to any of our portals(endpoint-mgt, store, publisher) are the same as the
+                        email (username) and password you provided during the registration for an evaluation account.
+                    </p>
+                    <h3>Endpoint management portal URL: <a href="$base-url-https/endpoint-mgt/">$base-url-https/endpoint-mgt/</a></h3>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        This is the portal used to send operations and policies to devices and overall management of
+                        the server.
+                    </p>
+                    <h3>Application store portal URL: <a href="$base-url-https/store">$base-url-https/store</a></h3>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        This is an in-house corporate app store where you can host all your corporate applications.
+                        Users may browse apps and install them to their devices if the administrator has made the apps
+                        publicly visible to users. Administrator can install, uninstall and update apps in the user
+                        device or device groups.
+                    </p>
+                    <h3>Application publishing portal URL: <a href="$base-url-https/publisher">$base-url-https/publisher</a></h3>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        The portal for publishing new applications for internal use. This is the developer view of the
+                        enterprise application store that comes with the product.
+                    </p>
+                </div>
+                <div>
+                    <h2>Enroll a device</h2>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        Please find here a set of videos on how to enroll and onboard devices to our Cloud platform.
+                        <a href="https://entgra-documentation.gitlab.io/v4.0.0/docs/product-guide/enrollment-guide/enroll-cloud/">[Cloud Enrollment Guide]</a>
+                        When enrolling a device, Make sure to use the following log-in format:
+                    </p>
+                    <p>
+                        <b>Organisation:</b> $tenant-domain
+                        <b>Username:</b> $email-address
+                        <b>Password:</b> password provided at registration.
+                    </p>
+                </div>
+                <div>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        If you have any further questions, please reach out to us using your registered mail to
+                        <a href="bizdev-group@entgra.io"> bizdev-group@entgra.io.</a> Looking forward to working with you.
+                    </p>
+                    <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
+                        Best Regards,
+                    </p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
+                        Entgra Cloud Team
+                    </p>
+                </div>
+            </div>
+        </div>
+    </div>
+    </body>
+    </html>
+    ]]>
+    </Body>
+</EmailConfig>

From d0b90dba5eca9eed3432e9b0d0840057bed6f487 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Wed, 19 Aug 2020 12:22:56 +0530
Subject: [PATCH 51/58] Update user enrollment email template

---
 .../email/templates/user-enrollment.vm        | 173 +-----------------
 1 file changed, 2 insertions(+), 171 deletions(-)

diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
index 1093bad675..ee2c0382ef 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
@@ -44,176 +44,7 @@
         <div style="width: 86%; max-width: 650px; padding: 2%; background-color: #ffffff; margin: auto; border-radius: 14px;">
             <div style="background-color: #ffebcc; line-height: 0px; border-top-left-radius: 10px; border-top-right-radius: 10px; padding: 10px;">
                 <div style="display: inline-block; line-height: 0px;">
-                    <img src="data:image/png;charset=utf-8;base64,iVBORw0KGgoAAAANSUhEUgAAALkAAAA8CAYAAAA60Bs3AAAABGdBTUEAALGPC/xhBQAACjppQ0NQ
-UGhvdG9zaG9wIElDQyBwcm9maWxlAABIiZ2Wd1RU1xaHz713eqHNMBQpQ++9DSC9N6nSRGGYGWAo
-Aw4zNLEhogIRRUQEFUGCIgaMhiKxIoqFgGDBHpAgoMRgFFFReTOyVnTl5b2Xl98fZ31rn733PWfv
-fda6AJC8/bm8dFgKgDSegB/i5UqPjIqmY/sBDPAAA8wAYLIyMwJCPcOASD4ebvRMkRP4IgiAN3fE
-KwA3jbyD6HTw/0malcEXiNIEidiCzclkibhQxKnZggyxfUbE1PgUMcMoMfNFBxSxvJgTF9nws88i
-O4uZncZji1h85gx2GlvMPSLemiXkiBjxF3FRFpeTLeJbItZMFaZxRfxWHJvGYWYCgCKJ7QIOK0nE
-piIm8cNC3ES8FAAcKfErjv+KBZwcgfhSbukZuXxuYpKArsvSo5vZ2jLo3pzsVI5AYBTEZKUw+Wy6
-W3paBpOXC8DinT9LRlxbuqjI1ma21tZG5sZmXxXqv27+TYl7u0ivgj/3DKL1fbH9lV96PQCMWVFt
-dnyxxe8FoGMzAPL3v9g0DwIgKepb+8BX96GJ5yVJIMiwMzHJzs425nJYxuKC/qH/6fA39NX3jMXp
-/igP3Z2TwBSmCujiurHSU9OFfHpmBpPFoRv9eYj/ceBfn8MwhJPA4XN4oohw0ZRxeYmidvPYXAE3
-nUfn8v5TE/9h2J+0ONciURo+AWqsMZAaoALk1z6AohABEnNAtAP90Td/fDgQv7wI1YnFuf8s6N+z
-wmXiJZOb+DnOLSSMzhLysxb3xM8SoAEBSAIqUAAqQAPoAiNgDmyAPXAGHsAXBIIwEAVWARZIAmmA
-D7JBPtgIikAJ2AF2g2pQCxpAE2gBJ0AHOA0ugMvgOrgBboMHYASMg+dgBrwB8xAEYSEyRIEUIFVI
-CzKAzCEG5Ah5QP5QCBQFxUGJEA8SQvnQJqgEKoeqoTqoCfoeOgVdgK5Cg9A9aBSagn6H3sMITIKp
-sDKsDZvADNgF9oPD4JVwIrwazoML4e1wFVwPH4Pb4Qvwdfg2PAI/h2cRgBARGqKGGCEMxA0JRKKR
-BISPrEOKkUqkHmlBupBe5CYygkwj71AYFAVFRxmh7FHeqOUoFmo1ah2qFFWNOoJqR/WgbqJGUTOo
-T2gyWgltgLZD+6Aj0YnobHQRuhLdiG5DX0LfRo+j32AwGBpGB2OD8cZEYZIxazClmP2YVsx5zCBm
-DDOLxWIVsAZYB2wglokVYIuwe7HHsOewQ9hx7FscEaeKM8d54qJxPFwBrhJ3FHcWN4SbwM3jpfBa
-eDt8IJ6Nz8WX4RvwXfgB/Dh+niBN0CE4EMIIyYSNhCpCC+ES4SHhFZFIVCfaEoOJXOIGYhXxOPEK
-cZT4jiRD0ie5kWJIQtJ20mHSedI90isymaxNdiZHkwXk7eQm8kXyY/JbCYqEsYSPBFtivUSNRLvE
-kMQLSbyklqSL5CrJPMlKyZOSA5LTUngpbSk3KabUOqkaqVNSw1Kz0hRpM+lA6TTpUumj0lelJ2Ww
-MtoyHjJsmUKZQzIXZcYoCEWD4kZhUTZRGiiXKONUDFWH6kNNppZQv6P2U2dkZWQtZcNlc2RrZM/I
-jtAQmjbNh5ZKK6OdoN2hvZdTlnOR48htk2uRG5Kbk18i7yzPkS+Wb5W/Lf9ega7goZCisFOhQ+GR
-IkpRXzFYMVvxgOIlxekl1CX2S1hLipecWHJfCVbSVwpRWqN0SKlPaVZZRdlLOUN5r/JF5WkVmoqz
-SrJKhcpZlSlViqqjKle1QvWc6jO6LN2FnkqvovfQZ9SU1LzVhGp1av1q8+o66svVC9Rb1R9pEDQY
-GgkaFRrdGjOaqpoBmvmazZr3tfBaDK0krT1avVpz2jraEdpbtDu0J3XkdXx08nSadR7qknWddFfr
-1uve0sPoMfRS9Pbr3dCH9a30k/Rr9AcMYANrA67BfoNBQ7ShrSHPsN5w2Ihk5GKUZdRsNGpMM/Y3
-LjDuMH5homkSbbLTpNfkk6mVaappg+kDMxkzX7MCsy6z3831zVnmNea3LMgWnhbrLTotXloaWHIs
-D1jetaJYBVhtseq2+mhtY823brGestG0ibPZZzPMoDKCGKWMK7ZoW1fb9banbd/ZWdsJ7E7Y/WZv
-ZJ9if9R+cqnOUs7ShqVjDuoOTIc6hxFHumOc40HHESc1J6ZTvdMTZw1ntnOj84SLnkuyyzGXF66m
-rnzXNtc5Nzu3tW7n3RF3L/di934PGY/lHtUejz3VPRM9mz1nvKy81nid90Z7+3nv9B72UfZh+TT5
-zPja+K717fEj+YX6Vfs98df35/t3BcABvgG7Ah4u01rGW9YRCAJ9AncFPgrSCVod9GMwJjgouCb4
-aYhZSH5IbyglNDb0aOibMNewsrAHy3WXC5d3h0uGx4Q3hc9FuEeUR4xEmkSujbwepRjFjeqMxkaH
-RzdGz67wWLF7xXiMVUxRzJ2VOitzVl5dpbgqddWZWMlYZuzJOHRcRNzRuA/MQGY9czbeJ35f/AzL
-jbWH9ZztzK5gT3EcOOWciQSHhPKEyUSHxF2JU0lOSZVJ01w3bjX3ZbJ3cm3yXEpgyuGUhdSI1NY0
-XFpc2imeDC+F15Oukp6TPphhkFGUMbLabvXu1TN8P35jJpS5MrNTQBX9TPUJdYWbhaNZjlk1WW+z
-w7NP5kjn8HL6cvVzt+VO5HnmfbsGtYa1pjtfLX9j/uhal7V166B18eu612usL1w/vsFrw5GNhI0p
-G38qMC0oL3i9KWJTV6Fy4YbCsc1em5uLJIr4RcNb7LfUbkVt5W7t32axbe+2T8Xs4mslpiWVJR9K
-WaXXvjH7puqbhe0J2/vLrMsO7MDs4O24s9Np55Fy6fK88rFdAbvaK+gVxRWvd8fuvlppWVm7h7BH
-uGekyr+qc6/m3h17P1QnVd+uca1p3ae0b9u+uf3s/UMHnA+01CrXltS+P8g9eLfOq669Xru+8hDm
-UNahpw3hDb3fMr5talRsLGn8eJh3eORIyJGeJpumpqNKR8ua4WZh89SxmGM3vnP/rrPFqKWuldZa
-chwcFx5/9n3c93dO+J3oPsk42fKD1g/72ihtxe1Qe277TEdSx0hnVOfgKd9T3V32XW0/Gv94+LTa
-6ZozsmfKzhLOFp5dOJd3bvZ8xvnpC4kXxrpjux9cjLx4qye4p/+S36Urlz0vX+x16T13xeHK6at2
-V09dY1zruG59vb3Pqq/tJ6uf2vqt+9sHbAY6b9je6BpcOnh2yGnowk33m5dv+dy6fnvZ7cE7y+/c
-HY4ZHrnLvjt5L/Xey/tZ9+cfbHiIflj8SOpR5WOlx/U/6/3cOmI9cmbUfbTvSeiTB2Ossee/ZP7y
-YbzwKflp5YTqRNOk+eTpKc+pG89WPBt/nvF8frroV+lf973QffHDb86/9c1Ezoy/5L9c+L30lcKr
-w68tX3fPBs0+fpP2Zn6u+K3C2yPvGO9630e8n5jP/oD9UPVR72PXJ79PDxfSFhb+BQOY8/wldxZ1
-AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A
-/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfiCgQQCySRWwG1AAAaeUlEQVR42u19
-d3gU1f7+e6bsbMluNj0EEpIQSGihCigdQQVUFAWR64+iXikKqBdFLqiIClwLggoWREERUAQuihHp
-PfQeSCOQEEJI3STbp5zvH5sEAqQSIt7fvM8zT5LNmdM+7zmfcj47A6hQoUKFir83yF/dgdVZhb1f
-O3t5TJ5L6kFACQjJaWfSbd/fvcWXhJBMVUQq/rYkH34kbcAhi/2jfLcU66vhoGMZAAClQJEkwyXJ
-ip4ln/+7RcicFyMCrqqiUvG3IXnHPYl+kkxXp9ic3cMNgk5WKNwKhQKAggIANIQBQwCWEKTanBgU
-6D1jfGTAp4P8TVZVZCruapL3j09etjvfNjLSIPAypeAIQWqJo+A+f+OGx4LMP3vzzKU8t9xq8YWc
-yTaKHr4cA6X03lSLPXNm68aT340OWa+KTcVdR/LIbQmzi0RpjI5jQ/UMAccQXLS70Ewv7Grnrf/n
-ig7hKdeXp5SSplsTehRK0gYvjvXxZhlQQmATJeS55TOTIgOmf9iqyUZVfCr+cpL33Zc8+JzV+Q0h
-CPbmWQAEFpckUdDjXfyNs37rHBlXXR1ttiW8nivLb3CE+HixDAgBMh2Sq5mO3/RoY99p77YITlLF
-qKLBSf5gfErABZtr02VR6hiq5SFTQKZAutVZNCkqeOqC1o2/qU19lFKm1c6zy686xcf9BF5PAMIz
-BIkWu9wryPvzYIGbuapjhGqvq7jzJKeU8uZNJ3fxDNPBl2e1FICGYXCu2OHs5e/1cbSX7r2vYkOd
-dW7ggw1s805Ruy67xO6hWr7cXk+zux1PhZgXruwYMV0VqYo7RvLW289+mOUWJ5t5VsMTAoYQXLI6
-S9qadMt7BJrmfNSy8ZX6amvQgdSeSTbnYosotQkSNJBBYZUU2SnJad39TbN+vSdypSpaFfVGcn3c
-8aEaMMt0HGP05hlQABZRhkNS9n3SNnTqc6F+B+5U57vtTX7ufIl9Gs+xzY0cA5YQZNrdaKzTHOps
-0r34Q6eII6qIVdSJ5JRS8lV6XrvXz2ZtNmmYAD3jIbdCQdNKHEmvRTea+EHLxjsaahAPHEhZtCvf
-9mxTHa+l8MTXL9hdxVEG4UhCytUH8c++kipqleS1gu734/Emnu1q4lgCAIQAqSVOOjky8P9NjAxY
-00KvdTf0QGJ3nzNqCbPoRKH18eYmnZdb8RwsXXGKjg5m/fd77msxXhW3SvIqMeTQeXLO5g7NcrgO
-Bgl8MEcAGUC2U3QFCvyH67tEftzOqLP81QN68cyl2K1Xixdddos9QrUaKKCwuGU4ZLq7eFC73qrI
-VZJXiaabTycaNVy0RBVYJAVuSV6b/1C7lwgh2XfbwIYeThv5Z27RjAAN35xnCF8iKdAAn2U80HZy
-dfd2WbM9xl/QcAxK8wxqALsss0MjQ6681K55btlnr+46EXYo1+Jj1nCSVZTYB1tHnpseEyZWVc9T
-fxxoaZckhlLgqtOlPTSs3ylCiAgAw+PifS/bnWE+Gl6s7XwUixK/a2jvk4SQSsf0S0Z20Js7jodm
-FduMEYKmiYPS4ky3lNfK32TfNKJ/mh8hRVW10WfdrvZGnhVpJS0oFCRQL7if7xRd0MPXlFdX2UZ+
-+/u9XjzrVijgpFSTOnpgfFXluZpW3G7XudlZTjFaUBRkON2I8dI+emJA29/IXbp613kiLCujd53b
-YFfoI0aOIQWi/BKl9H1CSJUJXwkHElbbBE07kFqMTpQQw7FvAniv7KOtCWn/OZV6eQR0AkCBgiv5
-BwF0q6qawydS1qZZHS0BACV2lAzr1wJACgBsPJr4iL3Augx6ofYT4nQDQ3sHAci58V9ns/NNo7Ye
-Wfvkp2vbQy/4Q9DgBOv0ZMtJCg5fLYDfG1/m9/t5+/Ytj/b4B6vV3HKR7T6QcFzRcFVvDQrFsi2H
-EbhoXdKYVuGvjOvR9s9mPK/UdBg/nrv4wD++jfuzfA4KivHfzKvRjzUJSr5tkqfbXSMbaTWQKaUP
-BZgW/PeeZr/9HVTV0V4xw8jG4xdaGIQQHUNIx92JHwIYVeVNviYFgqZ2DckyeJ3WVWFyTQYRft6A
-wAMAThXZunb8dM1bxyYPm11ZNbzZyw0N7yGYwEOH8uMAsGYTBWEAbS37RgC4RAC4yVdq9OnahbGL
-1o+SjDozGvneTFAegE4DAH7bL1wZpp29rF/Ud3FLU8cOmnZjXayvSVJ4jgOl1fYnx+aI/iA+Ie6r
-jfv3Ukp7E0KqJTqllDO8+c2HCPK59qHJgBmrtj0HYNptkZxSqm289UxjBRRZLtFl5tkZ9UFAmrop
-BgvG90JGUTTgGwMGOlBaAj7/IJpFXcK8IyuqUq81ki8h7vdSsl9ZdCH3JxPH4EyJo/epYjsXa9JX
-EXGhpRcBGAJYnYAsV92QJEN0ubVVltFqcKyg5J17V209Ef90/18ra7mcJDeMXHY4GdicqEAiSgGd
-gHKtQwC4JUCUUEETudw3yTvsw5VfZViKX4CPEVAUz82iCDjcAMcACvXUbzJ4fjIMRKPeh1zObV3p
-tJWBYYCiWxxCC7xnkTIMoGFQFOTbI/LTX3YD6FGdLCdtPhzg5Ng2IOS6OaK4KMoTKKVvEkLcdSb5
-sSJHlEKhpQDssuJad0+E1OR2yP32kJbISvsGTz7UBt4wwQSAK/QIiAKw4VHsOQr0It/RKb0/Qyuv
-OWTc77l1bW9GVNDGxRdzAc/cmLflWTkANQsrOlwYHNtsxsCoxiddslLpfLlkme8S4HN8cdW7BeBt
-wLGTqV98d+p8/NjYZrUaU9eIRomZAc4vzQJvK6uPZxnxaHbBYy5RigEhgKwg3M97fYhJnywqlCvl
-PS12S2YAxWV1xXy29tnEwqIXYNCXEhzgSuxSgI9p/bZJT85radAWFgL85B3H+/+8/cizbp22E7Q8
-ghX5ZMrM0Q/XZN5e6d/5Xza3xBCAEoAShpD159IHFOUU9nF46Tz2BkNw4Up+90FrtveJG9ZvZ5Wm
-XGbOD4qXlrlRU9jconHAT9veADC7ziTnCBSAlnmpxCopdY6v42m/PxC34T6EwYjwW2yeACAACPRo
-QGTuehlbMYlu/OAZ8vDrq+u8oV/3G1+b3osykgqK439v07N+4v6yApe/d8jYNTvOUUoblTmVNcGO
-Yf0OALjpcE2z4OcekBWAYwGZwp9nv94/ov+mmyZhjOfnJac7MnTWt1/C37t0hybQFpRktI1q3Ozw
-mEFSqykVbksGsPiLEyltJqzeevjK3PH3khmjq++sJGF+j9jPb7G7fgwA5ve/L7LoBBMUBfA1Iely
-XjsAlZJ8Y3p2+MOL13dBgBkgBJwoQ2JKNYa3AQdPpU184ff97349+L6bND/TULYxpSlGdDPFo7jg
-QTSBEXJNSQEgGizmv76CvtBu6f9MLMuo84tetG51/cztdXIkgIZh2KrK3/f52pdg9uLLFj1rd2Js
-/87tD48ZVKl2m9C++Rk6d7yBEOKqj+gdZ9L/Aaer3LQxa/j2VWrjX/cOhZ/J6AkV2TC6Q9SYzgHm
-DVAUQFZQ4qUL6B0eckuTp8FIjoG9NyKwpCs0qEVgrswjB+ANFudOPkPH9HyzQYnpMQkc9VFVsIYH
-keRSW59Bcq7l8QeW/PZKQ681p1scAQ1f7ks0NxnmfdGnQ2EN/Bul3qaVY8VrZgcFKK1So12wOt4G
-ywKEQCvw1qUPdl0+Kqbp60QqtbV4lhm3YfcPtxVdua0BPey/EM6sXtDeTiUA/KFB6p7ZdMd3W0nf
-sfENwgijHlkW6y+Bn/9C6a03JlpsdwZnTRke6yfwiVUtlvuDfB85dTG7x2lFeR0MITAZyOasvPmL
-TyT/OrF9i/MNRfIChgkGLeWrpQRP9ev92zs3lHlrxzHvFUkZkcotwqgMKIhCpfMTHj9dZ3HmFnWD
-l9bj3MoKrrrF45WVHbFh7/jVR5NM4DmAUnT2835nL4DoRv7nBZsj0ymYwkAIrHZn00d/3tHm1+F9
-zzToTk4p9YE9byKM9VFZqa0+ddJndP1HXEORokiUGuc4xSa5TvetrlCX083bKa12LinDxJx+feQb
-3pJUCJbx2MNGHV5ZvW3Lw7/s0DWMYqKhsiSTcm3KspjVOSbtxnJWp/uhtFzLsYv5RTddaXlFx87n
-Wk7VwAvSUUp1lFItpVQLAItPpz3GvvOtvUCriUJp6gXyioqGt4s6VFlVmw+fmwofL88fOYXo1So8
-DgAeDA+WB3dqsQRWh2cufUxw2uyvNLy5MjbsO/DgQOupPgWAv7UDdAExf5k9fePnxHOaV9Oq3n2o
-ayyy8qwgnhtdfuaIfQkXD1Vnx9YTaiZzllUg8ICguXZp+IpXVfDSgsxdUUjmrbCTeSscZN4KB+b+
-QCf+une9rNfqwBDPQnCJ6NM6YtX8fp2O3qqaNYkXuxTohHDICqBQdGgZvmFOz3Zny/6/dmif90xa
-Pr8srLg59fIzJ/MtYbWPk9d111g2zQuffNwZUaUOZH1BAwar3l4KoGstlsY1x782A6IK/EAOCaKc
-Rwi5JUGoTI0ylBrn7UzuGH15+u4TQz/YeXyT7KVjoFAUarg2TT9a9Yq3oMmAzRl7x9YqIelk7g/X
-ZCrL+OBkSlMAFVIzCFV4iDJI6W5LAU/0pjabkcBVTiJKAasDETy3eOeYgS9WVs2LG+O/AseWN6wV
-uFR8tGoEIR5VQRUq6TnmYrFC/QAABq1m+I9bngfwVq1I7sWx13vdNNqgrZkDsvUbAX5KMJRKJkG6
-kX61wNmLkZRSpibO0PTErCfL51ihYoi25sfIsLlgDguaev7ZwXuqKhY569ladX9ur/ZbDHNXfG2z
-OcdDJwA8h3RRmp+eawHYO6tgzUB+ISF+HnPJgPd2HO8L4GCFON+DXVcCWFk2b4Uul6/PRz/lQahF
-ANYtU0+InACsx9ku7wPPZRa+PfaeqvKe7l+5NXx7Qlp7+JrKQ53xl3L+BZleWzOUIpvynkM7zyrA
-VatjUgWSt9t59ufqVOQTR9I4L46FQoFwnaDtuPvcstidZ5mqbrLofUwz45cefW/LTFJhFRMAxcD2
-tr2x4L5XIAtaEFp7XcGKbv+LuxOXt9t5lqms/xwhYobT3fj7SwV9vDgGVklBMy/t7uEhPrVKBSZ3
-yEG3TX9mQuzCNWGnJHkQKAX4hnEzNBR/gmIkAEDgYbU63gMwr6p7fD9f7wCphSnlcOH9AZ1byqKs
-tbhE14GMqxP2X8qZDIMn+mApKPZdnphxkwapsBgJJlEfY8UTXo6rWhqKAoskm0dv3Pfa8oe7fwgA
-nEVShlVnqrAE4Eq9bI5AyBeVf1Q32gKJgEj2wTdNix2Y88A0vD3wHQQWXwGj1G0rp4QB57I+U9X6
-pABMHOfZRAiByy1lpA9qM6a2VCKoN4/iJrw9os8Tzy2Jy7ToBD9Q2iAkf+3BexZNXbNjJPzNAKWg
-Wg2rnfVtouPtsR0IIbcMlyqvPqUlc3+ohblC8e+urVMJIWWG6pTgOd93ymaY7lAUwNtLP+HnbT8B
-FY4Er3eQvcnMr1+Fj8lju0uSJ8+CVh69Ks/5MWjxY3zC5CN5hfM7+/vInF2unmQcITBynvoJAZyy
-cu0IvhKIsoRCcouYoRVY0nkUAjPPQGI1tyUssQYeg7O0zyUuaUdcz+ix405mlNSqEY6FXZI6NF26
-kaVVkNAty0zXYL/CDUN61uord08EBThXJ6S1GbFqaxp8TLqGIPrUTjH7Oy1a9+lRq2MyWAYgBE6j
-Ppq89Y09+OPVL0eGBx9+JDIkN8fu5Hdl5vrlX8nvQt5d/hEM2go5IzXw5JjrvbGnerYfvfCP+DPw
-M2lBKRw8H3rfF//9Yd/4IaNuzFFq/vnaiTDoymP5EbzmmwuvDn+hyiZnLnHB7KUBBSSDtsmKw4kR
-AFK5mc2D51RDcDHF7rxv7RXLAB3DIN8t2z9t0+SxIlE2VbXDOQWDJjavsYg/sQa667ZbGRjXq8Xj
-fhkFUFjmjhqfMgUxcIxzdBPfo4SQ7D51qUQn4HKOZT4kpWqjTpaRxXKbAAysbRMjWkdm/3vPySlz
-dhz7HHqtpiF286MvDp3CzFzyqGLSh4MpDWd6eyFbURZkH0/B/sOJnvFyrCdBSy9cI7asgHGJ52ur
-gxf2jD3/6u/xI+efSvkFPM9A4Jn9OQXPdF8WNxfA2QqmnN05AVrBk1djsWLKsD7LX66m/pGdoj9Z
-mZg+DTwHcCziLl5dDaAzNyUysNqMwgOF1n6rLhcO0LNAgShJPXwNO8N0QrU5F3Radx8UcTIMElfu
-YOqAN0YHG8jK/B8bKvo35nbihZTWLLVVVsDrNWJd+zinZ7slPv9Z0b7Q4ZoIndAg8yK/+3xU+Fcb
-fkvPuDoAAd4cZOpRe2avW8e9KQVyLRjYpdWcuKG93iI3Ots1sNjnD753feCHK0/myHIHsCxg0OFA
-8qU9iTZn6xiDNhsAnvt9/4Slh86Fwug54WzbJGD/yx2j91VX94+P9Zy+bvb5KU6B1wIMki9kdXpx
-y6FWTA13xAqxoxJJrpkDMm+vBTo2sUK+ny+AQvdbuIuhlDgUlDgAa20uO9x2V4UjL8nuMqDEXl5G
-cbkNVbVbOO2ZF5sKmr2wlt5TYoe7Bk6vbHPoy/tRYgcnSjWK9RFC5PTxjw1q2yKsXzuO+wk2pyc9
-1uoAHC7A7gSKbECxDRpFERuL8tRRQ3qG/fFE7xnX2drXxlts58r7UWwHgFv24+rUp/voi+w5sJXO
-i6DxjX1/+WYAGLVhD7Ns+7GXQYinnux8BHnp3q3heKiPwP+JvCLPvQYdth5LWVEjsu4rsA4YeiRt
-s5lnkWJzFZ/uHRPQ2qivUYSC/jj3CSyZ/gvMFZ1PaJvEkV8zB9fJ6Sy5ZMbxfUWk14g7YsAmuKXw
-VjxLanNE4AYYDVBCCMm9znkKKATMPp7sboYBrrCVOHYAMOdAApnetRVbAET4AuJlwNCEkITq2nZR
-2oQCggDIdoC1ApeCKsmtrnJeKdUuT828d9XptE5pFluwSeAcvZsGn53Wve3RIEKSq7s/n9IWvqVf
-zEiVZK/mPHemsrLplDYOw7VMpo1ZecF9/UzHd2Tlu/0DzLHdvHQWAOSo02XurNOeqMUYNBdkJSqC
-ZewAkCJK3B0nOQDQXqHbEXipb4UdXYYEUZ+LP7IjCTHV6KlatAs49Lt/Ag5sG0F2ojtUqKgBGiYL
-8ctPRuECKipeFhwEeyPcF5BGxzZeTSltVMnK9KPzBr5H72f2wMi5sCvpaZXgKmoVIGuIRkirJzPp
-win344eF29D0uqASARDiaoTMy0/hfjKcDgnKBKPPAyUSoAigxSHoT/whAzACcPmn45PXhqDbFFVy
-Ku4ukgMAmbJwOz29rjueH7YFAbIOGhAopYQ3lFKeuRoKILSCl24CYAdFjvdBxC24Hx8vdahiU1Hv
-5oqoUI5cd9ikqWN4m7Qdup8clA3wb/EHkm/RunLD5QaQCAf6DZxBDhbdS/xG2smcbVQVm4p638kj
-9UJ6aUYpQMHsL7Cxt9MoWZY8mH4xIhQZ0hjkHHsKaWmtYb3OhPFj3IjotAduLMR/xu0mrZ8vUkWl
-os58q2nBkC2nqZFj4JIpHeBvfGBJ+6Zb67Mj9Oqh5sjN0qJ1zyJC/DLuxGBXXMpvOfd8TluXrLRm
-GOKDO5iTouLugJZBzb91H7rp1DmdwMUolCLLKZZsvCcysl9A3R/11VCYlHDJr8ApjTtgsY++YHc1
-DxR4omUIOEYlwP/+Dk6gY2qROhlfaOvXZ0/itqZeWnAMQZLVZV3TKfyhoY189t2tg7x3b9JXh/NL
-/tnMqIcCSspUFwUgUgqi8uB/HjqWqZ2cu+5J/ORUsWNKmE5DKIASUaY2Ud68ukvkS4MCvVPvloF1
-25M0K9HqmGzmOR+BZUBAkeeWqUOWSZRBi+Z6zRo3xR6WkLo8O0DF3wgsgVTrzazrnsRVKVbXCJOG
-hVCqCi45RAQJ3NLP2obNGhxo+steFX7v3uS+lx2uZVZFCQvUeHzqHJcMH561+/LMukM9YyYRQiyq
-6FXHs3onkVJzxNYz6cUyNfnyLEjplxJSiux4ISJgkp9W8/X70Y0a7EH8gw6mNkqyuX7Ld4rtQ/Qa
-VlIoFFCk29ziI4189q/rHNFHFfX/v6iT+0UIsVzo38ZnXFO/zlfcImySAgKKZiYdtudbP52TdCXj
-6WMXxjTEANrsOPvrngJbJgN0CtDyLKUUyVYXuvkY9ojFbp1KcBWkfoiWMMIqKauKFYUG8BwBASyi
-Arcsn5vaPPjVGVHBm+q741E7EmYWuqR/GTjWrGMJOMIgtcSBWLM+fYC/afScliG7VPGqqDeSl6HL
-7sTNaQ73AAPLQMsSsCDIsDrFcC/hv+EG7YyNXZql3G4b/fclPZRkdy91U4T48Gz561I0lOYMC/Ob
-/kmrJt+qYlVxx0hehohtZ5IL3HLzwNLnbmgYgmSrCz39vVa2N+qen9+6Sa3zT4I3n/Z2yMoJnkG4
-v6b0SywAkm0u+eXIwF8WtG4yQhWnigYjOQDMTsqK+DO3JO1okR2RegEipaAUuGR3Xu4fZP7m9y7N
-ZtXQyTVGbU9YWSjJg/x4zxEOSwgSC614Ksx/aZ6svLyta5T6ynEVDU/yMnTbm/RMrktcVuCW2WAt
-Dwqg2C1BAr3Qwdvwzp/dopYPO3KBrOkccVO82ifuxPscQ6boONagZQhYQnDR4UYHo/bk5GZBz48I
-8VFfRqviryf5vNRs8kZUMB1y+Pyy+ALbaJ4h8OIYEBBkOd0IEfjjWo55en+P6GwdIdZtecW+c1Ku
-dj1SZF/ny3O8wDKglMIqyrCIctI/wvxmL4kNU18rruLuIfmNGHTofPLmK5ao5iYdkSgFRwiuuEQU
-uSVoWQYOmSJEx8OL9bzlWQKQWezA910iJz4d4vuFKjIVdz3JAeChg6kBLHAg7mpRZIxRC/m690CV
-pfRSj1OJQYGmBUMamd8dF+ZfoIpLRV3A/RWNdjDp8ua2bNxs4umMZ/fn20bnSlIvq6SAwvPcRl+e
-g47B1+f6tpzd0kt3OU6Vk4r/BVhFuf15q6s7pbSFOhsqVKhQoUKFimv4P3pRW/CTrAdBAAAAAElF
-TkSuQmCC"
-                         alt="entgra.io"/>
+                    <img alt="entgra" src="https://storage.googleapis.com/cdn-entgra/logo.png" height="50px" width="143px" />
                 </div>
             </div>
             <div style="background-color: #ffffff; line-height: 170%; color: #666666; padding: 20px 25px;">
@@ -222,7 +53,7 @@ TkSuQmCC"
                 </p>
                 <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     You have been invited to enrol your device in Entgra IoT Server.
-                    Click <a href="$base-url-https/endpoint-mgt/device/enroll?otp=$otp-token">here</a> to begin device enrolment.</p>
+                    Click <a href="$base-url-https/endpoint-mgt/devices/enroll?token=$otp-token">here</a> to begin device enrolment.</p>
 
                 <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     Enrollment Steps are as below,

From b1845d9b42afd020679c7b3cc9845d7bb9bdbc50 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Wed, 19 Aug 2020 08:24:55 +0530
Subject: [PATCH 52/58] Update user welcome mail body

---
 .../mgt/core/DeviceManagementConstants.java   |  1 +
 .../mgt/service/OTPManagementServiceImpl.java |  2 +-
 .../resources/email/templates/user-welcome.vm | 25 ++++++++-----------
 3 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
index afa9dfd767..b09d6fad9d 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementConstants.java
@@ -117,6 +117,7 @@ public final class DeviceManagementConstants {
         public static final String USER_REGISTRATION_TEMPLATE = "user-registration";
         public static final String USER_ENROLLMENT_TEMPLATE = "user-enrollment";
         public static final String USER_VERIFY_TEMPLATE = "user-verify";
+        public static final String USER_WELCOME_TEMPLATE = "user-welcome";
         public static final String DEFAULT_ENROLLMENT_TEMPLATE = "default-enrollment-invitation";
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index 111f9e3591..9b25987e84 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -157,7 +157,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
             invalidateOTP(oneTimeToken);
             Properties props = new Properties();
             properties.forEach(props::setProperty);
-            sendMail(props, email);
+            sendMail(props, email, DeviceManagementConstants.EmailAttributes.USER_WELCOME_TEMPLATE);
         } catch (OTPManagementException e) {
             String msg = "Error occurred while completing the self registration via OTP";
             log.error(msg, e);
diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm
index dfaab5c559..5ce4611964 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-welcome.vm
@@ -43,41 +43,38 @@
                     </p>
                 </div>
                 <div>
-                    <h2>Access different portals</h2>
-                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
-                        Your log-in credentials to any of our portals(endpoint-mgt, store, publisher) are the same as the
-                        email (username) and password you provided during the registration for an evaluation account.
-                    </p>
-                    <h3>Endpoint management portal URL: <a href="$base-url-https/endpoint-mgt/">$base-url-https/endpoint-mgt/</a></h3>
+                    <h3>Access different portals</h3>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">Your log-in credentials to any of our portals(endpoint-mgt, store, publisher) are,</p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"><b>Username: </b> $portal-username</p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"><b>Password: </b> password provided at registration for an evaluation account.</p>
+                    <h4>Endpoint management portal URL: <a href="$base-url-https/endpoint-mgt/">$base-url-https/endpoint-mgt/</a></h4>
                     <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
                         This is the portal used to send operations and policies to devices and overall management of
                         the server.
                     </p>
-                    <h3>Application store portal URL: <a href="$base-url-https/store">$base-url-https/store</a></h3>
+                    <h4>Application store portal URL: <a href="$base-url-https/store">$base-url-https/store</a></h4>
                     <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
                         This is an in-house corporate app store where you can host all your corporate applications.
                         Users may browse apps and install them to their devices if the administrator has made the apps
                         publicly visible to users. Administrator can install, uninstall and update apps in the user
                         device or device groups.
                     </p>
-                    <h3>Application publishing portal URL: <a href="$base-url-https/publisher">$base-url-https/publisher</a></h3>
+                    <h4>Application publishing portal URL: <a href="$base-url-https/publisher">$base-url-https/publisher</a></h4>
                     <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
                         The portal for publishing new applications for internal use. This is the developer view of the
                         enterprise application store that comes with the product.
                     </p>
                 </div>
                 <div>
-                    <h2>Enroll a device</h2>
+                    <h3>Enroll a device</h3>
                     <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">
                         Please find here a set of videos on how to enroll and onboard devices to our Cloud platform.
                         <a href="https://entgra-documentation.gitlab.io/v4.0.0/docs/product-guide/enrollment-guide/enroll-cloud/">[Cloud Enrollment Guide]</a>
                         When enrolling a device, Make sure to use the following log-in format:
                     </p>
-                    <p>
-                        <b>Organisation:</b> $tenant-domain
-                        <b>Username:</b> $email-address
-                        <b>Password:</b> password provided at registration.
-                    </p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"><b>Organisation:</b> $tenant-domain</p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"><b>Username:</b> $agent-username</p>
+                    <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"><b>Password:</b> password provided at registration.</p>
                 </div>
                 <div>
                     <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 20px 0px 5px;">

From 8aeb4d22eabf6e5329b569022138c7f6fc5ca148 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Fri, 21 Aug 2020 09:18:55 +0530
Subject: [PATCH 53/58] Improve code formatting

---
 .../framework/authenticator/OneTimeTokenAuthenticator.java       | 1 -
 1 file changed, 1 deletion(-)

diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
index 472fb6d302..9d290c51da 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java
@@ -88,5 +88,4 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator {
         return null;
     }
 
-
 }

From b15ae2c48c49ac97d2875f7ad3426ac7ae725493 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Tue, 25 Aug 2020 12:04:23 +0530
Subject: [PATCH 54/58] Add unrestricted roles editing functionality

---
 .../mgt/core/impl/ApplicationManagerImpl.java |   4 +-
 .../ApssTable/AppDetailsDrawer/index.js       | 243 ++++++++++++++++--
 2 files changed, 218 insertions(+), 29 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/ApplicationManagerImpl.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/ApplicationManagerImpl.java
index bad405cb38..1404c0c912 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/ApplicationManagerImpl.java
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/ApplicationManagerImpl.java
@@ -2029,8 +2029,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
                     appUnrestrictedRoles = applicationUpdateWrapper.getUnrestrictedRoles();
                 } else {
                     List<String> addingRoleList = getDifference(applicationUpdateWrapper.getUnrestrictedRoles(),
-                            applicationDTO.getUnrestrictedRoles());
-                    List<String> removingRoleList = getDifference(applicationDTO.getUnrestrictedRoles(),
+                            appUnrestrictedRoles);
+                    List<String> removingRoleList = getDifference(appUnrestrictedRoles,
                             applicationUpdateWrapper.getUnrestrictedRoles());
                     if (!addingRoleList.isEmpty()) {
                         visibilityDAO.addUnrestrictedRoles(addingRoleList, applicationId, tenantId);
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
index 32b5031d6a..fca189fe3c 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
@@ -18,6 +18,7 @@
 
 import React from 'react';
 import {
+  Alert,
   Drawer,
   Select,
   Avatar,
@@ -84,6 +85,7 @@ const formats = [
 class AppDetailsDrawer extends React.Component {
   constructor(props) {
     super(props);
+    this.config = this.props.context;
     const drawerWidth = window.innerWidth <= 770 ? '80%' : '40%';
 
     this.state = {
@@ -92,14 +94,18 @@ class AppDetailsDrawer extends React.Component {
       description: null,
       globalCategories: [],
       globalTags: [],
+      globalUnrestrictedRoles: [],
       categories: [],
       tags: [],
+      unrestrictedRoles: [],
       temporaryDescription: null,
       temporaryCategories: [],
       temporaryTags: [],
+      temporaryUnrestrictedRoles: [],
       isDescriptionEditEnabled: false,
       isCategoriesEditEnabled: false,
       isTagsEditEnabled: false,
+      isUnrestrictedRolesEditEnabled: false,
       drawer: null,
       drawerWidth,
     };
@@ -114,31 +120,39 @@ class AppDetailsDrawer extends React.Component {
     ) {
       this.getCategories();
       this.getTags();
+      this.getUnrestrictedRoles();
     }
   }
 
   componentDidUpdate(prevProps, prevState, snapshot) {
     if (prevProps.app !== this.props.app) {
-      const { name, description, tags, categories } = this.props.app;
+      const {
+        name,
+        description,
+        tags,
+        categories,
+        unrestrictedRoles,
+      } = this.props.app;
       this.setState({
         name,
         description,
         tags,
         categories,
+        unrestrictedRoles,
         isDescriptionEditEnabled: false,
         isCategoriesEditEnabled: false,
         isTagsEditEnabled: false,
+        isUnrestrictedRolesEditEnabled: false,
       });
     }
   }
 
   getCategories = () => {
-    const config = this.props.context;
     axios
       .get(
         window.location.origin +
-          config.serverConfig.invoker.uri +
-          config.serverConfig.invoker.publisher +
+          this.config.serverConfig.invoker.uri +
+          this.config.serverConfig.invoker.publisher +
           '/applications/categories',
       )
       .then(res => {
@@ -171,12 +185,11 @@ class AppDetailsDrawer extends React.Component {
   };
 
   getTags = () => {
-    const config = this.props.context;
     axios
       .get(
         window.location.origin +
-          config.serverConfig.invoker.uri +
-          config.serverConfig.invoker.publisher +
+          this.config.serverConfig.invoker.uri +
+          this.config.serverConfig.invoker.publisher +
           '/applications/tags',
       )
       .then(res => {
@@ -201,17 +214,46 @@ class AppDetailsDrawer extends React.Component {
       });
   };
 
+  getUnrestrictedRoles = () => {
+    axios
+      .get(
+        window.location.origin +
+          this.config.serverConfig.invoker.uri +
+          this.config.serverConfig.invoker.deviceMgt +
+          '/roles',
+      )
+      .then(res => {
+        if (res.status === 200) {
+          const globalUnrestrictedRoles = res.data.data.roles;
+
+          this.setState({
+            globalUnrestrictedRoles,
+            loading: false,
+          });
+        }
+      })
+      .catch(error => {
+        handleApiError(
+          error,
+          'Error occurred while trying to load roles.',
+          true,
+        );
+        this.setState({
+          loading: false,
+        });
+      });
+  };
+
   // change the app name
   handleNameSave = name => {
-    const config = this.props.context;
     const { id } = this.props.app;
     if (name !== this.state.name && name !== '') {
       const data = { name: name };
       axios
         .put(
           window.location.origin +
-            config.serverConfig.invoker.uri +
-            config.serverConfig.invoker.publisher +
+            this.config.serverConfig.invoker.uri +
+            this.config.serverConfig.invoker.publisher +
             '/applications/' +
             id,
           data,
@@ -288,7 +330,6 @@ class AppDetailsDrawer extends React.Component {
 
   // change app categories
   handleCategorySave = () => {
-    const config = this.props.context;
     const { id } = this.props.app;
     const { temporaryCategories, categories } = this.state;
 
@@ -301,8 +342,8 @@ class AppDetailsDrawer extends React.Component {
       axios
         .put(
           window.location.origin +
-            config.serverConfig.invoker.uri +
-            config.serverConfig.invoker.publisher +
+            this.config.serverConfig.invoker.uri +
+            this.config.serverConfig.invoker.publisher +
             '/applications/' +
             id,
           data,
@@ -363,7 +404,6 @@ class AppDetailsDrawer extends React.Component {
 
   // change app tags
   handleTagsSave = () => {
-    const config = this.props.context;
     const { id } = this.props.app;
     const { temporaryTags, tags } = this.state;
 
@@ -376,8 +416,8 @@ class AppDetailsDrawer extends React.Component {
       axios
         .put(
           window.location.origin +
-            config.serverConfig.invoker.uri +
-            config.serverConfig.invoker.publisher +
+            this.config.serverConfig.invoker.uri +
+            this.config.serverConfig.invoker.publisher +
             '/applications/' +
             id,
           data,
@@ -385,6 +425,7 @@ class AppDetailsDrawer extends React.Component {
         .then(res => {
           if (res.status === 200) {
             const app = res.data.data;
+            this.props.onUpdateApp('tags', temporaryTags);
             notification.success({
               message: 'Saved!',
               description: 'App tags updated successfully!',
@@ -416,9 +457,75 @@ class AppDetailsDrawer extends React.Component {
     }
   };
 
+  enableUnrestrictedRolesEdit = () => {
+    this.setState({
+      isUnrestrictedRolesEditEnabled: true,
+      temporaryUnrestrictedRoles: this.state.unrestrictedRoles,
+    });
+  };
+
+  disableUnrestrictedRolesEdit = () => {
+    this.setState({
+      isUnrestrictedRolesEditEnabled: false,
+    });
+  };
+
+  handleUnrestrictedRolesChange = temporaryUnrestrictedRoles => {
+    this.setState({ temporaryUnrestrictedRoles });
+  };
+
+  handleUnrestrictedRolesSave = () => {
+    const { id } = this.props.app;
+    const { temporaryUnrestrictedRoles, unrestrictedRoles } = this.state;
+
+    temporaryUnrestrictedRoles
+      .filter(x => !unrestrictedRoles.includes(x))
+      .concat(
+        unrestrictedRoles.filter(x => !temporaryUnrestrictedRoles.includes(x)),
+      );
+
+    const data = { unrestrictedRoles: temporaryUnrestrictedRoles };
+    axios
+      .put(
+        window.location.origin +
+          this.config.serverConfig.invoker.uri +
+          this.config.serverConfig.invoker.publisher +
+          '/applications/' +
+          id,
+        data,
+      )
+      .then(res => {
+        if (res.status === 200) {
+          const app = res.data.data;
+          this.props.onUpdateApp(
+            'unrestrictedRoles',
+            temporaryUnrestrictedRoles,
+          );
+          notification.success({
+            message: 'Saved!',
+            description: 'App unrestricted roles updated successfully!',
+          });
+          this.setState({
+            loading: false,
+            unrestrictedRoles: app.unrestrictedRoles,
+            isUnrestrictedRolesEditEnabled: false,
+          });
+        }
+      })
+      .catch(error => {
+        handleApiError(
+          error,
+          'Error occurred while trying to update unrestricted roles.',
+          true,
+        );
+        this.setState({
+          loading: false,
+        });
+      });
+  };
+
   // handle description save
   handleDescriptionSave = () => {
-    const config = this.props.context;
     const { id } = this.props.app;
     const { description, temporaryDescription } = this.state;
 
@@ -430,8 +537,8 @@ class AppDetailsDrawer extends React.Component {
       axios
         .put(
           window.location.origin +
-            config.serverConfig.invoker.uri +
-            config.serverConfig.invoker.publisher +
+            this.config.serverConfig.invoker.uri +
+            this.config.serverConfig.invoker.publisher +
             '/applications/' +
             id,
           data,
@@ -469,7 +576,6 @@ class AppDetailsDrawer extends React.Component {
   };
 
   render() {
-    const config = this.props.context;
     const { app, visible, onClose } = this.props;
     const {
       name,
@@ -478,13 +584,17 @@ class AppDetailsDrawer extends React.Component {
       isDescriptionEditEnabled,
       isCategoriesEditEnabled,
       isTagsEditEnabled,
+      isUnrestrictedRolesEditEnabled,
       temporaryDescription,
       temporaryCategories,
       temporaryTags,
+      temporaryUnrestrictedRoles,
       globalCategories,
       globalTags,
+      globalUnrestrictedRoles,
       categories,
       tags,
+      unrestrictedRoles,
     } = this.state;
     if (app == null) {
       return null;
@@ -502,7 +612,7 @@ class AppDetailsDrawer extends React.Component {
           style={{
             marginBottom: 10,
             borderRadius: '28%',
-            backgroundColor: pSBC(0.5, config.theme.primaryColor),
+            backgroundColor: pSBC(0.5, this.config.theme.primaryColor),
           }}
         >
           {avatarLetter}
@@ -543,9 +653,9 @@ class AppDetailsDrawer extends React.Component {
                     <Menu.Item key="1">
                       <RetireApp id={id} isHideableApp={app.isHideableApp} />
                     </Menu.Item>
-                    {config.androidEnterpriseToken !== null &&
+                    {this.config.androidEnterpriseToken !== null &&
                       isAuthorized(
-                        config.user,
+                        this.config.user,
                         '/permission/admin/device-mgt/enterprise/user/modify',
                       ) && (
                         <Menu.Item key="2">
@@ -682,7 +792,7 @@ class AppDetailsDrawer extends React.Component {
                 !isDescriptionEditEnabled && (
                   <Text
                     style={{
-                      color: config.theme.primaryColor,
+                      color: this.config.theme.primaryColor,
                       cursor: 'pointer',
                     }}
                     onClick={this.enableDescriptionEdit}
@@ -738,7 +848,7 @@ class AppDetailsDrawer extends React.Component {
                 !isCategoriesEditEnabled && (
                   <Text
                     style={{
-                      color: config.theme.primaryColor,
+                      color: this.config.theme.primaryColor,
                       cursor: 'pointer',
                     }}
                     onClick={this.enableCategoriesEdit}
@@ -786,7 +896,7 @@ class AppDetailsDrawer extends React.Component {
                 {categories.map(category => {
                   return (
                     <Tag
-                      color={pSBC(0.3, config.theme.primaryColor)}
+                      color={pSBC(0.3, this.config.theme.primaryColor)}
                       key={category}
                       style={{ marginBottom: 5 }}
                     >
@@ -805,7 +915,7 @@ class AppDetailsDrawer extends React.Component {
                 !isTagsEditEnabled && (
                   <Text
                     style={{
-                      color: config.theme.primaryColor,
+                      color: this.config.theme.primaryColor,
                       cursor: 'pointer',
                     }}
                     onClick={this.enableTagsEdit}
@@ -859,6 +969,85 @@ class AppDetailsDrawer extends React.Component {
                 })}
               </span>
             )}
+
+            <Divider dashed={true} />
+            <Text strong={true}>Unrestricted Roles</Text>
+            <Authorized
+              permission="/permission/admin/app-mgt/publisher/application/update"
+              yes={
+                !isUnrestrictedRolesEditEnabled && (
+                  <Text
+                    style={{
+                      color: this.config.theme.primaryColor,
+                      cursor: 'pointer',
+                    }}
+                    onClick={this.enableUnrestrictedRolesEdit}
+                  >
+                    <Icon type="edit" />
+                  </Text>
+                )
+              }
+            />
+            <br />
+            <br />
+            {!unrestrictedRoles.length && (
+              <Alert
+                message="Application is not restricted to any roles."
+                type="info"
+                showIcon
+              />
+            )}
+            {isUnrestrictedRolesEditEnabled && (
+              <div>
+                <Select
+                  mode="multiple"
+                  style={{ width: '100%' }}
+                  placeholder="Please select unrestricted roles"
+                  onChange={this.handleUnrestrictedRolesChange}
+                  value={temporaryUnrestrictedRoles}
+                >
+                  {globalUnrestrictedRoles.map(unrestrictedRole => {
+                    return (
+                      <Option key={unrestrictedRole}>{unrestrictedRole}</Option>
+                    );
+                  })}
+                </Select>
+                <div style={{ marginTop: 10 }}>
+                  <Button
+                    style={{ marginRight: 10 }}
+                    size="small"
+                    htmlType="button"
+                    onClick={this.disableUnrestrictedRolesEdit}
+                  >
+                    Cancel
+                  </Button>
+                  <Button
+                    size="small"
+                    type="primary"
+                    htmlType="button"
+                    onClick={this.handleUnrestrictedRolesSave}
+                  >
+                    Save
+                  </Button>
+                </div>
+              </div>
+            )}
+            {!isUnrestrictedRolesEditEnabled && (
+              <span>
+                {unrestrictedRoles.map(unrestrictedRole => {
+                  return (
+                    <Tag
+                      color={this.config.theme.primaryColor}
+                      key={unrestrictedRole}
+                      style={{ marginBottom: 5 }}
+                    >
+                      {unrestrictedRole}
+                    </Tag>
+                  );
+                })}
+              </span>
+            )}
+
             <Authorized
               permission="/permission/admin/app-mgt/publisher/review/view"
               yes={

From a615f14ec52ef3c5fde5be67bd1d8688a0aa4e31 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Tue, 25 Aug 2020 19:27:02 +0530
Subject: [PATCH 55/58] Replace Icon with EditOutlined

---
 .../AppList/components/ApssTable/AppDetailsDrawer/index.js      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
index fca189fe3c..3698c5d840 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/react-app/src/scenes/Home/scenes/Apps/components/AppList/components/ApssTable/AppDetailsDrawer/index.js
@@ -983,7 +983,7 @@ class AppDetailsDrawer extends React.Component {
                     }}
                     onClick={this.enableUnrestrictedRolesEdit}
                   >
-                    <Icon type="edit" />
+                    <EditOutlined />
                   </Text>
                 )
               }

From 4eb523cc8379626690c61aa055d78f3effdab107 Mon Sep 17 00:00:00 2001
From: Saad Sahibjan <saadsahibjan@gmail.com>
Date: Tue, 25 Aug 2020 23:31:24 +0530
Subject: [PATCH 56/58] Update device enrollment of user mail template URL

---
 .../src/main/resources/email/templates/user-enrollment.vm       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
index 9573061735..6c53701a63 100644
--- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
+++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-enrollment.vm
@@ -53,7 +53,7 @@
                 </p>
                 <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     You have been invited to enrol your device in Entgra IoT Server.
-                    Click <a href="$base-url-https/endpoint-mgt/devices/enroll?token=$otp-token">here</a> to begin device enrolment.</p>
+                    Click <a href="$base-url-https/self-register/devices/enroll?token=$otp-token">here</a> to begin device enrolment.</p>
 
                 <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
                     Enrollment Steps are as below,

From 1919fbde165a8e95fb8b17334b7828ccd3ec3d0e Mon Sep 17 00:00:00 2001
From: Dharmakeerthi Lasantha <tcdlpds@gmail.com>
Date: Tue, 25 Aug 2020 18:04:46 +0000
Subject: [PATCH 57/58] Add new feature to install applications for device

---
 .../common/services/SubscriptionManager.java  | 13 ++++
 .../core/impl/SubscriptionManagerImpl.java    | 73 +++++++++++++++++--
 .../mgt/core/mgt/impl/PolicyManagerImpl.java  |  6 +-
 3 files changed, 84 insertions(+), 8 deletions(-)

diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/services/SubscriptionManager.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/services/SubscriptionManager.java
index 0382d33516..8ac4cf4b13 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/services/SubscriptionManager.java
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/services/SubscriptionManager.java
@@ -21,6 +21,7 @@ import org.wso2.carbon.device.application.mgt.common.ExecutionStatus;
 import org.wso2.carbon.device.application.mgt.common.dto.ScheduledSubscriptionDTO;
 import org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.SubscriptionManagementException;
+import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.PaginationResult;
 
 import java.util.List;
@@ -101,6 +102,18 @@ public interface SubscriptionManager {
     <T> void performEntAppSubscription(String applicationUUID, List<T> params, String subType, String action,
                                        boolean requiresUpdatingExternal) throws ApplicationManagementException;
 
+    /**
+     * Install given application releases for given device. If application is already installed that application skips.
+     * This is used in enterprise app installing policy.
+     *
+     * @param deviceIdentifier Device identifiers
+     * @param releaseUUID UUIs of applicatios
+     * @throws ApplicationManagementException if error occurred while installing given applications into the given
+     * device
+     */
+    void installAppsForDevice(DeviceIdentifier deviceIdentifier, List<String> releaseUUID)
+            throws ApplicationManagementException;
+
     /***
      * This method used to get the app id ,device ids and pass them to DM service method.
      *
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/SubscriptionManagerImpl.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/SubscriptionManagerImpl.java
index dee1b7a6d1..47545d4c83 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/SubscriptionManagerImpl.java
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/SubscriptionManagerImpl.java
@@ -94,6 +94,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
+import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.stream.Collectors;
 
 /**
@@ -261,7 +262,7 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
             log.error(msg, e);
             throw new SubscriptionManagementException(msg, e);
         } catch (DBConnectionException e) {
-            String msg = "Error occurred while retrieving the database connection";
+            String msg = "Error occurred while retrieving the database connection to clean the scheduled subscriptions";
             log.error(msg, e);
             throw new SubscriptionManagementException(msg, e);
         } finally {
@@ -454,6 +455,70 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
         }
     }
 
+    @Override public void installAppsForDevice(DeviceIdentifier deviceIdentifier, List<String> releaseUUIDs)
+            throws ApplicationManagementException {
+
+        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
+        Device device;
+        try {
+            device = DataHolder.getInstance().getDeviceManagementService().getDevice(deviceIdentifier, false);
+            if (device == null) {
+                String msg = "Invalid device identifier is received and couldn't find an deveice for the requested "
+                        + "device identifier. Device UUID: " + deviceIdentifier.getId() + " Device Type: "
+                        + deviceIdentifier.getType();
+                log.error(msg);
+                throw new BadRequestException(msg);
+            }
+        } catch (DeviceManagementException e) {
+            String msg = "Error occured while getting device data for given device identifier.Device UUID: "
+                    + deviceIdentifier.getId() + " Device Type: " + deviceIdentifier.getType();
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        }
+
+        List<DeviceIdentifier> appInstallingDevices = new ArrayList<>();
+
+        for (String releaseUUID : releaseUUIDs) {
+            try {
+                ConnectionManagerUtil.openDBConnection();
+                ApplicationDTO applicationDTO = this.applicationDAO.getAppWithRelatedRelease(releaseUUID, tenantId);
+                if (applicationDTO != null) {
+                    List<DeviceSubscriptionDTO> deviceSubscriptionDTOS = this.subscriptionDAO
+                            .getDeviceSubscriptions(applicationDTO.getApplicationReleaseDTOs().get(0).getId(),
+                                    tenantId);
+                    AtomicBoolean isAppSubscribable = new AtomicBoolean(true);
+                    for (DeviceSubscriptionDTO deviceSubscriptionDTO : deviceSubscriptionDTOS) {
+                        if (device.getId() == deviceSubscriptionDTO.getDeviceId() && !deviceSubscriptionDTO
+                                .isUnsubscribed()) {
+                            isAppSubscribable.set(false);
+                            break;
+                        }
+                    }
+                    if (isAppSubscribable.get()) {
+                        appInstallingDevices.add(deviceIdentifier);
+                    }
+                }
+            } catch (DBConnectionException e) {
+                String msg = " Error occurred while getting DB connection to retrieve app data data from DB. Device "
+                        + "UUID: " + deviceIdentifier.getId() + " Device Type: " + deviceIdentifier.getType();
+                log.error(msg, e);
+                throw new ApplicationManagementException(msg, e);
+            } catch (ApplicationManagementDAOException e) {
+                String msg = " Error occurred while getting application data from DB. Device UUID: " + deviceIdentifier
+                        .getId() + " Device Type: " + deviceIdentifier.getType();
+                log.error(msg, e);
+                throw new ApplicationManagementException(msg, e);
+            } finally {
+                ConnectionManagerUtil.closeDBConnection();
+            }
+
+            if (!appInstallingDevices.isEmpty()) {
+                performBulkAppOperation(releaseUUID, appInstallingDevices, SubscriptionType.DEVICE.toString(),
+                        SubAction.INSTALL.toString());
+            }
+        }
+    }
+
     /**
      * This method is responsible to update subscription data for google enterprise install.
      *
@@ -584,13 +649,11 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
                 List<DeviceIdentifier> identifiers;
                 if (!deviceIdentifierMap.containsKey(identifier.getType())) {
                     identifiers = new ArrayList<>();
-                    identifiers.add(identifier);
-                    deviceIdentifierMap.put(identifier.getType(), identifiers);
                 } else {
                     identifiers = deviceIdentifierMap.get(identifier.getType());
-                    identifiers.add(identifier);
-                    deviceIdentifierMap.put(identifier.getType(), identifiers);
                 }
+                identifiers.add(identifier);
+                deviceIdentifierMap.put(identifier.getType(), identifiers);
             }
             for (Map.Entry<String, List<DeviceIdentifier>> entry : deviceIdentifierMap.entrySet()) {
                 Activity activity = addAppOperationOnDevices(applicationDTO, new ArrayList<>(entry.getValue()),
diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
index ffacfe8787..1ac0f519d1 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
@@ -930,9 +930,9 @@ public class PolicyManagerImpl implements PolicyManager {
         try {
             device = deviceManagementService.getDevice(deviceIdentifier, false);
         } catch (DeviceManagementException e) {
-            PolicyManagementDAOFactory.rollbackTransaction();
-            throw new PolicyManagementException("Error occurred while getting the device details (" +
-                    deviceIdentifier.getId() + ")", e);
+            String msg = "Error occurred while getting the device details (" + deviceIdentifier.getId() + ")";
+            log.error(msg, e);
+            throw new PolicyManagementException(msg, e);
         }
         int deviceId = device.getId();
         try {

From 215b8fb63061971189668bab2f7699a98cdb274b Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Thu, 27 Aug 2020 03:07:51 +0530
Subject: [PATCH 58/58] Fix formatting issues

---
 .../mgt/core/mgt/impl/PolicyManagerImpl.java  | 103 +-----------------
 1 file changed, 2 insertions(+), 101 deletions(-)

diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
index 1ac0f519d1..e39f061a65 100644
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java
@@ -89,7 +89,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public Policy addPolicy(Policy policy) throws PolicyManagementException {
-
         try {
             PolicyManagementDAOFactory.beginTransaction();
             if (policy.getProfile() != null && policy.getProfile().getProfileId() == 0) {
@@ -107,19 +106,15 @@ public class PolicyManagerImpl implements PolicyManager {
             if (policy.getUsers() != null) {
                 policyDAO.addPolicyToUser(policy.getUsers(), policy);
             }
-
             if (policy.getRoles() != null) {
                 policyDAO.addPolicyToRole(policy.getRoles(), policy);
             }
-
             if (policy.getDevices() != null) {
                 policyDAO.addPolicyToDevice(policy.getDevices(), policy);
             }
-
             if (policy.getDeviceGroups() != null && !policy.getDeviceGroups().isEmpty()) {
                 policyDAO.addDeviceGroupsToPolicy(policy);
             }
-
             if (policy.getPolicyCriterias() != null) {
                 List<PolicyCriterion> criteria = policy.getPolicyCriterias();
                 for (PolicyCriterion criterion : criteria) {
@@ -139,7 +134,6 @@ public class PolicyManagerImpl implements PolicyManager {
                 policyDAO.addPolicyCriteria(policy);
                 policyDAO.addPolicyCriteriaProperties(policy.getPolicyCriterias());
             }
-
             if (policy.getCorrectiveActions() != null && !policy.getCorrectiveActions().isEmpty()) {
                 if (log.isDebugEnabled()) {
                     log.debug("Adding corrective actions for policy " + policy.getPolicyName() +
@@ -147,17 +141,14 @@ public class PolicyManagerImpl implements PolicyManager {
                 }
                 policyDAO.addCorrectiveActionsOfPolicy(policy.getCorrectiveActions(), policy.getId());
             }
-
             if (policy.isActive()) {
                 policyDAO.activatePolicy(policy.getId());
             }
             PolicyManagementDAOFactory.commitTransaction();
-
         } catch (PolicyManagerDAOException e) {
             PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while adding the policy (" +
                     policy.getId() + " - " + policy.getPolicyName() + ")", e);
-
         } catch (ProfileManagerDAOException e) {
             PolicyManagementDAOFactory.rollbackTransaction();
             throw new PolicyManagementException("Error occurred while adding the profile related to policy (" +
@@ -174,7 +165,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public Policy updatePolicy(Policy policy) throws PolicyManagementException {
-
         try {
             // Previous policy needs to be obtained before beginning the transaction
             Policy previousPolicy = this.getPolicy(policy.getId());
@@ -183,15 +173,12 @@ public class PolicyManagerImpl implements PolicyManager {
             // This will keep track of the policies updated.
             policyDAO.recordUpdatedPolicy(policy);
 
-
             List<ProfileFeature> existingFeaturesList = new ArrayList<>();
             List<ProfileFeature> newFeaturesList = new ArrayList<>();
             List<ProfileFeature> featuresToDelete = new ArrayList<>();
             List<String> temp = new ArrayList<>();
             List<String> updateDFes = new ArrayList<>();
-
             List<ProfileFeature> updatedFeatureList = policy.getProfile().getProfileFeaturesList();
-
             List<ProfileFeature> existingProfileFeaturesList = previousPolicy.getProfile().getProfileFeaturesList();
 
             // Checks for the existing features
@@ -232,27 +219,20 @@ public class PolicyManagerImpl implements PolicyManager {
             if (!newFeaturesList.isEmpty()) {
                 featureDAO.addProfileFeatures(newFeaturesList, profileId);
             }
-
             if (!featuresToDelete.isEmpty()) {
                 for (ProfileFeature pf : featuresToDelete)
                     featureDAO.deleteProfileFeatures(pf.getId());
             }
-
             policyDAO.deleteCriteriaAndDeviceRelatedConfigs(policy.getId());
-
-
             if (policy.getUsers() != null) {
                 policyDAO.updateUserOfPolicy(policy.getUsers(), previousPolicy);
             }
-
             if (policy.getRoles() != null) {
                 policyDAO.updateRolesOfPolicy(policy.getRoles(), previousPolicy);
             }
-
             if (policy.getDevices() != null) {
                 policyDAO.addPolicyToDevice(policy.getDevices(), previousPolicy);
             }
-
             if (policy.getDeviceGroups() != null && !policy.getDeviceGroups().isEmpty()) {
                 policyDAO.addDeviceGroupsToPolicy(policy);
             }
@@ -308,19 +288,15 @@ public class PolicyManagerImpl implements PolicyManager {
                 log.debug("Updating corrective actions for policy " + policy.getPolicyName() +
                         " having policy id " + policy.getId());
             }
-
             if (!correctiveActionsToUpdate.isEmpty()) {
                 policyDAO.updateCorrectiveActionsOfPolicy(correctiveActionsToUpdate, previousPolicy.getId());
             }
-
             if (!correctiveActionsToAdd.isEmpty()) {
                 policyDAO.addCorrectiveActionsOfPolicy(correctiveActionsToAdd, previousPolicy.getId());
             }
-
             if (!correctiveActionsToDelete.isEmpty()) {
                 policyDAO.deleteCorrectiveActionsOfPolicy(correctiveActionsToDelete, previousPolicy.getId());
             }
-
             PolicyManagementDAOFactory.commitTransaction();
         } catch (PolicyManagerDAOException e) {
             PolicyManagementDAOFactory.rollbackTransaction();
@@ -345,7 +321,6 @@ public class PolicyManagerImpl implements PolicyManager {
     public boolean updatePolicyPriorities(List<Policy> policies) throws PolicyManagementException {
         boolean bool;
         try {
-//            List<Policy> existingPolicies = this.getPolicies();
             List<Policy> existingPolicies;
             if (policyConfiguration.getCacheEnable()) {
                 existingPolicies = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -405,7 +380,6 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     public boolean deletePolicy(int policyId) throws PolicyManagementException {
         boolean bool;
-
         List<Policy> policies = this.getPolicies();
         Policy pol = null;
         for (Policy p : policies) {
@@ -433,7 +407,6 @@ public class PolicyManagerImpl implements PolicyManager {
             }
 
             featureDAO.deleteFeaturesOfProfile(policy.getProfileId());
-
             profileDAO.deleteProfile(policy.getProfileId());
             PolicyManagementDAOFactory.commitTransaction();
             return bool;
@@ -491,7 +464,6 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     public Policy addPolicyToDevice(List<DeviceIdentifier> deviceIdentifierList,
                                     Policy policy) throws PolicyManagementException {
-
         List<Device> deviceList = new ArrayList<>();
         DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
                 .getInstance().getDeviceManagementService();
@@ -566,7 +538,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public Policy addPolicyToUser(List<String> usernameList, Policy policy) throws PolicyManagementException {
-
         try {
             PolicyManagementDAOFactory.beginTransaction();
             if (policy.getId() == 0) {
@@ -598,22 +569,17 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public Policy getPolicyByProfileID(int profileId) throws PolicyManagementException {
-
         Policy policy;
         Profile profile;
         List<Device> deviceList;
         List<String> roleNames;
-
         try {
             PolicyManagementDAOFactory.openConnection();
             policy = policyDAO.getPolicyByProfileID(profileId);
-
             roleNames = policyDAO.getPolicyAppliedRoles(policy.getId());
             profile = profileDAO.getProfile(profileId);
             policy.setProfile(profile);
             policy.setRoles(roleNames);
-
-
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while getting the policy related to profile ID (" +
                     profileId + ")", e);
@@ -634,7 +600,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public Policy getPolicy(int policyId) throws PolicyManagementException {
-
         Policy policy;
         List<Device> deviceList;
         List<String> roleNames;
@@ -642,13 +607,8 @@ public class PolicyManagerImpl implements PolicyManager {
         try {
             PolicyManagementDAOFactory.openConnection();
             policy = policyDAO.getPolicy(policyId);
-
             roleNames = policyDAO.getPolicyAppliedRoles(policyId);
             userNames = policyDAO.getPolicyAppliedUsers(policyId);
-
-            //Profile profile = profileDAO.getProfile(policy.getProfileId());
-
-
             policy.setRoles(roleNames);
             policy.setUsers(userNames);
 
@@ -657,18 +617,11 @@ public class PolicyManagerImpl implements PolicyManager {
                         " having policy id " + policy.getId());
             }
             policy.setCorrectiveActions(policyDAO.getCorrectiveActionsOfPolicy(policyId));
-
         } catch (PolicyManagerDAOException e) {
             throw new PolicyManagementException("Error occurred while getting the policy related to policy ID (" +
                     policyId + ")", e);
-//        } catch (ProfileManagerDAOException e) {
-//            throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
-//                    policyId + ")", e);
         } catch (SQLException e) {
             throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
-//        } catch (ProfileManagementException e) {
-//            throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
-//                    policyId + ")", e);
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
@@ -678,24 +631,17 @@ public class PolicyManagerImpl implements PolicyManager {
         policy.setDevices(deviceList);
 
         try {
-            //   PolicyManagementDAOFactory.openConnection();
             Profile profile = profileManager.getProfile(policy.getProfileId());
             policy.setProfile(profile);
         } catch (ProfileManagementException e) {
             throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
                     policyId + ")", e);
-//        } catch (SQLException e) {
-//            throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
-//        } finally {
-//            PolicyManagementDAOFactory.closeConnection();
         }
-
         return policy;
     }
 
     @Override
     public List<Policy> getPolicies() throws PolicyManagementException {
-
         List<Policy> policyList;
         List<Profile> profileList;
         try {
@@ -718,20 +664,16 @@ public class PolicyManagerImpl implements PolicyManager {
         }
 
         // Following is done because connection close has been implemented in every method.
-
         for (Policy policy : policyList) {
             policy.setDevices(this.getPolicyAppliedDevicesIds(policy.getId()));
         }
-
         return policyList;
     }
 
     @Override
     public List<Policy> getPoliciesOfDevice(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
-
         List<Integer> policyIdList;
         List<Policy> policies = new ArrayList<>();
-
         DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
                 .getInstance().getDeviceManagementService();
         Device device;
@@ -754,7 +696,6 @@ public class PolicyManagerImpl implements PolicyManager {
             PolicyManagementDAOFactory.closeConnection();
         }
 
-//        List<Policy> tempPolicyList = this.getPolicies();
         List<Policy> tempPolicyList;
         if (policyConfiguration.getCacheEnable()) {
             tempPolicyList = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -777,9 +718,6 @@ public class PolicyManagerImpl implements PolicyManager {
     @Override
     public List<Policy> getPoliciesOfDeviceType(String deviceTypeName) throws PolicyManagementException {
         List<Policy> policies = new ArrayList<>();
-//        try {
-        // List<Profile> profileList = profileManager.getProfilesOfDeviceType(deviceTypeName);
-//            List<Policy> allPolicies = this.getPolicies();
         List<Policy> allPolicies;
         if (policyConfiguration.getCacheEnable()) {
             allPolicies = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -792,28 +730,14 @@ public class PolicyManagerImpl implements PolicyManager {
                 policies.add(policy);
             }
         }
-
-//            for (Profile profile : profileList) {
-//                for (Policy policy : allPolicies) {
-//                    if (policy.getProfileId() == profile.getProfileId()) {
-//                        policy.setProfile(profile);
-//                        policies.add(policy);
-//                    }
-//                }
-//            }
         Collections.sort(policies);
-//        } catch (ProfileManagementException e) {
-//            throw new PolicyManagementException("Error occurred while getting all the profile features.", e);
-//        }
         return policies;
     }
 
     @Override
     public List<Policy> getPoliciesOfRole(String roleName) throws PolicyManagementException {
-
         List<Policy> policies = new ArrayList<>();
         List<Integer> policyIdList;
-
         try {
             PolicyManagementDAOFactory.openConnection();
             policyIdList = policyDAO.getPolicyOfRole(roleName);
@@ -825,7 +749,6 @@ public class PolicyManagerImpl implements PolicyManager {
             PolicyManagementDAOFactory.closeConnection();
         }
 
-//        List<Policy> tempPolicyList = this.getPolicies();
         List<Policy> tempPolicyList;
         if (policyConfiguration.getCacheEnable()) {
             tempPolicyList = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -846,10 +769,8 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public List<Policy> getPoliciesOfUser(String username) throws PolicyManagementException {
-
         List<Policy> policies = new ArrayList<>();
         List<Integer> policyIdList;
-
         try {
             PolicyManagementDAOFactory.openConnection();
             policyIdList = policyDAO.getPolicyOfUser(username);
@@ -860,7 +781,6 @@ public class PolicyManagerImpl implements PolicyManager {
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
-//        List<Policy> tempPolicyList = this.getPolicies();
         List<Policy> tempPolicyList;
         if (policyConfiguration.getCacheEnable()) {
             tempPolicyList = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -881,7 +801,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public List<Device> getPolicyAppliedDevicesIds(int policyId) throws PolicyManagementException {
-
         List<Device> deviceList = new ArrayList<>();
         List<Integer> deviceIds;
         DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
@@ -955,17 +874,11 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public UpdatedPolicyDeviceListBean applyChangesMadeToPolicies() throws PolicyManagementException {
-
         List<String> changedDeviceTypes = new ArrayList<>();
         List<Policy> updatedPolicies = new ArrayList<>();
         List<Integer> updatedPolicyIds = new ArrayList<>();
         boolean transactionDone = false;
         try {
-            //HashMap<Integer, Integer> map = policyDAO.getUpdatedPolicyIdandDeviceTypeId();
-//            List<Policy> activePolicies = new ArrayList<>();
-//            List<Policy> inactivePolicies = new ArrayList<>();
-
-//            List<Policy> allPolicies = this.getPolicies();
             List<Policy> allPolicies;
             if (policyConfiguration.getCacheEnable()) {
                 allPolicies = PolicyCacheManagerImpl.getInstance().getAllPolicies();
@@ -980,11 +893,6 @@ public class PolicyManagerImpl implements PolicyManager {
                         changedDeviceTypes.add(policy.getProfile().getDeviceType());
                     }
                 }
-//                if (policy.isActive()) {
-//                    activePolicies.add(policy);
-//                } else {
-//                    inactivePolicies.add(policy);
-//                }
             }
             PolicyManagementDAOFactory.beginTransaction();
             transactionDone = true;
@@ -1068,7 +976,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public boolean checkPolicyAvailable(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
-
         boolean exist;
         DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
                 .getInstance().getDeviceManagementService();
@@ -1095,7 +1002,6 @@ public class PolicyManagerImpl implements PolicyManager {
 
     @Override
     public boolean setPolicyApplied(DeviceIdentifier deviceIdentifier) throws PolicyManagementException {
-
         DeviceManagementProviderService deviceManagementService = PolicyManagementDataHolder
                 .getInstance().getDeviceManagementService();
         Device device;
@@ -1105,7 +1011,6 @@ public class PolicyManagerImpl implements PolicyManager {
             throw new PolicyManagementException("Error occurred while getting the device details (" +
                     deviceIdentifier.getId() + ")", e);
         }
-
         try {
             PolicyManagementDAOFactory.openConnection();
             policyDAO.setPolicyApplied(device.getId(), device.getEnrolmentInfo().getId());
@@ -1159,7 +1064,6 @@ public class PolicyManagerImpl implements PolicyManager {
     public Policy getAppliedPolicyToDevice(Device device) throws PolicyManagementException {
         Policy policy;
         try {
-            //int policyId = policyDAO.getAppliedPolicyId(device.getId());
             PolicyManagementDAOFactory.openConnection();
             policy = policyDAO.getAppliedPolicy(device.getId(), device.getEnrolmentInfo().getId());
         } catch (PolicyManagerDAOException e) {
@@ -1211,8 +1115,8 @@ public class PolicyManagerImpl implements PolicyManager {
 
     private void addPolicyRevokeOperation(List<DeviceIdentifier> deviceIdentifiers) throws PolicyManagementException {
         try {
-            String type = null;
-            if (deviceIdentifiers.size() > 0) {
+            String type;
+            if (!deviceIdentifiers.isEmpty()) {
                 type = deviceIdentifiers.get(0).getType();
                 PolicyManagementDataHolder.getInstance().getDeviceManagementService().addOperation(type,
                         this.getPolicyRevokeOperation(), deviceIdentifiers);
@@ -1264,11 +1168,9 @@ public class PolicyManagerImpl implements PolicyManager {
         } finally {
             PolicyManagementDAOFactory.closeConnection();
         }
-
         for (Policy policy : policyList) {
             policy.setDevices(this.getPolicyAppliedDevicesIds(policy.getId()));
         }
-
         return policyList;
     }
 
@@ -1283,7 +1185,6 @@ public class PolicyManagerImpl implements PolicyManager {
             policy.setRoles(policyDAO.getPolicyAppliedRoles(policy.getId()));
             policy.setUsers(policyDAO.getPolicyAppliedUsers(policy.getId()));
             policy.setPolicyCriterias(policyDAO.getPolicyCriteria(policy.getId()));
-
             List<DeviceGroupWrapper> deviceGroupWrappers = policyDAO.getDeviceGroupsOfPolicy(policy.getId());
             if (!deviceGroupWrappers.isEmpty()) {
                 deviceGroupWrappers = this.getDeviceGroupNames(deviceGroupWrappers);