Merge branch 'support-5.0.24' of ssh://repository.entgra.net:222/support/support-carbon-device-mgt into support-5.0.24

components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/bean/Certificate.java

@@ -25,6 +25,15 @@ public class Certificate {
     X509Certificate certificate;
     int tenantId;
     String tenantDomain;
+    String deviceIdentifier;
+
+    public String getDeviceIdentifier() {
+        return deviceIdentifier;
+    }
+
+    public void setDeviceIdentifier(String deviceIdentifier) {
+        this.deviceIdentifier = deviceIdentifier;
+    }
 
     public int getTenantId() {
         return tenantId;

components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/CertificateDAO.java

@@ -41,6 +41,17 @@ public interface CertificateDAO {
     void addCertificate(List<Certificate> certificate)
             throws CertificateManagementDAOException;
 
+    /**
+     * This can be used to store a certificate in the database, where it will be stored against the serial number
+     * of the certificate.
+     *
+     * @param certificate Holds the certificate and relevant details.
+     * @throws CertificateManagementDAOException
+     *
+     */
+    void addCertificate(Certificate certificate)
+            throws CertificateManagementDAOException;
+
     /**
      * Usage is to obtain a certificate stored in the database by providing the common name.
      *

components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/AbstractCertificateDAOImpl.java

@@ -81,6 +81,40 @@ public abstract class AbstractCertificateDAOImpl implements CertificateDAO{
         }
     }
 
+    @Override
+    public void addCertificate(Certificate certificate)
+            throws CertificateManagementDAOException {
+        Connection conn;
+        PreparedStatement stmt = null;
+        try {
+            conn = this.getConnection();
+            stmt = conn.prepareStatement(
+                    "INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE, TENANT_ID," +
+                            " USERNAME, DEVICE_IDENTIFIER) VALUES (?,?,?,?,?)");
+            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.
+                    getThreadLocalCarbonContext();
+            String username = threadLocalCarbonContext.getUsername();
+            // the serial number of the certificate used for its creation is set as its alias.
+            String serialNumber = certificate.getSerial();
+            if (serialNumber == null || serialNumber.isEmpty()) {
+                serialNumber = String.valueOf(certificate.getCertificate().getSerialNumber());
+            }
+            byte[] bytes = Serializer.serialize(certificate.getCertificate());
+
+            stmt.setString(1, serialNumber);
+            stmt.setBytes(2, bytes);
+            stmt.setInt(3, certificate.getTenantId());
+            stmt.setString(4, username);
+            stmt.setString(5, certificate.getDeviceIdentifier());
+            stmt.executeUpdate();
+        } catch (SQLException | IOException e) {
+            throw new CertificateManagementDAOException("Error occurred while saving the " +
+                    "certificate. ", e);
+        } finally {
+            CertificateManagementDAOUtil.cleanupResources(stmt, null);
+        }
+    }
+
     @Override
     public CertificateResponse retrieveCertificate(String serialNumber)
             throws CertificateManagementDAOException {

components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/impl/CertificateGenerator.java

@@ -710,6 +710,30 @@ public class CertificateGenerator {
         }
     }
 
+    public void saveCertificate(org.wso2.carbon.certificate.mgt.core.bean.Certificate
+                                     certificate) throws KeystoreException {
+
+        if (certificate == null) {
+            return;
+        }
+
+        try {
+            CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
+            CertificateManagementDAOFactory.beginTransaction();
+            certificateDAO.addCertificate(certificate);
+            CertificateManagementDAOFactory.commitTransaction();
+        } catch (CertificateManagementDAOException e) {
+            String errorMsg = "Error occurred when saving the generated certificate in database";
+            log.error(errorMsg);
+            CertificateManagementDAOFactory.rollbackTransaction();
+            throw new KeystoreException(errorMsg, e);
+        } catch (TransactionManagementException e) {
+            String errorMsg = "Error occurred when saving the generated certificate in database";
+            log.error(errorMsg);
+            throw new KeystoreException(errorMsg, e);
+        }
+    }
+
     public void saveCertInKeyStore(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate)
             throws KeystoreException {
 
@@ -845,11 +869,10 @@ public class CertificateGenerator {
 
             org.wso2.carbon.certificate.mgt.core.bean.Certificate certificate =
                     new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
-            List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificates = new ArrayList<>();
             certificate.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
             certificate.setCertificate(issuedCert);
-            certificates.add(certificate);
+            certificate.setDeviceIdentifier(commonName);
-            saveCertInKeyStore(certificates);
+            saveCertificate(certificate);
 
         } catch (OperatorCreationException e) {
             String errorMsg = "Error creating the content signer";

components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/DeviceManagementConfigService.java

@@ -156,7 +156,12 @@ public interface DeviceManagementConfigService {
                     value = "The properties list using for query a device",
                     required = true)
             @QueryParam("properties")
-                    String properties);
+                    String properties,
+            @ApiParam(
+                    name = "withAccessToken",
+                    value = "Whether to use access token or otp token for device configuration")
+            @QueryParam("withAccessToken")
+                    boolean withAccessToken);
 
     @PUT
     @Path("/device/transfer")

components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java

@@ -35,8 +35,12 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.AmbiguousConfiguratio
 import org.wso2.carbon.device.mgt.common.configuration.mgt.DeviceConfiguration;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
+import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
 import org.wso2.carbon.device.mgt.common.general.TenantDetail;
+import org.wso2.carbon.device.mgt.common.otp.mgt.OTPEmailTypes;
+import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
 import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
@@ -77,7 +81,8 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig
     @Path("/configurations")
     @Produces(MediaType.APPLICATION_JSON)
     public Response getConfiguration(@HeaderParam("token") String token,
-                                     @QueryParam("properties") String properties) {
+                                     @QueryParam("properties") String properties,
+                                     @QueryParam("withAccessToken") boolean withAccessToken) {
         DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
         try {
             if (token == null || token.isEmpty()) {
@@ -102,7 +107,8 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig
             deviceProps.put("token", token);
             DeviceConfiguration devicesConfiguration =
                     dms.getDeviceConfiguration(deviceProps);
-            setAccessTokenToDeviceConfigurations(devicesConfiguration);
+            if (withAccessToken) setAccessTokenToDeviceConfigurations(devicesConfiguration);
+                else setOTPTokenToDeviceConfigurations(devicesConfiguration);
             return Response.status(Response.Status.OK).entity(devicesConfiguration).build();
         } catch (DeviceManagementException e) {
             String msg = "Error occurred while retrieving configurations";
@@ -214,6 +220,33 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig
         }
     }
 
+    private void setOTPTokenToDeviceConfigurations(DeviceConfiguration deviceConfiguration)
+            throws DeviceManagementException {
+        OneTimePinDTO oneTimePinData = new OneTimePinDTO();
+        oneTimePinData.setEmail(OTPEmailTypes.DEVICE_ENROLLMENT.toString());
+        oneTimePinData.setEmailType(OTPEmailTypes.DEVICE_ENROLLMENT.toString());
+        oneTimePinData.setUsername(deviceConfiguration.getDeviceOwner());
+        PrivilegedCarbonContext.startTenantFlow();
+        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
+                deviceConfiguration.getTenantDomain(), true);
+        oneTimePinData.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
+        PrivilegedCarbonContext.endTenantFlow();
+        OTPManagementService otpManagementService = DeviceMgtAPIUtils.getOtpManagementService();
+        try {
+            OneTimePinDTO oneTimePinDTO = otpManagementService.generateOneTimePin(oneTimePinData, true);
+            if (oneTimePinDTO == null) {
+                String msg = "Null value returned when generating OTP token for " + oneTimePinData.getOtpToken();
+                log.error(msg);
+                throw new DeviceManagementException(msg);
+            }
+            deviceConfiguration.setAccessToken(oneTimePinDTO.getOtpToken());
+        } catch (OTPManagementException ex) {
+            String msg = "Error occurred while generating one time pin: " + ex.getMessage();
+            log.error(msg, ex);
+            throw new DeviceManagementException(msg, ex);
+        }
+    }
+
     @Override
     @Path("/tenants")
     @GET

components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/util/DeviceMgtAPIUtils.java

@@ -21,6 +21,7 @@ package io.entgra.carbon.device.mgt.config.jaxrs.util;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.user.core.service.RealmService;
 
@@ -34,6 +35,8 @@ public class DeviceMgtAPIUtils {
     private static DeviceManagementProviderService deviceManagementProviderService = null;
     private static RealmService realmService = null;
 
+    private static OTPManagementService otpManagementService = null;
+
     public static DeviceManagementProviderService getDeviceManagementService() {
         if (deviceManagementProviderService == null) {
             PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
@@ -48,6 +51,19 @@ public class DeviceMgtAPIUtils {
         return deviceManagementProviderService;
     }
 
+    public static OTPManagementService getOtpManagementService() {
+        if (otpManagementService == null) {
+            PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null);
+            if (otpManagementService == null) {
+                String msg = "OTP Management Service has not initialized.";
+                log.error(msg);
+                throw new IllegalStateException(msg);
+            }
+        }
+        return otpManagementService;
+    }
+
     public static RealmService getRealmService() {
         if (realmService == null) {
             PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();