transferred mutual authenticator to jwt authenticator

components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml

@@ -286,6 +286,11 @@
 			<artifactId>org.wso2.carbon.application.mgt.stub</artifactId>
 			<scope>provided</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.wso2.carbon.devicemgt</groupId>
+			<artifactId>org.wso2.carbon.identity.jwt.client.extension</artifactId>
+			<scope>provided</scope>
+		</dependency>
     </dependencies>
 
 </project>

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java

@@ -18,8 +18,6 @@
  */
 package org.wso2.carbon.device.mgt.jaxrs.service.impl.admin;
 
-import org.apache.axiom.om.OMElement;
-import org.apache.axiom.om.OMXMLBuilderFactory;
 import org.apache.axis2.client.Options;
 import org.apache.axis2.java.security.SSLProtocolSocketFactory;
 import org.apache.axis2.transport.http.HTTPConstants;
@@ -36,6 +34,7 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.core.util.Utils;
 import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceTypePublisherAdminService;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
 import org.wso2.carbon.registry.core.Registry;
 import org.wso2.carbon.registry.core.Resource;
 import org.wso2.carbon.registry.core.ResourceImpl;
@@ -65,9 +64,14 @@ import java.util.List;
 public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherAdminService {
 
     /**
-     * required soap header for mutualSSL
+     * required soap header for authorization
      */
-    private static final String USER_NAME_HEADER = "UserName";
+    private static final String AUTHORIZATION_HEADER = "Authorization";
+
+    /**
+     * required soap header value for mutualSSL
+     */
+    private static final String AUTHORIZATION_HEADER_VALUE = "Bearer";
 
     private static final String KEY_STORE_TYPE = "JKS";
     /**
@@ -129,22 +133,16 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
             //Call to load the TrustStore.
             loadTrustStore(trustStoreLocation, trustStorePassword);
             //Create the SSL context with the loaded TrustStore/keystore.
-            initMutualSSLConnection();
+            initSSLConnection();
+            JWTClient jwtClient = DeviceMgtAPIUtils.getJWTClientManagerService().getJWTClient();
 
-            //Constructing the soap header that required for mutual SSL
+            String authValue =  AUTHORIZATION_HEADER_VALUE + " " + new String(Base64.encodeBase64(
-            String strHeader =
+                    jwtClient.getJwtToken(tenantAdminUser).getBytes()));
-                    "<m:UserName soapenv:mustUnderstand=\"0\" xmlns:m=\"http://mutualssl.carbon.wso2.org\" " +
-                            "xmlns:soapenv=\"http://www.w3.org/2001/12/soap-envelope\" >'" + tenantAdminUser +
-                            "'</m:UserName>";
-
-            InputStream is = new ByteArrayInputStream(strHeader.getBytes());
-            OMElement header = OMXMLBuilderFactory.createOMBuilder(is).getDocumentElement();
 
             List<Header> list = new ArrayList<Header>();
             Header httpHeader = new Header();
-            httpHeader.setName(USER_NAME_HEADER);
+            httpHeader.setName(AUTHORIZATION_HEADER);
-            byte[] encodedBytes = Base64.encodeBase64(tenantAdminUser.getBytes());
+            httpHeader.setValue(authValue);
-            httpHeader.setValue(new String(encodedBytes));
             list.add(httpHeader);//"https"
 
             File directory = new File(CAR_FILE_LOCATION + File.separator + type);
@@ -153,7 +151,6 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
                 if (uploadedFileItems.length > 0) {
                     CarbonAppUploaderStub carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(
                             IOT_MGT_URL));
-                    carbonAppUploaderStub._getServiceClient().addHeader(header);
                     Options appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
                     if (appUploaderOptions == null) {
                         appUploaderOptions = new Options();
@@ -168,7 +165,6 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
 
                     if (!DEVICE_MANAGEMENT_TYPE.equals(type.toLowerCase())) {
                         carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(DAS_URL));
-                        carbonAppUploaderStub._getServiceClient().addHeader(header);
                         appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
                         if (appUploaderOptions == null) {
                             appUploaderOptions = new Options();
@@ -297,7 +293,7 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
     /**
      * Initializes the SSL Context
      */
-    private void initMutualSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
+    private void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
                                                   KeyStoreException, KeyManagementException {
         KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
         keyManagerFactory.init(keyStore, keyStorePassword);

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java

@@ -36,6 +36,7 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.InputValidationException;
+import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
 import org.wso2.carbon.policy.mgt.common.PolicyMonitoringTaskException;
 import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
 import org.wso2.carbon.policy.mgt.core.task.TaskScheduleService;
@@ -168,6 +169,18 @@ public class DeviceMgtAPIUtils {
         return registryService;
     }
 
+    public static JWTClientManagerService getJWTClientManagerService() {
+        JWTClientManagerService jwtClientManagerService;
+        PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+        jwtClientManagerService = (JWTClientManagerService) ctx.getOSGiService(JWTClientManagerService.class, null);
+        if (jwtClientManagerService == null) {
+            String msg = "jwtClientManagerServicehas not initialized.";
+            log.error(msg);
+            throw new IllegalStateException(msg);
+        }
+        return jwtClientManagerService;
+    }
+
     /**
      * Getting the current tenant's user realm
      */

components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java

@@ -72,6 +72,10 @@ public class JWTClientUtil {
 	private static final String JWT_CONFIG_FILE_NAME = "jwt.properties";
 	private static final String SUPERTENANT_JWT_CONFIG_LOCATION =
 			CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + JWT_CONFIG_FILE_NAME;
+    /**
+     * This is added for the carbon authenticator.
+     */
+    public static final String SIGNED_JWT_AUTH_USERNAME = "Username";
 
 	/**
 	 * Return a http client instance
@@ -230,6 +234,7 @@ public class JWTClientUtil {
             claimsSet.setNotBeforeTime(new Date(nbf));
 			claimsSet.setJWTID(jti);
 			claimsSet.setAudience(aud);
+            claimsSet.setClaim(SIGNED_JWT_AUTH_USERNAME, username);
             if (customClaims != null && !customClaims.isEmpty()) {
                 for (String key : customClaims.keySet()) {
                     claimsSet.setClaim(key, customClaims.get(key));