mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
adding code review changes on JWT and API App registration
This commit is contained in:
ayyoob
parent
ddcb252256
commit
afe965e787
@ -53,6 +53,11 @@ public interface ApiApplicationRegistrationService {
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
Response register(RegistrationProfile registrationProfile);
|
||||
|
||||
/**
|
||||
* This method is used to unregister an API application.
|
||||
* @param applicationName name of the application that needs to be unregistered.
|
||||
* @return the response status of request.
|
||||
*/
|
||||
@DELETE
|
||||
Response unregister(@QueryParam("applicationName") String applicationName);
|
||||
}
|
||||
|
||||
@ -26,6 +26,7 @@ import org.wso2.carbon.apimgt.application.extension.api.util.RegistrationProfile
|
||||
import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants;
|
||||
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
|
||||
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.apimgt.application.extension.api.util.APIUtil;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
@ -45,13 +46,16 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
||||
@POST
|
||||
public Response register(@PathParam("tenantDomain") String tenantDomain,
|
||||
@QueryParam("applicationName") String applicationName) {
|
||||
Response response;
|
||||
String authenticatedTenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
|
||||
if (authenticatedTenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
|
||||
return Response.status(Response.Status.NOT_ACCEPTABLE).build();
|
||||
}
|
||||
try {
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
|
||||
if (PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId() == -1) {
|
||||
String msg = "Invalid tenant domain : " + tenantDomain;
|
||||
response = Response.status(Response.Status.NOT_ACCEPTABLE).entity(msg).build();
|
||||
return Response.status(Response.Status.NOT_ACCEPTABLE).entity(msg).build();
|
||||
}
|
||||
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm()
|
||||
.getRealmConfiguration().getAdminUserName();
|
||||
@ -63,21 +67,19 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
||||
} catch (APIManagerException e) {
|
||||
String msg = "Error occurred while registering an application '" + applicationName + "'";
|
||||
log.error(msg, e);
|
||||
response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Failed to retrieve the tenant" + tenantDomain + "'";
|
||||
log.error(msg, e);
|
||||
response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
} finally {
|
||||
PrivilegedCarbonContext.endTenantFlow();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
|
||||
@Path("register")
|
||||
@POST
|
||||
public Response register(RegistrationProfile registrationProfile) {
|
||||
Response response;
|
||||
try {
|
||||
String username = APIUtil.getAuthenticatedUser();
|
||||
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
||||
@ -103,17 +105,15 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
||||
}
|
||||
} catch (APIManagerException e) {
|
||||
String msg = "Error occurred while registering an application '"
|
||||
+ registrationProfile.getApplicationName() + "'";
|
||||
+ registrationProfile.getApplicationName() + "'";
|
||||
log.error(msg, e);
|
||||
response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
|
||||
@Path("unregister")
|
||||
@DELETE
|
||||
public Response unregister(@QueryParam("applicationName") String applicationName) {
|
||||
Response response;
|
||||
try {
|
||||
String username = APIUtil.getAuthenticatedUser();
|
||||
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
||||
@ -122,8 +122,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
||||
} catch (APIManagerException e) {
|
||||
String msg = "Error occurred while removing the application '" + applicationName;
|
||||
log.error(msg, e);
|
||||
response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
}
|
||||
@ -30,7 +30,7 @@
|
||||
<!-- Device related APIs -->
|
||||
<Permission>
|
||||
<name>Register tenant specific application</name>
|
||||
<path>/permission/super admin</path>
|
||||
<path>/device-mgt</path>
|
||||
<url>/register/tenants/*</url>
|
||||
<method>POST</method>
|
||||
<scope>super_admin_user</scope>
|
||||
|
||||
@ -332,8 +332,8 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
|
||||
if (userVisibleAPIs != null) {
|
||||
Set<SubscribedAPI> subscribedAPIs = apiConsumer.getSubscribedAPIs(subscriber, apiApplicationName,
|
||||
groupId);
|
||||
for (API userVisbleAPI : userVisibleAPIs) {
|
||||
APIIdentifier apiIdentifier = userVisbleAPI.getId();
|
||||
for (API userVisibleAPI : userVisibleAPIs) {
|
||||
APIIdentifier apiIdentifier = userVisibleAPI.getId();
|
||||
boolean isSubscribed = false;
|
||||
if (subscribedAPIs != null) {
|
||||
for (SubscribedAPI subscribedAPI : subscribedAPIs) {
|
||||
|
||||
@ -80,10 +80,6 @@
|
||||
<groupId>org.wso2.carbon.analytics-common</groupId>
|
||||
<artifactId>org.wso2.carbon.databridge.commons</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.analytics</groupId>
|
||||
<artifactId>org.wso2.carbon.analytics.api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.registry</groupId>
|
||||
<artifactId>org.wso2.carbon.registry.indexing</artifactId>
|
||||
@ -123,7 +119,6 @@
|
||||
org.wso2.carbon.context;version="${carbon.kernel.version.range}",
|
||||
org.wso2.carbon.utils;version="${carbon.kernel.version.range}",
|
||||
org.wso2.carbon.databridge.*;version="${carbon.analytics.common.version.range}",
|
||||
org.wso2.carbon.analytics.*;version="${carbon.analytics.version.range}",
|
||||
org.wso2.carbon.registry.core.*;resolution:=optional,
|
||||
org.wso2.carbon.registry.common.*;version="${carbon.registry.imp.pkg.version.range}",
|
||||
org.wso2.carbon.registry.indexing.*; version="${carbon.registry.imp.pkg.version.range}",
|
||||
|
||||
@ -1,59 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public class AnalyticsDataRecord {
|
||||
private Map<String, Object> values;
|
||||
private long timestamp;
|
||||
|
||||
public AnalyticsDataRecord() {
|
||||
values = new HashMap<>();
|
||||
}
|
||||
|
||||
public AnalyticsDataRecord(Map<String, Object> values) {
|
||||
this.values = values;
|
||||
}
|
||||
|
||||
public Map<String, Object> getValues() {
|
||||
return this.values;
|
||||
}
|
||||
|
||||
public void setValue(String name, Object value) {
|
||||
values.put(name, value);
|
||||
}
|
||||
|
||||
public Object getValue(String name) {
|
||||
return this.values.get(name);
|
||||
}
|
||||
|
||||
public void setValues(Map<String, Object> values) {
|
||||
this.values = values;
|
||||
}
|
||||
|
||||
public long getTimestamp() {
|
||||
return this.timestamp;
|
||||
}
|
||||
|
||||
public void setTimestamp(long timestamp) {
|
||||
this.timestamp = timestamp;
|
||||
}
|
||||
}
|
||||
@ -25,7 +25,7 @@ import javax.xml.parsers.DocumentBuilder;
|
||||
import javax.xml.parsers.DocumentBuilderFactory;
|
||||
import java.io.File;
|
||||
|
||||
public class DeviceAnalyticsUtil {
|
||||
public class DataPublisherUtil {
|
||||
|
||||
public static Document convertToDocument(File file) throws DataPublisherConfigurationException {
|
||||
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
|
||||
@ -34,7 +34,7 @@ import org.wso2.carbon.databridge.commons.exception.TransportException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.config.AnalyticsConfiguration;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherAlreadyExistsException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.internal.DeviceAnalyticsDataHolder;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.internal.DataPublisherDataHolder;
|
||||
import org.wso2.carbon.registry.core.Registry;
|
||||
import org.wso2.carbon.registry.core.Resource;
|
||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
@ -71,7 +71,7 @@ public class DeviceDataPublisher {
|
||||
return deviceDataPublisher;
|
||||
}
|
||||
|
||||
private DeviceDataPublisher() {
|
||||
public DeviceDataPublisher() {
|
||||
dataPublisherMap = new ConcurrentHashMap<>();
|
||||
}
|
||||
|
||||
@ -196,7 +196,7 @@ public class DeviceDataPublisher {
|
||||
try {
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId, true);
|
||||
RegistryService registryService = DeviceAnalyticsDataHolder.getInstance().getRegistryService();
|
||||
RegistryService registryService = DataPublisherDataHolder.getInstance().getRegistryService();
|
||||
if (registryService != null) {
|
||||
Registry registry = registryService.getConfigSystemRegistry(tenantId);
|
||||
this.loadTenantRegistry(tenantId);
|
||||
@ -213,8 +213,8 @@ public class DeviceDataPublisher {
|
||||
}
|
||||
|
||||
private void loadTenantRegistry(int tenantId) throws RegistryException {
|
||||
TenantRegistryLoader tenantRegistryLoader = DeviceAnalyticsDataHolder.getInstance().getTenantRegistryLoader();
|
||||
DeviceAnalyticsDataHolder.getInstance().getIndexLoaderService().loadTenantIndex(tenantId);
|
||||
TenantRegistryLoader tenantRegistryLoader = DataPublisherDataHolder.getInstance().getTenantRegistryLoader();
|
||||
DataPublisherDataHolder.getInstance().getIndexLoaderService().loadTenantIndex(tenantId);
|
||||
tenantRegistryLoader.loadTenantRegistry(tenantId);
|
||||
}
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ package org.wso2.carbon.device.mgt.analytics.data.publisher.config;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.w3c.dom.Document;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.DeviceAnalyticsUtil;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.DataPublisherUtil;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
import org.wso2.carbon.utils.CarbonUtils;
|
||||
|
||||
@ -100,7 +100,7 @@ public class AnalyticsConfiguration {
|
||||
public static void init() throws DataPublisherConfigurationException {
|
||||
try {
|
||||
File authConfig = new File(AnalyticsConfiguration.DEVICE_ANALYTICS_CONFIG_PATH);
|
||||
Document doc = DeviceAnalyticsUtil.convertToDocument(authConfig);
|
||||
Document doc = DataPublisherUtil.convertToDocument(authConfig);
|
||||
|
||||
/* Un-marshaling device analytics configuration */
|
||||
JAXBContext ctx = JAXBContext.newInstance(AnalyticsConfiguration.class);
|
||||
|
||||
@ -1,43 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher.exception;
|
||||
|
||||
public class DeviceManagementAnalyticsException extends Exception {
|
||||
public DeviceManagementAnalyticsException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public DeviceManagementAnalyticsException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
public DeviceManagementAnalyticsException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
public DeviceManagementAnalyticsException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
|
||||
protected DeviceManagementAnalyticsException(String message, Throwable cause,
|
||||
boolean enableSuppression,
|
||||
boolean writableStackTrace) {
|
||||
super(message, cause, enableSuppression, writableStackTrace);
|
||||
}
|
||||
}
|
||||
@ -18,36 +18,24 @@
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher.internal;
|
||||
|
||||
import org.wso2.carbon.analytics.api.AnalyticsDataAPI;
|
||||
import org.wso2.carbon.registry.core.service.RegistryService;
|
||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||
|
||||
public class DeviceAnalyticsDataHolder {
|
||||
private static DeviceAnalyticsDataHolder thisInstance = new DeviceAnalyticsDataHolder();
|
||||
/**
|
||||
* AnalyticsDataAPI is service used to retrieve data from DAS.
|
||||
*/
|
||||
private AnalyticsDataAPI analyticsDataAPI;
|
||||
public class DataPublisherDataHolder {
|
||||
private static DataPublisherDataHolder thisInstance = new DataPublisherDataHolder();
|
||||
|
||||
private TenantRegistryLoader tenantRegistryLoader;
|
||||
private TenantIndexingLoader indexLoader;
|
||||
private RegistryService registryService;
|
||||
private DeviceAnalyticsDataHolder() {
|
||||
private DataPublisherDataHolder() {
|
||||
}
|
||||
|
||||
|
||||
public static DeviceAnalyticsDataHolder getInstance() {
|
||||
public static DataPublisherDataHolder getInstance() {
|
||||
return thisInstance;
|
||||
}
|
||||
|
||||
public AnalyticsDataAPI getAnalyticsDataAPI() {
|
||||
return analyticsDataAPI;
|
||||
}
|
||||
|
||||
public void setAnalyticsDataAPI(AnalyticsDataAPI analyticsDataAPI) {
|
||||
this.analyticsDataAPI = analyticsDataAPI;
|
||||
}
|
||||
|
||||
public void setTenantRegistryLoader(TenantRegistryLoader tenantRegistryLoader){
|
||||
this.tenantRegistryLoader = tenantRegistryLoader;
|
||||
}
|
||||
@ -23,23 +23,16 @@ import org.apache.commons.logging.LogFactory;
|
||||
import org.osgi.framework.BundleContext;
|
||||
import org.osgi.framework.ServiceRegistration;
|
||||
import org.osgi.service.component.ComponentContext;
|
||||
import org.wso2.carbon.analytics.api.AnalyticsDataAPI;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.config.AnalyticsConfiguration;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.service.DeviceAnalyticsService;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.service.DeviceAnalyticsServiceImpl;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.service.EventsPublisherService;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.service.EventsPublisherServiceImpl;
|
||||
import org.wso2.carbon.registry.core.service.RegistryService;
|
||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||
|
||||
/**
|
||||
* @scr.component name="org.wso2.carbon.device.mgt.analytics.internal.DeviceAnalyticsServiceComponent"
|
||||
* @scr.component name="org.wso2.carbon.device.mgt.analytics.data.publisher.internal.DataPublisherServiceComponent"
|
||||
* immediate="true"
|
||||
* @scr.reference name="device.analytics.api"
|
||||
* interface="org.wso2.carbon.analytics.api.AnalyticsDataAPI"
|
||||
* cardinality="1..1"
|
||||
* policy="dynamic"
|
||||
* bind="setAnalyticsDataAPI"
|
||||
* unbind="unsetAnalyticsDataAPI"
|
||||
* @scr.reference name="registry.service"
|
||||
* interface="org.wso2.carbon.registry.core.service.RegistryService"
|
||||
* cardinality="1..1"
|
||||
@ -58,10 +51,10 @@ import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||
* bind="setIndexLoader"
|
||||
* unbind="unsetIndexLoader"
|
||||
*/
|
||||
public class DeviceAnalyticsServiceComponent {
|
||||
public class DataPublisherServiceComponent {
|
||||
|
||||
private ServiceRegistration analyticsServiceRef;
|
||||
private static Log log = LogFactory.getLog(DeviceAnalyticsServiceComponent.class);
|
||||
private static Log log = LogFactory.getLog(DataPublisherServiceComponent.class);
|
||||
|
||||
protected void activate(ComponentContext componentCtx) {
|
||||
try {
|
||||
@ -72,7 +65,7 @@ public class DeviceAnalyticsServiceComponent {
|
||||
|
||||
BundleContext bundleCtx = componentCtx.getBundleContext();
|
||||
this.analyticsServiceRef =
|
||||
bundleCtx.registerService(DeviceAnalyticsService.class, new DeviceAnalyticsServiceImpl(), null);
|
||||
bundleCtx.registerService(EventsPublisherService.class, new EventsPublisherServiceImpl(), null);
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Device management analytics bundle has been successfully initialized");
|
||||
@ -94,58 +87,34 @@ public class DeviceAnalyticsServiceComponent {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets AnalyticsDataAPI Service.
|
||||
*
|
||||
* @param analyticsDataAPI An instance of AnalyticsDataAPI
|
||||
*/
|
||||
protected void setAnalyticsDataAPI(AnalyticsDataAPI analyticsDataAPI) {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Setting AnalyticsDataAPI Service");
|
||||
}
|
||||
DeviceAnalyticsDataHolder.getInstance().setAnalyticsDataAPI(analyticsDataAPI);
|
||||
}
|
||||
|
||||
/**
|
||||
* Un sets AnalyticsDataAPI Service.
|
||||
*
|
||||
* @param analyticsDataAPI An instance of AnalyticsDataAPI
|
||||
*/
|
||||
protected void unsetAnalyticsDataAPI(AnalyticsDataAPI analyticsDataAPI) {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Un-Setting AnalyticsDataAPI Service");
|
||||
}
|
||||
DeviceAnalyticsDataHolder.getInstance().setAnalyticsDataAPI(null);
|
||||
}
|
||||
|
||||
protected void setRegistryService(RegistryService registryService) {
|
||||
if (registryService != null && log.isDebugEnabled()) {
|
||||
log.debug("Registry service initialized");
|
||||
}
|
||||
DeviceAnalyticsDataHolder.getInstance().setRegistryService(registryService);
|
||||
DataPublisherDataHolder.getInstance().setRegistryService(registryService);
|
||||
}
|
||||
|
||||
protected void unsetRegistryService(RegistryService registryService) {
|
||||
DeviceAnalyticsDataHolder.getInstance().setRegistryService(null);
|
||||
DataPublisherDataHolder.getInstance().setRegistryService(null);
|
||||
}
|
||||
|
||||
protected void setTenantRegistryLoader(TenantRegistryLoader tenantRegistryLoader) {
|
||||
DeviceAnalyticsDataHolder.getInstance().setTenantRegistryLoader(tenantRegistryLoader);
|
||||
DataPublisherDataHolder.getInstance().setTenantRegistryLoader(tenantRegistryLoader);
|
||||
}
|
||||
|
||||
protected void unsetTenantRegistryLoader(TenantRegistryLoader tenantRegistryLoader) {
|
||||
DeviceAnalyticsDataHolder.getInstance().setTenantRegistryLoader(null);
|
||||
DataPublisherDataHolder.getInstance().setTenantRegistryLoader(null);
|
||||
}
|
||||
|
||||
protected void setIndexLoader(TenantIndexingLoader indexLoader) {
|
||||
if (indexLoader != null && log.isDebugEnabled()) {
|
||||
log.debug("IndexLoader service initialized");
|
||||
}
|
||||
DeviceAnalyticsDataHolder.getInstance().setIndexLoaderService(indexLoader);
|
||||
DataPublisherDataHolder.getInstance().setIndexLoaderService(indexLoader);
|
||||
}
|
||||
|
||||
protected void unsetIndexLoader(TenantIndexingLoader indexLoader) {
|
||||
DeviceAnalyticsDataHolder.getInstance().setIndexLoaderService(null);
|
||||
DataPublisherDataHolder.getInstance().setIndexLoaderService(null);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,121 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher.service;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.analytics.api.AnalyticsDataAPI;
|
||||
import org.wso2.carbon.analytics.dataservice.commons.AnalyticsDataResponse;
|
||||
import org.wso2.carbon.analytics.dataservice.commons.AnalyticsDrillDownRequest;
|
||||
import org.wso2.carbon.analytics.dataservice.commons.SearchResultEntry;
|
||||
import org.wso2.carbon.analytics.dataservice.core.AnalyticsDataServiceUtils;
|
||||
import org.wso2.carbon.analytics.datasource.commons.Record;
|
||||
import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException;
|
||||
import org.wso2.carbon.context.CarbonContext;
|
||||
import org.wso2.carbon.databridge.agent.DataPublisher;
|
||||
import org.wso2.carbon.databridge.commons.utils.DataBridgeCommonsUtils;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.AnalyticsDataRecord;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.DeviceDataPublisher;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DeviceManagementAnalyticsException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.internal.DeviceAnalyticsDataHolder;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This is the implementation of Osgi Service which can be used to publish and retireved
|
||||
* event/records.
|
||||
*/
|
||||
public class DeviceAnalyticsServiceImpl implements DeviceAnalyticsService {
|
||||
private static Log log = LogFactory.getLog(DeviceAnalyticsServiceImpl.class);
|
||||
|
||||
/**
|
||||
* @param streamName is the name of the stream that the data needs to pushed
|
||||
* @param version is the version of the stream
|
||||
* @param metaDataArray - meta data that needs to pushed
|
||||
* @param correlationDataArray - correlation data that needs to be pushed
|
||||
* @param payloadDataArray - payload data that needs to be pushed
|
||||
* @return
|
||||
* @throws DataPublisherConfigurationException
|
||||
*/
|
||||
@Override
|
||||
public boolean publishEvent(String streamName, String version, Object[] metaDataArray,
|
||||
Object[] correlationDataArray,
|
||||
Object[] payloadDataArray) throws DataPublisherConfigurationException {
|
||||
DataPublisher dataPublisher = DeviceDataPublisher.getInstance().getDataPublisher();
|
||||
if (dataPublisher != null) {
|
||||
String streamId = DataBridgeCommonsUtils.generateStreamId(streamName, version);
|
||||
return dataPublisher.tryPublish(streamId, System.currentTimeMillis(), metaDataArray, correlationDataArray,
|
||||
payloadDataArray);
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param tableName is the name of the table that events need to be retrieved
|
||||
* @param query is query to be executed.
|
||||
* @return
|
||||
* @throws AnalyticsException
|
||||
*/
|
||||
@Override
|
||||
public List<AnalyticsDataRecord> getAllEventsForDevice(String tableName, String query) throws
|
||||
DeviceManagementAnalyticsException {
|
||||
try {
|
||||
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
AnalyticsDataAPI analyticsDataAPI = DeviceAnalyticsDataHolder.getInstance().getAnalyticsDataAPI();
|
||||
int eventCount = analyticsDataAPI.searchCount(tenantId, tableName, query);
|
||||
if (eventCount == 0) {
|
||||
return new ArrayList<>();
|
||||
}
|
||||
AnalyticsDrillDownRequest drillDownRequest = new AnalyticsDrillDownRequest();
|
||||
drillDownRequest.setQuery(query);
|
||||
drillDownRequest.setTableName(tableName);
|
||||
drillDownRequest.setRecordCount(eventCount);
|
||||
List<SearchResultEntry> resultEntries = analyticsDataAPI.drillDownSearch(tenantId, drillDownRequest);
|
||||
List<String> recordIds = getRecordIds(resultEntries);
|
||||
AnalyticsDataResponse response = analyticsDataAPI.get(tenantId, tableName, 1, null, recordIds);
|
||||
List<Record> records = AnalyticsDataServiceUtils.listRecords(analyticsDataAPI, response);
|
||||
return getAnalyticsDataRecords(records);
|
||||
} catch (AnalyticsException e) {
|
||||
throw new DeviceManagementAnalyticsException(
|
||||
"Failed fetch data for table " + tableName + "with the query " + query);
|
||||
}
|
||||
}
|
||||
|
||||
private List<String> getRecordIds(List<SearchResultEntry> searchResults) {
|
||||
List<String> ids = new ArrayList<>();
|
||||
for (SearchResultEntry searchResult : searchResults) {
|
||||
ids.add(searchResult.getId());
|
||||
}
|
||||
return ids;
|
||||
}
|
||||
|
||||
private List<AnalyticsDataRecord> getAnalyticsDataRecords(List<Record> records) {
|
||||
List<AnalyticsDataRecord> analyticsDataRecords = new ArrayList<>();
|
||||
for (Record record : records) {
|
||||
AnalyticsDataRecord analyticsDataRecord = new AnalyticsDataRecord(record.getValues());
|
||||
analyticsDataRecords.add(analyticsDataRecord);
|
||||
}
|
||||
return analyticsDataRecords;
|
||||
}
|
||||
|
||||
}
|
||||
@ -18,16 +18,12 @@
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher.service;
|
||||
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.AnalyticsDataRecord;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DeviceManagementAnalyticsException;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This service can be used to publish and retreive data from the Analytics Server.
|
||||
*/
|
||||
public interface DeviceAnalyticsService {
|
||||
public interface EventsPublisherService {
|
||||
|
||||
/**
|
||||
* This is used to publish an event to DAS.
|
||||
@ -42,14 +38,4 @@ public interface DeviceAnalyticsService {
|
||||
boolean publishEvent(String streamName, String version, Object[] metaDataArray, Object[] correlationDataArray,
|
||||
Object[] payloadDataArray) throws DataPublisherConfigurationException;
|
||||
|
||||
/**
|
||||
* This service can be used to retrieve all the event for the query.
|
||||
* @param tableName is the name of the table that events need to be retrieved
|
||||
* @param query is query to be executed.
|
||||
* @return the record list
|
||||
* @throws DeviceManagementAnalyticsException
|
||||
*/
|
||||
List<AnalyticsDataRecord> getAllEventsForDevice(String tableName,
|
||||
String query) throws DeviceManagementAnalyticsException;
|
||||
|
||||
}
|
||||
@ -0,0 +1,61 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.analytics.data.publisher.service;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.databridge.agent.DataPublisher;
|
||||
import org.wso2.carbon.databridge.commons.utils.DataBridgeCommonsUtils;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.DeviceDataPublisher;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
|
||||
/**
|
||||
* This is the implementation of Osgi Service which can be used to publish and retireved
|
||||
* event/records.
|
||||
*/
|
||||
public class EventsPublisherServiceImpl implements EventsPublisherService {
|
||||
private static Log log = LogFactory.getLog(EventsPublisherServiceImpl.class);
|
||||
|
||||
/**
|
||||
* @param streamName is the name of the stream that the data needs to pushed
|
||||
* @param version is the version of the stream
|
||||
* @param metaDataArray - meta data that needs to pushed
|
||||
* @param correlationDataArray - correlation data that needs to be pushed
|
||||
* @param payloadDataArray - payload data that needs to be pushed
|
||||
* @return
|
||||
* @throws DataPublisherConfigurationException
|
||||
*/
|
||||
@Override
|
||||
public boolean publishEvent(String streamName, String version, Object[] metaDataArray,
|
||||
Object[] correlationDataArray,
|
||||
Object[] payloadDataArray) throws DataPublisherConfigurationException {
|
||||
DataPublisher dataPublisher = DeviceDataPublisher.getInstance().getDataPublisher();
|
||||
if (dataPublisher != null) {
|
||||
String streamId = DataBridgeCommonsUtils.generateStreamId(streamName, version);
|
||||
return dataPublisher.tryPublish(streamId, System.currentTimeMillis(), metaDataArray, correlationDataArray,
|
||||
payloadDataArray);
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
@ -90,10 +90,6 @@
|
||||
<groupId>commons-lang.wso2</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.analytics</groupId>
|
||||
<artifactId>org.wso2.carbon.analytics.api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.registry</groupId>
|
||||
<artifactId>org.wso2.carbon.registry.indexing</artifactId>
|
||||
|
||||
@ -18,13 +18,6 @@
|
||||
|
||||
package org.wso2.carbon.identity.jwt.client.extension;
|
||||
|
||||
import com.nimbusds.jose.JOSEException;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.JWSHeader;
|
||||
import com.nimbusds.jose.JWSSigner;
|
||||
import com.nimbusds.jose.crypto.RSASSASigner;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
import com.nimbusds.jwt.SignedJWT;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
@ -36,32 +29,21 @@ import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.message.BasicNameValuePair;
|
||||
import org.json.simple.JSONObject;
|
||||
import org.json.simple.parser.JSONParser;
|
||||
import org.json.simple.parser.ParseException;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.core.util.KeyStoreManager;
|
||||
import org.json.simple.parser.ParseException;;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.constant.JWTConstants;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.util.JWTClientUtil;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.UnrecoverableKeyException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.interfaces.RSAPrivateKey;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Random;
|
||||
|
||||
/**
|
||||
* this class represents an implementation of Token Client which is based on JWT
|
||||
@ -69,12 +51,6 @@ import java.util.Random;
|
||||
public class JWTClient {
|
||||
|
||||
private static Log log = LogFactory.getLog(JWTClient.class);
|
||||
private static final String JWT_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer";
|
||||
private static final String GRANT_TYPE_PARAM_NAME = "grant_type";
|
||||
private static final String REFRESH_TOKEN_GRANT_TYPE = "refresh_token";
|
||||
private static final String REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME = "refresh_token";
|
||||
private static final String JWT_PARAM_NAME = "assertion";
|
||||
private static final String SCOPE_PARAM_NAME = "scope";
|
||||
private JWTConfig jwtConfig;
|
||||
|
||||
public JWTClient(JWTConfig jwtConfig) {
|
||||
@ -87,13 +63,13 @@ public class JWTClient {
|
||||
public AccessTokenInfo getAccessToken(String consumerKey, String consumerSecret, String username, String scopes)
|
||||
throws JWTClientException {
|
||||
List<NameValuePair> params = new ArrayList<>();
|
||||
params.add(new BasicNameValuePair(GRANT_TYPE_PARAM_NAME, JWT_GRANT_TYPE));
|
||||
String assertion = generateSignedJWTAssertion(username);
|
||||
params.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, JWTConstants.JWT_GRANT_TYPE));
|
||||
String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig);
|
||||
if (assertion == null) {
|
||||
throw new JWTClientException("JWT is not configured properly for user : " + username);
|
||||
}
|
||||
params.add(new BasicNameValuePair(JWT_PARAM_NAME, assertion));
|
||||
params.add(new BasicNameValuePair(SCOPE_PARAM_NAME, scopes));
|
||||
params.add(new BasicNameValuePair(JWTConstants.JWT_PARAM_NAME, assertion));
|
||||
params.add(new BasicNameValuePair(JWTConstants.SCOPE_PARAM_NAME, scopes));
|
||||
return getTokenInfo(params, consumerKey, consumerSecret);
|
||||
}
|
||||
|
||||
@ -104,9 +80,9 @@ public class JWTClient {
|
||||
String consumerKey, String consumerSecret)
|
||||
throws JWTClientException {
|
||||
List<NameValuePair> params = new ArrayList<>();
|
||||
params.add(new BasicNameValuePair(GRANT_TYPE_PARAM_NAME, REFRESH_TOKEN_GRANT_TYPE));
|
||||
params.add(new BasicNameValuePair(REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME, refreshToken));
|
||||
params.add(new BasicNameValuePair(SCOPE_PARAM_NAME, scopes));
|
||||
params.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, JWTConstants.REFRESH_TOKEN_GRANT_TYPE));
|
||||
params.add(new BasicNameValuePair(JWTConstants.REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME, refreshToken));
|
||||
params.add(new BasicNameValuePair(JWTConstants.SCOPE_PARAM_NAME, scopes));
|
||||
return getTokenInfo(params, consumerKey, consumerSecret);
|
||||
}
|
||||
|
||||
@ -132,10 +108,10 @@ public class JWTClient {
|
||||
JSONParser jsonParser = new JSONParser();
|
||||
JSONObject jsonObject = (JSONObject) jsonParser.parse(response);
|
||||
AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
|
||||
accessTokenInfo.setAccess_token((String) jsonObject.get(JWTConstants.OAUTH_ACCESS_TOKEN));
|
||||
accessTokenInfo.setRefresh_token((String) jsonObject.get(JWTConstants.OAUTH_REFRESH_TOKEN));
|
||||
accessTokenInfo.setExpires_in((Long) jsonObject.get(JWTConstants.OAUTH_EXPIRES_IN));
|
||||
accessTokenInfo.setToken_type((String) jsonObject.get(JWTConstants.OAUTH_TOKEN_TYPE));
|
||||
accessTokenInfo.setAccessToken((String) jsonObject.get(JWTConstants.ACCESS_TOKEN_GRANT_TYPE_PARAM_NAME));
|
||||
accessTokenInfo.setRefreshToken((String) jsonObject.get(JWTConstants.REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME));
|
||||
accessTokenInfo.setExpiresIn((Long) jsonObject.get(JWTConstants.OAUTH_EXPIRES_IN));
|
||||
accessTokenInfo.setTokenType((String) jsonObject.get(JWTConstants.OAUTH_TOKEN_TYPE));
|
||||
return accessTokenInfo;
|
||||
} catch (MalformedURLException e) {
|
||||
throw new JWTClientException("Invalid URL for token endpoint " + jwtConfig.getTokenEndpoint(), e);
|
||||
@ -156,92 +132,7 @@ public class JWTClient {
|
||||
return new String(Base64.encodeBase64((consumerKey + ":" + consumerSecret).getBytes()));
|
||||
}
|
||||
|
||||
public String generateSignedJWTAssertion(String username) throws JWTClientException {
|
||||
try {
|
||||
String subject = username;
|
||||
long currentTimeMillis = System.currentTimeMillis();
|
||||
// add the skew between servers
|
||||
String iss = jwtConfig.getIssuer();
|
||||
if (iss == null || iss.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
currentTimeMillis += jwtConfig.getSkew();
|
||||
long iat = currentTimeMillis + jwtConfig.getIssuedInternal() * 60 * 1000;
|
||||
long exp = currentTimeMillis + jwtConfig.getExpirationTime() * 60 * 1000;
|
||||
long nbf = currentTimeMillis + jwtConfig.getValidityPeriodFromCurrentTime() * 60 * 1000;
|
||||
String jti = jwtConfig.getJti();
|
||||
if (jti == null) {
|
||||
String defaultTokenId = currentTimeMillis + "" + new Random().nextInt();
|
||||
jti = defaultTokenId;
|
||||
}
|
||||
List<String> aud = jwtConfig.getAudiences();
|
||||
//set up the basic claims
|
||||
JWTClaimsSet claimsSet = new JWTClaimsSet();
|
||||
claimsSet.setIssueTime(new Date(iat));
|
||||
claimsSet.setExpirationTime(new Date(exp));
|
||||
claimsSet.setIssuer(iss);
|
||||
claimsSet.setSubject(username);
|
||||
claimsSet.setNotBeforeTime(new Date(nbf));
|
||||
claimsSet.setJWTID(jti);
|
||||
claimsSet.setAudience(aud);
|
||||
|
||||
// get Keystore params
|
||||
String keyStorePath = jwtConfig.getKeyStorePath();
|
||||
String privateKeyAlias = jwtConfig.getPrivateKeyAlias();
|
||||
String privateKeyPassword = jwtConfig.getPrivateKeyPassword();
|
||||
KeyStore keyStore;
|
||||
RSAPrivateKey rsaPrivateKey;
|
||||
if (keyStorePath != null && !keyStorePath.isEmpty()) {
|
||||
String keyStorePassword = jwtConfig.getKeyStorePassword();
|
||||
keyStore = loadKeyStore(new File(keyStorePath), keyStorePassword, "JKS");
|
||||
rsaPrivateKey = (RSAPrivateKey) keyStore.getKey(privateKeyAlias, privateKeyPassword.toCharArray());
|
||||
} else {
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
|
||||
KeyStoreManager tenantKeyStoreManager = KeyStoreManager.getInstance(tenantId);
|
||||
rsaPrivateKey = (RSAPrivateKey) tenantKeyStoreManager.getDefaultPrivateKey();
|
||||
}
|
||||
JWSSigner signer = new RSASSASigner(rsaPrivateKey);
|
||||
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), claimsSet);
|
||||
signedJWT.sign(signer);
|
||||
String assertion = signedJWT.serialize();
|
||||
return assertion;
|
||||
} catch (KeyStoreException e) {
|
||||
throw new JWTClientException("Failed loading the keystore.", e);
|
||||
} catch (IOException e) {
|
||||
throw new JWTClientException("Failed parsing the keystore file.", e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new JWTClientException("No such algorithm found RS256.", e);
|
||||
} catch (CertificateException e) {
|
||||
throw new JWTClientException("Failed loading the certificate from the keystore.", e);
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
throw new JWTClientException("Failed loading the keys from the keystore.", e);
|
||||
} catch (JOSEException e) {
|
||||
throw new JWTClientException(e);
|
||||
} catch (Exception e) {
|
||||
//This is thrown when loading default private key.
|
||||
throw new JWTClientException("Failed loading the private key.", e);
|
||||
}
|
||||
}
|
||||
|
||||
private KeyStore loadKeyStore(final File keystoreFile, final String password, final String keyStoreType)
|
||||
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
|
||||
if (null == keystoreFile) {
|
||||
throw new IllegalArgumentException("Keystore url may not be null");
|
||||
}
|
||||
URI keystoreUri = keystoreFile.toURI();
|
||||
URL keystoreUrl = keystoreUri.toURL();
|
||||
KeyStore keystore = KeyStore.getInstance(keyStoreType);
|
||||
InputStream is = null;
|
||||
try {
|
||||
is = keystoreUrl.openStream();
|
||||
keystore.load(is, null == password ? null : password.toCharArray());
|
||||
} finally {
|
||||
if (null != is) {
|
||||
is.close();
|
||||
}
|
||||
}
|
||||
return keystore;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -21,8 +21,15 @@ package org.wso2.carbon.identity.jwt.client.extension.constant;
|
||||
* This holds the constants related JWT client component.
|
||||
*/
|
||||
public class JWTConstants {
|
||||
public static final String OAUTH_ACCESS_TOKEN = "access_token";
|
||||
public static final String OAUTH_REFRESH_TOKEN = "refresh_token";
|
||||
public static final String OAUTH_EXPIRES_IN = "expires_in";
|
||||
public static final String OAUTH_TOKEN_TYPE = "token_type";
|
||||
public static final String JWT_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer";
|
||||
public static final String GRANT_TYPE_PARAM_NAME = "grant_type";
|
||||
public static final String REFRESH_TOKEN_GRANT_TYPE = "refresh_token";
|
||||
public static final String REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME = "refresh_token";
|
||||
public static final String ACCESS_TOKEN_GRANT_TYPE_PARAM_NAME = "access_token";
|
||||
public static final String JWT_PARAM_NAME = "assertion";
|
||||
public static final String SCOPE_PARAM_NAME = "scope";
|
||||
public static final String DEFAULT_JWT_CLIENT = "default-jwt-client";
|
||||
}
|
||||
|
||||
|
||||
@ -23,40 +23,40 @@ package org.wso2.carbon.identity.jwt.client.extension.dto;
|
||||
*/
|
||||
public class AccessTokenInfo {
|
||||
|
||||
private String token_type;
|
||||
private long expires_in;
|
||||
private String refresh_token;
|
||||
private String access_token;
|
||||
private String tokenType;
|
||||
private long expiresIn;
|
||||
private String refreshToken;
|
||||
private String accessToken;
|
||||
|
||||
public String getToken_type() {
|
||||
return token_type;
|
||||
public String getTokenType() {
|
||||
return tokenType;
|
||||
}
|
||||
|
||||
public void setToken_type(String token_type) {
|
||||
this.token_type = token_type;
|
||||
public void setTokenType(String tokenType) {
|
||||
this.tokenType = tokenType;
|
||||
}
|
||||
|
||||
public long getExpires_in() {
|
||||
return expires_in;
|
||||
public long getExpiresIn() {
|
||||
return expiresIn;
|
||||
}
|
||||
|
||||
public void setExpires_in(long expres_in) {
|
||||
this.expires_in = expres_in;
|
||||
public void setExpiresIn(long expiresIn) {
|
||||
this.expiresIn = expiresIn;
|
||||
}
|
||||
|
||||
public String getRefresh_token() {
|
||||
return refresh_token;
|
||||
public String getRefreshToken() {
|
||||
return refreshToken;
|
||||
}
|
||||
|
||||
public void setRefresh_token(String refresh_token) {
|
||||
this.refresh_token = refresh_token;
|
||||
public void setRefreshToken(String refreshToken) {
|
||||
this.refreshToken = refreshToken;
|
||||
}
|
||||
|
||||
public String getAccess_token() {
|
||||
return access_token;
|
||||
public String getAccessToken() {
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
public void setAccess_token(String access_token) {
|
||||
this.access_token = access_token;
|
||||
public void setAccessToken(String accessToken) {
|
||||
this.accessToken = accessToken;
|
||||
}
|
||||
}
|
||||
|
||||
@ -20,7 +20,11 @@ package org.wso2.carbon.identity.jwt.client.extension.internal;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.osgi.framework.BundleContext;
|
||||
import org.osgi.service.component.ComponentContext;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerServiceImpl;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.util.JWTClientUtil;
|
||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
import org.wso2.carbon.registry.core.service.RegistryService;
|
||||
@ -66,11 +70,16 @@ public class JWTClientExtensionServiceComponent {
|
||||
log.debug("Initializing jwt extension bundle");
|
||||
}
|
||||
try {
|
||||
JWTClientUtil.initialize();
|
||||
JWTClientManagerService jwtClientManagerService = new JWTClientManagerServiceImpl();
|
||||
JWTClientUtil.initialize(jwtClientManagerService);
|
||||
BundleContext bundleContext = componentContext.getBundleContext();
|
||||
bundleContext.registerService(JWTClientManagerService.class.getName(), jwtClientManagerService, null);
|
||||
} catch (RegistryException e) {
|
||||
log.error("Failed loading the jwt config from registry.", e);
|
||||
} catch (IOException e) {
|
||||
log.error("Failed loading the jwt config from the file system.", e);
|
||||
} catch (JWTClientConfigurationException e) {
|
||||
log.error("Failed to set default jwt configurations.", e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.identity.jwt.client.extension.service;
|
||||
|
||||
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* This is the JWTClientManagerServiceImpl Service that can be used to have JWT Client for tenant specific.
|
||||
*/
|
||||
public interface JWTClientManagerService {
|
||||
|
||||
/**
|
||||
* This return the jwt based token client to generate token for the tenant.
|
||||
* @return JWTClient that can be used to generate token.
|
||||
* @throws JWTClientException when the JWT Client creation fails
|
||||
*/
|
||||
JWTClient getJWTClient() throws JWTClientException;
|
||||
|
||||
/**
|
||||
* This will set the default JWT Client that will be used if there is any available for tenants.
|
||||
* @param properties required to configure jwt client.
|
||||
* @throws JWTClientConfigurationException throws when the configuration is invalid.
|
||||
*/
|
||||
void setDefaultJWTClient(Properties properties) throws JWTClientConfigurationException;
|
||||
}
|
||||
@ -16,12 +16,15 @@
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.identity.jwt.client.extension;
|
||||
package org.wso2.carbon.identity.jwt.client.extension.service;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.context.CarbonContext;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.constant.JWTConstants;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientAlreadyExistsException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException;
|
||||
@ -36,42 +39,44 @@ import java.util.Properties;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* This creates JWT Client for each tenant.
|
||||
* This creates JWT Client for each tenant and implements the JWTClientManagerService interface.
|
||||
*/
|
||||
public class JWTClientManager {
|
||||
public class JWTClientManagerServiceImpl implements JWTClientManagerService{
|
||||
|
||||
private static Map<String, JWTClient> jwtClientMap;
|
||||
private static JWTClientManager jwtClientCreator;
|
||||
private static final Log log = LogFactory.getLog(JWTClientManager.class);
|
||||
private static final Log log = LogFactory.getLog(JWTClientManagerServiceImpl.class);
|
||||
private static final String TENANT_JWT_CONFIG_LOCATION = "/jwt-config/jwt.properties";
|
||||
private static JWTClient defaultJWTClient;
|
||||
|
||||
public static JWTClientManager getInstance() {
|
||||
if (jwtClientCreator == null) {
|
||||
synchronized (JWTClientManager.class) {
|
||||
if (jwtClientCreator == null) {
|
||||
jwtClientCreator = new JWTClientManager();
|
||||
}
|
||||
}
|
||||
}
|
||||
return jwtClientCreator;
|
||||
}
|
||||
|
||||
private JWTClientManager() {
|
||||
public JWTClientManagerServiceImpl() {
|
||||
jwtClientMap = new ConcurrentHashMap<>();
|
||||
}
|
||||
|
||||
/**
|
||||
* this return the jwt based token client to generate token for the tenant.
|
||||
*/
|
||||
@Override
|
||||
public JWTClient getJWTClient() throws JWTClientException {
|
||||
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
|
||||
if (tenantId == -1) {
|
||||
throw new JWTClientException("Invalid tenant domain :" + tenantDomain);
|
||||
}
|
||||
//Get jwt client which has been registered for the tenant.
|
||||
JWTClient jwtClient = getJWTClient(tenantDomain);
|
||||
if (jwtClient == null) {
|
||||
//Create new jwt client for the tenant.
|
||||
//Create a new jwt client for the tenant.
|
||||
try {
|
||||
JWTConfig jwtConfig = new JWTConfig(getJWTConfig(tenantId));
|
||||
Properties properties = getJWTConfigProperties(tenantId);
|
||||
if (properties == null) {
|
||||
if (defaultJWTClient != null) {
|
||||
return defaultJWTClient;
|
||||
} else {
|
||||
throw new JWTClientException("JWT Configuration is not available for tenant " + tenantDomain);
|
||||
}
|
||||
}
|
||||
JWTConfig jwtConfig = new JWTConfig(properties);
|
||||
jwtClient = new JWTClient(jwtConfig);
|
||||
addJWTClient(tenantDomain, jwtClient);
|
||||
} catch (JWTClientAlreadyExistsException e) {
|
||||
@ -85,6 +90,31 @@ public class JWTClientManager {
|
||||
return jwtClient;
|
||||
}
|
||||
|
||||
/**
|
||||
* This will set the default JWT Client that will be used if there is any available for tenants.
|
||||
*/
|
||||
@Override
|
||||
public void setDefaultJWTClient(Properties properties) throws JWTClientConfigurationException {
|
||||
if (properties == null) {
|
||||
throw new JWTClientConfigurationException("Failed to load jwt configuration for super tenant.");
|
||||
}
|
||||
String defaultJWTClientMode = properties.getProperty(JWTConstants.DEFAULT_JWT_CLIENT);
|
||||
boolean isDefaultJwtClient = false;
|
||||
if (defaultJWTClientMode != null && !defaultJWTClientMode.isEmpty()) {
|
||||
isDefaultJwtClient = Boolean.parseBoolean(defaultJWTClientMode);
|
||||
}
|
||||
if (isDefaultJwtClient) {
|
||||
try {
|
||||
JWTConfig jwtConfig = new JWTConfig(properties);
|
||||
defaultJWTClient = new JWTClient(jwtConfig);
|
||||
addJWTClient(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, defaultJWTClient);
|
||||
} catch (JWTClientAlreadyExistsException e) {
|
||||
log.warn("Attempting to register a jwt client for the super tenant" +
|
||||
" when one already exists. Returning existing jwt client");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch the jwt client which has been registered under the tenant domain.
|
||||
*
|
||||
@ -106,23 +136,25 @@ public class JWTClientManager {
|
||||
* @throws JWTClientAlreadyExistsException - If a jwt client has already been registered under the tenantdomain
|
||||
*/
|
||||
private void addJWTClient(String tenantDomain, JWTClient jwtClient) throws JWTClientAlreadyExistsException {
|
||||
if (jwtClientMap.containsKey(tenantDomain)) {
|
||||
throw new JWTClientAlreadyExistsException("A jwt client has already been created for the tenant " + tenantDomain);
|
||||
synchronized (jwtClientMap) {
|
||||
if (jwtClientMap.containsKey(tenantDomain)) {
|
||||
throw new JWTClientAlreadyExistsException(
|
||||
"A jwt client has already been created for the tenant " + tenantDomain);
|
||||
}
|
||||
jwtClientMap.put(tenantDomain, jwtClient);
|
||||
}
|
||||
jwtClientMap.put(tenantDomain, jwtClient);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve JWT configs from registry.
|
||||
*/
|
||||
private Properties getJWTConfig(int tenantId) throws JWTClientConfigurationException {
|
||||
private Properties getJWTConfigProperties(int tenantId) throws JWTClientConfigurationException {
|
||||
try {
|
||||
Resource config = JWTClientUtil.getConfigRegistryResourceContent(tenantId, TENANT_JWT_CONFIG_LOCATION);
|
||||
Properties properties = new Properties();
|
||||
if(config != null) {
|
||||
Properties properties = null;
|
||||
if (config != null) {
|
||||
properties = new Properties();
|
||||
properties.load(config.getContentStream());
|
||||
} else {
|
||||
throw new JWTClientConfigurationException("Failed to load jwt configuration for tenant id : " + tenantId);
|
||||
}
|
||||
return properties;
|
||||
} catch (RegistryException e) {
|
||||
@ -17,7 +17,13 @@
|
||||
*/
|
||||
package org.wso2.carbon.identity.jwt.client.extension.util;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import com.nimbusds.jose.JOSEException;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.JWSHeader;
|
||||
import com.nimbusds.jose.JWSSigner;
|
||||
import com.nimbusds.jose.crypto.RSASSASigner;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
import com.nimbusds.jwt.SignedJWT;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.http.HttpResponse;
|
||||
@ -27,8 +33,12 @@ import org.apache.http.conn.ssl.SSLContextBuilder;
|
||||
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.core.util.KeyStoreManager;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.internal.JWTClientExtensionDataHolder;
|
||||
import org.wso2.carbon.registry.core.Registry;
|
||||
import org.wso2.carbon.registry.core.Resource;
|
||||
@ -36,13 +46,25 @@ import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
import org.wso2.carbon.registry.core.service.RegistryService;
|
||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||
import org.wso2.carbon.utils.CarbonUtils;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.InputStreamReader;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.UnrecoverableKeyException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.interfaces.RSAPrivateKey;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Properties;
|
||||
import java.util.Random;
|
||||
|
||||
/**
|
||||
* This is the utility class that is used for JWT Client.
|
||||
@ -55,8 +77,10 @@ public class JWTClientUtil {
|
||||
private static final String JWT_CONFIG_FILE_NAME = "jwt.properties";
|
||||
private static final String SUPERTENANT_JWT_CONFIG_LOCATION =
|
||||
CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + JWT_CONFIG_FILE_NAME;
|
||||
|
||||
/**
|
||||
* Return a http client instance
|
||||
*
|
||||
* @param protocol- service endpoint protocol http/https
|
||||
* @return
|
||||
*/
|
||||
@ -96,12 +120,14 @@ public class JWTClientUtil {
|
||||
}
|
||||
}
|
||||
|
||||
public static void initialize() throws RegistryException, IOException {
|
||||
Resource resource = getConfigRegistryResourceContent(MultitenantConstants.SUPER_TENANT_ID, TENANT_JWT_CONFIG_LOCATION);
|
||||
if (resource == null) {
|
||||
File configFile = new File(SUPERTENANT_JWT_CONFIG_LOCATION);
|
||||
String contents = FileUtils.readFileToString(configFile, "UTF-8");
|
||||
addJWTConfigResourceToRegistry(MultitenantConstants.SUPER_TENANT_ID, contents);
|
||||
public static void initialize(JWTClientManagerService jwtClientManagerService)
|
||||
throws RegistryException, IOException, JWTClientConfigurationException {
|
||||
File configFile = new File(SUPERTENANT_JWT_CONFIG_LOCATION);
|
||||
if (configFile.exists()) {
|
||||
InputStream propertyStream = configFile.toURI().toURL().openStream();
|
||||
Properties properties = new Properties();
|
||||
properties.load(propertyStream);
|
||||
jwtClientManagerService.setDefaultJWTClient(properties);
|
||||
}
|
||||
}
|
||||
|
||||
@ -136,7 +162,7 @@ public class JWTClientUtil {
|
||||
/**
|
||||
* Get the jwt details from the registry for tenants.
|
||||
*
|
||||
* @param tenantId for accesing tenant space.
|
||||
* @param tenantId for accesing tenant space.
|
||||
* @return the config for tenant
|
||||
* @throws RegistryException
|
||||
*/
|
||||
@ -161,8 +187,96 @@ public class JWTClientUtil {
|
||||
}
|
||||
|
||||
private static void loadTenantRegistry(int tenantId) throws RegistryException {
|
||||
TenantRegistryLoader tenantRegistryLoader = JWTClientExtensionDataHolder.getInstance().getTenantRegistryLoader();
|
||||
TenantRegistryLoader tenantRegistryLoader =
|
||||
JWTClientExtensionDataHolder.getInstance().getTenantRegistryLoader();
|
||||
JWTClientExtensionDataHolder.getInstance().getIndexLoaderService().loadTenantIndex(tenantId);
|
||||
tenantRegistryLoader.loadTenantRegistry(tenantId);
|
||||
}
|
||||
|
||||
public static String generateSignedJWTAssertion(String username, JWTConfig jwtConfig) throws JWTClientException {
|
||||
try {
|
||||
String subject = username;
|
||||
long currentTimeMillis = System.currentTimeMillis();
|
||||
// add the skew between servers
|
||||
String iss = jwtConfig.getIssuer();
|
||||
if (iss == null || iss.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
currentTimeMillis += jwtConfig.getSkew();
|
||||
long iat = currentTimeMillis + jwtConfig.getIssuedInternal() * 60 * 1000;
|
||||
long exp = currentTimeMillis + jwtConfig.getExpirationTime() * 60 * 1000;
|
||||
long nbf = currentTimeMillis + jwtConfig.getValidityPeriodFromCurrentTime() * 60 * 1000;
|
||||
String jti = jwtConfig.getJti();
|
||||
if (jti == null) {
|
||||
String defaultTokenId = currentTimeMillis + "" + new Random().nextInt();
|
||||
jti = defaultTokenId;
|
||||
}
|
||||
List<String> aud = jwtConfig.getAudiences();
|
||||
//set up the basic claims
|
||||
JWTClaimsSet claimsSet = new JWTClaimsSet();
|
||||
claimsSet.setIssueTime(new Date(iat));
|
||||
claimsSet.setExpirationTime(new Date(exp));
|
||||
claimsSet.setIssuer(iss);
|
||||
claimsSet.setSubject(username);
|
||||
claimsSet.setNotBeforeTime(new Date(nbf));
|
||||
claimsSet.setJWTID(jti);
|
||||
claimsSet.setAudience(aud);
|
||||
|
||||
// get Keystore params
|
||||
String keyStorePath = jwtConfig.getKeyStorePath();
|
||||
String privateKeyAlias = jwtConfig.getPrivateKeyAlias();
|
||||
String privateKeyPassword = jwtConfig.getPrivateKeyPassword();
|
||||
KeyStore keyStore;
|
||||
RSAPrivateKey rsaPrivateKey;
|
||||
if (keyStorePath != null && !keyStorePath.isEmpty()) {
|
||||
String keyStorePassword = jwtConfig.getKeyStorePassword();
|
||||
keyStore = loadKeyStore(new File(keyStorePath), keyStorePassword, "JKS");
|
||||
rsaPrivateKey = (RSAPrivateKey) keyStore.getKey(privateKeyAlias, privateKeyPassword.toCharArray());
|
||||
} else {
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
|
||||
KeyStoreManager tenantKeyStoreManager = KeyStoreManager.getInstance(tenantId);
|
||||
rsaPrivateKey = (RSAPrivateKey) tenantKeyStoreManager.getDefaultPrivateKey();
|
||||
}
|
||||
JWSSigner signer = new RSASSASigner(rsaPrivateKey);
|
||||
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), claimsSet);
|
||||
signedJWT.sign(signer);
|
||||
String assertion = signedJWT.serialize();
|
||||
return assertion;
|
||||
} catch (KeyStoreException e) {
|
||||
throw new JWTClientException("Failed loading the keystore.", e);
|
||||
} catch (IOException e) {
|
||||
throw new JWTClientException("Failed parsing the keystore file.", e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new JWTClientException("No such algorithm found RS256.", e);
|
||||
} catch (CertificateException e) {
|
||||
throw new JWTClientException("Failed loading the certificate from the keystore.", e);
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
throw new JWTClientException("Failed loading the keys from the keystore.", e);
|
||||
} catch (JOSEException e) {
|
||||
throw new JWTClientException(e);
|
||||
} catch (Exception e) {
|
||||
//This is thrown when loading default private key.
|
||||
throw new JWTClientException("Failed loading the private key.", e);
|
||||
}
|
||||
}
|
||||
|
||||
private static KeyStore loadKeyStore(final File keystoreFile, final String password, final String keyStoreType)
|
||||
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
|
||||
if (null == keystoreFile) {
|
||||
throw new IllegalArgumentException("Keystore url may not be null");
|
||||
}
|
||||
URI keystoreUri = keystoreFile.toURI();
|
||||
URL keystoreUrl = keystoreUri.toURL();
|
||||
KeyStore keystore = KeyStore.getInstance(keyStoreType);
|
||||
InputStream is = null;
|
||||
try {
|
||||
is = keystoreUrl.openStream();
|
||||
keystore.load(is, null == password ? null : password.toCharArray());
|
||||
} finally {
|
||||
if (null != is) {
|
||||
is.close();
|
||||
}
|
||||
}
|
||||
return keystore;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,44 +0,0 @@
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<IdentityProvider>
|
||||
<IdentityProviderName>CDMF_DEFAULT_IDP</IdentityProviderName>
|
||||
<DisplayName>CDMF_DEFAULT_IDP</DisplayName>
|
||||
<IdentityProviderDescription></IdentityProviderDescription>
|
||||
<Alias>https://localhost:9443/oauth2/token</Alias>
|
||||
<IsPrimary>true</IsPrimary>
|
||||
<IsFederationHub></IsFederationHub>
|
||||
<HomeRealmId></HomeRealmId>
|
||||
<ProvisioningRole></ProvisioningRole>
|
||||
<FederatedAuthenticatorConfigs></FederatedAuthenticatorConfigs>
|
||||
<DefaultAuthenticatorConfig>
|
||||
</DefaultAuthenticatorConfig>
|
||||
<ProvisioningConnectorConfigs>
|
||||
<!--<ProvisioningConnectorConfig>
|
||||
<ProvisioningProperties>
|
||||
</ProvisioningProperties>
|
||||
</ProvisioningConnectorConfig>-->
|
||||
</ProvisioningConnectorConfigs>
|
||||
<!--<DefaultProvisioningConnectorConfig></DefaultProvisioningConnectorConfig>-->
|
||||
<ClaimConfig></ClaimConfig>
|
||||
<Certificate>
|
||||
MIIFkzCCA3sCBAKkVfcwDQYJKoZIhvcNAQEFBQAwgY0xCzAJBgNVBAYTAlNMMRAwDgYDVQQIEwdXZXN0ZXJuMRAwDgYDVQQHEwdDb2xvbWJvMQ0wCwYDVQQKEwRXU08yMRQwEgYDVQQLEwtFbmdpbmVlcmluZzESMBAGA1UEAxMJbG9jYWxob3N0MSEwHwYJKoZIhvcNAQkBFhJpb3RzZXJ2ZXJAd3NvMi5jb20wHhcNMTUxMjE3MTMxMTA0WhcNMTcxMjE2MTMxMTA0WjCBjTELMAkGA1UEBhMCU0wxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDTALBgNVBAoTBFdTTzIxFDASBgNVBAsTC0VuZ2luZWVyaW5nMRIwEAYDVQQDEwlsb2NhbGhvc3QxITAfBgkqhkiG9w0BCQEWEmlvdHNlcnZlckB3c28yLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALkiGVQ9tZOKIi/gD/toV+enq+neqOBGYQ8Fq/ABOWnK2QpGWm81+Rets5GbQ6W//D8C5TOBGqK7z+LAgdmILr1XLkvrXWoan0GPdDJ1wpc2/6XDZvM5f7Y8cmRqVPJv7AF+ImgF9dqv97gYCiujy+nNHd5Nk/60pco2LBV5SyLqqrzKXEnSGrS4zoYWpPeJ9YrXPEkW7A6AxTQK0yU9Ej4TktgafbTueythrLomKiZJj4wPxm2lA2lAZscDdws9NWrI5z/LUVLbUMxrY10Nig1liX5b1mrUk5bb1d2tqwkPrpRILKoOBJtI674SQS3GziiUiCJGIO/EGGRn1AJsC/SvnnEez3WKY/DgJ6102MWK/yWtY8NYHUX2anwMBS7UpT5A4BXdsfBz3R+iPF99FxdAGGsS4GQuuPocZaycLqoPCxpTSSxBsKMUcKpn3yaiQRd6uDuiTNt7odDOQj0Tno7uokh/HILgbzvj9EExDOsdwLVvqYmUHBPeLmiICWXfi4kyH/twPOZtV9eVnfWYx5Kwg+2Y4fIb3q4ABr0hzxaMYHQo6NOukSH1BcdAWiQIXbSFFaTZD8p6OfiZpHcQ59HT/Z8GBlCFL2xkYJFmOhXI/Cu+xrcwqEIInv7d8w3eiNQ7MneomEptLbBk9+kMsP0ubo34oOGHR9qk3Lj580c/AgMBAAEwDQYJKoZIhvcNAQEFBQADggIBADw70g2/wrgzrAM8OXBlthGbCEaXZpKwq9IJN0qu+/l+PNwF7csQhj+qW+zMrWaH1DGWJroaei1+NFFrj/pvp61rF/ZeTPGVJd7puCq++SevqIrzKyAEBtwtpXmcFhBpV/FrQAv3ODOJ3bN2wSRPZHUvARTBB3RaUI06g1jCaBzjDEGoMfSxdr5/Ty2WxTI9u9RlIs3Q52AiOmROtLPiEQZQIqfNO3cxCEWojHxPqVEZA/kQYy+rryj4H0zzSrj7QFlQhsMDw5j8bv9AcvTEGmwp29avsgnceDWinI6lwtd8zqh0ZW9QJdH0BRNCM/EkTlTUHeEg04/sOgOrlWcvEfVxDqNEtbUzU9UFxl0lkQkuRn1UdxZlvhWaFnel5iRC9b7OZvi2mkVujLyxEWlJB1tuyMLQxu6PfabBVODP5V8/+uyiiK/gwrB5rYl8RHxGoznJnI1Y3HVzKlA849CrMBaY5vnhE03cNja7QroPzLmmuXBLk2LbI1lu5nJAqKpBUPMI/IU3pF4Q7VTD2ZANI+ktGgGlM8AK4OJHWOhj8W289pWTHVjG8syPLTsaYkhgLjzZl/g9cUwn/96NJNvzd3dkT+7VgE+BJOLofq25CjZcN1M7MhWdl3vbWNj9vzL0+FCnwca8UecfvFS39PIekIvqbtP+Gw8NiYOUGIllZ0JH
|
||||
</Certificate>
|
||||
<PermissionAndRoleConfig></PermissionAndRoleConfig>
|
||||
<JustInTimeProvisioningConfig></JustInTimeProvisioningConfig>
|
||||
</IdentityProvider>
|
||||
@ -41,7 +41,7 @@ skew=0
|
||||
#jti=token123
|
||||
|
||||
#KeyStore to cryptographic credentials
|
||||
#KeyStore=src/main/resources/wso2carbon.jks
|
||||
#KeyStore=repository/resources/security/wso2carbon.jks
|
||||
|
||||
#Password of the KeyStore
|
||||
#KeyStorePassword=wso2carbon
|
||||
@ -52,3 +52,6 @@ skew=0
|
||||
#Private key password to retrieve the private key used to sign
|
||||
#AuthnRequest and LogoutRequest messages
|
||||
#PrivateKeyPassword=wso2carbon
|
||||
|
||||
#this will be used as the default IDP config if there isn't any config available for tenants.
|
||||
default-jwt-client=true
|
||||
|
||||
@ -1,3 +1,2 @@
|
||||
instructions.configure = \
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.identity.jwt.client.extension_${feature.version}/jwt.properties,target:${installFolder}/../../conf/etc/jwt.properties,overwrite:true);\
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.identity.jwt.client.extension_${feature.version}/CDMF_DEFAULT_IDP.xml,target:${installFolder}/../../conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml,overwrite:true);\
|
||||
|
||||
11
pom.xml
11
pom.xml
@ -1385,13 +1385,6 @@
|
||||
<version>${carbon.analytics.common.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Carbon Analytics -->
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.analytics</groupId>
|
||||
<artifactId>org.wso2.carbon.analytics.api</artifactId>
|
||||
<version>${carbon.analytics.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Carbon Registry -->
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.registry</groupId>
|
||||
@ -1744,10 +1737,6 @@
|
||||
<carbon.analytics.common.version>5.0.11</carbon.analytics.common.version>
|
||||
<carbon.analytics.common.version.range>[5.0.11,6.0.0)</carbon.analytics.common.version.range>
|
||||
|
||||
<!-- Carbon Analytics -->
|
||||
<carbon.analytics.version>1.0.5</carbon.analytics.version>
|
||||
<carbon.analytics.version.range>[1.0.5,2.0.0]</carbon.analytics.version.range>
|
||||
|
||||
<!-- Carbon Registry -->
|
||||
<carbon.registry.version>4.4.8</carbon.registry.version>
|
||||
<carbon.registry.imp.pkg.version.range>[4.4.8, 5.0.0)</carbon.registry.imp.pkg.version.range>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user