mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
Fix JWT token generation.
This commit is contained in:
Lasantha Dharmakeerthi
commit
b0d5fc29d5
@ -649,9 +649,14 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
|
||||
io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.AccessTokenInfo accessTokenInfo;
|
||||
try {
|
||||
if (username == null || password == null) {
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
|
||||
"ClientForConsumerRestCalls",
|
||||
"client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer");
|
||||
} else {
|
||||
apiApplicationKey = apiApplicationServices.generateAndRetrieveApplicationKeys(username, password);
|
||||
apiApplicationKey = apiApplicationServices.generateAndRetrieveApplicationKeys(
|
||||
"ClientForConsumerRestCalls",
|
||||
username, password,
|
||||
"client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer");
|
||||
}
|
||||
accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
|
||||
apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
|
||||
|
||||
@ -24,9 +24,10 @@ import io.entgra.device.mgt.core.apimgt.extension.rest.api.exceptions.APIService
|
||||
|
||||
public interface APIApplicationServices {
|
||||
|
||||
APIApplicationKey createAndRetrieveApplicationCredentials() throws APIServicesException;
|
||||
APIApplicationKey createAndRetrieveApplicationCredentials(String clientName, String grantType)
|
||||
throws APIServicesException;
|
||||
|
||||
APIApplicationKey generateAndRetrieveApplicationKeys(String username, String password)
|
||||
APIApplicationKey generateAndRetrieveApplicationKeys(String clientName, String username, String password, String grantType)
|
||||
throws APIServicesException;
|
||||
|
||||
AccessTokenInfo generateAccessTokenFromRegisteredApplication(String clientId, String clientSecret) throws APIServicesException;
|
||||
|
||||
@ -44,7 +44,7 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
|
||||
getAPIManagerConfigurationService().getAPIManagerConfiguration();
|
||||
|
||||
@Override
|
||||
public APIApplicationKey createAndRetrieveApplicationCredentials()
|
||||
public APIApplicationKey createAndRetrieveApplicationCredentials(String clientName, String grantType)
|
||||
throws APIServicesException {
|
||||
|
||||
String applicationEndpoint = config.getFirstProperty(Constants.DCR_END_POINT);
|
||||
@ -53,8 +53,8 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
|
||||
|
||||
JSONObject jsonObject = new JSONObject();
|
||||
jsonObject.put("callbackUrl", Constants.EMPTY_STRING);
|
||||
jsonObject.put("clientName", Constants.CLIENT_NAME);
|
||||
jsonObject.put("grantType", Constants.GRANT_TYPE);
|
||||
jsonObject.put("clientName", clientName);
|
||||
jsonObject.put("grantType", grantType);
|
||||
jsonObject.put("owner", serverUser);
|
||||
jsonObject.put("saasApp", true);
|
||||
|
||||
@ -75,15 +75,15 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
|
||||
}
|
||||
|
||||
@Override
|
||||
public APIApplicationKey generateAndRetrieveApplicationKeys(String username, String password)
|
||||
public APIApplicationKey generateAndRetrieveApplicationKeys(String clientName, String username, String password, String grantType)
|
||||
throws APIServicesException {
|
||||
|
||||
String applicationEndpoint = config.getFirstProperty(Constants.DCR_END_POINT);
|
||||
|
||||
JSONObject jsonObject = new JSONObject();
|
||||
jsonObject.put("callbackUrl", Constants.EMPTY_STRING);
|
||||
jsonObject.put("clientName", username);
|
||||
jsonObject.put("grantType", Constants.GRANT_TYPE);
|
||||
jsonObject.put("clientName", clientName);
|
||||
jsonObject.put("grantType", grantType);
|
||||
jsonObject.put("owner", username);
|
||||
jsonObject.put("saasApp", true);
|
||||
|
||||
|
||||
@ -27,10 +27,8 @@ public final class Constants {
|
||||
public static final String AMPERSAND = "&";
|
||||
public static final String SLASH = "/";
|
||||
public static final String EQUAL = "=";
|
||||
public static final String CLIENT_NAME = "rest_api_publisher_code";
|
||||
public static final String SERVER_USER = "WorkflowConfigurations.ServerUser";
|
||||
public static final String SERVER_PASSWORD = "WorkflowConfigurations.ServerPassword";
|
||||
public static final String GRANT_TYPE = "client_credentials password refresh_token";
|
||||
public static final String REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME = "refresh_token";
|
||||
public static final String OAUTH_EXPIRES_IN = "expires_in";
|
||||
public static final String OAUTH_TOKEN_SCOPE = "scope";
|
||||
|
||||
@ -344,7 +344,7 @@ public class KeyMgtServiceImpl implements KeyMgtService {
|
||||
Response response = client.newCall(request).execute();
|
||||
return gson.fromJson(response.body().string(), OAuthApplication.class);
|
||||
} catch (IOException e) {
|
||||
msg = "Error occurred while processing the response";
|
||||
msg = "Error occurred while processing the response" + e;
|
||||
throw new KeyMgtException(msg);
|
||||
}
|
||||
}
|
||||
|
||||
@ -90,7 +90,10 @@ public class APIPublisherServiceImpl implements APIPublisherService {
|
||||
APIApplicationKey apiApplicationKey;
|
||||
AccessTokenInfo accessTokenInfo;
|
||||
try {
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
|
||||
"ClientForPublisherRestCalls",
|
||||
"client_credentials password refresh_token"
|
||||
);
|
||||
accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
|
||||
apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
|
||||
} catch (APIServicesException e) {
|
||||
@ -403,7 +406,10 @@ public class APIPublisherServiceImpl implements APIPublisherService {
|
||||
APIApplicationKey apiApplicationKey;
|
||||
AccessTokenInfo accessTokenInfo;
|
||||
try {
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
|
||||
apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
|
||||
"ClientForPublisherRestCalls",
|
||||
"client_credentials password refresh_token"
|
||||
);
|
||||
accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
|
||||
apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
|
||||
} catch (APIServicesException e) {
|
||||
|
||||
@ -23,6 +23,11 @@ import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProvi
|
||||
import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderServiceImpl;
|
||||
import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey;
|
||||
import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException;
|
||||
import io.entgra.device.mgt.core.apimgt.application.extension.internal.APIApplicationManagerExtensionDataHolder;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServicesImpl;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.APIApplicationKey;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.exceptions.APIServicesException;
|
||||
import io.entgra.device.mgt.core.apimgt.keymgt.extension.DCRResponse;
|
||||
import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenRequest;
|
||||
import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenResponse;
|
||||
@ -804,11 +809,11 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
|
||||
//todo - lasantha - can't get password from here
|
||||
ApiApplicationKey apiApplicationKey;
|
||||
try {
|
||||
DCRResponse adminDCRResponse = keyMgtService.dynamicClientRegistration(applicationName,
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm()
|
||||
.getRealmConfiguration().getAdminUserName(),
|
||||
"client_credentials", null, new String[] {"device_management"}, false, validityTime, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm()
|
||||
.getRealmConfiguration().getAdminPassword());
|
||||
APIApplicationServices apiApplicationServices = DeviceMgtAPIUtils.getApiApplicationServices();
|
||||
APIApplicationKey adminDCRResponse = apiApplicationServices.createAndRetrieveApplicationCredentials(
|
||||
"ClientForJWTTokenGeneration",
|
||||
"client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer"
|
||||
);
|
||||
|
||||
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
|
||||
JWTClientManagerService jwtClientManagerService = (JWTClientManagerService) ctx.
|
||||
@ -816,11 +821,14 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
|
||||
JWTClient jwtClient = jwtClientManagerService.getJWTClient();
|
||||
AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(adminDCRResponse.getClientId(),
|
||||
adminDCRResponse.getClientSecret(),
|
||||
username, "appm:subscribe");
|
||||
username, "appm:subscribe apim:admin apim:api_key apim:app_import_export apim:app_manage" +
|
||||
" apim:store_settings apim:sub_alert_manage apim:sub_manage apim:subscribe openid perm:device:enroll " +
|
||||
"perm:devices:details perm:devices:features perm:devices:search perm:devices:view perm:groups:groups " +
|
||||
"perm:users:send-invitation");
|
||||
|
||||
APIManagementProviderService apiManagementProviderService = DeviceMgtAPIUtils.getAPIManagementService();
|
||||
apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(applicationName,
|
||||
new String[] {"device_management"}, null, false, String.valueOf(validityTime),
|
||||
new String[] {"device_management"}, "PRODUCTION", false, String.valueOf(validityTime),
|
||||
accessTokenInfo.getAccessToken());
|
||||
|
||||
} catch (JWTClientException e) {
|
||||
@ -828,8 +836,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
|
||||
log.error(msg, e);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Error while getting user credentials.";
|
||||
} catch (APIServicesException e) {
|
||||
String msg = "Error while generating api Application";
|
||||
log.error(msg, e);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
||||
|
||||
@ -19,6 +19,7 @@
|
||||
package io.entgra.device.mgt.core.device.mgt.api.jaxrs.util;
|
||||
|
||||
import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderService;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices;
|
||||
import io.entgra.device.mgt.core.apimgt.extension.rest.api.ConsumerRESTAPIServices;
|
||||
import io.entgra.device.mgt.core.application.mgt.common.services.ApplicationManager;
|
||||
import io.entgra.device.mgt.core.application.mgt.common.services.SubscriptionManager;
|
||||
@ -156,6 +157,7 @@ public class DeviceMgtAPIUtils {
|
||||
|
||||
private static volatile SubscriptionManager subscriptionManager;
|
||||
private static volatile ApplicationManager applicationManager;
|
||||
private static volatile APIApplicationServices apiApplicationServices;
|
||||
private static volatile ConsumerRESTAPIServices consumerRESTAPIServices;
|
||||
private static volatile APIManagementProviderService apiManagementProviderService;
|
||||
|
||||
@ -410,6 +412,25 @@ public class DeviceMgtAPIUtils {
|
||||
return consumerRESTAPIServices;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializing and accessing method for APIM API application REST API.
|
||||
*
|
||||
* @return APIApplicationServices instance
|
||||
* @throws IllegalStateException if APIApplicationServices cannot be initialized
|
||||
*/
|
||||
public static synchronized APIApplicationServices getApiApplicationServices() {
|
||||
if (apiApplicationServices == null) {
|
||||
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
|
||||
apiApplicationServices = (APIApplicationServices) ctx.getOSGiService(APIApplicationServices.class, null);
|
||||
if (apiApplicationServices == null) {
|
||||
String msg = "API application service has not initialized.";
|
||||
log.error(msg);
|
||||
throw new IllegalStateException(msg);
|
||||
}
|
||||
}
|
||||
return apiApplicationServices;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializing and accessing method for API management Provider Service.
|
||||
*
|
||||
|
||||
@ -138,7 +138,9 @@ public class JWTClient {
|
||||
if (jwtConfig == null) {
|
||||
return null;
|
||||
}
|
||||
URL tokenEndpoint = new URL(jwtConfig.getTokenEndpoint());
|
||||
// todo:
|
||||
// URL tokenEndpoint = new URL(jwtConfig.getTokenEndpoint());
|
||||
URL tokenEndpoint = new URL("https://localhost:9443/oauth2/token");
|
||||
HttpClient httpClient = JWTClientUtil.getHttpClient(tokenEndpoint.getProtocol());
|
||||
HttpPost postMethod = new HttpPost(tokenEndpoint.toString());
|
||||
postMethod.setEntity(new UrlEncodedFormEntity(nameValuePairs));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user