mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
Few changes added after testing with the cluster
This commit is contained in:
ayyoob
parent
ebebca8573
commit
ba6e202442
@ -34,7 +34,6 @@ import org.wso2.carbon.user.api.UserStoreException;
|
|||||||
import javax.ws.rs.DELETE;
|
import javax.ws.rs.DELETE;
|
||||||
import javax.ws.rs.POST;
|
import javax.ws.rs.POST;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.PathParam;
|
|
||||||
import javax.ws.rs.QueryParam;
|
import javax.ws.rs.QueryParam;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
@ -97,7 +96,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
|
|||||||
apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication(
|
apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication(
|
||||||
jsonStringObject.toJSONString(), registrationProfile.getApplicationName(),
|
jsonStringObject.toJSONString(), registrationProfile.getApplicationName(),
|
||||||
registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(),
|
registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(),
|
||||||
ApiApplicationConstants.DEFAULT_TOKEN_TYPE);
|
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, registrationProfile.getTags());
|
||||||
return Response.status(Response.Status.ACCEPTED).entity("true").build();
|
return Response.status(Response.Status.ACCEPTED).entity("true").build();
|
||||||
} else {
|
} else {
|
||||||
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
||||||
|
|||||||
@ -59,8 +59,8 @@ public interface APIManagementProviderService {
|
|||||||
* Register existing Oauth application as apim application.
|
* Register existing Oauth application as apim application.
|
||||||
*/
|
*/
|
||||||
void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, String clientId,
|
void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, String clientId,
|
||||||
String username, boolean isAllowedAllDomains, String keyType)
|
String username, boolean isAllowedAllDomains, String keyType,
|
||||||
throws APIManagerException;
|
String tags[]) throws APIManagerException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Remove APIM Application.
|
* Remove APIM Application.
|
||||||
|
|||||||
@ -35,7 +35,6 @@ import org.wso2.carbon.apimgt.application.extension.exception.APIManagerExceptio
|
|||||||
import org.wso2.carbon.apimgt.application.extension.util.APIManagerUtil;
|
import org.wso2.carbon.apimgt.application.extension.util.APIManagerUtil;
|
||||||
import org.wso2.carbon.apimgt.impl.APIConstants;
|
import org.wso2.carbon.apimgt.impl.APIConstants;
|
||||||
import org.wso2.carbon.apimgt.impl.APIManagerFactory;
|
import org.wso2.carbon.apimgt.impl.APIManagerFactory;
|
||||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
|
||||||
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
|
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
|
||||||
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
||||||
|
|
||||||
@ -120,8 +119,8 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
|
|||||||
@Override
|
@Override
|
||||||
public void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName,
|
public void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName,
|
||||||
String clientId, String username,
|
String clientId, String username,
|
||||||
boolean isAllowedAllDomains, String keyType)
|
boolean isAllowedAllDomains, String keyType,
|
||||||
throws APIManagerException {
|
String tags[]) throws APIManagerException {
|
||||||
try {
|
try {
|
||||||
APIManagerUtil.loadTenantRegistry();
|
APIManagerUtil.loadTenantRegistry();
|
||||||
APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username);
|
APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username);
|
||||||
@ -156,6 +155,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
|
|||||||
}
|
}
|
||||||
if (retrievedApiApplicationKey != null) {
|
if (retrievedApiApplicationKey != null) {
|
||||||
if (retrievedApiApplicationKey.getConsumerKey().equals(clientId)) {
|
if (retrievedApiApplicationKey.getConsumerKey().equals(clientId)) {
|
||||||
|
if (tags != null && tags.length > 0) {
|
||||||
|
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
throw new APIManagerException("Api application already mapped to another OAuth App");
|
throw new APIManagerException("Api application already mapped to another OAuth App");
|
||||||
@ -170,6 +172,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
|
|||||||
}
|
}
|
||||||
apiConsumer.mapExistingOAuthClient(jsonString, username, clientId, applicationName,
|
apiConsumer.mapExistingOAuthClient(jsonString, username, clientId, applicationName,
|
||||||
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, allowedDomains);
|
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, allowedDomains);
|
||||||
|
if (tags != null && tags.length > 0) {
|
||||||
|
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} catch (APIManagementException e) {
|
} catch (APIManagementException e) {
|
||||||
throw new APIManagerException(
|
throw new APIManagerException(
|
||||||
|
|||||||
@ -42,10 +42,6 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
|
|||||||
private static final String PARAM_MANAGED_API_ENABLED = "managed-api-enabled";
|
private static final String PARAM_MANAGED_API_ENABLED = "managed-api-enabled";
|
||||||
|
|
||||||
private static final Log log = LogFactory.getLog(FeatureManagementLifecycleListener.class);
|
private static final Log log = LogFactory.getLog(FeatureManagementLifecycleListener.class);
|
||||||
private static final String UNLIMITED = "Unlimited";
|
|
||||||
public static final String PROPERTY_PROFILE = "profile";
|
|
||||||
public static final String PROFILE_DT_WORKER = "dtWorker";
|
|
||||||
public static final String PROFILE_DEFAULT = "default";
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
|
public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
|
||||||
@ -54,11 +50,7 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
|
|||||||
ServletContext servletContext = context.getServletContext();
|
ServletContext servletContext = context.getServletContext();
|
||||||
String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED);
|
String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED);
|
||||||
boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param);
|
boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param);
|
||||||
|
if (isManagedApi) {
|
||||||
String profile = System.getProperty(PROPERTY_PROFILE);
|
|
||||||
|
|
||||||
if ((profile.equalsIgnoreCase(PROFILE_DT_WORKER) ||
|
|
||||||
profile.equalsIgnoreCase(PROFILE_DEFAULT)) && isManagedApi) {
|
|
||||||
try {
|
try {
|
||||||
AnnotationProcessor annotationProcessor = new AnnotationProcessor(context);
|
AnnotationProcessor annotationProcessor = new AnnotationProcessor(context);
|
||||||
Set<String> annotatedAPIClasses = annotationProcessor.scanStandardContext(DeviceType.class.getName());
|
Set<String> annotatedAPIClasses = annotationProcessor.scanStandardContext(DeviceType.class.getName());
|
||||||
|
|||||||
@ -11,7 +11,7 @@
|
|||||||
"enrollmentDir": "/emm-web-agent/enrollment",
|
"enrollmentDir": "/emm-web-agent/enrollment",
|
||||||
"iOSConfigRoot" : "%https.ip%/ios-enrollment/",
|
"iOSConfigRoot" : "%https.ip%/ios-enrollment/",
|
||||||
"iOSAPIRoot" : "%https.ip%/ios/",
|
"iOSAPIRoot" : "%https.ip%/ios/",
|
||||||
"dynamicClientRegistrationEndPoint" : "%https.ip%/dynamic-client-web/register/",
|
"dynamicClientRegistrationEndPoint" : "https://localhost:8243/dynamic-client-web/register/",
|
||||||
"adminService":"%https.ip%",
|
"adminService":"%https.ip%",
|
||||||
"idPServer":"https://localhost:8243",
|
"idPServer":"https://localhost:8243",
|
||||||
"callBackUrl":"%https.ip%/devicemgt_admin",
|
"callBackUrl":"%https.ip%/devicemgt_admin",
|
||||||
|
|||||||
@ -306,7 +306,7 @@ var backendServiceInvoker = function () {
|
|||||||
* @param errorCallback a function to be called if en error is reserved.
|
* @param errorCallback a function to be called if en error is reserved.
|
||||||
*/
|
*/
|
||||||
publicHTTPClientInvokers.get = function (url, successCallback, errorCallback, contentType, acceptType) {
|
publicHTTPClientInvokers.get = function (url, successCallback, errorCallback, contentType, acceptType) {
|
||||||
return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, contentType, acceptType);
|
return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, null, contentType, acceptType);
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -48,10 +48,6 @@ utility = function () {
|
|||||||
PrivilegedCarbonContext.endTenantFlow();
|
PrivilegedCarbonContext.endTenantFlow();
|
||||||
};
|
};
|
||||||
|
|
||||||
publicMethods.getConfigurationService = function () {
|
|
||||||
return getOsgiService('org.wso2.carbon.device.mgt.iot.service.ConfigurationService');
|
|
||||||
};
|
|
||||||
|
|
||||||
publicMethods.getDeviceManagementService = function () {
|
publicMethods.getDeviceManagementService = function () {
|
||||||
return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService');
|
return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService');
|
||||||
};
|
};
|
||||||
|
|||||||
@ -27,16 +27,20 @@ import org.apache.catalina.connector.Response;
|
|||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.wso2.carbon.base.MultitenantConstants;
|
import org.wso2.carbon.base.MultitenantConstants;
|
||||||
|
import org.wso2.carbon.base.ServerConfiguration;
|
||||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||||
import org.wso2.carbon.core.util.KeyStoreManager;
|
import org.wso2.carbon.core.util.KeyStoreManager;
|
||||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||||
import org.wso2.carbon.user.api.UserStoreException;
|
import org.wso2.carbon.user.api.UserStoreException;
|
||||||
import org.wso2.carbon.user.api.UserStoreManager;
|
import org.wso2.carbon.user.api.UserStoreManager;
|
||||||
|
import org.wso2.carbon.utils.CarbonUtils;
|
||||||
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
||||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
|
import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
|
||||||
|
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.security.KeyStore;
|
||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
import java.text.ParseException;
|
import java.text.ParseException;
|
||||||
@ -55,7 +59,12 @@ public class JWTAuthenticator implements WebappAuthenticator {
|
|||||||
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
|
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
|
||||||
private static final String JWT_AUTHENTICATOR = "JWT";
|
private static final String JWT_AUTHENTICATOR = "JWT";
|
||||||
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
|
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
|
||||||
|
private static final String DEFAULT_TRUST_STORE_LOCATION = "Security.TrustStore.Location";
|
||||||
|
private static final String DEFAULT_TRUST_STORE_PASSWORD = "Security.TrustStore.Password";
|
||||||
|
|
||||||
private static final Map<String, PublicKey> publicKeyHolder = new HashMap<>();
|
private static final Map<String, PublicKey> publicKeyHolder = new HashMap<>();
|
||||||
|
private Properties properties;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void init() {
|
public void init() {
|
||||||
|
|
||||||
@ -98,7 +107,31 @@ public class JWTAuthenticator implements WebappAuthenticator {
|
|||||||
loadTenantRegistry(tenantId);
|
loadTenantRegistry(tenantId);
|
||||||
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId);
|
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId);
|
||||||
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
|
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
|
||||||
publicKey = keyStoreManager.getDefaultPublicKey();
|
String defaultPublicKey = properties.getProperty("DefaultPublicKey");
|
||||||
|
if (defaultPublicKey != null && !defaultPublicKey.isEmpty()) {
|
||||||
|
boolean isDefaultPublicKey = Boolean.parseBoolean(defaultPublicKey);
|
||||||
|
if (isDefaultPublicKey) {
|
||||||
|
publicKey = keyStoreManager.getDefaultPublicKey();
|
||||||
|
} else {
|
||||||
|
String alias = properties.getProperty("KeyAlias");
|
||||||
|
if (alias != null && !alias.isEmpty()) {
|
||||||
|
ServerConfiguration serverConfig = CarbonUtils.getServerConfiguration();
|
||||||
|
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
|
||||||
|
String trustStorePath = serverConfig.getFirstProperty(DEFAULT_TRUST_STORE_LOCATION);
|
||||||
|
String trustStorePassword = serverConfig.getFirstProperty(
|
||||||
|
DEFAULT_TRUST_STORE_PASSWORD);
|
||||||
|
keyStore.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
|
||||||
|
publicKey = keyStore.getCertificate(alias).getPublicKey();
|
||||||
|
} else {
|
||||||
|
authenticationInfo.setStatus(Status.FAILURE);
|
||||||
|
return authenticationInfo;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
publicKey = keyStoreManager.getDefaultPublicKey();
|
||||||
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
String ksName = tenantDomain.trim().replace('.', '-');
|
String ksName = tenantDomain.trim().replace('.', '-');
|
||||||
String jksName = ksName + ".jks";
|
String jksName = ksName + ".jks";
|
||||||
@ -150,17 +183,20 @@ public class JWTAuthenticator implements WebappAuthenticator {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setProperties(Properties properties) {
|
public void setProperties(Properties properties) {
|
||||||
|
this.properties = properties;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Properties getProperties() {
|
public Properties getProperties() {
|
||||||
return null;
|
return properties;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getProperty(String name) {
|
public String getProperty(String name) {
|
||||||
return null;
|
if (this.properties == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
return this.properties.getProperty(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void loadTenantRegistry(int tenantId) throws RegistryException {
|
private static void loadTenantRegistry(int tenantId) throws RegistryException {
|
||||||
|
|||||||
@ -19,6 +19,11 @@
|
|||||||
<Authenticator>
|
<Authenticator>
|
||||||
<Name>JWT</Name>
|
<Name>JWT</Name>
|
||||||
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
|
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
|
||||||
|
<Parameters>
|
||||||
|
<Parameter Name="DefaultPublicKey">true</Parameter>
|
||||||
|
<!--KeyAlias is alias of the certificate that is used to sign the JWT token-->
|
||||||
|
<!-- <Parameter Name="KeyAlias"></Parameter> -->
|
||||||
|
</Parameters>
|
||||||
</Authenticator>
|
</Authenticator>
|
||||||
<Authenticator>
|
<Authenticator>
|
||||||
<Name>CertificateAuth</Name>
|
<Name>CertificateAuth</Name>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user