diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml index e2213aee9a..c3b257f504 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml @@ -22,13 +22,13 @@ apimgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.apimgt.annotations - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - API Management Annotations WSO2 Carbon - API Management Custom Annotation Module diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java deleted file mode 100644 index 14d447ac2c..0000000000 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java +++ /dev/null @@ -1,42 +0,0 @@ -/* -* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package org.wso2.carbon.apimgt.annotations.api; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * This class is the representation of custom developed Permission annotation. - */ -@Target(ElementType.METHOD) -@Retention(RetentionPolicy.RUNTIME) -public @interface Permission { - - /** - * Represents the permission name. - * @return Returns permission name. - */ - String name(); - - /** - * Represents the permission string. - * @return Returns permission string. - */ - String permission(); - -} \ No newline at end of file diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java index 9e0068635b..701a6f183c 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.apimgt.annotations.api; import java.lang.annotation.ElementType; @@ -24,28 +6,18 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * This class is the representation of custom developed Permission annotation. + * This class is the representation of custom developed Scopes annotation. */ @Target(ElementType.METHOD) @Retention(RetentionPolicy.RUNTIME) public @interface Scope { - /** - * Represents the scope key which should be unique. - * @return Returns scope key. - */ - String key(); - - /** - * Represents the scope name. - * @return Returns scope name. - */ String name(); - /** - * Represents the scope description. - * @return Returns scope description. - */ String description(); + String key(); + + String[] permissions(); + } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java new file mode 100644 index 0000000000..ebbda6f9d4 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.apimgt.annotations.api; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * This class is the representation of custom developed Scopes annotation. + */ +@Target(ElementType.TYPE) +@Retention(RetentionPolicy.RUNTIME) +public @interface Scopes { + + Scope[] scopes(); + +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/pom.xml index 5faf10c78c..a48a6ef2e8 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/pom.xml @@ -21,12 +21,12 @@ apimgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT org.wso2.carbon.apimgt.application.extension.api war WSO2 Carbon - API Application Management API diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml index d21f4f2094..0b3e9061a1 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml @@ -22,12 +22,12 @@ apimgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT org.wso2.carbon.apimgt.application.extension bundle WSO2 Carbon - API Application Management diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/pom.xml new file mode 100644 index 0000000000..451e5ed293 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/pom.xml @@ -0,0 +1,101 @@ + + + + + + apimgt-extensions + org.wso2.carbon.devicemgt + 2.0.7-SNAPSHOT + ../pom.xml + + + 4.0.0 + org.wso2.carbon.apimgt.handlers + 2.0.7-SNAPSHOT + bundle + WSO2 Carbon - API Security Handler Component + WSO2 Carbon - API Management Security Handler Module + http://wso2.org + + + + + org.wso2.carbon + org.wso2.carbon.logging + + + org.apache.synapse + synapse-core + + + org.apache.ws.security.wso2 + wss4j + + + org.wso2.carbon.devicemgt + org.wso2.carbon.certificate.mgt.core + + + org.json.wso2 + json + + + + + + + org.apache.felix + maven-scr-plugin + + + org.apache.felix + maven-bundle-plugin + 1.4.0 + true + + + ${project.artifactId} + ${project.artifactId} + ${carbon.device.mgt.version} + WSO2 Carbon - API Security Handler Component + + org.apache.axiom.*, + javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional, + javax.xml.*, + org.apache.axis2.*, + org.apache.commons.*, + org.apache.http.*, + org.apache.http.util, + org.apache.ws.*;version="${org.apache.ws.security.wso2.version}", + org.json, + org.wso2.carbon.utils, + org.wso2.carbon.context, + com.google.gson, + org.w3c.dom, + org.apache.synapse, + org.apache.synapse.core.axis2, + org.apache.synapse.rest + + + + + + + + \ No newline at end of file diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/APIMCertificateMGTException.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/APIMCertificateMGTException.java new file mode 100644 index 0000000000..7c7b317537 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/APIMCertificateMGTException.java @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers; + +/** + * Error handling class for the apimgt handler. + */ +public class APIMCertificateMGTException extends Exception{ + + private static final long serialVersionUID = -37676242646464497L; + + private String errorMessage; + + public String getErrorMessage() { + return errorMessage; + } + + public void setErrorMessage(String errorMessage) { + this.errorMessage = errorMessage; + } + + public APIMCertificateMGTException(String msg, Exception nestedEx) { + super(msg, nestedEx); + setErrorMessage(msg); + } + + public APIMCertificateMGTException(String message, Throwable cause) { + super(message, cause); + setErrorMessage(message); + } + + public APIMCertificateMGTException(String msg) { + super(msg); + setErrorMessage(msg); + } + + public APIMCertificateMGTException() { + super(); + } + + public APIMCertificateMGTException(Throwable cause) { + super(cause); + } +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java new file mode 100644 index 0000000000..087adce638 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandler.java @@ -0,0 +1,200 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.apimgt.handlers; + +import com.google.gson.Gson; +import org.apache.axis2.context.MessageContext; +import org.apache.axis2.description.HandlerDescription; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.synapse.core.axis2.Axis2MessageContext; +import org.apache.synapse.rest.AbstractHandler; +import org.wso2.carbon.apimgt.handlers.beans.Certificate; +import org.wso2.carbon.apimgt.handlers.beans.ValidationResponce; +import org.wso2.carbon.apimgt.handlers.config.IOTServerConfiguration; +import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker; +import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse; +import org.wso2.carbon.apimgt.handlers.utils.AuthConstants; +import org.wso2.carbon.apimgt.handlers.utils.Utils; +import org.wso2.carbon.context.PrivilegedCarbonContext; + +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.Map; + +/** + * Synapse gateway handler for API authentication. + */ +public class AuthenticationHandler extends AbstractHandler { + private static final Log log = LogFactory.getLog(AuthenticationHandler.class); + private static HandlerDescription EMPTY_HANDLER_METADATA = new HandlerDescription("API Security Handler"); + private HandlerDescription handlerDesc; + private RESTInvoker restInvoker; + + private IOTServerConfiguration iotServerConfiguration; + + /** + * Setting up configurations at the constructor + */ + public AuthenticationHandler() { + log.info("Engaging API Security Handler.........."); + restInvoker = new RESTInvoker(); + this.handlerDesc = EMPTY_HANDLER_METADATA; + this.iotServerConfiguration = Utils.initConfig(); + } + + /** + * Handling the message and checking the security. + * @param messageContext + * @return + */ + @Override + public boolean handleRequest(org.apache.synapse.MessageContext messageContext) { + org.apache.axis2.context.MessageContext axisMC = ((Axis2MessageContext) messageContext).getAxis2MessageContext(); + + String ctxPath = messageContext.getTo().getAddress().trim(); + + if (log.isDebugEnabled()) { + log.debug("Authentication handler invoked by: " + ctxPath); + } + Map headers = (Map) axisMC.getProperty(MessageContext.TRANSPORT_HEADERS); + try { + int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); + RESTResponse response; + if (headers.containsKey(AuthConstants.MDM_SIGNATURE)) { + + String mdmSignature = headers.get(AuthConstants.MDM_SIGNATURE).toString(); + if (log.isDebugEnabled()) { + log.debug("Verify Cert:\n" + mdmSignature); + } + String accessToken = Utils.getAccessToken(iotServerConfiguration); + + String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim()); + URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType); + + Map certVerifyHeaders = new HashMap<>(); + certVerifyHeaders.put("Authorization", "Bearer " + accessToken); + certVerifyHeaders.put("Content-Type", "application/json"); + + Certificate certificate = new Certificate(); + certificate.setPem(mdmSignature); + certificate.setTenantId(tenantId); + certificate.setSerial(""); + + Gson gson = new Gson(); + String certVerifyContent = gson.toJson(certificate); + response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null, + null, certVerifyContent); + + String str = response.getContent(); + if (str.contains("JWTToken")) { + ValidationResponce validationResponce = gson.fromJson(str, ValidationResponce.class); + // TODO: send the JWT token with user details. + // headers.put("X-JWT-Assertion", validationResponce.getJWTToken()); + } + if (log.isDebugEnabled()) { + log.debug("Verify response:" + response.getContent()); + log.debug("Response String : " + str); + } + + } else if (headers.containsKey(AuthConstants.PROXY_MUTUAL_AUTH_HEADER)) { + String subjectDN = headers.get(AuthConstants.PROXY_MUTUAL_AUTH_HEADER).toString(); + + if (log.isDebugEnabled()) { + log.debug("Verify subject DN: " + subjectDN); + } + String accessToken = Utils.getAccessToken(iotServerConfiguration); + String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim()); + URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType); + Map certVerifyHeaders = new HashMap<>(); + certVerifyHeaders.put("Authorization", "Bearer " + accessToken); + certVerifyHeaders.put("Content-Type", "application/json"); + Certificate certificate = new Certificate(); + certificate.setPem(subjectDN); + certificate.setTenantId(tenantId); + certificate.setSerial(AuthConstants.PROXY_MUTUAL_AUTH_HEADER); + + Gson gson = new Gson(); + String certVerifyContent = gson.toJson(certificate); + response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null, + null, certVerifyContent); + if (log.isDebugEnabled()) { + log.debug("Verify response:" + response.getContent()); + } + } else if (headers.containsKey(AuthConstants.ENCODED_PEM)) { + String encodedPem = headers.get(AuthConstants.ENCODED_PEM).toString(); + if (log.isDebugEnabled()) { + log.debug("Verify Cert:\n" + encodedPem); + } + String accessToken = Utils.getAccessToken(iotServerConfiguration); + URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + "android"); + Map certVerifyHeaders = new HashMap<>(); + certVerifyHeaders.put("Authorization", "Bearer " + accessToken); + certVerifyHeaders.put("Content-Type", "application/json"); + + Certificate certificate = new Certificate(); + certificate.setPem(encodedPem); + certificate.setTenantId(tenantId); + certificate.setSerial(""); + Gson gson = new Gson(); + String certVerifyContent = gson.toJson(certificate); + response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null, + null, certVerifyContent); + if (log.isDebugEnabled()) { + log.debug("Verify response:" + response.getContent()); + } + } else { + log.warn("Unauthorized request for api: " + ctxPath); + return false; + } + if (response != null && !response.getContent().contains("invalid")) { + return true; + } + log.warn("Unauthorized request for api: " + ctxPath); + return false; + } catch (IOException e) { + log.error("Error while processing certificate.", e); + return false; + } catch (URISyntaxException e) { + log.error("Error while processing certificate.", e); + return false; + } catch (APIMCertificateMGTException e) { + log.error("Error while processing certificate.", e); + return false; + } + + } + + @Override + public boolean handleResponse(org.apache.synapse.MessageContext messageContext) { + return true; + } + + + // TODO : take this from the url. + private String getDeviceType(String url) { + if (url.contains("ios")) { + return "ios"; + } else if (url.contains("android")) { + return "android"; + } else return null; + + } +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/Certificate.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/Certificate.java new file mode 100644 index 0000000000..b3389a82c5 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/Certificate.java @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers.beans; + +/** + * This class keeps the certificate data. + */ +public class Certificate { + + // public key of the certificate + private String pem; + // Tenant id + private int tenantId; + // Serial of the certificate. + private String serial; + + public String getPem() { + return pem; + } + + public void setPem(String pem) { + this.pem = pem; + } + + public int getTenantId() { + return tenantId; + } + + public void setTenantId(int tenantId) { + this.tenantId = tenantId; + } + + public String getSerial() { + return serial; + } + + public void setSerial(String serial) { + this.serial = serial; + } +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/DCR.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/DCR.java new file mode 100644 index 0000000000..4091afcb9e --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/DCR.java @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers.beans; + +/** + * This class holds the DCR endpoints data to create an application. + */ +public class DCR { + + // Owner of the application + private String owner; + // Client name + private String clientName; + // Oauth Grant type + private String grantType; + // Scope of the token + private String tokenScope; + + public String getOwner() { + return owner; + } + + public void setOwner(String owner) { + this.owner = owner; + } + + public String getClientName() { + return clientName; + } + + public void setClientName(String clientName) { + this.clientName = clientName; + } + + public String getGrantType() { + return grantType; + } + + public void setGrantType(String grantType) { + this.grantType = grantType; + } + + public String getTokenScope() { + return tokenScope; + } + + public void setTokenScope(String tokenScope) { + this.tokenScope = tokenScope; + } +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/ValidationResponce.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/ValidationResponce.java new file mode 100644 index 0000000000..b9b385e2f3 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/beans/ValidationResponce.java @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers.beans; + +/** + * This class holds the data returned from the backend after the certificate was authenticated. + */ +public class ValidationResponce { + + private String JWTToken; // X-JWT-Assertion + private String deviceId; + private String deviceType; + private int tenantId; + + public String getJWTToken() { + return JWTToken; + } + + public void setJWTToken(String JWTToken) { + this.JWTToken = JWTToken; + } + + public String getDeviceId() { + return deviceId; + } + + public void setDeviceId(String deviceId) { + this.deviceId = deviceId; + } + + public String getDeviceType() { + return deviceType; + } + + public void setDeviceType(String deviceType) { + this.deviceType = deviceType; + } + + public int getTenantId() { + return tenantId; + } + + public void setTenantId(int tenantId) { + this.tenantId = tenantId; + } +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/config/IOTServerConfiguration.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/config/IOTServerConfiguration.java new file mode 100644 index 0000000000..3beecf11f0 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/config/IOTServerConfiguration.java @@ -0,0 +1,122 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers.config; + +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlElementWrapper; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlValue; +import java.util.List; + +/** + * This class initialize the iot-api-config.xml and hold the values, in order to be read from the relevant classes. This + * get initialized at the start of the server when apis get loaded. + */ +@XmlRootElement(name = "ServerConfiguration") +public class IOTServerConfiguration { + + private String hostname; + private String verificationEndpoint; + private String username; + private String password; + private String dynamicClientRegistrationEndpoint; + private String oauthTokenEndpoint; + private List apis; + + @XmlElement(name = "Hostname", required = true) + public String getHostname() { + return hostname; + } + + public void setHostname(String hostname) { + this.hostname = hostname; + } + + @XmlElement(name = "VerificationEndpoint", required = true) + public String getVerificationEndpoint() { + return verificationEndpoint; + } + + public void setVerificationEndpoint(String verificationEndpoint) { + this.verificationEndpoint = verificationEndpoint; + } + + @XmlElement(name = "Username", required = true) + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + @XmlElement(name = "Password", required = true) + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + @XmlElement(name = "DynamicClientRegistrationEndpoint", required = true) + public String getDynamicClientRegistrationEndpoint() { + return dynamicClientRegistrationEndpoint; + } + + public void setDynamicClientRegistrationEndpoint(String dynamicClientRegistrationEndpoint) { + this.dynamicClientRegistrationEndpoint = dynamicClientRegistrationEndpoint; + } + + @XmlElement(name = "OauthTokenEndpoint", required = true) + public String getOauthTokenEndpoint() { + return oauthTokenEndpoint; + } + + public void setOauthTokenEndpoint(String oauthTokenEndpoint) { + this.oauthTokenEndpoint = oauthTokenEndpoint; + } + + @XmlElementWrapper(name="APIS") + @XmlElement(name = "ContextPath", required = true) + public List getApis() { + return apis; + } + + public void setApis(List apis) { + this.apis = apis; + } + + @XmlRootElement(name = "ContextPath") + public static class ContextPath { + + private String contextPath; + + @XmlValue() + public String getContextPath() { + return contextPath; + } + + public void setContextPath(String contextPath) { + this.contextPath = contextPath; + } + } +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTInvoker.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTInvoker.java new file mode 100644 index 0000000000..107d754ff4 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTInvoker.java @@ -0,0 +1,279 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.apimgt.handlers.invoker; + +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.io.IOUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.Header; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.client.methods.*; +import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; +import org.apache.http.util.EntityUtils; + +import java.io.IOException; +import java.net.URI; +import java.nio.charset.StandardCharsets; +import java.util.Map; + +public class RESTInvoker { + + private static final Log log = LogFactory.getLog(RESTInvoker.class); + + private int maxTotalConnections = 100; + private int maxTotalConnectionsPerRoute = 100; + private int connectionTimeout = 120000; + private int socketTimeout = 120000; + + private CloseableHttpClient client = null; + private PoolingHttpClientConnectionManager connectionManager = null; + + public RESTInvoker() { + configureHttpClient(); + } + + private void configureHttpClient() { + + RequestConfig defaultRequestConfig = RequestConfig.custom() + .setExpectContinueEnabled(true) + .setConnectTimeout(connectionTimeout) + .setSocketTimeout(socketTimeout) + .build(); + + connectionManager = new PoolingHttpClientConnectionManager(); + connectionManager.setDefaultMaxPerRoute(maxTotalConnectionsPerRoute); + connectionManager.setMaxTotal(maxTotalConnections); + client = HttpClients.custom() + .setConnectionManager(connectionManager) + .setDefaultRequestConfig(defaultRequestConfig) + .build(); + + if(log.isDebugEnabled()){ + log.debug("REST client initialized with " + + "maxTotalConnection = " + maxTotalConnections + + "maxConnectionsPerRoute = " + maxTotalConnectionsPerRoute + + "connectionTimeout = " + connectionTimeout); + } + + } + + public void closeHttpClient() { + IOUtils.closeQuietly(client); + IOUtils.closeQuietly(connectionManager); + } + + /** + * Invokes the http GET method + * + * @param uri endpoint/service url + * @param requestHeaders header list + * @param username username for authentication + * @param password password for authentication + * @return RESTResponse of the GET request (can be the response body or the response status code) + * @throws Exception + */ + public RESTResponse invokeGET(URI uri, Map requestHeaders, String username, String password) throws IOException { + + HttpGet httpGet = null; + CloseableHttpResponse response = null; + Header[] headers; + int httpStatus; + String contentType; + String output; + try { + httpGet = new HttpGet(uri); + if (requestHeaders != null && !requestHeaders.isEmpty()) { + Object keys[] = requestHeaders.keySet().toArray(); + for (Object header : keys) { + httpGet.setHeader(header.toString(), requestHeaders.get(header).toString()); + } + } + response = sendReceiveRequest(httpGet, username, password); + output = IOUtils.toString(response.getEntity().getContent()); + headers = response.getAllHeaders(); + httpStatus = response.getStatusLine().getStatusCode(); + contentType = response.getEntity().getContentType().getValue(); + if (log.isDebugEnabled()) { + log.debug("Invoked GET " + uri.toString() + " - Response message: " + output); + } + EntityUtils.consume(response.getEntity()); + } finally { + if (response != null) { + IOUtils.closeQuietly(response); + } + if (httpGet != null) { + httpGet.releaseConnection(); + } + } + return new RESTResponse(contentType, output, headers, httpStatus); + } + + + public RESTResponse invokePOST(URI uri, Map requestHeaders, String username, + String password, String payload) throws IOException { + + HttpPost httpPost = null; + CloseableHttpResponse response = null; + Header[] headers; + int httpStatus; + String contentType; + String output; + try { + httpPost = new HttpPost(uri); + httpPost.setEntity(new StringEntity(payload)); + if (requestHeaders != null && !requestHeaders.isEmpty()) { + Object keys[] = requestHeaders.keySet().toArray(); + for (Object header : keys) { + httpPost.setHeader(header.toString(), requestHeaders.get(header).toString()); + } + } + response = sendReceiveRequest(httpPost, username, password); + output = IOUtils.toString(response.getEntity().getContent()); + headers = response.getAllHeaders(); + httpStatus = response.getStatusLine().getStatusCode(); + contentType = response.getEntity().getContentType().getValue(); + if (log.isDebugEnabled()) { + log.debug("Invoked POST " + uri.toString() + + " - Input payload: " + payload + " - Response message: " + output); + } + EntityUtils.consume(response.getEntity()); + } finally { + if (response != null) { + IOUtils.closeQuietly(response); + } + if (httpPost != null) { + httpPost.releaseConnection(); + } + } + return new RESTResponse(contentType, output, headers, httpStatus); + } + + /** + * Invokes the http PUT method + * + * @param uri endpoint/service url + * @param requestHeaders header list + * @param username username for authentication + * @param password password for authentication + * @param payload payload body passed + * @return RESTResponse of the PUT request (can be the response body or the response status code) + * @throws Exception + */ + public RESTResponse invokePUT(URI uri, Map requestHeaders, String username, String password, + String payload) throws IOException { + + HttpPut httpPut = null; + CloseableHttpResponse response = null; + Header[] headers; + int httpStatus; + String contentType; + String output; + try { + httpPut = new HttpPut(uri); + httpPut.setEntity(new StringEntity(payload)); + if (requestHeaders != null && !requestHeaders.isEmpty()) { + Object keys[] = requestHeaders.keySet().toArray(); + for (Object header : keys) { + httpPut.setHeader(header.toString(), requestHeaders.get(header).toString()); + } + } + response = sendReceiveRequest(httpPut, username, password); + output = IOUtils.toString(response.getEntity().getContent()); + headers = response.getAllHeaders(); + httpStatus = response.getStatusLine().getStatusCode(); + contentType = response.getEntity().getContentType().getValue(); + if (log.isDebugEnabled()) { + log.debug("Invoked PUT " + uri.toString() + " - Response message: " + output); + } + EntityUtils.consume(response.getEntity()); + } finally { + if (response != null) { + IOUtils.closeQuietly(response); + } + if (httpPut != null) { + httpPut.releaseConnection(); + } + } + return new RESTResponse(contentType, output, headers, httpStatus); + } + + /** + * Invokes the http DELETE method + * + * @param uri endpoint/service url + * @param requestHeaders header list + * @param username username for authentication + * @param password password for authentication + * @return RESTResponse of the DELETE (can be the response status code or the response body) + * @throws Exception + */ + public RESTResponse invokeDELETE(URI uri, Map requestHeaders, String username, String password) throws IOException { + + HttpDelete httpDelete = null; + CloseableHttpResponse response = null; + Header[] headers; + int httpStatus; + String contentType; + String output; + try { + httpDelete = new HttpDelete(uri); + if (requestHeaders != null && !requestHeaders.isEmpty()) { + Object keys[] = requestHeaders.keySet().toArray(); + for (Object header : keys) { + httpDelete.setHeader(header.toString(), requestHeaders.get(header).toString()); + } + } + response = sendReceiveRequest(httpDelete, username, password); + output = IOUtils.toString(response.getEntity().getContent()); + headers = response.getAllHeaders(); + httpStatus = response.getStatusLine().getStatusCode(); + contentType = response.getEntity().getContentType().getValue(); + if (log.isDebugEnabled()) { + log.debug("Invoked DELETE " + uri.toString() + " - Response message: " + output); + } + EntityUtils.consume(response.getEntity()); + } finally { + if (response != null) { + IOUtils.closeQuietly(response); + } + if (httpDelete != null) { + httpDelete.releaseConnection(); + } + } + return new RESTResponse(contentType, output, headers, httpStatus); + } + + private CloseableHttpResponse sendReceiveRequest(HttpRequestBase requestBase, String username, String password) + throws IOException { + CloseableHttpResponse response; + if (username != null && !username.equals("") && password != null) { + String combinedCredentials = username + ":" + password; + byte[] encodedCredentials = Base64.encodeBase64(combinedCredentials.getBytes(StandardCharsets.UTF_8)); + requestBase.addHeader("Authorization", "Basic " + new String(encodedCredentials)); + + response = client.execute(requestBase); + } else { + response = client.execute(requestBase); + } + return response; + } +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTResponse.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTResponse.java new file mode 100644 index 0000000000..7ce0389baa --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/invoker/RESTResponse.java @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.apimgt.handlers.invoker; + +import org.apache.http.Header; + +/** + * RESTResponse class holds the data retrieved from the HTTP invoke response. + */ +public class RESTResponse { + private String contentType; + private String content; + private Header[] headers; + private int httpStatus; + + /** + * Constructor + * + * @param contentType from the REST invoke response + * @param content from the REST invoke response + * @param headers from the REST invoke response + * @param httpStatus from the REST invoke response + */ + public RESTResponse(String contentType, String content, Header[] headers, int httpStatus) { + this.contentType = contentType; + this.content = content; + this.headers = headers; + this.httpStatus = httpStatus; + } + + /** + * Get the content type of the EST invoke response + * + * @return String content type of the response + */ + public String getContentType() { + return contentType; + } + + /** + * Get contents of the REST invoke response + * + * @return contents of the REST invoke response + */ + public String getContent() { + return content; + } + + /** + * Get headers of the REST invoke response + * + * @return headers of the REST invoke response + */ + public Header[] getHeaders() { + return headers; + } + + /** + * Get the HTTP Status code from REST invoke response + * + * @return int HTTP status code + */ + public int getHttpStatus() { + return httpStatus; + } +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java new file mode 100644 index 0000000000..531c7c11d5 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/AuthConstants.java @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.apimgt.handlers.utils; + +/** + * This initializes the constance. + */ +public class AuthConstants { +// public static final String SEC_FAULT = "SECURITY_VALIDATION_FAILURE"; +// public static final String HTTPS = "https"; +// public static final String WSSE = "wsse"; +// public static final String AUTH_CONFIGURATION_FILE_NAME = "api-filter-config.xml"; +// public static final String API_FILTER_CONFIG_ELEMENT = "apiFilterConfig"; +// public static final String API_LIST_PROPERTY = "apiList"; +// public static final String HOST = "host"; +// public static final String HTTPS_PORT = "httpsPort"; +// public static final String USERNAME = "username"; +// public static final String PASSWORD = "password"; +// public static final String IOS_VERIFY_ENDPOINT = "ios-verify-endpoint"; +// public static final String ANDROID_VERIFY_ENDPOINT = "android-verify-endpoint"; + public static final String MDM_SIGNATURE = "mdm-signature"; + public static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header"; + public static final String ENCODED_PEM = "encoded-pem"; +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/Utils.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/Utils.java new file mode 100644 index 0000000000..3e66ed7edd --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/java/org/wso2/carbon/apimgt/handlers/utils/Utils.java @@ -0,0 +1,178 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.apimgt.handlers.utils; + +import com.google.gson.Gson; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.ws.security.util.Base64; +import org.json.JSONException; +import org.json.JSONObject; +import org.w3c.dom.Document; +import org.wso2.carbon.apimgt.handlers.APIMCertificateMGTException; +import org.wso2.carbon.apimgt.handlers.beans.DCR; +import org.wso2.carbon.apimgt.handlers.config.IOTServerConfiguration; +import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker; +import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse; +import org.wso2.carbon.utils.CarbonUtils; + +import javax.xml.XMLConstants; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import java.io.File; +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.Map; + +/** + * Contains util methods for synapse gateway authentication handler + */ +public class Utils { + + private static final Log log = LogFactory.getLog(Utils.class); + private static final String IOT_APIS_CONFIG_FILE = "iot-api-config.xml"; + private static String clientId; + private static String clientSecret; + + /** + * This method initializes the iot-api-config.xml file. + * @return + */ + public static IOTServerConfiguration initConfig() { + try { + + String IOTServerAPIConfigurationPath = + CarbonUtils.getCarbonConfigDirPath() + File.separator + IOT_APIS_CONFIG_FILE; + File file = new File(IOTServerAPIConfigurationPath); + Document doc = Utils.convertToDocument(file); + + JAXBContext fileContext = JAXBContext.newInstance(IOTServerConfiguration.class); + Unmarshaller unmarshaller = fileContext.createUnmarshaller(); + return (IOTServerConfiguration) unmarshaller.unmarshal(doc); + + } catch (JAXBException | APIMCertificateMGTException e) { + log.error("Error occurred while initializing Data Source config", e); + return null; + } + } + + /** + * This class build the iot-api-config.xml file. + * @param file + * @return + * @throws APIMCertificateMGTException + */ + public static Document convertToDocument(File file) throws APIMCertificateMGTException { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + try { + DocumentBuilder docBuilder = factory.newDocumentBuilder(); + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + return docBuilder.parse(file); + } catch (Exception e) { + throw new APIMCertificateMGTException("Error occurred while parsing file, while converting " + + "to a org.w3c.dom.Document", e); + } + } + + /** + * This class get the access token from the key manager. + * @param iotServerConfiguration + * @return + * @throws APIMCertificateMGTException + */ + public static String getAccessToken(IOTServerConfiguration iotServerConfiguration) + throws APIMCertificateMGTException { + try { + if (clientId == null || clientSecret == null) { + getClientSecretes(iotServerConfiguration); + } + URI tokenUrl = new URI(iotServerConfiguration.getOauthTokenEndpoint()); + String tokenContent = "grant_type=password&username=" + iotServerConfiguration.getUsername()+ "&password=" + + iotServerConfiguration.getPassword() + "&scope=activity-view"; + String tokenBasicAuth = "Basic " + Base64.encode((clientId + ":" + clientSecret).getBytes()); + Map tokenHeaders = new HashMap(); + tokenHeaders.put("Authorization", tokenBasicAuth); + tokenHeaders.put("Content-Type", "application/x-www-form-urlencoded"); + + RESTInvoker restInvoker = new RESTInvoker(); + RESTResponse response = restInvoker.invokePOST(tokenUrl, tokenHeaders, null, + null, tokenContent); + if(log.isDebugEnabled()) { + log.debug("Token response:" + response.getContent()); + } + JSONObject jsonResponse = new JSONObject(response.getContent()); + String accessToken = jsonResponse.getString("access_token"); + return accessToken; + + } catch (URISyntaxException e) { + throw new APIMCertificateMGTException("Error occurred while trying to call oauth token endpoint", e); + } catch (JSONException e) { + throw new APIMCertificateMGTException("Error occurred while converting the json to object", e); + } catch (IOException e) { + throw new APIMCertificateMGTException("Error occurred while trying to call oauth token endpoint", e); + } + } + + /** + * This method register an application to get the client key and secret. + * @param iotServerConfiguration + * @throws APIMCertificateMGTException + */ + private static void getClientSecretes(IOTServerConfiguration iotServerConfiguration) + throws APIMCertificateMGTException { + try { + DCR dcr = new DCR(); + dcr.setOwner(iotServerConfiguration.getUsername()); + dcr.setClientName("IOT-API-MANAGER"); + dcr.setGrantType("refresh_token password client_credentials"); + dcr.setTokenScope("default"); + Gson gson = new Gson(); + String dcrContent = gson.toJson(dcr); + Map drcHeaders = new HashMap(); + drcHeaders.put("Content-Type", "application/json"); + URI dcrUrl = new URI(iotServerConfiguration.getDynamicClientRegistrationEndpoint()); + RESTInvoker restInvoker = new RESTInvoker(); + RESTResponse response = restInvoker.invokePOST(dcrUrl, drcHeaders, null, + null, dcrContent); + + if (log.isDebugEnabled()) { + log.debug("DCR response :" + response.getContent()); + } + JSONObject jsonResponse = new JSONObject(response.getContent()); + clientId = jsonResponse.getString("client_id"); + clientSecret = jsonResponse.getString("client_secret"); + } catch (JSONException e) { + throw new APIMCertificateMGTException("Error occurred while converting the json to object", e); + } catch (IOException e) { + throw new APIMCertificateMGTException("Error occurred while trying to call DCR endpoint", e); + } catch (URISyntaxException e) { + throw new APIMCertificateMGTException("Error occurred while trying to call DCR endpoint", e); + } + + } + +} + diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/resources/iot-api-config.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/resources/iot-api-config.xml new file mode 100644 index 0000000000..fc65693d28 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/main/resources/iot-api-config.xml @@ -0,0 +1,40 @@ + + + + + + https://localhost:9443/ + + + https://localhost:9443/api/certificate-mgt/v1.0/admin/certificates/verify/ + + + admin + admin + + + https://localhost:9443/dynamic-client-web/register + + + https://localhost:9443/oauth2/token + + + /services/echo + + \ No newline at end of file diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/pom.xml index a76baa3d88..aee804b2e5 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/pom.xml @@ -22,13 +22,13 @@ apimgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.apimgt.webapp.publisher - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - API Management Webapp Publisher WSO2 Carbon - API Management Webapp Publisher diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java index 1068724db0..8ae3c531c1 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java @@ -28,6 +28,7 @@ import org.wso2.carbon.apimgt.impl.utils.APIUtil; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration; import org.wso2.carbon.apimgt.webapp.publisher.config.WebappPublisherConfig; +import org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util.AnnotationProcessor; import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.core.util.Utils; @@ -51,6 +52,9 @@ public class APIPublisherUtil { private static final String PARAM_SHARED_WITH_ALL_TENANTS = "isSharedWithAllTenants"; private static final String PARAM_PROVIDER_TENANT_DOMAIN = "providerTenantDomain"; + private static final String NON_SECURED_RESOURCES = "nonSecuredEndPoints"; + private static final String AUTH_TYPE_NON_SECURED = "None"; + public static API getAPI(APIConfig config) throws APIManagementException { @@ -77,7 +81,7 @@ public class APIPublisherUtil { api.setUrl(config.getEndpoint()); api.addAvailableTiers(provider.getTiers()); - api.setEndpointSecured(true); + api.setEndpointSecured(false); api.setStatus(APIStatus.CREATED); api.setTransports(config.getTransports()); api.setApiLevelPolicy(config.getPolicy()); @@ -269,18 +273,7 @@ public class APIPublisherUtil { } apiConfig.setOwner(owner); - String isSecuredParam = servletContext.getInitParameter(PARAM_MANAGED_API_IS_SECURED); - boolean isSecured; - if (isSecuredParam == null || isSecuredParam.isEmpty()) { - if (log.isDebugEnabled()) { - log.debug("'managed-api-isSecured' attribute is not configured. Therefore, using the default, " + - "which is 'true'"); - } - isSecured = false; - } else { - isSecured = Boolean.parseBoolean(isSecuredParam); - } - apiConfig.setSecured(isSecured); + apiConfig.setSecured(false); String transports = servletContext.getInitParameter(PARAM_MANAGED_API_TRANSPORTS); if (transports == null || transports.isEmpty()) { @@ -324,4 +317,29 @@ public class APIPublisherUtil { return apiConfig; } + + public static void setResourceAuthTypes(ServletContext servletContext, APIConfig apiConfig) { + List resourcesList = null; + String nonSecuredResources = servletContext.getInitParameter(NON_SECURED_RESOURCES); + if(null != nonSecuredResources){ + resourcesList = Arrays.asList(nonSecuredResources.split(",")); + } + Set templates = apiConfig.getUriTemplates(); + if(null != resourcesList) { + for (URITemplate template : templates) { + String fullPaath = ""; + if( template.getUriTemplate() != AnnotationProcessor.WILD_CARD ) { + fullPaath = apiConfig.getContext() + template.getUriTemplate(); + } + else{ + fullPaath = apiConfig.getContext(); + } + for(String context : resourcesList) { + if (context.trim().equals(fullPaath)) { + template.setAuthType(AUTH_TYPE_NON_SECURED); + } + } + } + } + } } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/WebappPublisherConfig.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/WebappPublisherConfig.java index faf94c8191..a54d370e5c 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/WebappPublisherConfig.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/WebappPublisherConfig.java @@ -42,6 +42,7 @@ public class WebappPublisherConfig { private boolean isPublished; private boolean isEnabledUpdateApi; private Profiles profiles; + private static boolean isInitialized = false; private static WebappPublisherConfig config; @@ -52,9 +53,13 @@ public class WebappPublisherConfig { } public static WebappPublisherConfig getInstance() { - if (config == null) { - throw new InvalidConfigurationStateException("Webapp Authenticator Configuration is not " + - "initialized properly"); + if (!isInitialized) { + try { + init(); + } catch (WebappPublisherConfigurationFailedException e) { + throw new InvalidConfigurationStateException("Webapp Authenticator Configuration is not " + + "initialized properly"); + } } return config; } @@ -95,7 +100,10 @@ public class WebappPublisherConfig { this.profiles = profiles; } - public static void init() throws WebappPublisherConfigurationFailedException { + public synchronized static void init() throws WebappPublisherConfigurationFailedException { + if (isInitialized) { + return; + } try { File emailSenderConfig = new File(WEBAPP_PUBLISHER_CONFIG_PATH); Document doc = WebappPublisherUtil.convertToDocument(emailSenderConfig); @@ -105,6 +113,7 @@ public class WebappPublisherConfig { Unmarshaller unmarshaller = ctx.createUnmarshaller(); //unmarshaller.setSchema(getSchema()); config = (WebappPublisherConfig) unmarshaller.unmarshal(doc); + isInitialized = true; } catch (JAXBException e) { throw new WebappPublisherConfigurationFailedException("Error occurred while un-marshalling Webapp " + "Publisher Config", e); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/listener/APIPublisherLifecycleListener.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/listener/APIPublisherLifecycleListener.java index f9a28ee41d..adf73f0d17 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/listener/APIPublisherLifecycleListener.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/listener/APIPublisherLifecycleListener.java @@ -69,6 +69,7 @@ public class APIPublisherLifecycleListener implements LifecycleListener { annotatedSwaggerAPIClasses); for (APIResourceConfiguration apiDefinition : apiDefinitions) { APIConfig apiConfig = APIPublisherUtil.buildApiConfig(servletContext, apiDefinition); + APIPublisherUtil.setResourceAuthTypes(servletContext,apiConfig); try { int tenantId = APIPublisherDataHolder.getInstance().getTenantManager(). getTenantId(apiConfig.getTenantDomain()); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java index 5611b563ca..c967039259 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java @@ -16,10 +16,12 @@ package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util; +import io.swagger.annotations.ApiOperation; import io.swagger.annotations.SwaggerDefinition; import org.apache.catalina.core.StandardContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.apimgt.api.model.Scope; import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration; @@ -37,9 +39,7 @@ import java.net.URI; import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; -import java.util.ArrayList; -import java.util.List; -import java.util.Set; +import java.util.*; public class AnnotationProcessor { @@ -51,16 +51,22 @@ public class AnnotationProcessor { private static final String PACKAGE_ORG_APACHE = "org.apache"; private static final String PACKAGE_ORG_CODEHAUS = "org.codehaus"; private static final String PACKAGE_ORG_SPRINGFRAMEWORK = "org.springframework"; - private static final String WILD_CARD = "/*"; + public static final String WILD_CARD = "/*"; private static final String SWAGGER_ANNOTATIONS_INFO = "info"; private static final String SWAGGER_ANNOTATIONS_TAGS = "tags"; private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VERSION = "version"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_CONTEXT = "context"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value"; + private static final String ANNOTATIONS_SCOPES = "scopes"; + + private static final String PERMISSION_PREFIX = "/permission/admin"; private StandardContext context; @@ -75,6 +81,10 @@ public class AnnotationProcessor { private Class tagClass; private Class extensionClass; private Class extensionPropertyClass; + private Class apiOperation; + private Class scopeClass; + private Class scopesClass; + private Map apiScopes; public AnnotationProcessor(final StandardContext context) { servletContext = context.getServletContext(); @@ -91,7 +101,13 @@ public class AnnotationProcessor { extensionClass = (Class)classLoader .loadClass((io.swagger.annotations.Extension.class.getName())); extensionPropertyClass = (Class)classLoader - .loadClass((io.swagger.annotations.ExtensionProperty.class.getName())); + .loadClass(io.swagger.annotations.ExtensionProperty.class.getName()); + scopeClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName()); + scopesClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName()); + apiOperation = (Class)classLoader + .loadClass((io.swagger.annotations.ApiOperation.class.getName())); } catch (ClassNotFoundException e) { log.error("An error has occurred while loading classes ", e); } @@ -120,6 +136,7 @@ public class AnnotationProcessor { try { clazz = classLoader.loadClass(className); Annotation swaggerDefinition = clazz.getAnnotation(apiClazz); + Annotation Scopes = clazz.getAnnotation(scopesClass); List resourceList; if (swaggerDefinition != null) { if (log.isDebugEnabled()) { @@ -127,6 +144,9 @@ public class AnnotationProcessor { } try { apiResourceConfig = processAPIAnnotation(swaggerDefinition); + if (Scopes != null) { + apiScopes = processAPIScopes(Scopes); + } if(apiResourceConfig != null){ String rootContext = servletContext.getContextPath(); pathClazzMethods = pathClazz.getMethods(); @@ -158,7 +178,7 @@ public class AnnotationProcessor { } catch (ClassNotFoundException e1) { String msg = "Failed to load service class " + className + " for publishing APIs." + " This API will not be published."; - log.error(msg); + log.error(msg, e1); } catch (RuntimeException e) { log.error("Unexpected error has been occurred while publishing "+ className +"hence, this API will not be published."); @@ -174,6 +194,39 @@ public class AnnotationProcessor { return apiResourceConfigs; } + private Map processAPIScopes(Annotation annotation) throws Throwable { + Map scopes = new HashMap<>(); + + InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation); + Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass + .getMethod(ANNOTATIONS_SCOPES, null), null); + + Scope scope; + String permissions[]; + StringBuilder aggregatedPermissions; + for(int i=0; i org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 apimgt-extensions - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - API Management Extensions Component http://wso2.org @@ -38,6 +38,7 @@ org.wso2.carbon.apimgt.application.extension org.wso2.carbon.apimgt.application.extension.api org.wso2.carbon.apimgt.annotations + org.wso2.carbon.apimgt.handlers diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/pom.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/pom.xml index c5694a53fb..d0b957e510 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/pom.xml +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/pom.xml @@ -22,7 +22,7 @@ certificate-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java index 147e6669db..2357d61044 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java @@ -1,18 +1,9 @@ package org.wso2.carbon.certificate.mgt.jaxrs.api; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Extension; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Info; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Tag; +import io.swagger.annotations.*; + import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse; import javax.ws.rs.Consumes; @@ -45,8 +36,19 @@ import javax.ws.rs.core.Response; "related operations.") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) +@Scopes(scopes = { + @Scope( + name = "Sign CSR", + description = "Sign CSR", + key = "perm:sign-csr", + permissions = {"/device-mgt/certificates/manage"} + ) +} +) public interface CertificateMgtService { + String SCOPE = "scope"; + /** * Sign the client's certificate signing request and save it in the database. * @@ -64,12 +66,10 @@ public interface CertificateMgtService { value = "Process a given CSR and return signed certificates.", notes = "This will return a signed certificate upon a given CSR.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", - description = "Sign CSR") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = SCOPE, value = "perm:sign-csr") + }) } ) @ApiResponses( @@ -87,7 +87,6 @@ public interface CertificateMgtService { message = "Internal Server Error. \n Error occurred while retrieving signed certificate.", response = ErrorResponse.class) }) - @Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "") Response getSignedCertFromCSR( @ApiParam( name = "If-Modified-Since", diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/pom.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/pom.xml index 377b33ea3e..a6dbbaa957 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/pom.xml +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/pom.xml @@ -22,7 +22,7 @@ certificate-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml @@ -149,6 +149,11 @@ org.wso2.carbon.certificate.mgt.core provided + + org.wso2.carbon.devicemgt + org.wso2.carbon.identity.jwt.client.extension + provided + io.swagger swagger-annotations diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index b867998c18..14d06f00f0 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -6,18 +6,19 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; +import javax.validation.constraints.Size; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -39,10 +40,39 @@ import javax.ws.rs.core.Response; ) @Api(value = "Certificate Management", description = "This API includes all the certificate management related operations") @Path("/admin/certificates") +@Scopes(scopes = { + @Scope( + name = "Adding a new SSL certificate", + description = "Adding a new SSL certificate", + key = "perm:admin:certificates:add", + permissions = {"/device-mgt/admin/certificates/add"} + ), + @Scope( + name = "Getting Details of an SSL Certificate", + description = "Getting Details of an SSL Certificate", + key = "perm:admin:certificates:details", + permissions = {"/device-mgt/admin/certificates/details"} + ), + @Scope( + name = "Getting Details of Certificates", + description = "Getting Details of Certificates", + key = "perm:admin:certificates:view", + permissions = {"/device-mgt/admin/certificates/view"} + ), + @Scope( + name = "Deleting an SSL Certificate", + description = "Deleting an SSL Certificate", + key = "perm:admin:certificates:delete", + permissions = {"/device-mgt/admin/certificates/delete"} + ) +} +) @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) public interface CertificateManagementAdminService { + String SCOPE = "scope"; + /** * Save a list of certificates and relevant information in the database. * @@ -58,12 +88,10 @@ public interface CertificateManagementAdminService { value = "Adding a new SSL certificate", notes = "Add a new SSL certificate to the client end database.\n", tags = "Certificate Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", - description = "Manage certificates") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:add") + }) } ) @ApiResponses( @@ -129,12 +157,10 @@ public interface CertificateManagementAdminService { value = "Getting Details of an SSL Certificate", notes = "Get the client side SSL certificate details.", tags = "Certificate Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view", - description = "View certificates") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:details") + }) } ) @ApiResponses(value = { @@ -202,12 +228,10 @@ public interface CertificateManagementAdminService { + "view all the certificate details, it is not feasible to show all the details on one " + "page. Therefore, the details are paginated.", tags = "Certificate Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view", - description = "View certificates") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:view") + }) } ) @ApiResponses(value = { @@ -283,12 +307,10 @@ public interface CertificateManagementAdminService { value = "Deleting an SSL Certificate", notes = "Delete an SSL certificate that's on the client end.", tags = "Certificate Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", - description = "Manage certificates") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:delete") + }) } ) @ApiResponses(value = { @@ -316,4 +338,125 @@ public interface CertificateManagementAdminService { defaultValue = "12438035315552875930") @PathParam("serialNumber") String serialNumber); +// /** +// * Verify IOS Certificate for the API security filter +// * +// * @param certificate to be verified as a String +// * @return Status of the certificate verification. +// */ +// @POST +// @Path("/verify/ios") +// @ApiOperation( +// consumes = MediaType.APPLICATION_JSON, +// produces = MediaType.APPLICATION_JSON, +// httpMethod = "POST", +// value = "Verify IOS SSL certificate", +// notes = "Verify IOS Certificate for the API security filter.\n", +// tags = "Certificate Management") +// @ApiResponses( +// value = { +// @ApiResponse( +// code = 200, +// message = "Return the status of the IOS certificate verification.", +// responseHeaders = { +// @ResponseHeader( +// name = "Content-Type", +// description = "The content type of the body")}), +// @ApiResponse( +// code = 400, +// message = "Bad Request. \n Invalid request or validation error.", +// response = ErrorResponse.class) +// }) +// Response verifyIOSCertificate( +// @ApiParam( +// name = "certificate", +// value = "The properties to verify certificate. It includes the following: \n" + +// "serial: The unique ID of the certificate. (optional) \n" + +// "pem: mdm-signature of the certificate", +// required = true) EnrollmentCertificate certificate); +// +// /** +// * Verify Android Certificate for the API security filter +// * +// * @param certificate to be verified as a String +// * @return Status of the certificate verification. +// */ +// @POST +// @Path("/verify/android") +// @ApiOperation( +// consumes = MediaType.APPLICATION_JSON, +// produces = MediaType.APPLICATION_JSON, +// httpMethod = "POST", +// value = "Verify Android SSL certificate", +// notes = "Verify Android Certificate for the API security filter.\n", +// tags = "Certificate Management") +// @ApiResponses( +// value = { +// @ApiResponse( +// code = 200, +// message = "Return the status of the Android certificate verification.", +// responseHeaders = { +// @ResponseHeader( +// name = "Content-Type", +// description = "The content type of the body")}), +// @ApiResponse( +// code = 400, +// message = "Bad Request. \n Invalid request or validation error.", +// response = ErrorResponse.class) +// }) +// Response verifyAndroidCertificate( +// @ApiParam( +// name = "certificate", +// value = "The properties to verify certificate. It includes the following: \n" + +// "serial: The unique ID of the certificate. (optional) \n" + +// "pem: pem String of the certificate", +// required = true) EnrollmentCertificate certificate); +// + + + /** + * Verify Android Certificate for the API security filter + * + * @param certificate to be verified as a String + * @return Status of the certificate verification. + */ + @POST + @Path("/verify/{type}") + @ApiOperation( + consumes = MediaType.APPLICATION_JSON, + produces = MediaType.APPLICATION_JSON, + httpMethod = "POST", + value = "Verify Android SSL certificate", + notes = "Verify Android Certificate for the API security filter.\n", + tags = "Certificate Management") + @ApiResponses( + value = { + @ApiResponse( + code = 200, + message = "Return the status of the Android certificate verification.", + responseHeaders = { + @ResponseHeader( + name = "Content-Type", + description = "The content type of the body")}), + @ApiResponse( + code = 400, + message = "Bad Request. \n Invalid request or validation error.", + response = ErrorResponse.class) + }) + Response verifyCertificate( + @ApiParam( + name = "type", + value = "The device type, such as ios, android or windows.", + required = true, + allowableValues = "android, ios, windows") + @PathParam("type") + @Size(max = 45) + String type, + @ApiParam( + name = "certificate", + value = "The properties to verify certificate. It includes the following: \n" + + "serial: The unique ID of the certificate. (optional) \n" + + "pem: pem String of the certificate", + required = true) EnrollmentCertificate certificate); } + diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/beans/ValidationResponce.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/beans/ValidationResponce.java new file mode 100644 index 0000000000..5a72112e4d --- /dev/null +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/beans/ValidationResponce.java @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans; + +public class ValidationResponce { + + private String JWTToken; // X-JWT-Assertion + private String deviceId; + private String deviceType; + private int tenantId; + + public String getJWTToken() { + return JWTToken; + } + + public void setJWTToken(String JWTToken) { + this.JWTToken = JWTToken; + } + + public String getDeviceId() { + return deviceId; + } + + public void setDeviceId(String deviceId) { + this.deviceId = deviceId; + } + + public String getDeviceType() { + return deviceType; + } + + public void setDeviceType(String deviceType) { + this.deviceType = deviceType; + } + + public int getTenantId() { + return tenantId; + } + + public void setTenantId(int tenantId) { + this.tenantId = tenantId; + } +} + diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/impl/CertificateManagementAdminServiceImpl.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/impl/CertificateManagementAdminServiceImpl.java index e0f0852787..0f62d9e72b 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/impl/CertificateManagementAdminServiceImpl.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/impl/CertificateManagementAdminServiceImpl.java @@ -6,14 +6,22 @@ import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.CertificateManagementAdmin import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse; +import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ValidationResponce; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.CertificateMgtAPIUtils; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.RequestValidationUtil; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; +import org.wso2.carbon.certificate.mgt.core.scep.SCEPException; +import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager; +import org.wso2.carbon.certificate.mgt.core.scep.TenantedDeviceWrapper; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.certificate.mgt.core.service.PaginationResult; import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.device.mgt.common.DeviceIdentifier; +import org.wso2.carbon.device.mgt.common.DeviceManagementConstants; +import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException; +import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService; import javax.ws.rs.*; import javax.ws.rs.core.Response; @@ -25,6 +33,7 @@ import java.util.List; public class CertificateManagementAdminServiceImpl implements CertificateManagementAdminService { private static Log log = LogFactory.getLog(CertificateManagementAdminServiceImpl.class); + private static final String PROXY_AUTH_MUTUAL_HEADER = "proxy-mutual-auth-header"; /** * Save a list of certificates and relevant information in the database. @@ -138,4 +147,138 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem } } +// @POST +// @Path("/verify/ios") +// public Response verifyIOSCertificate(@ApiParam(name = "certificate", value = "Mdm-Signature of the " + +// "certificate that needs to be verified", required = true) EnrollmentCertificate certificate) { +// try { +// CertificateManagementService certMgtService = CertificateMgtAPIUtils.getCertificateManagementService(); +// X509Certificate cert = certMgtService.extractCertificateFromSignature(certificate.getPem()); +// String challengeToken = certMgtService.extractChallengeToken(cert); +// +// if (challengeToken != null) { +// challengeToken = challengeToken.substring(challengeToken.indexOf("(") + 1).trim(); +// +// SCEPManager scepManager = CertificateMgtAPIUtils.getSCEPManagerService(); +// DeviceIdentifier deviceIdentifier = new DeviceIdentifier(); +// deviceIdentifier.setId(challengeToken); +// deviceIdentifier.setType(DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_IOS); +// TenantedDeviceWrapper tenantedDeviceWrapper = scepManager.getValidatedDevice(deviceIdentifier); +// +// if (tenantedDeviceWrapper != null) { +// return Response.status(Response.Status.OK).entity("valid").build(); +// } +// } +// } catch (SCEPException e) { +// String msg = "Error occurred while extracting information from certificate."; +// log.error(msg, e); +// return Response.serverError().entity( +// new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); +// } catch (KeystoreException e) { +// String msg = "Error occurred while converting PEM file to X509Certificate."; +// log.error(msg, e); +// return Response.serverError().entity( +// new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); +// } +// return Response.status(Response.Status.OK).entity("invalid").build(); +// } +// +// @POST +// @Path("/verify/android") +// public Response verifyAndroidCertificate(@ApiParam(name = "certificate", value = "Base64 encoded .pem file of the " + +// "certificate that needs to be verified", required = true) EnrollmentCertificate certificate) { +// CertificateResponse certificateResponse = null; +// try { +// CertificateManagementService certMgtService = CertificateMgtAPIUtils.getCertificateManagementService(); +// if (certificate.getSerial().toLowerCase().contains(PROXY_AUTH_MUTUAL_HEADER)) { +// certificateResponse = certMgtService.verifySubjectDN(certificate.getPem()); +// } else { +// X509Certificate clientCertificate = certMgtService.pemToX509Certificate(certificate.getPem()); +// if (clientCertificate != null) { +// certificateResponse = certMgtService.verifyPEMSignature(clientCertificate); +// } +// } +// +// if (certificateResponse != null && certificateResponse.getCommonName() != null && !certificateResponse +// .getCommonName().isEmpty()) { +// return Response.status(Response.Status.OK).entity("valid").build(); +// } +// } catch (KeystoreException e) { +// String msg = "Error occurred while converting PEM file to X509Certificate."; +// log.error(msg, e); +// return Response.serverError().entity( +// new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); +// } +// return Response.status(Response.Status.OK).entity("invalid").build(); +// } + + @POST + @Path("/verify/{type}") + public Response verifyCertificate(@PathParam("type") String type, EnrollmentCertificate certificate) { + try { + CertificateManagementService certMgtService = CertificateMgtAPIUtils.getCertificateManagementService(); + + if (DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_IOS.equalsIgnoreCase(type)) { + X509Certificate cert = certMgtService.extractCertificateFromSignature(certificate.getPem()); + String challengeToken = certMgtService.extractChallengeToken(cert); + + if (challengeToken != null) { + challengeToken = challengeToken.substring(challengeToken.indexOf("(") + 1).trim(); + + SCEPManager scepManager = CertificateMgtAPIUtils.getSCEPManagerService(); + DeviceIdentifier deviceIdentifier = new DeviceIdentifier(); + deviceIdentifier.setId(challengeToken); + deviceIdentifier.setType(DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_IOS); + TenantedDeviceWrapper tenantedDeviceWrapper = scepManager.getValidatedDevice(deviceIdentifier); + + JWTClientManagerService jwtClientManagerService = CertificateMgtAPIUtils.getJwtClientManagerService(); + String jwdToken = jwtClientManagerService.getJWTClient().getJwtToken( + tenantedDeviceWrapper.getDevice().getEnrolmentInfo().getOwner()); + + ValidationResponce validationResponce = new ValidationResponce(); + validationResponce.setDeviceId(challengeToken); + validationResponce.setDeviceType(DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_IOS); + validationResponce.setJWTToken(jwdToken); + validationResponce.setTenantId(tenantedDeviceWrapper.getTenantId()); + + if (tenantedDeviceWrapper != null) { + return Response.status(Response.Status.OK).entity(validationResponce).build(); + } + } + } + + if (DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_ANDROID.equalsIgnoreCase(type)) { + CertificateResponse certificateResponse = null; + if (certificate.getSerial().toLowerCase().contains(PROXY_AUTH_MUTUAL_HEADER)) { + certificateResponse = certMgtService.verifySubjectDN(certificate.getPem()); + } else { + X509Certificate clientCertificate = certMgtService.pemToX509Certificate(certificate.getPem()); + if (clientCertificate != null) { + certificateResponse = certMgtService.verifyPEMSignature(clientCertificate); + } + } + + if (certificateResponse != null && certificateResponse.getCommonName() != null && !certificateResponse + .getCommonName().isEmpty()) { + return Response.status(Response.Status.OK).entity("valid").build(); + } + } + } catch (SCEPException e) { + String msg = "Error occurred while extracting information from certificate."; + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); + } catch (KeystoreException e) { + String msg = "Error occurred while converting PEM file to X509Certificate."; + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); + } catch (JWTClientException e) { + String msg = "Error occurred while converting PEM file to X509Certificate."; + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()).build(); + } + return Response.status(Response.Status.OK).entity("invalid").build(); + } } \ No newline at end of file diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/CertificateMgtAPIUtils.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/CertificateMgtAPIUtils.java index a96b013b7b..fc5264c4db 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/CertificateMgtAPIUtils.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/CertificateMgtAPIUtils.java @@ -20,9 +20,11 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.core.search.mgt.SearchManagerService; +import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService; import javax.ws.rs.core.MediaType; @@ -50,6 +52,37 @@ public class CertificateMgtAPIUtils { } + public static JWTClientManagerService getJwtClientManagerService() { + PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); + JWTClientManagerService jwtClientManagerService = (JWTClientManagerService) + ctx.getOSGiService(JWTClientManagerService.class, null); + + if (jwtClientManagerService == null) { + String msg = "JWTClientManagerService Management service not initialized."; + log.error(msg); + throw new IllegalStateException(msg); + } + + return jwtClientManagerService; + } + + + public static SCEPManager getSCEPManagerService() { + + PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); + SCEPManager scepManagerService = (SCEPManager) + ctx.getOSGiService(SCEPManager.class, null); + + if (scepManagerService == null) { + String msg = "SCEPManagerImpl Management service not initialized."; + log.error(msg); + throw new IllegalStateException(msg); + } + + return scepManagerService; + } + + public static MediaType getResponseMediaType(String acceptHeader) { MediaType responseMediaType; if (acceptHeader == null || MediaType.WILDCARD.equals(acceptHeader)) { diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml index cbc9281c54..1dd5a70d09 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml @@ -21,13 +21,13 @@ org.wso2.carbon.devicemgt certificate-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.certificate.mgt.core - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Certificate Management Core WSO2 Carbon - Certificate Management Core @@ -51,7 +51,8 @@ ${carbon.device.mgt.version} Device Management Core Bundle - org.wso2.carbon.certificate.mgt.core.internal + org.wso2.carbon.certificate.mgt.core.internal, + org.wso2.carbon.certificate.mgt.core.util org.osgi.framework, @@ -59,7 +60,7 @@ org.apache.commons.logging, javax.security.auth.x500, javax.xml.*, - javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional, + javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional, org.apache.commons.codec.binary, org.bouncycastle.asn1, org.bouncycastle.asn1.x500, @@ -97,6 +98,7 @@ !org.wso2.carbon.certificate.mgt.core.internal.*, + !org.wso2.carbon.certificate.mgt.core.util, org.wso2.carbon.certificate.mgt.core.* diff --git a/components/certificate-mgt/pom.xml b/components/certificate-mgt/pom.xml index 8b33754ea4..2412934b90 100644 --- a/components/certificate-mgt/pom.xml +++ b/components/certificate-mgt/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt certificate-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Certificate Management Component http://wso2.org diff --git a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer/pom.xml b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer/pom.xml index 0cf5464ad7..81ec60bbd3 100644 --- a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer/pom.xml +++ b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer/pom.xml @@ -22,7 +22,7 @@ device-mgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm/pom.xml b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm/pom.xml index 575df963d7..48621fc0c8 100644 --- a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm/pom.xml +++ b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm/pom.xml @@ -22,7 +22,7 @@ device-mgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt/pom.xml b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt/pom.xml index 3790a86283..20fac79e86 100644 --- a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt/pom.xml +++ b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt/pom.xml @@ -22,7 +22,7 @@ device-mgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp/pom.xml b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp/pom.xml index 5844654123..e947af9b54 100644 --- a/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp/pom.xml +++ b/components/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp/pom.xml @@ -22,7 +22,7 @@ device-mgt-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt-extensions/pom.xml b/components/device-mgt-extensions/pom.xml index c179254254..7a162c59ce 100644 --- a/components/device-mgt-extensions/pom.xml +++ b/components/device-mgt-extensions/pom.xml @@ -22,7 +22,7 @@ carbon-devicemgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard/pom.xml index 7f7ae68e73..7a503f37b7 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard/pom.xml @@ -3,7 +3,7 @@ org.wso2.carbon.devicemgt device-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher/pom.xml index 0fa4b4af48..a64fae321a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt device-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml index 752fe82878..27b01bd554 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml @@ -22,7 +22,7 @@ device-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index f584554ecb..bf99446804 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -18,22 +18,13 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Info; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Extension; -import io.swagger.annotations.Tag; -import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.ResponseHeader; +import io.swagger.annotations.*; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -61,6 +52,16 @@ import javax.ws.rs.core.Response; @Path("/activities") @Api(value = "Activity Info Provider", description = "Activity related information manipulation. For example" + " operation details and responses from devices.") +@Scopes( + scopes = { + @Scope( + name = "Get activities", + description = "Get activities", + key = "perm:get-activity", + permissions = {"/device-mgt/devices/owning-device/view"} + ) + } +) @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) public interface ActivityInfoProviderService { @@ -74,12 +75,10 @@ public interface ActivityInfoProviderService { notes = "Retrieve the details of a specific activity/operation, such as the meta information of " + "an operation, including the responses from the devices.", tags = "Activity Info Provider", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" - , description = "View Activities") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:get-activity") + }) } ) @ApiResponses(value = { @@ -149,12 +148,10 @@ public interface ActivityInfoProviderService { notes = "Get the details of the operations/activities executed by the server on the devices registered" + " with WSO2 EMM, during a defined time period.", tags = "Activity Info Provider", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" - , description = "View Activities") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:get-activity") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index a7575d88f0..840f4692a3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -31,8 +31,11 @@ import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -61,6 +64,21 @@ import javax.ws.rs.core.Response; "through this API.") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) +@Scopes(scopes = { + @Scope( + name = "View configurations", + description = "", + key = "perm:view-configuration", + permissions = {"/device-mgt/platform-configurations/view"} + ), + @Scope( + name = "Manage configurations", + description = "", + key = "perm:manage-configuration", + permissions = {"/device-mgt/platform-configurations/manage"} + ) +} +) public interface ConfigurationManagementService { @GET @@ -72,11 +90,10 @@ public interface ConfigurationManagementService { "General platform configurations include the settings on how often the device need to be monitored. " + "Using this REST API you can get the general platform level configurations.", tags = "Configuration Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/view", description = "View Configurations") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:view-configuration") + }) } ) @ApiResponses( @@ -132,11 +149,10 @@ public interface ConfigurationManagementService { "General platform configurations include the settings on how often the the device need to be monitored." + "Using this REST API you can update the general platform level configurations.", tags = "Configuration Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/manage", description = "Manage configurations") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:manage-configuration") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java index 63e92c1f11..3a0564bb06 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java @@ -13,10 +13,13 @@ import io.swagger.annotations.Info; import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardPaginationGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -44,6 +47,70 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "Device Analytics Dashboard related APIs.") } ) +@Scopes( + scopes = { + @Scope( + name = "Device Count Overview", + description = "Device Count Overview", + key = "perm:dashboard:count-overview", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Device Counts by Potential Vulnerabilities", + description = "Device Counts by Potential Vulnerabilities", + key = "perm:dashboard:vulnerabilities", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a policy", + description = "Get the number of devices that have not complied to a policy", + key = "perm:dashboard:non-compliant", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + description = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + key = "perm:dashboard:by-groups", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular", + description = "Get the number of devices that have not complied to a given policy based on a particular", + key = "perm:dashboard:device-counts", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular" + + " device type.", + description = "Get the number of devices that have not complied to a given policy based on a " + + "particular device type.", + key = "perm:dashboard:filtered-count", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + description = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + key = "perm:dashboard:non-compliant-count", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get device details of devices based on a particular device type.", + description = "Get device details of devices based on a particular device type.", + key = "perm:dashboard:details", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get device details of non-compliant devices which do not comply to a given policy.", + description = "Get device details of non-compliant devices which do not comply to a given policy.", + key = "perm:dashboard:feature-non-compliant", + permissions = {"/device-mgt/dashboard/view"} + ) + } +) @Path("/dashboard") @Api(value = "Device Analytics Dashboard", description = "Device Analytics Dashboard related information APIs are described here.") @@ -70,13 +137,12 @@ public interface Dashboard { notes = "Get the details of active, inactive, removed and total number of registered devices in" + " WSO2 IoT.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:count-overview") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -127,13 +193,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of unmonitored and non-compliant devices in WSO2 IoT.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:vulnerabilities") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -185,13 +250,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a policy that was enforced on a " + "device.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -256,13 +320,12 @@ public interface Dashboard { value = "Get the number of devices for a given device type, such as connectivity status, " + "potential vulnerability, platform, and ownership.\n", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:by-groups") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -346,13 +409,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a given policy based on a particular" + " device type.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:device-counts") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -426,13 +488,12 @@ public interface Dashboard { + "The device ownership type, such as BYOD or COPE.\n" + "The device platform.\n" + "The potential vulnerabilities faced by the devices.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:filtered-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -519,13 +580,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a given policy over the total" + " number of devices registered with WSO2 IoT.\n", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:non-compliant-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -595,13 +655,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get device details of devices based on a particular device type.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:details") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -698,13 +757,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get device details of non-compliant devices which do not comply to a given policy.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:feature-non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -780,4 +838,4 @@ public interface Dashboard { value = "Provide how many policy details you require from the starting pagination index.", required = true) @QueryParam(RESULT_COUNT) int resultCount); -} \ No newline at end of file +} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 5a196d8fd9..3c96e96a50 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -24,13 +24,13 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Feature; import org.wso2.carbon.device.mgt.common.app.mgt.Application; @@ -38,6 +38,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.device.mgt.common.policy.mgt.Policy; import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.NonComplianceData; @@ -64,6 +65,64 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting Details of Registered Devices", + description = "Getting Details of Registered Devices", + key = "perm:devices:view", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "perm:devices:details", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Delete the device specified by device id", + description = "Delete the device specified by device id", + key = "perm:devices:delete", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Feature Details of a Device", + description = "Getting Feature Details of a Device", + key = "perm:devices:features", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Advanced Search for Devices", + description = "Advanced Search for Devices", + key = "perm:devices:search", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Installed Application Details of a Device", + description = "Getting Installed Application Details of a Device", + key = "perm:devices:applications", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Device Operation Details", + description = "Getting Device Operation Details", + key = "perm:devices:operations", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Get the details of the policy that is enforced on a device.", + description = "Get the details of the policy that is enforced on a device.", + key = "perm:devices:effective-policy", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Policy Compliance Details of a Device", + description = "Getting Policy Compliance Details of a Device", + key = "perm:devices:compliance-data", + permissions = {"/device-mgt/devices/owning-device/view"} + ) + } +) @Path("/devices") @Api(value = "Device Management", description = "This API carries all device management related operations " + "such as get all the available devices, etc.") @@ -78,13 +137,11 @@ public interface DeviceManagementService { value = "Getting Details of Registered Devices", notes = "Provides details of all the devices enrolled with WSO2 EMM.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" - , description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:view") + }) + } ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the list of devices.", @@ -205,12 +262,10 @@ public interface DeviceManagementService { value = "Getting Details of a Device", notes = "Get the details of a device by specifying the device type and device identifier.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:details") + }) } ) @ApiResponses( @@ -282,15 +337,13 @@ public interface DeviceManagementService { @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "DELETE", - value = "Delete the device speccified by device id", + value = "Delete the device specified by device id", notes = "Returns the status of the deleted device operation.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:delete") + }) } ) @ApiResponses( @@ -359,13 +412,11 @@ public interface DeviceManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:features") + }) + } ) @ApiResponses( value = { @@ -450,12 +501,10 @@ public interface DeviceManagementService { value = "Advanced Search for Devices", notes = "Search for devices by filtering the search result through the specified search terms.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:search") + }) } ) @ApiResponses( @@ -529,13 +578,12 @@ public interface DeviceManagementService { value = "Getting Installed Application Details of a Device", notes = "Get the list of applications subscribed to by a device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:applications") + }) + + } ) @ApiResponses( value = { @@ -633,13 +681,11 @@ public interface DeviceManagementService { value = "Getting Device Operation Details", notes = "Get the details of operations carried out on a selected device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:operations") + }) + } ) @ApiResponses( value = { @@ -746,13 +792,11 @@ public interface DeviceManagementService { "WSO2 EMM filters the policies based on the device platform (device type)," + "the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:effective-policy") + }) + } ) @ApiResponses( value = { @@ -837,12 +881,10 @@ public interface DeviceManagementService { notes = "A policy is enforced on the devices that register with WSO2 EMM. " + "The server checks if the settings in the device comply with the policy that is enforced on the device using this REST API.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:compliance-data") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 94b06ea751..83566b6f12 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -24,15 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -54,6 +55,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the Supported Device Platforms", + description = "Getting the Supported Device Platforms", + key = "perm:device-types:types", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Get Feature Details of a Device Type", + description = "Get Feature Details of a Device Type", + key = "perm:device-types:features", + permissions = {"/device-mgt/devices/owning-device/view"} + ) + } +) @Path("/device-types") @Api(value = "Device Type Management", description = "This API corresponds to all tasks related to device " + "type management") @@ -68,12 +85,10 @@ public interface DeviceTypeManagementService { value = "Getting the Supported Device Platforms", notes = "Get the list of device platforms supported by WSO2 EMM.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:device-types:types") + }) } ) @ApiResponses( @@ -123,6 +138,7 @@ public interface DeviceTypeManagementService { String ifModifiedSince); @GET + @Path("/{type}/features") @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "GET", @@ -131,12 +147,10 @@ public interface DeviceTypeManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:device-types:features") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index 9d1b255e96..51a6dae87c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; import io.swagger.annotations.Extension; import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Info; @@ -33,6 +31,8 @@ import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; @@ -40,6 +40,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceToGroupsAssignment; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -75,6 +76,94 @@ import java.util.List; "details.") } ) +@Scopes( + scopes = { + @Scope( + name = "Get the list of groups belongs to current user.", + description = "Get the list of groups belongs to current user.", + key = "perm:groups:groups", + permissions = {"/device-mgt/groups/view"} + ), + @Scope( + name = "Get the count of groups belongs to current user.", + description = "Get the count of groups belongs to current user.", + key = "perm:groups:count", + permissions = {"/device-mgt/groups/view"} + ), + @Scope( + name = "Add new device group to the system.", + description = "Add new device group to the system.", + key = "perm:groups:add", + permissions = {"/device-mgt/groups/add"} + ), + @Scope( + name = "View group specified", + description = "View group specified", + key = "perm:groups:groups-view", + permissions = {"/device-mgt/groups/view"} + ), + @Scope( + name = "Update a group", + description = "Update a group", + key = "perm:groups:update", + permissions = {"/device-mgt/groups/update"} + ), + @Scope( + name = "Delete a group", + description = "Delete a group", + key = "perm:groups:remove", + permissions = {"/device-mgt/groups/remove"} + ), + @Scope( + name = "Manage group sharing with a user", + description = "Manage group sharing with a user", + key = "perm:groups:share", + permissions = {"/device-mgt/groups/share"} + ), + @Scope( + name = "View list of roles of a device group", + description = "View list of roles of a device group", + key = "perm:groups:roles", + permissions = {"/device-mgt/groups/roles/view"} + ), + @Scope( + name = "View list of devices in the device group", + description = "View list of devices in the device group", + key = "perm:groups:devices", + permissions = {"/device-mgt/groups/devices/view"} + ), + @Scope( + name = "View list of device count in the device group", + description = "View list of device count in the device group", + key = "perm:groups:devices-count", + permissions = {"/device-mgt/groups/devices/view"} + ), + @Scope( + name = "Add devices to group", + description = "Add devices to group", + key = "perm:groups:devices-add", + permissions = {"/device-mgt/groups/devices/add"} + ), + @Scope( + name = "Remove devices from group", + description = "Remove devices from group", + key = "perm:groups:devices-remove", + permissions = {"/device-mgt/groups/devices/remove"} + ), + @Scope( + name = "Assign devices to groups", + description = "Assign devices to groups", + key = "perm:groups:assign", + permissions = {"/device-mgt/groups/devices/add"} + ), + @Scope( + name = "List of groups that have the device", + description = "List of groups that have the device", + key = "perm:groups:device", + permissions = {"/device-mgt/groups/devices/view"} + ) + } +) @Path("/groups") @Api(value = "Device Group Management", description = "This API carries all device group management related " + "operations such as get all the available groups, etc.") @@ -89,12 +178,10 @@ public interface GroupManagementService { value = "Get the list of groups belongs to current user.", notes = "Returns all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:groups") + }) } ) @ApiResponses(value = { @@ -154,13 +241,12 @@ public interface GroupManagementService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:count") + }) } + ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the device group count.", @@ -203,12 +289,10 @@ public interface GroupManagementService { value = "Add new device group to the system.", notes = "Add device group with current user as the owner.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/add", - description = "Add Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:add") + }) } ) @ApiResponses( @@ -271,12 +355,10 @@ public interface GroupManagementService { value = "View group specified.", notes = "Returns details of group enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:groups-view") + }) } ) @ApiResponses(value = { @@ -326,12 +408,10 @@ public interface GroupManagementService { notes = "If you wish to make changes to an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/update", - description = "Update Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:update") + }) } ) @ApiResponses(value = { @@ -385,12 +465,10 @@ public interface GroupManagementService { notes = "If you wish to remove an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/remove", - description = "Remove Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:remove") + }) } ) @ApiResponses(value = { @@ -439,12 +517,10 @@ public interface GroupManagementService { notes = "If you wish to share /un share an existing group with a user under defined sharing roles, " + "that can be done using this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/share", - description = "Share Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:share") + }) } ) @ApiResponses(value = { @@ -497,12 +573,10 @@ public interface GroupManagementService { value = "View list of roles of a device group.", notes = "Returns details of roles which particular group has been shared with.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/roles/view", - description = "View roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:roles") + }) } ) @ApiResponses(value = { @@ -551,12 +625,10 @@ public interface GroupManagementService { value = "View list of devices in the device group.", notes = "Returns list of devices in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices") + }) } ) @ApiResponses(value = { @@ -613,12 +685,10 @@ public interface GroupManagementService { value = "View list of device count in the device group.", notes = "Returns device count in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-count") + }) } ) @ApiResponses(value = { @@ -667,12 +737,10 @@ public interface GroupManagementService { value = "Add devices to group.", notes = "Add existing devices to the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/add", - description = "Add devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-add") + }) } ) @ApiResponses(value = { @@ -725,12 +793,10 @@ public interface GroupManagementService { value = "Remove devices from group.", notes = "Remove existing devices from the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/remove", - description = "Remove devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-remove") + }) } ) @ApiResponses(value = { @@ -783,12 +849,10 @@ public interface GroupManagementService { value = "Assign devices to groups", notes = "Add existing device to device groups.", tags = "Device Group Management", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/groups/devices/add", - description = "Add devices")} - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:assign") + }) } ) @ApiResponses(value = { @@ -837,12 +901,10 @@ public interface GroupManagementService { value = "List of groups that have the device", notes = "List of groups that have the device.", tags = "Device Group Management", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "Add devices")} - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:device") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index 0a2998251c..62db9aacd8 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.notification.mgt.Notification; import org.wso2.carbon.device.mgt.jaxrs.NotificationList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Max; import javax.validation.constraints.Size; @@ -60,6 +61,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting All Device Notification Details", + description = "Getting All Device Notification Details", + key = "perm:notifications:view", + permissions = {"/device-mgt/notifications/view"} + ), + @Scope( + name = "Updating the Device Notification Status", + description = "Updating the Device Notification Status", + key = "perm:notifications:mark-checked", + permissions = {"/device-mgt/notifications/view"} + ) + } +) @Api(value = "Device Notification Management", description = "Device notification related operations can be found here.") @Path("/notifications") @Produces(MediaType.APPLICATION_JSON) @@ -73,12 +90,10 @@ public interface NotificationManagementService { value = "Getting All Device Notification Details", notes = "Get the details of all the notifications that were pushed to the devices registered with WSO2 EMM using this REST API.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:notifications:view") + }) } ) @ApiResponses( @@ -164,12 +179,10 @@ public interface NotificationManagementService { notes = "When a user has read the the device notification the device notification status must " + "change from NEW to CHECKED. This API is used to update device notification status.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:notifications:mark-checked") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 1097e2e1ef..7edf7a7556 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -24,17 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Permission; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.device.mgt.common.policy.mgt.Policy; import javax.validation.Valid; @@ -63,6 +63,64 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Adding a Policy", + description = "Adding a Policy", + key = "perm:policies:manage", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Getting Details of Policies", + description = "Getting Details of Policies", + key = "perm:policies:get-details", + permissions = {"/device-mgt/policies/view"} + ), + @Scope( + name = "Getting Details of a Policy", + description = "Getting Details of a Policy", + key = "perm:policies:get-policy-details", + permissions = {"/device-mgt/policies/view"} + ), + @Scope( + name = "Updating a Policy", + description = "Updating a Policy", + key = "perm:policies:update", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Removing Multiple Policies", + description = "Removing Multiple Policies", + key = "perm:policies:remove", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Activating Policies", + description = "Activating Policies", + key = "perm:policies:activate", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Deactivating Policies", + description = "Deactivating Policies", + key = "perm:policies:deactivate", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Applying Changes on Policies", + description = "Applying Changes on Policies", + key = "perm:policies:changes", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Updating the Policy Priorities", + description = "Updating the Policy Priorities", + key = "perm:policies:priorities", + permissions = {"/device-mgt/policies/manage"} + ) + } +) @Api(value = "Device Policy Management", description = "This API includes the functionality around device policy management") @Path("/policies") @Produces(MediaType.APPLICATION_JSON) @@ -78,12 +136,10 @@ public interface PolicyManagementService { notes = "Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy." + "Using this REST API you are able to save a created Policy and this policy will be in the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:manage") + }) } ) @ApiResponses( @@ -148,12 +204,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of all the policies in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:get-details") + }) } ) @ApiResponses( @@ -225,12 +279,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of a policy that is in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:get-policy-details") + }) } ) @ApiResponses( @@ -295,12 +347,10 @@ public interface PolicyManagementService { value = "Updating a Policy", notes = "Make changes to an existing policy by updating the policy using this resource.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:update") + }) } ) @ApiResponses( @@ -365,12 +415,10 @@ public interface PolicyManagementService { value = "Removing Multiple Policies", notes = "Delete one or more than one policy using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:remove") + }) } ) @ApiResponses( @@ -413,12 +461,10 @@ public interface PolicyManagementService { value = "Activating Policies", notes = "Publish a policy using this API to bring a policy that is in the inactive state to the active state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:activate") + }) } ) @ApiResponses( @@ -456,12 +502,10 @@ public interface PolicyManagementService { value = "Deactivating Policies", notes = "Unpublish a policy using this API to bring a policy that is in the active state to the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:deactivate") + }) } ) @ApiResponses( @@ -504,12 +548,10 @@ public interface PolicyManagementService { " devices will not receive these changes immediately. Once all the required changes are made" + " you need to apply the changes to push the policy changes to the existing devices.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:changes") + }) } ) @ApiResponses( @@ -534,13 +576,11 @@ public interface PolicyManagementService { value = "Updating the Policy Priorities", notes = "Make changes to the existing policy priority order by updating the priority order using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:priorities") + }) + } ) @ApiResponses( value = { @@ -565,7 +605,6 @@ public interface PolicyManagementService { @GET @Path("/effective-policy/{deviceType}/{deviceId}") - @Permission(name = "Get Effective Policy of Devices", permission = "/device-mgt/policies/view") Response getEffectivePolicy(@PathParam("deviceId") String deviceId, @PathParam("deviceType") String deviceType); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index cc894b9c0b..e330d7d3d3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.user.mgt.common.UIPermissionNode; import javax.ws.rs.*; @@ -56,6 +57,58 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "perm:roles:view", + permissions = {"/device-mgt/roles/view"} + ), + @Scope( + name = "Getting Permission Details of a Role", + description = "Getting Permission Details of a Role", + key = "perm:roles:permissions", + permissions = {"/device-mgt/roles/view"} + ), + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "perm:roles:details", + permissions = {"/device-mgt/roles/view"} + ), + @Scope( + name = "Adding a Role", + description = "Adding a Role", + key = "perm:roles:add", + permissions = {"/device-mgt/roles/manage"} + ), + @Scope( + name = "Adding a combined Role", + description = "Adding a combined Role", + key = "perm:roles:create-combined-role", + permissions = {"/device-mgt/roles/manage"} + ), + @Scope( + name = "Updating Role Details", + description = "Updating Role Details", + key = "perm:roles:update", + permissions = {"/device-mgt/roles/manage"} + ), + @Scope( + name = "Deleting a Role", + description = "Deleting a Role", + key = "perm:roles:delete", + permissions = {"/device-mgt/roles/manage"} + ), + @Scope( + name = "Adding Users to a Role", + description = "Adding Users to a Role", + key = "perm:roles:add-users", + permissions = {"/device-mgt/roles/manage"} + ) + } +) @Path("/roles") @Api(value = "Role Management", description = "Role management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -70,11 +123,10 @@ public interface RoleManagementService { notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Using this API you can the list of roles that are in WSO2 EMM.\n" + "Note: Internal roles, roles created for service-providers, and application related roles will not be given in the output.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:view") + }) } ) @ApiResponses( @@ -151,11 +203,10 @@ public interface RoleManagementService { response = UIPermissionNode.class, responseContainer = "List", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:permissions") + }) } ) @ApiResponses( @@ -227,12 +278,10 @@ public interface RoleManagementService { notes = "Get the permissions associated with a role and role specific details using this REST API.", response = RoleInfo.class, tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", - description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:details") + }) } ) @ApiResponses( @@ -303,12 +352,10 @@ public interface RoleManagementService { value = "Adding a Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:add") + }) } ) @ApiResponses(value = { @@ -365,12 +412,10 @@ public interface RoleManagementService { value = "Adding a combined Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new combined role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:create-combined-role") + }) } ) @ApiResponses(value = { @@ -430,12 +475,10 @@ public interface RoleManagementService { notes = "There will be situations where you need to update the role details, such as the permissions" + " or the role name. Update the role details using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:update") + }) } ) @ApiResponses(value = { @@ -498,12 +541,10 @@ public interface RoleManagementService { notes = "Roles become obsolete over time due to various reasons. In a situation where your Organization identifies that a specific role is no longer required, you " + "can delete a role using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:delete") + }) } ) @ApiResponses(value = { @@ -550,12 +591,10 @@ public interface RoleManagementService { "be cumbersome. Therefore, you can define all the new employees that belong to the engineering " + "role using this API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:add-users") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index 41353a0f4c..1b9acd0c65 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -18,20 +18,22 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Extension; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Info; import io.swagger.annotations.ResponseHeader; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scopes; +import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfoList; import org.wso2.carbon.device.mgt.jaxrs.beans.EnrollmentInvitation; @@ -39,6 +41,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.OldPasswordResetWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; import org.wso2.carbon.device.mgt.jaxrs.beans.UserInfo; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -70,6 +73,76 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Adding a User", + description = "Adding a User", + key = "perm:users:add", + permissions = {"/device-mgt/users/manage"} + ), + @Scope( + name = "Getting Details of a User", + description = "Getting Details of a User", + key = "perm:users:details", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Updating Details of a User", + description = "Updating Details of a User", + key = "perm:users:update", + permissions = {"/device-mgt/users/manage"} + ), + @Scope( + name = "Deleting a User", + description = "Deleting a User", + key = "perm:users:delete", + permissions = {"/device-mgt/users/manage"} + ), + @Scope( + name = "Getting the Role Details of a User", + description = "Getting the Role Details of a User", + key = "perm:users:roles", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Getting Details of Users", + description = "Getting Details of Users", + key = "perm:users:user-details", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Getting the User Count", + description = "Getting the User Count", + key = "perm:users:count", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Getting the User existence status", + description = "Getting the User existence status", + key = "perm:users:is-exist", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Searching for a User Name", + description = "Searching for a User Name", + key = "perm:users:search", + permissions = {"/device-mgt/users/view"} + ), + @Scope( + name = "Changing the User Password", + description = "Adding a User", + key = "perm:users:credentials", + permissions = {"/login"} + ), + @Scope( + name = "Sending Enrollment Invitations to Users", + description = "Sending Enrollment Invitations to Users", + key = "perm:users:send-invitation", + permissions = {"/device-mgt/users/manage"} + ) + } +) @Path("/users") @Api(value = "User Management", description = "User management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -84,12 +157,10 @@ public interface UserManagementService { value = "Adding a User", notes = "WSO2 IoTS supports user management. Add a new user to the WSO2 IoTS user management system via this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:add") + }) } ) @ApiResponses( @@ -146,12 +217,10 @@ public interface UserManagementService { notes = "Get the details of a user registered with WSO2 IoTS using the REST API.", response = BasicUserInfo.class, tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:details") + }) } ) @ApiResponses(value = { @@ -219,12 +288,10 @@ public interface UserManagementService { notes = "There will be situations where you will want to update the user details. In such " + "situation you can update the user details using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:update") + }) } ) @ApiResponses(value = { @@ -286,12 +353,10 @@ public interface UserManagementService { value = "Deleting a User", notes = "When an employee leaves the organization, you can remove the user details from WSO2 IoTS using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:delete") + }) } ) @ApiResponses(value = { @@ -331,12 +396,10 @@ public interface UserManagementService { value = "Getting the Role Details of a User", notes = "A user can be assigned to one or more role in IoTS. Using this REST API you can get the role/roles a user is assigned to.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:roles") + }) } ) @ApiResponses(value = { @@ -395,12 +458,10 @@ public interface UserManagementService { notes = "You are able to manage users in WSO2 IoTS by adding, updating and removing users. If you wish to get the list of users registered with WSO2 IoTS, you can do so " + "using this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:user-details") + }) } ) @ApiResponses(value = { @@ -468,11 +529,10 @@ public interface UserManagementService { value = "Getting the User Count", notes = "Get the number of users in WSO2 IoTS via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:count") + }) } ) @ApiResponses(value = { @@ -504,12 +564,10 @@ public interface UserManagementService { value = "Getting the User existence status", notes = "Check if the user exists in the user store.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:is-exist") + }) } ) @ApiResponses(value = { @@ -549,11 +607,10 @@ public interface UserManagementService { + "You will be given a list of users having the user name in the exact order of the " + "characters you provided.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:search") + }) } ) @ApiResponses(value = { @@ -627,11 +684,10 @@ public interface UserManagementService { value = "Changing the User Password", notes = "A user is able to change the password to secure their WSO2 IoTS profile via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/login", description = "Reset user password") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:credentials") + }) } ) @ApiResponses(value = { @@ -673,11 +729,10 @@ public interface UserManagementService { notes = "Send the users a mail inviting them to enroll their devices using the REST API given below.\n" + "Before running the REST API command to send the enrollment invitations to users make sure to configure WSO2 IoTS as explained in step 4, under the WSO2 IoTS general server configurations documentation.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:send-invitation") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 132d1e1377..92c42bfb3b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -18,11 +18,22 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; -import io.swagger.annotations.*; -import org.wso2.carbon.apimgt.annotations.api.Permission; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.Consumes; import javax.ws.rs.POST; @@ -50,6 +61,22 @@ import javax.ws.rs.core.Response; @Api(value = "Application Management Administrative Service", description = "This an API intended to be used by " + "'internal' components to log in as an admin user and do a selected number of operations. " + "Further, this is strictly restricted to admin users only ") +@Scopes( + scopes = { + @Scope( + name = "Installing an Application (Internal API)", + description = "Installing an Application (Internal API)", + key = "perm:applications:install", + permissions = {"/device-mgt/applications/manage"} + ), + @Scope( + name = "Uninstalling an Application (Internal API)", + description = "Uninstalling an Application (Internal API)", + key = "perm:applications:uninstall", + permissions = {"/device-mgt/applications/manage"} + ) + } +) @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) public interface ApplicationManagementAdminService { @@ -64,12 +91,10 @@ public interface ApplicationManagementAdminService { notes = "This is an internal API that can be used to install an application on a device.", response = Activity.class, tags = "Application Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/applications/manage", description - = "Install/Uninstall applications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:applications:install") + }) } ) @ApiResponses(value = { @@ -110,12 +135,10 @@ public interface ApplicationManagementAdminService { notes = "This is an internal API that can be used to uninstall an application.", response = Activity.class, tags = "Application Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/applications/manage", description - = "Install/Uninstall applications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:applications:uninstall") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java index 3ee519e356..bea9ebedd5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java @@ -22,7 +22,6 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import org.wso2.carbon.apimgt.annotations.api.Permission; import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; import org.wso2.carbon.device.mgt.jaxrs.beans.AuthorizationRequest; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index 6266a9b737..14a34d3520 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -24,15 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -60,6 +61,16 @@ import javax.ws.rs.core.Response; "Further, this is strictly restricted to admin users only ") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) +@Scopes( + scopes = { + @Scope( + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "perm:admin:devices:view", + permissions = {"/device-mgt/devices/owning-device/view"} + ) + } +) public interface DeviceManagementAdminService { @GET @@ -71,12 +82,10 @@ public interface DeviceManagementAdminService { response = Device.class, responseContainer = "List", tags = "Device Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", description - = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin:devices:view") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index daffe2a6c5..64020ce56e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -25,16 +25,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -61,6 +62,22 @@ import javax.ws.rs.core.Response; @Api(value = "Group Management Administrative Service", description = "This an API intended to be used by " + "'internal' components to log in as an admin user and do a selected number of operations. " + "Further, this is strictly restricted to admin users only ") +@Scopes( + scopes = { + @Scope( + name = "View groups", + description = "", + key = "perm:admin-groups:view", + permissions = {"/device-mgt/admin/groups/view"} + ), + @Scope( + name = "Count groups", + description = "", + key = "perm:admin-groups:count", + permissions = {"/device-mgt/admin/groups/view"} + ) + } +) public interface GroupManagementAdminService { @GET @@ -70,12 +87,10 @@ public interface GroupManagementAdminService { value = "Get the list of groups.", notes = "Returns all groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description - = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-groups:view") + }) } ) @ApiResponses(value = { @@ -135,12 +150,10 @@ public interface GroupManagementAdminService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description - = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-groups:count") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index 99914a94ab..c6c7130926 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -24,14 +24,15 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -53,6 +54,16 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "View Users", + description = "View Users", + key = "perm:admin-users:view", + permissions = {"/device-mgt/users/manage"} + ) + } +) @Path("/admin/users") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) @@ -71,12 +82,10 @@ public interface UserManagementAdminService { notes = "The EMM administrator is able to change the password of the users in " + "the system and block them from logging into their EMM profile using this REST API.", tags = "User Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description - = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-users:view") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java index 32503d4c3a..dbf61c4761 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java @@ -24,8 +24,11 @@ import io.swagger.jaxrs.config.ReaderListener; import io.swagger.models.Swagger; import io.swagger.models.auth.OAuth2Definition; import io.swagger.models.auth.SecuritySchemeDefinition; +import org.wso2.carbon.device.mgt.jaxrs.beans.Scope; +import java.util.ArrayList; import java.util.HashMap; +import java.util.List; import java.util.Map; @SwaggerDefinition( @@ -54,6 +57,7 @@ public class SecurityDefinitionConfigurator implements ReaderListener { schemes.put(TOKEN_AUTH_SCHEME, tokenScheme); swagger.setSecurityDefinitions(schemes); + //TODO: Have to add wso2-scopes to swagger definition from here } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java index d9981ba782..c5fa21ae89 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java @@ -27,6 +27,7 @@ public class Constants { public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname"; public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname"; public static final String PRIMARY_USER_STORE = "PRIMARY"; + public static final String SCOPE = "scope"; public final class ErrorMessages { private ErrorMessages () { throw new AssertionError(); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml index a5a0668e46..32a3f61424 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml @@ -21,7 +21,7 @@ device-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml index 432dc99b04..141027ac8f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt device-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java index 86735ff88a..88849f2d22 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java @@ -23,6 +23,7 @@ import io.swagger.models.Swagger; import org.apache.catalina.core.StandardContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.apimgt.api.model.Scope; import org.wso2.carbon.device.mgt.common.permission.mgt.Permission; import javax.servlet.ServletContext; @@ -38,10 +39,7 @@ import java.net.URI; import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; -import java.util.ArrayList; -import java.util.List; -import java.util.Set; -import java.util.StringTokenizer; +import java.util.*; public class AnnotationProcessor { @@ -56,11 +54,16 @@ public class AnnotationProcessor { private static final String STRING_ARR = "string_arr"; private static final String STRING = "string"; - private static final String SWAGGER_ANNOTATIONS_AUTHORIZATIONS = "authorizations"; - private static final String SWAGGER_ANNOTATIONS_PERMISSION = "permission"; - private static final String SWAGGER_ANNOTATIONS_SCOPES = "scopes"; - private static final String SWAGGER_ANNOTATIONS_SCOPE = "scope"; - private static final String SWAGGER_ANNOTATIONS_DESCRIPTION = "description"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties"; + private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions"; + private static final String ANNOTATIONS_SCOPES = "scopes"; + + private static final String PERMISSION_PREFIX = "/permission/admin"; private StandardContext context; private Method[] pathClazzMethods; @@ -74,6 +77,11 @@ public class AnnotationProcessor { private Class apiOperation; private Class authorizationClass; private Class authorizationScopeClass; + private Class extensionClass; + private Class extensionPropertyClass; + private Class scopeClass; + private Class scopesClass; + private Map apiScopes; public AnnotationProcessor(final StandardContext context) { @@ -90,6 +98,15 @@ public class AnnotationProcessor { .loadClass((io.swagger.annotations.Authorization.class.getName())); authorizationScopeClass = (Class)classLoader .loadClass((io.swagger.annotations.AuthorizationScope.class.getName())); + extensionClass = (Class)classLoader + .loadClass((io.swagger.annotations.Extension.class.getName())); + extensionPropertyClass = (Class)classLoader + .loadClass(io.swagger.annotations.ExtensionProperty.class.getName()); + scopeClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName()); + scopesClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName()); + } catch (ClassNotFoundException e) { log.error("An error has occurred while loading classes ", e); } @@ -135,6 +152,10 @@ public class AnnotationProcessor { try { clazz = classLoader.loadClass(className); Annotation apiAnno = clazz.getAnnotation(apiClazz); + Annotation scopesAnno = clazz.getAnnotation(scopesClass); + if (scopesAnno != null) { + apiScopes = processAPIScopes(scopesAnno); + } List resourceList; if (apiAnno != null) { if (log.isDebugEnabled()) { @@ -165,7 +186,9 @@ public class AnnotationProcessor { } } } catch (ClassNotFoundException e) { - log.error("Error when passing the api annotation for device type apis."); + log.error("Error when passing the api annotation for device type apis.", e); + } catch (Throwable e) { + log.error("Error when passing the scopes annotation for device type apis.", e); } return apiPermissions; } @@ -342,28 +365,55 @@ public class AnnotationProcessor { private void setPermission(Annotation currentMethod, Permission permission) throws Throwable { InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod); - Annotation[] authorizations = (Annotation[]) methodHandler.invoke(currentMethod - , apiOperation.getMethod(SWAGGER_ANNOTATIONS_AUTHORIZATIONS,null),null); - for(int i=0; i processAPIScopes(Annotation annotation) throws Throwable { + Map scopes = new HashMap<>(); + + InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation); + Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass + .getMethod(ANNOTATIONS_SCOPES, null), null); + + Scope scope; + String permissions[]; + StringBuilder aggregatedPermissions; + for(int i=0; i device-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.ui/pom.xml index 18e51b934e..9545736da9 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/pom.xml @@ -22,7 +22,7 @@ device-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/config.json b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/config.json index e9e1d99ce6..8b923a9b82 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/config.json +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/config.json @@ -35,9 +35,9 @@ "usernameJSRegEx" : "^[\\S]{3,30}$", "usernameRegExViolationErrorMsg" : "Provided username is invalid.", "usernameHelpMsg" : "Should be in minimum 3 characters long and do not include any whitespaces.", - "firstnameJSRegEx" : "^[\\S]{3,30}$", + "firstnameJSRegEx" : "^.{3,30}$", "firstnameRegExViolationErrorMsg" : "Provided first name is invalid.", - "lastnameJSRegEx" : "^[\\S]{3,30}$", + "lastnameJSRegEx" : "^.{3,30}$", "lastnameRegExViolationErrorMsg" : "Provided last name is invalid.", "emailJSRegEx" : "/^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/", "emailRegExViolationErrorMsg" : "Provided email is invalid." @@ -62,53 +62,84 @@ "copyrightSuffix" : " All Rights Reserved." }, "scopes" : [ - "user:manage", - "user:view", - "device-type:admin:view", - "device:view", - "notification:view", - "device:admin:view", - "application:manage", - "activity:view", - "user:admin:reset-password", - "policy:manage", - "policy:view", - "role:manage", - "role:view", - "configuration:view", - "configuration:modify", - "device:android:operation:reboot", - "device:android:operation:camera", - "device:android:operation:vpn", - "device:android:operation:lock", - "device:android:operation:ring", - "device:android:operation:update-app", - "device:android:operation:wipe", - "device:android:operation:encrypt", - "device:android:operation:blacklist-app", - "device:android:operation:applications", - "device:android:operation:enterprise-wipe", - "device:android:operation:info", - "device:android:operation:wifi", - "device:android:operation:uninstall-app", - "device:android:operation:change-lock", - "device:android:operation:notification", - "device:android:operation:upgrade", - "device:android:operation:unlock", - "device:android:operation:mute", - "device:android:operation:location", - "device:android:operation:webclip", - "device:android:operation:clear-password", - "device:android:operation:password-policy", - "device:android:operation:install-app", - "device:android:event:write", - "device:android:event:read", - "device:android:enroll", - "configuration:manage", - "configuration:view", - "device:android:enroll", - "certificate:view", - "certificate:manage" + "perm:sign-csr", + "perm:admin:devices:view", + "perm:roles:add", + "perm:roles:add-users", + "perm:roles:update", + "perm:roles:permissions", + "perm:roles:details", + "perm:roles:view", + "perm:roles:create-combined-role", + "perm:roles:delete", + "perm:dashboard:vulnerabilities", + "perm:dashboard:non-compliant-count", + "perm:dashboard:non-compliant", + "perm:dashboard:by-groups", + "perm:dashboard:device-counts", + "perm:dashboard:feature-non-compliant", + "perm:dashboard:count-overview", + "perm:dashboard:filtered-count", + "perm:dashboard:details", + "perm:get-activity", + "perm:devices:delete", + "perm:devices:applications", + "perm:devices:effective-policy", + "perm:devices:compliance-data", + "perm:devices:features", + "perm:devices:operations", + "perm:devices:search", + "perm:devices:details", + "perm:devices:view", + "perm:view-configuration", + "perm:manage-configuration", + "perm:policies:remove", + "perm:policies:priorities", + "perm:policies:deactivate", + "perm:policies:get-policy-details", + "perm:policies:manage", + "perm:policies:activate", + "perm:policies:update", + "perm:policies:changes", + "perm:policies:get-details", + "perm:users:add", + "perm:users:details", + "perm:users:count", + "perm:users:delete", + "perm:users:roles", + "perm:users:user-details", + "perm:users:credentials", + "perm:users:search", + "perm:users:is-exist", + "perm:users:update", + "perm:users:send-invitation", + "perm:admin-users:view", + "perm:groups:devices", + "perm:groups:update", + "perm:groups:add", + "perm:groups:device", + "perm:groups:devices-count", + "perm:groups:remove", + "perm:groups:groups", + "perm:groups:groups-view", + "perm:groups:share", + "perm:groups:count", + "perm:groups:roles", + "perm:groups:devices-remove", + "perm:groups:devices-add", + "perm:groups:assign", + "perm:device-types:features", + "perm:device-types:types", + "perm:applications:install", + "perm:applications:uninstall", + "perm:admin-groups:count", + "perm:admin-groups:view", + "perm:notifications:mark-checked", + "perm:notifications:view", + "perm:admin:certificates:delete", + "perm:admin:certificates:details", + "perm:admin:certificates:view", + "perm:admin:certificates:add" ], "isOAuthEnabled" : true, "backendRestEndpoints" : { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.hbs index 46e213d374..230d57d161 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.hbs @@ -73,9 +73,9 @@ click "View Certificate List" to complete the process and go back to the certificate list.
- - + diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/devices.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/devices.hbs index 8a32659700..e585fea5fe 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/devices.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/devices.hbs @@ -102,7 +102,7 @@ Owner - {{group.owner}} + {{group.owner}} Shared with roles @@ -175,19 +175,42 @@ - - - - - - - - - - - - - + + + + + @@ -272,7 +295,10 @@ Add device group - + + Add devices to group + + Update assignment @@ -295,7 +321,11 @@

- Do you really want to remove this device from your Devices List? + {{#if group}} + Do you really want to remove this device(s) from '{{group.name}}' group? + {{else}} + Do you really want to remove this device(s) from your Devices? + {{/if}}

-
-
- -
-
-
- Ok -
-
-
- -
-
-

- Device was successfully removed from group. + {{#if group}} + Successfully removed from '{{group.name}}' group. + {{else}} + Successfully removed. + {{/if}}

+ +
+
+
+
+

Please select one ore more devices in order to perform this + operation.

+
+
+ + Ok + +
+
+
+
+
+ @@ -488,3 +521,19 @@ type="text/x-handlebars-template"> {{js "js/listing.js"}} {{/zone}} + +{{#zone "topCss"}} + +{{/zone}} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/public/js/listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/public/js/listing.js index c0f0d2f8aa..978d85e804 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/public/js/listing.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.devices/public/js/listing.js @@ -22,7 +22,8 @@ * initial mode and with out select mode. */ function InitiateViewOption(url) { - if ($(".select-enable-btn").text() == "Select") { + if ($(".select-enable-btn").text() == "Select" && !$(this).hasClass("btn")) { + url = $(this).parent().data("url"); $(location).attr('href', url); } } @@ -84,18 +85,6 @@ $(document).ready(function () { return $("#content-filter-types").html(); } }); - - $(".ast-container").on("click", ".claim-btn", function (e) { - e.stopPropagation(); - var deviceId = $(this).data("deviceid"); - var serviceURL = "/temp-controller-agent/enrollment/claim?username=" + currentUser; - var deviceIdentifier = {id: deviceId, type: "TemperatureController"}; - invokerUtil.put(serviceURL, deviceIdentifier, function (message) { - console.log(message); - }, function (message) { - console.log(message.content); - }); - }); }); /* @@ -166,7 +155,7 @@ function loadDevices(searchType, searchParam) { serviceURL = "/api/device-mgt/v1.0/devices"; } else if (permissionsUtil.hasPermission("LIST_OWN_DEVICES")) { //Get authenticated users devices - serviceURL = "/api/device-mgt/v1.0/users/devices?username=" + currentUser; + serviceURL = "/api/device-mgt/v1.0/devices?username=" + currentUser; } else { $("#loading-content").remove(); $('#device-table').addClass('hidden'); @@ -255,18 +244,16 @@ function loadDevices(searchType, searchParam) { { targets: 0, data: 'name', - class: 'remove-padding icon-only content-fill', + class: 'remove-padding icon-only content-fill viewEnabledIcon', render: function (data, type, row, meta) { - return '
'; + return '
'; } }, { targets: 1, data: 'name', - class: '', + class: 'viewEnabledIcon', render: function (name, type, row, meta) { var model = getPropertyValue(row.properties, 'DEVICE_MODEL'); var vendor = getPropertyValue(row.properties, 'VENDOR'); @@ -280,12 +267,12 @@ function loadDevices(searchType, searchParam) { { targets: 2, data: 'user', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon' }, { targets: 3, data: 'status', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon', render: function (status, type, row, meta) { var html; switch (status) { @@ -308,7 +295,7 @@ function loadDevices(searchType, searchParam) { { targets: 4, data: 'deviceType', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon', render: function (status, type, row, meta) { return getDeviceTypeLabel(row.deviceType); } @@ -316,7 +303,7 @@ function loadDevices(searchType, searchParam) { { targets: 5, data: 'ownership', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon', render: function (status, type, row, meta) { if (getDeviceTypeCategory(row.deviceType) == 'mobile') { return row.ownership; @@ -357,20 +344,29 @@ function loadDevices(searchType, searchParam) { html += '' + - '' + - '' + - ''; - html += - '' + - '' + - '' + - ''; + + 'data-deviceid="' + deviceIdentifier + '" data-devicetype="' + deviceType + + '" data-devicename="' + row.name + '">' + + '' + + '' + + ''; + var groupOwner = $('#group_owner').text(); + if (groupId && groupOwner != "wso2.system.user") { + html += + '' + + '' + + '' + + ''; + } else { + html += + '' + + '' + + '' + + ''; + } } return html; } @@ -380,13 +376,14 @@ function loadDevices(searchType, searchParam) { var fnCreatedRow = function (row, data, dataIndex) { $(row).attr('data-type', 'selectable'); $(row).attr('data-deviceid', data.deviceIdentifier); - $(row).attr('data-devicetype', data.type); + $(row).attr('data-devicetype', data.deviceType); + $(row).attr('data-url', context + '/device/' + data.deviceType + '?id=' + data.deviceIdentifier); var model = getPropertyValue(data.properties, 'DEVICE_MODEL'); var vendor = getPropertyValue(data.properties, 'VENDOR'); var owner = data.user; var status = data.status; var ownership = data.ownership; - var deviceType = data.type; + var deviceType = data.deviceType; var category = getDeviceTypeCategory(deviceType); $.each($('td', row), function (colIndex) { switch (colIndex) { @@ -560,17 +557,13 @@ function markAlreadyAssignedGroups(deviceId, deviceType) { data = JSON.parse(data); if (xhr.status == 200) { if (data.length > 0) { + var selectedValues = []; for (var i = 0; i < data.length; i++) { - $('.groupCheckBoxes').each( - function () { - if (data[i].id == $(this).data('groupid')) { - $(this).attr('checked', true); - } - } - ); + if (data[i].owner != "wso2.system.user") { + selectedValues.push(data[i].id); + } } - } else { - return; + $("#groups").val(selectedValues).trigger("change"); } } else { displayErrors(xhr); @@ -600,7 +593,7 @@ function attachDeviceEvents() { $(modalPopupContent).html($('#group-device-modal-content').html()); $('#user-groups').html( '
'); - $("a#group-device-yes-link").hide(); + $("a#group-device-update-link").hide(); showPopup(); var serviceURL; @@ -612,39 +605,39 @@ function attachDeviceEvents() { } invokerUtil.get(serviceURL, function (data) { + $("a#group-device-add-link").hide(); var groups = JSON.parse(data); var html = ''; var hasGroups = false; for (var i = 0; i < groups.deviceGroups.length; i++) { if (groups.deviceGroups[i].owner != "wso2.system.user") { - html += '
'; + html += ''; hasGroups = true; } } if (hasGroups) { - html = '

Please select device group(s)


' + html; + html = '

Please select device group(s)


' + + '
' + + '
'; markAlreadyAssignedGroups(deviceId, deviceType); - $("a#group-device-yes-link").show(); + $("a#group-device-update-link").show(); $("a#group-add-link").hide(); } else { - $("a#group-device-yes-link").hide(); + $("a#group-device-update-link").hide(); $("a#group-add-link").show(); html += '

You don\'t have any existing device groups. Please add new device group first.

' } $('#user-groups').html(html); - $("a#group-device-yes-link").click(function () { + $("select.select2[multiple=multiple]").select2({ + tags: false + }); + $("a#group-device-update-link").click(function () { var deviceIdentifier = {"id": deviceId, "type": deviceType}; - var deviceGroupIds = []; - $('.modal .groupCheckBoxes').each( - function () { - if ($(this).is(':checked')) { - deviceGroupIds.push($(this).data('groupid')); - } - } - ); + var deviceGroupIds = $("#groups").val(); + if (!deviceGroupIds) { + deviceGroupIds = []; + } var deviceToGroupsAssignment = { deviceIdentifier: deviceIdentifier, deviceGroupIds: deviceGroupIds @@ -684,36 +677,42 @@ function attachDeviceEvents() { * on Device Management page in WSO2 MDM Console. */ $("a.remove-device-link").click(function () { + var deviceIdentifiers = []; var deviceId = $(this).data("deviceid"); var deviceType = $(this).data("devicetype"); - var serviceURL = "/api/device-mgt/v1.0/devices/type/" + deviceType + "/id/" + deviceId; + + if (deviceId && deviceType) { + deviceIdentifiers = [{"id": deviceId, "type": deviceType}]; + } else { + deviceIdentifiers = getSelectedDevices(); + } + + if (deviceIdentifiers.length == 0) { + $(modalPopupContent).html($('#no-device-selected').html()); + $("a#no-device-selected-link").click(function () { + hidePopup(); + }); + showPopup(); + return; + } $(modalPopupContent).html($('#remove-device-modal-content').html()); showPopup(); $("a#remove-device-yes-link").click(function () { if (groupId) { - var deviceIdentifiers = [{"id": deviceId, "type": deviceType}]; - serviceURL = "/api/device-mgt/v1.0/groups/id/" + groupId + "/devices/remove"; + var serviceURL = "/api/device-mgt/v1.0/groups/id/" + groupId + "/devices/remove"; invokerUtil.post(serviceURL, deviceIdentifiers, function (message) { - $(modalPopupContent).html($('#remove-device-from-group-200-content').html()); - setTimeout(function () { - hidePopup(); - location.reload(false); - }, 2000); - }, function (message) { - displayDeviceErrors(message); - }); - } else { - invokerUtil.delete(serviceURL, function (message) { $(modalPopupContent).html($('#remove-device-200-content').html()); setTimeout(function () { hidePopup(); location.reload(false); }, 2000); - }, function (message) { + }, function (jqXHR) { displayDeviceErrors(jqXHR); }); + } else { + removeDevices(deviceIdentifiers); } }); @@ -745,7 +744,7 @@ function attachDeviceEvents() { hidePopup(); location.reload(false); }, 2000); - }, function (message) { + }, function (jqXHR) { displayDeviceErrors(jqXHR); }); }); @@ -754,6 +753,106 @@ function attachDeviceEvents() { hidePopup(); }); }); + + /** + * Following click function would execute + * when a user clicks on "Add to Group" link + * on Device Management page in WSO2 devicemgt Console. + */ + $("a.add-devices-to-group-link").click(function () { + $("a#group-device-update-link").hide(); + var deviceIdentifiers = getSelectedDevices(); + if (deviceIdentifiers.length == 0) { + $(modalPopupContent).html($('#no-device-selected').html()); + $("a#no-device-selected-link").click(function () { + hidePopup(); + }); + showPopup(); + return; + } + + $(modalPopupContent).html($('#group-device-modal-content').html()); + $('#user-groups').html( + '
'); + $("a#group-device-add-link").hide(); + showPopup(); + + var serviceURL; + if ($.hasPermission("LIST_ALL_GROUPS")) { + serviceURL = "/api/device-mgt/v1.0/admin/groups?limit=100"; + } else if ($.hasPermission("LIST_GROUPS")) { + //Get authenticated users groups + serviceURL = "/api/device-mgt/v1.0/groups?limit=100"; + } + + invokerUtil.get(serviceURL, function (data) { + var groups = JSON.parse(data); + var html = ''; + var hasGroups = false; + for (var i = 0; i < groups.deviceGroups.length; i++) { + if (groups.deviceGroups[i].owner != "wso2.system.user") { + html += ''; + hasGroups = true; + } + } + if (hasGroups) { + html = '
'; + $("a#group-add-link").hide(); + $("a#group-device-add-link").show(); + } else { + html += '

You don\'t have any existing device groups. Please add new device group first.

'; + $("a#group-add-link").show(); + $("a#group-device-add-link").hide(); + } + $('#user-groups').html(html); + $("a#group-device-add-link").click(function () { + var selectedGroup = $('#assign-group-selector').val(); + serviceURL = "/api/device-mgt/v1.0/groups/id/" + selectedGroup + "/devices/add"; + invokerUtil.post(serviceURL, deviceIdentifiers, function (data) { + $(modalPopupContent).html($('#group-associate-device-200-content').html()); + setTimeout(function () { + hidePopup(); + location.reload(false); + }, 2000); + }, function (jqXHR) { + displayDeviceErrors(jqXHR); + }); + }); + }, function (jqXHR) { + if (jqXHR.status == 404) { + $(modalPopupContent).html($('#group-404-content').html()); + $("a#cancel-link").click(function () { + hidePopup(); + }); + } else { + displayDeviceErrors(jqXHR); + } + }); + + $("a#group-device-cancel-link").click(function () { + hidePopup(); + }); + }); +} + +function removeDevices(deviceIdentifiers) { + var serviceURL = "/api/device-mgt/v1.0/devices/type/" + deviceIdentifiers[0].type + "/id/" + deviceIdentifiers[0].id; + invokerUtil.delete(serviceURL, function (message) { + if (deviceIdentifiers.length > 1) { + deviceIdentifiers.slice(1, deviceIdentifiers.length); + removeDevices(deviceIdentifiers); + } else { + $(modalPopupContent).html($('#remove-device-200-content').html()); + setTimeout(function () { + hidePopup(); + location.reload(false); + }, 2000); + } + }, function (jqXHR) { + displayDeviceErrors(jqXHR); + }); } function displayDeviceErrors(jqXHR) { @@ -788,3 +887,23 @@ function getParameterByName(name) { results = regex.exec(location.search); return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " ")); } + +/* + * Function to get selected devices. + */ +function getSelectedDevices() { + var deviceList = []; + var thisTable = $(".DTTT_selected").closest('.dataTables_wrapper').find('.dataTable').dataTable(); + thisTable.api().rows().every(function () { + if ($(this.node()).hasClass('DTTT_selected')) { + deviceList.push( + { + "id": $(thisTable.api().row(this).node()).data('deviceid'), + "type": $(thisTable.api().row(this).node()).data('devicetype') + } + ); + } + }); + + return deviceList; +} \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.groups/public/js/listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.groups/public/js/listing.js index 6661e775b4..a229215b57 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.groups/public/js/listing.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.groups/public/js/listing.js @@ -23,6 +23,7 @@ */ function InitiateViewOption(url) { if ($(".select-enable-btn").text() == "Select") { + url = $(this).parent().data("url"); $(location).attr('href', url); } } @@ -147,35 +148,30 @@ function loadGroups() { return JSON.stringify(json); }; - var columns = [{ - targets: 0, - data: 'id', - class: 'remove-padding icon-only content-fill', - render: function (data, type, row, meta) { - if ($.hasPermission("VIEW_GROUP_DEVICES")) { - return '
'; - } else { + var columns = [ + { + targets: 0, + data: 'id', + class: 'remove-padding icon-only content-fill viewEnabledIcon', + render: function (data, type, row, meta) { return '
'; } - } - }, + }, { targets: 1, data: 'name', - class: '' + class: 'viewEnabledIcon' }, { targets: 2, data: 'owner', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon' }, { targets: 3, data: 'description', - class: 'remove-padding-top', + class: 'remove-padding-top viewEnabledIcon' }, { targets: 4, @@ -226,7 +222,9 @@ function loadGroups() { var fnCreatedRow = function (row, data) { $(row).attr('data-type', 'selectable'); - $(row).attr('data-groupid', data.id); + if ($.hasPermission("VIEW_GROUP_DEVICES")) { + $(row).attr('data-url', 'devices?groupId=' + data.groupId + '&groupName=' + data.name); + } $.each($('td', row), function (colIndex) { switch (colIndex) { case 1: diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.register/register.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.register/register.hbs index 5544708f93..d105c30ec2 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.register/register.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.register/register.hbs @@ -25,14 +25,14 @@
+ data-regex="{{firstnameJSRegEx}}" data-lengthmsg="{{usernameHelpText}}" + data-errormsg="{{firstnameRegExViolationErrorMsg}}"/>
+ data-regex="{{lastnameJSRegEx}}" data-errormsg="{{lastnameRegExViolationErrorMsg}}"/>
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.hbs index b0088ff964..3ce1a6ece4 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.hbs @@ -74,8 +74,7 @@ data-errormsg="{{usernameRegExViolationErrorMsg}}" class="form-control"/> + Username should be at least 3 characters long with no white spaces.
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.types.listing/listing.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.types.listing/listing.hbs index 5069d083d4..977bc73610 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.types.listing/listing.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.types.listing/listing.hbs @@ -43,7 +43,7 @@

No device type is available to be displayed.

- diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.footer/footer.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.footer/footer.hbs index f47c63c2de..5165fc7a5f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.footer/footer.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.footer/footer.hbs @@ -17,8 +17,8 @@ }} {{#zone "footer"}}

- - WSO2 CDMF v1.2.6 | © , + + WSO2 CDMF v2.0.6 | © , Inc. All Rights Reserved.

{{/zone}} \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.theme/public/css/custom-desktop.css b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.theme/public/css/custom-desktop.css index 50185517cc..b143e04d3d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.theme/public/css/custom-desktop.css +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.theme/public/css/custom-desktop.css @@ -6547,7 +6547,7 @@ select > option:hover { @media (min-width: 1200px){ table tbody tr { - width: 18% !important; + width: 14% !important; } .table .fw-stack{ font-size: 1.2vw; @@ -6556,7 +6556,7 @@ select > option:hover { @media (min-width: 1500px){ table tbody tr { - width: 14% !important; + width: 10% !important; } .table .fw-stack{ font-size: 0.8vw; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/jaggery.conf b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/jaggery.conf index fb71f60e96..832c1ab252 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/jaggery.conf +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/jaggery.conf @@ -108,7 +108,7 @@ "contextParams" : [ { "name" : "Owasp.CsrfGuard.Config", - "value" : "/repository/conf/security/Owasp.CsrfGuard.Carbon.properties" + "value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties" } ] } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/jaggery.conf b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/jaggery.conf index 7c5a2d41c9..f97bae72cf 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/jaggery.conf +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/jaggery.conf @@ -71,7 +71,7 @@ "contextParams" : [ { "name" : "Owasp.CsrfGuard.Config", - "value" : "/repository/conf/security/Owasp.CsrfGuard.Carbon.properties" + "value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties" } ] } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/lib/modules/auth/auth.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/lib/modules/auth/auth.js index 2cf9771bea..a18d2efc50 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/lib/modules/auth/auth.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/uuf-template-app/lib/modules/auth/auth.js @@ -520,7 +520,7 @@ var module = {}; response.sendError(500, msg); return; } - + /** * @type {{sessionId: string, loggedInUser: string, sessionIndex: string, samlToken: * string}} @@ -533,7 +533,7 @@ var module = {}; if (ssoSession.sessionIndex) { module.loadTenant(ssoSession.loggedInUser); var carbonUser = (require("carbon")).server.tenantUser(ssoSession.loggedInUser); - module.loadTenant(ssoSession.loggedInUser); + module.loadTenant(ssoSession.loggedInUser); utils.setCurrentUser(carbonUser.username, carbonUser.domain, carbonUser.tenantId); var scriptArgument = {input: {samlToken: ssoSession.samlToken}, user: module.getCurrentUser()}; handleEvent(OPERATION_LOGIN, EVENT_SUCCESS, scriptArgument); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.url.printer/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.url.printer/pom.xml index 28fa84cd99..83c552cb52 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.url.printer/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.url.printer/pom.xml @@ -23,7 +23,7 @@ device-mgt org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/device-mgt/pom.xml b/components/device-mgt/pom.xml index eb64dd33ab..fdb4d4fbad 100644 --- a/components/device-mgt/pom.xml +++ b/components/device-mgt/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/components/email-sender/org.wso2.carbon.email.sender.core/pom.xml b/components/email-sender/org.wso2.carbon.email.sender.core/pom.xml index f0f04107a1..f6bbf47f07 100644 --- a/components/email-sender/org.wso2.carbon.email.sender.core/pom.xml +++ b/components/email-sender/org.wso2.carbon.email.sender.core/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt email-sender - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/email-sender/pom.xml b/components/email-sender/pom.xml index 6a3f4ad6c6..fc743d96c2 100644 --- a/components/email-sender/pom.xml +++ b/components/email-sender/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/pom.xml b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/pom.xml index 190b7ee1ac..23d8f7b3f5 100644 --- a/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/pom.xml +++ b/components/identity-extensions/dynamic-client-registration/dynamic-client-web-proxy/pom.xml @@ -21,7 +21,7 @@ dynamic-client-registration org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/identity-extensions/dynamic-client-registration/dynamic-client-web/pom.xml b/components/identity-extensions/dynamic-client-registration/dynamic-client-web/pom.xml index fea8826017..0113694c2f 100644 --- a/components/identity-extensions/dynamic-client-registration/dynamic-client-web/pom.xml +++ b/components/identity-extensions/dynamic-client-registration/dynamic-client-web/pom.xml @@ -21,7 +21,7 @@ dynamic-client-registration org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml index 06ba283548..58d9bf059c 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/pom.xml @@ -21,13 +21,13 @@ dynamic-client-registration org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.dynamic.client.registration - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Dynamic client registration service WSO2 Carbon - Dynamic Client Registration Service diff --git a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/pom.xml b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/pom.xml index 1ef883b6b3..05ab159fe9 100644 --- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/pom.xml +++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/pom.xml @@ -21,13 +21,13 @@ dynamic-client-registration org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.dynamic.client.web.app.registration - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Dynamic client web app registration WSO2 Carbon - Dynamic Client Web-app Registration Service diff --git a/components/identity-extensions/dynamic-client-registration/pom.xml b/components/identity-extensions/dynamic-client-registration/pom.xml index 5f86af9fe7..58aef32920 100644 --- a/components/identity-extensions/dynamic-client-registration/pom.xml +++ b/components/identity-extensions/dynamic-client-registration/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt identity-extensions - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt dynamic-client-registration - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Dynamic client registration http://wso2.org diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml index 5b2b41ea75..b4d7a023bb 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml @@ -22,13 +22,13 @@ org.wso2.carbon.devicemgt identity-extensions - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.oauth.extensions - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - OAuth Extensions http://wso2.org diff --git a/components/identity-extensions/org.wso2.carbon.identity.authenticator.backend.oauth/pom.xml b/components/identity-extensions/org.wso2.carbon.identity.authenticator.backend.oauth/pom.xml index a85e106cff..7c56e3b5a1 100644 --- a/components/identity-extensions/org.wso2.carbon.identity.authenticator.backend.oauth/pom.xml +++ b/components/identity-extensions/org.wso2.carbon.identity.authenticator.backend.oauth/pom.xml @@ -21,7 +21,7 @@ identity-extensions org.wso2.carbon.devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT 4.0.0 diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/pom.xml b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/pom.xml index 4ad161c802..58b3a933a6 100644 --- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/pom.xml +++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt identity-extensions - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/components/identity-extensions/pom.xml b/components/identity-extensions/pom.xml index e57c66b933..e26b2c7580 100644 --- a/components/identity-extensions/pom.xml +++ b/components/identity-extensions/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/components/policy-mgt/org.wso2.carbon.complex.policy.decision.point/pom.xml b/components/policy-mgt/org.wso2.carbon.complex.policy.decision.point/pom.xml index acadad1c1e..79ba6d653c 100644 --- a/components/policy-mgt/org.wso2.carbon.complex.policy.decision.point/pom.xml +++ b/components/policy-mgt/org.wso2.carbon.complex.policy.decision.point/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.complex.policy.decision.point - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Policy Decision Point WSO2 Carbon - Policy Decision Point diff --git a/components/policy-mgt/org.wso2.carbon.policy.decision.point/pom.xml b/components/policy-mgt/org.wso2.carbon.policy.decision.point/pom.xml index 9e4b872c58..c5918d2e05 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.decision.point/pom.xml +++ b/components/policy-mgt/org.wso2.carbon.policy.decision.point/pom.xml @@ -3,14 +3,14 @@ org.wso2.carbon.devicemgt policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.policy.decision.point - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Policy Decision Point WSO2 Carbon - Policy Decision Point diff --git a/components/policy-mgt/org.wso2.carbon.policy.information.point/pom.xml b/components/policy-mgt/org.wso2.carbon.policy.information.point/pom.xml index cb47259419..d696a6e229 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.information.point/pom.xml +++ b/components/policy-mgt/org.wso2.carbon.policy.information.point/pom.xml @@ -3,7 +3,7 @@ org.wso2.carbon.devicemgt policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml @@ -11,7 +11,7 @@ 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.policy.information.point - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Policy Information Point WSO2 Carbon - Policy Information Point diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.common/pom.xml b/components/policy-mgt/org.wso2.carbon.policy.mgt.common/pom.xml index b34da48311..da24980da3 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.mgt.common/pom.xml +++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.common/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.policy.mgt.common - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Policy Management Common WSO2 Carbon - Policy Management Common diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/pom.xml b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/pom.xml index 10d2b6f582..645fd271b9 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/pom.xml +++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.policy.mgt.core - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Policy Management Core WSO2 Carbon - Policy Management Core diff --git a/components/policy-mgt/pom.xml b/components/policy-mgt/pom.xml index 6fa7ee7d96..387697b8fa 100644 --- a/components/policy-mgt/pom.xml +++ b/components/policy-mgt/pom.xml @@ -23,13 +23,13 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 policy-mgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Policy Management Component http://wso2.org diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index 84d43cec1f..fb3c86bc70 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -21,14 +21,14 @@ org.wso2.carbon.devicemgt webapp-authenticator-framework - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.devicemgt org.wso2.carbon.webapp.authenticator.framework - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT bundle WSO2 Carbon - Web Application Authenticator Framework Bundle WSO2 Carbon - Web Application Authenticator Framework Bundle @@ -81,7 +81,8 @@ org.wso2.carbon.core.util, org.wso2.carbon.identity.base; version="${carbon.identity.imp.pkg.version}", org.wso2.carbon.identity.core.util; version="${carbon.identity.imp.pkg.version}", - org.wso2.carbon.identity.oauth2.*; version="${carbon.identity-inbound-auth-oauth.imp.pkg.version}", + org.wso2.carbon.identity.oauth2.*; + version="${carbon.identity-inbound-auth-oauth.imp.pkg.version}", org.wso2.carbon.tomcat.ext.valves, org.wso2.carbon.user.api, org.wso2.carbon.user.core.service, @@ -111,7 +112,7 @@ org.apache.http.impl.conn, javax.xml.soap; version="${javax.xml.soap.imp.pkg.version}", javax.xml.stream, - org.apache.axiom.*; version="${axiom.osgi.version.range}", + org.apache.axiom.*; version="${axiom.osgi.version.range}", org.wso2.carbon.registry.core.*, org.wso2.carbon.registry.common.*;version="${carbon.registry.imp.pkg.version.range}", org.wso2.carbon.registry.indexing.*; version="${carbon.registry.imp.pkg.version.range}", diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java index df15f9f1c7..36d1da87cb 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java @@ -123,7 +123,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { StringTokenizer tokenizer = new StringTokenizer(param, ","); nonSecuredEndpoints.put(contextPath, "true"); while (tokenizer.hasMoreTokens()) { - skippedEndPoint = contextPath + tokenizer.nextToken(); + skippedEndPoint = tokenizer.nextToken(); skippedEndPoint = skippedEndPoint.replace("\n", "").replace("\r", "").trim(); if(!skippedEndPoint.endsWith("/")) { skippedEndPoint = skippedEndPoint + "/"; diff --git a/components/webapp-authenticator-framework/pom.xml b/components/webapp-authenticator-framework/pom.xml index 69234fe0b9..84dbee75fa 100644 --- a/components/webapp-authenticator-framework/pom.xml +++ b/components/webapp-authenticator-framework/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt webapp-authenticator-framework - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Webapp Authenticator Framework http://wso2.org diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.feature/pom.xml b/features/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.feature/pom.xml index ad7a5d30dc..489bacc2fd 100644 --- a/features/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.feature/pom.xml +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.feature/pom.xml @@ -21,14 +21,14 @@ org.wso2.carbon.devicemgt apimgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.apimgt.application.extension.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - API Management Application Extension Feature http://wso2.org This feature contains an implementation of a api application registration, which takes care of subscription diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/pom.xml b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/pom.xml new file mode 100644 index 0000000000..5380c31999 --- /dev/null +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/pom.xml @@ -0,0 +1,106 @@ + + + + + + + org.wso2.carbon.devicemgt + apimgt-extensions-feature + 2.0.7-SNAPSHOT + ../pom.xml + + + 4.0.0 + org.wso2.carbon.apimgt.handler.server.feature + pom + 2.0.7-SNAPSHOT + WSO2 Carbon - Device Management - APIM handler Server Feature + http://wso2.org + This feature contains the handler for the api authentications + + + + + org.wso2.carbon.devicemgt + org.wso2.carbon.apimgt.handlers + + + + + + + maven-resources-plugin + 2.6 + + + copy-resources + generate-resources + + copy-resources + + + src/main/resources + + + resources + + build.properties + p2.inf + + + + + + + + + org.wso2.maven + carbon-p2-plugin + ${carbon.p2.plugin.version} + + + p2-feature-generation + package + + p2-feature-gen + + + org.wso2.carbon.apimgt.handler.server + ../../../features/etc/feature.properties + + + org.wso2.carbon.p2.category.type:server + org.eclipse.equinox.p2.type.group:false + + + + + org.wso2.carbon.devicemgt:org.wso2.carbon.apimgt.handlers:${carbon.device.mgt.version} + + + + + + + + + + + + diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/build.properties b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/build.properties new file mode 100644 index 0000000000..9c86577d76 --- /dev/null +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/build.properties @@ -0,0 +1 @@ +custom = true diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/conf/iot-api-config.xml b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/conf/iot-api-config.xml new file mode 100644 index 0000000000..c9a210d3bf --- /dev/null +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/conf/iot-api-config.xml @@ -0,0 +1,40 @@ + + + + + + https://localhost:9443/ + + + https://localhost:9443/api/certificate-mgt/v1.0/admin/certificates/verify/ + + + admin + admin + + + https://localhost:9443/dynamic-client-web/register + + + https://localhost:9443/oauth2/token + + + /services + + \ No newline at end of file diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/p2.inf b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/p2.inf new file mode 100644 index 0000000000..e7c6acf89f --- /dev/null +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.handler.server.feature/src/main/resources/p2.inf @@ -0,0 +1,2 @@ +instructions.configure = \ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.apimgt.handler.server_${feature.version}/conf/iot-api-config.xml,target:${installFolder}/../../conf/iot-api-config.xml,overwrite:true);\ diff --git a/features/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher.feature/pom.xml b/features/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher.feature/pom.xml index 41949ab360..0cc36fe99e 100644 --- a/features/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher.feature/pom.xml +++ b/features/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher.feature/pom.xml @@ -21,14 +21,14 @@ org.wso2.carbon.devicemgt apimgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.apimgt.webapp.publisher.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - API Management Webapp Publisher Feature http://wso2.org This feature contains an implementation of a Tomcat lifecycle listener, which takes care of publishing diff --git a/features/apimgt-extensions/pom.xml b/features/apimgt-extensions/pom.xml index 22f08a718b..51efa1550b 100644 --- a/features/apimgt-extensions/pom.xml +++ b/features/apimgt-extensions/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt apimgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - API Management Extensions Feature http://wso2.org @@ -37,6 +37,7 @@ org.wso2.carbon.apimgt.webapp.publisher.feature org.wso2.carbon.apimgt.application.extension.feature + org.wso2.carbon.apimgt.handler.server.feature diff --git a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.api.feature/pom.xml b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.api.feature/pom.xml index 9072e46113..8dd575de20 100644 --- a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.api.feature/pom.xml +++ b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.api.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt certificate-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api.feature/pom.xml b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api.feature/pom.xml index 84a8e422c7..13bb9cb452 100644 --- a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api.feature/pom.xml +++ b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt certificate-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.server.feature/pom.xml b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.server.feature/pom.xml index 065d8ce628..aafde9de63 100644 --- a/features/certificate-mgt/org.wso2.carbon.certificate.mgt.server.feature/pom.xml +++ b/features/certificate-mgt/org.wso2.carbon.certificate.mgt.server.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt certificate-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.certificate.mgt.server.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Certificate Management Server Feature http://wso2.org This feature contains the core bundles required for back-end Certificate Management functionality diff --git a/features/certificate-mgt/pom.xml b/features/certificate-mgt/pom.xml index c716c83f5f..b3c7ba4b80 100644 --- a/features/certificate-mgt/pom.xml +++ b/features/certificate-mgt/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt certificate-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Certificate Management Feature http://wso2.org diff --git a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer.feature/pom.xml b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer.feature/pom.xml index af57c72366..dbe5b35f59 100644 --- a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer.feature/pom.xml +++ b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.device.type.deployer.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.extensions.device.type.deployer.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Type Deployer Feature http://wso2.org WSO2 Carbon - Device Type Deployer Feature diff --git a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm.feature/pom.xml b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm.feature/pom.xml index 9663256166..8a44fa463b 100644 --- a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm.feature/pom.xml +++ b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.extensions.push.notification.provider.gcm.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - GCM Based Push Notification Provider Feature http://wso2.org WSO2 Carbon - MQTT Based Push Notification Provider Feature diff --git a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.feature/pom.xml b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.feature/pom.xml index 6dbfef8902..4bd768b686 100644 --- a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.feature/pom.xml +++ b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - MQTT Based Push Notification Provider Feature http://wso2.org WSO2 Carbon - MQTT Based Push Notification Provider Feature diff --git a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature/pom.xml b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature/pom.xml index 9799943435..52976cea41 100644 --- a/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature/pom.xml +++ b/features/device-mgt-extensions/org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - XMPP Based Push Notification Provider Feature http://wso2.org WSO2 Carbon - XMPP Based Push Notification Provider Feature diff --git a/features/device-mgt-extensions/pom.xml b/features/device-mgt-extensions/pom.xml index 09badc3b8b..0db4d04d52 100644 --- a/features/device-mgt-extensions/pom.xml +++ b/features/device-mgt-extensions/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard.feature/pom.xml index d17b661a7f..f2dca661e2 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.analytics.dashboard.feature/pom.xml @@ -3,13 +3,13 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.analytics.dashboard.feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Device Management Dashboard Analytics Feature WSO2 Carbon - Device Management Dashboard Analytics Feature diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher.feature/pom.xml index 39adc92b95..52fd3b446f 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.analytics.data.publisher.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Management Server Feature http://wso2.org This feature contains bundles related to device analytics data publisher diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.api.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.api.feature/pom.xml index a3a9fbe88c..b263a9ba86 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.api.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.api.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.extensions.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.extensions.feature/pom.xml index 6b9ecf2710..0e55a7d75c 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.extensions.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.extensions.feature/pom.xml @@ -4,14 +4,14 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.extensions.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Management Extensions Feature http://wso2.org This feature contains common extensions used by key device management functionalities diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.feature/pom.xml index 079daba653..3ba32fa1bc 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/pom.xml index 70f3860850..ba37ab67c8 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.server.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Management Server Feature http://wso2.org This feature contains the core bundles required for Back-end Device Management functionality diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/.cdm-config.xml.swp b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/.cdm-config.xml.swp deleted file mode 100644 index a8e6a11569..0000000000 Binary files a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/.cdm-config.xml.swp and /dev/null differ diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.ui.feature/pom.xml b/features/device-mgt/org.wso2.carbon.device.mgt.ui.feature/pom.xml index 9a9b22c3ca..9d9a5d4ec0 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.ui.feature/pom.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.ui.feature/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt device-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml diff --git a/features/device-mgt/pom.xml b/features/device-mgt/pom.xml index 5d7aaf5509..208d2233fb 100644 --- a/features/device-mgt/pom.xml +++ b/features/device-mgt/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml diff --git a/features/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration.server.feature/pom.xml b/features/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration.server.feature/pom.xml index 336303d3bb..f22704046d 100644 --- a/features/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration.server.feature/pom.xml +++ b/features/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration.server.feature/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt dynamic-client-registration-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.dynamic.client.registration.server.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Dynamic Client Registration Server Feature http://wso2.org This feature contains dynamic client registration features diff --git a/features/dynamic-client-registration/pom.xml b/features/dynamic-client-registration/pom.xml index befc73b0df..b666224d1e 100644 --- a/features/dynamic-client-registration/pom.xml +++ b/features/dynamic-client-registration/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt dynamic-client-registration-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Dynamic Client Registration Feature http://wso2.org diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/pom.xml b/features/email-sender/org.wso2.carbon.email.sender.feature/pom.xml index 9cedfd95a7..95f81b3ae8 100644 --- a/features/email-sender/org.wso2.carbon.email.sender.feature/pom.xml +++ b/features/email-sender/org.wso2.carbon.email.sender.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt email-sender-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.email.sender.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Email Sender Feature http://wso2.org This feature contains the core bundles required for email sender related functionality diff --git a/features/email-sender/pom.xml b/features/email-sender/pom.xml index 98c76014e2..77e24557ba 100644 --- a/features/email-sender/pom.xml +++ b/features/email-sender/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt email-sender-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Email Sender Feature http://wso2.org diff --git a/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/pom.xml b/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/pom.xml index 5980cdab26..f65bd61439 100644 --- a/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/pom.xml +++ b/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt jwt-client-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.identity.jwt.client.extension.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - JWT Client Feature http://wso2.org This feature contains jwt client implementation from which we can get a access token using the jwt diff --git a/features/jwt-client/pom.xml b/features/jwt-client/pom.xml index 90a0bde13c..67ab40e27c 100644 --- a/features/jwt-client/pom.xml +++ b/features/jwt-client/pom.xml @@ -23,13 +23,13 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 jwt-client-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Dynamic Client Registration Feature http://wso2.org diff --git a/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/pom.xml b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/pom.xml index 6d19f436ef..910267f1f3 100644 --- a/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/pom.xml +++ b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt oauth-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.device.mgt.oauth.extensions.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Mgt OAuth Extensions Feature http://wso2.org This feature contains devicemgt related OAuth extensions diff --git a/features/oauth-extensions/pom.xml b/features/oauth-extensions/pom.xml index 45bc5cc987..cfce762238 100644 --- a/features/oauth-extensions/pom.xml +++ b/features/oauth-extensions/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt oauth-extensions-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Device Management OAuth Extensions Feature http://wso2.org diff --git a/features/policy-mgt/org.wso2.carbon.policy.mgt.server.feature/pom.xml b/features/policy-mgt/org.wso2.carbon.policy.mgt.server.feature/pom.xml index 9851283ca8..b06d902695 100644 --- a/features/policy-mgt/org.wso2.carbon.policy.mgt.server.feature/pom.xml +++ b/features/policy-mgt/org.wso2.carbon.policy.mgt.server.feature/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt policy-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.policy.mgt.server.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Policy Management Server Feature http://wso2.org This feature contains the core bundles required for Back-end Device Management functionality diff --git a/features/policy-mgt/pom.xml b/features/policy-mgt/pom.xml index 4e3f70a39c..94c9dc45b2 100644 --- a/features/policy-mgt/pom.xml +++ b/features/policy-mgt/pom.xml @@ -23,14 +23,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt policy-mgt-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Policy Management Feature http://wso2.org diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/pom.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/pom.xml index c354aa3cec..c450cb7e0b 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/pom.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt webapp-authenticator-framework-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../pom.xml 4.0.0 org.wso2.carbon.webapp.authenticator.framework.server.feature pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Webapp Authenticator Framework Server Feature http://wso2.org This feature contains the core bundles required for Back-end Device Management functionality diff --git a/features/webapp-authenticator-framework/pom.xml b/features/webapp-authenticator-framework/pom.xml index 61c6eaea59..243d23c60f 100644 --- a/features/webapp-authenticator-framework/pom.xml +++ b/features/webapp-authenticator-framework/pom.xml @@ -22,14 +22,14 @@ org.wso2.carbon.devicemgt carbon-devicemgt - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT ../../pom.xml 4.0.0 org.wso2.carbon.devicemgt webapp-authenticator-framework-feature - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT pom WSO2 Carbon - Webapp Authenticator Framework Feature http://wso2.org diff --git a/pom.xml b/pom.xml index 493b0f8b0b..e9339f6644 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,7 @@ org.wso2.carbon.devicemgt carbon-devicemgt pom - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT WSO2 Carbon - Device Management - Parent http://wso2.org WSO2 Connected Device Manager Components @@ -314,6 +314,12 @@ org.wso2.carbon.apimgt.application.extension.api ${carbon.device.mgt.version} + + + org.wso2.carbon.devicemgt + org.wso2.carbon.apimgt.handlers + ${carbon.device.mgt.version} + @@ -1647,6 +1653,17 @@ jersey-core ${jersey.version} + + + org.apache.synapse + synapse-core + ${org.apache.synapse.version} + + + org.apache.ws.security.wso2 + wss4j + ${org.apache.ws.security.wso2.version} + @@ -1870,7 +1887,7 @@ 2.2.1 6.1.1 - 4.4.10 + 4.4.11 4.4.9 [4.4.0, 5.0.0) 1.5.4 @@ -1914,12 +1931,12 @@ 4.7.2 - 5.6.89 - 5.2.33 - 5.2.14 + 5.7.0 + 5.3.1 + 5.3.0 - [5.6.0, 6.0.0) + [5.7.0, 6.0.0) [5.2.0, 6.0.0) [5.1.0, 6.0.0) @@ -1935,7 +1952,7 @@ 1.2.11.wso2v10 - 2.0.6-SNAPSHOT + 2.0.7-SNAPSHOT 4.4.8 @@ -1945,7 +1962,7 @@ [2.6.0,3.0.0) - 6.1.2 + 6.1.35 (6.0.0,7.0.0] @@ -2038,6 +2055,10 @@ 1.6.1 + + + 2.1.7-wso2v7 + 1.5.11.wso2v15