mirror of
https://repository.entgra.net/community/device-mgt-plugins.git
synced 2025-09-16 23:42:15 +00:00
added ssl context
This commit is contained in:
ayyoob
parent
dfc348f043
commit
384ab40f5b
@ -67,7 +67,8 @@
|
||||
feign.gson,
|
||||
org.json.simple.*,
|
||||
org.wso2.carbon.appmgt.mobile.beans,
|
||||
org.wso2.carbon.context
|
||||
org.wso2.carbon.context,
|
||||
javax.net.ssl
|
||||
</Import-Package>
|
||||
<Export-Package>
|
||||
!org.wso2.carbon.appmgt.mdm.restconnector.internal,
|
||||
|
||||
@ -17,6 +17,7 @@
|
||||
*/
|
||||
package org.wso2.carbon.appmgt.mdm.restconnector;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.gson.GsonDecoder;
|
||||
import feign.gson.GsonEncoder;
|
||||
@ -44,6 +45,14 @@ import org.wso2.carbon.appmgt.mobile.utils.MobileApplicationException;
|
||||
import org.wso2.carbon.appmgt.mobile.utils.MobileConfigurations;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
@ -62,12 +71,12 @@ public class ApplicationOperationsImpl implements ApplicationOperations {
|
||||
public ApplicationOperationsImpl() {
|
||||
String authorizationConfigManagerServerURL = AuthorizationConfigurationManager.getInstance().getServerURL();
|
||||
OAuthRequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor();
|
||||
deviceManagementAdminService = Feign.builder()
|
||||
deviceManagementAdminService = Feign.builder().client(getSSLClient())
|
||||
.requestInterceptor(oAuthRequestInterceptor)
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(DeviceManagementAdminService.class,
|
||||
authorizationConfigManagerServerURL + CDMF_SERVER_BASE_CONTEXT);
|
||||
applicationManagementAdminService = Feign.builder()
|
||||
applicationManagementAdminService = Feign.builder().client(getSSLClient())
|
||||
.requestInterceptor(oAuthRequestInterceptor)
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApplicationManagementAdminService.class,
|
||||
@ -271,4 +280,37 @@ public class ApplicationOperationsImpl implements ApplicationOperations {
|
||||
log.error(errorMessage);
|
||||
}
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@ -17,6 +17,7 @@
|
||||
*/
|
||||
package org.wso2.carbon.appmgt.mdm.restconnector.authorization.client;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
@ -33,6 +34,15 @@ import org.wso2.carbon.appmgt.mdm.restconnector.authorization.client.dto.TokenIs
|
||||
import org.wso2.carbon.appmgt.mdm.restconnector.config.AuthorizationConfigurationManager;
|
||||
import org.wso2.carbon.appmgt.mdm.restconnector.internal.AuthorizationDataHolder;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
/**
|
||||
* This is a request interceptor to add oauth token header.
|
||||
*/
|
||||
@ -54,7 +64,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
refreshTimeOffset = AuthorizationConfigurationManager.getInstance().getTokenRefreshTimeOffset();
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUserName();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
@ -82,7 +92,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUserName();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class, AuthorizationConfigurationManager.getInstance().getTokenApiURL());
|
||||
@ -98,4 +108,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
String headerValue = Constants.RestConstants.BEARER + tokenInfo.getAccess_token();
|
||||
template.header(Constants.RestConstants.AUTHORIZATION, headerValue);
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -160,7 +160,8 @@
|
||||
org.wso2.carbon.core.util,
|
||||
org.wso2.carbon.identity.oauth2.*,
|
||||
org.wso2.carbon.utils,
|
||||
org.wso2.carbon.utils.multitenancy
|
||||
org.wso2.carbon.utils.multitenancy,
|
||||
javax.net.ssl
|
||||
</Import-Package>
|
||||
<Embed-Dependency>
|
||||
jsr311-api,
|
||||
|
||||
@ -17,6 +17,7 @@
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.input.adapter.http.authorization;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.FeignException;
|
||||
import feign.gson.GsonDecoder;
|
||||
@ -33,6 +34,14 @@ import org.wso2.carbon.device.mgt.input.adapter.http.util.AuthenticationInfo;
|
||||
import org.wso2.carbon.device.mgt.input.adapter.http.util.PropertyUtils;
|
||||
import org.wso2.carbon.event.input.adapter.core.exception.InputEventAdapterException;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
@ -50,7 +59,7 @@ public class DeviceAuthorizer {
|
||||
|
||||
public DeviceAuthorizer(Map<String, String> globalProperties) {
|
||||
try {
|
||||
deviceAccessAuthorizationAdminService = Feign.builder()
|
||||
deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient())
|
||||
.requestInterceptor(new OAuthRequestInterceptor(globalProperties))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(DeviceAccessAuthorizationAdminService.class, getDeviceMgtServerUrl(globalProperties)
|
||||
@ -98,4 +107,37 @@ public class DeviceAuthorizer {
|
||||
}
|
||||
return deviceMgtServerUrl;
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@ -14,6 +14,7 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.input.adapter.http.authorization.client;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
@ -31,6 +32,14 @@ import org.wso2.carbon.device.mgt.input.adapter.http.authorization.client.dto.To
|
||||
import org.wso2.carbon.device.mgt.input.adapter.http.util.PropertyUtils;
|
||||
import org.wso2.carbon.event.input.adapter.core.exception.InputEventAdapterException;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@ -76,7 +85,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
username = getUsername(globalProperties);
|
||||
password = getPassword(globalProperties);
|
||||
tokenEndpoint = getTokenEndpoint(globalProperties);
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
@ -99,7 +108,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile);
|
||||
String consumerKey = apiApplicationKey.getConsumerKey();
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class, tokenEndpoint);
|
||||
@ -158,4 +167,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
return refreshTimeOffset;
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -169,7 +169,8 @@
|
||||
feign.auth,
|
||||
feign.codec,
|
||||
feign.gson,
|
||||
javax.cache
|
||||
javax.cache,
|
||||
javax.net.ssl
|
||||
</Import-Package>
|
||||
<DynamicImport-Package>*</DynamicImport-Package>
|
||||
<Embed-Dependency>
|
||||
|
||||
@ -17,6 +17,7 @@
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.FeignException;
|
||||
import feign.gson.GsonDecoder;
|
||||
@ -35,7 +36,15 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.util.PropertyUtils;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.util.WebSocketSessionRequest;
|
||||
import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import javax.websocket.Session;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
@ -67,7 +76,7 @@ public class DeviceAuthorizer implements Authorizer {
|
||||
}
|
||||
}
|
||||
try {
|
||||
deviceAccessAuthorizationAdminService = Feign.builder()
|
||||
deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient())
|
||||
.requestInterceptor(new OAuthRequestInterceptor(globalProperties))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(DeviceAccessAuthorizationAdminService.class, getDeviceMgtServerUrl(globalProperties)
|
||||
@ -130,4 +139,37 @@ public class DeviceAuthorizer implements Authorizer {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@ -14,6 +14,7 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
@ -31,6 +32,14 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.util.PropertyUtils;
|
||||
import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@ -77,7 +86,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
username = getUsername(globalProperties);
|
||||
password = getPassword(globalProperties);
|
||||
tokenEndpoint = getTokenEndpoint(globalProperties);
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
@ -100,7 +109,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile);
|
||||
String consumerKey = apiApplicationKey.getConsumerKey();
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class, tokenEndpoint);
|
||||
@ -159,4 +168,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
return refreshTimeOffset;
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -123,7 +123,8 @@
|
||||
javax.xml.namespace,
|
||||
javax.xml.stream,
|
||||
org.wso2.carbon.base,
|
||||
org.wso2.carbon.utils
|
||||
org.wso2.carbon.utils,
|
||||
javax.net.ssl
|
||||
</Import-Package>
|
||||
<Embed-Dependency>
|
||||
jsr311-api,
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.FeignException;
|
||||
import feign.gson.GsonDecoder;
|
||||
@ -45,6 +46,14 @@ import javax.cache.Cache;
|
||||
import javax.cache.CacheConfiguration;
|
||||
import javax.cache.CacheManager;
|
||||
import javax.cache.Caching;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
@ -68,7 +77,7 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
|
||||
|
||||
public DeviceAccessBasedMQTTAuthorizer() {
|
||||
this.MQTTAuthorizationConfiguration = AuthorizationConfigurationManager.getInstance();
|
||||
deviceAccessAuthorizationAdminService = Feign.builder()
|
||||
deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient())
|
||||
.requestInterceptor(new OAuthRequestInterceptor())
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(DeviceAccessAuthorizationAdminService.class,
|
||||
@ -224,4 +233,37 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
|
||||
}
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -14,6 +14,7 @@
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client;
|
||||
|
||||
import feign.Client;
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
@ -30,6 +31,15 @@ import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.TokenIssuerService;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfigurationManager;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
/**
|
||||
* This is a request interceptor to add oauth token header.
|
||||
*/
|
||||
@ -53,7 +63,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
refreshTimeOffset = AuthorizationConfigurationManager.getInstance().getTokenRefreshTimeOffset() * 1000;
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUsername();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
@ -75,7 +85,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUsername();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class,
|
||||
@ -93,4 +103,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
template.header("Authorization", headerValue);
|
||||
}
|
||||
|
||||
private static Client getSSLClient() {
|
||||
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String s, SSLSession sslSession) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static SSLSocketFactory getTrustedSSLSocketFactory() {
|
||||
try {
|
||||
TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
public void checkClientTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
public void checkServerTrusted(
|
||||
java.security.cert.X509Certificate[] certs, String authType) {
|
||||
}
|
||||
}
|
||||
};
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user