diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java index 7859a673f9..ef79add187 100644 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java @@ -104,7 +104,7 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { try { String topics[] = topic.split("/"); String tenantDomainFromTopic = topics[0]; - if ("+".equals(tenantDomainFromTopic)) { + if (ALL_TENANT_DOMAIN.equals(tenantDomainFromTopic)) { if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(authorizationSubject.getTenantDomain()) && isUserAuthorized(authorizationSubject, DEFAULT_ADMIN_PERMISSION, UI_EXECUTE)) { return true; @@ -133,8 +133,8 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { return false; } catch (FeignException e) { oAuthRequestInterceptor.resetApiApplicationKey(); - if (e.getMessage().contains(GATEWAY_ERROR_CODE) || e.status() == 404) { - log.error("Failed to connect to the device authorization service."); + if (e.getMessage().contains(GATEWAY_ERROR_CODE) || e.status() == 404 || e.status() == 403) { + log.error("Failed to connect to the device authorization service, Retrying...."); } else { log.error(e.getMessage(), e); } @@ -181,8 +181,9 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { } } catch (FeignException e) { oAuthRequestInterceptor.resetApiApplicationKey(); - if (e.getMessage().contains(GATEWAY_ERROR_CODE)) { - log.error("Failed to connect to the device authorization service.", e); + //This is to avoid failure where it tries to call authorization service before the api is published + if (e.getMessage().contains(GATEWAY_ERROR_CODE) || e.status() == 404 || e.status() == 403) { + log.error("Failed to connect to the device authorization service, Retrying...."); } else { log.error(e.getMessage(), e); } diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java index 4c098deb0c..802adb19e6 100755 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java @@ -64,7 +64,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private ApiApplicationRegistrationService apiApplicationRegistrationService; private TokenIssuerService tokenIssuerService; private static Log log = LogFactory.getLog(OAuthRequestInterceptor.class); - private ApiApplicationKey apiApplicationKey; + private volatile ApiApplicationKey apiApplicationKey; /** * Creates an interceptor that authenticates all requests. @@ -124,6 +124,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { } public void resetApiApplicationKey() { + tokenInfo = null; apiApplicationKey = null; tokenIssuerService = null; }