diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml index dd95fb2d4..11f537183 100644 --- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml +++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml @@ -20,7 +20,10 @@ doAuthentication true - + + isSharedWithAllTenants + true + managed-api-enabled diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js index 25017af81..3362ffbd0 100644 --- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js +++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js @@ -31,12 +31,23 @@ function onRequest(context) { if (encodedClientKeys) { var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"]; var resp = tokenUtil.decode(encodedClientKeys).split(":"); - var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username, "default", {}); - if (tokenPair) { - token = tokenPair.accessToken; - } - websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" - + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + + if (user.domain == "carbon.super") { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } else { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain + , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } } return {"device": device, "websocketEndpoint": websocketEndpoint}; } \ No newline at end of file diff --git a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js index 7aaad19c6..674dd8a59 100644 --- a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js +++ b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js @@ -28,15 +28,32 @@ function onRequest(context) { var jwtClient = jwtService.getJWTClient(); var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"]); var token = ""; + var user = session.get(constants.USER_SESSION_KEY); + if (!user) { + log.error("User object was not found in the session"); + throw constants.ERRORS.USER_NOT_FOUND; + } if (encodedClientKeys) { var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"]; var resp = tokenUtil.decode(encodedClientKeys).split(":"); - var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default", {}); - if (tokenPair) { - token = tokenPair.accessToken; - } - websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" - + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + + if (user.domain == "carbon.super") { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } else { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain + , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } + } return {"device": device, "websocketEndpoint": websocketEndpoint}; } \ No newline at end of file diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml index 6f59c5a7c..ff13bc494 100644 --- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml +++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml @@ -20,6 +20,10 @@ doAuthentication true + + isSharedWithAllTenants + true + diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js index 5c34b9331..40e36dd96 100644 --- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js +++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js @@ -28,15 +28,31 @@ function onRequest(context) { var jwtClient = jwtService.getJWTClient(); var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"]); var token = ""; + var user = session.get(constants.USER_SESSION_KEY); + if (!user) { + log.error("User object was not found in the session"); + throw constants.ERRORS.USER_NOT_FOUND; + } + if (encodedClientKeys) { - var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"]; - var resp = tokenUtil.decode(encodedClientKeys).split(":"); - var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default", {}); - if (tokenPair) { - token = tokenPair.accessToken; - } - websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" - + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"]; + var resp = tokenUtil.decode(encodedClientKeys).split(":"); + if (user.domain == "carbon.super") { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } else { + var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain + , "default", {}); + if (tokenPair) { + token = tokenPair.accessToken; + } + websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?" + + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token; + } } return {"device": device, "websocketEndpoint": websocketEndpoint}; } diff --git a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java index 483f65f70..635012538 100644 --- a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java +++ b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java @@ -204,7 +204,12 @@ public class MQTTAdapterListener implements MqttCallback, Runnable { log.warn("Broker is unreachable, Waiting....."); return false; } - mqttClient.subscribe(topic); + try { + mqttClient.subscribe(topic); + } catch (MqttException e) { + log.error("Failed to subscribe to topic: " + topic + ", Retrying....."); + return false; + } return true; } diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java index 6fd2c3464..e158c726e 100644 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java @@ -77,12 +77,14 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { private static final String CACHE_MANAGER_NAME = "mqttAuthorizationCacheManager"; private static final String CACHE_NAME = "mqttAuthorizationCache"; private static DeviceAccessAuthorizationAdminService deviceAccessAuthorizationAdminService; - + private static OAuthRequestInterceptor oAuthRequestInterceptor; + private static final String GATEWAY_ERROR_CODE = "404"; public DeviceAccessBasedMQTTAuthorizer() { + oAuthRequestInterceptor = new OAuthRequestInterceptor(); this.MQTTAuthorizationConfiguration = AuthorizationConfigurationManager.getInstance(); deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient()).logger(new Slf4jLogger()) - .logLevel(Logger.Level.FULL).requestInterceptor(new OAuthRequestInterceptor()) + .logLevel(Logger.Level.FULL).requestInterceptor(oAuthRequestInterceptor) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DeviceAccessAuthorizationAdminService.class, MQTTAuthorizationConfiguration.getDeviceMgtServerUrl() + CDMF_SERVER_BASE_CONTEXT); @@ -121,7 +123,12 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { } return false; } catch (FeignException e) { - log.error(e.getMessage(), e); + oAuthRequestInterceptor.resetApiApplicationKey(); + if (e.getMessage().contains(GATEWAY_ERROR_CODE)) { + log.error("Failed to connect to the device authorization service."); + } else { + log.error(e.getMessage(), e); + } return false; } } @@ -164,6 +171,12 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { } } } catch (FeignException e) { + oAuthRequestInterceptor.resetApiApplicationKey(); + if (e.getMessage().contains(GATEWAY_ERROR_CODE)) { + log.error("Failed to connect to the device authorization service."); + } else { + log.error(e.getMessage(), e); + } log.error(e.getMessage(), e); } } finally { diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java index b6124baae..d2917f59e 100755 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java @@ -123,6 +123,10 @@ public class OAuthRequestInterceptor implements RequestInterceptor { template.header("Authorization", headerValue); } + public void resetApiApplicationKey() { + apiApplicationKey = null; + } + private static Client getSSLClient() { return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { @Override diff --git a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml index 7871e1d42..c651c04e7 100644 --- a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml +++ b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml @@ -31,7 +31,7 @@ - false + true diff --git a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml index 7871e1d42..c651c04e7 100644 --- a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml +++ b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml @@ -31,7 +31,7 @@ - false + true diff --git a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml index 51b776586..cc2800ea8 100644 --- a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml +++ b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml @@ -31,7 +31,7 @@ - false + true diff --git a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml index 51b776586..cc2800ea8 100644 --- a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml +++ b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml @@ -31,7 +31,7 @@ - false + true