From 088642e7ce9b9d3edd16d735b8743d97981a2bd4 Mon Sep 17 00:00:00 2001 From: tcdlpds Date: Tue, 19 Sep 2023 13:22:28 +0530 Subject: [PATCH] Improve API app registration --- ...ApiApplicationRegistrationServiceImpl.java | 21 ++++++- .../api/util/RegistrationProfile.java | 21 +++++++ .../APIManagementProviderService.java | 10 +++- .../APIManagementProviderServiceImpl.java | 56 +++++++++++++------ .../keymgt/extension/api/DCRRequest.java | 21 +++++++ .../extension/api/KeyManagerServiceImpl.java | 3 +- .../extension/service/KeyMgtService.java | 5 +- .../extension/service/KeyMgtServiceImpl.java | 23 +++++--- .../application/mgt/core/util/OAuthUtils.java | 2 +- .../impl/DeviceManagementServiceImpl.java | 5 +- 10 files changed, 133 insertions(+), 34 deletions(-) diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java index 133a5d1a9c..e3ce294a21 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java @@ -24,6 +24,7 @@ import io.entgra.device.mgt.core.apimgt.application.extension.api.util.Registrat import io.entgra.device.mgt.core.apimgt.application.extension.constants.ApiApplicationConstants; import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey; import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.ApplicationGrantTypeUpdater; import io.entgra.device.mgt.core.device.mgt.common.exceptions.DeviceManagementException; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; @@ -65,7 +66,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi applicationName, APIUtil.getDefaultTags(), ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username, false, ApiApplicationConstants.DEFAULT_VALIDITY_PERIOD, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm() - .getRealmConfiguration().getAdminPassword()); + .getRealmConfiguration().getAdminPassword(), null, false); return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build(); } catch (APIManagerException e) { String msg = "Error occurred while registering an application '" + applicationName + "'"; @@ -108,10 +109,23 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi if (username.equals(registrationProfile.getUsername())) { synchronized (ApiApplicationRegistrationServiceImpl.class) { + ApplicationGrantTypeUpdater applicationGrantTypeUpdater = null; + if (registrationProfile.getSupportedGrantTypes() != null && !registrationProfile.getSupportedGrantTypes().isEmpty()) { + applicationGrantTypeUpdater = new ApplicationGrantTypeUpdater(); + applicationGrantTypeUpdater.setSupportedGrantTypes(registrationProfile.getSupportedGrantTypes()); + + } else if (StringUtils.isNotEmpty(registrationProfile.getCallbackUrl())) { + return Response.status(Response.Status.BAD_REQUEST).entity("Callback URL should be Empty when" + + " request does not contain supported grant types to update grant types of the " + + "application." + ).build(); + } + ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys( applicationName, registrationProfile.getTags(), ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username, - registrationProfile.isAllowedToAllDomains(), validityPeriod, registrationProfile.getPassword()); + registrationProfile.isAllowedToAllDomains(), validityPeriod, + registrationProfile.getPassword(), applicationGrantTypeUpdater, false); return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build(); } } @@ -123,7 +137,8 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys( applicationName, registrationProfile.getTags(), ApiApplicationConstants.DEFAULT_TOKEN_TYPE, registrationProfile.getUsername(), - registrationProfile.isAllowedToAllDomains(), validityPeriod, registrationProfile.getPassword()); + registrationProfile.isAllowedToAllDomains(), validityPeriod, + registrationProfile.getPassword(), null, false); return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build(); } } catch (APIManagerException e) { diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/util/RegistrationProfile.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/util/RegistrationProfile.java index 3e3eb30a03..921b27f434 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/util/RegistrationProfile.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/api/util/RegistrationProfile.java @@ -22,6 +22,7 @@ import org.codehaus.jackson.annotate.JsonIgnoreProperties; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; +import java.util.ArrayList; /** * DTO class to be used when registering an ApiM application. @@ -43,6 +44,10 @@ public class RegistrationProfile { @XmlElement(required = false) private String validityPeriod; + private String callbackUrl; + + private ArrayList supportedGrantTypes; + public String getApplicationName() { return applicationName; } @@ -90,4 +95,20 @@ public class RegistrationProfile { public void setPassword(String password) { this.password = password; } + + public String getCallbackUrl() { + return callbackUrl; + } + + public void setCallbackUrl(String callbackUrl) { + this.callbackUrl = callbackUrl; + } + + public ArrayList getSupportedGrantTypes() { + return supportedGrantTypes; + } + + public void setSupportedGrantTypes(ArrayList supportedGrantTypes) { + this.supportedGrantTypes = supportedGrantTypes; + } } diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderService.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderService.java index 14449cdf09..1b81b29ce3 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderService.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderService.java @@ -20,6 +20,8 @@ package io.entgra.device.mgt.core.apimgt.application.extension; import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey; import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.ApplicationGrantTypeUpdater; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.TokenInfo; import io.entgra.device.mgt.core.identity.jwt.client.extension.dto.AccessTokenInfo; /** @@ -53,12 +55,16 @@ public interface APIManagementProviderService { ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, String keyType, String username, boolean isAllowedAllDomains, - String validityTime, String password) throws APIManagerException; + String validityTime, String password, + ApplicationGrantTypeUpdater applicationGrantTypeUpdater, + boolean isMappingRequired) throws APIManagerException; ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, String keyType, boolean isAllowedAllDomains, - String validityTime, String accessToken) throws APIManagerException; + String validityTime, TokenInfo tokenInfo, + ApplicationGrantTypeUpdater applicationGrantTypeUpdater, + boolean isMappingRequired) throws APIManagerException; // /** // * Remove APIM Application. diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderServiceImpl.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderServiceImpl.java index 3cf328e6b1..6b5ecc63ca 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderServiceImpl.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderServiceImpl.java @@ -24,7 +24,11 @@ import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplication import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException; import io.entgra.device.mgt.core.apimgt.application.extension.internal.APIApplicationManagerExtensionDataHolder; import io.entgra.device.mgt.core.apimgt.application.extension.util.APIManagerUtil; -import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.*; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.APIInfo; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.ApplicationGrantTypeUpdater; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.ApplicationKey; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.KeyManager; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.bean.APIMConsumer.Subscription; import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.TokenInfo; import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataKeyAlreadyExistsException; import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataManagementException; @@ -106,35 +110,42 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe // // } - @Override - public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, - String keyType, - boolean isAllowedAllDomains, - String validityTime, String accessToken) throws APIManagerException { - TokenInfo tokenInfo = new TokenInfo(); - tokenInfo.setApiApplicationInfo(null); - tokenInfo.setAccessToken(accessToken); - return generateAndRetrieveApplicationKeys(applicationName, tags, keyType, isAllowedAllDomains, validityTime, tokenInfo); - } +// @Override +// public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, +// String keyType, +// boolean isAllowedAllDomains, +// String validityTime, String accessToken) throws APIManagerException { +// TokenInfo tokenInfo = new TokenInfo(); +// tokenInfo.setApiApplicationInfo(null); +// tokenInfo.setAccessToken(accessToken); +// return generateAndRetrieveApplicationKeys(applicationName, tags, keyType, isAllowedAllDomains, validityTime, +// tokenInfo, null, false); +// } @Override public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, String keyType, String username, boolean isAllowedAllDomains, - String validityTime, String password) + String validityTime, String password, + ApplicationGrantTypeUpdater applicationGrantTypeUpdater, + boolean isMappingRequired) throws APIManagerException { ApiApplicationInfo applicationInfo = getApplicationInfo(username, password); TokenInfo tokenInfo = new TokenInfo(); tokenInfo.setApiApplicationInfo(applicationInfo); tokenInfo.setAccessToken(null); - return generateAndRetrieveApplicationKeys(applicationName, tags, keyType, isAllowedAllDomains, validityTime, tokenInfo); + return generateAndRetrieveApplicationKeys(applicationName, tags, keyType, isAllowedAllDomains, validityTime, + tokenInfo, applicationGrantTypeUpdater, isMappingRequired); } - private ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, + @Override + public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String[] tags, String keyType, boolean isAllowedAllDomains, - String validityTime, TokenInfo tokenInfo) throws APIManagerException { + String validityTime, TokenInfo tokenInfo, + ApplicationGrantTypeUpdater applicationGrantTypeUpdater, + boolean isMappingRequired) throws APIManagerException { ConsumerRESTAPIServices consumerRESTAPIServices = APIApplicationManagerExtensionDataHolder.getInstance().getConsumerRESTAPIServices(); @@ -160,7 +171,7 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe consumerRESTAPIServices.getAllApplications(tokenInfo, applicationName); if (applications.length == 0) { return handleNewAPIApplication(applicationName, uniqueApiList, tokenInfo, keyType, - validityTime); + validityTime, applicationGrantTypeUpdater, isMappingRequired); } else { if (applications.length == 1) { Optional applicationOpt = @@ -173,7 +184,8 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe if (metaData == null) { // Todo add a comment consumerRESTAPIServices.deleteApplication(tokenInfo, application.getApplicationId()); - return handleNewAPIApplication(applicationName, uniqueApiList, tokenInfo, keyType, validityTime); + return handleNewAPIApplication(applicationName, uniqueApiList, tokenInfo, keyType, + validityTime, applicationGrantTypeUpdater, isMappingRequired); } else { Subscription[] subscriptions = consumerRESTAPIServices.getAllSubscriptions(tokenInfo, application.getApplicationId()); for (Subscription subscription : subscriptions) { @@ -265,6 +277,14 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe applicationKey = consumerRESTAPIServices.generateApplicationKeys(tokenInfo, application.getApplicationId(), keyManager.getName(), validityTime, keyType); } +// ApplicationKey updateGrantType(TokenInfo tokenInfo, String applicationId, String keyMapId, String keyManager, +// String supportedGrantTypes, String callbackUrl) + if (applicationGrantTypeUpdater != null) { + applicationKey = consumerRESTAPIServices.updateGrantType(tokenInfo, application.getApplicationId(), + applicationKey.getKeyMappingId(), keyManager.getName(), + applicationGrantTypeUpdater.getSupportedGrantTypes(), + applicationGrantTypeUpdater.getCallbackUrl()); + } // ApplicationKey applicationKey = consumerRESTAPIServices.mapApplicationKeys(tokenInfo, application, @@ -651,7 +671,7 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe registrationProfile.getTags(), tokenType, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm() .getRealmConfiguration().getAdminUserName(), registrationProfile.isAllowedToAllDomains(), validityPeriod, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm() - .getRealmConfiguration().getAdminPassword()); + .getRealmConfiguration().getAdminPassword(), null, false); } finally { PrivilegedCarbonContext.endTenantFlow(); } diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/DCRRequest.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/DCRRequest.java index 8f492c2234..9235087a77 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/DCRRequest.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/DCRRequest.java @@ -22,6 +22,7 @@ import org.codehaus.jackson.annotate.JsonIgnoreProperties; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; +import java.util.ArrayList; @XmlRootElement @@ -45,6 +46,10 @@ public class DCRRequest { @XmlElement private int validityPeriod; + private String callbackUrl; + + private ArrayList supportedGrantTypes; + public String getApplicationName() { return applicationName; } @@ -104,4 +109,20 @@ public class DCRRequest { public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } + + public String getCallbackUrl() { + return callbackUrl; + } + + public void setCallbackUrl(String callbackUrl) { + this.callbackUrl = callbackUrl; + } + + public ArrayList getSupportedGrantTypes() { + return supportedGrantTypes; + } + + public void setSupportedGrantTypes(ArrayList supportedGrantTypes) { + this.supportedGrantTypes = supportedGrantTypes; + } } diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/KeyManagerServiceImpl.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/KeyManagerServiceImpl.java index 8a5c49e4d6..54cb0e98e1 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/KeyManagerServiceImpl.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/api/KeyManagerServiceImpl.java @@ -49,7 +49,8 @@ public class KeyManagerServiceImpl implements KeyManagerService { //todo lasantha - can pass password from here - modify DCRRequest object DCRResponse resp = keyMgtService.dynamicClientRegistration(dcrRequest.getApplicationName(), dcrRequest.getUsername(), dcrRequest.getGrantTypes(), dcrRequest.getCallBackUrl(), dcrRequest.getTags(), - dcrRequest.getIsSaasApp(), dcrRequest.getValidityPeriod(), dcrRequest.getPassword()); + dcrRequest.getIsSaasApp(), dcrRequest.getValidityPeriod(), dcrRequest.getPassword(), + dcrRequest.getSupportedGrantTypes(), dcrRequest.getCallbackUrl()); return Response.status(Response.Status.CREATED).entity(gson.toJson(resp)).build(); } catch (KeyMgtException e) { return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build(); diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtService.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtService.java index 92015842ba..b1ecb3c77b 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtService.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtService.java @@ -24,6 +24,8 @@ import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenResponse; import io.entgra.device.mgt.core.apimgt.keymgt.extension.exception.BadRequestException; import io.entgra.device.mgt.core.apimgt.keymgt.extension.exception.KeyMgtException; +import java.util.List; + public interface KeyMgtService { /*** @@ -40,7 +42,8 @@ public interface KeyMgtService { * @throws KeyMgtException if any error occurs during DCR process */ DCRResponse dynamicClientRegistration(String clientName, String owner, String grantTypes, String callBackUrl, - String[] tags, boolean isSaasApp, int validityPeriod, String password) throws KeyMgtException; + String[] tags, boolean isSaasApp, int validityPeriod, String password, + List supportedGrantTypes, String callbackUrl) throws KeyMgtException; /*** * This method will handle the access token requests diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtServiceImpl.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtServiceImpl.java index 11e472809a..f1d3c73641 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtServiceImpl.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtServiceImpl.java @@ -65,7 +65,8 @@ public class KeyMgtServiceImpl implements KeyMgtService { String subTenantUserUsername, subTenantUserPassword, keyManagerName, msg = null; public DCRResponse dynamicClientRegistration(String clientName, String owner, String grantTypes, String callBackUrl, - String[] tags, boolean isSaasApp, int validityPeriod, String password) throws KeyMgtException { + String[] tags, boolean isSaasApp, int validityPeriod, + String password, List supportedGrantTypes, String callbackUrl) throws KeyMgtException { if (owner == null) { PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext(); @@ -94,13 +95,14 @@ public class KeyMgtServiceImpl implements KeyMgtService { if (KeyMgtConstants.SUPER_TENANT.equals(tenantDomain)) { OAuthApplication dcrApplication = createOauthApplication(clientName, kmConfig.getAdminUsername(), tags, - validityPeriod, kmConfig.getAdminPassword()); + validityPeriod, kmConfig.getAdminPassword(), supportedGrantTypes, callbackUrl); return new DCRResponse(dcrApplication.getClientId(), dcrApplication.getClientSecret()); } else { // super-tenant admin dcr and token generation + //todo lasantha null passed in last two params OAuthApplication superTenantOauthApp = createOauthApplication( KeyMgtConstants.RESERVED_OAUTH_APP_NAME_PREFIX + KeyMgtConstants.SUPER_TENANT, - kmConfig.getAdminUsername(), null, validityPeriod, kmConfig.getAdminPassword()); + kmConfig.getAdminUsername(), null, validityPeriod, kmConfig.getAdminPassword(), null, null); String superAdminAccessToken = createAccessToken(superTenantOauthApp); // create new key manager for the tenant, under super-tenant space @@ -123,7 +125,10 @@ public class KeyMgtServiceImpl implements KeyMgtService { // DCR for the requesting user //todo lasantha -> need to pass password of user - OAuthApplication dcrApplication = createOauthApplication(clientName, owner, tags, validityPeriod, password); + //todo lasantha null passed in last two params + + OAuthApplication dcrApplication = createOauthApplication(clientName, owner, tags, validityPeriod, + password, null, null); String requestingUserAccessToken = createAccessToken(dcrApplication); // get application id @@ -317,9 +322,11 @@ public class KeyMgtServiceImpl implements KeyMgtService { * @throws KeyMgtException if any error occurs while creating response object */ private OAuthApplication createOauthApplication (String clientName, String owner, String[] tags, - int validityPeriod, String ownerPassword) throws KeyMgtException { + int validityPeriod, String ownerPassword, + List supportedGrantTypes, String callbackUrl) throws KeyMgtException { //todo modify this to pass the password as well - String oauthAppCreationPayloadStr = createOauthAppCreationPayload(clientName, owner, tags, validityPeriod, ownerPassword); + String oauthAppCreationPayloadStr = createOauthAppCreationPayload(clientName, owner, tags, validityPeriod, + ownerPassword, supportedGrantTypes, callbackUrl); RequestBody oauthAppCreationPayload = RequestBody.Companion.create(oauthAppCreationPayloadStr, JSON); kmConfig = getKeyManagerConfig(); String dcrEndpoint = kmConfig.getServerUrl() + KeyMgtConstants.DCR_ENDPOINT; @@ -462,13 +469,15 @@ public class KeyMgtServiceImpl implements KeyMgtService { } private String createOauthAppCreationPayload(String clientName, String owner, String[] tags, int validityPeriod, - String password) { + String password, List supportedGrantTypes, String callbackUrl) { JSONObject jsonObject = new JSONObject(); jsonObject.put("applicationName", clientName); jsonObject.put("username", owner); jsonObject.put("tags", tags); jsonObject.put("validityPeriod", validityPeriod); jsonObject.put("password", password); + jsonObject.put("supportedGrantTypes", supportedGrantTypes); + jsonObject.put("callbackUrl", callbackUrl); return jsonObject.toString(); } diff --git a/components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/OAuthUtils.java b/components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/OAuthUtils.java index c5975cb500..35dced984a 100644 --- a/components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/OAuthUtils.java +++ b/components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/OAuthUtils.java @@ -66,7 +66,7 @@ public class OAuthUtils { registrationProfile.getTags(), Constants.ApplicationInstall.DEFAULT_TOKEN_TYPE, username, registrationProfile.isAllowedToAllDomains(), Constants.ApplicationInstall.DEFAULT_VALIDITY_PERIOD, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm() - .getRealmConfiguration().getAdminPassword()); + .getRealmConfiguration().getAdminPassword(), null, false); } finally { PrivilegedCarbonContext.endTenantFlow(); } diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java index 0f5a000d17..5905831436 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java @@ -27,6 +27,7 @@ import io.entgra.device.mgt.core.apimgt.application.extension.internal.APIApplic import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices; import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServicesImpl; import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.APIApplicationKey; +import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.TokenInfo; import io.entgra.device.mgt.core.apimgt.extension.rest.api.exceptions.APIServicesException; import io.entgra.device.mgt.core.apimgt.keymgt.extension.DCRResponse; import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenRequest; @@ -827,9 +828,11 @@ public class DeviceManagementServiceImpl implements DeviceManagementService { "perm:users:send-invitation"); APIManagementProviderService apiManagementProviderService = DeviceMgtAPIUtils.getAPIManagementService(); + TokenInfo tokenInfo = new TokenInfo(); + tokenInfo.setAccessToken(accessTokenInfo.getAccessToken()); apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(applicationName, new String[] {"device_management"}, "PRODUCTION", false, String.valueOf(validityTime), - accessTokenInfo.getAccessToken()); + tokenInfo, null, true); } catch (JWTClientException e) { String msg = "Error while generating an application tokens for Tenant Admin.";