diff --git a/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
index be0eee231f..2c66f5c1de 100644
--- a/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
CXFServlet
/*
-
- isAdminService
- false
-
doAuthentication
true
diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
index a137eb9cc7..96122464a3 100644
--- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
CXFServlet
/*
-
- isAdminService
- false
-
doAuthentication
true
diff --git a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
index 975eb808a0..e6b97eaede 100644
--- a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
CXFServlet
/*
-
- isAdminService
- false
-
doAuthentication
true
diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
index eb4a397bf7..4337c57204 100644
--- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
@@ -16,18 +16,10 @@
CXFServlet
/*
-
- isAdminService
- false
-
doAuthentication
true
-
- providerTenantDomain
- carbon.super
-
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
index d8e779491d..0edea4d1e8 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
@@ -61,6 +61,11 @@ public class DeviceAuthorizer implements Authorizer {
@Override
public void init(Map globalProperties) {
statPermissions = getPermissions(globalProperties);
+ if (statPermissions != null && !statPermissions.isEmpty()) {
+ for (String permission : statPermissions) {
+ PermissionUtil.putPermission(permission);
+ }
+ }
try {
deviceAccessAuthorizationAdminService = Feign.builder()
.requestInterceptor(new OAuthRequestInterceptor(globalProperties))
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java
new file mode 100644
index 0000000000..cab25a8c4a
--- /dev/null
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.device.mgt.output.adapter.websocket.internal.WebsocketEventAdaptorServiceDataHolder;
+import org.wso2.carbon.registry.api.Resource;
+import org.wso2.carbon.registry.core.Registry;
+import org.wso2.carbon.registry.core.exceptions.RegistryException;
+
+import java.util.StringTokenizer;
+
+/**
+ * Utility class which holds necessary utility methods required for persisting permissions in
+ * registry.
+ */
+public class PermissionUtil {
+
+ public static final String PERMISSION_PROPERTY_NAME = "name";
+ private static Log log = LogFactory.getLog(DeviceAuthorizer.class);
+
+ public static void putPermission(String permission) {
+ try {
+ StringTokenizer tokenizer = new StringTokenizer(permission, "/");
+ String lastToken = "", currentToken, tempPath;
+ while (tokenizer.hasMoreTokens()) {
+ currentToken = tokenizer.nextToken();
+ tempPath = lastToken + "/" + currentToken;
+ if (!checkResourceExists(tempPath)) {
+ createRegistryCollection(tempPath, currentToken);
+
+ }
+ lastToken = tempPath;
+ }
+ } catch (org.wso2.carbon.registry.api.RegistryException e) {
+ log.error("Failed to creation permission in registry" + permission, e);
+ }
+ }
+
+ public static void createRegistryCollection(String path, String resourceName)
+ throws org.wso2.carbon.registry.api.RegistryException {
+ Resource resource = getGovernanceRegistry().newCollection();
+ resource.addProperty(PERMISSION_PROPERTY_NAME, resourceName);
+ getGovernanceRegistry().beginTransaction();
+ getGovernanceRegistry().put(path, resource);
+ getGovernanceRegistry().commitTransaction();
+ }
+
+ public static boolean checkResourceExists(String path)
+ throws RegistryException {
+ return getGovernanceRegistry().resourceExists(path);
+ }
+
+ public static Registry getGovernanceRegistry() throws RegistryException {
+ return WebsocketEventAdaptorServiceDataHolder.getRegistryService()
+ .getGovernanceSystemRegistry(MultitenantConstants.SUPER_TENANT_ID);
+ }
+
+}
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
index 0485b07103..7cf22b0a2a 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
@@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.output.adapter.websocket.internal;
import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallbackControllerServiceImpl;
import org.wso2.carbon.event.stream.core.EventStreamService;
+import org.wso2.carbon.registry.core.service.RegistryService;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.LinkedBlockingDeque;
@@ -35,6 +36,7 @@ public final class WebsocketEventAdaptorServiceDataHolder {
private static ConcurrentHashMap>>
tenantSpecificStreamEventMap = new ConcurrentHashMap<>();
private static EventStreamService eventStreamService;
+ private static RegistryService registryService;
public static void registerEventStreamService(EventStreamService eventBuilderService) {
WebsocketEventAdaptorServiceDataHolder.eventStreamService = eventBuilderService;
@@ -63,4 +65,15 @@ public final class WebsocketEventAdaptorServiceDataHolder {
getTenantSpecificStreamEventMap() {
return tenantSpecificStreamEventMap;
}
+
+ public static RegistryService getRegistryService() {
+ if (registryService == null) {
+ throw new IllegalStateException("Registry service is not initialized properly");
+ }
+ return registryService;
+ }
+
+ public static void setRegistryService(RegistryService registryService) {
+ WebsocketEventAdaptorServiceDataHolder.registryService = registryService;
+ }
}
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
index 4820d46e61..9425f9cdad 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
@@ -26,12 +26,19 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallba
import org.wso2.carbon.event.output.adapter.core.OutputEventAdapterFactory;
import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallbackControllerService;
import org.wso2.carbon.event.stream.core.EventStreamService;
+import org.wso2.carbon.registry.core.service.RegistryService;
/**
* @scr.component component.name="output.extensions.secured.websocket.AdapterService.component" immediate="true"
* @scr.reference name="eventStreamService.service"
* interface="org.wso2.carbon.event.stream.core.EventStreamService" cardinality="1..1"
* policy="dynamic" bind="setEventStreamService" unbind="unsetEventStreamService"
+ * @scr.reference name="registry.service"
+ * interface="org.wso2.carbon.registry.core.service.RegistryService"
+ * cardinality="1..1"
+ * policy="dynamic"
+ * bind="setRegistryService"
+ * unbind="unsetRegistryService"
*/
public class WebsocketLocalEventAdapterServiceComponent {
@@ -80,4 +87,28 @@ public class WebsocketLocalEventAdapterServiceComponent {
}
WebsocketEventAdaptorServiceDataHolder.registerEventStreamService(null);
}
+
+ /**
+ * Sets Registry Service.
+ *
+ * @param registryService An instance of RegistryService
+ */
+ protected void setRegistryService(RegistryService registryService) {
+ if (log.isDebugEnabled()) {
+ log.debug("Setting Registry Service");
+ }
+ WebsocketEventAdaptorServiceDataHolder.setRegistryService(registryService);
+ }
+
+ /**
+ * Unsets Registry Service.
+ *
+ * @param registryService An instance of RegistryService
+ */
+ protected void unsetRegistryService(RegistryService registryService) {
+ if (log.isDebugEnabled()) {
+ log.debug("Un setting Registry Service");
+ }
+ WebsocketEventAdaptorServiceDataHolder.setRegistryService(null);
+ }
}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
index 886daa9124..9a29d0026b 100755
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
@@ -40,6 +40,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
private static final String APPLICATION_NAME = "mqtt_broker";
private static final String PASSWORD_GRANT_TYPE = "password";
private static final String REFRESH_GRANT_TYPE = "refresh_token";
+ private static final String REQUIRED_SCOPE = "perm:authorization:verify";
private ApiApplicationRegistrationService apiApplicationRegistrationService;
private TokenIssuerService tokenIssuerService;
@@ -76,7 +77,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
.target(TokenIssuerService.class, AuthorizationConfigurationManager.getInstance().getTokenEndpoint());
- tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
+ tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password, REQUIRED_SCOPE);
tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
}
synchronized (this) {
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
index 3e8413b457..5938587f32 100755
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
@@ -33,6 +33,12 @@ public interface TokenIssuerService {
AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
@QueryParam("password") String password);
+ @POST
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+ AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
+ @QueryParam("password") String password, @QueryParam("scopes") String scopes);
+
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
index 63510fe9b1..b22bd2b5d6 100644
--- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
@@ -42,11 +42,6 @@
60
-
-
- isAdminService
- false
-
managed-api-enabled
true
diff --git a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
index 8dbd5e3524..6ea6be132a 100644
--- a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
@@ -48,10 +48,6 @@
60
-
- isAdminService
- false
-
managed-api-enabled
true