diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
index dd95fb2d48..11f537183e 100644
--- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
@@ -20,7 +20,10 @@
doAuthentication
true
-
+
+ isSharedWithAllTenants
+ true
+
managed-api-enabled
diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js
index 25017af814..3362ffbd06 100644
--- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js
+++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js
@@ -31,12 +31,23 @@ function onRequest(context) {
if (encodedClientKeys) {
var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
var resp = tokenUtil.decode(encodedClientKeys).split(":");
- var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username, "default", {});
- if (tokenPair) {
- token = tokenPair.accessToken;
- }
- websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
- + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+
+ if (user.domain == "carbon.super") {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ } else {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain
+ , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ }
}
return {"device": device, "websocketEndpoint": websocketEndpoint};
}
\ No newline at end of file
diff --git a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js
index 7aaad19c6b..674dd8a590 100644
--- a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js
+++ b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js
@@ -28,15 +28,32 @@ function onRequest(context) {
var jwtClient = jwtService.getJWTClient();
var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"]);
var token = "";
+ var user = session.get(constants.USER_SESSION_KEY);
+ if (!user) {
+ log.error("User object was not found in the session");
+ throw constants.ERRORS.USER_NOT_FOUND;
+ }
if (encodedClientKeys) {
var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
var resp = tokenUtil.decode(encodedClientKeys).split(":");
- var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default", {});
- if (tokenPair) {
- token = tokenPair.accessToken;
- }
- websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
- + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+
+ if (user.domain == "carbon.super") {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ } else {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain
+ , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ }
+
}
return {"device": device, "websocketEndpoint": websocketEndpoint};
}
\ No newline at end of file
diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
index 6f59c5a7ca..ff13bc4944 100644
--- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
@@ -20,6 +20,10 @@
doAuthentication
true
+
+ isSharedWithAllTenants
+ true
+
diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js
index 5c34b93312..40e36dd96d 100644
--- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js
+++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.virtual_firealarm.realtime.analytics-view/analytics-view.js
@@ -28,15 +28,31 @@ function onRequest(context) {
var jwtClient = jwtService.getJWTClient();
var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"]);
var token = "";
+ var user = session.get(constants.USER_SESSION_KEY);
+ if (!user) {
+ log.error("User object was not found in the session");
+ throw constants.ERRORS.USER_NOT_FOUND;
+ }
+
if (encodedClientKeys) {
- var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
- var resp = tokenUtil.decode(encodedClientKeys).split(":");
- var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default", {});
- if (tokenPair) {
- token = tokenPair.accessToken;
- }
- websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
- + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+ var resp = tokenUtil.decode(encodedClientKeys).split(":");
+ if (user.domain == "carbon.super") {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ } else {
+ var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username + "@" + user.domain
+ , "default", {});
+ if (tokenPair) {
+ token = tokenPair.accessToken;
+ }
+ websocketEndpoint = websocketEndpoint + "/secured-websocket/t/" + user.domain + "/org.wso2.iot.devices.temperature/1.0.0?"
+ + "deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type + "&websocketToken=" + token;
+ }
}
return {"device": device, "websocketEndpoint": websocketEndpoint};
}
diff --git a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java
index 483f65f70b..635012538f 100644
--- a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java
+++ b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.mqtt/src/main/java/org/wso2/carbon/device/mgt/input/adapter/mqtt/util/MQTTAdapterListener.java
@@ -204,7 +204,12 @@ public class MQTTAdapterListener implements MqttCallback, Runnable {
log.warn("Broker is unreachable, Waiting.....");
return false;
}
- mqttClient.subscribe(topic);
+ try {
+ mqttClient.subscribe(topic);
+ } catch (MqttException e) {
+ log.error("Failed to subscribe to topic: " + topic + ", Retrying.....");
+ return false;
+ }
return true;
}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java
index 6fd2c34648..e158c726ef 100644
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java
@@ -77,12 +77,14 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
private static final String CACHE_MANAGER_NAME = "mqttAuthorizationCacheManager";
private static final String CACHE_NAME = "mqttAuthorizationCache";
private static DeviceAccessAuthorizationAdminService deviceAccessAuthorizationAdminService;
-
+ private static OAuthRequestInterceptor oAuthRequestInterceptor;
+ private static final String GATEWAY_ERROR_CODE = "404";
public DeviceAccessBasedMQTTAuthorizer() {
+ oAuthRequestInterceptor = new OAuthRequestInterceptor();
this.MQTTAuthorizationConfiguration = AuthorizationConfigurationManager.getInstance();
deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient()).logger(new Slf4jLogger())
- .logLevel(Logger.Level.FULL).requestInterceptor(new OAuthRequestInterceptor())
+ .logLevel(Logger.Level.FULL).requestInterceptor(oAuthRequestInterceptor)
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
.target(DeviceAccessAuthorizationAdminService.class,
MQTTAuthorizationConfiguration.getDeviceMgtServerUrl() + CDMF_SERVER_BASE_CONTEXT);
@@ -121,7 +123,12 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
}
return false;
} catch (FeignException e) {
- log.error(e.getMessage(), e);
+ oAuthRequestInterceptor.resetApiApplicationKey();
+ if (e.getMessage().contains(GATEWAY_ERROR_CODE)) {
+ log.error("Failed to connect to the device authorization service.");
+ } else {
+ log.error(e.getMessage(), e);
+ }
return false;
}
}
@@ -164,6 +171,12 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
}
}
} catch (FeignException e) {
+ oAuthRequestInterceptor.resetApiApplicationKey();
+ if (e.getMessage().contains(GATEWAY_ERROR_CODE)) {
+ log.error("Failed to connect to the device authorization service.");
+ } else {
+ log.error(e.getMessage(), e);
+ }
log.error(e.getMessage(), e);
}
} finally {
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
index b6124baaef..d2917f59e8 100755
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
@@ -123,6 +123,10 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
template.header("Authorization", headerValue);
}
+ public void resetApiApplicationKey() {
+ apiApplicationKey = null;
+ }
+
private static Client getSSLClient() {
return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
@Override
diff --git a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml
index 7871e1d424..c651c04e7f 100644
--- a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml
+++ b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.backend.feature/src/main/resources/devicetypes/arduino.xml
@@ -31,7 +31,7 @@
- false
+ true
diff --git a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml
index 7871e1d424..c651c04e7f 100644
--- a/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml
+++ b/features/device-types-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.ui.feature/src/main/resources/devicetypes/arduino.xml
@@ -31,7 +31,7 @@
- false
+ true
diff --git a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml
index 51b7765869..cc2800ea87 100644
--- a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml
+++ b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.backend.feature/src/main/resources/devicetypes/raspberrypi.xml
@@ -31,7 +31,7 @@
- false
+ true
diff --git a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml
index 51b7765869..cc2800ea87 100644
--- a/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml
+++ b/features/device-types-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.ui.feature/src/main/resources/devicetypes/raspberrypi.xml
@@ -31,7 +31,7 @@
- false
+ true