diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java index ee582b8288..87c347419e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java @@ -23,7 +23,8 @@ public class OTPMailDTO { int id; String otpToken; - String tenantDomain; + int tenantId; + String username; String email; String emailType; String metaInfo; @@ -32,6 +33,22 @@ public class OTPMailDTO { boolean isExpired; boolean isTenantCreated; + public int getTenantId() { + return tenantId; + } + + public void setTenantId(int tenantId) { + this.tenantId = tenantId; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + public int getId() { return id; } @@ -94,10 +111,6 @@ public class OTPMailDTO { isExpired = expired; } - public String getTenantDomain() { return tenantDomain; } - - public void setTenantDomain(String tenantDomain) { this.tenantDomain = tenantDomain; } - public boolean isTenantCreated() { return isTenantCreated; } public void setTenantCreated(boolean tenantCreated) { isTenantCreated = tenantCreated; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java index 35f255ef6b..176e899a86 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/wrapper/OTPMailWrapper.java @@ -20,18 +20,18 @@ public class OTPMailWrapper { private String firstName; private String lastName; - private String tenantDomain; private String adminUsername; + int tenantId; private String adminPassword; private String email; private String emailType; - public String getTenantDomain() { - return tenantDomain; + public int getTenantId() { + return tenantId; } - public void setTenantDomain(String tenantDomain) { - this.tenantDomain = tenantDomain; + public void setTenantId(int tenantId) { + this.tenantId = tenantId; } public String getAdminUsername() { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java index 6ce92c27c9..1d23b20b03 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java @@ -19,6 +19,7 @@ package org.wso2.carbon.device.mgt.common.spi; import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException; import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPMailWrapper; public interface OTPManagementService { @@ -35,9 +36,9 @@ public interface OTPManagementService { /** * Check the validity of the OTP * @param oneTimeToken OTP - * @return Ture if OTP is valid one, otherise returns false + * @return The OTP data * @throws OTPManagementException if error occurred whle verifying validity of the OPT * @throws BadRequestException if found an null value for OTP */ - boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException; + OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java index 7cc27618a1..076f5f820f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java @@ -47,22 +47,24 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM String sql = "INSERT INTO DM_OTP_DATA " + "(OTP_TOKEN, " - + "TENANT_DOMAIN," + "EMAIL, " + "EMAIL_TYPE, " + "META_INFO, " - + "CREATED_AT) VALUES (?, ?, ?, ?, ?, ?)"; + + "CREATED_AT," + + "TENANT_ID," + + "USERNAME) VALUES (?, ?, ?, ?, ?, ?, ?)"; try { Connection conn = this.getDBConnection(); Calendar calendar = Calendar.getInstance(); Timestamp timestamp = new Timestamp(calendar.getTime().getTime()); try (PreparedStatement stmt = conn.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) { stmt.setString(1, otpMailDTO.getOtpToken()); - stmt.setString(2, otpMailDTO.getTenantDomain()); - stmt.setString(3, otpMailDTO.getEmail()); - stmt.setString(4, otpMailDTO.getEmailType()); - stmt.setString(5, otpMailDTO.getMetaInfo()); - stmt.setTimestamp(6, timestamp); + stmt.setString(2, otpMailDTO.getEmail()); + stmt.setString(3, otpMailDTO.getEmailType()); + stmt.setString(4, otpMailDTO.getMetaInfo()); + stmt.setTimestamp(5, timestamp); + stmt.setInt(6, otpMailDTO.getTenantId()); + stmt.setString(7, otpMailDTO.getUsername()); stmt.executeUpdate(); try (ResultSet rs = stmt.getGeneratedKeys()) { if (rs.next()) { @@ -94,14 +96,15 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM String sql = "SELECT " + "ID, " + "OTP_TOKEN, " - + "TENANT_DOMAIN," + "EMAIL, " + "EMAIL_TYPE, " + "META_INFO, " + "CREATED_AT, " + "EXPIRY_TIME, " + "IS_EXPIRED, " - + "TENANT_CREATED FROM DM_OTP_DATA " + + "TENANT_CREATED," + + "TENANT_ID, " + + "USERNAME FROM DM_OTP_DATA " + "WHERE OTP_TOKEN = ?"; try { @@ -114,7 +117,6 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM OTPMailDTO otpMailDTO = new OTPMailDTO(); otpMailDTO.setId(rs.getInt("ID")); otpMailDTO.setOtpToken(rs.getString("OTP_TOKEN")); - otpMailDTO.setTenantDomain(rs.getString("TENANT_DOMAIN")); otpMailDTO.setEmail(rs.getString("EMAIL")); otpMailDTO.setEmailType(rs.getString("EMAIL_TYPE")); otpMailDTO.setMetaInfo(rs.getString("META_INFO")); @@ -122,6 +124,8 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME")); otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED")); otpMailDTO.setTenantCreated(rs.getBoolean("TENANT_CREATED")); + otpMailDTO.setTenantId(rs.getInt("TENANT_ID")); + otpMailDTO.setUsername(rs.getString("USERNAME")); return otpMailDTO; } return null; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java index 47ef466114..78276c45b5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java @@ -70,7 +70,8 @@ public class OTPManagementServiceImpl implements OTPManagementService { OTPMailDTO otpMailDTO = new OTPMailDTO(); otpMailDTO.setEmail(otpMailWrapper.getEmail()); - otpMailDTO.setTenantDomain(otpMailWrapper.getTenantDomain()); + otpMailDTO.setTenantId(otpMailDTO.getTenantId()); + otpMailDTO.setUsername(otpMailWrapper.getAdminUsername()); otpMailDTO.setEmailType(otpMailWrapper.getEmailType()); otpMailDTO.setMetaInfo(metaInfo); otpMailDTO.setOtpToken(otpValue); @@ -104,7 +105,7 @@ public class OTPManagementServiceImpl implements OTPManagementService { } @Override - public boolean isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException { + public OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException { OTPMailDTO otpMailDTO = getOTPDataByToken(oneTimeToken); if (otpMailDTO == null) { String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system."; @@ -114,11 +115,11 @@ public class OTPManagementServiceImpl implements OTPManagementService { if (otpMailDTO.isExpired()) { log.warn("Token is expired. OTP: " + oneTimeToken); - return false; + return null; } if (otpMailDTO.isTenantCreated()) { log.warn("Tenant is already created for the token. OTP: " + oneTimeToken); - return false; + return null; } Calendar calendar = Calendar.getInstance(); @@ -132,9 +133,9 @@ public class OTPManagementServiceImpl implements OTPManagementService { Gson gson = new Gson(); OTPMailWrapper otpMailWrapper = gson.fromJson(otpMailDTO.getMetaInfo(), OTPMailWrapper.class); resendUserVerifyingMail(otpMailWrapper.getFirstName(), renewedOTP, otpMailDTO.getEmail()); - return false; + return null; } - return true; + return otpMailDTO; } /** @@ -190,8 +191,8 @@ public class OTPManagementServiceImpl implements OTPManagementService { log.error("Received empty or blank email type field with OTP creating payload."); return false; } - if (StringUtils.isBlank(otpMailWrapper.getTenantDomain())) { - log.error("Received empty or blank tenant domain field with OTP creating payload."); + if (otpMailWrapper.getTenantId() != -1234 && otpMailWrapper.getTenantId() < 1) { + log.error("Invalid tenant Id field with OTP creating payload."); return false; } return true; diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java index 41f43eea9d..c5e9d90824 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java @@ -20,9 +20,11 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator; import org.apache.catalina.connector.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; import org.wso2.carbon.device.mgt.common.spi.OTPManagementService; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.Constants; +import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder; import java.util.Properties; @@ -47,9 +49,13 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { try { OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() .getOtpManagementService(); - if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) { + OTPMailDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders + .ONE_TIME_TOKEN_HEADER)); + if (validOTP != null) { authenticationInfo.setStatus(Status.CONTINUE); - authenticationInfo.setTenantId(-1); + authenticationInfo.setTenantId(validOTP.getTenantId()); + authenticationInfo.setTenantDomain(Utils.getTenantDomain(validOTP.getTenantId())); + authenticationInfo.setUsername(validOTP.getUsername()); } else { authenticationInfo.setStatus(Status.FAILURE); authenticationInfo.setMessage("Invalid OTP token."); diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql index adf4044962..5ff3b1c08c 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/h2.sql @@ -576,7 +576,8 @@ CREATE TABLE IF NOT EXISTS DM_METADATA ( CREATE TABLE IF NOT EXISTS DM_OTP_DATA ( ID INT AUTO_INCREMENT NOT NULL, OTP_TOKEN VARCHAR(100) NOT NULL, - TENANT_DOMAIN VARCHAR(20) NOT NULL, + TENANT_ID INT NOT NULL, + USERNAME VARCHAR(500) DEFAULT NOT NULL, EMAIL VARCHAR(100) NOT NULL, EMAIL_TYPE VARCHAR(20) NOT NULL, META_INFO VARCHAR(20000) NOT NULL, diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql index cbed63388d..5c82436ff1 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mssql.sql @@ -618,7 +618,8 @@ CREATE TABLE DM_METADATA ( CREATE TABLE DM_OTP_DATA ( ID INT IDENTITY NOT NULL, OTP_TOKEN VARCHAR(100) NOT NULL, - TENANT_DOMAIN VARCHAR(20) NOT NULL, + TENANT_ID INTEGER NOT NULL, + USERNAME VARCHAR(500) NOT NULL, EMAIL VARCHAR(100) NOT NULL, EMAIL_TYPE VARCHAR(20) NOT NULL, META_INFO VARCHAR(20000) NOT NULL, diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql index a3dff752c3..b2c64ebb3a 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/mysql.sql @@ -634,7 +634,8 @@ CREATE TABLE IF NOT EXISTS DM_METADATA ( CREATE TABLE IF NOT EXISTS DM_OTP_DATA ( ID INT AUTO_INCREMENT NOT NULL, OTP_TOKEN VARCHAR(100) NOT NULL, - TENANT_DOMAIN VARCHAR(20) NOT NULL, + TENANT_ID INT NOT NULL, + USERNAME VARCHAR(500) NOT NULL, EMAIL VARCHAR(100) NOT NULL, EMAIL_TYPE VARCHAR(20) NOT NULL, META_INFO VARCHAR(20000) NOT NULL, diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql index 41a10d8ffe..16139722fb 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/oracle.sql @@ -982,7 +982,8 @@ END; CREATE TABLE DM_OTP_DATA ( ID NUMBER(10) NOT NULL, OTP_TOKEN VARCHAR2(100) NOT NULL, - TENANT_DOMAIN VARCHAR(20) NOT NULL, + TENANT_ID INTEGER NOT NULL, + USERNAME VARCHAR(500) NOT NULL, EMAIL VARCHAR2(100) NOT NULL, EMAIL_TYPE VARCHAR2(20) NOT NULL, META_INFO VARCHAR2(20000) NOT NULL, diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql index c8c25534ae..d5db624796 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/dbscripts/cdm/postgresql.sql @@ -623,7 +623,8 @@ CREATE SEQUENCE DM_OTP_DATA_seq; CREATE TABLE IF NOT EXISTS DM_OTP_DATA ( ID INT DEFAULT NEXTVAL ('DM_OTP_DATA_seq') NOT NULL, OTP_TOKEN VARCHAR(100) NOT NULL, - TENANT_DOMAIN VARCHAR(20) NOT NULL, + TENANT_ID INTEGER NOT NULL, + USERNAME VARCHAR(500) NOT NULL, EMAIL VARCHAR(100) NOT NULL, EMAIL_TYPE VARCHAR(20) NOT NULL, META_INFO VARCHAR(20000) NOT NULL,