Merge pull request #1063 from Megala21/authenticator_framework
Adding test cases to improve Authenticator framework coveragemerge-requests/1/head
commit
63b0e7d3f5
@ -0,0 +1,284 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import org.apache.catalina.Context;
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.catalina.core.StandardContext;
|
||||
import org.apache.tomcat.util.buf.MessageBytes;
|
||||
import org.apache.tomcat.util.http.MimeHeaders;
|
||||
import org.bouncycastle.cert.jcajce.JcaCertStore;
|
||||
import org.bouncycastle.cms.CMSAbsentContent;
|
||||
import org.bouncycastle.cms.CMSException;
|
||||
import org.bouncycastle.cms.CMSSignedData;
|
||||
import org.bouncycastle.cms.CMSSignedDataGenerator;
|
||||
import org.h2.jdbcx.JdbcDataSource;
|
||||
import org.mockito.Mockito;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
|
||||
import org.wso2.carbon.certificate.mgt.core.scep.SCEPException;
|
||||
import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager;
|
||||
import org.wso2.carbon.certificate.mgt.core.scep.SCEPManagerImpl;
|
||||
import org.wso2.carbon.certificate.mgt.core.scep.TenantedDeviceWrapper;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
||||
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.util.TestCertificateGenerator;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URL;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.sql.Connection;
|
||||
import java.sql.SQLException;
|
||||
import java.sql.Statement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Base64;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.atomic.AtomicReference;
|
||||
|
||||
/**
|
||||
* This is a test case for {@link CertificateAuthenticator}.
|
||||
*/
|
||||
public class CertificateAuthenticatorTest {
|
||||
private CertificateAuthenticator certificateAuthenticator;
|
||||
private Request certificationVerificationRequest;
|
||||
private Request mutalAuthHeaderRequest;
|
||||
private Request proxyMutalAuthHeaderRequest;
|
||||
private Field headersField;
|
||||
private static final String MUTUAL_AUTH_HEADER = "mutual-auth-header";
|
||||
private static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header";
|
||||
private static final String CERTIFICATE_VERIFICATION_HEADER = "Mdm-Signature";
|
||||
private static final String CLIENT_CERTIFICATE_ATTRIBUTE = "javax.servlet.request.X509Certificate";
|
||||
private X509Certificate X509certificate;
|
||||
|
||||
@BeforeClass
|
||||
public void setup() throws KeystoreException, NoSuchFieldException, IllegalAccessException, SQLException,
|
||||
DeviceManagementException, CertificateEncodingException, CMSException, IOException, SCEPException {
|
||||
certificateAuthenticator = new CertificateAuthenticator();
|
||||
CertificateManagementService certificateManagementService = Mockito
|
||||
.mock(CertificateManagementServiceImpl.class, Mockito.CALLS_REAL_METHODS);
|
||||
headersField = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headersField.setAccessible(true);
|
||||
|
||||
Field certificateManagementServiceImpl = CertificateManagementServiceImpl.class.getDeclaredField
|
||||
("certificateManagementServiceImpl");
|
||||
certificateManagementServiceImpl.setAccessible(true);
|
||||
Field keyStoreReaderField = CertificateManagementServiceImpl.class.getDeclaredField("keyStoreReader");
|
||||
keyStoreReaderField.setAccessible(true);
|
||||
Field certificateGeneratorField = CertificateManagementServiceImpl.class.getDeclaredField
|
||||
("certificateGenerator");
|
||||
certificateGeneratorField.setAccessible(true);
|
||||
certificateManagementServiceImpl.set(null, certificateManagementService);
|
||||
|
||||
// Create KeyStore Reader
|
||||
Field dataSource = CertificateManagementDAOFactory.class.getDeclaredField("dataSource");
|
||||
dataSource.setAccessible(true);
|
||||
dataSource.set(null, createDatabase());
|
||||
Field databaseEngine = CertificateManagementDAOFactory.class.getDeclaredField("databaseEngine");
|
||||
databaseEngine.setAccessible(true);
|
||||
databaseEngine.set(null, "H2");
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
keyStoreReaderField.set(null, keyStoreReader);
|
||||
|
||||
CertificateGenerator certificateGenerator = new TestCertificateGenerator();
|
||||
certificateGeneratorField.set(null, certificateGenerator);
|
||||
|
||||
AuthenticatorFrameworkDataHolder.getInstance().
|
||||
setCertificateManagementService(certificateManagementService);
|
||||
X509certificate = certificateManagementService.generateX509Certificate();
|
||||
|
||||
proxyMutalAuthHeaderRequest = createRequest(PROXY_MUTUAL_AUTH_HEADER, String.valueOf(X509certificate));
|
||||
System.setProperty("carbon.config.dir.path",
|
||||
System.getProperty("carbon.home") + File.separator + "repository" + File.separator + "conf");
|
||||
DeviceConfigurationManager.getInstance().initConfig();
|
||||
certificationVerificationRequest = createRequest(CERTIFICATE_VERIFICATION_HEADER,
|
||||
createEncodedSignature(X509certificate));
|
||||
|
||||
mutalAuthHeaderRequest = createRequest(MUTUAL_AUTH_HEADER, "test");
|
||||
|
||||
SCEPManager scepManager = Mockito.mock(SCEPManagerImpl.class, Mockito.CALLS_REAL_METHODS);
|
||||
TenantedDeviceWrapper tenantedDeviceWrapper = new TenantedDeviceWrapper();
|
||||
tenantedDeviceWrapper.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
|
||||
tenantedDeviceWrapper.setTenantId(MultitenantConstants.SUPER_TENANT_ID);
|
||||
Device device = new Device();
|
||||
device.setEnrolmentInfo(new EnrolmentInfo("admin", null, null));
|
||||
tenantedDeviceWrapper.setDevice(device);
|
||||
Mockito.doReturn(tenantedDeviceWrapper).when(scepManager).getValidatedDevice(Mockito.any());
|
||||
AuthenticatorFrameworkDataHolder.getInstance().setScepManager(scepManager);
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests the behaviour of the CertificateAuthenticator for Proxy mutal Auth "
|
||||
+ "Header requests")
|
||||
public void testRequestsWithProxyMutalAuthHeader()
|
||||
throws KeystoreException, NoSuchFieldException, IllegalAccessException {
|
||||
Assert.assertTrue(certificateAuthenticator.canHandle(proxyMutalAuthHeaderRequest), "canHandle method "
|
||||
+ "returned false for a request with all the required header");
|
||||
AuthenticationInfo authenticationInfo = certificateAuthenticator
|
||||
.authenticate(proxyMutalAuthHeaderRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertNull(authenticationInfo.getTenantDomain(),
|
||||
"Authentication got succeeded without proper certificate");
|
||||
|
||||
proxyMutalAuthHeaderRequest = createRequest(PROXY_MUTUAL_AUTH_HEADER,
|
||||
String.valueOf(X509certificate.getIssuerDN()));
|
||||
authenticationInfo = certificateAuthenticator.authenticate(proxyMutalAuthHeaderRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertNotNull(authenticationInfo.getTenantDomain(),
|
||||
"Authentication got failed for a proper certificate");
|
||||
|
||||
CertificateGenerator tempCertificateGenerator = new CertificateGenerator();
|
||||
X509Certificate certificateWithOutCN = tempCertificateGenerator.generateX509Certificate();
|
||||
proxyMutalAuthHeaderRequest = createRequest(PROXY_MUTUAL_AUTH_HEADER,
|
||||
String.valueOf(certificateWithOutCN.getIssuerDN()));
|
||||
authenticationInfo = certificateAuthenticator.authenticate(proxyMutalAuthHeaderRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"Authentication got passed with a certificate without CN");
|
||||
|
||||
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests the behaviour of the CertificateAuthenticator for Certification "
|
||||
+ "Verification Header requests")
|
||||
public void testRequestCertificateVerificationHeader()
|
||||
throws CertificateEncodingException, IOException, CMSException, NoSuchFieldException,
|
||||
IllegalAccessException {
|
||||
Assert.assertTrue(certificateAuthenticator.canHandle(certificationVerificationRequest),
|
||||
"canHandle method returned false for a request with all the required header");
|
||||
AuthenticationInfo authenticationInfo = certificateAuthenticator
|
||||
.authenticate(certificationVerificationRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertNull(authenticationInfo.getTenantDomain(), "Authentication got passed without proper certificate");
|
||||
authenticationInfo = certificateAuthenticator.authenticate(certificationVerificationRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertEquals(authenticationInfo.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME,
|
||||
"Authentication failed for a valid request with " + CERTIFICATE_VERIFICATION_HEADER + " header");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests the behaviour of the Certificate Authenticator for the requests with "
|
||||
+ "Mutal Auth Header")
|
||||
public void testMutalAuthHeaderRequest() {
|
||||
Assert.assertTrue(certificateAuthenticator.canHandle(mutalAuthHeaderRequest),
|
||||
"canHandle method returned false for a request with all the required header");
|
||||
|
||||
AuthenticationInfo authenticationInfo = certificateAuthenticator.authenticate(mutalAuthHeaderRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertEquals(authenticationInfo.getMessage(), "No client certificate is present",
|
||||
"Authentication got passed without proper certificate");
|
||||
|
||||
X509Certificate[] x509Certificates = new X509Certificate[1];
|
||||
x509Certificates[0] = X509certificate;
|
||||
mutalAuthHeaderRequest.setAttribute(CLIENT_CERTIFICATE_ATTRIBUTE, x509Certificates);
|
||||
authenticationInfo = certificateAuthenticator.authenticate(mutalAuthHeaderRequest, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Authentication Info from Certificate Authenticator is null");
|
||||
Assert.assertEquals(authenticationInfo.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME,
|
||||
"Authentication failed even with proper certificate");
|
||||
}
|
||||
/**
|
||||
* To create a request that can be understandable by Certificate Authenticator.
|
||||
*
|
||||
* @param headerName Name of the header
|
||||
* @param value Value for the header
|
||||
* @return Request that is created.
|
||||
* @throws IllegalAccessException Illegal Access Exception.
|
||||
* @throws NoSuchFieldException No Such Field Exception.
|
||||
*/
|
||||
private Request createRequest(String headerName, String value) throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new Request();
|
||||
Context context = new StandardContext();
|
||||
request.setContext(context);
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue(headerName);
|
||||
bytes.setString(value);
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
return request;
|
||||
}
|
||||
|
||||
/**
|
||||
* To create certificate management database.
|
||||
*
|
||||
* @return Datasource.
|
||||
* @throws SQLException SQL Exception.
|
||||
*/
|
||||
private DataSource createDatabase() throws SQLException {
|
||||
URL resourceURL = ClassLoader.getSystemResource("sql-scripts" + File.separator + "h2.sql");
|
||||
JdbcDataSource dataSource = new JdbcDataSource();
|
||||
dataSource.setURL("jdbc:h2:mem:cert;DB_CLOSE_DELAY=-1");
|
||||
dataSource.setUser("sa");
|
||||
dataSource.setPassword("sa");
|
||||
final String LOAD_DATA_QUERY = "RUNSCRIPT FROM '" + resourceURL.getPath() + "'";
|
||||
Connection conn = null;
|
||||
Statement statement = null;
|
||||
try {
|
||||
conn = dataSource.getConnection();
|
||||
statement = conn.createStatement();
|
||||
statement.execute(LOAD_DATA_QUERY);
|
||||
} finally {
|
||||
if (conn != null) {
|
||||
try {
|
||||
conn.close();
|
||||
} catch (SQLException e) {}
|
||||
}
|
||||
if (statement != null) {
|
||||
statement.close();
|
||||
}
|
||||
}
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
/**
|
||||
* To create a encoded signature from certificate.
|
||||
*
|
||||
* @param x509Certificate Certificate that need to be encoded.
|
||||
* @return Encoded signature.
|
||||
* @throws CertificateEncodingException Certificate Encoding Exception.
|
||||
* @throws CMSException CMS Exception.
|
||||
* @throws IOException IO Exception.
|
||||
*/
|
||||
private String createEncodedSignature(X509Certificate x509Certificate) throws CertificateEncodingException,
|
||||
CMSException, IOException {
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
List<X509Certificate> list = new ArrayList<>();
|
||||
list.add(x509Certificate);
|
||||
JcaCertStore store = new JcaCertStore(list);
|
||||
generator.addCertificates(store);
|
||||
AtomicReference<CMSSignedData> degenerateSd = new AtomicReference<>(generator.generate(new CMSAbsentContent()));
|
||||
byte[] signature = degenerateSd.get().getEncoded();
|
||||
return Base64.getEncoder().encodeToString(signature);
|
||||
}
|
||||
}
|
@ -0,0 +1,177 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.tomcat.util.buf.MessageBytes;
|
||||
import org.apache.tomcat.util.http.MimeHeaders;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.util.JWTClientUtil;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URL;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* This is a test class for {@link JWTAuthenticator}.
|
||||
*/
|
||||
public class JWTAuthenticatorTest {
|
||||
private JWTAuthenticator jwtAuthenticator;
|
||||
private Field headersField;
|
||||
private final String JWT_HEADER = "X-JWT-Assertion";
|
||||
private String jwtToken;
|
||||
private String wrongJwtToken;
|
||||
private String jwtTokenWithWrongUser;
|
||||
private static final String SIGNED_JWT_AUTH_USERNAME = "http://wso2.org/claims/enduser";
|
||||
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
|
||||
private Properties properties;
|
||||
private final String ISSUER = "wso2.org/products/iot";
|
||||
private final String ALIAS = "wso2carbon";
|
||||
|
||||
@BeforeClass
|
||||
public void setup() throws NoSuchFieldException, IOException, JWTClientException {
|
||||
jwtAuthenticator = new JWTAuthenticator();
|
||||
headersField = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headersField.setAccessible(true);
|
||||
ClassLoader classLoader = getClass().getClassLoader();
|
||||
URL resourceUrl = classLoader.getResource("jwt.properties");
|
||||
File jwtPropertyFile;
|
||||
JWTConfig jwtConfig = null;
|
||||
if (resourceUrl != null) {
|
||||
jwtPropertyFile = new File(resourceUrl.getFile());
|
||||
Properties jwtConfigProperties = new Properties();
|
||||
jwtConfigProperties.load(new FileInputStream(jwtPropertyFile));
|
||||
jwtConfig = new JWTConfig(jwtConfigProperties);
|
||||
}
|
||||
Map<String, String> customClaims = new HashMap<>();
|
||||
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin");
|
||||
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID));
|
||||
jwtToken = JWTClientUtil.generateSignedJWTAssertion("admin", jwtConfig, false, customClaims);
|
||||
customClaims = new HashMap<>();
|
||||
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin");
|
||||
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, "-1");
|
||||
wrongJwtToken = JWTClientUtil.generateSignedJWTAssertion("admin", jwtConfig, false, customClaims);
|
||||
customClaims = new HashMap<>();
|
||||
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "notexisting");
|
||||
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID));
|
||||
jwtTokenWithWrongUser = JWTClientUtil.generateSignedJWTAssertion("notexisting", jwtConfig, false, customClaims);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the get methods in the JWTAuthenticator",
|
||||
dependsOnMethods = "testAuthenticate")
|
||||
public void testGetMethods() {
|
||||
Assert.assertEquals(jwtAuthenticator.getName(), "JWT", "GetName method returns wrong value");
|
||||
Assert.assertNotNull(jwtAuthenticator.getProperties(), "Properties are not properly added to JWT "
|
||||
+ "Authenticator");
|
||||
Assert.assertEquals(jwtAuthenticator.getProperties().size(), properties.size(),
|
||||
"Added properties do not match with retrieved properties");
|
||||
Assert.assertNull(jwtAuthenticator.getProperty("test"), "Retrieved a propety that was never added");
|
||||
Assert.assertNotNull(jwtAuthenticator.getProperty(ISSUER), ALIAS);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the canHandle method under different conditions of request")
|
||||
public void testHandle() throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new Request();
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertFalse(jwtAuthenticator.canHandle(request));
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue(JWT_HEADER);
|
||||
bytes.setString("test");
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertTrue(jwtAuthenticator.canHandle(request));
|
||||
}
|
||||
|
||||
@Test(description = "This method tests authenticate method under the successful condition", dependsOnMethods =
|
||||
{ "testAuthenticateFailureScenarios" })
|
||||
public void testAuthenticate() throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = createJWTRequest(jwtToken, "test");
|
||||
AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo.getUsername(), "Proper authentication request is not properly "
|
||||
+ "authenticated by the JWTAuthenticator");
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the authenticate method under failure conditions")
|
||||
public void testAuthenticateFailureScenarios() throws NoSuchFieldException, IllegalAccessException {
|
||||
Request request = createJWTRequest("test", "");
|
||||
AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
||||
request = createJWTRequest(jwtToken, "");
|
||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
||||
properties = new Properties();
|
||||
properties.setProperty(ISSUER, "test");
|
||||
jwtAuthenticator.setProperties(properties);
|
||||
request = createJWTRequest(jwtToken, "");
|
||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"Un authenticated request does not contain status as failure");
|
||||
properties = new Properties();
|
||||
properties.setProperty(ISSUER, ALIAS);
|
||||
jwtAuthenticator.setProperties(properties);
|
||||
request = createJWTRequest(wrongJwtToken, "");
|
||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"Un authenticated request does not contain status as failure");
|
||||
request = createJWTRequest(jwtTokenWithWrongUser, "");
|
||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"Un authenticated request does not contain status as failure");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* To create a JWT request with the given jwt header.
|
||||
* @param jwtToken JWT token to be added to the header
|
||||
* @param requestUri Request URI to be added to the request.
|
||||
*/
|
||||
private Request createJWTRequest(String jwtToken, String requestUri)
|
||||
throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new Request();
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue(JWT_HEADER);
|
||||
bytes.setString(jwtToken);
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
Field uriMB = org.apache.coyote.Request.class.getDeclaredField("uriMB");
|
||||
uriMB.setAccessible(true);
|
||||
bytes = MessageBytes.newInstance();
|
||||
bytes.setString(requestUri);
|
||||
uriMB.set(coyoteRequest, bytes);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
return request;
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.internal;
|
||||
|
||||
import org.apache.sling.testing.mock.osgi.MockOsgi;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
/**
|
||||
* This is a test class for {@link WebappAuthenticatorFrameworkServiceComponent}
|
||||
*/
|
||||
public class WebappAuthenticatorFrameworkServiceComponentTest {
|
||||
|
||||
@Test(description = "This method tests whether the bundle activator does not throw any exceptions, even under "
|
||||
+ "possible exception scenarios")
|
||||
public void testActivateWithException() {
|
||||
WebappAuthenticatorFrameworkServiceComponent webappAuthenticatorFrameworkServiceComponent = new
|
||||
WebappAuthenticatorFrameworkServiceComponent();
|
||||
webappAuthenticatorFrameworkServiceComponent.activate(null);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests whether bundle activation succeed with the proper confitions.")
|
||||
public void testActivateWithoutExceptions() {
|
||||
WebappAuthenticatorFrameworkServiceComponent webappAuthenticatorFrameworkServiceComponent = new
|
||||
WebappAuthenticatorFrameworkServiceComponent();
|
||||
webappAuthenticatorFrameworkServiceComponent.activate(MockOsgi.newComponentContext());
|
||||
}
|
||||
}
|
@ -0,0 +1,125 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.math.BigInteger;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.Security;
|
||||
import java.security.SignatureException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateExpiredException;
|
||||
import java.security.cert.CertificateNotYetValidException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This is a mock implementation of {@link CertificateGenerator}.
|
||||
*/
|
||||
public class TestCertificateGenerator extends CertificateGenerator {
|
||||
private int count = 0;
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||
BigInteger serialNumber = CommonUtil.generateSerialNumber();
|
||||
String defaultPrinciple = "CN=" + serialNumber + ",O=WSO2,OU=Mobile,C=LK";
|
||||
CommonUtil commonUtil = new CommonUtil();
|
||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
|
||||
try {
|
||||
KeyPairGenerator keyPairGenerator = KeyPairGenerator
|
||||
.getInstance(CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER);
|
||||
keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom());
|
||||
KeyPair pair = keyPairGenerator.generateKeyPair();
|
||||
X500Principal principal = new X500Principal(defaultPrinciple);
|
||||
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(principal, serialNumber,
|
||||
validityBeginDate, validityEndDate, principal, pair.getPublic());
|
||||
ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
|
||||
.setProvider(CertificateManagementConstants.PROVIDER).build(pair.getPrivate());
|
||||
X509Certificate certificate = new JcaX509CertificateConverter()
|
||||
.setProvider(CertificateManagementConstants.PROVIDER)
|
||||
.getCertificate(certificateBuilder.build(contentSigner));
|
||||
certificate.verify(certificate.getPublicKey());
|
||||
List<Certificate> certificates = new ArrayList<>();
|
||||
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore =
|
||||
new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
|
||||
certificateToStore.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
|
||||
certificateToStore.setCertificate(certificate);
|
||||
certificates.add(certificateToStore);
|
||||
saveCertInKeyStore(certificates);
|
||||
return certificate;
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "No such algorithm found when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchProviderException e) {
|
||||
String errorMsg = "No such provider found when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (OperatorCreationException e) {
|
||||
String errorMsg = "Issue in operator creation when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateExpiredException e) {
|
||||
String errorMsg = "Certificate expired after generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateNotYetValidException e) {
|
||||
String errorMsg = "Certificate not yet valid when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (InvalidKeyException e) {
|
||||
String errorMsg = "Invalid key used when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (SignatureException e) {
|
||||
String errorMsg = "Signature related issue occurred when generating certificate";
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public String extractChallengeToken(X509Certificate certificate) {
|
||||
if (count != 0) {
|
||||
return "WSO2 (Challenge)";
|
||||
} else {
|
||||
count++;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,30 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||
|
||||
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||
|
||||
/**
|
||||
* This is a mock implementation of {@link TenantIndexingLoader}
|
||||
*/
|
||||
public class TestTenantIndexingLoader implements TenantIndexingLoader {
|
||||
@Override
|
||||
public void loadTenantIndex(int i) { }
|
||||
}
|
@ -0,0 +1,30 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||
|
||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||
|
||||
/**
|
||||
* This is a mock implementation of {@link TenantRegistryLoader} for the test cases.
|
||||
*/
|
||||
public class TestTenantRegistryLoader implements TenantRegistryLoader {
|
||||
@Override
|
||||
public void loadTenantRegistry(int i) throws RegistryException { }
|
||||
}
|
@ -0,0 +1,96 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<DeviceMgtConfiguration>
|
||||
<ManagementRepository>
|
||||
<DataSourceConfiguration>
|
||||
<JndiLookupDefinition>
|
||||
<Name>jdbc/DM_DS</Name>
|
||||
</JndiLookupDefinition>
|
||||
</DataSourceConfiguration>
|
||||
</ManagementRepository>
|
||||
<PushNotificationConfiguration>
|
||||
<SchedulerBatchSize>1000</SchedulerBatchSize>
|
||||
<SchedulerBatchDelayMills>60000</SchedulerBatchDelayMills>
|
||||
<SchedulerTaskInitialDelay>60000</SchedulerTaskInitialDelay>
|
||||
<SchedulerTaskEnabled>true</SchedulerTaskEnabled>
|
||||
<PushNotificationProviders>
|
||||
<Provider>org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm.FCMBasedPushNotificationProvider</Provider>
|
||||
<!--<Provider>org.wso2.carbon.device.mgt.mobile.impl.ios.apns.APNSBasedPushNotificationProvider</Provider>-->
|
||||
<Provider>org.wso2.carbon.device.mgt.extensions.push.notification.provider.mqtt.MQTTBasedPushNotificationProvider</Provider>
|
||||
<Provider>org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.HTTPBasedPushNotificationProvider</Provider>
|
||||
<Provider>org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.XMPPBasedPushNotificationProvider</Provider>
|
||||
</PushNotificationProviders>
|
||||
</PushNotificationConfiguration>
|
||||
<PullNotificationConfiguration>
|
||||
<Enabled>false</Enabled>
|
||||
</PullNotificationConfiguration>
|
||||
<IdentityConfiguration>
|
||||
<ServerUrl>https://localhost:9443</ServerUrl>
|
||||
<AdminUsername>admin</AdminUsername>
|
||||
<AdminPassword>admin</AdminPassword>
|
||||
</IdentityConfiguration>
|
||||
<PolicyConfiguration>
|
||||
<MonitoringClass>org.wso2.carbon.policy.mgt</MonitoringClass>
|
||||
<MonitoringEnable>true</MonitoringEnable>
|
||||
<MonitoringFrequency>60000</MonitoringFrequency>
|
||||
<MaxRetries>5</MaxRetries>
|
||||
<MinRetriesToMarkUnreachable>8</MinRetriesToMarkUnreachable>
|
||||
<MinRetriesToMarkInactive>20</MinRetriesToMarkInactive>
|
||||
<!--Set the policy evaluation point name-->
|
||||
<!--Simple -> Simple policy evaluation point-->
|
||||
<!--Merged -> Merged policy evaluation point -->
|
||||
<PolicyEvaluationPoint>Simple</PolicyEvaluationPoint>
|
||||
</PolicyConfiguration>
|
||||
<!-- Default Page size configuration for paginated DM APIs-->
|
||||
<PaginationConfiguration>
|
||||
<DeviceListPageSize>20</DeviceListPageSize>
|
||||
<GroupListPageSize>20</GroupListPageSize>
|
||||
<NotificationListPageSize>20</NotificationListPageSize>
|
||||
<ActivityListPageSize>20</ActivityListPageSize>
|
||||
<OperationListPageSize>20</OperationListPageSize>
|
||||
<TopicListPageSize>20</TopicListPageSize>
|
||||
</PaginationConfiguration>
|
||||
<!--This specifies whether to enable the DeviceStatus Task in this node. In clustered setup only master node
|
||||
should have to run this task.-->
|
||||
<DeviceStatusTaskConfig>
|
||||
<Enable>true</Enable>
|
||||
</DeviceStatusTaskConfig>
|
||||
<!--This controls the in-memory device cache which is local to this node. Setting it enable will activate the
|
||||
device caching for upto configured expiry-time in seconds. In clustered setup all worker nodes can enable the
|
||||
device-cache to improve performance. -->
|
||||
<DeviceCacheConfiguration>
|
||||
<Enable>true</Enable>
|
||||
<ExpiryTime>600</ExpiryTime>
|
||||
<!--This configuration specifies the number of cache entries in device cache. default capacity is 10000 entries.
|
||||
This can be configured to higher number if cache eviction happens due to large number of devices in the
|
||||
server environment-->
|
||||
<Capacity>10000</Capacity>
|
||||
</DeviceCacheConfiguration>
|
||||
<CertificateCacheConfiguration>
|
||||
<Enable>false</Enable>
|
||||
<ExpiryTime>86400</ExpiryTime>
|
||||
</CertificateCacheConfiguration>
|
||||
<GeoLocationConfiguration>
|
||||
<isEnabled>false</isEnabled>
|
||||
<PublishLocationOperationResponse>false</PublishLocationOperationResponse>
|
||||
</GeoLocationConfiguration>
|
||||
<DefaultGroupsConfiguration>BYOD,COPE</DefaultGroupsConfiguration>
|
||||
</DeviceMgtConfiguration>
|
||||
|
Binary file not shown.
Binary file not shown.
@ -0,0 +1,57 @@
|
||||
#
|
||||
# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# Version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
#issuer of the JWT
|
||||
iss=wso2.org/products/iot
|
||||
|
||||
TokenEndpoint=https://${iot.gateway.host}:${iot.gateway.https.port}/token?tenantDomain=carbon.super
|
||||
|
||||
#audience of JWT claim
|
||||
#comma seperated values
|
||||
aud=devicemgt
|
||||
|
||||
#expiration time of JWT (number of minutes from the current time)
|
||||
exp=1000
|
||||
|
||||
#issued at time of JWT (number of minutes from the current time)
|
||||
iat=0
|
||||
|
||||
#nbf time of JWT (number of minutes from current time)
|
||||
nbf=0
|
||||
|
||||
#skew between IDP and issuer(seconds)
|
||||
skew=0
|
||||
|
||||
# JWT Id
|
||||
#jti=token123
|
||||
|
||||
#KeyStore to cryptographic credentials
|
||||
KeyStore=target/test-classes/carbon-home/repository/resources/security/wso2carbon.jks
|
||||
|
||||
#Password of the KeyStore
|
||||
KeyStorePassword=wso2carbon
|
||||
|
||||
#Alias of the SP's private key
|
||||
PrivateKeyAlias=wso2carbon
|
||||
|
||||
#Private key password to retrieve the private key used to sign
|
||||
#AuthnRequest and LogoutRequest messages
|
||||
PrivateKeyPassword=wso2carbon
|
||||
|
||||
#this will be used as the default IDP config if there isn't any config available for tenants.
|
||||
default-jwt-client=false
|
@ -0,0 +1,25 @@
|
||||
--
|
||||
-- Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
--
|
||||
-- WSO2 Inc. licenses this file to you under the Apache License,
|
||||
-- Version 2.0 (the "License"); you may not use this file except
|
||||
-- in compliance with the License.
|
||||
-- You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing,
|
||||
-- software distributed under the License is distributed on an
|
||||
-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
-- KIND, either express or implied. See the License for the
|
||||
-- specific language governing permissions and limitations
|
||||
-- under the License.
|
||||
|
||||
CREATE TABLE IF NOT EXISTS DM_DEVICE_CERTIFICATE (
|
||||
ID INTEGER auto_increment NOT NULL,
|
||||
SERIAL_NUMBER VARCHAR(500) DEFAULT NULL,
|
||||
CERTIFICATE BLOB DEFAULT NULL,
|
||||
TENANT_ID INTEGER DEFAULT 0,
|
||||
USERNAME VARCHAR(500) DEFAULT NULL,
|
||||
PRIMARY KEY (ID)
|
||||
);
|
Loading…
Reference in new issue