Fixed oauth issue with tenants

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/lifecycle/WebAppDeploymentLifecycleListener.java

@@ -53,7 +53,7 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 		if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType())) {
 			StandardContext context = (StandardContext) lifecycleEvent.getLifecycle();
 			ServletContext servletContext = context.getServletContext();
-			String contextPath = servletContext.getContextPath();
+			String contextPath = context.getServletContext().getContextPath();
 			try {
 				InputStream permissionStream = servletContext.getResourceAsStream(PERMISSION_CONFIG_PATH);
 				if (permissionStream != null) {
@@ -77,7 +77,7 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 			} catch (JAXBException e) {
                 log.error(
                         "Exception occurred while parsing the permission configuration of webapp : "
-                        + servletContext.getContextPath(), e);
+                        + context.getServletContext().getContextPath(), e);
             } catch (PermissionManagementException e) {
                 log.error("Exception occurred while adding the permissions from webapp : "
                           + servletContext.getContextPath(), e);

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/dao/impl/GenericDeviceDAOImpl.java

@@ -47,13 +47,13 @@ public class GenericDeviceDAOImpl extends AbstractDeviceDAOImpl {
         List<Device> devices = null;
         try {
             conn = this.getConnection();
-            String sql = "SELECT d1.DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +
+//            String sql = "SELECT d1.DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +
-                         "d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " +
+//                         "d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " +
-                         "e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID AS DEVICE_ID, " +
+//                         "e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID AS DEVICE_ID, " +
-                         "d.DESCRIPTION, d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " +
+//                         "d.DESCRIPTION, d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " +
-                         "DM_DEVICE_TYPE t WHERE d.DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?) d1 " +
+//                         "DM_DEVICE_TYPE t WHERE d.DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?) d1 " +
-                         "WHERE d1.DEVICE_ID = e.DEVICE_ID AND TENANT_ID = ? LIMIT ?,?";
+//                         "WHERE d1.DEVICE_ID = e.DEVICE_ID AND TENANT_ID = ? LIMIT ?,?";
-           // String sql = "SELECT * FROM DM_DEVICE WHERE TENANT_ID = ? LIMIT ?,?";
+            String sql = "SELECT * FROM DM_DEVICE WHERE TENANT_ID = ? LIMIT ?,?";
             stmt = conn.prepareStatement(sql);
             stmt.setInt(1, tenantId);
             stmt.setInt(2, tenantId);
@@ -88,14 +88,14 @@ public class GenericDeviceDAOImpl extends AbstractDeviceDAOImpl {
         List<Device> devices = null;
         try {
             conn = this.getConnection();
-            String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +
+//            String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +
-                         "d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " +
+//                         "d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " +
-                         "e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, " +
+//                         "e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, " +
-                         "d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " +
+//                         "d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " +
-                         "DM_DEVICE_TYPE t WHERE DEVICE_TYPE_ID = t.ID AND t.NAME = ? " +
+//                         "DM_DEVICE_TYPE t WHERE DEVICE_TYPE_ID = t.ID AND t.NAME = ? " +
-                         "AND d.TENANT_ID = ?) d1 WHERE d1.ID = e.DEVICE_ID AND TENANT_ID = ? LIMIT ?,?";
+//                         "AND d.TENANT_ID = ?) d1 WHERE d1.ID = e.DEVICE_ID AND TENANT_ID = ? LIMIT ?,?";
-            //String sql = "SELECT * FROM DM_DEVICE d, (SELECT t.ID AS TYPE_ID FROM DM_DEVICE_TYPE t WHERE t.NAME = ?)" +
+            String sql = "SELECT * FROM DM_DEVICE d, (SELECT t.ID AS TYPE_ID FROM DM_DEVICE_TYPE t WHERE t.NAME = ?)" +
-            //             " d1 WHERE TYPE_ID = d.DEVICE_TYPE_ID AND d.TENANT_ID = ? LIMIT ?,?";
+                         " d1 WHERE TYPE_ID = d.DEVICE_TYPE_ID AND d.TENANT_ID = ? LIMIT ?,?";
             stmt = conn.prepareStatement(sql);
             stmt.setString(1, type);
             stmt.setInt(2, tenantId);

components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml

@@ -17,7 +17,8 @@
   ~ under the License.
   -->
 
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
     <parent>
         <groupId>org.wso2.carbon.devicemgt</groupId>
@@ -72,10 +73,25 @@
                         <Private-Package>org.wso2.carbon.device.mgt.oauth.extensions.internal</Private-Package>
                         <Export-Package>
                             !org.wso2.carbon.device.mgt.oauth.extensions.internal,
-                            org.wso2.carbon.device.mgt.oauth.extensions.handlers.*,
+                            org.wso2.carbon.device.mgt.oauth.extensions.*
-                            org.wso2.carbon.device.mgt.oauth.extensions.validators.*
                         </Export-Package>
-                        <DynamicImport-Package>*</DynamicImport-Package>
+                        <Import-Package>
+                            javax.security.auth.*,
+                            org.apache.commons.logging,
+                            org.osgi.service.component,
+                            org.wso2.carbon.device.mgt.common.permission.mgt,
+                            org.wso2.carbon.device.mgt.oauth.extensions.*,
+                            org.wso2.carbon.device.mgt.*
+                            org.wso2.carbon.identity.application.common.model,
+                            org.wso2.carbon.identity.oauth.callback,
+                            org.wso2.carbon.identity.oauth2,
+                            org.wso2.carbon.identity.oauth2.model,
+                            org.wso2.carbon.identity.oauth2.validators,
+                            org.wso2.carbon.user.api,
+                            org.wso2.carbon.user.core.service,
+                            org.wso2.carbon.identity.application.common.model,
+                            org.wso2.carbon.user.core.tenant
+                        </Import-Package>
                     </instructions>
                 </configuration>
             </plugin>

components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/OAuthExtUtils.java

@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.oauth.extensions;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder;
+import org.wso2.carbon.user.api.TenantManager;
+import org.wso2.carbon.user.api.UserStoreException;
+
+/**
+ * This class holds util methods used by OAuth extension bundle.
+ */
+public class OAuthExtUtils {
+
+    private static final Log log = LogFactory.getLog(OAuthExtUtils.class);
+
+    public static int getTenantId(String tenantDomain) {
+        int tenantId = 0;
+        if (tenantDomain != null) {
+            try {
+                TenantManager tenantManager = OAuthExtensionsDataHolder.getInstance().getRealmService().getTenantManager();
+                tenantId = tenantManager.getTenantId(tenantDomain);
+            } catch (UserStoreException e) {
+                String errorMsg = "Error when getting the tenant id from the tenant domain : " +
+                                  tenantDomain;
+                log.error(errorMsg, e);
+            }
+        }
+        return tenantId;
+    }
+}

components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java

@@ -20,11 +20,12 @@ package org.wso2.carbon.device.mgt.oauth.extensions.validators;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
+import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils;
 import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder;
+import org.wso2.carbon.identity.application.common.model.User;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
 import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
 import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeValidator;
@@ -72,9 +73,11 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
                 getPermissionManagerService();
         try {
             Permission permission = permissionManagerService.getPermission(properties);
-            if ((permission != null) && (accessTokenDO.getAuthzUser() != null)) {
+            User authzUser = accessTokenDO.getAuthzUser();
-                String username = accessTokenDO.getAuthzUser().getUserName();
+            if ((permission != null) && (authzUser != null)) {
-                UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
+                String username = authzUser.getUserName();
+                int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain());
+                UserRealm userRealm = OAuthExtensionsDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
                 if (userRealm != null && userRealm.getAuthorizationManager() != null) {
                     status = userRealm.getAuthorizationManager()
                                       .isUserAuthorized(username, permission.getPath(),