Merge branch 'master' into 'master'

Add access token retrieving service

See merge request entgra/carbon-device-mgt!718
merge-requests/719/head
Inosh Perara 4 years ago
commit d0f68babc4

@ -67,6 +67,11 @@
<groupId>org.wso2.carbon.registry</groupId> <groupId>org.wso2.carbon.registry</groupId>
<artifactId>org.wso2.carbon.registry.indexing</artifactId> <artifactId>org.wso2.carbon.registry.indexing</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.identity.jwt.client.extension</artifactId>
<scope>provided</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>
@ -110,6 +115,7 @@
org.wso2.carbon.apimgt.integration.client.*, org.wso2.carbon.apimgt.integration.client.*,
org.wso2.carbon.apimgt.integration.generated.client.store.api, org.wso2.carbon.apimgt.integration.generated.client.store.api,
org.wso2.carbon.apimgt.integration.generated.client.store.model, org.wso2.carbon.apimgt.integration.generated.client.store.model,
org.wso2.carbon.identity.jwt.client.extension.*,
feign feign
</Import-Package> </Import-Package>
<Export-Package> <Export-Package>

@ -77,4 +77,18 @@ public interface APIManagementProviderService {
*/ */
void removeAPIApplication(String applicationName, String username) throws APIManagerException; void removeAPIApplication(String applicationName, String username) throws APIManagerException;
/**
* To get access token for given scopes and for the given validity period
* @param scopes Scopes
* @param tags Tags
* @param applicationName Application Name
* @param tokenType Token Type
* @param validityPeriod Validity Period
* @return {@link String} Access Token
* @throws APIManagerException if error occurred while getting the access token for given scopes,
* validity period etc.
*/
String getAccessToken(String scopes, String[] tags, String applicationName, String tokenType, String validityPeriod)
throws APIManagerException;
} }

@ -21,6 +21,7 @@ package org.wso2.carbon.apimgt.application.extension;
import feign.FeignException; import feign.FeignException;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.application.extension.bean.APIRegistrationProfile;
import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants; import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants;
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey; import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException; import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
@ -30,6 +31,11 @@ import org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor;
import org.wso2.carbon.apimgt.integration.client.store.StoreClient; import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
import org.wso2.carbon.apimgt.integration.generated.client.store.model.*; import org.wso2.carbon.apimgt.integration.generated.client.store.model.*;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants; import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import java.util.ArrayList; import java.util.ArrayList;
@ -230,4 +236,87 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
return this.generateAndRetrieveApplicationKeys(applicationName, tags, keyType, username, return this.generateAndRetrieveApplicationKeys(applicationName, tags, keyType, username,
isAllowedAllDomains, validityTime, null); isAllowedAllDomains, validityTime, null);
} }
@Override
public String getAccessToken(String scopes, String[] tags, String applicationName, String tokenType,
String validityPeriod) throws APIManagerException {
try {
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(true);
ApiApplicationKey clientCredentials = getClientCredentials(tenantDomain, tags, applicationName, tokenType,
validityPeriod);
if (clientCredentials == null) {
String msg = "Oauth Application creation is failed.";
log.error(msg);
throw new APIManagerException(msg);
}
String user =
PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername() + "@" + PrivilegedCarbonContext
.getThreadLocalCarbonContext().getTenantDomain(true);
JWTClientManagerService jwtClientManagerService = APIApplicationManagerExtensionDataHolder.getInstance()
.getJwtClientManagerService();
JWTClient jwtClient = jwtClientManagerService.getJWTClient();
AccessTokenInfo accessTokenForAdmin = jwtClient
.getAccessToken(clientCredentials.getConsumerKey(), clientCredentials.getConsumerSecret(), user,
scopes);
return accessTokenForAdmin.getAccessToken();
} catch (JWTClientException e) {
String msg = "JWT Error occurred while registering Application to get access token.";
log.error(msg, e);
throw new APIManagerException(msg, e);
} catch (APIManagerException e) {
String msg = "Error occurred while getting access tokens.";
log.error(msg, e);
throw new APIManagerException(msg, e);
} catch (UserStoreException e) {
String msg = "User management exception when getting client credentials.";
log.error(msg, e);
throw new APIManagerException(msg, e);
}
}
/**
* Get Client credentials
* @param tenantDomain Tenant Domain
* @param tags Tags
* @param applicationName Application Name
* @param tokenType Token Type
* @param validityPeriod Validity Period
* @return {@link ApiApplicationKey}
* @throws APIManagerException if error occurred while generating access token
* @throws UserStoreException if error ocurred while getting admin username.
*/
private ApiApplicationKey getClientCredentials(String tenantDomain, String[] tags, String applicationName,
String tokenType, String validityPeriod) throws APIManagerException, UserStoreException {
APIRegistrationProfile registrationProfile = new APIRegistrationProfile();
registrationProfile.setAllowedToAllDomains(false);
registrationProfile.setMappingAnExistingOAuthApp(false);
registrationProfile.setTags(tags);
registrationProfile.setApplicationName(applicationName);
ApiApplicationKey info = null;
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
}
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(
PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration()
.getAdminUserName());
if (registrationProfile.getUsername() == null || registrationProfile.getUsername().isEmpty()) {
info = generateAndRetrieveApplicationKeys(registrationProfile.getApplicationName(),
registrationProfile.getTags(), tokenType, registrationProfile.getApplicationName(),
registrationProfile.isAllowedToAllDomains(), validityPeriod);
}
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
return info;
}
} }

@ -0,0 +1,77 @@
/*
* Copyright (c) 2021, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.application.extension.bean;
public class APIRegistrationProfile {
private String applicationName;
private String tags[];
private boolean isAllowedToAllDomains;
private boolean isMappingAnExistingOAuthApp;
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getApplicationName() {
return applicationName;
}
public void setApplicationName(String applicationName) {
this.applicationName = applicationName;
}
public String[] getTags() {
return tags;
}
public void setTags(String[] tags) {
this.tags = tags;
}
public boolean isAllowedToAllDomains() {
return isAllowedToAllDomains;
}
public void setAllowedToAllDomains(boolean allowedToAllDomains) {
isAllowedToAllDomains = allowedToAllDomains;
}
public boolean isMappingAnExistingOAuthApp() {
return isMappingAnExistingOAuthApp;
}
public void setMappingAnExistingOAuthApp(boolean mappingAnExistingOAuthApp) {
isMappingAnExistingOAuthApp = mappingAnExistingOAuthApp;
}
}

@ -19,11 +19,15 @@ package org.wso2.carbon.apimgt.application.extension.internal;
import org.wso2.carbon.apimgt.application.extension.APIManagementProviderService; import org.wso2.carbon.apimgt.application.extension.APIManagementProviderService;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader; import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader; import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
import org.wso2.carbon.user.core.service.RealmService; import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager; import org.wso2.carbon.user.core.tenant.TenantManager;
import java.util.Hashtable;
public class APIApplicationManagerExtensionDataHolder { public class APIApplicationManagerExtensionDataHolder {
private static APIApplicationManagerExtensionDataHolder thisInstance = new APIApplicationManagerExtensionDataHolder(); private static APIApplicationManagerExtensionDataHolder thisInstance = new APIApplicationManagerExtensionDataHolder();
private APIManagementProviderService apiManagementProviderService; private APIManagementProviderService apiManagementProviderService;
@ -32,6 +36,7 @@ public class APIApplicationManagerExtensionDataHolder {
private TenantRegistryLoader tenantRegistryLoader; private TenantRegistryLoader tenantRegistryLoader;
private TenantIndexingLoader indexLoader; private TenantIndexingLoader indexLoader;
private IntegrationClientService integrationClientService; private IntegrationClientService integrationClientService;
private JWTClientManagerService jwtClientManagerService;
private APIApplicationManagerExtensionDataHolder() { private APIApplicationManagerExtensionDataHolder() {
} }
@ -97,4 +102,16 @@ public class APIApplicationManagerExtensionDataHolder {
IntegrationClientService integrationClientService) { IntegrationClientService integrationClientService) {
this.integrationClientService = integrationClientService; this.integrationClientService = integrationClientService;
} }
public JWTClientManagerService getJwtClientManagerService() {
if (jwtClientManagerService == null) {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
jwtClientManagerService = (JWTClientManagerService)ctx.getOSGiService(JWTClientManagerService.class, (Hashtable)null);
}
return jwtClientManagerService;
}
public void setJwtClientManagerService(JWTClientManagerService jwtClientManagerService) {
this.jwtClientManagerService = jwtClientManagerService;
}
} }

@ -58,16 +58,20 @@ import org.wso2.carbon.user.core.service.RealmService;
*/ */
public class APIApplicationManagerExtensionServiceComponent { public class APIApplicationManagerExtensionServiceComponent {
private static Log log = LogFactory.getLog(APIApplicationManagerExtensionServiceComponent.class); private static final Log log = LogFactory.getLog(APIApplicationManagerExtensionServiceComponent.class);
protected void activate(ComponentContext componentContext) { protected void activate(ComponentContext componentContext) {
if (log.isDebugEnabled()) { try {
log.debug("Initializing device extension bundle"); if (log.isDebugEnabled()) {
log.debug("Initializing device extension bundle");
}
APIManagementProviderService apiManagementProviderService = new APIManagementProviderServiceImpl();
APIApplicationManagerExtensionDataHolder.getInstance().setAPIManagementProviderService(apiManagementProviderService);
BundleContext bundleContext = componentContext.getBundleContext();
bundleContext.registerService(APIManagementProviderService.class.getName(), apiManagementProviderService, null);
} catch (Throwable e) {
log.error("Error occurred while initializing API application management extension bundle", e);
} }
APIManagementProviderService apiManagementProviderService = new APIManagementProviderServiceImpl();
APIApplicationManagerExtensionDataHolder.getInstance().setAPIManagementProviderService(apiManagementProviderService);
BundleContext bundleContext = componentContext.getBundleContext();
bundleContext.registerService(APIManagementProviderService.class.getName(), apiManagementProviderService, null);
} }
protected void deactivate(ComponentContext componentContext) { protected void deactivate(ComponentContext componentContext) {

Loading…
Cancel
Save