community
/
device-mgt-plugins
10
0
Fork 39
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #912 from madhawap/master

Browse Source 
Make remote control feature mutual ssl compatible
merge-requests/1/head
Geeth 6 years ago committed by GitHub
parent d205885a28 b1625f93dd
commit 2e677b709b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 95 additions and 54 deletions
Show Stats Download Patch File Download Diff File

131
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/RemoteSessionManagementServiceImpl.java
Unescape View File

@ -45,6 +45,7 @@ import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.UUID;
import java.util.Map; import java.util.Map;
/** /**
@ -72,66 +73,82 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
sessionQueryParamList.add(session.getQueryString()); sessionQueryParamList.add(session.getQueryString());
sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList); sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList);
// Validate the token // if session initiated using operation id means request came from device.
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator(); if (operationId == null) {
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam); // Validate the token
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator();
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) { if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
try { try {
PrivilegedCarbonContext.startTenantFlow(); PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo
.getTenantDomain() .getTenantDomain()
, true); , true);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername()); PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername());
if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) { if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) {
DeviceIdentifier deviceIdentifier = new DeviceIdentifier(); DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(deviceId); deviceIdentifier.setId(deviceId);
deviceIdentifier.setType(deviceType); deviceIdentifier.setType(deviceType);
// Check authorization of user for given device
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService()
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername());
if (userAuthorized) {
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
// Check authorization of user for given device initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId);
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService() log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername()); .getSessionMap().size());
if (userAuthorized) {
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
// if session initiated using operation id means request came from device
if (operationId != null) {
// create new device session
initializeDeviceSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId,
operationId);
} else { } else {
// create new client session throw new RemoteSessionManagementException("Missing device Id or type ");
initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType,
deviceId);
} }
log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.getSessionMap().size());
} else { } else {
throw new RemoteSessionManagementException("Missing device Id or type "); throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType
+ " , deviceId : " + deviceId);
} }
} else { } catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " +
+ " , deviceId : " + deviceId); "device Type : " + deviceType + " , deviceId : " + deviceId);
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
} }
} catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " + } else {
"device Type : " + deviceType + " , deviceId : " + deviceId); throw new RemoteSessionManagementException("Invalid token");
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
} }
} else { } else {
throw new RemoteSessionManagementException("Invalid token"); // set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
String uuid = session.getQueryString();
if (uuid != null && uuid.isEmpty()) {
log.error("Could not find a UUID related to the remote session");
} else {
String tenantDomain = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(uuid);
if (tenantDomain == null || tenantDomain.isEmpty()) {
log.error("Invalid UUID, could not create the remote session");
} else {
// create new device session
initializeDeviceSession(session, tenantDomain, deviceType, deviceId, operationId, uuid);
}
}
} }
} }
@ -194,6 +211,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
.getId()); .getId());
if (remoteSession != null) { if (remoteSession != null) {
//String operationId = remoteSession.getOperationId(); //String operationId = remoteSession.getOperationId();
RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(remoteSession.getUuidToValidateDevice());
String deviceKey = remoteSession.getTenantDomain() + "/" + remoteSession.getDeviceType() + "/" + String deviceKey = remoteSession.getTenantDomain() + "/" + remoteSession.getDeviceType() + "/" +
remoteSession.getDeviceId(); remoteSession.getDeviceId();
RemoteSession lastSession = RemoteSessionManagementDataHolder.getInstance() RemoteSession lastSession = RemoteSessionManagementDataHolder.getInstance()
@ -239,8 +257,9 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
private void initializeClientSession(Session session, String tenantDomain, String deviceType, String deviceId) throws RemoteSessionManagementException, private void initializeClientSession(Session session, String tenantDomain, String deviceType, String deviceId) throws RemoteSessionManagementException,
OperationManagementException, InvalidDeviceException { OperationManagementException, InvalidDeviceException {
String uuidToValidateDevice = UUID.randomUUID().toString();
RemoteSession clientRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSessionConstants RemoteSession clientRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSessionConstants
.CONNECTION_TYPE.CLIENT); .CONNECTION_TYPE.CLIENT, uuidToValidateDevice);
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId; String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
// Create new remote control operation to start the session // Create new remote control operation to start the session
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance().getActiveDeviceClientSessionMap RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance().getActiveDeviceClientSessionMap
@ -277,6 +296,13 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
operation.setControl(Operation.Control.NO_REPEAT); operation.setControl(Operation.Control.NO_REPEAT);
JSONObject payload = new JSONObject(); JSONObject payload = new JSONObject();
payload.put("serverUrl", RemoteSessionManagementDataHolder.getInstance().getServerUrl()); payload.put("serverUrl", RemoteSessionManagementDataHolder.getInstance().getServerUrl());
payload.put("uuidToValidateDevice", uuidToValidateDevice);
RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap
().put(uuidToValidateDevice, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("UUID " + uuidToValidateDevice + " is generated against the tenant : " +
RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().get(uuidToValidateDevice));
}
operation.setPayLoad(payload.toString()); operation.setPayLoad(payload.toString());
String date = new SimpleDateFormat(RemoteSessionConstants.DATE_FORMAT_NOW).format(new Date()); String date = new SimpleDateFormat(RemoteSessionConstants.DATE_FORMAT_NOW).format(new Date());
operation.setCreatedTimeStamp(date); operation.setCreatedTimeStamp(date);
@ -287,6 +313,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
clientRemote.setOperationId(activity.getActivityId().replace(DeviceManagementConstants clientRemote.setOperationId(activity.getActivityId().replace(DeviceManagementConstants
.OperationAttributes.ACTIVITY, "")); .OperationAttributes.ACTIVITY, ""));
RemoteSessionManagementDataHolder.getInstance().getSessionMap().put(session.getId(), clientRemote); RemoteSessionManagementDataHolder.getInstance().getSessionMap().put(session.getId(), clientRemote);
log.info("Client remote session opened for session id: " + session.getId() + " device Type : " + log.info("Client remote session opened for session id: " + session.getId() + " device Type : " +
deviceType + " , " + "deviceId : " + deviceId); deviceType + " , " + "deviceId : " + deviceId);
} else { } else {
@ -307,7 +334,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
* @throws RemoteSessionManagementException throws when session has errors with accessing device resources * @throws RemoteSessionManagementException throws when session has errors with accessing device resources
*/ */
private void initializeDeviceSession(Session session, String tenantDomain, String deviceType, String deviceId, private void initializeDeviceSession(Session session, String tenantDomain, String deviceType, String deviceId,
String operationId) throws RemoteSessionManagementException { String operationId, String uuidToValidateDevice) throws RemoteSessionManagementException {
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId; String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance() RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance()
.getActiveDeviceClientSessionMap().get(deviceKey); .getActiveDeviceClientSessionMap().get(deviceKey);
@ -317,7 +344,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
if (clientRemote != null) { if (clientRemote != null) {
if (clientRemote.getOperationId().equals(operationId)) { if (clientRemote.getOperationId().equals(operationId)) {
RemoteSession deviceRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSession deviceRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId,
RemoteSessionConstants.CONNECTION_TYPE.DEVICE); RemoteSessionConstants.CONNECTION_TYPE.DEVICE, uuidToValidateDevice);
deviceRemote.setOperationId(operationId); deviceRemote.setOperationId(operationId);
deviceRemote.setPeerSession(clientRemote); deviceRemote.setPeerSession(clientRemote);
clientRemote.setPeerSession(deviceRemote); clientRemote.setPeerSession(deviceRemote);

13
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/dto/RemoteSession.java
Unescape View File

@ -34,7 +34,11 @@ import java.nio.ByteBuffer;
public class RemoteSession { public class RemoteSession {
private static final Log log = LogFactory.getLog(RemoteSession.class); private static final Log log = LogFactory.getLog(RemoteSession.class);
private String tenantDomain, operationId, deviceType, deviceId; private String tenantDomain;
private String operationId;
private String deviceType;
private String deviceId;
private String uuidToValidateDevice;
private long lastMessageTimeStamp = System.currentTimeMillis(); private long lastMessageTimeStamp = System.currentTimeMillis();
private RemoteSession peerSession; private RemoteSession peerSession;
private Session mySession; private Session mySession;
@ -45,12 +49,13 @@ public class RemoteSession {
private RemoteSessionConstants.CONNECTION_TYPE connectionType; private RemoteSessionConstants.CONNECTION_TYPE connectionType;
public RemoteSession(Session session, String tenantDomain, String deviceType, String deviceId, public RemoteSession(Session session, String tenantDomain, String deviceType, String deviceId,
RemoteSessionConstants.CONNECTION_TYPE connectionType) { RemoteSessionConstants.CONNECTION_TYPE connectionType, String uuidToValidateDevice) {
this.mySession = session; this.mySession = session;
this.deviceType = deviceType; this.deviceType = deviceType;
this.deviceId = deviceId; this.deviceId = deviceId;
this.tenantDomain = tenantDomain; this.tenantDomain = tenantDomain;
this.connectionType = connectionType; this.connectionType = connectionType;
this.uuidToValidateDevice = uuidToValidateDevice;
maxMessagesPerSecond = RemoteSessionManagementDataHolder.getInstance().getMaxMessagesPerSecond(); maxMessagesPerSecond = RemoteSessionManagementDataHolder.getInstance().getMaxMessagesPerSecond();
messageAllowance = maxMessagesPerSecond; messageAllowance = maxMessagesPerSecond;
messageRatePerSecond = (double) maxMessagesPerSecond / 1000; messageRatePerSecond = (double) maxMessagesPerSecond / 1000;
@ -109,6 +114,10 @@ public class RemoteSession {
} }
} }
public String getUuidToValidateDevice() {
return uuidToValidateDevice;
}
public Session getMySession() { public Session getMySession() {
return mySession; return mySession;
} }

5
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/internal/RemoteSessionManagementDataHolder.java
Unescape View File

@ -43,6 +43,11 @@ public class RemoteSessionManagementDataHolder {
private OAuthAuthenticator oAuthAuthenticator; private OAuthAuthenticator oAuthAuthenticator;
private Map<String, RemoteSession> activeDeviceClientSessionMap = new ConcurrentHashMap<String, RemoteSession>(); private Map<String, RemoteSession> activeDeviceClientSessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, RemoteSession> sessionMap = new ConcurrentHashMap<String, RemoteSession>(); private Map<String, RemoteSession> sessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, String> uuidToTenantMap = new ConcurrentHashMap<>();
public Map<String, String> getUuidToTenantMap() {
return uuidToTenantMap;
}
public static RemoteSessionManagementDataHolder getInstance() { public static RemoteSessionManagementDataHolder getInstance() {
return thisInstance; return thisInstance;

Write Preview
Loading…
Cancel
Save