Merge pull request #915 from charithag/master

Fix issue in remote connect token handling
merge-requests/3/head
Charitha Goonetilleke 6 years ago committed by GitHub
commit 556450c24f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -42,11 +42,8 @@ import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import java.util.Map;
/**
* Class @{@link RemoteSessionManagementServiceImpl} is the implementation of @{@link RemoteSessionManagementService}
@ -68,16 +65,13 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
}
// Read Query Parameters for obtain the token
Map<String, List<String>> sessionQueryParam = new HashMap();
List<String> sessionQueryParamList = new LinkedList<>();
sessionQueryParamList.add(session.getQueryString());
sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList);
String token = getTokenFromSession(session);
// if session initiated using operation id means request came from device.
if (operationId == null) {
// Validate the token
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator();
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam);
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(token);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
try {
@ -136,17 +130,20 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
String uuid = session.getQueryString();
if (uuid != null && uuid.isEmpty()) {
log.error("Could not find a UUID related to the remote session");
if (token == null || token.isEmpty()) {
String message = "Could not find a UUID related to the remote session.";
log.error(message);
throw new RemoteSessionManagementException(message);
} else {
String tenantDomain = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(uuid);
String tenantDomain = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(token);
if (tenantDomain == null || tenantDomain.isEmpty()) {
log.error("Invalid UUID, could not create the remote session");
String message = "Invalid UUID (" + token + "), could not create the remote session.";
log.error(message);
throw new RemoteSessionManagementException(message);
} else {
// create new device session
initializeDeviceSession(session, tenantDomain, deviceType, deviceId, operationId, uuid);
initializeDeviceSession(session, tenantDomain, deviceType, deviceId, operationId, token);
}
}
}
@ -370,4 +367,33 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
}
}
/**
* Retrieving the token from the http session
*
* @param session WebSocket session
* @return retrieved token
*/
private String getTokenFromSession(Session session) {
if (session == null) {
return null;
}
String queryString = session.getQueryString();
if (queryString != null) {
String[] allQueryParamPairs = queryString.split(RemoteSessionConstants.OAuthTokenValidator
.QUERY_STRING_SEPERATOR);
for (String keyValuePair : allQueryParamPairs) {
String[] queryParamPair = keyValuePair.split(RemoteSessionConstants.OAuthTokenValidator
.QUERY_KEY_VALUE_SEPERATOR);
if (queryParamPair.length != 2) {
log.warn("Invalid query string [" + queryString + "] passed in.");
break;
}
if (queryParamPair[0].equals(RemoteSessionConstants.OAuthTokenValidator.TOKEN_IDENTIFIER)) {
return queryParamPair[1];
}
}
}
return null;
}
}

@ -14,7 +14,6 @@
package org.wso2.carbon.device.mgt.extensions.remote.session.authentication;
import org.wso2.carbon.device.mgt.extensions.remote.session.authentication.oauth.OAuthTokenValidator;
import java.util.List;
@ -30,7 +29,7 @@ public class OAuthAuthenticator {
oAuthTokenValidator = new OAuthTokenValidator(globalProperties);
}
public AuthenticationInfo isAuthenticated(Map<String, List<String>> webSocketConnectionProperties) {
return oAuthTokenValidator.validateToken(webSocketConnectionProperties);
public AuthenticationInfo isAuthenticated(String token) {
return oAuthTokenValidator.validateToken(token);
}
}

@ -40,8 +40,6 @@ public class OAuthTokenValidator {
private static String cookie;
private GenericObjectPool stubs;
private static Log log = LogFactory.getLog(OAuthTokenValidator.class);
private static OAuthTokenValidator oAuthTokenValidator;
public OAuthTokenValidator(Map<String, String> globalProperties) {
this.stubs = new GenericObjectPool(new OAuthTokenValidatorStubFactory(globalProperties));
@ -50,11 +48,10 @@ public class OAuthTokenValidator {
/**
* This method gets a string accessToken and validates it
*
* @param webSocketConnectionProperties WebSocket connection information including http headers
* @param token oauth token
* @return AuthenticationInfo with the validated results.
*/
public AuthenticationInfo validateToken(Map<String, List<String>> webSocketConnectionProperties) {
String token = getTokenFromSession(webSocketConnectionProperties);
public AuthenticationInfo validateToken(String token) {
if (token == null) {
AuthenticationInfo authenticationInfo = new AuthenticationInfo();
authenticationInfo.setAuthenticated(false);
@ -65,10 +62,6 @@ public class OAuthTokenValidator {
Object stub = this.stubs.borrowObject();
if (stub != null) {
tokenValidationServiceStub = (OAuth2TokenValidationServiceStub) stub;
if (cookie != null) {
tokenValidationServiceStub._getServiceClient().getOptions().setProperty(
HTTPConstants.COOKIE_STRING, cookie);
}
return getAuthenticationInfo(token, tokenValidationServiceStub);
} else {
log.warn("Stub initialization failed.");
@ -145,53 +138,4 @@ public class OAuthTokenValidator {
return authenticationInfo;
}
/**
* Retrieving the token from the http header
*
* @param webSocketConnectionProperties WebSocket connection information including http headers
* @return retrieved token
*/
private String getToken(Map<String, List<String>> webSocketConnectionProperties) {
String cookieString = webSocketConnectionProperties.get(RemoteSessionConstants.OAuthTokenValidator.COOKIE)
.get(0);
String[] properties = cookieString.split(RemoteSessionConstants.OAuthTokenValidator.COOKIE_KEYPAIR_SEPERATOR);
String token;
for (String keyValuePair : properties) {
if (RemoteSessionConstants.OAuthTokenValidator.TOKEN_IDENTIFIER.equals((keyValuePair.
split(RemoteSessionConstants.OAuthTokenValidator.COOKIE_KEY_VALUE_SEPERATOR)[0]).trim())) {
token = (keyValuePair.split(RemoteSessionConstants.OAuthTokenValidator.COOKIE_KEY_VALUE_SEPERATOR)
[1]).trim();
return token;
}
}
log.error("WebSocket token should be specified in cookie");
return null;
}
/**
* Retrieving the token from the http session
*
* @param webSocketConnectionProperties WebSocket connection information including http headers
* @return retrieved token
*/
private String getTokenFromSession(Map<String, List<String>> webSocketConnectionProperties) {
String queryString = webSocketConnectionProperties.get(RemoteSessionConstants.OAuthTokenValidator
.QUERY_STRING).get(0);
if (queryString != null) {
String[] allQueryParamPairs = queryString.split(RemoteSessionConstants.OAuthTokenValidator
.QUERY_STRING_SEPERATOR);
for (String keyValuePair : allQueryParamPairs) {
String[] queryParamPair = keyValuePair.split(RemoteSessionConstants.OAuthTokenValidator
.QUERY_KEY_VALUE_SEPERATOR);
if (queryParamPair.length != 2) {
log.warn("Invalid query string [" + queryString + "] passed in.");
break;
}
if (queryParamPair[0].equals(RemoteSessionConstants.OAuthTokenValidator.TOKEN_IDENTIFIER)) {
return queryParamPair[1];
}
}
}
return null;
}
}

Loading…
Cancel
Save