Merge pull request #199 from GPrathap/IoTS-1.0.0

removing mb mqtt authorization extension.
merge-requests/1/head
Chatura Dilan 8 years ago committed by GitHub
commit 878c38ad8e

@ -1,100 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>mb-extensions</artifactId>
<groupId>org.wso2.iot</groupId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</artifactId>
<packaging>bundle</packaging>
<name>WSO2 Carbon - Component - MQTT - Authorization Manager</name>
<description>MQTT authorization manager based on Carbon device manager</description>
<url>http://wso2.org</url>
<dependencies>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.utils</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.core</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.andes.wso2</groupId>
<artifactId>andes</artifactId>
<version>3.1.2</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.user.api</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.user.core</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-scr-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<extensions>true</extensions>
<configuration>
<instructions>
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
<Bundle-Name>${project.artifactId}</Bundle-Name>
<Private-Package>
org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal
</Private-Package>
<Export-Package>
!org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal,
org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.*
</Export-Package>
<Import-Package>
org.apache.log4j,
org.dna.mqtt.moquette.server,
org.wso2.andes.configuration.enums,
org.wso2.andes.mqtt,
org.wso2.carbon.context,
org.apache.commons.logging,
org.osgi.service.component,
org.wso2.carbon.user.core.service,
org.wso2.carbon.user.core.tenant,
org.wso2.carbon.user.api
</Import-Package>
</instructions>
</configuration>
</plugin>
</plugins>
</build>
</project>

@ -1,133 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dna.mqtt.moquette.server.IAuthorizer;
import org.wso2.andes.configuration.enums.MQTTAuthoriztionPermissionLevel;
import org.wso2.andes.mqtt.MQTTAuthorizationSubject;
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal.AuthorizationDataHolder;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import java.util.List;
/**
* Authorize the connecting users against Carbon Permission Model. Intended usage is
* via providing fully qualified class name in broker.xml
* <p/>
* This is just a simple authorization model. For dynamic topics use an implementation based on IAuthorizer
*/
public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
private static Log logger = LogFactory.getLog(DeviceAccessBasedMQTTAuthorizer.class);
private static final String CONNECTION_PERMISSION = "/permission/admin/device-mgt/user";
private static final String ADMIN_PERMISSION = "/permission/admin/device-mgt/admin";
private static final String SCOPE_IDENTIFIER = "scope";
private static final String UI_EXECUTE = "ui.execute";
private static final String MQTT_PUBLISHER_SCOPE_IDENTIFIER = "mqtt-publisher";
private static final String MQTT_SUBSCRIBER_SCOPE_IDENTIFIER = "mqtt-subscriber";
private static final String DEVICE_MGT_SCOPE_IDENTIFIER = "device-mgt";
/**
* {@inheritDoc} Authorize the user against carbon device mgt model.
*/
@Override
public boolean isAuthorizedForTopic(MQTTAuthorizationSubject authorizationSubject, String topic,
MQTTAuthoriztionPermissionLevel permissionLevel) {
if (isUserAuthorized(authorizationSubject, ADMIN_PERMISSION, UI_EXECUTE)) {
System.out.println("isAuthorizedForTopic - user is auth success !");
return true;
}
String topics[] = topic.split("/");
if (topics.length < 3) {
System.out.println("isAuthorizedForTopic topic name invalid");
return false;
}
String tenantIdFromTopic = topics[0];
if (!tenantIdFromTopic.equals(authorizationSubject.getTenantDomain())) {
System.out.println("isAuthorizedForTopic tenantID invalid");
return false;
}
String deviceType = topics[1];
String deviceId = topics[2];
Object scopeObject = authorizationSubject.getProperties().get(SCOPE_IDENTIFIER);
if (!deviceId.isEmpty() && !deviceType.isEmpty() && scopeObject != null) {
List<String> scopes = (List<String>) scopeObject;
String permissionScope = MQTT_PUBLISHER_SCOPE_IDENTIFIER;
if (permissionLevel == MQTTAuthoriztionPermissionLevel.SUBSCRIBE) {
permissionScope = MQTT_SUBSCRIBER_SCOPE_IDENTIFIER;
}
String requiredScope = DEVICE_MGT_SCOPE_IDENTIFIER + ":" + deviceType + ":" + deviceId + ":"
+ permissionScope;
for (String scope : scopes) {
if (requiredScope.equals(scope)) {
System.out.println("isAuthorizedForTopic - Pass");
return true;
}
}
}
System.out.println("isAuthorizedForTopic - Failed");
return false;
}
/**
* {@inheritDoc} Authorized the user against carbon device mgt model.
*/
@Override
public boolean isAuthorizedToConnect(MQTTAuthorizationSubject authorizationSubject) {
return isUserAuthorized(authorizationSubject, CONNECTION_PERMISSION, UI_EXECUTE);
}
/**
* Check whether the client is authorized with the given permission and action.
*
* @param authorizationSubject this contains the client information
* @param permission Carbon permission that requires for the use
* @param action Carbon permission action that requires for the given permission.
* @return boolean - true if user is authorized else return false.
*/
private boolean isUserAuthorized(MQTTAuthorizationSubject authorizationSubject, String permission, String action) {
String username = authorizationSubject.getUsername();
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
authorizationSubject.getTenantDomain(), true);
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
UserRealm userRealm = AuthorizationDataHolder.getInstance().getRealmService()
.getTenantUserRealm(tenantId);
if (userRealm != null && userRealm.getAuthorizationManager() != null) {
return userRealm.getAuthorizationManager().isUserAuthorized(username, permission, action);
}
System.out.println("isUserAuthorized failse");
return false;
} catch (UserStoreException e) {
String errorMsg = String.format("Unable to authorize the user : %s", username);
logger.error(errorMsg, e);
System.out.println("isUserAuthorized failed");
return false;
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
}

@ -1,57 +0,0 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager;
public class AuthorizationDataHolder {
private RealmService realmService;
private TenantManager tenantManager;
private static AuthorizationDataHolder thisInstance = new AuthorizationDataHolder();
private AuthorizationDataHolder() {}
public static AuthorizationDataHolder getInstance() {
return thisInstance;
}
public RealmService getRealmService() {
return realmService;
}
public void setRealmService(RealmService realmService) {
this.realmService = realmService;
this.setTenantManager(realmService);
}
private void setTenantManager(RealmService realmService) {
if (realmService == null) {
throw new IllegalStateException("Realm service is not initialized properly");
}
this.tenantManager = realmService.getTenantManager();
}
public TenantManager getTenantManager() {
return tenantManager;
}
}

@ -1,72 +0,0 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.user.core.service.RealmService;
/**
* @scr.component name="org.wso2.carbon.devicemgt.policy.manager" immediate="true"
* @scr.reference name="user.realmservice.default"
* interface="org.wso2.carbon.user.core.service.RealmService"
* cardinality="1..1"
* policy="dynamic"
* bind="setRealmService"
* unbind="unsetRealmService"
*/
@SuppressWarnings("unused")
public class AuthorizationServiceComponent {
private static Log log = LogFactory.getLog(AuthorizationServiceComponent.class);
protected void activate(ComponentContext componentContext) {
}
@SuppressWarnings("unused")
protected void deactivate(ComponentContext componentContext) {
}
/**
* Sets Realm Service
*
* @param realmService An instance of RealmService
*/
protected void setRealmService(RealmService realmService) {
if (log.isDebugEnabled()) {
log.debug("Setting Realm Service");
}
AuthorizationDataHolder.getInstance().setRealmService(realmService);
}
/**
* Unsets Realm Service
*
* @param realmService An instance of RealmService
*/
protected void unsetRealmService(RealmService realmService) {
if (log.isDebugEnabled()) {
log.debug("Unsetting Realm Service");
}
AuthorizationDataHolder.getInstance().setRealmService(null);
}
}

@ -1,38 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.wso2.iot</groupId>
<artifactId>iot-extensions</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>mb-extensions</artifactId>
<packaging>pom</packaging>
<name>WSO2 Carbon - MB Extension</name>
<url>http://wso2.org</url>
<modules>
<module>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</module>
</modules>
</project>

@ -1,80 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>mb-extensions-feature</artifactId>
<groupId>org.wso2.iot</groupId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.feature</artifactId>
<packaging>pom</packaging>
<name>WSO2 Carbon - MQTT Authorization Feature</name>
<url>http://wso2.org</url>
<description>This feature contains the bundles required for mqtt authorization</description>
<dependencies>
<dependency>
<groupId>org.wso2.iot</groupId>
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.wso2.maven</groupId>
<artifactId>carbon-p2-plugin</artifactId>
<version>${carbon.p2.plugin.version}</version>
<executions>
<execution>
<id>4-p2-feature-generation</id>
<phase>package</phase>
<goals>
<goal>p2-feature-gen</goal>
</goals>
<configuration>
<id>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</id>
<propertiesFile>../../etc/feature.properties</propertiesFile>
<adviceFile>
<properties>
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
<propertyDef>org.eclipse.equinox.p2.type.group:true</propertyDef>
</properties>
</adviceFile>
<bundles>
<bundleDef>
org.wso2.iot:org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization:${carbon.iot.device.mgt.version}
</bundleDef>
</bundles>
<importFeatures>
<importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version}</importFeatureDef>
</importFeatures>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

@ -1,19 +0,0 @@
#
# Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
#
# WSO2 Inc. licenses this file to you under the Apache License,
# Version 2.0 (the "License"); you may not use this file except
# in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
custom = true

@ -1,40 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.wso2.iot</groupId>
<artifactId>iot-extensions</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>mb-extensions-feature</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>pom</packaging>
<name>WSO2 Carbon - Device Management, MB Extensions Feature</name>
<url>http://wso2.org</url>
<modules>
<module>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.feature</module>
</modules>
</project>

@ -1,40 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.wso2.iot</groupId>
<artifactId>wso2iot-parent</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>iot-extensions</artifactId>
<packaging>pom</packaging>
<name>WSO2 Carbon - IoT Extensions</name>
<url>http://wso2.org</url>
<modules>
<module>components/mb-extensions</module>
<module>features/mb-extensions-feature</module>
</modules>
</project>

@ -37,7 +37,6 @@
<modules> <modules>
<module>modules/tools</module> <module>modules/tools</module>
<module>modules/iotserver-ui</module> <module>modules/iotserver-ui</module>
<!--<module>modules/iot-extensions</module>-->
<module>modules/features</module> <module>modules/features</module>
<module>modules/p2-profile-gen</module> <module>modules/p2-profile-gen</module>
<module>modules/distribution</module> <module>modules/distribution</module>

Loading…
Cancel
Save