Merge remote-tracking branch 'upstream/master'

revert-70aa11f8
Megala 8 years ago
commit 4ec6883ec8

@ -166,7 +166,7 @@ public interface CertificateManagementAdminService {
value = "Getting Details of Certificates", value = "Getting Details of Certificates",
notes = "Get all the details of the certificates you have used for mutual SSL. In a situation where you wish to " notes = "Get all the details of the certificates you have used for mutual SSL. In a situation where you wish to "
+ "view all the certificate details, it is not feasible to show all the details on one " + "view all the certificate details, it is not feasible to show all the details on one "
+ "page therefore the details are paginated", + "page. Therefore, the details are paginated.",
tags = "Certificate Management" tags = "Certificate Management"
) )
@ApiResponses(value = { @ApiResponses(value = {
@ -216,7 +216,7 @@ public interface CertificateManagementAdminService {
Response getAllCertificates( Response getAllCertificates(
@ApiParam( @ApiParam(
name = "offset", name = "offset",
value = "The starting pagination index for the complete list of qualified items", value = "The starting pagination index for the complete list of qualified items.",
required = false, required = false,
defaultValue = "0") defaultValue = "0")
@QueryParam("offset") int offset, @QueryParam("offset") int offset,
@ -241,7 +241,7 @@ public interface CertificateManagementAdminService {
produces = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON,
httpMethod = "DELETE", httpMethod = "DELETE",
value = "Deleting an SSL Certificate", value = "Deleting an SSL Certificate",
notes = "Delete an SSL certificate that's on the client end", notes = "Delete an SSL certificate that's on the client end.",
tags = "Certificate Management") tags = "Certificate Management")
@ApiResponses(value = { @ApiResponses(value = {
@ApiResponse( @ApiResponse(
@ -264,7 +264,7 @@ public interface CertificateManagementAdminService {
@ApiParam( @ApiParam(
name = "serialNumber", name = "serialNumber",
value = "The serial number of the certificate.\n" + value = "The serial number of the certificate.\n" +
"NOTE: Make sure that a certificate with the serial number you provide exists in the server. If no, first add a certificate.", "NOTE: Make sure that a certificate with the serial number you provide exists in the server. If not, first add a certificate.",
required = true, required = true,
defaultValue = "12438035315552875930") defaultValue = "12438035315552875930")
@PathParam("serialNumber") String serialNumber); @PathParam("serialNumber") String serialNumber);

@ -0,0 +1,60 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.swagger.extension;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.jaxrs.Reader;
import io.swagger.jaxrs.config.ReaderListener;
import io.swagger.models.Swagger;
import io.swagger.models.auth.OAuth2Definition;
import io.swagger.models.auth.SecuritySchemeDefinition;
import java.util.HashMap;
import java.util.Map;
@SwaggerDefinition(
basePath = "/api/certificate-mgt/v1.0",
host = "localhost:9443"
)
public class SecurityDefinitionConfigurator implements ReaderListener {
public static final String TOKEN_AUTH_SCHEME = "swagger_auth";
@Override
public void beforeScan(Reader reader, Swagger swagger) {
}
@Override
public void afterScan(Reader reader, Swagger swagger) {
OAuth2Definition tokenScheme = new OAuth2Definition();
tokenScheme.setType("oauth2");
tokenScheme.setFlow("application");
tokenScheme.setTokenUrl("https://" + swagger.getHost() + "/oauth2/token");
tokenScheme.setAuthorizationUrl("https://" + swagger.getHost() + "/oauth2/authorize");
tokenScheme.addScope("write:everything", "Full access");
Map<String, SecuritySchemeDefinition> schemes = new HashMap<>();
schemes.put(TOKEN_AUTH_SCHEME, tokenScheme);
swagger.setSecurityDefinitions(schemes);
}
}

@ -29,6 +29,7 @@
<ref bean="certificateServiceBean"/> <ref bean="certificateServiceBean"/>
<ref bean="swaggerResource"/> <ref bean="swaggerResource"/>
</jaxrs:serviceBeans> </jaxrs:serviceBeans>
<jaxrs:providers> <jaxrs:providers>
<ref bean="jsonProvider"/> <ref bean="jsonProvider"/>
<ref bean="errorHandler"/> <ref bean="errorHandler"/>

@ -655,7 +655,7 @@ public interface DeviceManagementService {
produces = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON,
httpMethod = "GET", httpMethod = "GET",
value = "Get the details of the policy that is enforced on a device.", value = "Get the details of the policy that is enforced on a device.",
notes = "A policy is enforced on all the devices that registers with WSO2 EMM." + notes = "A policy is enforced on all the devices that register with WSO2 EMM." +
"WSO2 EMM filters the policies based on the device platform (device type)," + "WSO2 EMM filters the policies based on the device platform (device type)," +
"the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.", "the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.",
tags = "Device Management") tags = "Device Management")

@ -112,13 +112,15 @@ public interface NotificationManagementService {
@ApiParam( @ApiParam(
name = "offset", name = "offset",
value = "The starting pagination index for the complete list of qualified items.", value = "The starting pagination index for the complete list of qualified items.",
required = false) required = false,
defaultValue = "0")
@QueryParam("offset") @QueryParam("offset")
int offset, int offset,
@ApiParam( @ApiParam(
name = "limit", name = "limit",
value = "Provide how many notification details you require from the starting pagination index/offset.", value = "Provide how many notification details you require from the starting pagination index/offset.",
required = false) required = false,
defaultValue = "5")
@QueryParam("limit") @QueryParam("limit")
int limit); int limit);

@ -27,6 +27,12 @@ var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var serviceInvokers = require("/app/modules/oauth/token-protected-service-invokers.js")["invokers"]; var serviceInvokers = require("/app/modules/oauth/token-protected-service-invokers.js")["invokers"];
if (uriMatcher.match("/{context}/api/invoker/execute/")) { if (uriMatcher.match("/{context}/api/invoker/execute/")) {
//NOTE: We are only interested in Content-Type headers. Appending all request headers to the back-end call
// will cause unforeseen security issues.
var contentType = request.getHeader(constants.CONTENT_TYPE_IDENTIFIER);
var requestHeaders = [];
requestHeaders.push({"name": constants.CONTENT_TYPE_IDENTIFIER, "value" : contentType});
var restAPIRequestDetails = request.getContent(); var restAPIRequestDetails = request.getContent();
var requestMethod = restAPIRequestDetails["requestMethod"]; var requestMethod = restAPIRequestDetails["requestMethod"];
@ -57,7 +63,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) { if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"]; response["content"] = restAPIResponse["responseText"];
} }
} },
requestHeaders
); );
break; break;
case constants["HTTP_POST"]: case constants["HTTP_POST"]:
@ -69,7 +76,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) { if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"]; response["content"] = restAPIResponse["responseText"];
} }
} },
requestHeaders
); );
break; break;
case constants["HTTP_PUT"]: case constants["HTTP_PUT"]:
@ -81,7 +89,8 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) { if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"]; response["content"] = restAPIResponse["responseText"];
} }
} },
requestHeaders
); );
break; break;
case constants["HTTP_DELETE"]: case constants["HTTP_DELETE"]:
@ -92,11 +101,15 @@ if (uriMatcher.match("/{context}/api/invoker/execute/")) {
if (restAPIResponse["responseText"]) { if (restAPIResponse["responseText"]) {
response["content"] = restAPIResponse["responseText"]; response["content"] = restAPIResponse["responseText"];
} }
} },
requestHeaders
); );
break; break;
} }
} catch (e) { } catch (e) {
//Since this is an API we'll log the error message.
log.error(e.message); // JavaScript error message
log.error(e.stack); // Executed JavaScript file stack
throw new Error("Exception occurred while trying to access " + throw new Error("Exception occurred while trying to access " +
"backend REST API services from Jaggery API invoker layer", e); "backend REST API services from Jaggery API invoker layer", e);
} }

@ -73,11 +73,26 @@ var invokers = function () {
var xmlHttpRequest = new XMLHttpRequest(); var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open(httpMethod, endpoint); xmlHttpRequest.open(httpMethod, endpoint);
var contentTypeFound = false;
var acceptTypeFound = false;
for (var i in headers) { for (var i in headers) {
xmlHttpRequest.setRequestHeader(headers[i].name, headers[i].value); xmlHttpRequest.setRequestHeader(headers[i].name, headers[i].value);
if(constants["CONTENT_TYPE_IDENTIFIER"] == headers[i].name){
contentTypeFound = true;
}
if(constants["ACCEPT_IDENTIFIER"] == headers[i].name){
acceptTypeFound = true;
} }
}
if (!contentTypeFound) {
xmlHttpRequest.setRequestHeader(constants["CONTENT_TYPE_IDENTIFIER"], constants["APPLICATION_JSON"]); xmlHttpRequest.setRequestHeader(constants["CONTENT_TYPE_IDENTIFIER"], constants["APPLICATION_JSON"]);
}
if (!acceptTypeFound) {
xmlHttpRequest.setRequestHeader(constants["ACCEPT_IDENTIFIER"], constants["APPLICATION_JSON"]); xmlHttpRequest.setRequestHeader(constants["ACCEPT_IDENTIFIER"], constants["APPLICATION_JSON"]);
}
if (devicemgtProps["isOAuthEnabled"]) { if (devicemgtProps["isOAuthEnabled"]) {
var accessToken = privateMethods.getAccessToken(); var accessToken = privateMethods.getAccessToken();
@ -284,23 +299,37 @@ var invokers = function () {
//noinspection JSUnresolvedVariable //noinspection JSUnresolvedVariable
var Header = Packages.org.apache.commons.httpclient.Header; var Header = Packages.org.apache.commons.httpclient.Header;
var contentTypeFound = false;
var acceptTypeFound = false;
for (var i in headers) { for (var i in headers) {
var header = new Header(); var header = new Header();
header.setName(headers[i].name); header.setName(headers[i].name);
header.setValue(headers[i].value); header.setValue(headers[i].value);
httpMethodObject.addRequestHeader(header); httpMethodObject.addRequestHeader(header);
if(constants["CONTENT_TYPE_IDENTIFIER"] == headers[i].name){
contentTypeFound = true;
}
if(constants["ACCEPT_IDENTIFIER"] == headers[i].name){
acceptTypeFound = true;
}
} }
var header = new Header(); var header = new Header();
if(!contentTypeFound){
header.setName(constants["CONTENT_TYPE_IDENTIFIER"]); header.setName(constants["CONTENT_TYPE_IDENTIFIER"]);
header.setValue(constants["APPLICATION_JSON"]); header.setValue(constants["APPLICATION_JSON"]);
//noinspection JSUnresolvedFunction //noinspection JSUnresolvedFunction
httpMethodObject.addRequestHeader(header); httpMethodObject.addRequestHeader(header);
}
if(!acceptTypeFound) {
header = new Header(); header = new Header();
header.setName(constants["ACCEPT_IDENTIFIER"]); header.setName(constants["ACCEPT_IDENTIFIER"]);
header.setValue(constants["APPLICATION_JSON"]); header.setValue(constants["APPLICATION_JSON"]);
//noinspection JSUnresolvedFunction //noinspection JSUnresolvedFunction
httpMethodObject.addRequestHeader(header); httpMethodObject.addRequestHeader(header);
}
if (devicemgtProps["isOAuthEnabled"]) { if (devicemgtProps["isOAuthEnabled"]) {
var accessToken = privateMethods.getAccessToken(); var accessToken = privateMethods.getAccessToken();

Loading…
Cancel
Save