diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml
index 55ba73615e6..c042b1b0a6a 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/pom.xml
@@ -67,6 +67,11 @@
org.wso2.carbon.registry
org.wso2.carbon.registry.indexing
+
+ org.wso2.carbon.devicemgt
+ org.wso2.carbon.identity.jwt.client.extension
+ provided
+
@@ -110,6 +115,7 @@
org.wso2.carbon.apimgt.integration.client.*,
org.wso2.carbon.apimgt.integration.generated.client.store.api,
org.wso2.carbon.apimgt.integration.generated.client.store.model,
+ org.wso2.carbon.identity.jwt.client.extension.*,
feign
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java
index 4f10bedb36e..83cfbabf554 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java
@@ -77,4 +77,18 @@ public interface APIManagementProviderService {
*/
void removeAPIApplication(String applicationName, String username) throws APIManagerException;
+ /**
+ * To get access token for given scopes and for the given validity period
+ * @param scopes Scopes
+ * @param tags Tags
+ * @param applicationName Application Name
+ * @param tokenType Token Type
+ * @param validityPeriod Validity Period
+ * @return {@link String} Access Token
+ * @throws APIManagerException if error occurred while getting the access token for given scopes,
+ * validity period etc.
+ */
+ String getAccessToken(String scopes, String[] tags, String applicationName, String tokenType, String validityPeriod)
+ throws APIManagerException;
+
}
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java
index 7c1609304ea..1a77dbf680a 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java
@@ -21,6 +21,7 @@ package org.wso2.carbon.apimgt.application.extension;
import feign.FeignException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.apimgt.application.extension.bean.APIRegistrationProfile;
import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants;
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
@@ -30,6 +31,11 @@ import org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor;
import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
import org.wso2.carbon.apimgt.integration.generated.client.store.model.*;
import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
+import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
+import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
+import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
+import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import java.util.ArrayList;
@@ -230,4 +236,87 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
return this.generateAndRetrieveApplicationKeys(applicationName, tags, keyType, username,
isAllowedAllDomains, validityTime, null);
}
+
+ @Override
+ public String getAccessToken(String scopes, String[] tags, String applicationName, String tokenType,
+ String validityPeriod) throws APIManagerException {
+ try {
+ String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(true);
+ ApiApplicationKey clientCredentials = getClientCredentials(tenantDomain, tags, applicationName, tokenType,
+ validityPeriod);
+
+ if (clientCredentials == null) {
+ String msg = "Oauth Application creation is failed.";
+ log.error(msg);
+ throw new APIManagerException(msg);
+ }
+
+ String user =
+ PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername() + "@" + PrivilegedCarbonContext
+ .getThreadLocalCarbonContext().getTenantDomain(true);
+
+ JWTClientManagerService jwtClientManagerService = APIApplicationManagerExtensionDataHolder.getInstance()
+ .getJwtClientManagerService();
+ JWTClient jwtClient = jwtClientManagerService.getJWTClient();
+ AccessTokenInfo accessTokenForAdmin = jwtClient
+ .getAccessToken(clientCredentials.getConsumerKey(), clientCredentials.getConsumerSecret(), user,
+ scopes);
+
+ return accessTokenForAdmin.getAccessToken();
+ } catch (JWTClientException e) {
+ String msg = "JWT Error occurred while registering Application to get access token.";
+ log.error(msg, e);
+ throw new APIManagerException(msg, e);
+ } catch (APIManagerException e) {
+ String msg = "Error occurred while getting access tokens.";
+ log.error(msg, e);
+ throw new APIManagerException(msg, e);
+ } catch (UserStoreException e) {
+ String msg = "User management exception when getting client credentials.";
+ log.error(msg, e);
+ throw new APIManagerException(msg, e);
+ }
+ }
+
+ /**
+ * Get Client credentials
+ * @param tenantDomain Tenant Domain
+ * @param tags Tags
+ * @param applicationName Application Name
+ * @param tokenType Token Type
+ * @param validityPeriod Validity Period
+ * @return {@link ApiApplicationKey}
+ * @throws APIManagerException if error occurred while generating access token
+ * @throws UserStoreException if error ocurred while getting admin username.
+ */
+ private ApiApplicationKey getClientCredentials(String tenantDomain, String[] tags, String applicationName,
+ String tokenType, String validityPeriod) throws APIManagerException, UserStoreException {
+
+ APIRegistrationProfile registrationProfile = new APIRegistrationProfile();
+ registrationProfile.setAllowedToAllDomains(false);
+ registrationProfile.setMappingAnExistingOAuthApp(false);
+ registrationProfile.setTags(tags);
+ registrationProfile.setApplicationName(applicationName);
+
+ ApiApplicationKey info = null;
+ if (tenantDomain == null || tenantDomain.isEmpty()) {
+ tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
+ }
+ try {
+ PrivilegedCarbonContext.startTenantFlow();
+ PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
+ PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(
+ PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration()
+ .getAdminUserName());
+
+ if (registrationProfile.getUsername() == null || registrationProfile.getUsername().isEmpty()) {
+ info = generateAndRetrieveApplicationKeys(registrationProfile.getApplicationName(),
+ registrationProfile.getTags(), tokenType, registrationProfile.getApplicationName(),
+ registrationProfile.isAllowedToAllDomains(), validityPeriod);
+ }
+ } finally {
+ PrivilegedCarbonContext.endTenantFlow();
+ }
+ return info;
+ }
}
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/bean/APIRegistrationProfile.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/bean/APIRegistrationProfile.java
new file mode 100644
index 00000000000..2bacdac9222
--- /dev/null
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/bean/APIRegistrationProfile.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2021, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.apimgt.application.extension.bean;
+
+public class APIRegistrationProfile {
+ private String applicationName;
+ private String tags[];
+ private boolean isAllowedToAllDomains;
+ private boolean isMappingAnExistingOAuthApp;
+ private String username;
+ private String password;
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public String getApplicationName() {
+ return applicationName;
+ }
+
+ public void setApplicationName(String applicationName) {
+ this.applicationName = applicationName;
+ }
+
+ public String[] getTags() {
+ return tags;
+ }
+
+ public void setTags(String[] tags) {
+ this.tags = tags;
+ }
+
+ public boolean isAllowedToAllDomains() {
+ return isAllowedToAllDomains;
+ }
+
+ public void setAllowedToAllDomains(boolean allowedToAllDomains) {
+ isAllowedToAllDomains = allowedToAllDomains;
+ }
+
+ public boolean isMappingAnExistingOAuthApp() {
+ return isMappingAnExistingOAuthApp;
+ }
+
+ public void setMappingAnExistingOAuthApp(boolean mappingAnExistingOAuthApp) {
+ isMappingAnExistingOAuthApp = mappingAnExistingOAuthApp;
+ }
+
+}
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
index cf7cbadea43..90f297e6d3a 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
@@ -19,11 +19,15 @@ package org.wso2.carbon.apimgt.application.extension.internal;
import org.wso2.carbon.apimgt.application.extension.APIManagementProviderService;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager;
+import java.util.Hashtable;
+
public class APIApplicationManagerExtensionDataHolder {
private static APIApplicationManagerExtensionDataHolder thisInstance = new APIApplicationManagerExtensionDataHolder();
private APIManagementProviderService apiManagementProviderService;
@@ -32,6 +36,7 @@ public class APIApplicationManagerExtensionDataHolder {
private TenantRegistryLoader tenantRegistryLoader;
private TenantIndexingLoader indexLoader;
private IntegrationClientService integrationClientService;
+ private JWTClientManagerService jwtClientManagerService;
private APIApplicationManagerExtensionDataHolder() {
}
@@ -97,4 +102,16 @@ public class APIApplicationManagerExtensionDataHolder {
IntegrationClientService integrationClientService) {
this.integrationClientService = integrationClientService;
}
+
+ public JWTClientManagerService getJwtClientManagerService() {
+ if (jwtClientManagerService == null) {
+ PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+ jwtClientManagerService = (JWTClientManagerService)ctx.getOSGiService(JWTClientManagerService.class, (Hashtable)null);
+ }
+ return jwtClientManagerService;
+ }
+
+ public void setJwtClientManagerService(JWTClientManagerService jwtClientManagerService) {
+ this.jwtClientManagerService = jwtClientManagerService;
+ }
}
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionServiceComponent.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionServiceComponent.java
index 18bdec251af..9d28c89f167 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionServiceComponent.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/internal/APIApplicationManagerExtensionServiceComponent.java
@@ -58,16 +58,20 @@ import org.wso2.carbon.user.core.service.RealmService;
*/
public class APIApplicationManagerExtensionServiceComponent {
- private static Log log = LogFactory.getLog(APIApplicationManagerExtensionServiceComponent.class);
+ private static final Log log = LogFactory.getLog(APIApplicationManagerExtensionServiceComponent.class);
protected void activate(ComponentContext componentContext) {
- if (log.isDebugEnabled()) {
- log.debug("Initializing device extension bundle");
+ try {
+ if (log.isDebugEnabled()) {
+ log.debug("Initializing device extension bundle");
+ }
+ APIManagementProviderService apiManagementProviderService = new APIManagementProviderServiceImpl();
+ APIApplicationManagerExtensionDataHolder.getInstance().setAPIManagementProviderService(apiManagementProviderService);
+ BundleContext bundleContext = componentContext.getBundleContext();
+ bundleContext.registerService(APIManagementProviderService.class.getName(), apiManagementProviderService, null);
+ } catch (Throwable e) {
+ log.error("Error occurred while initializing API application management extension bundle", e);
}
- APIManagementProviderService apiManagementProviderService = new APIManagementProviderServiceImpl();
- APIApplicationManagerExtensionDataHolder.getInstance().setAPIManagementProviderService(apiManagementProviderService);
- BundleContext bundleContext = componentContext.getBundleContext();
- bundleContext.registerService(APIManagementProviderService.class.getName(), apiManagementProviderService, null);
}
protected void deactivate(ComponentContext componentContext) {