diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/pom.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/pom.xml
new file mode 100644
index 00000000000..7dfdd93df4e
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/pom.xml
@@ -0,0 +1,192 @@
+
+
+
+ 4.0.0
+
+
+ org.wso2.carbon.devicemgt
+ application-mgt
+ 3.0.46-SNAPSHOT
+
+
+ org.wso2.carbon.device.application.mgt.authhandler
+ 3.0.46-SNAPSHOT
+ war
+ WSO2 Carbon - Application Management Authentication Handler API
+ Proxy Service for Authentication Handling in WSO2 App Manager.
+ http://wso2.org
+
+
+
+
+ maven-war-plugin
+
+ WEB-INF/lib/*cxf*.jar
+ auth#application-mgt#v1.0
+
+
+
+
+
+
+
+ deploy
+
+ compile
+
+
+ org.apache.maven.plugins
+ maven-antrun-plugin
+ 1.7
+
+
+ compile
+
+ run
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ client
+
+ test
+
+
+ org.codehaus.mojo
+ exec-maven-plugin
+ 1.2.1
+
+
+ test
+
+ java
+
+
+
+
+
+
+
+
+
+
+
+ org.apache.cxf
+ cxf-rt-frontend-jaxws
+ provided
+
+
+ org.apache.cxf
+ cxf-rt-frontend-jaxrs
+ provided
+
+
+ org.apache.cxf
+ cxf-rt-transports-http
+ provided
+
+
+ junit
+ junit
+ test
+
+
+ org.codehaus.jackson
+ jackson-jaxrs
+
+
+ org.codehaus.jackson
+ jackson-core-asl
+
+
+ javax.ws.rs
+ jsr311-api
+ provided
+
+
+ org.wso2.carbon
+ org.wso2.carbon.utils
+ provided
+
+
+ org.wso2.carbon
+ org.wso2.carbon.logging
+ provided
+
+
+ org.json.wso2
+ json
+
+
+ commons-codec.wso2
+ commons-codec
+ provided
+
+
+
+ io.github.openfeign
+ feign-core
+ 9.5.0
+
+
+
+ io.github.openfeign
+ feign-jackson
+ 9.5.0
+
+
+
+ io.github.openfeign
+ feign-jaxrs
+ 9.5.0
+
+
+ javax.servlet
+ servlet-api
+ provided
+
+
+ org.wso2.orbit.com.fasterxml.jackson.core
+ jackson-annotations
+
+
+ org.hibernate
+ hibernate-validator
+
+
+ javax.ws.rs
+ javax.ws.rs-api
+
+
+
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/AuthHandlerService.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/AuthHandlerService.java
new file mode 100644
index 00000000000..5e4e9314d0a
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/AuthHandlerService.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.application.mgt.auth.handler.service;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+@Path("/auth")
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public interface AuthHandlerService {
+
+ @POST
+ @Path("/login")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_JSON)
+ Response login(@QueryParam("userName") String userName, @QueryParam("password") String password);
+
+ @POST
+ @Path("/refresh")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_JSON)
+ Response refresh(@QueryParam("refresh_token") String refresh_token, @QueryParam("clientId") String clientId,
+ @QueryParam("clientSecret") String clientSecret);
+
+ @POST
+ @Path("/logout")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_JSON)
+ Response logout(@QueryParam("token") String token, @QueryParam("clientId") String clientId,
+ @QueryParam("clientSecret") String clientSecret);
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/impl/AuthHandlerServiceImpl.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/impl/AuthHandlerServiceImpl.java
new file mode 100644
index 00000000000..cbb7846b94b
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/service/impl/AuthHandlerServiceImpl.java
@@ -0,0 +1,162 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.application.mgt.auth.handler.service.impl;
+
+import feign.Client;
+import feign.Feign;
+import feign.auth.BasicAuthRequestInterceptor;
+import feign.jackson.JacksonDecoder;
+import feign.jackson.JacksonEncoder;
+import feign.jaxrs.JAXRSContract;
+import org.json.JSONObject;
+import org.wso2.carbon.device.application.mgt.auth.handler.service.AuthHandlerService;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.Constants;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.AccessTokenInfo;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.ApiApplicationKey;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.ApiApplicationRegistrationService;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.ApiRegistrationProfile;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.TokenIssuerService;
+import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.TokenRevokeService;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+@Path("/auth")
+public class AuthHandlerServiceImpl implements AuthHandlerService {
+
+ private TrustManager[] trustAllCerts = new TrustManager[]{
+ new X509TrustManager() {
+ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+
+ public void checkClientTrusted(
+ java.security.cert.X509Certificate[] certs, String authType) {
+ }
+
+ public void checkServerTrusted(
+ java.security.cert.X509Certificate[] certs, String authType) {
+ }
+ }
+ };
+
+ private Client disableHostnameVerification = new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
+ @Override
+ public boolean verify(String s, SSLSession sslSession) {
+ return true;
+ }
+ });
+
+ @POST
+ @Path("/login")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Override
+ public Response login(@QueryParam("userName") String userName, @QueryParam("password") String password) {
+
+ try {
+ ApiApplicationRegistrationService apiApplicationRegistrationService = Feign.builder()
+ .client(disableHostnameVerification)
+ .requestInterceptor(new BasicAuthRequestInterceptor(userName, password))
+ .contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
+ .target(ApiApplicationRegistrationService.class, Constants.API_APPLICATION_ENDPOINT);
+ ApiRegistrationProfile apiRegistrationProfile = new ApiRegistrationProfile();
+ apiRegistrationProfile.setApplicationName(Constants.APPLICATION_NAME);
+ apiRegistrationProfile.setIsAllowedToAllDomains(false);
+ apiRegistrationProfile.setIsMappingAnExistingOAuthApp(false);
+ apiRegistrationProfile.setTags(Constants.TAGS);
+ ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile);
+
+ //PasswordGrantType
+ TokenIssuerService tokenIssuerService = Feign.builder().client(disableHostnameVerification)
+ .requestInterceptor(new BasicAuthRequestInterceptor(apiApplicationKey.getConsumerKey(),
+ apiApplicationKey.getConsumerSecret()))
+ .contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
+ .target(TokenIssuerService.class, Constants.TOKEN_ENDPOINT);
+ AccessTokenInfo accessTokenInfo = tokenIssuerService.getToken(Constants.PASSWORD_GRANT_TYPE,
+ userName, password, Constants.SCOPES);
+ JSONObject loginInfo = new JSONObject(accessTokenInfo);
+ loginInfo.append(Constants.USER_NAME, userName);
+ loginInfo.append(Constants.APPLICATION_INFO, new JSONObject(apiApplicationKey));
+ System.out.println(loginInfo);
+ return Response.status(200).entity(loginInfo.toString()).build();
+ } catch (Exception e) {
+ //return Response.status(500).build();
+ }
+ return Response.status(200).build();
+ }
+
+ @POST
+ @Path("/refresh")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Override
+ public Response refresh(@QueryParam("refresh_token") String refresh_token, @QueryParam("clientId") String clientId,
+ @QueryParam("clientSecret") String clientSecret) {
+ try {
+ TokenIssuerService tokenIssuerService = Feign.builder().client(disableHostnameVerification)
+ .requestInterceptor(new BasicAuthRequestInterceptor(clientId, clientSecret))
+ .contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
+ .target(TokenIssuerService.class, Constants.TOKEN_ENDPOINT);
+ AccessTokenInfo accessTokenInfo = tokenIssuerService.getRefreshToken(Constants.REFRESH_GRANT_TYPE, refresh_token);
+ return Response.status(200).entity(new JSONObject(accessTokenInfo)).build();
+ } catch (Exception e) {
+ return Response.status(500).build();
+ }
+ }
+
+
+
+ @POST
+ @Path("/logout")
+ @Override
+ public Response logout(@QueryParam("token") String token, @QueryParam("clientId") String clientId,
+ @QueryParam("clientSecret") String clientSecret) {
+ try {
+ TokenRevokeService tokenRevokeService = Feign.builder().client(disableHostnameVerification)
+ .requestInterceptor(new BasicAuthRequestInterceptor(clientId, clientSecret))
+ .contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
+ .target(TokenRevokeService.class, Constants.TOKEN_ENDPOINT);
+ tokenRevokeService.revoke(token);
+
+ return Response.status(200).build();
+ } catch (Exception e) {
+ return Response.status(500).build();
+ }
+ }
+
+ private SSLSocketFactory getTrustedSSLSocketFactory() {
+ try {
+ SSLContext sc = SSLContext.getInstance("SSL");
+ sc.init(null, trustAllCerts, new java.security.SecureRandom());
+ return sc.getSocketFactory();
+ } catch (KeyManagementException | NoSuchAlgorithmException e) {
+ return null;
+ }
+ }
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/Constants.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/Constants.java
new file mode 100644
index 00000000000..9cb64b83fcf
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/Constants.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util;
+
+public class Constants {
+ public static String SCOPES = "perm:application:get perm:application:create perm:application:update " +
+ "perm:application-mgt:login perm:application:delete perm:platform:add perm:platform:remove " +
+ "perm:roles:view perm:devices:view perm:platform:get";
+
+ public static String[] TAGS = {"device_management"};
+ public static String USER_NAME = "userName";
+ public static String APPLICATION_NAME = "applicationmgt_publisher";
+ public static String TOKEN_ENDPOINT = "https://localhost:8243";
+ public static String PASSWORD_GRANT_TYPE = "password";
+ public static String REFRESH_GRANT_TYPE = "refresh_token";
+ public static String API_APPLICATION_ENDPOINT = "https://localhost:9443/api-application-registration/";
+ public static String APPLICATION_INFO = "application_info";
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/AccessTokenInfo.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/AccessTokenInfo.java
new file mode 100755
index 00000000000..6f750d7cb9a
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/AccessTokenInfo.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * This hold access token info that returned from the api call
+ */
+@XmlRootElement(name = "AccessTokenInfo")
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class AccessTokenInfo {
+
+ @XmlElement(required = true, name = "token_type")
+ private String token_type;
+
+ @XmlElement(required = true, name = "expires_in")
+ private String expires_in;
+
+ @XmlElement(required = true, name = "refresh_token")
+ private String refresh_token;
+
+ @XmlElement(required = true, name = "access_token")
+ private String access_token;
+
+ public AccessTokenInfo() {}
+
+ public String getToken_type() {
+ return token_type;
+ }
+
+ public void setToken_type(String token_type) {
+ this.token_type = token_type;
+ }
+
+ public String getExpires_in() {
+ return expires_in;
+ }
+
+ public void setExpires_in(String expires_in) {
+ this.expires_in = expires_in;
+ }
+
+ public String getRefresh_token() {
+ return refresh_token;
+ }
+
+ public void setRefresh_token(String refresh_token) {
+ this.refresh_token = refresh_token;
+ }
+
+ public String getAccess_token() {
+ return access_token;
+ }
+
+ public void setAccess_token(String access_token) {
+ this.access_token = access_token;
+ }
+
+ @Override
+ public String toString() {
+ return access_token + " " + token_type + " " + refresh_token + " ";
+ }
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationKey.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationKey.java
new file mode 100644
index 00000000000..d66b4691fb8
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationKey.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * This holds api application consumer key and secret.
+ */
+@XmlRootElement
+public class ApiApplicationKey {
+ @XmlElement
+ private String client_id;
+ @XmlElement
+ private String client_secret;
+
+ public String getConsumerKey() {
+ return this.client_id;
+ }
+
+ public void setClient_id(String consumerKey) {
+ this.client_id = consumerKey;
+ }
+
+ public String getConsumerSecret() {
+ return this.client_secret;
+ }
+
+ public void setClient_secret(String consumerSecret) {
+ this.client_secret = consumerSecret;
+ }
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationRegistrationService.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationRegistrationService.java
new file mode 100755
index 00000000000..913e0e51c92
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiApplicationRegistrationService.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * This is the application registration service that exposed for apimApplicationRegistration
+ */
+
+@Path("/register")
+public interface ApiApplicationRegistrationService {
+
+ /**
+ * This method is used to register api application
+ *
+ * @param registrationProfile contains the necessary attributes that are needed in order to register an app.
+ */
+ @POST
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_JSON)
+ ApiApplicationKey register(ApiRegistrationProfile registrationProfile);
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiRegistrationProfile.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiRegistrationProfile.java
new file mode 100755
index 00000000000..cbe488dbb80
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/ApiRegistrationProfile.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+
+/**
+ * This class represents the data that are required to register
+ * the oauth application.
+ */
+public class ApiRegistrationProfile {
+
+ public String applicationName;
+ public String tags[];
+ public boolean isAllowedToAllDomains;
+ public String consumerKey;
+ public String consumerSecret;
+ public boolean isMappingAnExistingOAuthApp;
+
+ public String getApplicationName() {
+ return applicationName;
+ }
+
+ public void setApplicationName(String applicationName) {
+ this.applicationName = applicationName;
+ }
+
+ public String[] getTags() {
+ return tags;
+ }
+
+ public void setTags(String[] tags) {
+ this.tags = tags;
+ }
+
+ public boolean isAllowedToAllDomains() {
+ return isAllowedToAllDomains;
+ }
+
+ public void setIsAllowedToAllDomains(boolean isAllowedToAllDomains) {
+ this.isAllowedToAllDomains = isAllowedToAllDomains;
+ }
+
+ public boolean isMappingAnExistingOAuthApp() {
+ return isMappingAnExistingOAuthApp;
+ }
+
+ public void setIsMappingAnExistingOAuthApp(boolean isMappingAnExistingOAuthApp) {
+ this.isMappingAnExistingOAuthApp = isMappingAnExistingOAuthApp;
+ }
+
+ public String getConsumerKey() {
+ return consumerKey;
+ }
+
+ public void setConsumerKey(String consumerKey) {
+ this.consumerKey = consumerKey;
+ }
+
+ public String getConsumerSecret() {
+ return consumerSecret;
+ }
+
+ public void setConsumerSecret(String consumerSecret) {
+ this.consumerSecret = consumerSecret;
+ }
+}
\ No newline at end of file
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/OAuthRequestInterceptor.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/OAuthRequestInterceptor.java
new file mode 100755
index 00000000000..c99a738b7b6
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/OAuthRequestInterceptor.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+
+import static feign.Util.checkNotNull;
+
+/**
+ * This is a request interceptor to add oauth token header.
+ */
+public class OAuthRequestInterceptor implements RequestInterceptor {
+
+ private final String headerValue;
+
+ /**
+ * Creates an interceptor that authenticates all requests with the specified OAUTH token
+ *
+ * @param token the access token to use for authentication
+ */
+ public OAuthRequestInterceptor(String token) {
+ checkNotNull(token, "access_token");
+ headerValue = "Bearer " + token;
+ }
+ @Override
+ public void apply(RequestTemplate template) {
+ template.header("Authorization", headerValue);
+ }
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/RegistrationProfile.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/RegistrationProfile.java
new file mode 100755
index 00000000000..d1893280998
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/RegistrationProfile.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+/**
+ * This class represents the data that are required to register
+ * the oauth application.
+ */
+public class RegistrationProfile {
+
+ public String callbackUrl;
+ public String clientName;
+ public String tokenScope;
+ public String owner;
+ public String grantType;
+ public String applicationType;
+
+ private static final String TAG = RegistrationProfile.class.getSimpleName();
+
+ public String getCallbackUrl() {
+ return callbackUrl;
+ }
+
+ public void setCallbackUrl(String callBackUrl) {
+ this.callbackUrl = callBackUrl;
+ }
+
+ public String getClientName() {
+ return clientName;
+ }
+
+ public void setClientName(String clientName) {
+ this.clientName = clientName;
+ }
+
+ public String getTokenScope() {
+ return tokenScope;
+ }
+
+ public void setTokenScope(String tokenScope) {
+ this.tokenScope = tokenScope;
+ }
+
+ public String getOwner() {
+ return owner;
+ }
+
+ public void setOwner(String owner) {
+ this.owner = owner;
+ }
+
+ public String getGrantType() {
+ return grantType;
+ }
+
+ public void setGrantType(String grantType) {
+ this.grantType = grantType;
+ }
+
+ public String getApplicationType() {
+ return applicationType;
+ }
+
+ public void setApplicationType(String applicationType) {
+ this.applicationType = applicationType;
+ }
+
+}
\ No newline at end of file
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenIssuerService.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenIssuerService.java
new file mode 100755
index 00000000000..86eae76471c
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenIssuerService.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
+
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * This hold the api definition that is used as a contract with netflix feign.
+ */
+@Path("/token")
+public interface TokenIssuerService {
+
+ @POST
+ @Produces(MediaType.APPLICATION_JSON)
+ AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
+ @QueryParam("password") String password, @QueryParam("scope") String scope);
+
+ @POST
+ @Produces(MediaType.APPLICATION_JSON)
+ AccessTokenInfo getRefreshToken(@QueryParam("grant_type") String grantType,
+ @QueryParam("refreshToken") String refreshToken);
+}
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/src/main/resources/publisher/src/components/Overview/PublisherOverview.jsx b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenRevokeService.java
similarity index 52%
rename from components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/src/main/resources/publisher/src/components/Overview/PublisherOverview.jsx
rename to components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenRevokeService.java
index c5ba536d067..331d24d333a 100644
--- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.ui/src/main/resources/publisher/src/components/Overview/PublisherOverview.jsx
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/java/org/wso2/carbon/device/application/mgt/auth/handler/util/dto/TokenRevokeService.java
@@ -11,39 +11,25 @@
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
+ * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
-import React, {Component} from 'react';
-import DataTable from '../UIComponents/DataTable';
-/**
- *
- * ***NEW***
- * The Publisher overview component.
- * This component could be used to view app analytics.
- * i.e number of overall downloads, ratings ect.
- * */
-class PublisherOverview extends Component {
-
- constructor() {
- super();
- }
+package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
- componentWillMount() {
- }
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.Response;
- render() {
-
- return (
+/**
+ * Api definition for token revoke that will be used as Feign contract.
+ * */
+@Path("/revoke")
+public interface TokenRevokeService {
-
- Overview
+ @POST
+ Response revoke(@QueryParam("token")String accessToken);
-
- );
- }
}
-
-export default PublisherOverview;
\ No newline at end of file
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/permissions.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/permissions.xml
new file mode 100644
index 00000000000..4fe224af469
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/permissions.xml
@@ -0,0 +1,35 @@
+
+
+
+
+
+
+
+
+
+
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/webapp-classloading.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/webapp-classloading.xml
new file mode 100644
index 00000000000..ed2ed216247
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/META-INF/webapp-classloading.xml
@@ -0,0 +1,35 @@
+
+
+
+
+
+
+
+
+ false
+
+
+ CXF,Carbon
+
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/cxf-servlet.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/cxf-servlet.xml
new file mode 100644
index 00000000000..64efa8991d9
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/cxf-servlet.xml
@@ -0,0 +1,38 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/web.xml b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 00000000000..52559eead94
--- /dev/null
+++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.authhandler/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,115 @@
+
+
+
+ Application Management Auth Webapp
+
+ JAX-WS/JAX-RS Application Management Endpoint
+ JAX-WS/JAX-RS Servlet
+ CXFServlet
+
+ org.apache.cxf.transport.servlet.CXFServlet
+
+
+
+ CXFServlet
+ /*
+
+
+ 60
+
+
+ doAuthentication
+ false
+
+
+
+
+ managed-api-enabled
+ false
+
+
+ managed-api-owner
+ admin
+
+
+ isSharedWithAllTenants
+ true
+
+
+
+ CorsFilter
+ org.apache.catalina.filters.CorsFilter
+
+ cors.allowed.origins
+ *
+
+
+ cors.allowed.methods
+ GET,POST,DELETE,PUT
+
+
+ cors.allowed.headers
+ Content-Type
+
+
+
+
+ HttpHeaderSecurityFilter
+ org.apache.catalina.filters.HttpHeaderSecurityFilter
+
+ hstsEnabled
+ false
+
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter
+
+ patterns
+ text/html" ,application/json" ,text/plain
+
+
+ filterAction
+ enforce
+
+
+ httpHeaders
+ Cache-Control: no-store, no-cache, must-revalidate, private
+
+
+
+
+ HttpHeaderSecurityFilter
+ /*
+
+
+
+ ContentTypeBasedCachePreventionFilter
+ /*
+
+
+
+ CorsFilter
+ /*
+
+
+
\ No newline at end of file
diff --git a/components/application-mgt/pom.xml b/components/application-mgt/pom.xml
index 61523a4ba9f..5b7f9cad9d9 100644
--- a/components/application-mgt/pom.xml
+++ b/components/application-mgt/pom.xml
@@ -38,6 +38,7 @@
org.wso2.carbon.device.application.mgt.common
org.wso2.carbon.device.application.mgt.api
org.wso2.carbon.device.application.mgt.publisher.ui
+ org.wso2.carbon.device.application.mgt.authhandler
diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/pom.xml b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/pom.xml
new file mode 100644
index 00000000000..06e460a5911
--- /dev/null
+++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/pom.xml
@@ -0,0 +1,120 @@
+
+
+
+
+ org.wso2.carbon.devicemgt
+ application-mgt-feature
+ 3.0.46-SNAPSHOT
+
+
+ 4.0.0
+ org.wso2.carbon.device.application.mgt.auth.handler.feature
+ 3.0.46-SNAPSHOT
+ pom
+ WSO2 Carbon - Application Management Authentication Handler Feature
+ This feature contains the Authentication Handler implementation for Publisher and Store.
+ http://wso2.org
+
+
+
+
+ org.apache.maven.plugins
+ maven-dependency-plugin
+
+
+ copy
+ package
+
+ copy
+
+
+
+
+ org.wso2.carbon.devicemgt
+ org.wso2.carbon.device.application.mgt.authhandler
+
+ ${project.version}
+ war
+ true
+
+ ${project.build.directory}/maven-shared-archive-resources/webapps
+
+ auth#application-mgt#v1.0.war
+
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-resources-plugin
+
+
+ copy-resources
+ generate-resources
+
+ copy-resources
+
+
+ src/main/resources
+
+
+ resources
+
+ build.properties
+ p2.inf
+
+
+
+
+
+
+
+
+ org.wso2.maven
+ carbon-p2-plugin
+
+
+ p2-feature-generation
+ package
+
+ p2-feature-gen
+
+
+ org.wso2.carbon.device.application.mgt.auth.handler
+ ../../../features/etc/feature.properties
+
+
+
+ org.wso2.carbon.p2.category.type:server
+
+ org.eclipse.equinox.p2.type.group:false
+
+
+
+
+
+
+
+
+
+
diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/build.properties b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/build.properties
new file mode 100644
index 00000000000..9c86577d768
--- /dev/null
+++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/build.properties
@@ -0,0 +1 @@
+custom = true
diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/p2.inf b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/p2.inf
new file mode 100644
index 00000000000..8cc8bbdfd5e
--- /dev/null
+++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.auth.handler.feature/src/main/resources/p2.inf
@@ -0,0 +1,3 @@
+instructions.configure = \
+org.eclipse.equinox.p2.touchpoint.natives.mkdir(path:${installFolder}/../../deployment/server/webapps/);\
+org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.application.mgt.auth.handler_${feature.version}/webapps/auth#application-mgt#v1.0.war,target:${installFolder}/../../deployment/server/webapps/auth#application-mgt#v1.0.war,overwrite:true);\
\ No newline at end of file
diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.feature/pom.xml b/features/application-mgt/org.wso2.carbon.device.application.mgt.feature/pom.xml
index 913e58579a5..76e3387876e 100644
--- a/features/application-mgt/org.wso2.carbon.device.application.mgt.feature/pom.xml
+++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.feature/pom.xml
@@ -42,7 +42,7 @@
org.wso2.carbon.devicemgt
- org.wso2.carbon.device.application.mgt.ui.feature
+ org.wso2.carbon.device.application.mgt.publisher.ui.feature
zip
diff --git a/features/application-mgt/pom.xml b/features/application-mgt/pom.xml
index f70cb75863b..878b9f5a0cd 100644
--- a/features/application-mgt/pom.xml
+++ b/features/application-mgt/pom.xml
@@ -35,6 +35,7 @@
org.wso2.carbon.device.application.mgt.api.feature
+ org.wso2.carbon.device.application.mgt.auth.handler.feature
org.wso2.carbon.device.application.mgt.feature