Merge pull request #936 from sinthuja/master

Fixing https://github.com/wso2/product-iots/issues/1356
4.x.x
sameeragunarathne 7 years ago committed by GitHub
commit 129ec717b0

@ -22,22 +22,35 @@ import feign.RequestInterceptor;
import org.wso2.carbon.apimgt.integration.client.publisher.PublisherClient; import org.wso2.carbon.apimgt.integration.client.publisher.PublisherClient;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.apimgt.integration.client.store.StoreClient; import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
import java.util.HashMap;
import java.util.Map;
public class IntegrationClientServiceImpl implements IntegrationClientService { public class IntegrationClientServiceImpl implements IntegrationClientService {
private static StoreClient storeClient; private static IntegrationClientServiceImpl instance;
private static PublisherClient publisherClient; private StoreClient storeClient;
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new HashMap<>(); private PublisherClient publisherClient;
private OAuthRequestInterceptor oAuthRequestInterceptor;
public IntegrationClientServiceImpl() { private IntegrationClientServiceImpl() {
RequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor(); oAuthRequestInterceptor = new OAuthRequestInterceptor();
storeClient = new StoreClient(oAuthRequestInterceptor); storeClient = new StoreClient(oAuthRequestInterceptor);
publisherClient = new PublisherClient(oAuthRequestInterceptor); publisherClient = new PublisherClient(oAuthRequestInterceptor);
} }
public static IntegrationClientServiceImpl getInstance() {
if (instance == null) {
synchronized (IntegrationClientService.class) {
if (instance == null) {
instance = new IntegrationClientServiceImpl();
}
}
}
return instance;
}
public void resetUserInfo(String userName, String tenantDomain) {
oAuthRequestInterceptor.removeToken(userName, tenantDomain);
}
@Override @Override
public StoreClient getStoreClient() { public StoreClient getStoreClient() {
return storeClient; return storeClient;
@ -47,8 +60,4 @@ public class IntegrationClientServiceImpl implements IntegrationClientService {
public PublisherClient getPublisherClient() { public PublisherClient getPublisherClient() {
return publisherClient; return publisherClient;
} }
public static Map<String, AccessTokenInfo> getTenantUserTokenMap() {
return tenantUserTokenMap;
}
} }

@ -40,6 +40,7 @@ import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientExceptio
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/** /**
* This is a request interceptor to add oauth token header. * This is a request interceptor to add oauth token header.
@ -55,6 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000; private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000;
private DCRClient dcrClient; private DCRClient dcrClient;
private static OAuthApplication oAuthApplication; private static OAuthApplication oAuthApplication;
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new ConcurrentHashMap<>();
private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class); private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class);
/** /**
@ -88,7 +90,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
username = username + "@" + tenantDomain; username = username + "@" + tenantDomain;
} }
AccessTokenInfo tenantBasedAccessTokenInfo = IntegrationClientServiceImpl.getTenantUserTokenMap().get(username); AccessTokenInfo tenantBasedAccessTokenInfo = tenantUserTokenMap.get(username);
if ((tenantBasedAccessTokenInfo == null || if ((tenantBasedAccessTokenInfo == null ||
((System.currentTimeMillis() + DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS) > ((System.currentTimeMillis() + DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS) >
tenantBasedAccessTokenInfo.getExpiresIn()))) { tenantBasedAccessTokenInfo.getExpiresIn()))) {
@ -96,8 +98,8 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService() JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService()
.getJWTClient(); .getJWTClient();
tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(), tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(),
oAuthApplication.getClientSecret(), username, oAuthApplication.getClientSecret(), username,
REQUIRED_SCOPE); REQUIRED_SCOPE);
tenantBasedAccessTokenInfo.setExpiresIn( tenantBasedAccessTokenInfo.setExpiresIn(
System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000)); System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000));
if (tenantBasedAccessTokenInfo.getScopes() == null) { if (tenantBasedAccessTokenInfo.getScopes() == null) {
@ -105,7 +107,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
} }
if (tenantBasedAccessTokenInfo.getScopes().contains(APIM_SUBSCRIBE_SCOPE)) { if (tenantBasedAccessTokenInfo.getScopes().contains(APIM_SUBSCRIBE_SCOPE)) {
IntegrationClientServiceImpl.getTenantUserTokenMap().put(username, tenantBasedAccessTokenInfo); tenantUserTokenMap.put(username, tenantBasedAccessTokenInfo);
} }
} }
@ -118,4 +120,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
} }
} }
public void removeToken(String username, String tenantDomain) {
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
username = username + "@" + tenantDomain;
}
tenantUserTokenMap.remove(username);
}
} }

@ -49,7 +49,7 @@ public class APIIntegrationClientServiceComponent {
/* Initializing webapp publisher configuration */ /* Initializing webapp publisher configuration */
APIMConfigReader.init(); APIMConfigReader.init();
BundleContext bundleContext = componentContext.getBundleContext(); BundleContext bundleContext = componentContext.getBundleContext();
bundleContext.registerService(IntegrationClientService.class.getName(), new IntegrationClientServiceImpl(), null); bundleContext.registerService(IntegrationClientService.class.getName(), IntegrationClientServiceImpl.getInstance(), null);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("apimgt client bundle has been successfully initialized"); log.debug("apimgt client bundle has been successfully initialized");

@ -26,6 +26,9 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
*/ */
public interface IntegrationClientService { public interface IntegrationClientService {
void resetUserInfo(String username, String tenantDomain);
/** /**
* *
* @return API Store Client. * @return API Store Client.

@ -177,6 +177,11 @@
<artifactId>org.wso2.carbon.device.mgt.extensions</artifactId> <artifactId>org.wso2.carbon.device.mgt.extensions</artifactId>
<scope>provided</scope> <scope>provided</scope>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.apimgt.integration.client</artifactId>
<scope>provided</scope>
</dependency>
<dependency> <dependency>
<groupId>org.wso2.carbon.devicemgt</groupId> <groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId> <artifactId>org.wso2.carbon.device.mgt.core</artifactId>

@ -20,8 +20,6 @@ package org.wso2.carbon.device.mgt.jaxrs.util;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.integration.client.IntegrationClientServiceImpl;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -56,7 +54,7 @@ public class CredentialManagementResponseBuilder {
RequestValidationUtil.validateCredentials(credentials); RequestValidationUtil.validateCredentials(credentials);
if (!validateCredential(credentials.getNewPassword())) { if (!validateCredential(credentials.getNewPassword())) {
String errorMsg = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration() String errorMsg = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration()
.getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG); .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG);
return Response.status(Response.Status.BAD_REQUEST).entity( return Response.status(Response.Status.BAD_REQUEST).entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build();
} }
@ -66,9 +64,8 @@ public class CredentialManagementResponseBuilder {
username = CarbonContext.getThreadLocalCarbonContext().getUsername(); username = CarbonContext.getThreadLocalCarbonContext().getUsername();
userStoreManager.updateCredential(username, credentials.getNewPassword(), userStoreManager.updateCredential(username, credentials.getNewPassword(),
credentials.getOldPassword()); credentials.getOldPassword());
IntegrationClientServiceImpl integrationClientService = (IntegrationClientServiceImpl) PrivilegedCarbonContext. DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username,
getThreadLocalCarbonContext().getOSGiService(IntegrationClientService.class, null); PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
integrationClientService.getTenantUserTokenMap().remove(username);
return Response.status(Response.Status.OK).entity("UserImpl password by username: " + return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
username + " was successfully changed.").build(); username + " was successfully changed.").build();
} catch (UserStoreException e) { } catch (UserStoreException e) {
@ -111,6 +108,8 @@ public class CredentialManagementResponseBuilder {
new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build();
} }
userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword()); userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword());
DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username,
PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
return Response.status(Response.Status.OK).entity("UserImpl password by username: " + return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
username + " was successfully changed.").build(); username + " was successfully changed.").build();
} catch (UserStoreException e) { } catch (UserStoreException e) {

@ -29,6 +29,7 @@ import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.analytics.stream.persistence.stub.EventStreamPersistenceAdminServiceStub; import org.wso2.carbon.analytics.stream.persistence.stub.EventStreamPersistenceAdminServiceStub;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.base.ServerConfiguration; import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.analytics.api.AnalyticsDataAPI; import org.wso2.carbon.analytics.api.AnalyticsDataAPI;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
@ -128,6 +129,8 @@ public class DeviceMgtAPIUtils {
private static KeyStore trustStore; private static KeyStore trustStore;
private static char[] keyStorePassword; private static char[] keyStorePassword;
private static IntegrationClientService integrationClientService;
static { static {
String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password"); String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty( String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty(
@ -297,6 +300,23 @@ public class DeviceMgtAPIUtils {
return realmService; return realmService;
} }
public static IntegrationClientService getIntegrationClientService() {
if (integrationClientService == null) {
synchronized (DeviceMgtAPIUtils.class) {
if (integrationClientService == null) {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
integrationClientService = (IntegrationClientService) ctx.getOSGiService(IntegrationClientService.class, null);
if (integrationClientService == null) {
String msg = "IntegrationClientService is not initialized";
log.error(msg);
throw new IllegalStateException(msg);
}
}
}
}
return integrationClientService;
}
public static RegistryService getRegistryService() { public static RegistryService getRegistryService() {
RegistryService registryService; RegistryService registryService;
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
@ -459,7 +479,7 @@ public class DeviceMgtAPIUtils {
return realmService.getTenantManager().getTenantId(tenantDomain); return realmService.getTenantManager().getTenantId(tenantDomain);
} catch (UserStoreException e) { } catch (UserStoreException e) {
throw new DeviceManagementException("Error occured while trying to " + throw new DeviceManagementException("Error occured while trying to " +
"obtain tenant id of currently logged in user"); "obtain tenant id of currently logged in user");
} }
} }
@ -513,8 +533,8 @@ public class DeviceMgtAPIUtils {
streamOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); streamOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
streamOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER streamOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
, new Protocol(DEFAULT_HTTP_PROTOCOL , new Protocol(DEFAULT_HTTP_PROTOCOL
, (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
, Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
eventStreamAdminServiceStub._getServiceClient().setOptions(streamOptions); eventStreamAdminServiceStub._getServiceClient().setOptions(streamOptions);
return eventStreamAdminServiceStub; return eventStreamAdminServiceStub;
} }
@ -544,8 +564,8 @@ public class DeviceMgtAPIUtils {
eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
, new Protocol(DEFAULT_HTTP_PROTOCOL , new Protocol(DEFAULT_HTTP_PROTOCOL
, (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
, Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
receiverAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); receiverAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
return receiverAdminServiceStub; return receiverAdminServiceStub;
@ -576,8 +596,8 @@ public class DeviceMgtAPIUtils {
eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
, new Protocol(DEFAULT_HTTP_PROTOCOL , new Protocol(DEFAULT_HTTP_PROTOCOL
, (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
, Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
eventPublisherAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); eventPublisherAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
return eventPublisherAdminServiceStub; return eventPublisherAdminServiceStub;
} }
@ -608,8 +628,8 @@ public class DeviceMgtAPIUtils {
eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
, new Protocol(DEFAULT_HTTP_PROTOCOL , new Protocol(DEFAULT_HTTP_PROTOCOL
, (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
, Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
eventStreamPersistenceAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); eventStreamPersistenceAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
return eventStreamPersistenceAdminServiceStub; return eventStreamPersistenceAdminServiceStub;
@ -617,6 +637,7 @@ public class DeviceMgtAPIUtils {
/** /**
* This method is used to create the Cache that holds the event definition of the device type.. * This method is used to create the Cache that holds the event definition of the device type..
*
* @return Cachemanager * @return Cachemanager
*/ */
public static synchronized Cache<String, EventAttributeList> getDynamicEventCache() { public static synchronized Cache<String, EventAttributeList> getDynamicEventCache() {
@ -669,7 +690,7 @@ public class DeviceMgtAPIUtils {
* Initializes the SSL Context * Initializes the SSL Context
*/ */
private static void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException, private static void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
KeyStoreException, KeyManagementException { KeyStoreException, KeyManagementException {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
keyManagerFactory.init(keyStore, keyStorePassword); keyManagerFactory.init(keyStore, keyStorePassword);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);

Loading…
Cancel
Save