Merge branch 'release-2.0.x' of https://github.com/wso2/carbon-device-mgt into release-2.0.x

4.x.x
charitha 8 years ago
commit 3cb13e18a5

@ -37,7 +37,6 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.Arrays;
@ -106,8 +105,13 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
jsonStringObject.put(ApiApplicationConstants.OAUTH_CLIENT_ID, registrationProfile.getConsumerKey());
jsonStringObject.put(ApiApplicationConstants.OAUTH_CLIENT_SECRET,
registrationProfile.getConsumerSecret());
jsonStringObject.put(ApiApplicationConstants.JSONSTRING_VALIDITY_PERIOD_TAG,
ApiApplicationConstants.DEFAULT_VALIDITY_PERIOD);
if (registrationProfile.getValidityPeriod() == 0) {
jsonStringObject.put(ApiApplicationConstants.JSONSTRING_VALIDITY_PERIOD_TAG,
ApiApplicationConstants.DEFAULT_VALIDITY_PERIOD);
} else {
jsonStringObject.put(ApiApplicationConstants.JSONSTRING_VALIDITY_PERIOD_TAG,
registrationProfile.getValidityPeriod());
}
apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication(
jsonStringObject.toJSONString(), registrationProfile.getApplicationName(),
registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(),

@ -41,6 +41,8 @@ public class RegistrationProfile {
private boolean isMappingAnExistingOAuthApp;
private String consumerKey;
private String consumerSecret;
@XmlElement(required = false)
private int validityPeriod;
public String getApplicationName() {
return applicationName;
@ -89,4 +91,12 @@ public class RegistrationProfile {
public void setConsumerSecret(String consumerSecret) {
this.consumerSecret = consumerSecret;
}
public int getValidityPeriod() {
return validityPeriod;
}
public void setValidityPeriod(int validityPeriod) {
this.validityPeriod = validityPeriod;
}
}

@ -60,6 +60,8 @@ var WEB_SERVICE_ADDRESSING_VERSION = 1.0;
var TOKEN_PAIR = "tokenPair";
var ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS = "encodedTenantBasedClientAppCredentials";
var CONTENT_TYPE_IDENTIFIER = "Content-Type";
var ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS = "encodedTenantBasedWebSocketClientCredentials";
var CONTENT_DISPOSITION_IDENTIFIER = "Content-Disposition";
var APPLICATION_JSON = "application/json";
var APPLICATION_ZIP = "application/zip";
@ -76,4 +78,6 @@ var HTTP_CONFLICT = 409;
var HTTP_CREATED = 201;
var CACHED_CREDENTIALS = "tenantBasedCredentials";
var CACHED_CREDENTIALS_FOR_WEBSOCKET_APP = "tenantBasedWebSocketClientCredentials";
var ALLOWED_SCOPES = "scopes";

@ -138,6 +138,63 @@ var utils = function () {
}
};
publicMethods["getTenantBasedWebSocketClientAppCredentials"] = function (username) {
if (!username) {
log.error("{/app/modules/oauth/token-handler-utils.js} Error in retrieving tenant " +
"based client app credentials. No username " +
"as input - getTenantBasedWebSocketClientAppCredentials(x)");
return null;
} else {
//noinspection JSUnresolvedFunction, JSUnresolvedVariable
var tenantDomain = carbon.server.tenantDomain({username: username});
if (!tenantDomain) {
log.error("{/app/modules/oauth/token-handler-utils.js} Error in retrieving tenant " +
"based client application credentials. Unable to obtain a valid tenant domain for provided " +
"username - getTenantBasedWebSocketClientAppCredentials(x, y)");
return null;
} else {
var cachedBasedWebsocketClientAppCredentials = privateMethods.
getCachedBasedWebSocketClientAppCredentials(tenantDomain);
if (cachedBasedWebsocketClientAppCredentials) {
return cachedBasedWebsocketClientAppCredentials;
} else {
var adminUsername = deviceMgtProps["adminUser"];
var adminUserTenantId = deviceMgtProps["adminUserTenantId"];
//claims required for jwtAuthenticator.
var claims = {"http://wso2.org/claims/enduserTenantId": adminUserTenantId,
"http://wso2.org/claims/enduser": adminUsername};
var jwtToken = publicMethods.getJwtToken(adminUsername, claims);
// register a tenant based app at API Manager
var applicationName = "websocket_webapp_" + tenantDomain;
var requestURL = deviceMgtProps["oauthProvider"]["appRegistration"]
["apiManagerClientAppRegistrationServiceURL"] +
"?tenantDomain=" + tenantDomain + "&applicationName=" + applicationName;
var xhr = new XMLHttpRequest();
xhr.open("POST", requestURL, false);
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("X-JWT-Assertion", "" + jwtToken);
xhr.send();
if (xhr["status"] == 201 && xhr["responseText"]) {
var responsePayload = parse(xhr["responseText"]);
var tenantTenantBasedWebsocketClientAppCredentials = {};
tenantTenantBasedWebsocketClientAppCredentials["clientId"] = responsePayload["client_id"];
tenantTenantBasedWebsocketClientAppCredentials["clientSecret"] =
responsePayload["client_secret"];
privateMethods.setCachedBasedWebSocketClientAppCredentials(tenantDomain,
tenantTenantBasedWebsocketClientAppCredentials);
return tenantTenantBasedWebsocketClientAppCredentials;
} else {
log.error("{/app/modules/oauth/token-handler-utils.js} Error in retrieving tenant " +
"based client application credentials from API " +
"Manager - getTenantBasedWebSocketClientAppCredentials(x, y)");
return null;
}
}
}
}
};
privateMethods["setCachedTenantBasedClientAppCredentials"] = function (tenantDomain, clientAppCredentials) {
var cachedTenantBasedClientAppCredentialsMap = application.get(constants["CACHED_CREDENTIALS"]);
if (!cachedTenantBasedClientAppCredentialsMap) {
@ -159,7 +216,32 @@ var utils = function () {
}
};
publicMethods["getTokenPairAndScopesByPasswordGrantType"] = function (username, password, encodedClientAppCredentials, scopes) {
privateMethods["getCachedBasedWebSocketClientAppCredentials"] = function (tenantDomain) {
var cachedBasedWebSocketClientAppCredentialsMap
= application.get(constants["CACHED_CREDENTIALS_FOR_WEBSOCKET_APP"]);
if (!cachedBasedWebSocketClientAppCredentialsMap ||
!cachedBasedWebSocketClientAppCredentialsMap[tenantDomain]) {
return null;
} else {
return cachedBasedWebSocketClientAppCredentialsMap[tenantDomain];
}
};
privateMethods["setCachedBasedWebSocketClientAppCredentials"] = function (tenantDomain, clientAppCredentials) {
var cachedBasedWebSocketClientAppCredentialsMap
= application.get(constants["CACHED_CREDENTIALS_FOR_WEBSOCKET_APP"]);
if (!cachedBasedWebSocketClientAppCredentialsMap) {
cachedBasedWebSocketClientAppCredentialsMap = {};
cachedBasedWebSocketClientAppCredentialsMap[tenantDomain] = clientAppCredentials;
application.put(constants["CACHED_CREDENTIALS_FOR_WEBSOCKET_APP"]
, cachedBasedWebSocketClientAppCredentialsMap);
} else if (!cachedBasedWebSocketClientAppCredentialsMap[tenantDomain]) {
cachedBasedWebSocketClientAppCredentialsMap[tenantDomain] = clientAppCredentials;
}
};
publicMethods["getTokenPairAndScopesByPasswordGrantType"] = function (username, password
, encodedClientAppCredentials, scopes) {
if (!username || !password || !encodedClientAppCredentials || !scopes) {
log.error("{/app/modules/oauth/token-handler-utils.js} Error in retrieving access token by password " +
"grant type. No username, password, encoded client app credentials or scopes are " +

@ -39,6 +39,7 @@ var handlers = function () {
"as input - setupTokenPairByPasswordGrantType(x, y)");
} else {
privateMethods.setUpEncodedTenantBasedClientAppCredentials(username);
privateMethods.setUpEncodedTenantBasedWebSocketClientAppCredentials(username);
var encodedClientAppCredentials = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
if (!encodedClientAppCredentials) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up access token pair by " +
@ -81,6 +82,7 @@ var handlers = function () {
"as input - setupTokenPairByPasswordGrantType(x, y)");
} else {
privateMethods.setUpEncodedTenantBasedClientAppCredentials(username);
privateMethods.setUpEncodedTenantBasedWebSocketClientAppCredentials(username);
var encodedClientAppCredentials = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
if (!encodedClientAppCredentials) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up access token pair " +
@ -168,5 +170,44 @@ var handlers = function () {
}
};
privateMethods["setUpEncodedTenantBasedWebSocketClientAppCredentials"] = function (username) {
if (!username) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up encoded tenant based " +
"client credentials to session context. No username of logged in user is found as " +
"input - setUpEncodedTenantBasedWebSocketClientAppCredentials(x)");
} else {
if (devicemgtProps["apimgt-gateway"]) {
var tenantBasedWebSocketClientAppCredentials
= tokenUtil.getTenantBasedWebSocketClientAppCredentials(username);
if (!tenantBasedWebSocketClientAppCredentials) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up encoded tenant " +
"based client credentials to session context as the server is unable " +
"to obtain such credentials - setUpEncodedTenantBasedWebSocketClientAppCredentials(x)");
} else {
var encodedTenantBasedWebSocketClientAppCredentials =
tokenUtil.encode(tenantBasedWebSocketClientAppCredentials["clientId"] + ":" +
tenantBasedWebSocketClientAppCredentials["clientSecret"]);
// setting up encoded tenant based client credentials to session context.
session.put(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"],
encodedTenantBasedWebSocketClientAppCredentials);
}
} else {
var dynamicClientAppCredentials = tokenUtil.getDynamicClientAppCredentials();
if (!dynamicClientAppCredentials) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up encoded tenant based " +
"client credentials to session context as the server is unable to obtain " +
"dynamic client credentials - setUpEncodedTenantBasedWebSocketClientAppCredentials(x)");
}
var encodedTenantBasedWebSocketClientAppCredentials =
tokenUtil.encode(dynamicClientAppCredentials["clientId"] + ":" +
dynamicClientAppCredentials["clientSecret"]);
// setting up encoded tenant based client credentials to session context.
session.put(constants["ENCODED_TENANT_BASED_WEB_SOCKET_CLIENT_CREDENTIALS"],
encodedTenantBasedWebSocketClientAppCredentials);
}
}
};
return publicMethods;
}();
Loading…
Cancel
Save