hasuniea 9 years ago
commit 53f4dc7ae5

@ -107,15 +107,8 @@ public class RegistryBasedLicenseManager implements LicenseManager {
@Override @Override
public void addLicense(final String deviceType, final License license) throws LicenseManagementException { public void addLicense(final String deviceType, final License license) throws LicenseManagementException {
try { try {
GenericArtifact artifact = this.getGenericArtifact(deviceType, license.getLanguage()); GenericArtifact artifact =
if (artifact != null) { artifactManager.newGovernanceArtifact(new QName("http://www.wso2.com", deviceType));
if (log.isDebugEnabled()) {
log.debug("Generic artifact is null for '" + deviceType + "' device type. Hence license does not " +
"have content");
}
return;
}
artifact = artifactManager.newGovernanceArtifact(new QName("http://www.wso2.com", deviceType));
artifact.setAttribute(DeviceManagementConstants.LicenseProperties.NAME, license.getName()); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.NAME, license.getName());
artifact.setAttribute(DeviceManagementConstants.LicenseProperties.VERSION, license.getVersion()); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.VERSION, license.getVersion());
artifact.setAttribute(DeviceManagementConstants.LicenseProperties.PROVIDER, license.getProvider()); artifact.setAttribute(DeviceManagementConstants.LicenseProperties.PROVIDER, license.getProvider());

@ -87,34 +87,16 @@
<instructions> <instructions>
<Bundle-SymbolicName>${pom.artifactId}</Bundle-SymbolicName> <Bundle-SymbolicName>${pom.artifactId}</Bundle-SymbolicName>
<Bundle-Name>${pom.artifactId}</Bundle-Name> <Bundle-Name>${pom.artifactId}</Bundle-Name>
<Bundle-Version>${carbon.device.mgt.version}</Bundle-Version>
<Bundle-Description>Identity backend Bundle</Bundle-Description>
<Bundle-Activator>org.wso2.carbon.identity.authenticator.backend.oauth.internal.OauthAuthenticatorServiceComponent</Bundle-Activator>
<Private-Package> <Private-Package>
org.wso2.sample.authenticator.internal org.wso2.org.wso2.carbon.identity.authenticator.backend.oauth.internal
</Private-Package> </Private-Package>
<Export-Package> <Export-Package>
!org.wso2.sample.authenticator.internal, org.wso2.carbon.identity.authenticator.backend.oauth.*
org.wso2.sample.authenticator.*,
</Export-Package> </Export-Package>
<Import-Package>
javax.servlet.http,
org.apache.commons.logging,
org.wso2.carbon.identity.application.authentication.framework.*,
org.wso2.carbon.identity.oauth2,
org.wso2.carbon.identity.oauth2.dto,
org.wso2.carbon.user.core.service,
org.wso2.carbon.utils.multitenancy,
org.apache.axis2.client,
org.apache.axis2.context,
org.apache.axis2.transport.http,
org.apache.commons.httpclient,
org.osgi.framework,
org.osgi.service.component,
org.wso2.carbon.core.security,
org.wso2.carbon.core.services.authentication,
org.wso2.carbon.identity.oauth2.stub,
org.wso2.carbon.identity.oauth2.stub.dto,
org.wso2.carbon.base,
org.wso2.carbon.utils
</Import-Package>
</instructions> </instructions>
</configuration> </configuration>
</plugin> </plugin>

@ -20,24 +20,26 @@ package org.wso2.carbon.identity.authenticator.backend.oauth.internal;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext; import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.wso2.carbon.core.services.authentication.CarbonServerAuthenticator; import org.wso2.carbon.core.services.authentication.CarbonServerAuthenticator;
import org.wso2.carbon.identity.authenticator.backend.oauth.OauthAuthenticator; import org.wso2.carbon.identity.authenticator.backend.oauth.OauthAuthenticator;
/**
* @scr.component component.name="org.wso2.carbon.identity.authenticator.backend.oauth.OauthAuthenticator" immediate="true"
*/
@SuppressWarnings("unused")
public class OauthAuthenticatorServiceComponent {
public class OauthAuthenticatorServiceComponent implements BundleActivator {
private ServiceRegistration pipServiceRegRef;
private static final Log log = LogFactory.getLog(OauthAuthenticatorServiceComponent private static final Log log = LogFactory.getLog(OauthAuthenticatorServiceComponent
.class); .class);
protected void activate(ComponentContext ctxt) { @Override
public void start(BundleContext bundleContext) throws Exception {
log.info("Initiating");
try { try {
OauthAuthenticator oauthAuthenticator = new OauthAuthenticator(); OauthAuthenticator oauthAuthenticator = new OauthAuthenticator();
ctxt.getBundleContext().registerService(CarbonServerAuthenticator.class.getName(), pipServiceRegRef = bundleContext.registerService(CarbonServerAuthenticator.class.getName(),
oauthAuthenticator, null); oauthAuthenticator, null);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("OAuth Authenticator bundle is activated"); log.debug("OAuth Authenticator bundle is activated");
@ -47,10 +49,12 @@ public class OauthAuthenticatorServiceComponent {
} }
} }
protected void deactivate(ComponentContext ctxt) { @Override
public void stop(BundleContext bundleContext) throws Exception {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("OAuth Authenticator bundle is deactivated"); log.debug("OAuth Authenticator bundle is deactivated");
} }
pipServiceRegRef.unregister();
} }
} }

@ -52,12 +52,11 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator"; private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator";
private static final String BASIC = "basic"; private static final String BASIC = "basic";
private static final String LOCAL = "local"; private static final String LOCAL = "local";
private static final String ASSERTION_CONSUMER_URI = "https://localhost:9443/mdm/sso/acs";
private static final String AUDIENCE = "https://null:9443/oauth2/token";
private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class); private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class);
private static final String AUTH_TYPE_OAUTH_2 = "oauth2"; private static final String AUTH_TYPE_OAUTH_2 = "oauth2";
private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret"; private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret";
private static final int STEP_ORDER = 1; private static final int STEP_ORDER = 1;
private static final String OAUTH_VERSION = "OAuth-2.0";
@Override @Override
public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws
@ -122,6 +121,9 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
String grantType = profile.getGrantType(); String grantType = profile.getGrantType();
String callbackUrl = profile.getCallbackUrl(); String callbackUrl = profile.getCallbackUrl();
boolean isSaaSApp = profile.isSaasApp(); boolean isSaaSApp = profile.isSaasApp();
String audience = profile.getAudience();
String assertionConsumerURL = profile.getAssertionConsumerURL();
String recepientValidationURL = profile.getRecepientValidationURL();
if (userId == null || userId.isEmpty()) { if (userId == null || userId.isEmpty()) {
return null; return null;
@ -177,6 +179,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
oAuthConsumerApp.setApplicationName(applicationName); oAuthConsumerApp.setApplicationName(applicationName);
oAuthConsumerApp.setCallbackUrl(callbackUrl); oAuthConsumerApp.setCallbackUrl(callbackUrl);
oAuthConsumerApp.setGrantTypes(grantType); oAuthConsumerApp.setGrantTypes(grantType);
oAuthConsumerApp.setOAuthVersion(OAUTH_VERSION);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Creating OAuth App " + applicationName); log.debug("Creating OAuth App " + applicationName);
} }
@ -216,9 +219,13 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO(); SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO();
samlssoServiceProviderDTO.setIssuer(MDM); samlssoServiceProviderDTO.setIssuer(MDM);
samlssoServiceProviderDTO.setAssertionConsumerUrl(ASSERTION_CONSUMER_URI); samlssoServiceProviderDTO.setAssertionConsumerUrls(new String[] {assertionConsumerURL});
samlssoServiceProviderDTO.setDoSignResponse(true); samlssoServiceProviderDTO.setDoSignResponse(true);
samlssoServiceProviderDTO.setRequestedAudiences(new String[] { AUDIENCE }); samlssoServiceProviderDTO.setRequestedAudiences(new String[] { audience });
samlssoServiceProviderDTO.setDefaultAssertionConsumerUrl(assertionConsumerURL);
samlssoServiceProviderDTO.setRequestedRecipients(new String[] {recepientValidationURL});
samlssoServiceProviderDTO.setDoSignAssertions(true);
SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry()); SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO); configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO);

@ -41,6 +41,34 @@ public class RegistrationProfile {
private String tokenScope; private String tokenScope;
private String grantType; private String grantType;
private boolean saasApp; private boolean saasApp;
private String audience;
public String getRecepientValidationURL() {
return recepientValidationURL;
}
public void setRecepientValidationURL(String recepientValidationURL) {
this.recepientValidationURL = recepientValidationURL;
}
public String getAssertionConsumerURL() {
return assertionConsumerURL;
}
public void setAssertionConsumerURL(String assertionConsumerURL) {
this.assertionConsumerURL = assertionConsumerURL;
}
private String recepientValidationURL;
private String assertionConsumerURL;
public String getAudience() {
return audience;
}
public void setAudience(String audience) {
this.audience = audience;
}
public boolean isSaasApp() { public boolean isSaasApp() {
return saasApp; return saasApp;

@ -32,6 +32,36 @@ public class JaggeryOAuthConfigurationSettings {
private String callbackURL; private String callbackURL;
private String tokenScope; private String tokenScope;
private boolean requireDynamicClientRegistration; private boolean requireDynamicClientRegistration;
private String audience;
private String assertionConsumerURL;
private String recepientValidationURL;
@XmlElement(name = "assertionConsumerURL", required = true)
public String getAssertionConsumerURL() {
return assertionConsumerURL;
}
public void setAssertionConsumerURL(String assertionConsumerURL) {
this.assertionConsumerURL = assertionConsumerURL;
}
@XmlElement(name = "recepientValidationURL", required = true)
public String getRecepientValidationURL() {
return recepientValidationURL;
}
public void setRecepientValidationURL(String recepientValidationURL) {
this.recepientValidationURL = recepientValidationURL;
}
@XmlElement(name = "audience", required = true)
public String getAudience() {
return audience;
}
public void setAudience(String audience) {
this.audience = audience;
}
@XmlElement(name = "saasApp", required = true) @XmlElement(name = "saasApp", required = true)
public boolean isSaasApp() { public boolean isSaasApp() {

@ -52,8 +52,11 @@ public class DynamicClientWebAppRegistrationUtil {
private final static String OAUTH_PARAM_TOKEN_SCOPE = "tokenScope"; private final static String OAUTH_PARAM_TOKEN_SCOPE = "tokenScope";
private final static String OAUTH_PARAM_SAAS_APP = "saasApp"; private final static String OAUTH_PARAM_SAAS_APP = "saasApp";
private final static String OAUTH_PARAM_CALLBACK_URL = "callbackURL"; private final static String OAUTH_PARAM_CALLBACK_URL = "callbackURL";
private final static String AUDIENCE = "audience";
private final static String ASSERTION_CONSUMER_URL = "assertionConsumerURL";
private final static String RECEPIENT_VALIDATION_URL = "recepientValidationURL";
private static final String JAGGERY_APP_OAUTH_CONFIG_PATH = private static final String JAGGERY_APP_OAUTH_CONFIG_PATH =
"config" + File.separator + "oauth.json"; "config" + File.separator + "service-provider.json";
private static final Log log = private static final Log log =
LogFactory.getLog(DynamicClientWebAppRegistrationUtil.class); LogFactory.getLog(DynamicClientWebAppRegistrationUtil.class);
@ -192,6 +195,9 @@ public class DynamicClientWebAppRegistrationUtil {
registrationProfile.setClientName(webAppName); registrationProfile.setClientName(webAppName);
registrationProfile.setSaasApp(jaggeryOAuthConfigurationSettings.isSaasApp()); registrationProfile.setSaasApp(jaggeryOAuthConfigurationSettings.isSaasApp());
registrationProfile.setOwner(DynamicClientWebAppRegistrationUtil.getUserName()); registrationProfile.setOwner(DynamicClientWebAppRegistrationUtil.getUserName());
registrationProfile.setAudience(jaggeryOAuthConfigurationSettings.getAudience());
registrationProfile.setAssertionConsumerURL(jaggeryOAuthConfigurationSettings.getAssertionConsumerURL());
registrationProfile.setRecepientValidationURL(jaggeryOAuthConfigurationSettings.getRecepientValidationURL());
if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) { if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) {
registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL()); registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL());
} else { } else {
@ -244,6 +250,15 @@ public class DynamicClientWebAppRegistrationUtil {
case DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_CALLBACK_URL: case DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_CALLBACK_URL:
jaggeryOAuthConfigurationSettings.setCallbackURL(reader.nextString()); jaggeryOAuthConfigurationSettings.setCallbackURL(reader.nextString());
break; break;
case DynamicClientWebAppRegistrationUtil.AUDIENCE:
jaggeryOAuthConfigurationSettings.setAudience(reader.nextString());
break;
case DynamicClientWebAppRegistrationUtil.ASSERTION_CONSUMER_URL:
jaggeryOAuthConfigurationSettings.setAssertionConsumerURL(reader.nextString());
break;
case DynamicClientWebAppRegistrationUtil.RECEPIENT_VALIDATION_URL:
jaggeryOAuthConfigurationSettings.setRecepientValidationURL(reader.nextString());
break;
} }
} }
return jaggeryOAuthConfigurationSettings; return jaggeryOAuthConfigurationSettings;

@ -135,18 +135,52 @@ public class PolicyManagerImpl implements PolicyManager {
try { try {
// Previous policy needs to be obtained before begining the transaction // Previous policy needs to be obtained before begining the transaction
Policy previousPolicy = getPolicy(policy.getId()); Policy previousPolicy = this.getPolicy(policy.getId());
PolicyManagementDAOFactory.beginTransaction(); PolicyManagementDAOFactory.beginTransaction();
// This will keep track of the policies updated. // This will keep track of the policies updated.
policyDAO.recordUpdatedPolicy(policy); policyDAO.recordUpdatedPolicy(policy);
List<ProfileFeature> existingFeaturesList = new ArrayList<>();
List<ProfileFeature> newFeaturesList = new ArrayList<>();
List<String> temp = new ArrayList<>();
List<ProfileFeature> updatedFeatureList = policy.getProfile().getProfileFeaturesList();
List<ProfileFeature> existingProfileFeaturesList = previousPolicy.getProfile().getProfileFeaturesList();
// Checks for the existing features
for (ProfileFeature feature : updatedFeatureList) {
for (ProfileFeature fe : existingProfileFeaturesList) {
if (feature.getFeatureCode().equalsIgnoreCase(fe.getFeatureCode())) {
existingFeaturesList.add(feature);
temp.add(feature.getFeatureCode());
}
}
}
// Checks for the new features
for (ProfileFeature feature : updatedFeatureList) {
if (!temp.contains(feature.getFeatureCode())) {
newFeaturesList.add(feature);
}
}
int profileId = previousPolicy.getProfile().getProfileId();
policy.getProfile().setProfileId(profileId);
policy.setProfileId(profileId);
Timestamp currentTimestamp = new Timestamp(Calendar.getInstance().getTime().getTime());
policy.getProfile().setUpdatedDate(currentTimestamp);
policyDAO.updatePolicy(policy); policyDAO.updatePolicy(policy);
profileDAO.updateProfile(policy.getProfile()); profileDAO.updateProfile(policy.getProfile());
featureDAO.updateProfileFeatures(policy.getProfile().getProfileFeaturesList(), policy.getProfile()
.getProfileId());
policyDAO.deleteAllPolicyRelatedConfigs(policy.getId());
featureDAO.updateProfileFeatures(existingFeaturesList, profileId);
if (!newFeaturesList.isEmpty()) {
featureDAO.addProfileFeatures(newFeaturesList, profileId);
}
policyDAO.deleteAllPolicyRelatedConfigs(policy.getId());
if (policy.getUsers() != null) { if (policy.getUsers() != null) {
@ -478,20 +512,24 @@ public class PolicyManagerImpl implements PolicyManager {
roleNames = policyDAO.getPolicyAppliedRoles(policyId); roleNames = policyDAO.getPolicyAppliedRoles(policyId);
userNames = policyDAO.getPolicyAppliedUsers(policyId); userNames = policyDAO.getPolicyAppliedUsers(policyId);
Profile profile = profileDAO.getProfile(policy.getProfileId());
policy.setProfile(profile); //Profile profile = profileDAO.getProfile(policy.getProfileId());
policy.setRoles(roleNames); policy.setRoles(roleNames);
policy.setUsers(userNames); policy.setUsers(userNames);
} catch (PolicyManagerDAOException e) { } catch (PolicyManagerDAOException e) {
throw new PolicyManagementException("Error occurred while getting the policy related to policy ID (" + throw new PolicyManagementException("Error occurred while getting the policy related to policy ID (" +
policyId + ")", e); policyId + ")", e);
} catch (ProfileManagerDAOException e) { // } catch (ProfileManagerDAOException e) {
throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" + // throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
policyId + ")", e); // policyId + ")", e);
} catch (SQLException e) { } catch (SQLException e) {
throw new PolicyManagementException("Error occurred while opening a connection to the data source", e); throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
// } catch (ProfileManagementException e) {
// throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
// policyId + ")", e);
} finally { } finally {
PolicyManagementDAOFactory.closeConnection(); PolicyManagementDAOFactory.closeConnection();
} }
@ -499,6 +537,20 @@ public class PolicyManagerImpl implements PolicyManager {
// This is done because connection close in below method too. // This is done because connection close in below method too.
deviceList = this.getPolicyAppliedDevicesIds(policyId); deviceList = this.getPolicyAppliedDevicesIds(policyId);
policy.setDevices(deviceList); policy.setDevices(deviceList);
try {
// PolicyManagementDAOFactory.openConnection();
Profile profile = profileManager.getProfile(policy.getProfileId());
policy.setProfile(profile);
} catch (ProfileManagementException e) {
throw new PolicyManagementException("Error occurred while getting the profile related to policy ID (" +
policyId + ")", e);
// } catch (SQLException e) {
// throw new PolicyManagementException("Error occurred while opening a connection to the data source", e);
// } finally {
// PolicyManagementDAOFactory.closeConnection();
}
return policy; return policy;
} }

@ -314,6 +314,11 @@ public class PolicyDAOTestCase extends BasePolicyManagementDAOTest {
users.add("Udara"); users.add("Udara");
users.add("Dileesha"); users.add("Dileesha");
policy.setUsers(users); policy.setUsers(users);
Profile profile2 = ProfileCreator.getProfile3(FeatureCreator.getFeatureList4());
Profile pf = new Profile();
pap.updatePolicy(policy); pap.updatePolicy(policy);
pap.activatePolicy(policy.getId()); pap.activatePolicy(policy.getId());
} }

@ -45,7 +45,6 @@ public class OAuthAuthenticator implements WebappAuthenticator {
private static final String RESOURCE_KEY = "resource"; private static final String RESOURCE_KEY = "resource";
private static APITokenAuthenticator authenticator = new APITokenAuthenticator(); private static APITokenAuthenticator authenticator = new APITokenAuthenticator();
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
@Override @Override
@ -81,8 +80,8 @@ public class OAuthAuthenticator implements WebappAuthenticator {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(Status.CONTINUE);
} }
String apiVersion = tokenizer.nextToken(); String apiVersion = tokenizer.nextToken();
String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod); //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
//String authLevel = "any"; String authLevel = "any";
try { try {
if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) { if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion, AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,

@ -45,6 +45,10 @@
<groupId>org.wso2.carbon.devicemgt</groupId> <groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.oauth.extensions</artifactId> <artifactId>org.wso2.carbon.device.mgt.oauth.extensions</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.identity.authenticator.backend.oauth</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>
@ -73,6 +77,9 @@
<bundleDef> <bundleDef>
org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.oauth.extensions:${carbon.device.mgt.version} org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.oauth.extensions:${carbon.device.mgt.version}
</bundleDef> </bundleDef>
<bundleDef>
org.wso2.carbon.devicemgt:org.wso2.carbon.identity.authenticator.backend.oauth:${carbon.device.mgt.version}
</bundleDef>
</bundles> </bundles>
<importFeatures> <importFeatures>
<importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version} <importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version}

@ -247,6 +247,11 @@
</exclusion> </exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.identity.authenticator.backend.oauth</artifactId>
<version>${carbon.device.mgt.version}</version>
</dependency>
<!-- Device Management dependencies --> <!-- Device Management dependencies -->
<!-- Governance dependencies --> <!-- Governance dependencies -->

Loading…
Cancel
Save