forked from community/device-mgt-core
Merge branch 'master' of https://github.com/wso2/carbon-device-mgt
commit
69ba3e83ea
@ -0,0 +1,60 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.device.mgt.common.permission.mgt;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Custom exception class of Permission related operations.
|
||||||
|
*/
|
||||||
|
public class PermissionManagementException extends Exception {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = -3151279311929070298L;
|
||||||
|
|
||||||
|
private String errorMessage;
|
||||||
|
|
||||||
|
public String getErrorMessage() {
|
||||||
|
return errorMessage;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setErrorMessage(String errorMessage) {
|
||||||
|
this.errorMessage = errorMessage;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagementException(String msg, Exception nestedEx) {
|
||||||
|
super(msg, nestedEx);
|
||||||
|
setErrorMessage(msg);
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagementException(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
setErrorMessage(message);
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagementException(String msg) {
|
||||||
|
super(msg);
|
||||||
|
setErrorMessage(msg);
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagementException() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagementException(Throwable cause) {
|
||||||
|
super(cause);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,47 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.common.permission.mgt;
|
||||||
|
|
||||||
|
import java.util.Properties;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This represents the Permission management functionality which should be implemented by
|
||||||
|
* required PermissionManagers.
|
||||||
|
*/
|
||||||
|
public interface PermissionManagerService {
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @param permission - Permission to be added
|
||||||
|
* @return The status of the operation.
|
||||||
|
* @throws PermissionManagementException If some unusual behaviour is observed while adding the
|
||||||
|
* permission.
|
||||||
|
*/
|
||||||
|
public boolean addPermission(Permission permission) throws PermissionManagementException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @param properties - Properties of the permission to be fetched.
|
||||||
|
* @return The matched Permission object.
|
||||||
|
* @throws PermissionManagementException If some unusual behaviour is observed while fetching the
|
||||||
|
* permission.
|
||||||
|
*/
|
||||||
|
public Permission getPermission(Properties properties) throws PermissionManagementException;
|
||||||
|
|
||||||
|
}
|
@ -1,89 +0,0 @@
|
|||||||
/*
|
|
||||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
|
||||||
*
|
|
||||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
|
||||||
* Version 2.0 (the "License"); you may not use this file except
|
|
||||||
* in compliance with the License.
|
|
||||||
* you may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing,
|
|
||||||
* software distributed under the License is distributed on an
|
|
||||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
||||||
* KIND, either express or implied. See the License for the
|
|
||||||
* specific language governing permissions and limitations
|
|
||||||
* under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.wso2.carbon.device.mgt.core.config.permission;
|
|
||||||
|
|
||||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
|
||||||
|
|
||||||
import javax.xml.bind.JAXBContext;
|
|
||||||
import javax.xml.bind.JAXBException;
|
|
||||||
import javax.xml.bind.Unmarshaller;
|
|
||||||
import java.io.InputStream;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This class will add, update custom permissions defined in permission.xml in webapps.
|
|
||||||
*/
|
|
||||||
public class PermissionManager {
|
|
||||||
|
|
||||||
private static PermissionManager permissionManager;
|
|
||||||
private static PermissionTree permissionTree; // holds the permissions at runtime.
|
|
||||||
|
|
||||||
private PermissionManager() {
|
|
||||||
}
|
|
||||||
|
|
||||||
public static PermissionManager getInstance() {
|
|
||||||
if (permissionManager == null) {
|
|
||||||
synchronized (PermissionManager.class) {
|
|
||||||
if (permissionManager == null) {
|
|
||||||
permissionManager = new PermissionManager();
|
|
||||||
permissionTree = new PermissionTree();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return permissionManager;
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean addPermission(Permission permission) throws DeviceManagementException {
|
|
||||||
permissionTree.addPermission(permission); // adding a permission to the tree
|
|
||||||
try {
|
|
||||||
return PermissionUtils.putPermission(permission);
|
|
||||||
} catch (DeviceManagementException e) {
|
|
||||||
throw new DeviceManagementException("Error occurred while adding the permission : " +
|
|
||||||
permission.getName(), e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean addPermissions(List<Permission> permissions) throws DeviceManagementException {
|
|
||||||
for (Permission permission : permissions) {
|
|
||||||
this.addPermission(permission);
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void initializePermissions(InputStream permissionStream) throws DeviceManagementException {
|
|
||||||
try {
|
|
||||||
if (permissionStream != null) {
|
|
||||||
/* Un-marshaling Device Management configuration */
|
|
||||||
JAXBContext cdmContext = JAXBContext.newInstance(PermissionConfiguration.class);
|
|
||||||
Unmarshaller unmarshaller = cdmContext.createUnmarshaller();
|
|
||||||
PermissionConfiguration permissionConfiguration = (PermissionConfiguration)
|
|
||||||
unmarshaller.unmarshal(permissionStream);
|
|
||||||
if (permissionConfiguration != null && permissionConfiguration.getPermissions() != null) {
|
|
||||||
this.addPermissions(permissionConfiguration.getPermissions());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} catch (JAXBException e) {
|
|
||||||
throw new DeviceManagementException("Error occurred while initializing Data Source config", e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public Permission getPermission(String url, String httpMethod) {
|
|
||||||
return permissionTree.getPermission(url, httpMethod);
|
|
||||||
}
|
|
||||||
}
|
|
@ -0,0 +1,76 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.core.permission.mgt;
|
||||||
|
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Properties;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class will add, update custom permissions defined in permission.xml in webapps and it will
|
||||||
|
* use Registry as the persistence storage.
|
||||||
|
*/
|
||||||
|
public class PermissionManagerServiceImpl implements PermissionManagerService {
|
||||||
|
|
||||||
|
public static final String URL_PROPERTY = "URL";
|
||||||
|
public static final String HTTP_METHOD_PROPERTY = "HTTP_METHOD";
|
||||||
|
private static PermissionManagerServiceImpl registryBasedPermissionManager;
|
||||||
|
private static PermissionTree permissionTree; // holds the permissions at runtime.
|
||||||
|
|
||||||
|
private PermissionManagerServiceImpl() {
|
||||||
|
}
|
||||||
|
|
||||||
|
public static PermissionManagerServiceImpl getInstance() {
|
||||||
|
if (registryBasedPermissionManager == null) {
|
||||||
|
synchronized (PermissionManagerServiceImpl.class) {
|
||||||
|
if (registryBasedPermissionManager == null) {
|
||||||
|
registryBasedPermissionManager = new PermissionManagerServiceImpl();
|
||||||
|
permissionTree = new PermissionTree();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return registryBasedPermissionManager;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean addPermissions(List<Permission> permissions) throws PermissionManagementException {
|
||||||
|
for (Permission permission : permissions) {
|
||||||
|
this.addPermission(permission);
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean addPermission(Permission permission) throws PermissionManagementException {
|
||||||
|
// update the permission path to absolute permission path
|
||||||
|
permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
|
||||||
|
// adding a permission to the tree
|
||||||
|
permissionTree.addPermission(permission);
|
||||||
|
return PermissionUtils.putPermission(permission);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Permission getPermission(Properties properties) throws PermissionManagementException {
|
||||||
|
String url = (String) properties.get(URL_PROPERTY);
|
||||||
|
String httpMethod = (String) properties.get(HTTP_METHOD_PROPERTY);
|
||||||
|
return permissionTree.getPermission(url, httpMethod);
|
||||||
|
}
|
||||||
|
}
|
@ -1,67 +0,0 @@
|
|||||||
/*
|
|
||||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
|
||||||
*
|
|
||||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
|
||||||
* Version 2.0 (the "License"); you may not use this file except
|
|
||||||
* in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing,
|
|
||||||
* software distributed under the License is distributed on an
|
|
||||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
||||||
* KIND, either express or implied. See the License for the
|
|
||||||
* specific language governing permissions and limitations
|
|
||||||
* under the License.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.wso2.carbon.dynamic.client.registration;
|
|
||||||
|
|
||||||
import org.wso2.carbon.base.MultitenantConstants;
|
|
||||||
import org.wso2.carbon.context.CarbonContext;
|
|
||||||
import org.wso2.carbon.dynamic.client.registration.internal.DataHolder;
|
|
||||||
import org.wso2.carbon.user.api.TenantManager;
|
|
||||||
import org.wso2.carbon.user.api.UserStoreException;
|
|
||||||
|
|
||||||
public class DynamicClientRegistrationUtil {
|
|
||||||
|
|
||||||
public static String getTenantDomain() throws DynamicClientRegistrationException {
|
|
||||||
CarbonContext ctx = CarbonContext.getThreadLocalCarbonContext();
|
|
||||||
String tenantDomain = ctx.getTenantDomain();
|
|
||||||
if (tenantDomain != null && !tenantDomain.isEmpty()) {
|
|
||||||
return tenantDomain;
|
|
||||||
}
|
|
||||||
int tenantId = ctx.getTenantId();
|
|
||||||
if (tenantId == MultitenantConstants.INVALID_TENANT_ID) {
|
|
||||||
throw new IllegalStateException("Invalid tenant Id found. This might likely have caused by improper " +
|
|
||||||
"handling of multi-tenancy");
|
|
||||||
}
|
|
||||||
TenantManager tenantManager = DataHolder.getInstance().getTenantManager();
|
|
||||||
try {
|
|
||||||
return tenantManager.getDomain(tenantId);
|
|
||||||
} catch (UserStoreException e) {
|
|
||||||
throw new DynamicClientRegistrationException("Error occurred while retrieving tenant domain from " +
|
|
||||||
"the tenant id derived out of the underlying carbon context", e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public static void validateUsername(String username) {
|
|
||||||
if (username == null || username.isEmpty()) {
|
|
||||||
throw new IllegalArgumentException("Username cannot be null or empty");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public static void validateApplicationName(String applicationName) {
|
|
||||||
if (applicationName == null || applicationName.isEmpty()) {
|
|
||||||
throw new IllegalArgumentException("Application name cannot be null or empty");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public static void validateConsumerKey(String consumerKey) {
|
|
||||||
if (consumerKey == null || consumerKey.isEmpty()) {
|
|
||||||
throw new IllegalArgumentException("Consumer Key cannot be null or empty");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -1,48 +0,0 @@
|
|||||||
/*
|
|
||||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
|
||||||
*
|
|
||||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
|
||||||
* Version 2.0 (the "License"); you may not use this file except
|
|
||||||
* in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing,
|
|
||||||
* software distributed under the License is distributed on an
|
|
||||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
||||||
* KIND, either express or implied. See the License for the
|
|
||||||
* specific language governing permissions and limitations
|
|
||||||
* under the License.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
package org.wso2.carbon.dynamic.client.registration.internal;
|
|
||||||
|
|
||||||
import org.wso2.carbon.user.api.TenantManager;
|
|
||||||
import org.wso2.carbon.user.core.service.RealmService;
|
|
||||||
|
|
||||||
public class DataHolder {
|
|
||||||
|
|
||||||
private RealmService realmService;
|
|
||||||
private static DataHolder thisInstance = new DataHolder();
|
|
||||||
|
|
||||||
private DataHolder() {}
|
|
||||||
|
|
||||||
public static DataHolder getInstance() {
|
|
||||||
return thisInstance;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setRealmService(RealmService realmService) {
|
|
||||||
this.realmService = realmService;
|
|
||||||
}
|
|
||||||
|
|
||||||
public RealmService getRealmService() {
|
|
||||||
return realmService;
|
|
||||||
}
|
|
||||||
|
|
||||||
public TenantManager getTenantManager() {
|
|
||||||
return realmService.getTenantManager();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
0
components/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/ConfigurationServiceImpl.java → components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/ConfigurationServiceImpl.java
0
components/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/ConfigurationServiceImpl.java → components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/ConfigurationServiceImpl.java
0
components/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/RegistrationServiceImpl.java → components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/RegistrationServiceImpl.java
0
components/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/RegistrationServiceImpl.java → components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/RegistrationServiceImpl.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/ApplicationConstants.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/ApplicationConstants.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/ApplicationConstants.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/ApplicationConstants.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationException.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationException.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationException.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationException.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationService.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationService.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationService.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationService.java
@ -0,0 +1,40 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.dynamic.client.registration;
|
||||||
|
|
||||||
|
public class DynamicClientRegistrationUtil {
|
||||||
|
|
||||||
|
public static void validateUsername(String username) {
|
||||||
|
if (username == null || username.isEmpty()) {
|
||||||
|
throw new IllegalArgumentException("Username cannot be null or empty");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void validateApplicationName(String applicationName) {
|
||||||
|
if (applicationName == null || applicationName.isEmpty()) {
|
||||||
|
throw new IllegalArgumentException("Application name cannot be null or empty");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void validateConsumerKey(String consumerKey) {
|
||||||
|
if (consumerKey == null || consumerKey.isEmpty()) {
|
||||||
|
throw new IllegalArgumentException("Consumer Key cannot be null or empty");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/OAuthApplicationInfo.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/OAuthApplicationInfo.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/OAuthApplicationInfo.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/OAuthApplicationInfo.java
21
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java
21
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationImpl.java
35
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationServiceComponent.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationBundleActivator.java
35
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationServiceComponent.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationBundleActivator.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java
50
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicRegistrationManager.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java
50
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicRegistrationManager.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthApp.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthApp.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthApp.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthApp.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthSettings.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthSettings.java
0
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthSettings.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/OAuthSettings.java
10
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientRegistrationDataHolder.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationDataHolder.java
10
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientRegistrationDataHolder.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationDataHolder.java
16
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationServiceComponent.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationServiceComponent.java
16
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationServiceComponent.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationServiceComponent.java
4
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/listner/DynamicClientWebAppDeploymentLifecycleListener.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/listner/DynamicClientWebAppDeploymentLifecycleListener.java
4
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/listner/DynamicClientWebAppDeploymentLifecycleListener.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/listner/DynamicClientWebAppDeploymentLifecycleListener.java
2
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientRegistrationConstants.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationConstants.java
2
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientRegistrationConstants.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationConstants.java
22
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java
22
components/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java → components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java
@ -0,0 +1,84 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
|
||||||
|
<parent>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>identity-extensions</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<artifactId>org.wso2.carbon.device.mgt.oauth.extensions</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<packaging>bundle</packaging>
|
||||||
|
<name>WSO2 Carbon - OAuth Extensions</name>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.identity</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.identity.oauth</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.user.core</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.user.api</artifactId>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.felix</groupId>
|
||||||
|
<artifactId>maven-scr-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.felix</groupId>
|
||||||
|
<artifactId>maven-bundle-plugin</artifactId>
|
||||||
|
<version>1.4.0</version>
|
||||||
|
<extensions>true</extensions>
|
||||||
|
<configuration>
|
||||||
|
<instructions>
|
||||||
|
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
|
||||||
|
<Bundle-Name>${project.artifactId}</Bundle-Name>
|
||||||
|
<Bundle-Version>${carbon.device.mgt.version}</Bundle-Version>
|
||||||
|
<Bundle-Description>OAuth Extensions Bundle</Bundle-Description>
|
||||||
|
<Private-Package>org.wso2.carbon.device.mgt.oauth.extensions.internal</Private-Package>
|
||||||
|
<Export-Package>
|
||||||
|
!org.wso2.carbon.device.mgt.oauth.extensions.internal,
|
||||||
|
org.wso2.carbon.device.mgt.oauth.extensions.handlers.*,
|
||||||
|
org.wso2.carbon.device.mgt.oauth.extensions.validators.*
|
||||||
|
</Export-Package>
|
||||||
|
<DynamicImport-Package>*</DynamicImport-Package>
|
||||||
|
</instructions>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
@ -0,0 +1,64 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.oauth.extensions.handlers;
|
||||||
|
|
||||||
|
import org.wso2.carbon.identity.oauth.callback.AbstractOAuthCallbackHandler;
|
||||||
|
import org.wso2.carbon.identity.oauth.callback.OAuthCallback;
|
||||||
|
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
||||||
|
|
||||||
|
import javax.security.auth.callback.Callback;
|
||||||
|
import javax.security.auth.callback.UnsupportedCallbackException;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class represents a Custom OAuthCallback Handler implementation. This should be implemented
|
||||||
|
* if there's any necessity of custom logic to authorize OAuthCallbacks.
|
||||||
|
*/
|
||||||
|
public class DeviceMgtOAuthCallbackHandler extends AbstractOAuthCallbackHandler {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean canHandle(Callback[] callbacks) throws IdentityOAuth2Exception {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void handle(Callback[] callbacks)
|
||||||
|
throws IOException, UnsupportedCallbackException {
|
||||||
|
if (callbacks != null && callbacks.length > 0){
|
||||||
|
OAuthCallback oauthCallback = (OAuthCallback) callbacks[0];
|
||||||
|
if (OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_AUTHZ.equals(
|
||||||
|
oauthCallback.getCallbackType())){
|
||||||
|
oauthCallback.setAuthorized(true);
|
||||||
|
} else if (OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION_TOKEN.equals(
|
||||||
|
oauthCallback.getCallbackType())){
|
||||||
|
oauthCallback.setAuthorized(true);
|
||||||
|
} else if (OAuthCallback.OAuthCallbackType.SCOPE_VALIDATION_AUTHZ.equals(
|
||||||
|
oauthCallback.getCallbackType())){
|
||||||
|
oauthCallback.setValidScope(true);
|
||||||
|
} else if (OAuthCallback.OAuthCallbackType.SCOPE_VALIDATION_TOKEN.equals(
|
||||||
|
oauthCallback.getCallbackType())){
|
||||||
|
String[] scopes = oauthCallback.getRequestedScope();
|
||||||
|
oauthCallback.setApprovedScope(scopes);
|
||||||
|
oauthCallback.setValidScope(true);
|
||||||
|
//Add the necessary logic if we are doing the scope validation upon token issue
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,139 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.oauth.extensions.internal;
|
||||||
|
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.osgi.service.component.ComponentContext;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
|
||||||
|
import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
|
||||||
|
import org.wso2.carbon.user.core.service.RealmService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @scr.component name="org.wso2.carbon.device.mgt.oauth.extensions" immediate="true"
|
||||||
|
* @scr.reference name="user.realmservice.default"
|
||||||
|
* interface="org.wso2.carbon.user.core.service.RealmService"
|
||||||
|
* cardinality="1..1"
|
||||||
|
* policy="dynamic"
|
||||||
|
* bind="setRealmService"
|
||||||
|
* unbind="unsetRealmService"
|
||||||
|
* @scr.reference name="identity.oauth2.validation.service"
|
||||||
|
* interface="org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService"
|
||||||
|
* cardinality="1..1"
|
||||||
|
* policy="dynamic"
|
||||||
|
* bind="setOAuth2ValidationService"
|
||||||
|
* unbind="unsetOAuth2ValidationService"
|
||||||
|
* @scr.reference name="permission.manager.service"
|
||||||
|
* interface="org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService"
|
||||||
|
* cardinality="1..1"
|
||||||
|
* policy="dynamic"
|
||||||
|
* bind="setPermissionManagerService"
|
||||||
|
* unbind="unsetPermissionManagerService"
|
||||||
|
*/
|
||||||
|
public class OAuthExtensionServiceComponent {
|
||||||
|
|
||||||
|
private static final Log log = LogFactory.getLog(OAuthExtensionServiceComponent.class);
|
||||||
|
|
||||||
|
@SuppressWarnings("unused")
|
||||||
|
protected void activate(ComponentContext componentContext) {
|
||||||
|
if(log.isDebugEnabled()){
|
||||||
|
log.debug("Starting OAuthExtensionBundle");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings("unused")
|
||||||
|
protected void deactivate(ComponentContext componentContext) {
|
||||||
|
if(log.isDebugEnabled()){
|
||||||
|
log.debug("Stopping OAuthExtensionBundle");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets Realm Service.
|
||||||
|
*
|
||||||
|
* @param realmService An instance of RealmService
|
||||||
|
*/
|
||||||
|
protected void setRealmService(RealmService realmService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Setting Realm Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setRealmService(realmService);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Unsets Realm Service.
|
||||||
|
*
|
||||||
|
* @param realmService An instance of RealmService
|
||||||
|
*/
|
||||||
|
protected void unsetRealmService(RealmService realmService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Unsetting Realm Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setRealmService(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets OAuth2TokenValidation Service.
|
||||||
|
*
|
||||||
|
* @param tokenValidationService An instance of OAuth2TokenValidationService
|
||||||
|
*/
|
||||||
|
protected void setOAuth2ValidationService(OAuth2TokenValidationService tokenValidationService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Setting OAuth2TokenValidation Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setoAuth2TokenValidationService(tokenValidationService);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Unsets OAuth2TokenValidation Service.
|
||||||
|
*
|
||||||
|
* @param tokenValidationService An instance of OAuth2TokenValidationService
|
||||||
|
*/
|
||||||
|
protected void unsetOAuth2ValidationService(OAuth2TokenValidationService tokenValidationService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Unsetting OAuth2TokenValidation Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setoAuth2TokenValidationService(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets PermissionManagerService Service.
|
||||||
|
*
|
||||||
|
* @param permissionManagerService An instance of PermissionManagerService
|
||||||
|
*/
|
||||||
|
protected void setPermissionManagerService(PermissionManagerService permissionManagerService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Setting PermissionManager Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setPermissionManagerService(permissionManagerService);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Unsets PermissionManagerService Service.
|
||||||
|
*
|
||||||
|
* @param permissionManagerService An instance of PermissionManagerService
|
||||||
|
*/
|
||||||
|
protected void unsetPermissionManagerService(PermissionManagerService permissionManagerService) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Unsetting PermissionManager Service");
|
||||||
|
}
|
||||||
|
OAuthExtensionsDataHolder.getInstance().setPermissionManagerService(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,75 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.oauth.extensions.internal;
|
||||||
|
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
|
||||||
|
import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
|
||||||
|
import org.wso2.carbon.user.core.service.RealmService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This holds the OSGi service references required for oauth extensions bundle.
|
||||||
|
*/
|
||||||
|
public class OAuthExtensionsDataHolder {
|
||||||
|
|
||||||
|
private RealmService realmService;
|
||||||
|
private OAuth2TokenValidationService oAuth2TokenValidationService;
|
||||||
|
private PermissionManagerService permissionManagerService;
|
||||||
|
|
||||||
|
private static OAuthExtensionsDataHolder thisInstance = new OAuthExtensionsDataHolder();
|
||||||
|
|
||||||
|
private OAuthExtensionsDataHolder() {}
|
||||||
|
|
||||||
|
public static OAuthExtensionsDataHolder getInstance() {
|
||||||
|
return thisInstance;
|
||||||
|
}
|
||||||
|
|
||||||
|
public RealmService getRealmService() {
|
||||||
|
if (realmService == null) {
|
||||||
|
throw new IllegalStateException("Realm service is not initialized properly");
|
||||||
|
}
|
||||||
|
return realmService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRealmService(RealmService realmService) {
|
||||||
|
this.realmService = realmService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public OAuth2TokenValidationService getoAuth2TokenValidationService() {
|
||||||
|
if (oAuth2TokenValidationService == null) {
|
||||||
|
throw new IllegalStateException("OAuth2TokenValidation service is not initialized properly");
|
||||||
|
}
|
||||||
|
return oAuth2TokenValidationService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setoAuth2TokenValidationService(
|
||||||
|
OAuth2TokenValidationService oAuth2TokenValidationService) {
|
||||||
|
this.oAuth2TokenValidationService = oAuth2TokenValidationService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPermissionManagerService(PermissionManagerService permissionManagerService) {
|
||||||
|
this.permissionManagerService = permissionManagerService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionManagerService getPermissionManagerService() {
|
||||||
|
if (permissionManagerService == null) {
|
||||||
|
throw new IllegalStateException("PermissionManager service is not initialized properly");
|
||||||
|
}
|
||||||
|
return permissionManagerService;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,89 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* you may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.wso2.carbon.device.mgt.oauth.extensions.validators;
|
||||||
|
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.wso2.carbon.context.CarbonContext;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
|
||||||
|
import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder;
|
||||||
|
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
||||||
|
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
|
||||||
|
import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeValidator;
|
||||||
|
import org.wso2.carbon.user.api.UserRealm;
|
||||||
|
import org.wso2.carbon.user.api.UserStoreException;
|
||||||
|
|
||||||
|
import java.util.Properties;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Custom OAuth2Token Scope validation implementation for DeviceManagement. This will validate the
|
||||||
|
* user permissions before dispatching the HTTP request to the actual endpoint.
|
||||||
|
*/
|
||||||
|
public class ScopeValidator extends OAuth2ScopeValidator {
|
||||||
|
|
||||||
|
private static final String URL_PROPERTY = "URL";
|
||||||
|
private static final String HTTP_METHOD_PROPERTY = "HTTP_METHOD";
|
||||||
|
|
||||||
|
public static final class PermissionMethod {
|
||||||
|
private PermissionMethod() {
|
||||||
|
throw new AssertionError();
|
||||||
|
}
|
||||||
|
public static final String READ = "read";
|
||||||
|
public static final String WRITE = "write";
|
||||||
|
public static final String DELETE = "delete";
|
||||||
|
public static final String ACTION = "action";
|
||||||
|
}
|
||||||
|
|
||||||
|
private static final Log log = LogFactory.getLog(ScopeValidator.class);
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean validateScope(AccessTokenDO accessTokenDO, String resource)
|
||||||
|
throws IdentityOAuth2Exception {
|
||||||
|
boolean status = false;
|
||||||
|
//Extract the url & http method
|
||||||
|
int idx = resource.lastIndexOf(':');
|
||||||
|
String url = resource.substring(0, idx);
|
||||||
|
String method = resource.substring(++idx, resource.length());
|
||||||
|
|
||||||
|
Properties properties = new Properties();
|
||||||
|
properties.put(ScopeValidator.URL_PROPERTY, url);
|
||||||
|
properties.put(ScopeValidator.HTTP_METHOD_PROPERTY, method);
|
||||||
|
PermissionManagerService permissionManagerService = OAuthExtensionsDataHolder.getInstance().
|
||||||
|
getPermissionManagerService();
|
||||||
|
try {
|
||||||
|
Permission permission = permissionManagerService.getPermission(properties);
|
||||||
|
if((permission != null) && (accessTokenDO.getAuthzUser() != null)) {
|
||||||
|
String username = accessTokenDO.getAuthzUser().getUserName();
|
||||||
|
UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
|
||||||
|
if(userRealm != null && userRealm.getAuthorizationManager() != null){
|
||||||
|
status = userRealm.getAuthorizationManager().isUserAuthorized(username, permission.getPath(),
|
||||||
|
PermissionMethod.READ);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (PermissionManagementException e) {
|
||||||
|
log.error("Error occurred while validating the resource scope for : " + resource +
|
||||||
|
", Msg = " + e.getMessage(), e);
|
||||||
|
} catch (UserStoreException e) {
|
||||||
|
log.error("Error occurred while retrieving user store. " + e.getMessage());
|
||||||
|
}
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,42 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
|
||||||
|
<parent>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>carbon-devicemgt</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<relativePath>../../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>identity-extensions</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>WSO2 Carbon - Dynamic Client Registration Component</name>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
|
||||||
|
<modules>
|
||||||
|
<module>org.wso2.carbon.device.mgt.oauth.extensions</module>
|
||||||
|
<module>dynamic-client-registration</module>
|
||||||
|
</modules>
|
||||||
|
|
||||||
|
</project>
|
@ -0,0 +1,87 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
|
|
||||||
|
<parent>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>oauth-extensions-feature</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<artifactId>org.wso2.carbon.device.mgt.oauth.extensions.feature</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<name>WSO2 Carbon - Device Mgt OAuth Extensions Feature</name>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
<description>This feature contains devicemgt related OAuth extensions</description>
|
||||||
|
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.identity</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.identity.oauth</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.device.mgt.oauth.extensions</artifactId>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.wso2.maven</groupId>
|
||||||
|
<artifactId>carbon-p2-plugin</artifactId>
|
||||||
|
<version>${carbon.p2.plugin.version}</version>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>p2-feature-generation</id>
|
||||||
|
<phase>package</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>p2-feature-gen</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<id>org.wso2.carbon.device.mgt.oauth.extensions</id>
|
||||||
|
<propertiesFile>../../../features/etc/feature.properties</propertiesFile>
|
||||||
|
<adviceFile>
|
||||||
|
<properties>
|
||||||
|
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
|
||||||
|
<propertyDef>org.eclipse.equinox.p2.type.group:false</propertyDef>
|
||||||
|
</properties>
|
||||||
|
</adviceFile>
|
||||||
|
<bundles>
|
||||||
|
<bundleDef>
|
||||||
|
org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.oauth.extensions:${carbon.device.mgt.version}
|
||||||
|
</bundleDef>
|
||||||
|
</bundles>
|
||||||
|
<importFeatures>
|
||||||
|
<importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version}
|
||||||
|
</importFeatureDef>
|
||||||
|
</importFeatures>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
@ -0,0 +1,41 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
|
||||||
|
<parent>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>carbon-devicemgt</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<relativePath>../../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>oauth-extensions-feature</artifactId>
|
||||||
|
<version>0.9.2-SNAPSHOT</version>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>WSO2 Carbon Device Management - OAuth Extensions Feature</name>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
|
||||||
|
<modules>
|
||||||
|
<module>org.wso2.carbon.device.mgt.oauth.extensions.feature</module>
|
||||||
|
</modules>
|
||||||
|
|
||||||
|
</project>
|
Loading…
Reference in new issue