Few changes added after testing with the cluster

4.x.x
ayyoob 9 years ago
parent ebebca8573
commit ba6e202442

@ -34,7 +34,6 @@ import org.wso2.carbon.user.api.UserStoreException;
import javax.ws.rs.DELETE;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
@ -97,7 +96,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication(
jsonStringObject.toJSONString(), registrationProfile.getApplicationName(),
registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(),
ApiApplicationConstants.DEFAULT_TOKEN_TYPE);
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, registrationProfile.getTags());
return Response.status(Response.Status.ACCEPTED).entity("true").build();
} else {
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(

@ -59,8 +59,8 @@ public interface APIManagementProviderService {
* Register existing Oauth application as apim application.
*/
void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, String clientId,
String username, boolean isAllowedAllDomains, String keyType)
throws APIManagerException;
String username, boolean isAllowedAllDomains, String keyType,
String tags[]) throws APIManagerException;
/**
* Remove APIM Application.

@ -35,7 +35,6 @@ import org.wso2.carbon.apimgt.application.extension.exception.APIManagerExceptio
import org.wso2.carbon.apimgt.application.extension.util.APIManagerUtil;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.APIManagerFactory;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
@ -120,8 +119,8 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
@Override
public void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName,
String clientId, String username,
boolean isAllowedAllDomains, String keyType)
throws APIManagerException {
boolean isAllowedAllDomains, String keyType,
String tags[]) throws APIManagerException {
try {
APIManagerUtil.loadTenantRegistry();
APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username);
@ -156,6 +155,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
}
if (retrievedApiApplicationKey != null) {
if (retrievedApiApplicationKey.getConsumerKey().equals(clientId)) {
if (tags != null && tags.length > 0) {
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
}
return;
} else {
throw new APIManagerException("Api application already mapped to another OAuth App");
@ -170,6 +172,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
}
apiConsumer.mapExistingOAuthClient(jsonString, username, clientId, applicationName,
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, allowedDomains);
if (tags != null && tags.length > 0) {
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
}
}
} catch (APIManagementException e) {
throw new APIManagerException(

@ -42,10 +42,6 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
private static final String PARAM_MANAGED_API_ENABLED = "managed-api-enabled";
private static final Log log = LogFactory.getLog(FeatureManagementLifecycleListener.class);
private static final String UNLIMITED = "Unlimited";
public static final String PROPERTY_PROFILE = "profile";
public static final String PROFILE_DT_WORKER = "dtWorker";
public static final String PROFILE_DEFAULT = "default";
@Override
public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
@ -54,11 +50,7 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
ServletContext servletContext = context.getServletContext();
String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED);
boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param);
String profile = System.getProperty(PROPERTY_PROFILE);
if ((profile.equalsIgnoreCase(PROFILE_DT_WORKER) ||
profile.equalsIgnoreCase(PROFILE_DEFAULT)) && isManagedApi) {
if (isManagedApi) {
try {
AnnotationProcessor annotationProcessor = new AnnotationProcessor(context);
Set<String> annotatedAPIClasses = annotationProcessor.scanStandardContext(DeviceType.class.getName());

@ -11,7 +11,7 @@
"enrollmentDir": "/emm-web-agent/enrollment",
"iOSConfigRoot" : "%https.ip%/ios-enrollment/",
"iOSAPIRoot" : "%https.ip%/ios/",
"dynamicClientRegistrationEndPoint" : "%https.ip%/dynamic-client-web/register/",
"dynamicClientRegistrationEndPoint" : "https://localhost:8243/dynamic-client-web/register/",
"adminService":"%https.ip%",
"idPServer":"https://localhost:8243",
"callBackUrl":"%https.ip%/devicemgt_admin",

@ -306,7 +306,7 @@ var backendServiceInvoker = function () {
* @param errorCallback a function to be called if en error is reserved.
*/
publicHTTPClientInvokers.get = function (url, successCallback, errorCallback, contentType, acceptType) {
return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, contentType, acceptType);
return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, null, contentType, acceptType);
};
/**

@ -48,10 +48,6 @@ utility = function () {
PrivilegedCarbonContext.endTenantFlow();
};
publicMethods.getConfigurationService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.iot.service.ConfigurationService');
};
publicMethods.getDeviceManagementService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService');
};

@ -27,16 +27,20 @@ import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
@ -55,7 +59,12 @@ public class JWTAuthenticator implements WebappAuthenticator {
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
private static final String JWT_AUTHENTICATOR = "JWT";
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
private static final String DEFAULT_TRUST_STORE_LOCATION = "Security.TrustStore.Location";
private static final String DEFAULT_TRUST_STORE_PASSWORD = "Security.TrustStore.Password";
private static final Map<String, PublicKey> publicKeyHolder = new HashMap<>();
private Properties properties;
@Override
public void init() {
@ -98,7 +107,31 @@ public class JWTAuthenticator implements WebappAuthenticator {
loadTenantRegistry(tenantId);
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId);
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
publicKey = keyStoreManager.getDefaultPublicKey();
String defaultPublicKey = properties.getProperty("DefaultPublicKey");
if (defaultPublicKey != null && !defaultPublicKey.isEmpty()) {
boolean isDefaultPublicKey = Boolean.parseBoolean(defaultPublicKey);
if (isDefaultPublicKey) {
publicKey = keyStoreManager.getDefaultPublicKey();
} else {
String alias = properties.getProperty("KeyAlias");
if (alias != null && !alias.isEmpty()) {
ServerConfiguration serverConfig = CarbonUtils.getServerConfiguration();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
String trustStorePath = serverConfig.getFirstProperty(DEFAULT_TRUST_STORE_LOCATION);
String trustStorePassword = serverConfig.getFirstProperty(
DEFAULT_TRUST_STORE_PASSWORD);
keyStore.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
publicKey = keyStore.getCertificate(alias).getPublicKey();
} else {
authenticationInfo.setStatus(Status.FAILURE);
return authenticationInfo;
}
}
} else {
publicKey = keyStoreManager.getDefaultPublicKey();
}
} else {
String ksName = tenantDomain.trim().replace('.', '-');
String jksName = ksName + ".jks";
@ -150,17 +183,20 @@ public class JWTAuthenticator implements WebappAuthenticator {
@Override
public void setProperties(Properties properties) {
this.properties = properties;
}
@Override
public Properties getProperties() {
return null;
return properties;
}
@Override
public String getProperty(String name) {
return null;
if (this.properties == null) {
return null;
}
return this.properties.getProperty(name);
}
private static void loadTenantRegistry(int tenantId) throws RegistryException {

@ -19,6 +19,11 @@
<Authenticator>
<Name>JWT</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
<Parameters>
<Parameter Name="DefaultPublicKey">true</Parameter>
<!--KeyAlias is alias of the certificate that is used to sign the JWT token-->
<!-- <Parameter Name="KeyAlias"></Parameter> -->
</Parameters>
</Authenticator>
<Authenticator>
<Name>CertificateAuth</Name>

Loading…
Cancel
Save