Few changes added after testing with the cluster

4.x.x
ayyoob 9 years ago
parent ebebca8573
commit ba6e202442

@ -34,7 +34,6 @@ import org.wso2.carbon.user.api.UserStoreException;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam; import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
@ -97,7 +96,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication( apiManagementProviderService.registerExistingOAuthApplicationToAPIApplication(
jsonStringObject.toJSONString(), registrationProfile.getApplicationName(), jsonStringObject.toJSONString(), registrationProfile.getApplicationName(),
registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(), registrationProfile.getConsumerKey(), username, registrationProfile.isAllowedToAllDomains(),
ApiApplicationConstants.DEFAULT_TOKEN_TYPE); ApiApplicationConstants.DEFAULT_TOKEN_TYPE, registrationProfile.getTags());
return Response.status(Response.Status.ACCEPTED).entity("true").build(); return Response.status(Response.Status.ACCEPTED).entity("true").build();
} else { } else {
ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys( ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(

@ -59,8 +59,8 @@ public interface APIManagementProviderService {
* Register existing Oauth application as apim application. * Register existing Oauth application as apim application.
*/ */
void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, String clientId, void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, String clientId,
String username, boolean isAllowedAllDomains, String keyType) String username, boolean isAllowedAllDomains, String keyType,
throws APIManagerException; String tags[]) throws APIManagerException;
/** /**
* Remove APIM Application. * Remove APIM Application.

@ -35,7 +35,6 @@ import org.wso2.carbon.apimgt.application.extension.exception.APIManagerExceptio
import org.wso2.carbon.apimgt.application.extension.util.APIManagerUtil; import org.wso2.carbon.apimgt.application.extension.util.APIManagerUtil;
import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.APIManagerFactory; import org.wso2.carbon.apimgt.impl.APIManagerFactory;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants; import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
@ -120,8 +119,8 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
@Override @Override
public void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName, public void registerExistingOAuthApplicationToAPIApplication(String jsonString, String applicationName,
String clientId, String username, String clientId, String username,
boolean isAllowedAllDomains, String keyType) boolean isAllowedAllDomains, String keyType,
throws APIManagerException { String tags[]) throws APIManagerException {
try { try {
APIManagerUtil.loadTenantRegistry(); APIManagerUtil.loadTenantRegistry();
APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username); APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username);
@ -156,6 +155,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
} }
if (retrievedApiApplicationKey != null) { if (retrievedApiApplicationKey != null) {
if (retrievedApiApplicationKey.getConsumerKey().equals(clientId)) { if (retrievedApiApplicationKey.getConsumerKey().equals(clientId)) {
if (tags != null && tags.length > 0) {
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
}
return; return;
} else { } else {
throw new APIManagerException("Api application already mapped to another OAuth App"); throw new APIManagerException("Api application already mapped to another OAuth App");
@ -170,6 +172,9 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
} }
apiConsumer.mapExistingOAuthClient(jsonString, username, clientId, applicationName, apiConsumer.mapExistingOAuthClient(jsonString, username, clientId, applicationName,
ApiApplicationConstants.DEFAULT_TOKEN_TYPE, allowedDomains); ApiApplicationConstants.DEFAULT_TOKEN_TYPE, allowedDomains);
if (tags != null && tags.length > 0) {
createApplicationAndSubscribeToAPIs(applicationName, tags, username);
}
} }
} catch (APIManagementException e) { } catch (APIManagementException e) {
throw new APIManagerException( throw new APIManagerException(

@ -42,10 +42,6 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
private static final String PARAM_MANAGED_API_ENABLED = "managed-api-enabled"; private static final String PARAM_MANAGED_API_ENABLED = "managed-api-enabled";
private static final Log log = LogFactory.getLog(FeatureManagementLifecycleListener.class); private static final Log log = LogFactory.getLog(FeatureManagementLifecycleListener.class);
private static final String UNLIMITED = "Unlimited";
public static final String PROPERTY_PROFILE = "profile";
public static final String PROFILE_DT_WORKER = "dtWorker";
public static final String PROFILE_DEFAULT = "default";
@Override @Override
public void lifecycleEvent(LifecycleEvent lifecycleEvent) { public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
@ -54,11 +50,7 @@ public class FeatureManagementLifecycleListener implements LifecycleListener {
ServletContext servletContext = context.getServletContext(); ServletContext servletContext = context.getServletContext();
String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED); String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED);
boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param); boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param);
if (isManagedApi) {
String profile = System.getProperty(PROPERTY_PROFILE);
if ((profile.equalsIgnoreCase(PROFILE_DT_WORKER) ||
profile.equalsIgnoreCase(PROFILE_DEFAULT)) && isManagedApi) {
try { try {
AnnotationProcessor annotationProcessor = new AnnotationProcessor(context); AnnotationProcessor annotationProcessor = new AnnotationProcessor(context);
Set<String> annotatedAPIClasses = annotationProcessor.scanStandardContext(DeviceType.class.getName()); Set<String> annotatedAPIClasses = annotationProcessor.scanStandardContext(DeviceType.class.getName());

@ -11,7 +11,7 @@
"enrollmentDir": "/emm-web-agent/enrollment", "enrollmentDir": "/emm-web-agent/enrollment",
"iOSConfigRoot" : "%https.ip%/ios-enrollment/", "iOSConfigRoot" : "%https.ip%/ios-enrollment/",
"iOSAPIRoot" : "%https.ip%/ios/", "iOSAPIRoot" : "%https.ip%/ios/",
"dynamicClientRegistrationEndPoint" : "%https.ip%/dynamic-client-web/register/", "dynamicClientRegistrationEndPoint" : "https://localhost:8243/dynamic-client-web/register/",
"adminService":"%https.ip%", "adminService":"%https.ip%",
"idPServer":"https://localhost:8243", "idPServer":"https://localhost:8243",
"callBackUrl":"%https.ip%/devicemgt_admin", "callBackUrl":"%https.ip%/devicemgt_admin",

@ -306,7 +306,7 @@ var backendServiceInvoker = function () {
* @param errorCallback a function to be called if en error is reserved. * @param errorCallback a function to be called if en error is reserved.
*/ */
publicHTTPClientInvokers.get = function (url, successCallback, errorCallback, contentType, acceptType) { publicHTTPClientInvokers.get = function (url, successCallback, errorCallback, contentType, acceptType) {
return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, contentType, acceptType); return privateMethods.initiateHTTPClientRequest(constants.HTTP_GET, url, successCallback, errorCallback, null, contentType, acceptType);
}; };
/** /**

@ -48,10 +48,6 @@ utility = function () {
PrivilegedCarbonContext.endTenantFlow(); PrivilegedCarbonContext.endTenantFlow();
}; };
publicMethods.getConfigurationService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.iot.service.ConfigurationService');
};
publicMethods.getDeviceManagementService = function () { publicMethods.getDeviceManagementService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService'); return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService');
}; };

@ -27,16 +27,20 @@ import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.KeyStoreManager; import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.registry.core.exceptions.RegistryException; import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader; import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager; import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder; import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
import java.text.ParseException; import java.text.ParseException;
@ -55,7 +59,12 @@ public class JWTAuthenticator implements WebappAuthenticator {
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId"; private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
private static final String JWT_AUTHENTICATOR = "JWT"; private static final String JWT_AUTHENTICATOR = "JWT";
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion"; private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
private static final String DEFAULT_TRUST_STORE_LOCATION = "Security.TrustStore.Location";
private static final String DEFAULT_TRUST_STORE_PASSWORD = "Security.TrustStore.Password";
private static final Map<String, PublicKey> publicKeyHolder = new HashMap<>(); private static final Map<String, PublicKey> publicKeyHolder = new HashMap<>();
private Properties properties;
@Override @Override
public void init() { public void init() {
@ -98,7 +107,31 @@ public class JWTAuthenticator implements WebappAuthenticator {
loadTenantRegistry(tenantId); loadTenantRegistry(tenantId);
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId); KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId);
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
publicKey = keyStoreManager.getDefaultPublicKey(); String defaultPublicKey = properties.getProperty("DefaultPublicKey");
if (defaultPublicKey != null && !defaultPublicKey.isEmpty()) {
boolean isDefaultPublicKey = Boolean.parseBoolean(defaultPublicKey);
if (isDefaultPublicKey) {
publicKey = keyStoreManager.getDefaultPublicKey();
} else {
String alias = properties.getProperty("KeyAlias");
if (alias != null && !alias.isEmpty()) {
ServerConfiguration serverConfig = CarbonUtils.getServerConfiguration();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
String trustStorePath = serverConfig.getFirstProperty(DEFAULT_TRUST_STORE_LOCATION);
String trustStorePassword = serverConfig.getFirstProperty(
DEFAULT_TRUST_STORE_PASSWORD);
keyStore.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray());
publicKey = keyStore.getCertificate(alias).getPublicKey();
} else {
authenticationInfo.setStatus(Status.FAILURE);
return authenticationInfo;
}
}
} else {
publicKey = keyStoreManager.getDefaultPublicKey();
}
} else { } else {
String ksName = tenantDomain.trim().replace('.', '-'); String ksName = tenantDomain.trim().replace('.', '-');
String jksName = ksName + ".jks"; String jksName = ksName + ".jks";
@ -150,17 +183,20 @@ public class JWTAuthenticator implements WebappAuthenticator {
@Override @Override
public void setProperties(Properties properties) { public void setProperties(Properties properties) {
this.properties = properties;
} }
@Override @Override
public Properties getProperties() { public Properties getProperties() {
return null; return properties;
} }
@Override @Override
public String getProperty(String name) { public String getProperty(String name) {
return null; if (this.properties == null) {
return null;
}
return this.properties.getProperty(name);
} }
private static void loadTenantRegistry(int tenantId) throws RegistryException { private static void loadTenantRegistry(int tenantId) throws RegistryException {

@ -19,6 +19,11 @@
<Authenticator> <Authenticator>
<Name>JWT</Name> <Name>JWT</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName> <ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
<Parameters>
<Parameter Name="DefaultPublicKey">true</Parameter>
<!--KeyAlias is alias of the certificate that is used to sign the JWT token-->
<!-- <Parameter Name="KeyAlias"></Parameter> -->
</Parameters>
</Authenticator> </Authenticator>
<Authenticator> <Authenticator>
<Name>CertificateAuth</Name> <Name>CertificateAuth</Name>

Loading…
Cancel
Save