forked from community/device-mgt-plugins
commit
1ff609d819
@ -0,0 +1,178 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client;
|
||||
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
import feign.auth.BasicAuthRequestInterceptor;
|
||||
import feign.gson.GsonDecoder;
|
||||
import feign.gson.GsonEncoder;
|
||||
import feign.jaxrs.JAXRSContract;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.AccessTokenInfo;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.ApiApplicationKey;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.ApiApplicationRegistrationService;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.ApiRegistrationProfile;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.TokenIssuerService;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.Properties;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.Property;
|
||||
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.WebsocketConfig;
|
||||
|
||||
/**
|
||||
* This is a request interceptor to add oauth token header.
|
||||
*/
|
||||
public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
|
||||
private AccessTokenInfo tokenInfo;
|
||||
private long refreshTimeOffset;
|
||||
private static final String API_APPLICATION_REGISTRATION_CONTEXT = "/api-application-registration";
|
||||
private static final String DEVICE_MANAGEMENT_SERVICE_TAG[] = {"device_management"};
|
||||
private static final String APPLICATION_NAME = "websocket-app";
|
||||
private static final String PASSWORD_GRANT_TYPE = "password";
|
||||
private static final String REFRESH_GRANT_TYPE = "refresh_token";
|
||||
private ApiApplicationRegistrationService apiApplicationRegistrationService;
|
||||
private TokenIssuerService tokenIssuerService;
|
||||
|
||||
private static Log logger = LogFactory.getLog(OAuthRequestInterceptor.class);
|
||||
|
||||
private static final String CONNECTION_USERNAME = "username";
|
||||
private static final String CONNECTION_PASSWORD = "password";
|
||||
private static final String TOKEN_ENDPOINT = "tokenEndpoint";
|
||||
private static final String TOKEN_REFRESH_TIME_OFFSET = "tokenRefreshTimeOffset";
|
||||
private static final String DEVICE_MGT_SERVER_URL = "deviceMgtServerUrl";
|
||||
private static String username;
|
||||
private static String password;
|
||||
private static String tokenEndpoint;
|
||||
private static String deviceMgtServerUrl;
|
||||
|
||||
/**
|
||||
* Creates an interceptor that authenticates all requests.
|
||||
*/
|
||||
public OAuthRequestInterceptor() {
|
||||
Properties properties =
|
||||
WebsocketConfig.getInstance().getWebsocketValidationConfigs().getAuthorizer().getProperties();
|
||||
deviceMgtServerUrl = getDeviceMgtServerUrl(properties);
|
||||
refreshTimeOffset = getRefreshTimeOffset(properties);
|
||||
username = getUsername(properties);
|
||||
password = getPassword(properties);
|
||||
tokenEndpoint = getTokenEndpoint(properties);
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
deviceMgtServerUrl + API_APPLICATION_REGISTRATION_CONTEXT);
|
||||
}
|
||||
@Override
|
||||
public void apply(RequestTemplate template) {
|
||||
if (tokenInfo == null) {
|
||||
//had to do on demand initialization due to start up error.
|
||||
ApiRegistrationProfile apiRegistrationProfile = new ApiRegistrationProfile();
|
||||
apiRegistrationProfile.setApplicationName(APPLICATION_NAME);
|
||||
apiRegistrationProfile.setIsAllowedToAllDomains(false);
|
||||
apiRegistrationProfile.setIsMappingAnExistingOAuthApp(false);
|
||||
apiRegistrationProfile.setTags(DEVICE_MANAGEMENT_SERVICE_TAG);
|
||||
ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile);
|
||||
String consumerKey = apiApplicationKey.getConsumerKey();
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class, tokenEndpoint);
|
||||
tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
|
||||
tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
|
||||
}
|
||||
if (System.currentTimeMillis() + refreshTimeOffset > tokenInfo.getExpires_in()) {
|
||||
tokenInfo = tokenIssuerService.getToken(REFRESH_GRANT_TYPE, tokenInfo.getRefresh_token());
|
||||
tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
|
||||
}
|
||||
String headerValue = "Bearer " + tokenInfo.getAccess_token();
|
||||
template.header("Authorization", headerValue);
|
||||
}
|
||||
|
||||
private String getUsername(Properties properties) {
|
||||
String username = null;
|
||||
for (Property property : properties.getProperty()) {
|
||||
if (property.getName().equals(CONNECTION_USERNAME)) {
|
||||
username = property.getValue();
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (username == null || username.isEmpty()) {
|
||||
logger.error("username can't be empty ");
|
||||
}
|
||||
return username;
|
||||
}
|
||||
|
||||
private String getPassword(Properties properties) {
|
||||
String password = null;
|
||||
for (Property property : properties.getProperty()) {
|
||||
if (property.getName().equals(CONNECTION_PASSWORD)) {
|
||||
password = property.getValue();
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (password == null || password.isEmpty()) {
|
||||
logger.error("password can't be empty ");
|
||||
}
|
||||
return password;
|
||||
}
|
||||
|
||||
private String getDeviceMgtServerUrl(Properties properties) {
|
||||
String deviceMgtServerUrl = null;
|
||||
for (Property property : properties.getProperty()) {
|
||||
if (property.getName().equals(DEVICE_MGT_SERVER_URL)) {
|
||||
deviceMgtServerUrl = property.getValue();
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (deviceMgtServerUrl == null || deviceMgtServerUrl.isEmpty()) {
|
||||
logger.error("deviceMgtServerUrl can't be empty ");
|
||||
}
|
||||
return deviceMgtServerUrl;
|
||||
}
|
||||
|
||||
private String getTokenEndpoint(Properties properties) {
|
||||
String tokenEndpoint = null;
|
||||
for (Property property : properties.getProperty()) {
|
||||
if (property.getName().equals(TOKEN_ENDPOINT)) {
|
||||
tokenEndpoint = property.getValue();
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (tokenEndpoint == null || tokenEndpoint.isEmpty()) {
|
||||
logger.error("tokenEndpoint can't be empty ");
|
||||
}
|
||||
return tokenEndpoint;
|
||||
}
|
||||
|
||||
private long getRefreshTimeOffset(Properties properties) {
|
||||
long refreshTimeOffset = 0;
|
||||
try {
|
||||
for (Property property : properties.getProperty()) {
|
||||
if (property.getName().equals(TOKEN_REFRESH_TIME_OFFSET)) {
|
||||
refreshTimeOffset = Long.parseLong(property.getValue());
|
||||
break;
|
||||
}
|
||||
}
|
||||
} catch (NumberFormatException e) {
|
||||
logger.error("refreshTimeOffset should be a number", e);
|
||||
}
|
||||
return refreshTimeOffset;
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This hold access token info that returned from the api call
|
||||
*/
|
||||
public class AccessTokenInfo {
|
||||
public String token_type;
|
||||
public long expires_in;
|
||||
public String refresh_token;
|
||||
public String access_token;
|
||||
|
||||
public String getToken_type() {
|
||||
return token_type;
|
||||
}
|
||||
|
||||
public void setToken_type(String token_type) {
|
||||
this.token_type = token_type;
|
||||
}
|
||||
|
||||
public long getExpires_in() {
|
||||
return expires_in;
|
||||
}
|
||||
|
||||
public void setExpires_in(long expires_in) {
|
||||
this.expires_in = expires_in;
|
||||
}
|
||||
|
||||
public String getRefresh_token() {
|
||||
return refresh_token;
|
||||
}
|
||||
|
||||
public void setRefresh_token(String refresh_token) {
|
||||
this.refresh_token = refresh_token;
|
||||
}
|
||||
|
||||
public String getAccess_token() {
|
||||
return access_token;
|
||||
}
|
||||
|
||||
public void setAccess_token(String access_token) {
|
||||
this.access_token = access_token;
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This holds api application consumer key and secret.
|
||||
*/
|
||||
public class ApiApplicationKey {
|
||||
private String client_id;
|
||||
private String client_secret;
|
||||
|
||||
public String getConsumerKey() {
|
||||
return this.client_id;
|
||||
}
|
||||
|
||||
public void setClient_id(String consumerKey) {
|
||||
this.client_id = consumerKey;
|
||||
}
|
||||
|
||||
public String getConsumerSecret() {
|
||||
return this.client_secret;
|
||||
}
|
||||
|
||||
public void setClient_secret(String consumerSecret) {
|
||||
this.client_secret = consumerSecret;
|
||||
}
|
||||
}
|
@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
/**
|
||||
* This is the application registration service that exposed for apimApplicationRegistration
|
||||
*/
|
||||
|
||||
@Path("/register")
|
||||
public interface ApiApplicationRegistrationService {
|
||||
|
||||
/**
|
||||
* This method is used to register api application
|
||||
*
|
||||
* @param registrationProfile contains the necessary attributes that are needed in order to register an app.
|
||||
*/
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
ApiApplicationKey register(ApiRegistrationProfile registrationProfile);
|
||||
}
|
@ -0,0 +1,78 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
|
||||
/**
|
||||
* This class represents the data that are required to register
|
||||
* the oauth application.
|
||||
*/
|
||||
public class ApiRegistrationProfile {
|
||||
|
||||
public String applicationName;
|
||||
public String tags[];
|
||||
public boolean isAllowedToAllDomains;
|
||||
public String consumerKey;
|
||||
public String consumerSecret;
|
||||
public boolean isMappingAnExistingOAuthApp;
|
||||
|
||||
public String getApplicationName() {
|
||||
return applicationName;
|
||||
}
|
||||
|
||||
public void setApplicationName(String applicationName) {
|
||||
this.applicationName = applicationName;
|
||||
}
|
||||
|
||||
public String[] getTags() {
|
||||
return tags;
|
||||
}
|
||||
|
||||
public void setTags(String[] tags) {
|
||||
this.tags = tags;
|
||||
}
|
||||
|
||||
public boolean isAllowedToAllDomains() {
|
||||
return isAllowedToAllDomains;
|
||||
}
|
||||
|
||||
public void setIsAllowedToAllDomains(boolean isAllowedToAllDomains) {
|
||||
this.isAllowedToAllDomains = isAllowedToAllDomains;
|
||||
}
|
||||
|
||||
public boolean isMappingAnExistingOAuthApp() {
|
||||
return isMappingAnExistingOAuthApp;
|
||||
}
|
||||
|
||||
public void setIsMappingAnExistingOAuthApp(boolean isMappingAnExistingOAuthApp) {
|
||||
this.isMappingAnExistingOAuthApp = isMappingAnExistingOAuthApp;
|
||||
}
|
||||
|
||||
public String getConsumerKey() {
|
||||
return consumerKey;
|
||||
}
|
||||
|
||||
public void setConsumerKey(String consumerKey) {
|
||||
this.consumerKey = consumerKey;
|
||||
}
|
||||
|
||||
public String getConsumerSecret() {
|
||||
return consumerSecret;
|
||||
}
|
||||
|
||||
public void setConsumerSecret(String consumerSecret) {
|
||||
this.consumerSecret = consumerSecret;
|
||||
}
|
||||
}
|
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* DTO of the authorization request
|
||||
*/
|
||||
public class AuthorizationRequest {
|
||||
|
||||
String tenantDomain;
|
||||
String username;
|
||||
List<DeviceIdentifier> deviceIdentifiers;
|
||||
List<String> permissions;
|
||||
|
||||
public String getTenantDomain() {
|
||||
return tenantDomain;
|
||||
}
|
||||
|
||||
public void setTenantDomain(String tenantDomain) {
|
||||
this.tenantDomain = tenantDomain;
|
||||
}
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
public List<DeviceIdentifier> getDeviceIdentifiers() {
|
||||
return deviceIdentifiers;
|
||||
}
|
||||
|
||||
public void setDeviceIdentifiers(List<DeviceIdentifier> deviceIdentifiers) {
|
||||
this.deviceIdentifiers = deviceIdentifiers;
|
||||
}
|
||||
|
||||
public List<String> getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
public void setPermissions(List<String> permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
}
|
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
@Path("/admin/authorization")
|
||||
/**
|
||||
* This interface provided the definition of the device - user access verification service.
|
||||
*/
|
||||
public interface DeviceAccessAuthorizationAdminService {
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
DeviceAuthorizationResult isAuthorized(AuthorizationRequest authorizationRequest);
|
||||
}
|
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Represents a DeviceAuthorizationResult including a list of authorized devices and a list of unauthorized devices.
|
||||
*/
|
||||
public class DeviceAuthorizationResult {
|
||||
|
||||
private List<DeviceIdentifier> authorizedDevices = new ArrayList<>();
|
||||
private List<DeviceIdentifier> unauthorizedDevices = new ArrayList<>();
|
||||
|
||||
public List<DeviceIdentifier> getAuthorizedDevices() {
|
||||
return authorizedDevices;
|
||||
}
|
||||
|
||||
public void setAuthorizedDevices(List<DeviceIdentifier> authorizedDevices) {
|
||||
this.authorizedDevices = authorizedDevices;
|
||||
}
|
||||
|
||||
public void setUnauthorizedDevices(
|
||||
List<DeviceIdentifier> unauthorizedDevices) {
|
||||
this.unauthorizedDevices = unauthorizedDevices;
|
||||
}
|
||||
|
||||
public void addAuthorizedDevice(DeviceIdentifier deviceIdentifier) {
|
||||
authorizedDevices.add(deviceIdentifier);
|
||||
}
|
||||
|
||||
public List<DeviceIdentifier> getUnauthorizedDevices() {
|
||||
return unauthorizedDevices;
|
||||
}
|
||||
|
||||
public void addUnauthorizedDevice(DeviceIdentifier deviceIdentifier) {
|
||||
unauthorizedDevices.add(deviceIdentifier);
|
||||
}
|
||||
}
|
@ -0,0 +1,51 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* DTO of the device identifier
|
||||
*/
|
||||
public class DeviceIdentifier implements Serializable{
|
||||
|
||||
private String id;
|
||||
private String type;
|
||||
|
||||
public DeviceIdentifier() {}
|
||||
|
||||
public DeviceIdentifier(String id, String type) {
|
||||
this.id = id;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
public String getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public void setType(String type) {
|
||||
this.type = type.toLowerCase();
|
||||
}
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
}
|
||||
}
|
@ -0,0 +1,58 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This class represents an OAuth application populated with necessary data.
|
||||
*/
|
||||
public class OAuthApplicationInfo {
|
||||
|
||||
public String client_id;
|
||||
public String client_name;
|
||||
public String callback_url;
|
||||
public String client_secret;
|
||||
|
||||
public String getClient_id() {
|
||||
return client_id;
|
||||
}
|
||||
|
||||
public void setClient_id(String client_id) {
|
||||
this.client_id = client_id;
|
||||
}
|
||||
|
||||
public String getClient_name() {
|
||||
return client_name;
|
||||
}
|
||||
|
||||
public void setClient_name(String client_name) {
|
||||
this.client_name = client_name;
|
||||
}
|
||||
|
||||
public String getCallback_url() {
|
||||
return callback_url;
|
||||
}
|
||||
|
||||
public void setCallback_url(String callback_url) {
|
||||
this.callback_url = callback_url;
|
||||
}
|
||||
|
||||
public String getClient_secret() {
|
||||
return client_secret;
|
||||
}
|
||||
|
||||
public void setClient_secret(String client_secret) {
|
||||
this.client_secret = client_secret;
|
||||
}
|
||||
}
|
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This holds the data related to registration.
|
||||
*/
|
||||
public class RegisterInfo {
|
||||
|
||||
private boolean isRegistered;
|
||||
private String msg;
|
||||
|
||||
public boolean isRegistered() {
|
||||
return isRegistered;
|
||||
}
|
||||
|
||||
public void setIsRegistered(boolean isRegistered) {
|
||||
this.isRegistered = isRegistered;
|
||||
}
|
||||
|
||||
public String getMsg() {
|
||||
return msg;
|
||||
}
|
||||
|
||||
public void setMsg(String msg) {
|
||||
this.msg = msg;
|
||||
}
|
||||
}
|
@ -0,0 +1,78 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
|
||||
/**
|
||||
* This class represents the data that are required to register
|
||||
* the oauth application.
|
||||
*/
|
||||
public class RegistrationProfile {
|
||||
|
||||
public String callbackUrl;
|
||||
public String clientName;
|
||||
public String tokenScope;
|
||||
public String owner;
|
||||
public String grantType;
|
||||
public String applicationType;
|
||||
|
||||
public String getCallbackUrl() {
|
||||
return callbackUrl;
|
||||
}
|
||||
|
||||
public void setCallbackUrl(String callBackUrl) {
|
||||
this.callbackUrl = callBackUrl;
|
||||
}
|
||||
|
||||
public String getClientName() {
|
||||
return clientName;
|
||||
}
|
||||
|
||||
public void setClientName(String clientName) {
|
||||
this.clientName = clientName;
|
||||
}
|
||||
|
||||
public String getTokenScope() {
|
||||
return tokenScope;
|
||||
}
|
||||
|
||||
public void setTokenScope(String tokenScope) {
|
||||
this.tokenScope = tokenScope;
|
||||
}
|
||||
|
||||
public String getOwner() {
|
||||
return owner;
|
||||
}
|
||||
|
||||
public void setOwner(String owner) {
|
||||
this.owner = owner;
|
||||
}
|
||||
|
||||
public String getGrantType() {
|
||||
return grantType;
|
||||
}
|
||||
|
||||
public void setGrantType(String grantType) {
|
||||
this.grantType = grantType;
|
||||
}
|
||||
|
||||
public String getApplicationType() {
|
||||
return applicationType;
|
||||
}
|
||||
|
||||
public void setApplicationType(String applicationType) {
|
||||
this.applicationType = applicationType;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,52 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
/**
|
||||
* This hold the api defintion that is used as a contract with netflix feign.
|
||||
*/
|
||||
@Path("/token")
|
||||
public interface TokenIssuerService {
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
|
||||
@QueryParam("password") String password);
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("refresh_token") String refreshToken);
|
||||
}
|
@ -0,0 +1,91 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client;
|
||||
|
||||
import feign.Feign;
|
||||
import feign.RequestInterceptor;
|
||||
import feign.RequestTemplate;
|
||||
import feign.auth.BasicAuthRequestInterceptor;
|
||||
import feign.gson.GsonDecoder;
|
||||
import feign.gson.GsonEncoder;
|
||||
import feign.jaxrs.JAXRSContract;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.AccessTokenInfo;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.ApiApplicationKey;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.ApiApplicationRegistrationService;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.ApiRegistrationProfile;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.TokenIssuerService;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfigurationManager;
|
||||
|
||||
/**
|
||||
* This is a request interceptor to add oauth token header.
|
||||
*/
|
||||
public class OAuthRequestInterceptor implements RequestInterceptor {
|
||||
|
||||
private AccessTokenInfo tokenInfo;
|
||||
private long refreshTimeOffset;
|
||||
private static final String API_APPLICATION_REGISTRATION_CONTEXT = "/api-application-registration";
|
||||
private static final String DEVICE_MANAGEMENT_SERVICE_TAG[] = {"device_management"};
|
||||
private static final String APPLICATION_NAME = "mqtt_broker";
|
||||
private static final String PASSWORD_GRANT_TYPE = "password";
|
||||
private static final String REFRESH_GRANT_TYPE = "refresh_token";
|
||||
private ApiApplicationRegistrationService apiApplicationRegistrationService;
|
||||
private TokenIssuerService tokenIssuerService;
|
||||
|
||||
/**
|
||||
* Creates an interceptor that authenticates all requests.
|
||||
*/
|
||||
public OAuthRequestInterceptor() {
|
||||
refreshTimeOffset = AuthorizationConfigurationManager.getInstance().getTokenRefreshTimeOffset();
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUsername();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
apiApplicationRegistrationService = Feign.builder().requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(username, password))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(ApiApplicationRegistrationService.class,
|
||||
AuthorizationConfigurationManager.getInstance().getDeviceMgtServerUrl() +
|
||||
API_APPLICATION_REGISTRATION_CONTEXT);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void apply(RequestTemplate template) {
|
||||
if (tokenInfo == null) {
|
||||
//had to do on demand initialization due to start up error.
|
||||
ApiRegistrationProfile apiRegistrationProfile = new ApiRegistrationProfile();
|
||||
apiRegistrationProfile.setApplicationName(APPLICATION_NAME);
|
||||
apiRegistrationProfile.setIsAllowedToAllDomains(false);
|
||||
apiRegistrationProfile.setIsMappingAnExistingOAuthApp(false);
|
||||
apiRegistrationProfile.setTags(DEVICE_MANAGEMENT_SERVICE_TAG);
|
||||
ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile);
|
||||
String consumerKey = apiApplicationKey.getConsumerKey();
|
||||
String consumerSecret = apiApplicationKey.getConsumerSecret();
|
||||
String username = AuthorizationConfigurationManager.getInstance().getUsername();
|
||||
String password = AuthorizationConfigurationManager.getInstance().getPassword();
|
||||
tokenIssuerService = Feign.builder().requestInterceptor(
|
||||
new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
|
||||
.contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
|
||||
.target(TokenIssuerService.class, AuthorizationConfigurationManager.getInstance().getTokenEndpoint());
|
||||
tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
|
||||
tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
|
||||
}
|
||||
if (System.currentTimeMillis() + refreshTimeOffset > tokenInfo.getExpires_in()) {
|
||||
tokenInfo = tokenIssuerService.getToken(REFRESH_GRANT_TYPE, tokenInfo.getRefresh_token());
|
||||
tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
|
||||
}
|
||||
String headerValue = "Bearer " + tokenInfo.getAccess_token();
|
||||
template.header("Authorization", headerValue);
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This hold access token info that returned from the api call
|
||||
*/
|
||||
public class AccessTokenInfo {
|
||||
public String token_type;
|
||||
public long expires_in;
|
||||
public String refresh_token;
|
||||
public String access_token;
|
||||
|
||||
public String getToken_type() {
|
||||
return token_type;
|
||||
}
|
||||
|
||||
public void setToken_type(String token_type) {
|
||||
this.token_type = token_type;
|
||||
}
|
||||
|
||||
public long getExpires_in() {
|
||||
return expires_in;
|
||||
}
|
||||
|
||||
public void setExpires_in(long expires_in) {
|
||||
this.expires_in = expires_in;
|
||||
}
|
||||
|
||||
public String getRefresh_token() {
|
||||
return refresh_token;
|
||||
}
|
||||
|
||||
public void setRefresh_token(String refresh_token) {
|
||||
this.refresh_token = refresh_token;
|
||||
}
|
||||
|
||||
public String getAccess_token() {
|
||||
return access_token;
|
||||
}
|
||||
|
||||
public void setAccess_token(String access_token) {
|
||||
this.access_token = access_token;
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This holds api application consumer key and secret.
|
||||
*/
|
||||
public class ApiApplicationKey {
|
||||
private String client_id;
|
||||
private String client_secret;
|
||||
|
||||
public String getConsumerKey() {
|
||||
return this.client_id;
|
||||
}
|
||||
|
||||
public void setClient_id(String consumerKey) {
|
||||
this.client_id = consumerKey;
|
||||
}
|
||||
|
||||
public String getConsumerSecret() {
|
||||
return this.client_secret;
|
||||
}
|
||||
|
||||
public void setClient_secret(String consumerSecret) {
|
||||
this.client_secret = consumerSecret;
|
||||
}
|
||||
}
|
@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
/**
|
||||
* This is the application registration service that exposed for apimApplicationRegistration
|
||||
*/
|
||||
|
||||
@Path("/register")
|
||||
public interface ApiApplicationRegistrationService {
|
||||
|
||||
/**
|
||||
* This method is used to register api application
|
||||
*
|
||||
* @param registrationProfile contains the necessary attributes that are needed in order to register an app.
|
||||
*/
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
ApiApplicationKey register(ApiRegistrationProfile registrationProfile);
|
||||
}
|
@ -0,0 +1,78 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
|
||||
/**
|
||||
* This class represents the data that are required to register
|
||||
* the oauth application.
|
||||
*/
|
||||
public class ApiRegistrationProfile {
|
||||
|
||||
public String applicationName;
|
||||
public String tags[];
|
||||
public boolean isAllowedToAllDomains;
|
||||
public String consumerKey;
|
||||
public String consumerSecret;
|
||||
public boolean isMappingAnExistingOAuthApp;
|
||||
|
||||
public String getApplicationName() {
|
||||
return applicationName;
|
||||
}
|
||||
|
||||
public void setApplicationName(String applicationName) {
|
||||
this.applicationName = applicationName;
|
||||
}
|
||||
|
||||
public String[] getTags() {
|
||||
return tags;
|
||||
}
|
||||
|
||||
public void setTags(String[] tags) {
|
||||
this.tags = tags;
|
||||
}
|
||||
|
||||
public boolean isAllowedToAllDomains() {
|
||||
return isAllowedToAllDomains;
|
||||
}
|
||||
|
||||
public void setIsAllowedToAllDomains(boolean isAllowedToAllDomains) {
|
||||
this.isAllowedToAllDomains = isAllowedToAllDomains;
|
||||
}
|
||||
|
||||
public boolean isMappingAnExistingOAuthApp() {
|
||||
return isMappingAnExistingOAuthApp;
|
||||
}
|
||||
|
||||
public void setIsMappingAnExistingOAuthApp(boolean isMappingAnExistingOAuthApp) {
|
||||
this.isMappingAnExistingOAuthApp = isMappingAnExistingOAuthApp;
|
||||
}
|
||||
|
||||
public String getConsumerKey() {
|
||||
return consumerKey;
|
||||
}
|
||||
|
||||
public void setConsumerKey(String consumerKey) {
|
||||
this.consumerKey = consumerKey;
|
||||
}
|
||||
|
||||
public String getConsumerSecret() {
|
||||
return consumerSecret;
|
||||
}
|
||||
|
||||
public void setConsumerSecret(String consumerSecret) {
|
||||
this.consumerSecret = consumerSecret;
|
||||
}
|
||||
}
|
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* DTO of the authorization request
|
||||
*/
|
||||
public class AuthorizationRequest {
|
||||
|
||||
String tenantDomain;
|
||||
String username;
|
||||
List<DeviceIdentifier> deviceIdentifiers;
|
||||
List<String> permissions;
|
||||
|
||||
public String getTenantDomain() {
|
||||
return tenantDomain;
|
||||
}
|
||||
|
||||
public void setTenantDomain(String tenantDomain) {
|
||||
this.tenantDomain = tenantDomain;
|
||||
}
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
public List<DeviceIdentifier> getDeviceIdentifiers() {
|
||||
return deviceIdentifiers;
|
||||
}
|
||||
|
||||
public void setDeviceIdentifiers(List<DeviceIdentifier> deviceIdentifiers) {
|
||||
this.deviceIdentifiers = deviceIdentifiers;
|
||||
}
|
||||
|
||||
public List<String> getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
public void setPermissions(List<String> permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
}
|
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
@Path("/admin/authorization")
|
||||
/**
|
||||
* This interface provided the definition of the device - user access verification service.
|
||||
*/
|
||||
public interface DeviceAccessAuthorizationAdminService {
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
DeviceAuthorizationResult isAuthorized(AuthorizationRequest authorizationRequest);
|
||||
}
|
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Represents a DeviceAuthorizationResult including a list of authorized devices and a list of unauthorized devices.
|
||||
*/
|
||||
public class DeviceAuthorizationResult {
|
||||
|
||||
private List<DeviceIdentifier> authorizedDevices = new ArrayList<>();
|
||||
private List<DeviceIdentifier> unauthorizedDevices = new ArrayList<>();
|
||||
|
||||
public List<DeviceIdentifier> getAuthorizedDevices() {
|
||||
return authorizedDevices;
|
||||
}
|
||||
|
||||
public void setAuthorizedDevices(List<DeviceIdentifier> authorizedDevices) {
|
||||
this.authorizedDevices = authorizedDevices;
|
||||
}
|
||||
|
||||
public void setUnauthorizedDevices(
|
||||
List<DeviceIdentifier> unauthorizedDevices) {
|
||||
this.unauthorizedDevices = unauthorizedDevices;
|
||||
}
|
||||
|
||||
public void addAuthorizedDevice(DeviceIdentifier deviceIdentifier) {
|
||||
authorizedDevices.add(deviceIdentifier);
|
||||
}
|
||||
|
||||
public List<DeviceIdentifier> getUnauthorizedDevices() {
|
||||
return unauthorizedDevices;
|
||||
}
|
||||
|
||||
public void addUnauthorizedDevice(DeviceIdentifier deviceIdentifier) {
|
||||
unauthorizedDevices.add(deviceIdentifier);
|
||||
}
|
||||
}
|
@ -0,0 +1,51 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* DTO of the device identifier
|
||||
*/
|
||||
public class DeviceIdentifier implements Serializable{
|
||||
|
||||
private String id;
|
||||
private String type;
|
||||
|
||||
public DeviceIdentifier() {}
|
||||
|
||||
public DeviceIdentifier(String id, String type) {
|
||||
this.id = id;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
public String getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public void setType(String type) {
|
||||
this.type = type.toLowerCase();
|
||||
}
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
}
|
||||
}
|
@ -0,0 +1,58 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This class represents an OAuth application populated with necessary data.
|
||||
*/
|
||||
public class OAuthApplicationInfo {
|
||||
|
||||
public String client_id;
|
||||
public String client_name;
|
||||
public String callback_url;
|
||||
public String client_secret;
|
||||
|
||||
public String getClient_id() {
|
||||
return client_id;
|
||||
}
|
||||
|
||||
public void setClient_id(String client_id) {
|
||||
this.client_id = client_id;
|
||||
}
|
||||
|
||||
public String getClient_name() {
|
||||
return client_name;
|
||||
}
|
||||
|
||||
public void setClient_name(String client_name) {
|
||||
this.client_name = client_name;
|
||||
}
|
||||
|
||||
public String getCallback_url() {
|
||||
return callback_url;
|
||||
}
|
||||
|
||||
public void setCallback_url(String callback_url) {
|
||||
this.callback_url = callback_url;
|
||||
}
|
||||
|
||||
public String getClient_secret() {
|
||||
return client_secret;
|
||||
}
|
||||
|
||||
public void setClient_secret(String client_secret) {
|
||||
this.client_secret = client_secret;
|
||||
}
|
||||
}
|
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
/**
|
||||
* This holds the data related to registration.
|
||||
*/
|
||||
public class RegisterInfo {
|
||||
|
||||
private boolean isRegistered;
|
||||
private String msg;
|
||||
|
||||
public boolean isRegistered() {
|
||||
return isRegistered;
|
||||
}
|
||||
|
||||
public void setIsRegistered(boolean isRegistered) {
|
||||
this.isRegistered = isRegistered;
|
||||
}
|
||||
|
||||
public String getMsg() {
|
||||
return msg;
|
||||
}
|
||||
|
||||
public void setMsg(String msg) {
|
||||
this.msg = msg;
|
||||
}
|
||||
}
|
@ -0,0 +1,78 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
|
||||
/**
|
||||
* This class represents the data that are required to register
|
||||
* the oauth application.
|
||||
*/
|
||||
public class RegistrationProfile {
|
||||
|
||||
public String callbackUrl;
|
||||
public String clientName;
|
||||
public String tokenScope;
|
||||
public String owner;
|
||||
public String grantType;
|
||||
public String applicationType;
|
||||
|
||||
public String getCallbackUrl() {
|
||||
return callbackUrl;
|
||||
}
|
||||
|
||||
public void setCallbackUrl(String callBackUrl) {
|
||||
this.callbackUrl = callBackUrl;
|
||||
}
|
||||
|
||||
public String getClientName() {
|
||||
return clientName;
|
||||
}
|
||||
|
||||
public void setClientName(String clientName) {
|
||||
this.clientName = clientName;
|
||||
}
|
||||
|
||||
public String getTokenScope() {
|
||||
return tokenScope;
|
||||
}
|
||||
|
||||
public void setTokenScope(String tokenScope) {
|
||||
this.tokenScope = tokenScope;
|
||||
}
|
||||
|
||||
public String getOwner() {
|
||||
return owner;
|
||||
}
|
||||
|
||||
public void setOwner(String owner) {
|
||||
this.owner = owner;
|
||||
}
|
||||
|
||||
public String getGrantType() {
|
||||
return grantType;
|
||||
}
|
||||
|
||||
public void setGrantType(String grantType) {
|
||||
this.grantType = grantType;
|
||||
}
|
||||
|
||||
public String getApplicationType() {
|
||||
return applicationType;
|
||||
}
|
||||
|
||||
public void setApplicationType(String applicationType) {
|
||||
this.applicationType = applicationType;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
|
||||
/**
|
||||
* This hold the api defintion that is used as a contract with netflix feign.
|
||||
*/
|
||||
@Path("/token")
|
||||
public interface TokenIssuerService {
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
|
||||
@QueryParam("password") String password);
|
||||
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("refresh_token") String refreshToken);
|
||||
}
|
@ -0,0 +1,33 @@
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.util;
|
||||
|
||||
public class AuthorizationCacheKey {
|
||||
String tenantDomain;
|
||||
String deviceId;
|
||||
String deviceType;
|
||||
String username;
|
||||
|
||||
public AuthorizationCacheKey(String tenantDomain, String username, String deviceId, String deviceType) {
|
||||
this.username = username;
|
||||
this.tenantDomain = tenantDomain;
|
||||
this.deviceId = deviceId;
|
||||
this.deviceType = deviceType;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
int result = this.deviceType.hashCode();
|
||||
result = 31 * result + ("@" + this.deviceId + "@" + this.tenantDomain + "@" + this.username).hashCode();
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object obj) {
|
||||
return (obj instanceof AuthorizationCacheKey) && deviceType.equals(
|
||||
((AuthorizationCacheKey) obj).deviceType) && tenantDomain.equals(
|
||||
((AuthorizationCacheKey) obj).tenantDomain ) && deviceId.equals(
|
||||
((AuthorizationCacheKey) obj).deviceId) && username.equals(
|
||||
((AuthorizationCacheKey) obj).username);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in new issue