diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java index 7878bcfffdf..6341dc7a229 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java @@ -25,14 +25,32 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient; public class IntegrationClientServiceImpl implements IntegrationClientService { - private static StoreClient storeClient; - private static PublisherClient publisherClient; + private static IntegrationClientServiceImpl instance; + private StoreClient storeClient; + private PublisherClient publisherClient; + private OAuthRequestInterceptor oAuthRequestInterceptor; - public IntegrationClientServiceImpl() { - RequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor(); + private IntegrationClientServiceImpl() { + oAuthRequestInterceptor = new OAuthRequestInterceptor(); storeClient = new StoreClient(oAuthRequestInterceptor); publisherClient = new PublisherClient(oAuthRequestInterceptor); } + + public static IntegrationClientServiceImpl getInstance() { + if (instance == null) { + synchronized (IntegrationClientService.class) { + if (instance == null) { + instance = new IntegrationClientServiceImpl(); + } + } + } + return instance; + } + + public void resetUserInfo(String userName, String tenantDomain) { + oAuthRequestInterceptor.removeToken(userName, tenantDomain); + } + @Override public StoreClient getStoreClient() { return storeClient; diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java index a1ab7d6c736..b4bc9106869 100755 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java @@ -40,6 +40,7 @@ import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientExceptio import java.util.HashMap; import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; /** * This is a request interceptor to add oauth token header. @@ -55,7 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000; private DCRClient dcrClient; private static OAuthApplication oAuthApplication; - private static Map tenantUserTokenMap = new HashMap<>(); + private static Map tenantUserTokenMap = new ConcurrentHashMap<>(); private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class); /** @@ -97,8 +98,8 @@ public class OAuthRequestInterceptor implements RequestInterceptor { JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService() .getJWTClient(); tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(), - oAuthApplication.getClientSecret(), username, - REQUIRED_SCOPE); + oAuthApplication.getClientSecret(), username, + REQUIRED_SCOPE); tenantBasedAccessTokenInfo.setExpiresIn( System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000)); if (tenantBasedAccessTokenInfo.getScopes() == null) { @@ -119,4 +120,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor { } } + public void removeToken(String username, String tenantDomain) { + if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { + username = username + "@" + tenantDomain; + } + tenantUserTokenMap.remove(username); + } + } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java index aaf178b7180..4e09da489fb 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java @@ -49,7 +49,7 @@ public class APIIntegrationClientServiceComponent { /* Initializing webapp publisher configuration */ APIMConfigReader.init(); BundleContext bundleContext = componentContext.getBundleContext(); - bundleContext.registerService(IntegrationClientService.class.getName(), new IntegrationClientServiceImpl(), null); + bundleContext.registerService(IntegrationClientService.class.getName(), IntegrationClientServiceImpl.getInstance(), null); if (log.isDebugEnabled()) { log.debug("apimgt client bundle has been successfully initialized"); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java index 0ac7e4616f5..a98571ef4f1 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java @@ -26,6 +26,9 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient; */ public interface IntegrationClientService { + + void resetUserInfo(String username, String tenantDomain); + /** * * @return API Store Client. diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml index 93f4bc2cf1d..659c8a81bc5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml @@ -177,6 +177,11 @@ org.wso2.carbon.device.mgt.extensions provided + + org.wso2.carbon.devicemgt + org.wso2.carbon.apimgt.integration.client + provided + org.wso2.carbon.devicemgt org.wso2.carbon.device.mgt.core diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java index 7007aa0d3e3..d326802c2a5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java @@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.util; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.context.CarbonContext; +import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.OldPasswordResetWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; @@ -53,7 +54,7 @@ public class CredentialManagementResponseBuilder { RequestValidationUtil.validateCredentials(credentials); if (!validateCredential(credentials.getNewPassword())) { String errorMsg = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration() - .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG); + .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG); return Response.status(Response.Status.BAD_REQUEST).entity( new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); } @@ -63,6 +64,8 @@ public class CredentialManagementResponseBuilder { username = CarbonContext.getThreadLocalCarbonContext().getUsername(); userStoreManager.updateCredential(username, credentials.getNewPassword(), credentials.getOldPassword()); + DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username, + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()); return Response.status(Response.Status.OK).entity("UserImpl password by username: " + username + " was successfully changed.").build(); } catch (UserStoreException e) { @@ -105,6 +108,8 @@ public class CredentialManagementResponseBuilder { new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); } userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword()); + DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username, + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()); return Response.status(Response.Status.OK).entity("UserImpl password by username: " + username + " was successfully changed.").build(); } catch (UserStoreException e) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java index 8b12b4a285a..7ff6953a1d3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java @@ -29,6 +29,7 @@ import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.analytics.stream.persistence.stub.EventStreamPersistenceAdminServiceStub; +import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.base.ServerConfiguration; import org.wso2.carbon.analytics.api.AnalyticsDataAPI; import org.wso2.carbon.context.CarbonContext; @@ -128,6 +129,8 @@ public class DeviceMgtAPIUtils { private static KeyStore trustStore; private static char[] keyStorePassword; + private static IntegrationClientService integrationClientService; + static { String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password"); String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty( @@ -297,6 +300,23 @@ public class DeviceMgtAPIUtils { return realmService; } + public static IntegrationClientService getIntegrationClientService() { + if (integrationClientService == null) { + synchronized (DeviceMgtAPIUtils.class) { + if (integrationClientService == null) { + PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); + integrationClientService = (IntegrationClientService) ctx.getOSGiService(IntegrationClientService.class, null); + if (integrationClientService == null) { + String msg = "IntegrationClientService is not initialized"; + log.error(msg); + throw new IllegalStateException(msg); + } + } + } + } + return integrationClientService; + } + public static RegistryService getRegistryService() { RegistryService registryService; PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); @@ -459,7 +479,7 @@ public class DeviceMgtAPIUtils { return realmService.getTenantManager().getTenantId(tenantDomain); } catch (UserStoreException e) { throw new DeviceManagementException("Error occured while trying to " + - "obtain tenant id of currently logged in user"); + "obtain tenant id of currently logged in user"); } } @@ -513,8 +533,8 @@ public class DeviceMgtAPIUtils { streamOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); streamOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventStreamAdminServiceStub._getServiceClient().setOptions(streamOptions); return eventStreamAdminServiceStub; } @@ -544,8 +564,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); receiverAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return receiverAdminServiceStub; @@ -576,8 +596,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventPublisherAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return eventPublisherAdminServiceStub; } @@ -608,8 +628,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventStreamPersistenceAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return eventStreamPersistenceAdminServiceStub; @@ -617,6 +637,7 @@ public class DeviceMgtAPIUtils { /** * This method is used to create the Cache that holds the event definition of the device type.. + * * @return Cachemanager */ public static synchronized Cache getDynamicEventCache() { @@ -669,7 +690,7 @@ public class DeviceMgtAPIUtils { * Initializes the SSL Context */ private static void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException, - KeyStoreException, KeyManagementException { + KeyStoreException, KeyManagementException { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE); keyManagerFactory.init(keyStore, keyStorePassword); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);