From bdb01a0098a6fca849565b608357838470d7b0da Mon Sep 17 00:00:00 2001 From: Amalka Subasinghe Date: Tue, 13 Jul 2021 22:33:18 +0530 Subject: [PATCH 1/2] bug fixing --- .../mgt/core/config/permission/AnnotationProcessor.java | 2 +- .../src/main/resources/jwt.properties | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java index e60b14eee9e..6c680babaa3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java @@ -240,7 +240,7 @@ public class AnnotationProcessor { subCtx = makeContextURLReady(resourceRootContext) + makeContextURLReady(subCtx); } permission.setUrl(replaceDynamicPathVariables(subCtx)); - permission.setUrlPattern(permission.getUrl().replace("*", "[a-zA-Z0-9-_]+")); + permission.setUrlPattern(permission.getUrl().replace("*", "[a-zA-Z0-9-_.]+")); String httpMethod; for (int i = 0; i < annotations.length; i++) { httpMethod = getHTTPMethodAnnotation(annotations[i]); diff --git a/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/src/main/resources/jwt.properties b/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/src/main/resources/jwt.properties index 0c9641fa2da..be3fa54494e 100644 --- a/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/src/main/resources/jwt.properties +++ b/features/jwt-client/org.wso2.carbon.identity.jwt.client.extension.feature/src/main/resources/jwt.properties @@ -17,13 +17,13 @@ # #issuer of the JWT -iss=wso2.org/products/iot +iss=https://localhost:9443/oauth2/token TokenEndpoint=https://${iot.gateway.host}:${iot.gateway.https.port}/token?tenantDomain=carbon.super #audience of JWT claim #comma seperated values -aud=devicemgt +aud=https://localhost:9443/oauth2/token #expiration time of JWT (number of minutes from the current time) exp=1000 From f3720e49ff9a1dc502ef8eab45b48e73aa82a455 Mon Sep 17 00:00:00 2001 From: Amalka Subasinghe Date: Thu, 15 Jul 2021 11:14:20 +0530 Subject: [PATCH 2/2] added scripts and updated config reading --- .../identity/IdentityConfigurations.java | 6 ++- .../keymanager/KeyManagerConfigurations.java | 6 ++- .../mgt/core/util/DeviceManagerUtil.java | 53 +++++++++++++++++++ .../authenticator/framework/Utils/Utils.java | 5 +- .../src/main/resources/conf/cdm-config.xml | 8 +-- .../repository/conf/cdm-config.xml.j2 | 8 +-- .../conf/webapp-authenticator-config.xml | 8 +-- .../etc/webapp-authenticator-config.xml.j2 | 8 +-- 8 files changed, 80 insertions(+), 22 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/identity/IdentityConfigurations.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/identity/IdentityConfigurations.java index fe7a7c7ae68..5e88ed0f777 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/identity/IdentityConfigurations.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/identity/IdentityConfigurations.java @@ -17,6 +17,8 @@ */ package org.wso2.carbon.device.mgt.core.config.identity; +import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; + import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; @@ -31,7 +33,7 @@ public class IdentityConfigurations { @XmlElement(name = "AdminUsername", required = true) public String getAdminUsername() { - return adminUsername; + return DeviceManagerUtil.replaceSystemProperty(adminUsername); } public void setAdminUsername(String adminUsername) { @@ -40,7 +42,7 @@ public class IdentityConfigurations { @XmlElement(name = "AdminPassword", required = true) public String getAdminPassword() { - return adminPassword; + return DeviceManagerUtil.replaceSystemProperty(adminPassword); } public void setAdminPassword(String adminPassword) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/keymanager/KeyManagerConfigurations.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/keymanager/KeyManagerConfigurations.java index b76f932e5b2..8774941acc1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/keymanager/KeyManagerConfigurations.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/keymanager/KeyManagerConfigurations.java @@ -17,6 +17,8 @@ */ package org.wso2.carbon.device.mgt.core.config.keymanager; +import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; + import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; @@ -31,7 +33,7 @@ public class KeyManagerConfigurations { @XmlElement(name = "AdminUsername", required = true) public String getAdminUsername() { - return adminUsername; + return DeviceManagerUtil.replaceSystemProperty(adminUsername); } public void setAdminUsername(String adminUsername) { @@ -40,7 +42,7 @@ public class KeyManagerConfigurations { @XmlElement(name = "AdminPassword", required = true) public String getAdminPassword() { - return adminPassword; + return DeviceManagerUtil.replaceSystemProperty(adminPassword); } public void setAdminPassword(String adminPassword) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java index d13a0bebe0b..51ea9348900 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/util/DeviceManagerUtil.java @@ -96,10 +96,12 @@ import org.wso2.carbon.identity.jwt.client.extension.JWTClient; import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo; import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException; import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService; +import org.wso2.carbon.user.api.RealmConfiguration; import org.wso2.carbon.user.api.TenantManager; import org.wso2.carbon.user.api.UserRealm; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreManager; +import org.wso2.carbon.user.core.config.RealmConfigXMLProcessor; import org.wso2.carbon.utils.CarbonUtils; import org.wso2.carbon.utils.ConfigurationContextService; import org.wso2.carbon.utils.NetworkUtils; @@ -1165,4 +1167,55 @@ public final class DeviceManagerUtil { .getUserStoreManager(); return userStoreManager.getUserClaimValue(username, claimUri, null); } + + public static String replaceSystemProperty(String text) { + + int indexOfStartingChars = -1; + int indexOfClosingBrace; + + // The following condition deals with properties. + // Properties are specified as ${system.property}, + // and are assumed to be System properties + while (indexOfStartingChars < text.indexOf("${") + && (indexOfStartingChars = text.indexOf("${")) != -1 + && (indexOfClosingBrace = text.indexOf('}')) != -1) { // Is a + // property + // used? + String sysProp = text.substring(indexOfStartingChars + 2, + indexOfClosingBrace); + String propValue = System.getProperty(sysProp); + + if (propValue == null) { + if ("carbon.context".equals(sysProp)) { + propValue = DeviceManagementDataHolder.getInstance().getConfigurationContextService() + .getServerConfigContext().getContextRoot(); + } else if ("admin.username".equals(sysProp) || "admin.password".equals(sysProp)) { + try { + RealmConfiguration realmConfig = + new RealmConfigXMLProcessor().buildRealmConfigurationFromFile(); + if ("admin.username".equals(sysProp)) { + propValue = realmConfig.getAdminUserName(); + } else { + propValue = realmConfig.getAdminPassword(); + } + } catch (UserStoreException e) { + // Can't throw an exception because the server is + // starting and can't be halted. + log.error("Unable to build the Realm Configuration", e); + return null; + } + } + } + //Derive original text value with resolved system property value + if (propValue != null) { + text = text.substring(0, indexOfStartingChars) + propValue + + text.substring(indexOfClosingBrace + 1); + } + if ("carbon.home".equals(sysProp) && propValue != null + && ".".equals(propValue)) { + text = new File(".").getAbsolutePath() + File.separator + text; + } + } + return text; + } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java index 52510d5b67d..c3d16672b00 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Utils/Utils.java @@ -21,6 +21,7 @@ package org.wso2.carbon.webapp.authenticator.framework.Utils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; import org.wso2.carbon.user.api.TenantManager; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.core.service.RealmService; @@ -98,12 +99,12 @@ public class Utils { if ((url == null) || (url.isEmpty())) { throw new IllegalArgumentException("OAuth token validation endpoint url is not provided"); } - String adminUsername = properties.getProperty("Username"); + String adminUsername = DeviceManagerUtil.replaceSystemProperty(properties.getProperty("Username")); if (adminUsername == null) { throw new IllegalArgumentException( "Username to connect to the OAuth token validation endpoint is not provided"); } - String adminPassword = properties.getProperty("Password"); + String adminPassword = DeviceManagerUtil.replaceSystemProperty(properties.getProperty("Password")); if (adminPassword == null) { throw new IllegalArgumentException( "Password to connect to the OAuth token validation endpoint is not provided"); diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml index bbbd8511d40..d15901005e5 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml @@ -42,13 +42,13 @@ https://localhost:9443 - admin - admin + ${admin.username} + ${admin.username} https://localhost:9443 - admin - admin + ${admin.username} + ${admin.username} org.wso2.carbon.policy.mgt diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2 b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2 index 214ad3f8a82..78b0fafd8a4 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2 +++ b/features/device-mgt/org.wso2.carbon.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2 @@ -63,8 +63,8 @@ {{device_mgt_conf.identity_conf.admin_password}} {% else %} https://localhost:9443 - admin - admin + ${admin.username} + ${admin.username} {% endif %} @@ -74,8 +74,8 @@ {{device_mgt_conf.key_manager_conf.admin_password}} {% else %} https://localhost:9443 - admin - admin + ${admin.username} + ${admin.username} {% endif %} diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml index dfea5c07ac3..da403d707dc 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml @@ -6,8 +6,8 @@ false https://${iot.keymanager.host}:${iot.keymanager.https.port} - admin - admin + ${admin.username} + ${admin.username} 100 100 @@ -41,8 +41,8 @@ false https://${iot.keymanager.host}:${iot.keymanager.https.port} - admin - admin + ${admin.username} + ${admin.username} 100 100 diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf_templates/templates/repository/conf/etc/webapp-authenticator-config.xml.j2 b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf_templates/templates/repository/conf/etc/webapp-authenticator-config.xml.j2 index 187c9131fe8..42ee60946ae 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf_templates/templates/repository/conf/etc/webapp-authenticator-config.xml.j2 +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf_templates/templates/repository/conf/etc/webapp-authenticator-config.xml.j2 @@ -14,8 +14,8 @@ false https://${iot.keymanager.host}:${iot.keymanager.https.port} - admin - admin + ${admin.username} + ${admin.username} 100 100 @@ -94,8 +94,8 @@ false https://${iot.keymanager.host}:${iot.keymanager.https.port} - admin - admin + ${admin.username} + ${admin.username} 100 100