forked from community/device-mgt-core
Merge branch 'master' of https://github.com/wso2/carbon-device-mgt into scope-impl
mharindu
8 years ago
commit
84090fb16c
@ -0,0 +1,42 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import junit.framework.Assert;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
|
||||
public class CertificateGeneratorTests {
|
||||
|
||||
private static final Log log = LogFactory.getLog(CertificateGeneratorTests.class);
|
||||
|
||||
@Test(expectedExceptions = IllegalArgumentException.class)
|
||||
public void testVerifyNullPEMSignature() {
|
||||
CertificateGenerator certGenerator = new CertificateGenerator();
|
||||
try {
|
||||
certGenerator.verifyPEMSignature(null);
|
||||
} catch (KeystoreException e) {
|
||||
log.error("Error occurred while verifying PEM signature", e);
|
||||
Assert.fail();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
public class KeyGeneratorTests {
|
||||
|
||||
|
||||
|
||||
}
|
||||
@ -1,28 +1,56 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
|
||||
* either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
function onRequest(context) {
|
||||
var userModule = require("/app/modules/user.js").userModule;
|
||||
context.handlebars.registerHelper('equal', function (lvalue, rvalue, options) {
|
||||
if (arguments.length < 3) {
|
||||
throw new Error("Handlebars Helper equal needs 2 parameters");
|
||||
}
|
||||
if (lvalue != rvalue) {
|
||||
return options.inverse(this);
|
||||
} else {
|
||||
return options.fn(this);
|
||||
}
|
||||
});
|
||||
var userModule = require("/app/modules/user.js")["userModule"];
|
||||
var mdmProps = require('/app/conf/reader/main.js')["conf"];
|
||||
var constants = require("/app/modules/constants.js");
|
||||
var carbonUser = session.get(constants.USER_SESSION_KEY);
|
||||
var page_data = {};
|
||||
if (carbonUser){
|
||||
page_data.permissions = userModule.getUIPermissions();
|
||||
}
|
||||
return page_data;
|
||||
var uiPermissions = userModule.getUIPermissions();
|
||||
context["permissions"] = uiPermissions;
|
||||
|
||||
var links = {
|
||||
"user-mgt": [],
|
||||
"role-mgt": [],
|
||||
"policy-mgt": [],
|
||||
"device-mgt": []
|
||||
};
|
||||
|
||||
// following context.link value comes here based on the value passed at the point
|
||||
// where units are attached to a page zone.
|
||||
// eg: {{unit "appbar" pageLink="users" title="User Management"}}
|
||||
context["currentActions"] = links[context["pageLink"]];
|
||||
context["enrollmentURL"] = mdmProps["generalConfig"]["host"] + mdmProps["enrollmentDir"];
|
||||
var isAuthorizedForNotifications =
|
||||
userModule.isAuthorized("/permission/admin/device-mgt/emm-admin/notifications/view");
|
||||
var currentUser = session.get(constants["USER_SESSION_KEY"]);
|
||||
context["isAuthorizedForNotifications"] = isAuthorizedForNotifications;
|
||||
context["currentUser"] = currentUser;
|
||||
context["appContext"] = mdmProps["appContext"];
|
||||
|
||||
return context;
|
||||
}
|
||||
@ -0,0 +1,47 @@
|
||||
//---------------------------------------------------------------------
|
||||
// QRCode for JavaScript
|
||||
//
|
||||
// Copyright (c) 2009 Kazuhiko Arase
|
||||
//
|
||||
// URL: http://www.d-project.com/
|
||||
//
|
||||
// Licensed under the MIT license:
|
||||
// http://www.opensource.org/licenses/mit-license.php
|
||||
//
|
||||
// The word "QR Code" is registered trademark of
|
||||
// DENSO WAVE INCORPORATED
|
||||
// http://www.denso-wave.com/qrcode/faqpatent-e.html
|
||||
//
|
||||
//---------------------------------------------------------------------
|
||||
|
||||
//---------------------------------------------------------------------
|
||||
// QR8bitByte
|
||||
//---------------------------------------------------------------------
|
||||
(function(r){r.fn.qrcode=function(h){var s;function u(a){this.mode=s;this.data=a}function o(a,c){this.typeNumber=a;this.errorCorrectLevel=c;this.modules=null;this.moduleCount=0;this.dataCache=null;this.dataList=[]}function q(a,c){if(void 0==a.length)throw Error(a.length+"/"+c);for(var d=0;d<a.length&&0==a[d];)d++;this.num=Array(a.length-d+c);for(var b=0;b<a.length-d;b++)this.num[b]=a[b+d]}function p(a,c){this.totalCount=a;this.dataCount=c}function t(){this.buffer=[];this.length=0}u.prototype={getLength:function(){return this.data.length},
|
||||
write:function(a){for(var c=0;c<this.data.length;c++)a.put(this.data.charCodeAt(c),8)}};o.prototype={addData:function(a){this.dataList.push(new u(a));this.dataCache=null},isDark:function(a,c){if(0>a||this.moduleCount<=a||0>c||this.moduleCount<=c)throw Error(a+","+c);return this.modules[a][c]},getModuleCount:function(){return this.moduleCount},make:function(){if(1>this.typeNumber){for(var a=1,a=1;40>a;a++){for(var c=p.getRSBlocks(a,this.errorCorrectLevel),d=new t,b=0,e=0;e<c.length;e++)b+=c[e].dataCount;
|
||||
for(e=0;e<this.dataList.length;e++)c=this.dataList[e],d.put(c.mode,4),d.put(c.getLength(),j.getLengthInBits(c.mode,a)),c.write(d);if(d.getLengthInBits()<=8*b)break}this.typeNumber=a}this.makeImpl(!1,this.getBestMaskPattern())},makeImpl:function(a,c){this.moduleCount=4*this.typeNumber+17;this.modules=Array(this.moduleCount);for(var d=0;d<this.moduleCount;d++){this.modules[d]=Array(this.moduleCount);for(var b=0;b<this.moduleCount;b++)this.modules[d][b]=null}this.setupPositionProbePattern(0,0);this.setupPositionProbePattern(this.moduleCount-
|
||||
7,0);this.setupPositionProbePattern(0,this.moduleCount-7);this.setupPositionAdjustPattern();this.setupTimingPattern();this.setupTypeInfo(a,c);7<=this.typeNumber&&this.setupTypeNumber(a);null==this.dataCache&&(this.dataCache=o.createData(this.typeNumber,this.errorCorrectLevel,this.dataList));this.mapData(this.dataCache,c)},setupPositionProbePattern:function(a,c){for(var d=-1;7>=d;d++)if(!(-1>=a+d||this.moduleCount<=a+d))for(var b=-1;7>=b;b++)-1>=c+b||this.moduleCount<=c+b||(this.modules[a+d][c+b]=
|
||||
0<=d&&6>=d&&(0==b||6==b)||0<=b&&6>=b&&(0==d||6==d)||2<=d&&4>=d&&2<=b&&4>=b?!0:!1)},getBestMaskPattern:function(){for(var a=0,c=0,d=0;8>d;d++){this.makeImpl(!0,d);var b=j.getLostPoint(this);if(0==d||a>b)a=b,c=d}return c},createMovieClip:function(a,c,d){a=a.createEmptyMovieClip(c,d);this.make();for(c=0;c<this.modules.length;c++)for(var d=1*c,b=0;b<this.modules[c].length;b++){var e=1*b;this.modules[c][b]&&(a.beginFill(0,100),a.moveTo(e,d),a.lineTo(e+1,d),a.lineTo(e+1,d+1),a.lineTo(e,d+1),a.endFill())}return a},
|
||||
setupTimingPattern:function(){for(var a=8;a<this.moduleCount-8;a++)null==this.modules[a][6]&&(this.modules[a][6]=0==a%2);for(a=8;a<this.moduleCount-8;a++)null==this.modules[6][a]&&(this.modules[6][a]=0==a%2)},setupPositionAdjustPattern:function(){for(var a=j.getPatternPosition(this.typeNumber),c=0;c<a.length;c++)for(var d=0;d<a.length;d++){var b=a[c],e=a[d];if(null==this.modules[b][e])for(var f=-2;2>=f;f++)for(var i=-2;2>=i;i++)this.modules[b+f][e+i]=-2==f||2==f||-2==i||2==i||0==f&&0==i?!0:!1}},setupTypeNumber:function(a){for(var c=
|
||||
j.getBCHTypeNumber(this.typeNumber),d=0;18>d;d++){var b=!a&&1==(c>>d&1);this.modules[Math.floor(d/3)][d%3+this.moduleCount-8-3]=b}for(d=0;18>d;d++)b=!a&&1==(c>>d&1),this.modules[d%3+this.moduleCount-8-3][Math.floor(d/3)]=b},setupTypeInfo:function(a,c){for(var d=j.getBCHTypeInfo(this.errorCorrectLevel<<3|c),b=0;15>b;b++){var e=!a&&1==(d>>b&1);6>b?this.modules[b][8]=e:8>b?this.modules[b+1][8]=e:this.modules[this.moduleCount-15+b][8]=e}for(b=0;15>b;b++)e=!a&&1==(d>>b&1),8>b?this.modules[8][this.moduleCount-
|
||||
b-1]=e:9>b?this.modules[8][15-b-1+1]=e:this.modules[8][15-b-1]=e;this.modules[this.moduleCount-8][8]=!a},mapData:function(a,c){for(var d=-1,b=this.moduleCount-1,e=7,f=0,i=this.moduleCount-1;0<i;i-=2)for(6==i&&i--;;){for(var g=0;2>g;g++)if(null==this.modules[b][i-g]){var n=!1;f<a.length&&(n=1==(a[f]>>>e&1));j.getMask(c,b,i-g)&&(n=!n);this.modules[b][i-g]=n;e--; -1==e&&(f++,e=7)}b+=d;if(0>b||this.moduleCount<=b){b-=d;d=-d;break}}}};o.PAD0=236;o.PAD1=17;o.createData=function(a,c,d){for(var c=p.getRSBlocks(a,
|
||||
c),b=new t,e=0;e<d.length;e++){var f=d[e];b.put(f.mode,4);b.put(f.getLength(),j.getLengthInBits(f.mode,a));f.write(b)}for(e=a=0;e<c.length;e++)a+=c[e].dataCount;if(b.getLengthInBits()>8*a)throw Error("code length overflow. ("+b.getLengthInBits()+">"+8*a+")");for(b.getLengthInBits()+4<=8*a&&b.put(0,4);0!=b.getLengthInBits()%8;)b.putBit(!1);for(;!(b.getLengthInBits()>=8*a);){b.put(o.PAD0,8);if(b.getLengthInBits()>=8*a)break;b.put(o.PAD1,8)}return o.createBytes(b,c)};o.createBytes=function(a,c){for(var d=
|
||||
0,b=0,e=0,f=Array(c.length),i=Array(c.length),g=0;g<c.length;g++){var n=c[g].dataCount,h=c[g].totalCount-n,b=Math.max(b,n),e=Math.max(e,h);f[g]=Array(n);for(var k=0;k<f[g].length;k++)f[g][k]=255&a.buffer[k+d];d+=n;k=j.getErrorCorrectPolynomial(h);n=(new q(f[g],k.getLength()-1)).mod(k);i[g]=Array(k.getLength()-1);for(k=0;k<i[g].length;k++)h=k+n.getLength()-i[g].length,i[g][k]=0<=h?n.get(h):0}for(k=g=0;k<c.length;k++)g+=c[k].totalCount;d=Array(g);for(k=n=0;k<b;k++)for(g=0;g<c.length;g++)k<f[g].length&&
|
||||
(d[n++]=f[g][k]);for(k=0;k<e;k++)for(g=0;g<c.length;g++)k<i[g].length&&(d[n++]=i[g][k]);return d};s=4;for(var j={PATTERN_POSITION_TABLE:[[],[6,18],[6,22],[6,26],[6,30],[6,34],[6,22,38],[6,24,42],[6,26,46],[6,28,50],[6,30,54],[6,32,58],[6,34,62],[6,26,46,66],[6,26,48,70],[6,26,50,74],[6,30,54,78],[6,30,56,82],[6,30,58,86],[6,34,62,90],[6,28,50,72,94],[6,26,50,74,98],[6,30,54,78,102],[6,28,54,80,106],[6,32,58,84,110],[6,30,58,86,114],[6,34,62,90,118],[6,26,50,74,98,122],[6,30,54,78,102,126],[6,26,52,
|
||||
78,104,130],[6,30,56,82,108,134],[6,34,60,86,112,138],[6,30,58,86,114,142],[6,34,62,90,118,146],[6,30,54,78,102,126,150],[6,24,50,76,102,128,154],[6,28,54,80,106,132,158],[6,32,58,84,110,136,162],[6,26,54,82,110,138,166],[6,30,58,86,114,142,170]],G15:1335,G18:7973,G15_MASK:21522,getBCHTypeInfo:function(a){for(var c=a<<10;0<=j.getBCHDigit(c)-j.getBCHDigit(j.G15);)c^=j.G15<<j.getBCHDigit(c)-j.getBCHDigit(j.G15);return(a<<10|c)^j.G15_MASK},getBCHTypeNumber:function(a){for(var c=a<<12;0<=j.getBCHDigit(c)-
|
||||
j.getBCHDigit(j.G18);)c^=j.G18<<j.getBCHDigit(c)-j.getBCHDigit(j.G18);return a<<12|c},getBCHDigit:function(a){for(var c=0;0!=a;)c++,a>>>=1;return c},getPatternPosition:function(a){return j.PATTERN_POSITION_TABLE[a-1]},getMask:function(a,c,d){switch(a){case 0:return 0==(c+d)%2;case 1:return 0==c%2;case 2:return 0==d%3;case 3:return 0==(c+d)%3;case 4:return 0==(Math.floor(c/2)+Math.floor(d/3))%2;case 5:return 0==c*d%2+c*d%3;case 6:return 0==(c*d%2+c*d%3)%2;case 7:return 0==(c*d%3+(c+d)%2)%2;default:throw Error("bad maskPattern:"+
|
||||
a);}},getErrorCorrectPolynomial:function(a){for(var c=new q([1],0),d=0;d<a;d++)c=c.multiply(new q([1,l.gexp(d)],0));return c},getLengthInBits:function(a,c){if(1<=c&&10>c)switch(a){case 1:return 10;case 2:return 9;case s:return 8;case 8:return 8;default:throw Error("mode:"+a);}else if(27>c)switch(a){case 1:return 12;case 2:return 11;case s:return 16;case 8:return 10;default:throw Error("mode:"+a);}else if(41>c)switch(a){case 1:return 14;case 2:return 13;case s:return 16;case 8:return 12;default:throw Error("mode:"+
|
||||
a);}else throw Error("type:"+c);},getLostPoint:function(a){for(var c=a.getModuleCount(),d=0,b=0;b<c;b++)for(var e=0;e<c;e++){for(var f=0,i=a.isDark(b,e),g=-1;1>=g;g++)if(!(0>b+g||c<=b+g))for(var h=-1;1>=h;h++)0>e+h||c<=e+h||0==g&&0==h||i==a.isDark(b+g,e+h)&&f++;5<f&&(d+=3+f-5)}for(b=0;b<c-1;b++)for(e=0;e<c-1;e++)if(f=0,a.isDark(b,e)&&f++,a.isDark(b+1,e)&&f++,a.isDark(b,e+1)&&f++,a.isDark(b+1,e+1)&&f++,0==f||4==f)d+=3;for(b=0;b<c;b++)for(e=0;e<c-6;e++)a.isDark(b,e)&&!a.isDark(b,e+1)&&a.isDark(b,e+
|
||||
2)&&a.isDark(b,e+3)&&a.isDark(b,e+4)&&!a.isDark(b,e+5)&&a.isDark(b,e+6)&&(d+=40);for(e=0;e<c;e++)for(b=0;b<c-6;b++)a.isDark(b,e)&&!a.isDark(b+1,e)&&a.isDark(b+2,e)&&a.isDark(b+3,e)&&a.isDark(b+4,e)&&!a.isDark(b+5,e)&&a.isDark(b+6,e)&&(d+=40);for(e=f=0;e<c;e++)for(b=0;b<c;b++)a.isDark(b,e)&&f++;a=Math.abs(100*f/c/c-50)/5;return d+10*a}},l={glog:function(a){if(1>a)throw Error("glog("+a+")");return l.LOG_TABLE[a]},gexp:function(a){for(;0>a;)a+=255;for(;256<=a;)a-=255;return l.EXP_TABLE[a]},EXP_TABLE:Array(256),
|
||||
LOG_TABLE:Array(256)},m=0;8>m;m++)l.EXP_TABLE[m]=1<<m;for(m=8;256>m;m++)l.EXP_TABLE[m]=l.EXP_TABLE[m-4]^l.EXP_TABLE[m-5]^l.EXP_TABLE[m-6]^l.EXP_TABLE[m-8];for(m=0;255>m;m++)l.LOG_TABLE[l.EXP_TABLE[m]]=m;q.prototype={get:function(a){return this.num[a]},getLength:function(){return this.num.length},multiply:function(a){for(var c=Array(this.getLength()+a.getLength()-1),d=0;d<this.getLength();d++)for(var b=0;b<a.getLength();b++)c[d+b]^=l.gexp(l.glog(this.get(d))+l.glog(a.get(b)));return new q(c,0)},mod:function(a){if(0>
|
||||
this.getLength()-a.getLength())return this;for(var c=l.glog(this.get(0))-l.glog(a.get(0)),d=Array(this.getLength()),b=0;b<this.getLength();b++)d[b]=this.get(b);for(b=0;b<a.getLength();b++)d[b]^=l.gexp(l.glog(a.get(b))+c);return(new q(d,0)).mod(a)}};p.RS_BLOCK_TABLE=[[1,26,19],[1,26,16],[1,26,13],[1,26,9],[1,44,34],[1,44,28],[1,44,22],[1,44,16],[1,70,55],[1,70,44],[2,35,17],[2,35,13],[1,100,80],[2,50,32],[2,50,24],[4,25,9],[1,134,108],[2,67,43],[2,33,15,2,34,16],[2,33,11,2,34,12],[2,86,68],[4,43,27],
|
||||
[4,43,19],[4,43,15],[2,98,78],[4,49,31],[2,32,14,4,33,15],[4,39,13,1,40,14],[2,121,97],[2,60,38,2,61,39],[4,40,18,2,41,19],[4,40,14,2,41,15],[2,146,116],[3,58,36,2,59,37],[4,36,16,4,37,17],[4,36,12,4,37,13],[2,86,68,2,87,69],[4,69,43,1,70,44],[6,43,19,2,44,20],[6,43,15,2,44,16],[4,101,81],[1,80,50,4,81,51],[4,50,22,4,51,23],[3,36,12,8,37,13],[2,116,92,2,117,93],[6,58,36,2,59,37],[4,46,20,6,47,21],[7,42,14,4,43,15],[4,133,107],[8,59,37,1,60,38],[8,44,20,4,45,21],[12,33,11,4,34,12],[3,145,115,1,146,
|
||||
116],[4,64,40,5,65,41],[11,36,16,5,37,17],[11,36,12,5,37,13],[5,109,87,1,110,88],[5,65,41,5,66,42],[5,54,24,7,55,25],[11,36,12],[5,122,98,1,123,99],[7,73,45,3,74,46],[15,43,19,2,44,20],[3,45,15,13,46,16],[1,135,107,5,136,108],[10,74,46,1,75,47],[1,50,22,15,51,23],[2,42,14,17,43,15],[5,150,120,1,151,121],[9,69,43,4,70,44],[17,50,22,1,51,23],[2,42,14,19,43,15],[3,141,113,4,142,114],[3,70,44,11,71,45],[17,47,21,4,48,22],[9,39,13,16,40,14],[3,135,107,5,136,108],[3,67,41,13,68,42],[15,54,24,5,55,25],[15,
|
||||
43,15,10,44,16],[4,144,116,4,145,117],[17,68,42],[17,50,22,6,51,23],[19,46,16,6,47,17],[2,139,111,7,140,112],[17,74,46],[7,54,24,16,55,25],[34,37,13],[4,151,121,5,152,122],[4,75,47,14,76,48],[11,54,24,14,55,25],[16,45,15,14,46,16],[6,147,117,4,148,118],[6,73,45,14,74,46],[11,54,24,16,55,25],[30,46,16,2,47,17],[8,132,106,4,133,107],[8,75,47,13,76,48],[7,54,24,22,55,25],[22,45,15,13,46,16],[10,142,114,2,143,115],[19,74,46,4,75,47],[28,50,22,6,51,23],[33,46,16,4,47,17],[8,152,122,4,153,123],[22,73,45,
|
||||
3,74,46],[8,53,23,26,54,24],[12,45,15,28,46,16],[3,147,117,10,148,118],[3,73,45,23,74,46],[4,54,24,31,55,25],[11,45,15,31,46,16],[7,146,116,7,147,117],[21,73,45,7,74,46],[1,53,23,37,54,24],[19,45,15,26,46,16],[5,145,115,10,146,116],[19,75,47,10,76,48],[15,54,24,25,55,25],[23,45,15,25,46,16],[13,145,115,3,146,116],[2,74,46,29,75,47],[42,54,24,1,55,25],[23,45,15,28,46,16],[17,145,115],[10,74,46,23,75,47],[10,54,24,35,55,25],[19,45,15,35,46,16],[17,145,115,1,146,116],[14,74,46,21,75,47],[29,54,24,19,
|
||||
55,25],[11,45,15,46,46,16],[13,145,115,6,146,116],[14,74,46,23,75,47],[44,54,24,7,55,25],[59,46,16,1,47,17],[12,151,121,7,152,122],[12,75,47,26,76,48],[39,54,24,14,55,25],[22,45,15,41,46,16],[6,151,121,14,152,122],[6,75,47,34,76,48],[46,54,24,10,55,25],[2,45,15,64,46,16],[17,152,122,4,153,123],[29,74,46,14,75,47],[49,54,24,10,55,25],[24,45,15,46,46,16],[4,152,122,18,153,123],[13,74,46,32,75,47],[48,54,24,14,55,25],[42,45,15,32,46,16],[20,147,117,4,148,118],[40,75,47,7,76,48],[43,54,24,22,55,25],[10,
|
||||
45,15,67,46,16],[19,148,118,6,149,119],[18,75,47,31,76,48],[34,54,24,34,55,25],[20,45,15,61,46,16]];p.getRSBlocks=function(a,c){var d=p.getRsBlockTable(a,c);if(void 0==d)throw Error("bad rs block @ typeNumber:"+a+"/errorCorrectLevel:"+c);for(var b=d.length/3,e=[],f=0;f<b;f++)for(var h=d[3*f+0],g=d[3*f+1],j=d[3*f+2],l=0;l<h;l++)e.push(new p(g,j));return e};p.getRsBlockTable=function(a,c){switch(c){case 1:return p.RS_BLOCK_TABLE[4*(a-1)+0];case 0:return p.RS_BLOCK_TABLE[4*(a-1)+1];case 3:return p.RS_BLOCK_TABLE[4*
|
||||
(a-1)+2];case 2:return p.RS_BLOCK_TABLE[4*(a-1)+3]}};t.prototype={get:function(a){return 1==(this.buffer[Math.floor(a/8)]>>>7-a%8&1)},put:function(a,c){for(var d=0;d<c;d++)this.putBit(1==(a>>>c-d-1&1))},getLengthInBits:function(){return this.length},putBit:function(a){var c=Math.floor(this.length/8);this.buffer.length<=c&&this.buffer.push(0);a&&(this.buffer[c]|=128>>>this.length%8);this.length++}};"string"===typeof h&&(h={text:h});h=r.extend({},{render:"canvas",width:256,height:256,typeNumber:-1,
|
||||
correctLevel:2,background:"#ffffff",foreground:"#000000"},h);return this.each(function(){var a;if("canvas"==h.render){a=new o(h.typeNumber,h.correctLevel);a.addData(h.text);a.make();var c=document.createElement("canvas");c.width=h.width;c.height=h.height;for(var d=c.getContext("2d"),b=h.width/a.getModuleCount(),e=h.height/a.getModuleCount(),f=0;f<a.getModuleCount();f++)for(var i=0;i<a.getModuleCount();i++){d.fillStyle=a.isDark(f,i)?h.foreground:h.background;var g=Math.ceil((i+1)*b)-Math.floor(i*b),
|
||||
j=Math.ceil((f+1)*b)-Math.floor(f*b);d.fillRect(Math.round(i*b),Math.round(f*e),g,j)}}else{a=new o(h.typeNumber,h.correctLevel);a.addData(h.text);a.make();c=r("<table></table>").css("width",h.width+"px").css("height",h.height+"px").css("border","0px").css("border-collapse","collapse").css("background-color",h.background);d=h.width/a.getModuleCount();b=h.height/a.getModuleCount();for(e=0;e<a.getModuleCount();e++){f=r("<tr></tr>").css("height",b+"px").appendTo(c);for(i=0;i<a.getModuleCount();i++)r("<td></td>").css("width",
|
||||
d+"px").css("background-color",a.isDark(e,i)?h.foreground:h.background).appendTo(f)}}a=c;jQuery(a).appendTo(this)})}})(jQuery);
|
||||
@ -0,0 +1,351 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
|
||||
* either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
var modalPopup = ".wr-modalpopup",
|
||||
modalPopupContainer = modalPopup + " .modalpopup-container",
|
||||
modalPopupContent = modalPopup + " .modalpopup-content";
|
||||
|
||||
var emmAdminBasePath = "/api/device-mgt/v1.0";
|
||||
|
||||
/*
|
||||
* set popup maximum height function.
|
||||
*/
|
||||
function setPopupMaxHeight() {
|
||||
var maxHeight = "max-height";
|
||||
var marginTop = "margin-top";
|
||||
var body = "body";
|
||||
$(modalPopupContent).css(maxHeight, ($(body).height() - ($(body).height() / 100 * 30)));
|
||||
$(modalPopupContainer).css(marginTop, (-($(modalPopupContainer).height() / 2)));
|
||||
}
|
||||
|
||||
/*
|
||||
* show popup function.
|
||||
*/
|
||||
function showPopup() {
|
||||
$(modalPopup).show();
|
||||
setPopupMaxHeight();
|
||||
}
|
||||
|
||||
/*
|
||||
* hide popup function.
|
||||
*/
|
||||
function hidePopup() {
|
||||
$(modalPopupContent).html("");
|
||||
$(modalPopupContent).removeClass("operation-data");
|
||||
$(modalPopup).hide();
|
||||
}
|
||||
|
||||
var updateNotificationCount = function (data, textStatus, jqXHR) {
|
||||
if (jqXHR.status == 200 && data) {
|
||||
var responsePayload = JSON.parse(data);
|
||||
var newNotificationsCount = responsePayload.count;
|
||||
if (newNotificationsCount > 0) {
|
||||
$("#notification-bubble").html(newNotificationsCount);
|
||||
}
|
||||
// } else {
|
||||
// $("#notification-bubble").html("Error");
|
||||
// }
|
||||
}
|
||||
};
|
||||
|
||||
function loadNotificationsPanel() {
|
||||
if ("true" == $("#right-sidebar").attr("is-authorized")) {
|
||||
var serviceURL = emmAdminBasePath + "/notifications?status=NEW";
|
||||
invokerUtil.get(serviceURL, updateNotificationCount, hideNotificationCount);
|
||||
loadNewNotifications();
|
||||
} else {
|
||||
$("#notification-bubble-wrapper").remove();
|
||||
}
|
||||
}
|
||||
|
||||
function hideNotificationCount(jqXHR) {
|
||||
if (jqXHR.status == 404) {
|
||||
// this means "no new notifications to show"
|
||||
$("#notification-bubble").hide();
|
||||
} else {
|
||||
$("#notification-bubble").html("Error");
|
||||
}
|
||||
}
|
||||
|
||||
function loadNewNotifications() {
|
||||
var messageSideBar = ".sidebar-messages";
|
||||
if ($("#right-sidebar").attr("is-authorized") == "true") {
|
||||
var notifications = $("#notifications");
|
||||
var currentUser = notifications.data("currentUser");
|
||||
|
||||
$.template("notification-listing", notifications.attr("src"), function (template) {
|
||||
var serviceURL = emmAdminBasePath + "/notifications?status=NEW";
|
||||
|
||||
var successCallback = function (data, textStatus, jqXHR) {
|
||||
if (jqXHR.status == 200 && data) {
|
||||
var viewModel = {};
|
||||
var responsePayload = JSON.parse(data);
|
||||
|
||||
if (responsePayload.notifications) {
|
||||
viewModel.notifications = responsePayload.notifications;
|
||||
if (responsePayload.count > 0) {
|
||||
$(messageSideBar).html(template(viewModel));
|
||||
} else {
|
||||
$(messageSideBar).html("<h4 class='text-center'>No new notifications found...</h4>");
|
||||
}
|
||||
} else {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>Unexpected error occurred while loading new notifications.</h4>");
|
||||
}
|
||||
}
|
||||
};
|
||||
var errorCallback = function (jqXHR) {
|
||||
if (jqXHR.status = 500) {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>Unexpected error occurred while trying " +
|
||||
"to retrieve any new notifications.</h4>");
|
||||
}
|
||||
};
|
||||
invokerUtil.get(serviceURL, successCallback, errorCallback);
|
||||
});
|
||||
} else {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>You are not authorized to view notifications</h4>");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Toggle function for
|
||||
* notification listing sidebar.
|
||||
* @return {Null}
|
||||
*/
|
||||
$.sidebar_toggle = function (action, target, container) {
|
||||
var elem = '[data-toggle=sidebar]',
|
||||
button,
|
||||
containerOffsetLeft,
|
||||
containerOffsetRight,
|
||||
targetOffsetLeft,
|
||||
targetOffsetRight,
|
||||
targetWidth,
|
||||
targetSide,
|
||||
relationship,
|
||||
pushType,
|
||||
buttonParent;
|
||||
|
||||
var sidebar_window = {
|
||||
update: function (target, container, button) {
|
||||
containerOffsetLeft = $(container).data('offset-left') ? $(container).data('offset-left') : 0;
|
||||
containerOffsetRight = $(container).data('offset-right') ? $(container).data('offset-right') : 0;
|
||||
targetOffsetLeft = $(target).data('offset-left') ? $(target).data('offset-left') : 0;
|
||||
targetOffsetRight = $(target).data('offset-right') ? $(target).data('offset-right') : 0;
|
||||
targetWidth = $(target).data('width');
|
||||
targetSide = $(target).data("side");
|
||||
pushType = $(container).parent().is('body') == true ? 'padding' : 'margin';
|
||||
|
||||
if (button !== undefined) {
|
||||
relationship = button.attr('rel') ? button.attr('rel') : '';
|
||||
buttonParent = $(button).parent();
|
||||
}
|
||||
},
|
||||
|
||||
show: function () {
|
||||
if ($(target).data('sidebar-fixed') == true) {
|
||||
$(target).height($(window).height() - $(target).data('fixed-offset'));
|
||||
}
|
||||
$(target).trigger('show.sidebar');
|
||||
if (targetWidth !== undefined) {
|
||||
$(target).css('width', targetWidth);
|
||||
}
|
||||
$(target).addClass('toggled');
|
||||
if (button !== undefined) {
|
||||
if (relationship !== '') {
|
||||
// Removing active class from all relative buttons
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false');
|
||||
}
|
||||
// Adding active class to button
|
||||
if (button.attr('data-handle') !== 'close') {
|
||||
button.addClass("active");
|
||||
button.attr('aria-expanded', 'true');
|
||||
}
|
||||
if (buttonParent.is('li')) {
|
||||
if (relationship !== '') {
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().
|
||||
attr('aria-expanded', 'false');
|
||||
}
|
||||
buttonParent.addClass("active");
|
||||
buttonParent.attr('aria-expanded', 'true');
|
||||
}
|
||||
}
|
||||
// Sidebar open function
|
||||
if (targetSide == 'left') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetLeft);
|
||||
}
|
||||
$(target).css(targetSide, targetOffsetLeft);
|
||||
} else if (targetSide == 'right') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetRight);
|
||||
}
|
||||
$(target).css(targetSide, targetOffsetRight);
|
||||
}
|
||||
$(target).trigger('shown.sidebar');
|
||||
},
|
||||
|
||||
hide: function () {
|
||||
$(target).trigger('hide.sidebar');
|
||||
$(target).removeClass('toggled');
|
||||
if (button !== undefined) {
|
||||
if (relationship !== '') {
|
||||
// Removing active class from all relative buttons
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false');
|
||||
}
|
||||
// Removing active class from button
|
||||
if (button.attr('data-handle') !== 'close') {
|
||||
button.removeClass("active");
|
||||
button.attr('aria-expanded', 'false');
|
||||
}
|
||||
if ($(button).parent().is('li')) {
|
||||
if (relationship !== '') {
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().
|
||||
attr('aria-expanded', 'false');
|
||||
}
|
||||
}
|
||||
}
|
||||
// Sidebar close function
|
||||
if (targetSide == 'left') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetOffsetLeft);
|
||||
}
|
||||
$(target).css(targetSide, -Math.abs(targetWidth + targetOffsetLeft));
|
||||
} else if (targetSide == 'right') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetOffsetRight);
|
||||
}
|
||||
$(target).css(targetSide, -Math.abs(targetWidth + targetOffsetRight));
|
||||
}
|
||||
$(target).trigger('hidden.sidebar');
|
||||
}
|
||||
};
|
||||
if (action === 'show') {
|
||||
sidebar_window.update(target, container);
|
||||
sidebar_window.show();
|
||||
}
|
||||
if (action === 'hide') {
|
||||
sidebar_window.update(target, container);
|
||||
sidebar_window.hide();
|
||||
}
|
||||
// binding click function
|
||||
var body = 'body';
|
||||
$(body).off('click', elem);
|
||||
$(body).on('click', elem, function (e) {
|
||||
e.preventDefault();
|
||||
button = $(this);
|
||||
container = button.data('container');
|
||||
target = button.data('target');
|
||||
sidebar_window.update(target, container, button);
|
||||
/**
|
||||
* Sidebar function on data container divide
|
||||
* @return {Null}
|
||||
*/
|
||||
if (button.attr('aria-expanded') == 'false') {
|
||||
sidebar_window.show();
|
||||
} else if (button.attr('aria-expanded') == 'true') {
|
||||
sidebar_window.hide();
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
$.fn.collapse_nav_sub = function () {
|
||||
var navSelector = 'ul.nav';
|
||||
|
||||
if (!$(navSelector).hasClass('collapse-nav-sub')) {
|
||||
$(navSelector + ' > li', this).each(function () {
|
||||
var position = $(this).offset().left - $(this).parent().scrollLeft();
|
||||
$(this).attr('data-absolute-position', (position + 5));
|
||||
});
|
||||
|
||||
$(navSelector + ' li', this).each(function () {
|
||||
if ($('ul', this).length !== 0) {
|
||||
$(this).addClass('has-sub');
|
||||
}
|
||||
});
|
||||
|
||||
$(navSelector + ' > li', this).each(function () {
|
||||
$(this).css({
|
||||
'left': $(this).data('absolute-position'),
|
||||
'position': 'absolute'
|
||||
});
|
||||
});
|
||||
|
||||
$(navSelector + ' li.has-sub', this).on('click', function () {
|
||||
var elem = $(this);
|
||||
if (elem.attr('aria-expanded') !== 'true') {
|
||||
elem.siblings().fadeOut(100, function () {
|
||||
elem.animate({'left': '15'}, 200, function () {
|
||||
$(elem).first().children('ul').fadeIn(200);
|
||||
});
|
||||
});
|
||||
elem.siblings().attr('aria-expanded', 'false');
|
||||
elem.attr('aria-expanded', 'true');
|
||||
} else {
|
||||
$(elem).first().children('ul').fadeOut(100, function () {
|
||||
elem.animate({'left': $(elem).data('absolute-position')}, 200, function () {
|
||||
elem.siblings().fadeIn(100);
|
||||
});
|
||||
});
|
||||
elem.siblings().attr('aria-expanded', 'false');
|
||||
elem.attr('aria-expanded', 'false');
|
||||
}
|
||||
});
|
||||
|
||||
$(navSelector + ' > li.has-sub ul', this).on('click', function (e) {
|
||||
e.stopPropagation();
|
||||
});
|
||||
$(navSelector).addClass('collapse-nav-sub');
|
||||
}
|
||||
};
|
||||
|
||||
$(document).ready(function () {
|
||||
loadNotificationsPanel();
|
||||
$.sidebar_toggle();
|
||||
|
||||
$("#right-sidebar").on("click", ".new-notification", function () {
|
||||
var notificationId = $(this).data("id");
|
||||
var redirectUrl = $(this).data("url");
|
||||
var markAsReadNotificationsAPI = "/mdm-admin/notifications/" + notificationId + "/CHECKED";
|
||||
var messageSideBar = ".sidebar-messages";
|
||||
|
||||
invokerUtil.put(
|
||||
markAsReadNotificationsAPI,
|
||||
null,
|
||||
function (data) {
|
||||
data = JSON.parse(data);
|
||||
if (data.statusCode == responseCodes["ACCEPTED"]) {
|
||||
location.href = redirectUrl;
|
||||
}
|
||||
}, function () {
|
||||
var content = "<li class='message message-danger'><h4><i class='icon fw fw-error'></i>Warning</h4>" +
|
||||
"<p>Unexpected error occurred while loading notification. Please refresh the page and" +
|
||||
" try again</p></li>";
|
||||
$(messageSideBar).html(content);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
if (typeof $.fn.collapse == 'function') {
|
||||
$('.navbar-collapse.tiles').on('shown.bs.collapse', function () {
|
||||
$(this).collapse_nav_sub();
|
||||
});
|
||||
}
|
||||
});
|
||||
@ -0,0 +1,14 @@
|
||||
{{#each notifications}}
|
||||
<li class="message message-info" data-type="selectable" >
|
||||
<h4>
|
||||
<i class="icon fw fw-info"></i>
|
||||
<a href="device?type={{deviceIdentifier.type}}&id={{deviceIdentifier.id}}"
|
||||
data-id="{{notificationId}}"
|
||||
data-url="device?type={{deviceIdentifier.type}}&id={{deviceIdentifier.id}}"
|
||||
class="new-notification" data-click-event="remove-form">
|
||||
Device Type : {{deviceIdentifier.type}}
|
||||
</a>
|
||||
</h4>
|
||||
<p>{{description}}</p>
|
||||
</li>
|
||||
{{/each}}
|
||||
@ -0,0 +1,30 @@
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions;
|
||||
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class holds the request format for device for grant type.
|
||||
*/
|
||||
public class DeviceRequestDTO {
|
||||
|
||||
private List<DeviceIdentifier> deviceIdentifiers;
|
||||
private String scope;
|
||||
|
||||
public List<DeviceIdentifier> getDeviceIdentifiers() {
|
||||
return deviceIdentifiers;
|
||||
}
|
||||
|
||||
public void setDeviceIdentifiers(List<DeviceIdentifier> deviceIdentifiers) {
|
||||
this.deviceIdentifiers = deviceIdentifiers;
|
||||
}
|
||||
|
||||
public String getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
public void setScope(String scope) {
|
||||
this.scope = scope;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,13 @@
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions;
|
||||
|
||||
|
||||
/**
|
||||
* This hold the OAuthConstants related oauth extensions.
|
||||
*/
|
||||
public class OAuthConstants {
|
||||
|
||||
public static final String DEFAULT_DEVICE_ASSERTION = "device";
|
||||
public static final String DEFAULT_USERNAME_IDENTIFIER = "username";
|
||||
public static final String DEFAULT_PASSWORD_IDENTIFIER = "password";
|
||||
|
||||
}
|
||||
@ -0,0 +1,90 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.config;
|
||||
|
||||
import javax.xml.bind.annotation.XmlAccessType;
|
||||
import javax.xml.bind.annotation.XmlAccessorType;
|
||||
import javax.xml.bind.annotation.XmlAttribute;
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
|
||||
/**
|
||||
* <p>Java class for Action complex type.
|
||||
*
|
||||
* <p>The following schema fragment specifies the expected content contained within this class.
|
||||
*
|
||||
* <pre>
|
||||
* <complexType name="Action">
|
||||
* <complexContent>
|
||||
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
|
||||
* <sequence>
|
||||
* <element name="Permissions" type="{}Permissions"/>
|
||||
* </sequence>
|
||||
* <attribute name="name" type="{http://www.w3.org/2001/XMLSchema}string" />
|
||||
* </restriction>
|
||||
* </complexContent>
|
||||
* </complexType>
|
||||
* </pre>
|
||||
*
|
||||
*
|
||||
*/
|
||||
@XmlAccessorType(XmlAccessType.FIELD)
|
||||
@XmlType(name = "Action", propOrder = {
|
||||
"permissions"
|
||||
})
|
||||
public class Action {
|
||||
|
||||
@XmlElement(name = "Permissions", required = true)
|
||||
protected Permissions permissions;
|
||||
@XmlAttribute(name = "name")
|
||||
protected String name;
|
||||
|
||||
/**
|
||||
* Gets the value of the permissions property.
|
||||
*
|
||||
* @return
|
||||
* possible object is
|
||||
* {@link Permissions }
|
||||
*
|
||||
*/
|
||||
public Permissions getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the value of the permissions property.
|
||||
*
|
||||
* @param value
|
||||
* allowed object is
|
||||
* {@link Permissions }
|
||||
*
|
||||
*/
|
||||
public void setPermissions(Permissions value) {
|
||||
this.permissions = value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the value of the name property.
|
||||
*
|
||||
* @return
|
||||
* possible object is
|
||||
* {@link String }
|
||||
*
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the value of the name property.
|
||||
*
|
||||
* @param value
|
||||
* allowed object is
|
||||
* {@link String }
|
||||
*
|
||||
*/
|
||||
public void setName(String value) {
|
||||
this.name = value;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,67 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.config;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import javax.xml.bind.annotation.XmlAccessType;
|
||||
import javax.xml.bind.annotation.XmlAccessorType;
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
|
||||
/**
|
||||
* <p>Java class for DeviceMgtScopes complex type.
|
||||
*
|
||||
* <p>The following schema fragment specifies the expected content contained within this class.
|
||||
*
|
||||
* <pre>
|
||||
* <complexType name="DeviceMgtScopes">
|
||||
* <complexContent>
|
||||
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
|
||||
* <sequence>
|
||||
* <element name="Action" type="{}Action" maxOccurs="unbounded" minOccurs="0"/>
|
||||
* </sequence>
|
||||
* </restriction>
|
||||
* </complexContent>
|
||||
* </complexType>
|
||||
* </pre>
|
||||
*
|
||||
*
|
||||
*/
|
||||
@XmlRootElement(name = "DeviceMgtScopes")
|
||||
public class DeviceMgtScopes {
|
||||
|
||||
@XmlElement(name = "Action")
|
||||
protected List<Action> action;
|
||||
|
||||
/**
|
||||
* Gets the value of the action property.
|
||||
*
|
||||
* <p>
|
||||
* This accessor method returns a reference to the live list,
|
||||
* not a snapshot. Therefore any modification you make to the
|
||||
* returned list will be present inside the JAXB object.
|
||||
* This is why there is not a <CODE>set</CODE> method for the action property.
|
||||
*
|
||||
* <p>
|
||||
* For example, to add a new item, do as follows:
|
||||
* <pre>
|
||||
* getAction().add(newItem);
|
||||
* </pre>
|
||||
*
|
||||
*
|
||||
* <p>
|
||||
* Objects of the following type(s) are allowed in the list
|
||||
* {@link Action }
|
||||
*
|
||||
*
|
||||
*/
|
||||
public List<Action> getAction() {
|
||||
if (action == null) {
|
||||
action = new ArrayList<Action>();
|
||||
}
|
||||
return this.action;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,67 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.config;
|
||||
|
||||
import org.w3c.dom.Document;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils;
|
||||
import org.wso2.carbon.utils.CarbonUtils;
|
||||
|
||||
import javax.xml.bind.JAXBContext;
|
||||
import javax.xml.bind.JAXBException;
|
||||
import javax.xml.bind.Unmarshaller;
|
||||
import java.io.File;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* This class represents the configuration that are needed for scopes to permission map.
|
||||
*/
|
||||
public class DeviceMgtScopesConfig {
|
||||
|
||||
private static DeviceMgtScopesConfig config = new DeviceMgtScopesConfig();
|
||||
private static Map<String, String[]> actionPermissionMap = new HashMap<>();
|
||||
|
||||
private static final String DEVICE_MGT_SCOPES_CONFIG_PATH =
|
||||
CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + "device-mgt-scopes.xml";
|
||||
|
||||
private DeviceMgtScopesConfig() {
|
||||
}
|
||||
|
||||
public static DeviceMgtScopesConfig getInstance() {
|
||||
return config;
|
||||
}
|
||||
|
||||
public static void init() throws DeviceMgtScopesConfigurationFailedException {
|
||||
try {
|
||||
File deviceMgtConfig = new File(DEVICE_MGT_SCOPES_CONFIG_PATH);
|
||||
Document doc = OAuthExtUtils.convertToDocument(deviceMgtConfig);
|
||||
|
||||
/* Un-marshaling DeviceMGtScope configuration */
|
||||
JAXBContext ctx = JAXBContext.newInstance(DeviceMgtScopes.class);
|
||||
Unmarshaller unmarshaller = ctx.createUnmarshaller();
|
||||
//unmarshaller.setSchema(getSchema());
|
||||
DeviceMgtScopes deviceMgtScopes = (DeviceMgtScopes) unmarshaller.unmarshal(doc);
|
||||
if (deviceMgtScopes != null) {
|
||||
for (Action action : deviceMgtScopes.getAction()) {
|
||||
Permissions permissions = action.getPermissions();
|
||||
if (permissions != null) {
|
||||
String permission[] = new String[permissions.getPermission().size()];
|
||||
int i = 0;
|
||||
for (String perm : permissions.getPermission()) {
|
||||
permission[i] = perm;
|
||||
i++;
|
||||
}
|
||||
actionPermissionMap.put(action.getName(), permission);
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (JAXBException e) {
|
||||
throw new DeviceMgtScopesConfigurationFailedException("Error occurred while un-marshalling Device Scope" +
|
||||
" Config", e);
|
||||
}
|
||||
}
|
||||
|
||||
public Map<String, String[]> getDeviceMgtScopePermissionMap() {
|
||||
return actionPermissionMap;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,44 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.config;
|
||||
|
||||
public class DeviceMgtScopesConfigurationFailedException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -3151279312929070398L;
|
||||
|
||||
public DeviceMgtScopesConfigurationFailedException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
}
|
||||
|
||||
public DeviceMgtScopesConfigurationFailedException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
public DeviceMgtScopesConfigurationFailedException(String msg) {
|
||||
super(msg);
|
||||
}
|
||||
|
||||
public DeviceMgtScopesConfigurationFailedException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public DeviceMgtScopesConfigurationFailedException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,78 @@
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.config;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import javax.xml.bind.annotation.XmlAccessType;
|
||||
import javax.xml.bind.annotation.XmlAccessorType;
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlType;
|
||||
|
||||
|
||||
/**
|
||||
* <p>Java class for Permissions complex type.
|
||||
*
|
||||
* <p>The following schema fragment specifies the expected content contained within this class.
|
||||
*
|
||||
* <pre>
|
||||
* <complexType name="Permissions">
|
||||
* <complexContent>
|
||||
* <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
|
||||
* <sequence>
|
||||
* <element name="Permission" maxOccurs="unbounded" minOccurs="0">
|
||||
* <simpleType>
|
||||
* <restriction base="{http://www.w3.org/2001/XMLSchema}string">
|
||||
* <enumeration value="/permission/device-mgt/user/groups/device_operation"/>
|
||||
* <enumeration value="/permission/device-mgt/admin/groups"/>
|
||||
* <enumeration value="/permission/device-mgt/user/groups"/>
|
||||
* <enumeration value="/permission/device-mgt/user/groups/device_monitor"/>
|
||||
* </restriction>
|
||||
* </simpleType>
|
||||
* </element>
|
||||
* </sequence>
|
||||
* </restriction>
|
||||
* </complexContent>
|
||||
* </complexType>
|
||||
* </pre>
|
||||
*
|
||||
*
|
||||
*/
|
||||
@XmlAccessorType(XmlAccessType.FIELD)
|
||||
@XmlType(name = "Permissions", propOrder = {
|
||||
"permission"
|
||||
})
|
||||
public class Permissions {
|
||||
|
||||
@XmlElement(name = "Permission")
|
||||
protected List<String> permission;
|
||||
|
||||
/**
|
||||
* Gets the value of the permission property.
|
||||
*
|
||||
* <p>
|
||||
* This accessor method returns a reference to the live list,
|
||||
* not a snapshot. Therefore any modification you make to the
|
||||
* returned list will be present inside the JAXB object.
|
||||
* This is why there is not a <CODE>set</CODE> method for the permission property.
|
||||
*
|
||||
* <p>
|
||||
* For example, to add a new item, do as follows:
|
||||
* <pre>
|
||||
* getPermission().add(newItem);
|
||||
* </pre>
|
||||
*
|
||||
*
|
||||
* <p>
|
||||
* Objects of the following type(s) are allowed in the list
|
||||
* {@link String }
|
||||
*
|
||||
*
|
||||
*/
|
||||
public List<String> getPermission() {
|
||||
if (permission == null) {
|
||||
permission = new ArrayList<String>();
|
||||
}
|
||||
return this.permission;
|
||||
}
|
||||
|
||||
}
|
||||
4
components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedJWTBearerGrantHandler.java → components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtJWTBearerGrantHandler.java
4
components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedJWTBearerGrantHandler.java → components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtJWTBearerGrantHandler.java
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.apimgt.keymgt.handlers.ExtendedPasswordGrantHandler;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthConstants;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils;
|
||||
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
||||
import org.wso2.carbon.identity.oauth2.model.RequestParameter;
|
||||
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
public class ExtendedDeviceMgtPasswordGrantHandler extends ExtendedPasswordGrantHandler {
|
||||
|
||||
private static Log log = LogFactory.getLog(ExtendedDeviceMgtPasswordGrantHandler.class);
|
||||
|
||||
@Override
|
||||
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
|
||||
RequestParameter parameters[] = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters();
|
||||
for (RequestParameter parameter : parameters) {
|
||||
switch (parameter.getKey()) {
|
||||
case OAuthConstants.DEFAULT_USERNAME_IDENTIFIER:
|
||||
String username = parameter.getValue()[0];
|
||||
tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerUsername(username);
|
||||
break;
|
||||
|
||||
case OAuthConstants.DEFAULT_PASSWORD_IDENTIFIER:
|
||||
String password = parameter.getValue()[0];
|
||||
tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerPassword(password);
|
||||
break;
|
||||
}
|
||||
}
|
||||
return super.validateGrant(tokReqMsgCtx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) {
|
||||
return OAuthExtUtils.validateScope(tokReqMsgCtx);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,328 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant;
|
||||
|
||||
import org.apache.axiom.om.OMElement;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder;
|
||||
import org.wso2.carbon.identity.application.common.cache.BaseCache;
|
||||
import org.wso2.carbon.identity.core.util.IdentityConfigParser;
|
||||
import org.wso2.carbon.identity.core.util.IdentityCoreConstants;
|
||||
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
|
||||
import org.wso2.carbon.identity.oauth.common.OAuthConstants;
|
||||
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
|
||||
import org.wso2.carbon.identity.oauth2.ResponseHeader;
|
||||
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
|
||||
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
|
||||
import org.wso2.carbon.identity.oauth2.token.handlers.grant.PasswordGrantHandler;
|
||||
import org.wso2.carbon.user.api.Claim;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.api.UserStoreManager;
|
||||
import org.wso2.carbon.user.core.UserRealm;
|
||||
import org.wso2.carbon.user.core.config.RealmConfiguration;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
import org.wso2.carbon.user.core.util.UserCoreUtil;
|
||||
|
||||
import javax.xml.namespace.QName;
|
||||
import java.util.*;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
public class ExtendedPasswordGrantHandler extends PasswordGrantHandler {
|
||||
|
||||
private static Log log = LogFactory.getLog(ExtendedPasswordGrantHandler.class);
|
||||
|
||||
private static final String CONFIG_ELEM_OAUTH = "OAuth";
|
||||
|
||||
// Claims that are set as response headers of access token response
|
||||
private static final String REQUIRED_CLAIM_URIS = "RequiredRespHeaderClaimUris";
|
||||
private BaseCache<String, Claim[]> userClaimsCache;
|
||||
|
||||
// Primary/Secondary Login configuration
|
||||
private static final String CLAIM_URI = "ClaimUri";
|
||||
private static final String LOGIN_CONFIG = "LoginConfig";
|
||||
private static final String USERID_LOGIN = "UserIdLogin";
|
||||
private static final String EMAIL_LOGIN = "EmailLogin";
|
||||
private static final String PRIMARY_LOGIN = "primary";
|
||||
|
||||
private Map<String, Map<String, String>> loginConfiguration = new ConcurrentHashMap<>();
|
||||
|
||||
private List<String> requiredHeaderClaimUris = new ArrayList<>();
|
||||
|
||||
public void init() throws IdentityOAuth2Exception {
|
||||
|
||||
super.init();
|
||||
|
||||
IdentityConfigParser configParser;
|
||||
configParser = IdentityConfigParser.getInstance();
|
||||
OMElement oauthElem = configParser.getConfigElement(CONFIG_ELEM_OAUTH);
|
||||
|
||||
// Get the required claim uris that needs to be included in the response.
|
||||
parseRequiredHeaderClaimUris(oauthElem.getFirstChildWithName(getQNameWithIdentityNS(REQUIRED_CLAIM_URIS)));
|
||||
|
||||
// read login config
|
||||
parseLoginConfig(oauthElem);
|
||||
|
||||
userClaimsCache = new BaseCache<>("UserClaimsCache");
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Successfully created UserClaimsCache under " + OAuthConstants.OAUTH_CACHE_MANAGER);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx)
|
||||
throws IdentityOAuth2Exception {
|
||||
|
||||
OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = tokReqMsgCtx.getOauth2AccessTokenReqDTO();
|
||||
String username = oAuth2AccessTokenReqDTO.getResourceOwnerUsername();
|
||||
String loginUserName = getLoginUserName(username);
|
||||
tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerUsername(loginUserName);
|
||||
|
||||
boolean isValidated = super.validateGrant(tokReqMsgCtx);
|
||||
|
||||
if (isValidated) {
|
||||
|
||||
int tenantId;
|
||||
tenantId = IdentityTenantUtil.getTenantIdOfUser(username);
|
||||
|
||||
RealmService realmService = OAuthExtensionsDataHolder.getInstance().getRealmService();
|
||||
UserStoreManager userStoreManager;
|
||||
try {
|
||||
userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
|
||||
} catch (UserStoreException e) {
|
||||
log.error("Error when getting the tenant's UserStoreManager", e);
|
||||
return false;
|
||||
}
|
||||
|
||||
List<ResponseHeader> respHeaders = new ArrayList<>();
|
||||
|
||||
if (oAuth2AccessTokenReqDTO.getResourceOwnerUsername() != null) {
|
||||
try {
|
||||
if (requiredHeaderClaimUris != null && !requiredHeaderClaimUris.isEmpty()) {
|
||||
// Get user's claim values from the default profile.
|
||||
String userStoreDomain = tokReqMsgCtx.getAuthorizedUser().getUserStoreDomain();
|
||||
|
||||
String endUsernameWithDomain = UserCoreUtil.
|
||||
addDomainToName(oAuth2AccessTokenReqDTO.getResourceOwnerUsername(), userStoreDomain);
|
||||
|
||||
Claim[] mapClaimValues = getUserClaimValues(endUsernameWithDomain, userStoreManager);
|
||||
|
||||
if (mapClaimValues != null && mapClaimValues.length > 0) {
|
||||
ResponseHeader header;
|
||||
for (String claimUri : requiredHeaderClaimUris) {
|
||||
for (Claim claim : mapClaimValues) {
|
||||
if (claimUri.equals(claim.getClaimUri())) {
|
||||
header = new ResponseHeader();
|
||||
header.setKey(claim.getDisplayTag());
|
||||
header.setValue(claim.getValue());
|
||||
respHeaders.add(header);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if (log.isDebugEnabled()) {
|
||||
log.debug("No claim values for user : " + endUsernameWithDomain);
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
throw new IdentityOAuth2Exception("Error occurred while retrieving user claims", e);
|
||||
}
|
||||
}
|
||||
tokReqMsgCtx.addProperty("RESPONSE_HEADERS", respHeaders.toArray(new ResponseHeader[respHeaders.size()]));
|
||||
}
|
||||
|
||||
return isValidated;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) {
|
||||
return OAuthExtUtils.setScopes(tokReqMsgCtx);
|
||||
}
|
||||
|
||||
private String getLoginUserName(String userID) {
|
||||
String loginUserName = userID;
|
||||
if (isSecondaryLogin(userID)) {
|
||||
loginUserName = getPrimaryFromSecondary(userID);
|
||||
}
|
||||
return loginUserName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Identify whether the logged in user used his Primary Login name or
|
||||
* Secondary login name
|
||||
*
|
||||
* @param userId - The username used to login.
|
||||
* @return <code>true</code> if secondary login name is used,
|
||||
* <code>false</code> if primary login name has been used
|
||||
*/
|
||||
private boolean isSecondaryLogin(String userId) {
|
||||
|
||||
if (loginConfiguration.get(EMAIL_LOGIN) != null) {
|
||||
Map<String, String> emailConf = loginConfiguration.get(EMAIL_LOGIN);
|
||||
if ("true".equalsIgnoreCase(emailConf.get(PRIMARY_LOGIN))) {
|
||||
return !isUserLoggedInEmail(userId);
|
||||
} else if ("false".equalsIgnoreCase(emailConf.get(PRIMARY_LOGIN))) {
|
||||
return isUserLoggedInEmail(userId);
|
||||
}
|
||||
} else if (loginConfiguration.get(USERID_LOGIN) != null) {
|
||||
Map<String, String> userIdConf = loginConfiguration.get(USERID_LOGIN);
|
||||
if ("true".equalsIgnoreCase(userIdConf.get(PRIMARY_LOGIN))) {
|
||||
return isUserLoggedInEmail(userId);
|
||||
} else if ("false".equalsIgnoreCase(userIdConf.get(PRIMARY_LOGIN))) {
|
||||
return !isUserLoggedInEmail(userId);
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Identify whether the logged in user used his ordinal username or email
|
||||
*
|
||||
* @param userId - username used to login.
|
||||
* @return - <code>true</code> if userId contains '@'. <code>false</code> otherwise
|
||||
*/
|
||||
private boolean isUserLoggedInEmail(String userId) {
|
||||
return userId.contains("@");
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the primaryLogin name using secondary login name. Primary secondary
|
||||
* Configuration is provided in the identitiy.xml. In the userstore, it is
|
||||
* users responsibility TO MAINTAIN THE SECONDARY LOGIN NAME AS UNIQUE for
|
||||
* each and every users. If it is not unique, we will pick the very first
|
||||
* entry from the userlist.
|
||||
*
|
||||
* @param login - username used to login.
|
||||
* @return -
|
||||
*/
|
||||
private String getPrimaryFromSecondary(String login) {
|
||||
|
||||
String claimURI, username = null;
|
||||
if (isUserLoggedInEmail(login)) {
|
||||
Map<String, String> emailConf = loginConfiguration.get(EMAIL_LOGIN);
|
||||
claimURI = emailConf.get(CLAIM_URI);
|
||||
} else {
|
||||
Map<String, String> userIdConf = loginConfiguration.get(USERID_LOGIN);
|
||||
claimURI = userIdConf.get(CLAIM_URI);
|
||||
}
|
||||
|
||||
try {
|
||||
RealmService realmSvc = OAuthExtensionsDataHolder.getInstance().getRealmService();
|
||||
RealmConfiguration config = new RealmConfiguration();
|
||||
UserRealm realm = realmSvc.getUserRealm(config);
|
||||
org.wso2.carbon.user.core.UserStoreManager storeManager = realm.getUserStoreManager();
|
||||
String[] user = storeManager.getUserList(claimURI, login, null);
|
||||
if (user.length > 0) {
|
||||
username = user[0];
|
||||
}
|
||||
} catch (UserStoreException e) {
|
||||
log.error("Error while retrieving the primaryLogin name using secondary login name : " + login, e);
|
||||
}
|
||||
return username;
|
||||
}
|
||||
|
||||
private Claim[] getUserClaimValues(String authorizedUser, UserStoreManager userStoreManager)
|
||||
throws
|
||||
UserStoreException {
|
||||
Claim[] userClaims = userClaimsCache.getValueFromCache(authorizedUser);
|
||||
if (userClaims != null) {
|
||||
return userClaims;
|
||||
} else {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Cache miss for user claims. Username :" + authorizedUser);
|
||||
}
|
||||
userClaims = userStoreManager.getUserClaimValues(
|
||||
authorizedUser, null);
|
||||
userClaimsCache.addToCache(authorizedUser, userClaims);
|
||||
return userClaims;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Read the required claim configuration from identity.xml
|
||||
*/
|
||||
private void parseRequiredHeaderClaimUris(OMElement requiredClaimUrisElem) {
|
||||
if (requiredClaimUrisElem == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
Iterator claimUris = requiredClaimUrisElem.getChildrenWithLocalName(CLAIM_URI);
|
||||
if (claimUris != null) {
|
||||
while (claimUris.hasNext()) {
|
||||
OMElement claimUri = (OMElement) claimUris.next();
|
||||
if (claimUri != null) {
|
||||
requiredHeaderClaimUris.add(claimUri.getText());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Read the primary/secondary login configuration
|
||||
* <OAuth>
|
||||
* ....
|
||||
* <LoginConfig>
|
||||
* <UserIdLogin primary="true">
|
||||
* <ClaimUri></ClaimUri>
|
||||
* </UserIdLogin>
|
||||
* <EmailLogin primary="false">
|
||||
* <ClaimUri>http://wso2.org/claims/emailaddress</ClaimUri>
|
||||
* </EmailLogin>
|
||||
* </LoginConfig>
|
||||
* .....
|
||||
* </OAuth>
|
||||
*
|
||||
* @param oauthConfigElem - The '<LoginConfig>' xml configuration element in the api-manager.xml
|
||||
*/
|
||||
private void parseLoginConfig(OMElement oauthConfigElem) {
|
||||
OMElement loginConfigElem = oauthConfigElem.getFirstChildWithName(getQNameWithIdentityNS(LOGIN_CONFIG));
|
||||
if (loginConfigElem != null) {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Login configuration is set ");
|
||||
}
|
||||
// Primary/Secondary supported login mechanisms
|
||||
OMElement emailConfigElem = loginConfigElem.getFirstChildWithName(getQNameWithIdentityNS(EMAIL_LOGIN));
|
||||
|
||||
OMElement userIdConfigElem = loginConfigElem.getFirstChildWithName(getQNameWithIdentityNS(USERID_LOGIN));
|
||||
|
||||
Map<String, String> emailConf = new HashMap<String, String>(2);
|
||||
emailConf.put(PRIMARY_LOGIN,
|
||||
emailConfigElem.getAttributeValue(new QName(PRIMARY_LOGIN)));
|
||||
emailConf.put(CLAIM_URI,
|
||||
emailConfigElem.getFirstChildWithName(getQNameWithIdentityNS(CLAIM_URI))
|
||||
.getText());
|
||||
|
||||
Map<String, String> userIdConf = new HashMap<String, String>(2);
|
||||
userIdConf.put(PRIMARY_LOGIN,
|
||||
userIdConfigElem.getAttributeValue(new QName(PRIMARY_LOGIN)));
|
||||
userIdConf.put(CLAIM_URI,
|
||||
userIdConfigElem.getFirstChildWithName(getQNameWithIdentityNS(CLAIM_URI))
|
||||
.getText());
|
||||
|
||||
loginConfiguration.put(EMAIL_LOGIN, emailConf);
|
||||
loginConfiguration.put(USERID_LOGIN, userIdConf);
|
||||
}
|
||||
}
|
||||
|
||||
private QName getQNameWithIdentityNS(String localPart) {
|
||||
return new QName(IdentityCoreConstants.IDENTITY_DEFAULT_NAMESPACE, localPart);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.validators;
|
||||
|
||||
import org.apache.oltu.oauth2.common.OAuth;
|
||||
import org.apache.oltu.oauth2.common.validators.AbstractValidator;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthConstants;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* Grant validator for JSON Web Tokens
|
||||
* For JWT Grant to be valid the required parameters are
|
||||
* grant_type and assertion
|
||||
*/
|
||||
public class ExtendedDeviceJWTGrantValidator extends AbstractValidator<HttpServletRequest> {
|
||||
|
||||
public ExtendedDeviceJWTGrantValidator() {
|
||||
requiredParams.add(OAuth.OAUTH_GRANT_TYPE);
|
||||
requiredParams.add(OAuth.OAUTH_ASSERTION);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,37 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.oauth.extensions.validators;
|
||||
|
||||
import org.apache.oltu.oauth2.common.OAuth;
|
||||
import org.apache.oltu.oauth2.common.validators.AbstractValidator;
|
||||
import org.wso2.carbon.device.mgt.oauth.extensions.OAuthConstants;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* Grant validator for Device Object with Password Grant type
|
||||
*/
|
||||
public class ExtendedDevicePasswordGrantValidator extends AbstractValidator<HttpServletRequest> {
|
||||
|
||||
public ExtendedDevicePasswordGrantValidator() {
|
||||
requiredParams.add(OAuth.OAUTH_USERNAME);
|
||||
requiredParams.add(OAuth.OAUTH_PASSWORD);
|
||||
requiredParams.add(OAuthConstants.DEFAULT_DEVICE_ASSERTION);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,19 @@
|
||||
#
|
||||
# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# Version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
custom = true
|
||||
@ -0,0 +1,51 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<!--This holds the scopes that are allowed by the device-mgt, The user require below permission to get the required scope-->
|
||||
<!--These scopes are assigned after validating with device-mgt specific grant types-->
|
||||
<DeviceMgtScopes>
|
||||
<Action name="mqtt-publisher">
|
||||
<Permissions>
|
||||
<Permission>/permission/device-mgt/user/groups/device_operation</Permission>
|
||||
<Permission>/permission/device-mgt/admin/groups</Permission>
|
||||
<Permission>/permission/device-mgt/user/groups</Permission>
|
||||
</Permissions>
|
||||
</Action>
|
||||
<Action name="mqtt-subscriber">
|
||||
<Permissions>
|
||||
<Permission>/permission/device-mgt/user/groups/device_monitor</Permission>
|
||||
<Permission>/permission/device-mgt/admin/groups</Permission>
|
||||
<Permission>/permission/device-mgt/user/groups</Permission>
|
||||
</Permissions>
|
||||
</Action>
|
||||
<Action name="stats">
|
||||
<Permissions>
|
||||
<Permission>/permission/device-mgt/user/groups/device_monitor</Permission>
|
||||
<Permission>/permission/device-mgt/admin/groups</Permission>
|
||||
<Permission>/permission/device-mgt/user/groups</Permission>
|
||||
</Permissions>
|
||||
</Action>
|
||||
<Action name="operation">
|
||||
<Permissions>
|
||||
<Permission>/permission/device-mgt/user/groups/device_operation</Permission>
|
||||
<Permission>/permission/device-mgt/admin/groups</Permission>
|
||||
<Permission>/permission/device-mgt/user/groups</Permission>
|
||||
</Permissions>
|
||||
</Action>
|
||||
</DeviceMgtScopes>
|
||||
@ -0,0 +1,2 @@
|
||||
instructions.configure = \
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.mgt.oauth.extensions_${feature.version}/device-mgt-scopes.xml,target:${installFolder}/../../conf/etc/device-mgt-scopes.xml,overwrite:true);\
|
||||
Loading…
Reference in new issue