Fix jwt token generation

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/APIManagementProviderServiceImpl.java

@@ -649,9 +649,14 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
         io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.AccessTokenInfo accessTokenInfo;
         try {
             if (username == null || password == null) {
-                apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
+                apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
+                        "ClientForConsumerRestCalls",
+                        "client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer");
             } else {
-                apiApplicationKey = apiApplicationServices.generateAndRetrieveApplicationKeys(username, password);
+                apiApplicationKey = apiApplicationServices.generateAndRetrieveApplicationKeys(
+                        "ClientForConsumerRestCalls",
+                        username, password,
+                        "client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer");
             }
             accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
                     apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.extension.rest.api/src/main/java/io/entgra/device/mgt/core/apimgt/extension/rest/api/APIApplicationServices.java

@@ -24,9 +24,10 @@ import io.entgra.device.mgt.core.apimgt.extension.rest.api.exceptions.APIService
 
 public interface APIApplicationServices {
 
-    APIApplicationKey createAndRetrieveApplicationCredentials() throws APIServicesException;
+    APIApplicationKey createAndRetrieveApplicationCredentials(String clientName, String grantType)
+            throws APIServicesException;
 
-    APIApplicationKey generateAndRetrieveApplicationKeys(String username, String password)
+    APIApplicationKey generateAndRetrieveApplicationKeys(String clientName, String username, String password, String grantType)
             throws APIServicesException;
 
     AccessTokenInfo generateAccessTokenFromRegisteredApplication(String clientId, String clientSecret) throws APIServicesException;

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.extension.rest.api/src/main/java/io/entgra/device/mgt/core/apimgt/extension/rest/api/APIApplicationServicesImpl.java

@@ -44,7 +44,7 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
             getAPIManagerConfigurationService().getAPIManagerConfiguration();
 
     @Override
-    public APIApplicationKey createAndRetrieveApplicationCredentials()
+    public APIApplicationKey createAndRetrieveApplicationCredentials(String clientName, String grantType)
             throws APIServicesException {
 
         String applicationEndpoint = config.getFirstProperty(Constants.DCR_END_POINT);
@@ -53,8 +53,8 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
 
         JSONObject jsonObject = new JSONObject();
         jsonObject.put("callbackUrl", Constants.EMPTY_STRING);
-        jsonObject.put("clientName", Constants.CLIENT_NAME);
-        jsonObject.put("grantType", Constants.GRANT_TYPE);
+        jsonObject.put("clientName", clientName);
+        jsonObject.put("grantType", grantType);
         jsonObject.put("owner", serverUser);
         jsonObject.put("saasApp", true);
 
@@ -75,15 +75,15 @@ public class APIApplicationServicesImpl implements APIApplicationServices {
     }
 
     @Override
-    public APIApplicationKey generateAndRetrieveApplicationKeys(String username, String password)
+    public APIApplicationKey generateAndRetrieveApplicationKeys(String clientName, String username, String password, String grantType)
             throws APIServicesException {
 
         String applicationEndpoint = config.getFirstProperty(Constants.DCR_END_POINT);
 
         JSONObject jsonObject = new JSONObject();
         jsonObject.put("callbackUrl", Constants.EMPTY_STRING);
-        jsonObject.put("clientName", username);
-        jsonObject.put("grantType", Constants.GRANT_TYPE);
+        jsonObject.put("clientName", clientName);
+        jsonObject.put("grantType", grantType);
         jsonObject.put("owner", username);
         jsonObject.put("saasApp", true);
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.extension.rest.api/src/main/java/io/entgra/device/mgt/core/apimgt/extension/rest/api/constants/Constants.java

@@ -27,10 +27,8 @@ public final class Constants {
     public static final String AMPERSAND = "&";
     public static final String SLASH = "/";
     public static final String EQUAL = "=";
-    public static final String CLIENT_NAME = "rest_api_publisher_code";
     public static final String SERVER_USER = "WorkflowConfigurations.ServerUser";
     public static final String SERVER_PASSWORD = "WorkflowConfigurations.ServerPassword";
-    public static final String GRANT_TYPE = "client_credentials password refresh_token";
     public static final String REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME = "refresh_token";
     public static final String OAUTH_EXPIRES_IN = "expires_in";
     public static final String OAUTH_TOKEN_SCOPE = "scope";

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/src/main/java/io/entgra/device/mgt/core/apimgt/keymgt/extension/service/KeyMgtServiceImpl.java

@@ -344,7 +344,7 @@ public class KeyMgtServiceImpl implements KeyMgtService {
             Response response = client.newCall(request).execute();
             return gson.fromJson(response.body().string(), OAuthApplication.class);
         } catch (IOException e) {
-            msg = "Error occurred while processing the response";
+            msg = "Error occurred while processing the response" + e;
             throw new KeyMgtException(msg);
         }
     }

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java

@@ -90,7 +90,10 @@ public class APIPublisherServiceImpl implements APIPublisherService {
         APIApplicationKey apiApplicationKey;
         AccessTokenInfo accessTokenInfo;
         try {
-            apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
+            apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
+                    "ClientForPublisherRestCalls",
+                    "client_credentials password refresh_token"
+            );
             accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
                     apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
         } catch (APIServicesException e) {
@@ -403,7 +406,10 @@ public class APIPublisherServiceImpl implements APIPublisherService {
         APIApplicationKey apiApplicationKey;
         AccessTokenInfo accessTokenInfo;
         try {
-            apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
+            apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials(
+                    "ClientForPublisherRestCalls",
+                    "client_credentials password refresh_token"
+            );
             accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
                     apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
         } catch (APIServicesException e) {

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java

@@ -23,6 +23,11 @@ import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProvi
 import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderServiceImpl;
 import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey;
 import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException;
+import io.entgra.device.mgt.core.apimgt.application.extension.internal.APIApplicationManagerExtensionDataHolder;
+import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices;
+import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServicesImpl;
+import io.entgra.device.mgt.core.apimgt.extension.rest.api.dto.APIApplicationKey;
+import io.entgra.device.mgt.core.apimgt.extension.rest.api.exceptions.APIServicesException;
 import io.entgra.device.mgt.core.apimgt.keymgt.extension.DCRResponse;
 import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenRequest;
 import io.entgra.device.mgt.core.apimgt.keymgt.extension.TokenResponse;
@@ -804,11 +809,11 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             //todo - lasantha - can't get password from here
             ApiApplicationKey apiApplicationKey;
             try {
-                DCRResponse adminDCRResponse = keyMgtService.dynamicClientRegistration(applicationName,
-                        PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm()
-                                .getRealmConfiguration().getAdminUserName(),
-                        "client_credentials", null, new String[] {"device_management"}, false, validityTime, PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm()
-                                .getRealmConfiguration().getAdminPassword());
+                APIApplicationServices apiApplicationServices = DeviceMgtAPIUtils.getApiApplicationServices();
+                APIApplicationKey adminDCRResponse = apiApplicationServices.createAndRetrieveApplicationCredentials(
+                        "ClientForJWTTokenGeneration",
+                        "client_credentials password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer"
+                );
 
                 PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
                 JWTClientManagerService jwtClientManagerService = (JWTClientManagerService) ctx.
@@ -816,11 +821,14 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
                 JWTClient jwtClient = jwtClientManagerService.getJWTClient();
                 AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(adminDCRResponse.getClientId(),
                         adminDCRResponse.getClientSecret(),
-                        username, "appm:subscribe");
+                        username, "appm:subscribe apim:admin apim:api_key apim:app_import_export apim:app_manage" +
+                                " apim:store_settings apim:sub_alert_manage apim:sub_manage apim:subscribe openid perm:device:enroll " +
+                                "perm:devices:details perm:devices:features perm:devices:search perm:devices:view perm:groups:groups " +
+                                "perm:users:send-invitation");
 
                 APIManagementProviderService apiManagementProviderService = DeviceMgtAPIUtils.getAPIManagementService();
                 apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(applicationName,
-                        new String[] {"device_management"}, null, false, String.valueOf(validityTime),
+                        new String[] {"device_management"}, "PRODUCTION", false, String.valueOf(validityTime),
                         accessTokenInfo.getAccessToken());
 
             } catch (JWTClientException e) {
@@ -828,8 +836,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
                 log.error(msg, e);
                 return Response.serverError().entity(
                         new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-            } catch (UserStoreException e) {
-                String msg = "Error while getting user credentials.";
+            } catch (APIServicesException e) {
+                String msg = "Error while generating api Application";
                 log.error(msg, e);
                 return Response.serverError().entity(
                         new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/util/DeviceMgtAPIUtils.java

@@ -19,6 +19,7 @@
 package io.entgra.device.mgt.core.device.mgt.api.jaxrs.util;
 
 import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderService;
+import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices;
 import io.entgra.device.mgt.core.apimgt.extension.rest.api.ConsumerRESTAPIServices;
 import io.entgra.device.mgt.core.application.mgt.common.services.ApplicationManager;
 import io.entgra.device.mgt.core.application.mgt.common.services.SubscriptionManager;
@@ -156,6 +157,7 @@ public class DeviceMgtAPIUtils {
 
     private static volatile SubscriptionManager subscriptionManager;
     private static volatile ApplicationManager applicationManager;
+    private static volatile APIApplicationServices apiApplicationServices;
     private static volatile ConsumerRESTAPIServices consumerRESTAPIServices;
     private static volatile APIManagementProviderService apiManagementProviderService;
 
@@ -410,6 +412,25 @@ public class DeviceMgtAPIUtils {
         return consumerRESTAPIServices;
     }
 
+    /**
+     * Initializing and accessing method for APIM API application REST API.
+     *
+     * @return APIApplicationServices instance
+     * @throws IllegalStateException if APIApplicationServices cannot be initialized
+     */
+    public static synchronized APIApplicationServices getApiApplicationServices() {
+        if (apiApplicationServices == null) {
+            PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            apiApplicationServices = (APIApplicationServices) ctx.getOSGiService(APIApplicationServices.class, null);
+            if (apiApplicationServices == null) {
+                String msg = "API application service has not initialized.";
+                log.error(msg);
+                throw new IllegalStateException(msg);
+            }
+        }
+        return apiApplicationServices;
+    }
+
     /**
      * Initializing and accessing method for API management Provider Service.
      *

components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/src/main/java/io/entgra/device/mgt/core/identity/jwt/client/extension/JWTClient.java

@@ -138,7 +138,9 @@ public class JWTClient {
 			if (jwtConfig == null) {
 				return null;
 			}
-			URL tokenEndpoint = new URL(jwtConfig.getTokenEndpoint());
+//			todo:
+//			URL tokenEndpoint = new URL(jwtConfig.getTokenEndpoint());
+			URL tokenEndpoint = new URL("https://localhost:9443/oauth2/token");
 			HttpClient httpClient = JWTClientUtil.getHttpClient(tokenEndpoint.getProtocol());
 			HttpPost postMethod = new HttpPost(tokenEndpoint.toString());
 			postMethod.setEntity(new UrlEncodedFormEntity(nameValuePairs));