Migrate from legacy FCM APIs to HTTP v1

issue-10462/secure-pending-operation-6.2
Rajitha Kumara 5 months ago committed by Pahansith
parent 5c73277c32
commit aafa824f08

@ -112,9 +112,45 @@
<artifactId>org.wso2.carbon.event.output.adapter.core</artifactId> <artifactId>org.wso2.carbon.event.output.adapter.core</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.google.auth</groupId> <groupId>org.wso2.orbit.com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.orbit.com.google.auth-library-oauth2-http</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId> <artifactId>google-auth-library-oauth2-http</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.orbit.io.opencensus</groupId>
<artifactId>opencensus</artifactId>
</dependency>
<dependency>
<groupId>io.opencensus</groupId>
<artifactId>opencensus-api</artifactId>
</dependency>
<dependency>
<groupId>io.opencensus</groupId>
<artifactId>opencensus-contrib-http-util</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.orbit.io.grpc</groupId>
<artifactId>grpc-context</artifactId>
</dependency>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-gson</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>failureaccess</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.utils</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>
@ -141,14 +177,27 @@
com.google.gson, com.google.gson,
org.osgi.framework.*;version="${imp.package.version.osgi.framework}", org.osgi.framework.*;version="${imp.package.version.osgi.framework}",
org.osgi.service.*;version="${imp.package.version.osgi.service}", org.osgi.service.*;version="${imp.package.version.osgi.service}",
org.wso2.carbon.utils.*,
io.entgra.device.mgt.core.device.mgt.common.operation.mgt, io.entgra.device.mgt.core.device.mgt.common.operation.mgt,
io.entgra.device.mgt.core.device.mgt.common.push.notification, io.entgra.device.mgt.core.device.mgt.common.push.notification,
org.apache.commons.logging, org.apache.commons.logging,
io.entgra.device.mgt.core.device.mgt.common.*, io.entgra.device.mgt.core.device.mgt.common.*,
io.entgra.device.mgt.core.device.mgt.core.service, io.entgra.device.mgt.core.device.mgt.core.service,
io.entgra.device.mgt.core.device.mgt.core.config.*,
io.entgra.device.mgt.core.device.mgt.core.config.push.notification.*,
io.entgra.device.mgt.core.device.mgt.extensions.logger.spi, io.entgra.device.mgt.core.device.mgt.extensions.logger.spi,
io.entgra.device.mgt.core.notification.logger.* io.entgra.device.mgt.core.notification.logger.*,
com.google.auth.oauth2.*
</Import-Package> </Import-Package>
<Embed-Dependency>
google-auth-library-oauth2-http;scope=compile|runtime,
google-http-client;scope=compile|runtime,
grpc-context;scope=compile|runtime,
guava;scope=compile|runtime,
opencensus;scope=compile|runtime,
failureaccess;scope=compile|runtime
</Embed-Dependency>
<Embed-Transitive>true</Embed-Transitive>
</instructions> </instructions>
</configuration> </configuration>
</plugin> </plugin>

@ -32,7 +32,9 @@ public class FCMBasedPushNotificationProvider implements PushNotificationProvide
@Override @Override
public NotificationStrategy getNotificationStrategy(PushNotificationConfig config) { public NotificationStrategy getNotificationStrategy(PushNotificationConfig config) {
return new FCMNotificationStrategy(config); FCMNotificationStrategy fcmNotificationStrategy = new FCMNotificationStrategy(config);
fcmNotificationStrategy.init();
return fcmNotificationStrategy;
} }
} }

@ -18,13 +18,10 @@
package io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm; package io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm;
import com.google.auth.oauth2.GoogleCredentials; import com.google.auth.oauth2.GoogleCredentials;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject; import com.google.gson.JsonObject;
import com.google.gson.JsonPrimitive; import io.entgra.device.mgt.core.device.mgt.core.config.DeviceConfigurationManager;
import com.hazelcast.aws.utility.Environment; import io.entgra.device.mgt.core.device.mgt.core.config.push.notification.ContextMetadata;
import io.entgra.device.mgt.core.device.mgt.core.operation.mgt.OperationManagerImpl; import io.entgra.device.mgt.core.device.mgt.core.config.push.notification.PushNotificationConfiguration;
import io.entgra.device.mgt.core.device.mgt.extensions.logger.spi.EntgraLogger;
import io.entgra.device.mgt.core.notification.logger.impl.EntgraDeviceConnectivityLoggerImpl;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import io.entgra.device.mgt.core.device.mgt.common.Device; import io.entgra.device.mgt.core.device.mgt.common.Device;
@ -34,28 +31,34 @@ import io.entgra.device.mgt.core.device.mgt.common.push.notification.Notificatio
import io.entgra.device.mgt.core.device.mgt.common.push.notification.PushNotificationConfig; import io.entgra.device.mgt.core.device.mgt.common.push.notification.PushNotificationConfig;
import io.entgra.device.mgt.core.device.mgt.common.push.notification.PushNotificationExecutionFailedException; import io.entgra.device.mgt.core.device.mgt.common.push.notification.PushNotificationExecutionFailedException;
import io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm.internal.FCMDataHolder; import io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm.internal.FCMDataHolder;
import org.wso2.carbon.utils.CarbonUtils;
import java.io.*; import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.URL; import java.net.URL;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.Paths; import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Properties;
public class FCMNotificationStrategy implements NotificationStrategy { public class FCMNotificationStrategy implements NotificationStrategy {
private static final Log log = LogFactory.getLog(FCMNotificationStrategy.class); private static final Log log = LogFactory.getLog(FCMNotificationStrategy.class);
private static final String NOTIFIER_TYPE_FCM = "FCM"; private static final String NOTIFIER_TYPE_FCM = "FCM";
private static final String FCM_TOKEN = "FCM_TOKEN"; private static final String FCM_TOKEN = "FCM_TOKEN";
private static final String FCM_ENDPOINT = "https://fcm.googleapis.com/v1/projects/myproject-b5ae1/messages:send";
private static final String FCM_API_KEY = "fcmAPIKey"; private static final String FCM_API_KEY = "fcmAPIKey";
private static final int TIME_TO_LIVE = 2419199; // 1 second less that 28 days private static final int TIME_TO_LIVE = 2419199; // 1 second less than 28 days
private static final int HTTP_STATUS_CODE_OK = 200; private static final int HTTP_STATUS_CODE_OK = 200;
private final PushNotificationConfig config; private final PushNotificationConfig config;
private static final String FCM_SERVICE_ACCOUNT_PATH = CarbonUtils.getCarbonHome() + File.separator +
"repository" + File.separator + "resources" + File.separator + "service-account.json";
private static final String[] FCM_SCOPES = { "https://www.googleapis.com/auth/firebase.messaging" };
private static final String FCM_ENDPOINT_KEY = "FCM_SERVER_ENDPOINT";
private Properties contextMetadataProperties;
private volatile GoogleCredentials defaultApplication;
public FCMNotificationStrategy(PushNotificationConfig config) { public FCMNotificationStrategy(PushNotificationConfig config) {
this.config = config; this.config = config;
@ -63,18 +66,20 @@ public class FCMNotificationStrategy implements NotificationStrategy {
@Override @Override
public void init() { public void init() {
initContextConfigs();
initDefaultOAuthApplication();
} }
@Override @Override
public void execute(NotificationContext ctx) throws PushNotificationExecutionFailedException { public void execute(NotificationContext ctx) throws PushNotificationExecutionFailedException {
String token = getFcmOauthToken();
try { try {
if (NOTIFIER_TYPE_FCM.equals(config.getType())) { if (NOTIFIER_TYPE_FCM.equals(config.getType())) {
Device device = FCMDataHolder.getInstance().getDeviceManagementProviderService() Device device = FCMDataHolder.getInstance().getDeviceManagementProviderService()
.getDeviceWithTypeProperties(ctx.getDeviceId()); .getDeviceWithTypeProperties(ctx.getDeviceId());
if(device.getProperties() != null && getFCMToken(device.getProperties()) != null) { if(device.getProperties() != null && getFCMToken(device.getProperties()) != null) {
this.sendWakeUpCall(ctx.getOperation().getCode(), device, token); defaultApplication.refresh();
sendWakeUpCall(defaultApplication.getAccessToken().getTokenValue(),
getFCMToken(device.getProperties()));
} }
} else { } else {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
@ -89,51 +94,65 @@ public class FCMNotificationStrategy implements NotificationStrategy {
} }
} }
private String getFcmOauthToken() { private void initDefaultOAuthApplication() {
GoogleCredentials googleCredentials = null; if (defaultApplication == null) {
synchronized (FCMNotificationStrategy.class) {
if (defaultApplication == null) {
Path serviceAccountPath = Paths.get(FCM_SERVICE_ACCOUNT_PATH);
try { try {
googleCredentials = GoogleCredentials this.defaultApplication = GoogleCredentials.
.fromStream(new FileInputStream("/etc/service-account.json")) fromStream(Files.newInputStream(serviceAccountPath)).
.createScoped(Arrays.asList("https://www.googleapis.com/auth/firebase.messaging")); createScoped(FCM_SCOPES);
googleCredentials.refresh();
if (null != googleCredentials) {
writeLog("========= Google Credentials created " + googleCredentials.getAccessToken());
} else {
writeLog("========= Google Credentials is null");
}
return googleCredentials.getAccessToken().getTokenValue();
} catch (IOException e) { } catch (IOException e) {
log.error("Error occurred while getting the FCM OAuth token.", e); log.error("Fail to initialize default OAuth application for FCM communication");
throw new RuntimeException(e); throw new IllegalStateException(e);
}
}
} }
} }
@Override
public NotificationContext buildContext() {
return null;
} }
@Override private void initContextConfigs() {
public void undeploy() { PushNotificationConfiguration pushNotificationConfiguration = DeviceConfigurationManager.getInstance().
getDeviceManagementConfig().getPushNotificationConfiguration();
List<ContextMetadata> contextMetadata = pushNotificationConfiguration.getContextMetadata();
Properties properties = new Properties();
if (contextMetadata != null) {
for (ContextMetadata metadata : contextMetadata) {
properties.setProperty(metadata.getKey(), metadata.getValue());
}
}
contextMetadataProperties = properties;
} }
private void sendWakeUpCall(String message, Device device, String token) throws IOException, private void sendWakeUpCall(String accessToken, String registrationId) throws IOException,
PushNotificationExecutionFailedException { PushNotificationExecutionFailedException {
if (device.getProperties() != null) {
writeLog("===== Calling senWakeupCall " + device);
OutputStream os = null; OutputStream os = null;
byte[] bytes = getFCMRequest(message, getFCMToken(device.getProperties())).getBytes();
HttpURLConnection conn = null; HttpURLConnection conn = null;
String fcmServerEndpoint = contextMetadataProperties.getProperty(FCM_ENDPOINT_KEY);
if(fcmServerEndpoint == null) {
String msg = "Encountered configuration issue. " + FCM_ENDPOINT_KEY + " is not defined";
log.error(msg);
throw new PushNotificationExecutionFailedException(msg);
}
try { try {
conn = (HttpURLConnection) new URL(FCM_ENDPOINT).openConnection(); byte[] bytes = getFCMRequest(registrationId).getBytes();
URL url = new URL(fcmServerEndpoint);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Content-Type", "application/json"); conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", "Bearer " + token); conn.setRequestProperty("Authorization", "Bearer " + accessToken);
conn.setRequestMethod("POST"); conn.setRequestMethod("POST");
conn.setDoOutput(true); conn.setDoOutput(true);
os = conn.getOutputStream(); os = conn.getOutputStream();
os.write(bytes); os.write(bytes);
int status = conn.getResponseCode();
if (status != 200) {
log.error("Response Status: " + status + ", Response Message: " + conn.getResponseMessage());
}
} finally { } finally {
if (os != null) { if (os != null) {
os.close(); os.close();
@ -142,47 +161,26 @@ public class FCMNotificationStrategy implements NotificationStrategy {
conn.disconnect(); conn.disconnect();
} }
} }
int status = conn.getResponseCode();
if (log.isDebugEnabled()) {
log.debug("Result code: " + status + ", Message: " + conn.getResponseMessage());
}
if (status != HTTP_STATUS_CODE_OK) {
throw new PushNotificationExecutionFailedException("Push notification sending failed with the HTTP " +
"error code '" + status + "'");
}
}
} }
private static String getFCMRequest(String message, String registrationId) { private static String getFCMRequest(String registrationId) {
JsonObject fcmRequest = new JsonObject();
JsonObject messageObject = new JsonObject(); JsonObject messageObject = new JsonObject();
messageObject.addProperty("token", registrationId); messageObject.addProperty("token", registrationId);
JsonObject notification = new JsonObject();
notification.addProperty("title", "FCM Message");
notification.addProperty("body", message);
messageObject.add("notification", notification);
fcmRequest.add("message", messageObject);
JsonObject fcmRequest = new JsonObject();
fcmRequest.add("message", messageObject);
/*fcmRequest.addProperty("delay_while_idle", false); return fcmRequest.toString();
fcmRequest.addProperty("time_to_live", TIME_TO_LIVE);
fcmRequest.addProperty("priority", "high");
//Add message to FCM request
JsonObject data = new JsonObject();
if (message != null && !message.isEmpty()) {
data.addProperty("data", message);
fcmRequest.add("data", data);
} }
//Set device reg-id @Override
JsonArray regIds = new JsonArray(); public NotificationContext buildContext() {
regIds.add(new JsonPrimitive(registrationId)); return null;
}
fcmRequest.add("registration_ids", regIds);*/ @Override
public void undeploy() {
writeLog("========= FCM Request " + fcmRequest);
return fcmRequest.toString();
} }
private static String getFCMToken(List<Device.Property> properties) { private static String getFCMToken(List<Device.Property> properties) {
@ -196,21 +194,8 @@ public class FCMNotificationStrategy implements NotificationStrategy {
return fcmToken; return fcmToken;
} }
private static void writeLog(String message) {
try (FileWriter fw = new FileWriter("/opt/entgra/migration/entgra-uem-ultimate-6.0.3.0/log.txt", true);
BufferedWriter bw = new BufferedWriter(fw)) {
bw.write(message);
bw.newLine();
bw.flush();
} catch (IOException e) {
e.printStackTrace();
}
}
@Override @Override
public PushNotificationConfig getConfig() { public PushNotificationConfig getConfig() {
return config; return config;
} }
} }

@ -0,0 +1,30 @@
package io.entgra.device.mgt.core.device.mgt.core.config.push.notification;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlValue;
@XmlRootElement(name = "ContextMetadata")
public class ContextMetadata {
private String key;
private String value;
@XmlAttribute(name = "key")
public String getKey() {
return key;
}
public void setKey(String key) {
this.key = key;
}
@XmlValue
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
}

@ -33,6 +33,7 @@ public class PushNotificationConfiguration {
private int schedulerTaskInitialDelay; private int schedulerTaskInitialDelay;
private boolean schedulerTaskEnabled; private boolean schedulerTaskEnabled;
private List<String> pushNotificationProviders; private List<String> pushNotificationProviders;
private List<ContextMetadata> contextMetadata;
@XmlElement(name = "SchedulerBatchSize", required = true) @XmlElement(name = "SchedulerBatchSize", required = true)
public int getSchedulerBatchSize() { public int getSchedulerBatchSize() {
@ -79,4 +80,14 @@ public class PushNotificationConfiguration {
public void setPushNotificationProviders(List<String> pushNotificationProviders) { public void setPushNotificationProviders(List<String> pushNotificationProviders) {
this.pushNotificationProviders = pushNotificationProviders; this.pushNotificationProviders = pushNotificationProviders;
} }
@XmlElementWrapper(name = "ProviderContextMetadata")
@XmlElement(name = "ContextMetadata", required = true)
public List<ContextMetadata> getContextMetadata() {
return contextMetadata;
}
public void setContextMetadata(List<ContextMetadata> contextMetadata) {
this.contextMetadata = contextMetadata;
}
} }

@ -48,6 +48,11 @@
{% endfor %} {% endfor %}
{% endif %} {% endif %}
</PushNotificationProviders> </PushNotificationProviders>
{% if device_mgt_conf.push_notification_conf.fcm_server_endpoint is defined %}
<ProviderContextMetadata>
<ContextMetadata key="FCM_SERVER_ENDPOINT">{{device_mgt_conf.push_notification_conf.fcm_server_endpoint}}</ContextMetadata>
</ProviderContextMetadata>
{% endif %}
</PushNotificationConfiguration> </PushNotificationConfiguration>
<PullNotificationConfiguration> <PullNotificationConfiguration>
{% if device_mgt_conf.pull_notification_conf is defined %} {% if device_mgt_conf.pull_notification_conf is defined %}

@ -405,7 +405,11 @@
<version>${io.entgra.device.mgt.core.version}</version> <version>${io.entgra.device.mgt.core.version}</version>
</dependency> </dependency>
<!-- End of Conditional Email Access dependencies --> <!-- End of Conditional Email Access dependencies -->
<dependency>
<groupId>org.wso2.orbit.com.google.auth-library-oauth2-http</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
<version>1.20.0.wso2v1</version>
</dependency>
<!-- Governance dependencies --> <!-- Governance dependencies -->
<dependency> <dependency>
<groupId>org.wso2.carbon</groupId> <groupId>org.wso2.carbon</groupId>
@ -1921,6 +1925,46 @@
<artifactId>google-auth-library-oauth2-http</artifactId> <artifactId>google-auth-library-oauth2-http</artifactId>
<version>1.20.0</version> <version>1.20.0</version>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.orbit.com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
<version>${com.google.http.client.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.orbit.com.google.auth-library-oauth2-http</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
<version>${com.google.auth.library.auth2.http.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.orbit.io.opencensus</groupId>
<artifactId>opencensus</artifactId>
<version>${io.opencensus.version}</version>
</dependency>
<dependency>
<groupId>io.opencensus</groupId>
<artifactId>opencensus-api</artifactId>
<version>${io.opencensus.api.version}</version>
</dependency>
<dependency>
<groupId>io.opencensus</groupId>
<artifactId>opencensus-contrib-http-util</artifactId>
<version>${io.opencensus.contrib.http.util.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.orbit.io.grpc</groupId>
<artifactId>grpc-context</artifactId>
<version>${io.grpc.context.version}</version>
</dependency>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-gson</artifactId>
<version>${com.google.http.client.gson.version}</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>failureaccess</artifactId>
<version>${com.google.failureaccess.version}</version>
</dependency>
</dependencies> </dependencies>
</dependencyManagement> </dependencyManagement>
@ -2311,6 +2355,15 @@
<org.wso2.apache.httpcomponents.httpclient.version>4.3.1.wso2v1</org.wso2.apache.httpcomponents.httpclient.version> <org.wso2.apache.httpcomponents.httpclient.version>4.3.1.wso2v1</org.wso2.apache.httpcomponents.httpclient.version>
<orbit.h2.version>1.4.199.wso2v1</orbit.h2.version> <orbit.h2.version>1.4.199.wso2v1</orbit.h2.version>
<securevault.version>1.1.3</securevault.version> <securevault.version>1.1.3</securevault.version>
<com.google.auth.library.auth2.http.version>1.20.0.wso2v1</com.google.auth.library.auth2.http.version>
<com.google.http.client.version>1.41.2.wso2v2</com.google.http.client.version>
<com.google.failureaccess.version>1.0.1</com.google.failureaccess.version>
<com.google.http.client.gson.version>1.43.3</com.google.http.client.gson.version>
<io.grpc.context.version>1.27.2.wso2v1</io.grpc.context.version>
<io.opencensus.version>0.30.0.wso2v1</io.opencensus.version>
<io.opencensus.api.version>0.30.0</io.opencensus.api.version>
<io.opencensus.contrib.http.util.version>0.30.0</io.opencensus.contrib.http.util.version>
</properties> </properties>
<pluginRepositories> <pluginRepositories>

Loading…
Cancel
Save