Fix no validation or error when uploading same app/apk

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/DefaultOauth2TokenHandler.java

@@ -22,6 +22,9 @@ import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.JsonNodeFactory;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerUtil;
@@ -98,7 +101,7 @@ public class DefaultOauth2TokenHandler extends HttpServlet {
                     HandlerUtil.handleError(resp, tokenResultResponse);
                     return;
                 }
-                JsonNode tokenResult = tokenResultResponse.getData();
+                String tokenResult = tokenResultResponse.getData();
                 if (tokenResult == null) {
                     log.error("Invalid default token response is received.");
                     HandlerUtil.handleError(resp, tokenResultResponse);
@@ -108,11 +111,14 @@ public class DefaultOauth2TokenHandler extends HttpServlet {
                 AuthData newDefaultAuthData = new AuthData();
                 newDefaultAuthData.setClientId(clientId);
                 newDefaultAuthData.setClientSecret(clientSecret);
+                JsonParser jsonParser = new JsonParser();
+                JsonElement jTokenResult = jsonParser.parse(tokenResult);
+                JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
 
-                String defaultToken = tokenResult.get("accessToken").asText();
+                String defaultToken = jTokenResultAsJsonObject.get("accessToken").getAsString();
                 newDefaultAuthData.setAccessToken(defaultToken);
-                newDefaultAuthData.setRefreshToken(tokenResult.get("refreshToken").asText());
-                newDefaultAuthData.setScope(tokenResult.get("scopes"));
+                newDefaultAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refreshToken").getAsString());
+                newDefaultAuthData.setScope(jTokenResultAsJsonObject.get("scopes").getAsString());
                 httpSession.setAttribute(HandlerConstants.SESSION_DEFAULT_AUTH_DATA_KEY, newDefaultAuthData);
 
                 HandlerUtil.handleSuccess(resp, constructSuccessProxyResponse(defaultToken));
@@ -159,7 +165,7 @@ public class DefaultOauth2TokenHandler extends HttpServlet {
         ProxyResponse proxyResponse = new ProxyResponse();
         proxyResponse.setCode(HttpStatus.SC_OK);
         proxyResponse.setStatus(ProxyResponse.Status.SUCCESS);
-        proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class));
+        proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class).textValue());
         return proxyResponse;
     }
 }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/DefaultTokenHandler.java

@@ -126,7 +126,7 @@ public class DefaultTokenHandler extends HttpServlet {
         ProxyResponse proxyResponse = new ProxyResponse();
         proxyResponse.setCode(HttpStatus.SC_OK);
         proxyResponse.setStatus(ProxyResponse.Status.SUCCESS);
-        proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class));
+        proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class).textValue());
         return proxyResponse;
     }
 }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/HubspotHandler.java

@@ -19,6 +19,7 @@
 package io.entgra.device.mgt.core.ui.request.interceptor;
 
 import com.fasterxml.jackson.databind.JsonNode;
+import com.google.gson.JsonObject;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerUtil;
 import org.apache.commons.logging.Log;
@@ -50,7 +51,7 @@ public class HubspotHandler extends HttpServlet {
     private HttpSession httpSession;
     private static String hubspotEndpoint;
     private static String chatConfig;
-    private JsonNode uiConfigJsonObject;
+    private JsonObject uiConfigJsonObject;
     private static String gatewayUrl;
     private static String iotsCoreUrl;
 
@@ -132,7 +133,7 @@ public class HubspotHandler extends HttpServlet {
                 + HandlerConstants.COLON + HandlerUtil.getCorePort(req.getScheme());
         String uiConfigUrl = iotsCoreUrl + HandlerConstants.UI_CONFIG_ENDPOINT;
         uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp);
-        chatConfig = uiConfigJsonObject.get("hubspotChat").get("accessToken").textValue();
+        chatConfig = uiConfigJsonObject.get("hubspotChat").getAsJsonObject().get("accessToken").getAsString();
         hubspotEndpoint = HandlerConstants.HTTPS_PROTOCOL + HandlerConstants.SCHEME_SEPARATOR + HandlerConstants.HUBSPOT_CHAT_URL;
         return true;
     }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/JITEnrollmentCallbackHandler.java

@@ -285,7 +285,7 @@ public class JITEnrollmentCallbackHandler extends HttpServlet {
         authData.setClientId(clientId);
         authData.setClientSecret(clientSecret);
         authData.setEncodedClientApp(encodedClientCredentials);
-        authData.setScope(token.get("scope"));
+        authData.setScope(token.get("scope").asText());
         session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData);
     }
 }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java

@@ -18,9 +18,7 @@
 
 package io.entgra.device.mgt.core.ui.request.interceptor;
 
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.node.ArrayNode;
-import com.google.gson.JsonSyntaxException;
+import com.google.gson.*;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse;
 import io.entgra.device.mgt.core.ui.request.interceptor.cache.LoginCache;
@@ -82,10 +80,9 @@ public class LoginHandler extends HttpServlet {
             final String baseContextPath = req.getContextPath();
             final String applicationName = baseContextPath.substring(1, baseContextPath.indexOf("-ui-request-handler")) + "-login";
 
-            JsonNode uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession,
-                    resp);
-            ArrayNode tags = (ArrayNode) uiConfigJsonObject.get("appRegistration").get("tags");
-            ArrayNode scopes = (ArrayNode) uiConfigJsonObject.get("scopes");
+            JsonObject uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp);
+            JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray();
+            JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray();
             int sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut")));
 
             //setting session to expire in 1h
@@ -116,13 +113,16 @@ public class LoginHandler extends HttpServlet {
                 }
 
                 if (clientAppResponse.getCode() == HttpStatus.SC_CREATED) {
-                    JsonNode jsonNode = clientAppResponse.getData();
+                    String  jsonNode = clientAppResponse.getData();
                     String clientId = null;
                     String clientSecret = null;
                     String encodedClientApp = null;
                     if (jsonNode != null) {
-                        clientId = jsonNode.get("client_id").textValue();
-                        clientSecret = jsonNode.get("client_secret").textValue();
+                        JsonParser jsonParser = new JsonParser();
+                        JsonElement jTokenResult = jsonParser.parse(jsonNode);
+                        JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
+                        clientId = jTokenResultAsJsonObject.get("client_id").getAsString();
+                        clientSecret = jTokenResultAsJsonObject.get("client_secret").getAsString();
                         encodedClientApp = Base64.getEncoder()
                                 .encodeToString((clientId + HandlerConstants.COLON + clientSecret).getBytes());
                         oAuthApp = new OAuthApp(
@@ -174,7 +174,7 @@ public class LoginHandler extends HttpServlet {
      */
     private boolean getTokenAndPersistInSession(HttpServletRequest req, HttpServletResponse resp,
                                                 String clientId, String clientSecret, String encodedClientApp,
-                                                ArrayNode scopes) throws LoginException {
+                                                JsonArray scopes) throws LoginException {
         try {
 
             ProxyResponse tokenResultResponse = getTokenResult(encodedClientApp, scopes);
@@ -184,7 +184,7 @@ public class LoginHandler extends HttpServlet {
                 HandlerUtil.handleError(resp, tokenResultResponse);
                 return false;
             }
-            JsonNode tokenResult = tokenResultResponse.getData();
+            String tokenResult = tokenResultResponse.getData();
             if (tokenResult == null) {
                 log.error("Invalid token response is received.");
                 HandlerUtil.handleError(resp, tokenResultResponse);
@@ -195,13 +195,16 @@ public class LoginHandler extends HttpServlet {
             if (session == null) {
                 return false;
             }
+            JsonParser jsonParser = new JsonParser();
+            JsonElement jTokenResult = jsonParser.parse(tokenResult);
+            JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
             AuthData authData = new AuthData();
             authData.setClientId(clientId);
             authData.setClientSecret(clientSecret);
             authData.setEncodedClientApp(encodedClientApp);
-            authData.setAccessToken(tokenResult.get("access_token").textValue());
-            authData.setRefreshToken(tokenResult.get("refresh_token").textValue());
-            authData.setScope(tokenResult.get("scope"));
+            authData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString());
+            authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
+            authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
             session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData);
             return true;
         } catch (IOException e) {
@@ -240,7 +243,7 @@ public class LoginHandler extends HttpServlet {
      * @return Invoke token endpoint and return the response as string.
      * @throws IOException IO exception throws if an error occurred when invoking token endpoint
      */
-    private ProxyResponse getTokenResult(String encodedClientApp, JsonNode scopes) throws IOException {
+    private ProxyResponse getTokenResult(String encodedClientApp, JsonArray scopes) throws IOException {
         String scopeString = HandlerUtil.getScopeString(scopes);
         if (scopeString != null) {
             scopeString = scopeString.trim();

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/PermissionScopeHandler.java

@@ -18,14 +18,16 @@
 
 package io.entgra.device.mgt.core.ui.request.interceptor;
 
+import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.JsonNodeFactory;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerUtil;
 import org.apache.commons.lang.StringUtils;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
 
 import javax.servlet.annotation.MultipartConfig;
 import javax.servlet.annotation.WebServlet;
@@ -56,16 +58,17 @@ public class PermissionScopeHandler extends HttpServlet {
             return;
         }
 
-        if (!StringUtils.isEmpty(authData.getScope().toString())) {
+        if (!StringUtils.isEmpty(authData.getScope())) {
             ProxyResponse proxyResponse = new ProxyResponse();
-            JsonNode authDataScope = authData.getScope();
 
             ObjectMapper mapper = new ObjectMapper();
-            Map<String, String> nodeMap = new HashMap<>();
-            nodeMap.put(HandlerConstants.USER_SCOPES, authDataScope.asText().replace("\"", ""));
+            JsonNode node = JsonNodeFactory.instance.objectNode();
+            Map<String, Object> nodeMap = mapper.convertValue(node, new TypeReference<>() {
+            });
+            nodeMap.put(HandlerConstants.USER_SCOPES, authData.getScope());
             proxyResponse.setCode(HttpStatus.SC_OK);
             proxyResponse.setStatus(ProxyResponse.Status.SUCCESS);
-            proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class));
+            proxyResponse.setData(mapper.convertValue(nodeMap, JsonNode.class).textValue());
             HandlerUtil.handleSuccess(resp, proxyResponse);
             return;
         }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/SsoLoginCallbackHandler.java

@@ -19,6 +19,9 @@
 package io.entgra.device.mgt.core.ui.request.interceptor;
 
 import com.fasterxml.jackson.databind.JsonNode;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse;
 import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants;
@@ -87,16 +90,19 @@ public class SsoLoginCallbackHandler extends HttpServlet {
                 .build();
 
         ProxyResponse tokenResultResponse = HandlerUtil.execute(tokenEndpoint);
-        JsonNode jsonNode = tokenResultResponse.getData();
+        String jsonNode = tokenResultResponse.getData();
 
         if (jsonNode != null) {
+            JsonParser jsonParser = new JsonParser();
+            JsonElement jTokenResult = jsonParser.parse(jsonNode);
+            JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
             AuthData authData = new AuthData();
             authData.setClientId(session.getAttribute("clientId").toString());
             authData.setClientSecret(session.getAttribute("clientSecret").toString());
             authData.setEncodedClientApp(session.getAttribute("encodedClientApp").toString());
-            authData.setAccessToken(jsonNode.get("access_token").textValue());
-            authData.setRefreshToken(jsonNode.get("refresh_token").textValue());
-            authData.setScope(jsonNode.get("scope"));
+            authData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString());
+            authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
+            authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
             session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData);
             resp.sendRedirect(session.getAttribute("redirectUrl").toString());
         } else {

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/SsoLoginHandler.java

@@ -20,6 +20,10 @@ package io.entgra.device.mgt.core.ui.request.interceptor;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.ArrayNode;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse;
 import io.entgra.device.mgt.core.ui.request.interceptor.cache.LoginCache;
 import io.entgra.device.mgt.core.ui.request.interceptor.cache.OAuthApp;
@@ -64,7 +68,7 @@ public class SsoLoginHandler extends HttpServlet {
     private static String applicationName;
     private static String baseContextPath;
 
-    private JsonNode uiConfigJsonObject;
+    private JsonObject uiConfigJsonObject;
     private HttpSession httpSession;
     private LoginCache loginCache;
     private OAuthApp oAuthApp;
@@ -108,7 +112,7 @@ public class SsoLoginHandler extends HttpServlet {
 
             String clientId = oAuthApp.getClientId();
 
-            JsonNode scopeJsonNode = uiConfigJsonObject.get("scopes");
+            JsonArray scopeJsonNode = uiConfigJsonObject.get("scopes").getAsJsonArray();
             String scopesSsoString = HandlerUtil.getScopeString(scopeJsonNode);
             String loginCallbackUrl = iotSCoreUrl + baseContextPath + HandlerConstants.SSO_LOGIN_CALLBACK;
             persistAuthSessionData(req, oAuthApp.getClientId(), oAuthApp.getClientSecret(),
@@ -139,8 +143,8 @@ public class SsoLoginHandler extends HttpServlet {
      */
     private void dynamicClientRegistration(HttpServletRequest req, HttpServletResponse resp) throws LoginException {
         try {
-            ArrayNode tags = (ArrayNode) uiConfigJsonObject.get("appRegistration").get("tags");
-            JsonNode scopes = uiConfigJsonObject.get("scopes");
+            JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray();
+            JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray();
             sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut")));
             String callbackUrl = iotSCoreUrl + baseContextPath + HandlerConstants.SSO_LOGIN_CALLBACK;
 
@@ -160,11 +164,14 @@ public class SsoLoginHandler extends HttpServlet {
             if (clientAppResponse.getCode() == HttpStatus.SC_CREATED) {
                 String clientId = null;
                 String clientSecret = null;
-                JsonNode jsonNode = clientAppResponse.getData();
+                String jsonNode = clientAppResponse.getData();
 
                 if (jsonNode != null) {
-                    clientId = jsonNode.get("client_id").textValue();
-                    clientSecret = jsonNode.get("client_secret").textValue();
+                    JsonParser jsonParser = new JsonParser();
+                    JsonElement jTokenResult = jsonParser.parse(jsonNode);
+                    JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
+                    clientId = jTokenResultAsJsonObject.get("client_id").getAsString();
+                    clientSecret = jTokenResultAsJsonObject.get("client_secret").getAsString();
                     encodedClientApp = Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes());
                     String scopesString = HandlerUtil.getScopeString(scopes);
                     persistAuthSessionData(req, clientId, clientSecret, encodedClientApp, scopesString, state);

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/UserHandler.java

@@ -20,6 +20,9 @@ package io.entgra.device.mgt.core.ui.request.interceptor;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import com.google.gson.JsonSyntaxException;
 import io.entgra.device.mgt.core.device.mgt.core.config.DeviceConfigurationManager;
 import io.entgra.device.mgt.core.device.mgt.core.config.DeviceManagementConfig;
@@ -104,14 +107,16 @@ public class UserHandler extends HttpServlet {
                     return;
                 }
             }
-            JsonNode tokenData = tokenStatus.getData();
+            String tokenData = tokenStatus.getData();
             if (tokenData == null) {
                 log.error("Invalid token data is received.");
                 HandlerUtil.handleError(resp, tokenStatus);
                 return;
             }
-
-            if (!tokenData.get("active").asBoolean()) {
+            JsonParser jsonParser = new JsonParser();
+            JsonElement jTokenResult = jsonParser.parse(tokenData);
+            JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
+            if (!jTokenResultAsJsonObject.get("active").getAsBoolean()) {
                 HandlerUtil.sendUnAuthorizeResponse(resp);
                 return;
             }
@@ -120,11 +125,11 @@ public class UserHandler extends HttpServlet {
             proxyResponse.setCode(HttpStatus.SC_OK);
 
             ObjectMapper mapper = new ObjectMapper();
-            String data = tokenData.get("username").textValue().replaceAll("@carbon.super", "");
-            proxyResponse.setData(mapper.convertValue(data, JsonNode.class));
+            String data = jTokenResultAsJsonObject.get("username").getAsString().replaceAll("@carbon.super", "");
+            proxyResponse.setData(mapper.convertValue(data, JsonNode.class).textValue());
 
             HandlerUtil.handleSuccess(resp, proxyResponse);
-            httpSession.setAttribute(HandlerConstants.USERNAME_WITH_DOMAIN, tokenData.get("username").textValue());
+            httpSession.setAttribute(HandlerConstants.USERNAME_WITH_DOMAIN, jTokenResultAsJsonObject.get("username").getAsString());
             log.info(
                     "User " + proxyResponse.getData() + " logged in",
                     userLoginLogContextBuilder

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/beans/AuthData.java

@@ -31,7 +31,7 @@ public class AuthData implements java.io.Serializable {
     private String clientId;
     private String clientSecret;
     private String encodedClientApp;
-    private JsonNode scope;
+    private String scope;
 
     public String getAccessToken() {
         return accessToken;
@@ -81,11 +81,11 @@ public class AuthData implements java.io.Serializable {
         this.encodedClientApp = encodedClientApp;
     }
 
-    public JsonNode getScope() {
+    public String getScope() {
         return scope;
     }
 
-    public void setScope(JsonNode scope) {
+    public void setScope(String scope) {
         this.scope = scope;
     }
 }

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/beans/ProxyResponse.java

@@ -28,7 +28,7 @@ public class ProxyResponse {
     }
 
     private int code;
-    private JsonNode data;
+    private String data;
     private String executorResponse;
     private int status;
     private Header[] headers;
@@ -37,9 +37,9 @@ public class ProxyResponse {
 
     public void setCode(int code) { this.code = code; }
 
-    public JsonNode getData() { return data; }
+    public String getData() { return data; }
 
-    public void setData(JsonNode data) { this.data = data; }
+    public void setData(String data) { this.data = data; }
 
     public String getExecutorResponse() { return executorResponse; }
 

components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/util/HandlerUtil.java

@@ -20,16 +20,11 @@ package io.entgra.device.mgt.core.ui.request.interceptor.util;
 
 import com.fasterxml.jackson.core.JsonFactory;
 import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.JsonMappingException;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.node.ArrayNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
-import com.google.gson.Gson;
-import com.google.gson.JsonElement;
-import com.google.gson.JsonObject;
-import com.google.gson.JsonParser;
+import com.fasterxml.jackson.databind.node.TextNode;
+import com.google.gson.*;
 import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
 import io.entgra.device.mgt.core.ui.request.interceptor.cache.LoginCache;
 import org.apache.commons.fileupload.FileItem;
@@ -75,12 +70,7 @@ import java.security.KeyManagementException;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Base64;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 public class HandlerUtil {
 
@@ -122,7 +112,7 @@ public class HandlerUtil {
                 JsonNode responseData = getResponseDataAsJsonNode(responseEntity);
                 if (statusCode == HttpStatus.SC_OK || statusCode == HttpStatus.SC_CREATED) {
                     handlerResponse.setCode(statusCode);
-                    handlerResponse.setData(responseData);
+                    handlerResponse.setData(responseData.textValue());
                     handlerResponse.setStatus(ProxyResponse.Status.SUCCESS);
                     handlerResponse.setExecutorResponse("SUCCESS");
                     handlerResponse.setHeaders(response.getHeaders());
@@ -137,7 +127,7 @@ public class HandlerUtil {
                                 "Received " + statusCode + " response for http request : " + httpRequest.getMethod()
                                         + " " + httpRequest.getRequestUri() + ". Error message: " + responseData.textValue());
                         handlerResponse.setCode(statusCode);
-                        handlerResponse.setData(responseData);
+                        handlerResponse.setData(responseData.textValue());
                         handlerResponse.setStatus(ProxyResponse.Status.ERROR);
                         handlerResponse.setExecutorResponse(
                                 HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + getStatusKey(statusCode));
@@ -147,7 +137,7 @@ public class HandlerUtil {
                 log.error("Received " + statusCode + " response for http request : " + httpRequest.getMethod()
                         + " " + httpRequest.getRequestUri() + ". Error message: " + responseData.textValue());
                 handlerResponse.setCode(statusCode);
-                handlerResponse.setData(responseData);
+                handlerResponse.setData(new TextNode(responseData.toString()).textValue());
                 handlerResponse.setStatus(ProxyResponse.Status.ERROR);
                 handlerResponse
                         .setExecutorResponse(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + getStatusKey(statusCode));
@@ -276,13 +266,13 @@ public class HandlerUtil {
         resp.setStatus(proxyResponse.getCode());
         resp.setContentType(ContentType.APPLICATION_JSON.getMimeType());
         resp.setCharacterEncoding(Consts.UTF_8.name());
-        JsonNode responseData = proxyResponse.getData();
+        String responseData = proxyResponse.getData();
 
         if (!(responseData == null)) {
             ObjectMapper mapper = new ObjectMapper();
             Map<String, Object> newNodeMap = new HashMap<>();
             newNodeMap.put("data", responseData);
-            responseData = mapper.convertValue(newNodeMap, JsonNode.class);
+            responseData = mapper.convertValue(newNodeMap, JsonNode.class).textValue();
         }
 
         try (PrintWriter writer = resp.getWriter()) {
@@ -481,7 +471,7 @@ public class HandlerUtil {
      * @param supportedGrantTypes - supported grant types
      * @return {@link StringEntity} of the payload to create the client application
      */
-    public static StringEntity constructAppRegPayload(ArrayNode tags, String appName, String username, String password,
+    public static StringEntity constructAppRegPayload(JsonArray tags, String appName, String username, String password,
                                                       String callbackUrl, ArrayList<String> supportedGrantTypes) {
 
         ObjectMapper objectMapper = new ObjectMapper();
@@ -512,7 +502,7 @@ public class HandlerUtil {
      * @param resp - HttpServletResponse
      * @return {@link JsonNode} of UI configurations
      */
-    public static JsonNode getUIConfigAndPersistInSession(String uiConfigUrl, String gatewayUrl, HttpSession httpSession,
+    public static JsonObject getUIConfigAndPersistInSession(String uiConfigUrl, String gatewayUrl, HttpSession httpSession,
                                                             HttpServletResponse resp) throws IOException {
         HttpGet uiConfigEndpoint = new HttpGet(uiConfigUrl);
         ProxyResponse uiConfigResponse = HandlerUtil.execute(uiConfigEndpoint);
@@ -523,15 +513,25 @@ public class HandlerUtil {
             HandlerUtil.handleError(resp, uiConfigResponse);
         }
 
-        JsonNode responseData = uiConfigResponse.getData();
-        if (responseData == null) {
+        if (uiConfigResponse.getData() == null) {
             log.error("UI config retrieval is failed, and didn't find UI configuration for App manager.");
             HandlerUtil.handleError(resp, null);
-        } else {
-            httpSession.setAttribute(HandlerConstants.UI_CONFIG_KEY, responseData);
+        }
+        JsonParser jsonParser = new JsonParser();
+
+        JsonElement uiConfigJsonElement = jsonParser.parse(uiConfigResponse.getData());
+        JsonObject uiConfigJsonObject = null;
+        if (uiConfigJsonElement.isJsonObject()) {
+            uiConfigJsonObject = uiConfigJsonElement.getAsJsonObject();
+            if (uiConfigJsonObject == null) {
+                log.error(
+                        "Either UI config json element is not an json object or converting rom json element to json object is failed.");
+                HandlerUtil.handleError(resp, null);
+            }
+            httpSession.setAttribute(HandlerConstants.UI_CONFIG_KEY, uiConfigJsonObject);
             httpSession.setAttribute(HandlerConstants.PLATFORM, gatewayUrl);
         }
-        return responseData;
+        return uiConfigJsonObject;
     }
 
     /***
@@ -540,11 +540,12 @@ public class HandlerUtil {
      * @param scopes - scope Array and it is retrieved by reading UI config.
      * @return string value of the defined scopes
      */
-    public static String getScopeString(JsonNode scopes) {
-        if (scopes != null && scopes.isArray() && !scopes.isEmpty()) {
+    public static String getScopeString(JsonArray scopes) {
+        if (scopes != null && scopes.size() > 0) {
             StringBuilder builder = new StringBuilder();
-            for (JsonNode objNode : scopes) {
-                builder.append(objNode.asText()).append(" ");
+            for (JsonElement scope : scopes) {
+                String tmpScope = scope.getAsString() + " ";
+                builder.append(tmpScope);
             }
             return builder.toString();
         } else {
@@ -648,7 +649,7 @@ public class HandlerUtil {
             return tokenResultResponse;
         }
 
-        JsonNode tokenResponse = tokenResultResponse.getData();
+        String tokenResponse = tokenResultResponse.getData();
         if (tokenResponse != null) {
             setNewAuthData(constructAuthDataFromTokenResult(tokenResponse, authData), session);
             return tokenResultResponse;
@@ -694,11 +695,14 @@ public class HandlerUtil {
      * @param authData {@link AuthData} existing auth data values
      * @return new {@link AuthData} object
      */
-    public static AuthData constructAuthDataFromTokenResult(JsonNode tokenResult, AuthData authData) {
+    public static AuthData constructAuthDataFromTokenResult(String tokenResult, AuthData authData) {
         AuthData newAuthData = new AuthData();
-        newAuthData.setAccessToken(tokenResult.get("access_token").textValue());
-        newAuthData.setRefreshToken(tokenResult.get("refresh_token").textValue());
-        newAuthData.setScope(tokenResult.get("scope"));
+        JsonParser jsonParser = new JsonParser();
+        JsonElement jTokenResult = jsonParser.parse(tokenResult);
+        JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
+        newAuthData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString());
+        newAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
+        newAuthData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
         newAuthData.setClientId(authData.getClientId());
         newAuthData.setClientSecret(authData.getClientSecret());
         newAuthData.setEncodedClientApp(authData.getEncodedClientApp());