diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml
index 11b998998d..56d1b5b78b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml
@@ -286,6 +286,11 @@
org.wso2.carbon.application.mgt.stub
provided
+
+ org.wso2.carbon.devicemgt
+ org.wso2.carbon.identity.jwt.client.extension
+ provided
+
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java
index 66548fee52..0efa036da0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java
@@ -18,8 +18,6 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.impl.admin;
-import org.apache.axiom.om.OMElement;
-import org.apache.axiom.om.OMXMLBuilderFactory;
import org.apache.axis2.client.Options;
import org.apache.axis2.java.security.SSLProtocolSocketFactory;
import org.apache.axis2.transport.http.HTTPConstants;
@@ -36,6 +34,7 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.Utils;
import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceTypePublisherAdminService;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.ResourceImpl;
@@ -65,9 +64,14 @@ import java.util.List;
public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherAdminService {
/**
- * required soap header for mutualSSL
+ * required soap header for authorization
*/
- private static final String USER_NAME_HEADER = "UserName";
+ private static final String AUTHORIZATION_HEADER = "Authorization";
+
+ /**
+ * required soap header value for mutualSSL
+ */
+ private static final String AUTHORIZATION_HEADER_VALUE = "Bearer";
private static final String KEY_STORE_TYPE = "JKS";
/**
@@ -129,22 +133,16 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
//Call to load the TrustStore.
loadTrustStore(trustStoreLocation, trustStorePassword);
//Create the SSL context with the loaded TrustStore/keystore.
- initMutualSSLConnection();
-
- //Constructing the soap header that required for mutual SSL
- String strHeader =
- "'" + tenantAdminUser +
- "'";
+ initSSLConnection();
+ JWTClient jwtClient = DeviceMgtAPIUtils.getJWTClientManagerService().getJWTClient();
- InputStream is = new ByteArrayInputStream(strHeader.getBytes());
- OMElement header = OMXMLBuilderFactory.createOMBuilder(is).getDocumentElement();
+ String authValue = AUTHORIZATION_HEADER_VALUE + " " + new String(Base64.encodeBase64(
+ jwtClient.getJwtToken(tenantAdminUser).getBytes()));
List list = new ArrayList();
Header httpHeader = new Header();
- httpHeader.setName(USER_NAME_HEADER);
- byte[] encodedBytes = Base64.encodeBase64(tenantAdminUser.getBytes());
- httpHeader.setValue(new String(encodedBytes));
+ httpHeader.setName(AUTHORIZATION_HEADER);
+ httpHeader.setValue(authValue);
list.add(httpHeader);//"https"
File directory = new File(CAR_FILE_LOCATION + File.separator + type);
@@ -153,7 +151,6 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
if (uploadedFileItems.length > 0) {
CarbonAppUploaderStub carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(
IOT_MGT_URL));
- carbonAppUploaderStub._getServiceClient().addHeader(header);
Options appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
if (appUploaderOptions == null) {
appUploaderOptions = new Options();
@@ -168,7 +165,6 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
if (!DEVICE_MANAGEMENT_TYPE.equals(type.toLowerCase())) {
carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(DAS_URL));
- carbonAppUploaderStub._getServiceClient().addHeader(header);
appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
if (appUploaderOptions == null) {
appUploaderOptions = new Options();
@@ -297,7 +293,7 @@ public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherA
/**
* Initializes the SSL Context
*/
- private void initMutualSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
+ private void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
KeyStoreException, KeyManagementException {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
keyManagerFactory.init(keyStore, keyStorePassword);
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
index 2e562b03b3..87d055c34f 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
@@ -36,6 +36,7 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.InputValidationException;
+import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.policy.mgt.common.PolicyMonitoringTaskException;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import org.wso2.carbon.policy.mgt.core.task.TaskScheduleService;
@@ -168,6 +169,18 @@ public class DeviceMgtAPIUtils {
return registryService;
}
+ public static JWTClientManagerService getJWTClientManagerService() {
+ JWTClientManagerService jwtClientManagerService;
+ PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+ jwtClientManagerService = (JWTClientManagerService) ctx.getOSGiService(JWTClientManagerService.class, null);
+ if (jwtClientManagerService == null) {
+ String msg = "jwtClientManagerServicehas not initialized.";
+ log.error(msg);
+ throw new IllegalStateException(msg);
+ }
+ return jwtClientManagerService;
+ }
+
/**
* Getting the current tenant's user realm
*/
diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
index 20ff82c531..cbce86c405 100644
--- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
+++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
@@ -72,6 +72,10 @@ public class JWTClientUtil {
private static final String JWT_CONFIG_FILE_NAME = "jwt.properties";
private static final String SUPERTENANT_JWT_CONFIG_LOCATION =
CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + JWT_CONFIG_FILE_NAME;
+ /**
+ * This is added for the carbon authenticator.
+ */
+ public static final String SIGNED_JWT_AUTH_USERNAME = "Username";
/**
* Return a http client instance
@@ -226,10 +230,11 @@ public class JWTClientUtil {
claimsSet.setIssueTime(new Date(iat));
claimsSet.setExpirationTime(new Date(exp));
claimsSet.setIssuer(iss);
- claimsSet.setSubject(username);
- claimsSet.setNotBeforeTime(new Date(nbf));
+ claimsSet.setSubject(username);
+ claimsSet.setNotBeforeTime(new Date(nbf));
claimsSet.setJWTID(jti);
claimsSet.setAudience(aud);
+ claimsSet.setClaim(SIGNED_JWT_AUTH_USERNAME, username);
if (customClaims != null && !customClaims.isEmpty()) {
for (String key : customClaims.keySet()) {
claimsSet.setClaim(key, customClaims.get(key));