|
|
@ -31,11 +31,17 @@ import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.utils.AuthConstants;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.utils.AuthConstants;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.utils.Utils;
|
|
|
|
import org.wso2.carbon.apimgt.handlers.utils.Utils;
|
|
|
|
|
|
|
|
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
|
|
|
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
|
|
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import javax.security.cert.CertificateEncodingException;
|
|
|
|
|
|
|
|
import java.io.ByteArrayInputStream;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.net.URI;
|
|
|
|
import java.net.URI;
|
|
|
|
import java.net.URISyntaxException;
|
|
|
|
import java.net.URISyntaxException;
|
|
|
|
|
|
|
|
import java.security.cert.CertificateException;
|
|
|
|
|
|
|
|
import java.security.cert.CertificateFactory;
|
|
|
|
|
|
|
|
import java.security.cert.X509Certificate;
|
|
|
|
import java.util.HashMap;
|
|
|
|
import java.util.HashMap;
|
|
|
|
import java.util.Map;
|
|
|
|
import java.util.Map;
|
|
|
|
import java.util.StringTokenizer;
|
|
|
|
import java.util.StringTokenizer;
|
|
|
@ -140,6 +146,18 @@ public class AuthenticationHandler extends AbstractHandler {
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
log.debug("Verify response:" + response.getContent());
|
|
|
|
log.debug("Verify response:" + response.getContent());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
} else if (headers.containsKey(AuthConstants.MUTUAL_AUTH_HEADER)) {
|
|
|
|
|
|
|
|
javax.security.cert.X509Certificate[] certs =
|
|
|
|
|
|
|
|
(javax.security.cert.X509Certificate[])axisMC.getProperty(AuthConstants.CLIENT_CERTIFICATE);
|
|
|
|
|
|
|
|
CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
|
|
|
|
|
|
|
ByteArrayInputStream bais = new ByteArrayInputStream(certs[0].getEncoded());
|
|
|
|
|
|
|
|
X509Certificate x509 = (X509Certificate) cf.generateCertificate(bais);
|
|
|
|
|
|
|
|
if (x509 != null ) {
|
|
|
|
|
|
|
|
headers.put(AuthConstants.PROXY_MUTUAL_AUTH_HEADER, CertificateGenerator.getCommonName(x509));
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
}else {
|
|
|
|
|
|
|
|
response = null;
|
|
|
|
|
|
|
|
}
|
|
|
|
} else if (headers.containsKey(AuthConstants.ENCODED_PEM)) {
|
|
|
|
} else if (headers.containsKey(AuthConstants.ENCODED_PEM)) {
|
|
|
|
String encodedPem = headers.get(AuthConstants.ENCODED_PEM).toString();
|
|
|
|
String encodedPem = headers.get(AuthConstants.ENCODED_PEM).toString();
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
@ -178,6 +196,12 @@ public class AuthenticationHandler extends AbstractHandler {
|
|
|
|
} catch (APIMCertificateMGTException e) {
|
|
|
|
} catch (APIMCertificateMGTException e) {
|
|
|
|
log.error("Error while processing certificate.", e);
|
|
|
|
log.error("Error while processing certificate.", e);
|
|
|
|
return false;
|
|
|
|
return false;
|
|
|
|
|
|
|
|
} catch (CertificateException e) {
|
|
|
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
} catch (CertificateEncodingException e) {
|
|
|
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -191,7 +215,7 @@ public class AuthenticationHandler extends AbstractHandler {
|
|
|
|
private String getDeviceType(String url) {
|
|
|
|
private String getDeviceType(String url) {
|
|
|
|
StringTokenizer parts = new StringTokenizer(url, "/");
|
|
|
|
StringTokenizer parts = new StringTokenizer(url, "/");
|
|
|
|
while (parts.hasMoreElements()) {
|
|
|
|
while (parts.hasMoreElements()) {
|
|
|
|
if (parts.nextElement().equals("api")) {
|
|
|
|
if (parts.nextElement().equals("device-mgt")) {
|
|
|
|
return (String) parts.nextElement();
|
|
|
|
return (String) parts.nextElement();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -205,4 +229,4 @@ public class AuthenticationHandler extends AbstractHandler {
|
|
|
|
map.put(CONTENT_TYPE, "application/json");
|
|
|
|
map.put(CONTENT_TYPE, "application/json");
|
|
|
|
return map;
|
|
|
|
return map;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|