Fixing https://github.com/wso2/product-iots/issues/1356.

components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java

@@ -25,14 +25,32 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
 
 public class IntegrationClientServiceImpl implements IntegrationClientService {
 
-    private static StoreClient storeClient;
-    private static PublisherClient publisherClient;
+    private static IntegrationClientServiceImpl instance;
+    private StoreClient storeClient;
+    private PublisherClient publisherClient;
+    private OAuthRequestInterceptor oAuthRequestInterceptor;
 
-    public IntegrationClientServiceImpl() {
-        RequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor();
+    private IntegrationClientServiceImpl() {
+        oAuthRequestInterceptor = new OAuthRequestInterceptor();
         storeClient = new StoreClient(oAuthRequestInterceptor);
         publisherClient = new PublisherClient(oAuthRequestInterceptor);
     }
+
+    public static IntegrationClientServiceImpl getInstance() {
+        if (instance == null) {
+            synchronized (IntegrationClientService.class) {
+                if (instance == null) {
+                    instance = new IntegrationClientServiceImpl();
+                }
+            }
+        }
+        return instance;
+    }
+
+    public void resetUserInfo(String userName, String tenantDomain) {
+        oAuthRequestInterceptor.removeToken(userName, tenantDomain);
+    }
+
     @Override
     public StoreClient getStoreClient() {
         return storeClient;

components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java

@@ -40,6 +40,7 @@ import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientExceptio
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
 
 /**
  * This is a request interceptor to add oauth token header.
@@ -55,7 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
     private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000;
     private DCRClient dcrClient;
     private static OAuthApplication oAuthApplication;
-    private static Map<String, AccessTokenInfo> tenantUserTokenMap = new HashMap<>();
+    private static Map<String, AccessTokenInfo> tenantUserTokenMap = new ConcurrentHashMap<>();
     private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class);
 
     /**
@@ -97,8 +98,8 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
                 JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService()
                         .getJWTClient();
                 tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(),
-                                                                      oAuthApplication.getClientSecret(), username,
-                                                                      REQUIRED_SCOPE);
+                        oAuthApplication.getClientSecret(), username,
+                        REQUIRED_SCOPE);
                 tenantBasedAccessTokenInfo.setExpiresIn(
                         System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000));
                 if (tenantBasedAccessTokenInfo.getScopes() == null) {
@@ -119,4 +120,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
         }
     }
 
+    public void removeToken(String username, String tenantDomain) {
+        if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
+            username = username + "@" + tenantDomain;
+        }
+        tenantUserTokenMap.remove(username);
+    }
+
 }

components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java

@@ -49,7 +49,7 @@ public class APIIntegrationClientServiceComponent {
             /* Initializing webapp publisher configuration */
             APIMConfigReader.init();
             BundleContext bundleContext = componentContext.getBundleContext();
-            bundleContext.registerService(IntegrationClientService.class.getName(), new IntegrationClientServiceImpl(), null);
+            bundleContext.registerService(IntegrationClientService.class.getName(), IntegrationClientServiceImpl.getInstance(), null);
 
             if (log.isDebugEnabled()) {
                 log.debug("apimgt client bundle has been successfully initialized");

components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java

@@ -26,6 +26,9 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
  */
 public interface IntegrationClientService {
 
+
+    void resetUserInfo(String username, String tenantDomain);
+
     /**
      *
      * @return API Store Client.

components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml

@@ -177,6 +177,11 @@
 			<artifactId>org.wso2.carbon.device.mgt.extensions</artifactId>
 			<scope>provided</scope>
 		</dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.devicemgt</groupId>
+            <artifactId>org.wso2.carbon.apimgt.integration.client</artifactId>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.wso2.carbon.devicemgt</groupId>
             <artifactId>org.wso2.carbon.device.mgt.core</artifactId>

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java

@@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.util;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
 import org.wso2.carbon.device.mgt.jaxrs.beans.OldPasswordResetWrapper;
 import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
@@ -53,7 +54,7 @@ public class CredentialManagementResponseBuilder {
             RequestValidationUtil.validateCredentials(credentials);
             if (!validateCredential(credentials.getNewPassword())) {
                 String errorMsg = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration()
-                                                   .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG);
+                        .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG);
                 return Response.status(Response.Status.BAD_REQUEST).entity(
                         new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build();
             }
@@ -63,6 +64,8 @@ public class CredentialManagementResponseBuilder {
             username = CarbonContext.getThreadLocalCarbonContext().getUsername();
             userStoreManager.updateCredential(username, credentials.getNewPassword(),
                     credentials.getOldPassword());
+            DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username,
+                    PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
             return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
                     username + " was successfully changed.").build();
         } catch (UserStoreException e) {
@@ -105,6 +108,8 @@ public class CredentialManagementResponseBuilder {
                         new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build();
             }
             userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword());
+            DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username,
+                    PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
             return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
                     username + " was successfully changed.").build();
         } catch (UserStoreException e) {

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java

@@ -29,6 +29,7 @@ import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.analytics.stream.persistence.stub.EventStreamPersistenceAdminServiceStub;
+import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
 import org.wso2.carbon.base.ServerConfiguration;
 import org.wso2.carbon.analytics.api.AnalyticsDataAPI;
 import org.wso2.carbon.context.CarbonContext;
@@ -128,6 +129,8 @@ public class DeviceMgtAPIUtils {
     private static KeyStore trustStore;
     private static char[] keyStorePassword;
 
+    private static IntegrationClientService integrationClientService;
+
     static {
         String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
         String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty(
@@ -297,6 +300,23 @@ public class DeviceMgtAPIUtils {
         return realmService;
     }
 
+    public static IntegrationClientService getIntegrationClientService() {
+        if (integrationClientService == null) {
+            synchronized (DeviceMgtAPIUtils.class) {
+                if (integrationClientService == null) {
+                    PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                    integrationClientService = (IntegrationClientService) ctx.getOSGiService(IntegrationClientService.class, null);
+                    if (integrationClientService == null) {
+                        String msg = "IntegrationClientService is not initialized";
+                        log.error(msg);
+                        throw new IllegalStateException(msg);
+                    }
+                }
+            }
+        }
+        return integrationClientService;
+    }
+
     public static RegistryService getRegistryService() {
         RegistryService registryService;
         PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
@@ -459,7 +479,7 @@ public class DeviceMgtAPIUtils {
             return realmService.getTenantManager().getTenantId(tenantDomain);
         } catch (UserStoreException e) {
             throw new DeviceManagementException("Error occured while trying to " +
-                "obtain tenant id of currently logged in user");
+                    "obtain tenant id of currently logged in user");
         }
     }
 
@@ -513,8 +533,8 @@ public class DeviceMgtAPIUtils {
         streamOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
         streamOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
                 , new Protocol(DEFAULT_HTTP_PROTOCOL
-                , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
-                , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
+                        , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
+                        , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
         eventStreamAdminServiceStub._getServiceClient().setOptions(streamOptions);
         return eventStreamAdminServiceStub;
     }
@@ -544,8 +564,8 @@ public class DeviceMgtAPIUtils {
         eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
         eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
                 , new Protocol(DEFAULT_HTTP_PROTOCOL
-                , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
-                , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
+                        , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
+                        , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
 
         receiverAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
         return receiverAdminServiceStub;
@@ -576,8 +596,8 @@ public class DeviceMgtAPIUtils {
         eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
         eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
                 , new Protocol(DEFAULT_HTTP_PROTOCOL
-                , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
-                , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
+                        , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
+                        , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
         eventPublisherAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
         return eventPublisherAdminServiceStub;
     }
@@ -608,8 +628,8 @@ public class DeviceMgtAPIUtils {
         eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
         eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
                 , new Protocol(DEFAULT_HTTP_PROTOCOL
-                , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
-                , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
+                        , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
+                        , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
 
         eventStreamPersistenceAdminServiceStub._getServiceClient().setOptions(eventReciverOptions);
         return eventStreamPersistenceAdminServiceStub;
@@ -617,6 +637,7 @@ public class DeviceMgtAPIUtils {
 
     /**
      * This method is used to create the Cache that holds the event definition of the device type..
+     *
      * @return Cachemanager
      */
     public static synchronized Cache<String, EventAttributeList> getDynamicEventCache() {
@@ -669,7 +690,7 @@ public class DeviceMgtAPIUtils {
      * Initializes the SSL Context
      */
     private static void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
-                                                   KeyStoreException, KeyManagementException {
+            KeyStoreException, KeyManagementException {
         KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
         keyManagerFactory.init(keyStore, keyStorePassword);
         TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);