|
|
|
@ -23,16 +23,15 @@ var util = function () {
|
|
|
|
|
var String = Packages.java.lang.String;
|
|
|
|
|
var devicemgtProps = require('/app/conf/devicemgt-props.js').config();
|
|
|
|
|
var carbon = require('carbon');
|
|
|
|
|
var realmService = carbon.server.osgiService('org.wso2.carbon.user.core.service.RealmService');
|
|
|
|
|
var adminUserName = realmService.getBootstrapRealmConfiguration().getAdminUserName();
|
|
|
|
|
var constants = require("/app/modules/constants.js");
|
|
|
|
|
var adminUser = devicemgtProps["adminUser"];
|
|
|
|
|
|
|
|
|
|
module.getDyanmicCredentials = function (owner) {
|
|
|
|
|
var payload = {
|
|
|
|
|
"callbackUrl": devicemgtProps.callBackUrl,
|
|
|
|
|
"clientName": "devicemgt",
|
|
|
|
|
"tokenScope": "admin",
|
|
|
|
|
"owner": adminUserName,
|
|
|
|
|
"owner": adminUser,
|
|
|
|
|
"applicationType": "webapp",
|
|
|
|
|
"grantType": "password refresh_token urn:ietf:params:oauth:grant-type:saml2-bearer",
|
|
|
|
|
"saasApp" :true
|
|
|
|
@ -47,6 +46,7 @@ var util = function () {
|
|
|
|
|
var data = parse(xhr.responseText);
|
|
|
|
|
clientData.clientId = data.client_id;
|
|
|
|
|
clientData.clientSecret = data.client_secret;
|
|
|
|
|
|
|
|
|
|
} else if (xhr.status == 400) {
|
|
|
|
|
throw "Invalid client meta data";
|
|
|
|
|
} else {
|
|
|
|
@ -79,7 +79,7 @@ var util = function () {
|
|
|
|
|
*/
|
|
|
|
|
module.getTokenWithPasswordGrantType = function (username, password, encodedClientKeys, scope) {
|
|
|
|
|
var xhr = new XMLHttpRequest();
|
|
|
|
|
var tokenEndpoint = devicemgtProps.idPServer + "/oauth2/token";
|
|
|
|
|
var tokenEndpoint = devicemgtProps.idPServer + "/token";
|
|
|
|
|
xhr.open("POST", tokenEndpoint, false);
|
|
|
|
|
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
|
|
|
|
|
xhr.setRequestHeader("Authorization", "Basic " + encodedClientKeys);
|
|
|
|
@ -137,6 +137,7 @@ var util = function () {
|
|
|
|
|
}
|
|
|
|
|
return tokenPair;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.refreshToken = function (tokenPair, clientData, scope) {
|
|
|
|
|
var xhr = new XMLHttpRequest();
|
|
|
|
|
var tokenEndpoint = devicemgtProps.idPServer + "/oauth2/token";
|
|
|
|
@ -163,5 +164,62 @@ var util = function () {
|
|
|
|
|
}
|
|
|
|
|
return tokenPair;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.getTokenWithJWTGrantType = function (clientData) {
|
|
|
|
|
var jwtService = carbon.server.osgiService('org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
|
|
|
|
|
var jwtClient = jwtService.getJWTClient();
|
|
|
|
|
var jwtToken = jwtClient.getAccessToken(clientData.clientId, clientData.clientSecret, adminUser, null);
|
|
|
|
|
return jwtToken;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.getTenantBasedAppCredentials = function (uname, token) {
|
|
|
|
|
var tenantDomain = carbonModule.server.tenantDomain({
|
|
|
|
|
username: uname
|
|
|
|
|
});
|
|
|
|
|
var clientData = this.getCachedCredentials(tenantDomain);
|
|
|
|
|
if (!clientData) {
|
|
|
|
|
var applicationName = "webapp_" + tenantDomain;
|
|
|
|
|
var xhr = new XMLHttpRequest();
|
|
|
|
|
var endpoint = devicemgtProps["adminService"] + "/api-application-registration/register/tenants?tenantDomain=" +
|
|
|
|
|
tenantDomain + "&applicationName=" + applicationName;
|
|
|
|
|
xhr.open("POST", endpoint, false);
|
|
|
|
|
xhr.setRequestHeader("Content-Type", "application/json");
|
|
|
|
|
xhr.setRequestHeader("Authorization", "Bearer " + token.accessToken);
|
|
|
|
|
xhr.send();
|
|
|
|
|
|
|
|
|
|
if (xhr.status == 201) {
|
|
|
|
|
var data = parse(xhr.responseText);
|
|
|
|
|
clientData = {};
|
|
|
|
|
clientData.clientId = data.client_id;
|
|
|
|
|
clientData.clientSecret = data.client_secret;
|
|
|
|
|
this.setTenantBasedAppCredentials(tenantDomain, clientData);
|
|
|
|
|
} else if (xhr.status == 400) {
|
|
|
|
|
throw "Invalid client meta data";
|
|
|
|
|
} else {
|
|
|
|
|
throw "Error in obtaining client id and secret from APIM";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return clientData;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.setTenantBasedAppCredentials = function (tenantDomain, clientData) {
|
|
|
|
|
var cachedMap = application.get(constants.CACHED_CREDENTIALS);
|
|
|
|
|
if (!cachedMap) {
|
|
|
|
|
cachedMap = new Object();
|
|
|
|
|
cachedMap[tenantDomain] = clientData;
|
|
|
|
|
application.put(constants.CACHED_CREDENTIALS, cachedMap);
|
|
|
|
|
} else {
|
|
|
|
|
cachedMap[tenantDomain] = clientData;
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.getCachedCredentials = function(tenantDomain) {
|
|
|
|
|
var cachedMap = application.get(constants.CACHED_CREDENTIALS);
|
|
|
|
|
if (cachedMap) {
|
|
|
|
|
return cachedMap[tenantDomain];
|
|
|
|
|
}
|
|
|
|
|
return null;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return module;
|
|
|
|
|
}();
|
|
|
|
|