Merge pull request #180 from ayyoob/das-ext

few changes in real time analytics

modules/distribution/src/assembly/bin.xml

@@ -1213,7 +1213,7 @@
         </file>
         <file>
             <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/websocket-validation.properties
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/websocket-validation.xml
             </source>
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
             <filtered>true</filtered>
@@ -1246,6 +1246,15 @@
             <fileMode>644</fileMode>
         </file>
         <!-- Copying remote-appmanager-config.xml -->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/device-mgt-scopes.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+        <!-- Copying devi-appmanager-config.xml -->
         <file>
             <source>
                 ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/remote-appmanager-config.xml

modules/distribution/src/repository/conf/api-manager.xml

@@ -356,11 +356,6 @@
             <Scope>device_scope</Scope>
         </ScopeWhitelist>
 
-        <!-- This hold the prefix of device scopes. If a device specific token needs to be issues then token
-        needs to be sent with the prefix of Device Scope with the format of
-        DeviceScope/DeviceType/DeviceId -->
-        <DeviceScope>cdmf</DeviceScope>
-
     </APIKeyValidator>
 
     <!--

modules/distribution/src/repository/conf/identity/identity.xml

@@ -130,7 +130,7 @@
             </SupportedGrantType>
             <SupportedGrantType>
                 <GrantTypeName>password</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedPasswordGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.apimgt.keymgt.handlers.ExtendedPasswordGrantHandler</GrantTypeHandlerImplClass>
             </SupportedGrantType>
             <SupportedGrantType>
                 <GrantTypeName>refresh_token</GrantTypeName>
@@ -150,8 +150,13 @@
             </SupportedGrantType>
             <SupportedGrantType>
                 <GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedJWTBearerGrantHandler</GrantTypeHandlerImplClass>
-                <GrantTypeValidatorImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTGrantValidator</GrantTypeValidatorImplClass>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtJWTBearerGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDeviceJWTGrantValidator</GrantTypeValidatorImplClass>
+            </SupportedGrantType>
+            <SupportedGrantType>
+                <GrantTypeName>device-mgt:password</GrantTypeName>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtPasswordGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDevicePasswordGrantValidator</GrantTypeValidatorImplClass>
             </SupportedGrantType>
         </SupportedGrantTypes>
         <OAuthCallbackHandlers>

modules/iot-extensions/components/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java

@@ -40,9 +40,10 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
     private static final String CONNECTION_PERMISSION = "/permission/admin/device-mgt/user";
     private static final String ADMIN_PERMISSION = "/permission/admin/device-mgt/admin";
     private static final String SCOPE_IDENTIFIER = "scope";
-    private static final String CDMF_SCOPE_PREFIX = "cdmf";
-    private static final String CDMF_SCOPE_SEPERATOR = "/";
     private static final String UI_EXECUTE = "ui.execute";
+    private static final String MQTT_PUBLISHER_SCOPE_IDENTIFIER = "mqtt-publisher";
+    private static final String MQTT_SUBSCRIBER_SCOPE_IDENTIFIER = "mqtt-subscriber";
+    private static final String DEVICE_MGT_SCOPE_IDENTIFIER = "device-mgt";
 
     /**
      * {@inheritDoc} Authorize the user against carbon device mgt model.
@@ -61,18 +62,21 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
         if (!tenantIdFromTopic.equals(authorizationSubject.getTenantDomain())) {
             return false;
         }
-        String deviceTypeFromTopic = topics[1];
-        String deviceIdFromTopic = topics[2];
-        List<String> scopes = (List<String>) authorizationSubject.getProperties().get(SCOPE_IDENTIFIER);
-        if (scopes != null) {
+        String deviceType = topics[1];
+        String deviceId = topics[2];
+        Object scopeObject = authorizationSubject.getProperties().get(SCOPE_IDENTIFIER);
+
+        if (!deviceId.isEmpty() && !deviceType.isEmpty() && scopeObject != null) {
+            List<String> scopes = (List<String>) scopeObject;
+            String permissionScope = MQTT_PUBLISHER_SCOPE_IDENTIFIER;
+            if (permissionLevel == MQTTAuthoriztionPermissionLevel.SUBSCRIBE) {
+                permissionScope = MQTT_SUBSCRIBER_SCOPE_IDENTIFIER;
+            }
+            String requiredScope = DEVICE_MGT_SCOPE_IDENTIFIER + ":" + deviceType + ":" + deviceId + ":"
+                    + permissionScope;
             for (String scope : scopes) {
-                if (scope.startsWith(CDMF_SCOPE_PREFIX)) {
-                    String deviceId[] = scope.split(CDMF_SCOPE_SEPERATOR);
-                    if (deviceId.length == 3) {
-                        if (deviceIdFromTopic.equals(deviceId[2]) && deviceTypeFromTopic.equals(deviceId[1])) {
-                            return true;
-                        }
-                    }
+                if (requiredScope.equals(scope)) {
+                    return true;
                 }
             }
         }

modules/samples/connectedcup/component/analytics/src/main/resources/carbonapps/connected_cup/connected_cup_publisher/connected_cup_publisher.xml

@@ -20,6 +20,6 @@
 <eventPublisher name="connected_cup_publisher" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.connectedcup" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>
 

modules/samples/connectedlap/component/analytics/src/main/resources/carbonapps/ConnectedLap/EventPublisher_ConnectedLap_1.0.0/EventPublisher_ConnectedLap.xml

@@ -20,6 +20,6 @@
 <eventPublisher name="EventPublisher_ConnectedLap" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.connectedlap" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>
 

modules/samples/droneanalyzer/component/analytics/src/main/resources/carbonapps/droneStats/Eventpublisher_droneStats_1.0.0/EventPublisher_droneStats.xml

@@ -20,6 +20,6 @@
 <eventPublisher name="EventPublisher_droneStats" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.devices.droneStats" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>
 

modules/samples/firealarm/component/analytics/src/main/resources/carbonapps/firealarm/firealarm_publisher/firealarm_publisher.xml

@@ -20,5 +20,5 @@
 <eventPublisher name="firealarm_publisher" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.firealarm" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>

modules/samples/firealarm/component/analytics/src/main/resources/carbonapps/temperature_sensor/temperature_publisher/temperature_publisher.xml

@@ -20,5 +20,5 @@
 <eventPublisher name="temperature_publisher" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.devices.temperature" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>

modules/tools/cdmf-devicetype-archetype/src/main/resources/archetype-resources/component/analytics/src/main/resources/carbonapps/__nameOfTheSensor__/Eventpublisher___nameOfTheSensor___1.0.0/EventPublisher___nameOfTheSensor__.xml

@@ -20,6 +20,6 @@
 <eventPublisher name="EventPublisher_${nameOfTheSensor}" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
     <from streamName="org.wso2.iot.devices.${nameOfTheSensor}" version="1.0.0"/>
     <mapping customMapping="disable" type="wso2event"/>
-    <to eventAdapterType="iot-ui"/>
+    <to eventAdapterType="secured-ui"/>
 </eventPublisher>