diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java index 2541577698..9ccbecda3d 100644 --- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java +++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/impl/DeviceManagementConfigServiceImpl.java @@ -24,7 +24,6 @@ import com.fasterxml.jackson.databind.ObjectMapper; import io.entgra.carbon.device.mgt.config.jaxrs.beans.ErrorResponse; import io.entgra.carbon.device.mgt.config.jaxrs.service.DeviceManagementConfigService; import io.entgra.carbon.device.mgt.config.jaxrs.util.DeviceMgtAPIUtils; -import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.base.MultitenantConstants; @@ -36,7 +35,6 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.AmbiguousConfiguratio import org.wso2.carbon.device.mgt.common.configuration.mgt.DeviceConfiguration; import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException; import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException; -import org.wso2.carbon.device.mgt.common.general.OneTimeTokenDetails; import org.wso2.carbon.device.mgt.common.general.TenantDetail; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService; @@ -50,8 +48,6 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo; import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException; -import org.wso2.carbon.stratos.common.beans.TenantInfoBean; -import org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService; import org.wso2.carbon.user.api.Tenant; import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.core.service.RealmService; @@ -68,9 +64,6 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.io.IOException; import java.util.ArrayList; -import java.util.Calendar; -import java.util.Date; -import java.util.GregorianCalendar; import java.util.List; import java.util.Map; @@ -277,87 +270,6 @@ public class DeviceManagementConfigServiceImpl implements DeviceManagementConfig return tenantDetail; } - /** - * This API will add a tenant to the system and can be called by the super tenant only. - * @return Returns the - */ - @Path("/tenant") - @POST - @Produces(MediaType.APPLICATION_JSON) - public Response addTenant(@HeaderParam("one-time-token") String token) { - - TenantMgtAdminService tenantMgtAdminService = null; - OneTimeTokenDetails tenantWrapper = null; - - // Request validation - String errorMsg = null; - Response.Status errorStatus = Response.Status.BAD_REQUEST; - if (StringUtils.isEmpty(token)) { - errorMsg = "Authentication failure when creating tenant"; - } else { - tenantWrapper = new OneTimeTokenDetails(); //TODO: Call one time token validation API - if (tenantWrapper == null) { - errorMsg = "One time token is not present in the database"; - } else { - try { - tenantMgtAdminService = new TenantMgtAdminService(); - if (tenantMgtAdminService == null) { - errorMsg = "Request can only be made by super admin"; - errorStatus = Response.Status.INTERNAL_SERVER_ERROR; - } else { - TenantInfoBean[] tenant = tenantMgtAdminService.retrievePartialSearchTenants(tenantWrapper.getDomain()); - if (!PrivilegedCarbonContext.getThreadLocalCarbonContext() - .getTenantDomain().equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { - errorMsg = "Request can only be made by super admin"; - } else if (tenant != null && tenant.length > 0) { - for (TenantInfoBean tenantInfoBean : tenant) { - if (tenantInfoBean.getTenantDomain().equals(tenantWrapper.getDomain())) { - errorMsg = "Tenant domain is already in use"; - break; - } - } - } - } - - } catch (Exception e) { // Carbon multi-tenancy is throwing generic exceptions. - errorMsg = "Could not create tenant domain " + tenantWrapper.getDomain(); - errorStatus = Response.Status.INTERNAL_SERVER_ERROR; - } - } - } - - if (errorMsg != null) { - log.error(errorMsg); - return Response.status(errorStatus).entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build() - ).build(); - } - - try { - TenantInfoBean tenantInfoBean = new TenantInfoBean(); - tenantInfoBean.setActive(true); - tenantInfoBean.setAdminPassword(tenantWrapper.getPassword()); - tenantInfoBean.setAdmin(tenantWrapper.getAdminName()); - tenantInfoBean.setFirstname(tenantWrapper.getAdminFirstName()); - tenantInfoBean.setLastname(tenantWrapper.getAdminLastName()); - tenantInfoBean.setEmail(tenantWrapper.getEmail()); - Calendar calendar = new GregorianCalendar(); - calendar.setTime(new Date()); - tenantInfoBean.setCreatedDate(calendar); - tenantInfoBean.setTenantDomain(tenantWrapper.getDomain()); - - String response = tenantMgtAdminService.addTenant(tenantInfoBean); - return Response.status(Response.Status.OK).entity(response).build(); - - } catch (Exception e) { // The underlying API is throwing a generic exception. - String msg = "Error while adding tenant"; - log.error(msg, e); - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } - - } - @POST @Path("/permissions") @Produces({MediaType.APPLICATION_JSON}) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index a133ffd4ec..d68ba8fc09 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -1221,50 +1221,4 @@ public interface UserManagementService { response = ErrorResponse.class) }) Response getPermissionsOfUser(); - - @POST - @Path("/one-time-pin") - @ApiOperation( - produces = MediaType.APPLICATION_JSON, - httpMethod = "GET", - value = "Getting the permission details of the current user", - notes = "A user may granted more than one permission in IoTS. Using this REST API " - + "you can get the permission/permission the current user has granted. ", - tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "perm:user:permission-view") - }) - } - ) - @ApiResponses(value = { - @ApiResponse( - code = 200, - message = "OK. \n Successfully fetched the list of permissions the user " - + "has granted.", - response = PermissionList.class, - responseHeaders = { - @ResponseHeader( - name = "Content-Type", - description = "The content type of the body"), - @ResponseHeader( - name = "ETag", - description = "Entity Tag of the response resource.\n" + - "Used by caches, or in conditional requests."), - @ResponseHeader( - name = "Last-Modified", - description = "Date and time the resource was last modified.\n" + - "Used by caches, or in conditional requests."), - }), - @ApiResponse( - code = 404, - message = "Not Found. \n The specified resource does not exist.\n", - response = ErrorResponse.class), - @ApiResponse( - code = 500, - message = "Internal Server Error. \n Server error occurred while fetching the " - + "list of roles assigned to the specified user.", - response = ErrorResponse.class) - }) - Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java index 8b9dbe6e65..ec28453188 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java @@ -1118,53 +1118,6 @@ public class UserManagementServiceImpl implements UserManagementService { } } - /** - * Method used to send an invitation email to a existing user to enroll a device. - * - * @param otpMailWrapper Username list of the users to be invited - */ - @POST - @Path("/one-time-pin") - @Produces({MediaType.APPLICATION_JSON}) - public Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper) { - if (log.isDebugEnabled()) { - log.debug("Sending enrollment invitation mail to existing user."); - } - DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService(); - OTPManagementService oms = DeviceMgtAPIUtils.getOTPManagementService(); - try { - String otpToken = oms.createOTPToken(otpMailWrapper); - Properties props = new Properties(); - props.setProperty("first-name", otpMailWrapper.getFirstName()); - props.setProperty("otp-token", otpToken); - - EmailMetaInfo metaInfo = new EmailMetaInfo(otpMailWrapper.getEmail(), props); - dms.sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, - metaInfo); - } catch (DeviceManagementException e) { - String msg = "Error occurred while inviting user to enrol their device"; - if (e.getMessage() != null && !e.getMessage().isEmpty()) { - msg = e.getMessage(); - } - log.error(msg, e); - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } catch (ConfigurationManagementException e) { - String msg = "Error occurred while sending the email invitations. Mail server not configured."; - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } catch (OTPManagementException e) { - String msg = "Error occurred while generating and storing the OTP data"; - log.error(msg, e); - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (org.wso2.carbon.device.mgt.common.exceptions.BadRequestException e) { - String msg = "Bad Request : Found invalid request payload to create OTP toke."; - log.error(msg, e); - return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); - } - return Response.status(Response.Status.OK).entity("Invitation mails have been sent.").build(); - } - private Map buildDefaultUserClaims(String firstName, String lastName, String emailAddress, boolean isFresh) { Map defaultUserClaims = new HashMap<>(); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java index fa5eeaf2c7..91161ced0d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java @@ -142,7 +142,6 @@ public class DeviceMgtAPIUtils { private static IntegrationClientService integrationClientService; private static MetadataManagementService metadataManagementService; - private static volatile OTPManagementService otpManagementService; static { String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password"); @@ -461,29 +460,6 @@ public class DeviceMgtAPIUtils { return metadataManagementService; } - /** - * Initializing and accessing method for OTPManagementService. - * - * @return OTPManagementService instance - * @throws IllegalStateException if OTPManagementService cannot be initialized - */ - public static OTPManagementService getOTPManagementService() { - if (otpManagementService == null) { - synchronized (DeviceMgtAPIUtils.class) { - if (otpManagementService == null) { - PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); - otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null); - if (otpManagementService == null) { - String msg = "OTP Management service not initialized."; - log.error(msg); - throw new IllegalStateException(msg); - } - } - } - } - return otpManagementService; - } - /** * Method for initializing ReportManagementService * @return ReportManagementServie Instance diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml index d24eeb72b3..fffbfbdb24 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml @@ -48,8 +48,7 @@ nonSecuredEndPoints - /api/device-mgt/v1.0/users/validate, - /api/device-mgt/v1.0/users/one-time-pin + /api/device-mgt/v1.0/users/validate diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index d2c8bb4dec..24cbfecefb 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -93,7 +93,7 @@ org.apache.axis2.transport.http, org.wso2.carbon.certificate.mgt.core.*, org.wso2.carbon.device.mgt.core.permission.mgt, - org.wso2.carbon.device.mgt.common, + org.wso2.carbon.device.mgt.common.*, org.wso2.carbon.device.mgt.common.permission.mgt, org.apache.axis2, org.apache.axis2.client, diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java index d150f6ee3f..41f43eea9d 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java @@ -42,11 +42,11 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) { - OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() - .getOtpManagementService(); AuthenticationInfo authenticationInfo = new AuthenticationInfo(); try { + OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() + .getOtpManagementService(); if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) { authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setTenantId(-1); @@ -55,8 +55,10 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { authenticationInfo.setMessage("Invalid OTP token."); } } catch (Exception e) { + String msg = "OTP Token Validation Failed."; + log.error(msg, e); authenticationInfo.setStatus(Status.FAILURE); - authenticationInfo.setMessage("CToken Validation Failed."); + authenticationInfo.setMessage(msg); } return authenticationInfo; } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index ef71b78718..49eff0503b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -26,7 +26,6 @@ import org.osgi.service.component.ComponentContext; import org.wso2.carbon.certificate.mgt.core.scep.SCEPManager; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.device.mgt.common.spi.OTPManagementService; -import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService; import org.wso2.carbon.registry.core.service.TenantRegistryLoader; import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader; @@ -82,7 +81,7 @@ import java.util.Properties; * cardinality="1..1" policy="dynamic" * bind="setTenantRegistryLoader" * unbind="unsetTenantRegistryLoader" - * @scr.reference name="org.wso2.carbon.otp.manager" + * @scr.reference name="org.wso2.carbon.device.manager" * interface="org.wso2.carbon.device.mgt.common.spi.OTPManagementService" * cardinality="1..1" * policy="dynamic" diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml index 5099328df7..93830ca169 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml @@ -24,5 +24,9 @@ CertificateAuth org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator + + OTPAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator + diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml index 4b727a28c2..cd376469ef 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml @@ -29,7 +29,11 @@ CertificateAuth - org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator + org.wso2.carbon.webapp.authenticator.framework.authenticator.gitCertificateAuthenticator + + + OTPAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator BST