Merge pull request #308 from ayyoob/transport

changes in realtime analytics
revert-dabc3590
Ruwan 9 years ago committed by GitHub
commit 5356ee920c

@ -20,6 +20,6 @@
<eventPublisher name="android_sense_publisher" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
<from streamName="org.wso2.iot.android.sense" version="1.0.0"/>
<mapping customMapping="disable" type="wso2event"/>
<to eventAdapterType="iot-ui"/>
<to eventAdapterType="secured-ui"/>
</eventPublisher>

@ -20,6 +20,6 @@
<eventPublisher name="temperature_publisher" statistics="disable" trace="disable" xmlns="http://wso2.org/carbon/eventpublisher">
<from streamName="org.wso2.iot.devices.temperature" version="1.0.0"/>
<mapping customMapping="disable" type="wso2event"/>
<to eventAdapterType="iot-ui"/>
<to eventAdapterType="secured-ui"/>
</eventPublisher>

@ -55,21 +55,6 @@
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxrs</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents.wso2</groupId>
<artifactId>httpcore</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.orbit.org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.oauth.stub</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
<build>

@ -16,13 +16,14 @@
* under the License.
*/
import oauth.OAuthTokenValdiator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.AuthenticationInfo;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.Authenticator;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.Authorizer;
import util.ServiceHolder;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import util.AuthenticationInfo;
import javax.websocket.CloseReason;
import javax.websocket.OnClose;
@ -56,17 +57,23 @@ public class SuperTenantSubscriptionEndpoint extends SubscriptionEndpoint {
if (log.isDebugEnabled()) {
log.debug("WebSocket opened, for Session id: " + session.getId() + ", for the Stream:" + streamName);
}
AuthenticationInfo authenticationInfo = OAuthTokenValdiator.getInstance().validateToken(session);
//TODO Authorization
Authenticator authenticator = ServiceHolder.getWebsocketValidationService().getAuthenticator();
AuthenticationInfo authenticationInfo = authenticator.isAutenticated(session);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
Authorizer authorizer = ServiceHolder.getWebsocketValidationService().getAuthorizer();
boolean isAuthorized = authorizer.isAuthorized(authenticationInfo, session, streamName);
if (isAuthorized) {
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
MultitenantConstants.SUPER_TENANT_ID);
ServiceHolder.getInstance().getUiOutputCallbackControllerService().subscribeWebsocket(streamName,
version, session);
version,
session);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
} else {
try {
session.close(new CloseReason(CloseReason.CloseCodes.CANNOT_ACCEPT, "Unauthorized Access"));

@ -16,12 +16,13 @@
* under the License.
*/
import oauth.OAuthTokenValdiator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.AuthenticationInfo;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.Authenticator;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.Authorizer;
import util.ServiceHolder;
import util.AuthenticationInfo;
import javax.websocket.CloseReason;
import javax.websocket.OnClose;
@ -56,17 +57,22 @@ public class TenantSubscriptionEndpoint extends SubscriptionEndpoint {
if (log.isDebugEnabled()) {
log.debug("WebSocket opened, for Session id: "+session.getId()+", for the Stream:"+streamName);
}
AuthenticationInfo authenticationInfo = OAuthTokenValdiator.getInstance().validateToken(session);
//TODO Authorization
Authenticator authenticator = ServiceHolder.getWebsocketValidationService().getAuthenticator();
AuthenticationInfo authenticationInfo = authenticator.isAutenticated(session);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
Authorizer authorizer = ServiceHolder.getWebsocketValidationService().getAuthorizer();
boolean isAuthorized = authorizer.isAuthorized(authenticationInfo, session, streamName);
if (isAuthorized) {
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tdomain, true);
ServiceHolder.getInstance().getUiOutputCallbackControllerService().subscribeWebsocket(streamName,
version, session);
version,
session);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
} else {
try {
session.close(new CloseReason(CloseReason.CloseCodes.CANNOT_ACCEPT, "Unauthorized Access"));

@ -1,13 +1,17 @@
package util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.UIOutputCallbackControllerService;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.service.WebsocketValidationService;
public class ServiceHolder {
private static ServiceHolder instance;
private UIOutputCallbackControllerService uiOutputCallbackControllerService;
private static final Log log = LogFactory.getLog(ServiceHolder.class);
private ServiceHolder(){
uiOutputCallbackControllerService = (UIOutputCallbackControllerService) PrivilegedCarbonContext
@ -24,4 +28,16 @@ public class ServiceHolder {
public UIOutputCallbackControllerService getUiOutputCallbackControllerService() {
return uiOutputCallbackControllerService;
}
public static WebsocketValidationService getWebsocketValidationService() {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
WebsocketValidationService deviceManagementProviderService =
(WebsocketValidationService) ctx.getOSGiService(WebsocketValidationService.class, null);
if (deviceManagementProviderService == null) {
String msg = "Websocket Validation service has not initialized.";
log.error(msg);
throw new IllegalStateException(msg);
}
return deviceManagementProviderService;
}
}

@ -63,6 +63,18 @@
<groupId>org.wso2.carbon.analytics-common</groupId>
<artifactId>org.wso2.carbon.event.stream.core</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents.wso2</groupId>
<artifactId>httpcore</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.orbit.org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.oauth.stub</artifactId>
</dependency>
</dependencies>
<build>
@ -123,8 +135,17 @@
org.wso2.carbon.databridge.commons,
org.wso2.carbon.event.stream.core,
org.wso2.carbon.event.stream.core.exception,
org.wso2.carbon.utils
org.wso2.carbon.utils,
javax.xml.bind,
javax.xml.bind.annotation,
javax.xml.parsers; version=0.0.0,
org.w3c.dom,
org.wso2.carbon.identity.oauth2.stub,
org.wso2.carbon.identity.oauth2.stub.dto,
org.wso2.carbon.user.api,
org.wso2.carbon.utils.multitenancy
</Import-Package>
<DynamicImport-Package>*</DynamicImport-Package>
</instructions>
</configuration>
</plugin>

@ -34,7 +34,7 @@ import org.wso2.carbon.event.output.adapter.core.OutputEventAdapterConfiguration
import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException;
import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterRuntimeException;
import org.wso2.carbon.event.output.adapter.core.exception.TestConnectionNotSupportedException;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebSocketSessionUtil;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebSocketSessionRequest;
import org.wso2.carbon.event.stream.core.EventStreamService;
import org.wso2.carbon.event.stream.core.exception.EventStreamConfigurationException;
@ -257,7 +257,7 @@ public class UIEventAdapter implements OutputEventAdapter {
streamSpecificEvents.add(eventValues);
// fetch all valid sessions checked against any queryParameters provided when subscribing.
CopyOnWriteArrayList<WebSocketSessionUtil> validSessions = getValidSessions(event);
CopyOnWriteArrayList<WebSocketSessionRequest> validSessions = getValidSessions(event);
try {
executorService.execute(new WebSocketSender(validSessions, eventString));
@ -331,15 +331,15 @@ public class UIEventAdapter implements OutputEventAdapter {
* @param event the current event received and that which needs to be published to subscribed sessions.
* @return a list of all validated web-socket sessions against the queryString values.
*/
private CopyOnWriteArrayList<WebSocketSessionUtil> getValidSessions(Event event) {
CopyOnWriteArrayList<WebSocketSessionUtil> validSessions = new CopyOnWriteArrayList<>();
private CopyOnWriteArrayList<WebSocketSessionRequest> getValidSessions(Event event) {
CopyOnWriteArrayList<WebSocketSessionRequest> validSessions = new CopyOnWriteArrayList<>();
UIOutputCallbackControllerServiceImpl uiOutputCallbackControllerServiceImpl =
UIEventAdaptorServiceDataHolder.getUIOutputCallbackRegisterServiceImpl();
// get all subscribed web-socket sessions.
CopyOnWriteArrayList<WebSocketSessionUtil> webSocketSessionUtils =
CopyOnWriteArrayList<WebSocketSessionRequest> webSocketSessionUtils =
uiOutputCallbackControllerServiceImpl.getSessions(tenantId, streamId);
if (webSocketSessionUtils != null) {
for (WebSocketSessionUtil webSocketSessionUtil : webSocketSessionUtils) {
for (WebSocketSessionRequest webSocketSessionUtil : webSocketSessionUtils) {
boolean isValidSession = validateEventAgainstSessionFilters(event, webSocketSessionUtil);
if (isValidSession) {
validSessions.add(webSocketSessionUtil);
@ -360,7 +360,7 @@ public class UIEventAdapter implements OutputEventAdapter {
* @param webSocketSessionUtil the session which needs validated for its authenticity to receive this event.
* @return "true" if the session is valid to receive the event else "false".
*/
private boolean validateEventAgainstSessionFilters(Event event, WebSocketSessionUtil webSocketSessionUtil) {
private boolean validateEventAgainstSessionFilters(Event event, WebSocketSessionRequest webSocketSessionUtil) {
// fetch the queryString Key:Value pair map of the given session.
Map<String, String> queryParamValuePairs = webSocketSessionUtil.getQueryParamValuePairs();
@ -412,9 +412,9 @@ public class UIEventAdapter implements OutputEventAdapter {
private class WebSocketSender implements Runnable {
private String message;
private CopyOnWriteArrayList<WebSocketSessionUtil> webSocketSessionUtils;
private CopyOnWriteArrayList<WebSocketSessionRequest> webSocketSessionUtils;
public WebSocketSender(CopyOnWriteArrayList<WebSocketSessionUtil> webSocketSessionUtils, String message) {
public WebSocketSender(CopyOnWriteArrayList<WebSocketSessionRequest> webSocketSessionUtils, String message) {
this.webSocketSessionUtils = webSocketSessionUtils;
this.message = message;
}
@ -434,8 +434,8 @@ public class UIEventAdapter implements OutputEventAdapter {
public void run() {
if (webSocketSessionUtils != null) {
doLogDroppedMessage = true;
for (WebSocketSessionUtil webSocketSessionUtil : webSocketSessionUtils) {
synchronized (WebSocketSessionUtil.class) {
for (WebSocketSessionRequest webSocketSessionUtil : webSocketSessionUtils) {
synchronized (WebSocketSessionRequest.class) {
try {
webSocketSessionUtil.getSession().getBasicRemote().sendText(message);
} catch (IOException e) {

@ -19,10 +19,9 @@
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui;
import com.google.gson.JsonObject;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.internal.UIEventAdaptorServiceDataHolder;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebSocketSessionUtil;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebSocketSessionRequest;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.UIEventAdapterConstants;
import javax.websocket.Session;
@ -36,7 +35,7 @@ import java.util.concurrent.LinkedBlockingDeque;
*/
public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackControllerService {
private ConcurrentHashMap<Integer, ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionUtil>>>
private ConcurrentHashMap<Integer, ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionRequest>>>
outputEventAdaptorSessionMap;
public UIOutputCallbackControllerServiceImpl() {
@ -58,7 +57,7 @@ public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackCo
version = UIEventAdapterConstants.ADAPTER_UI_DEFAULT_OUTPUT_STREAM_VERSION;
}
String streamId = streamName + UIEventAdapterConstants.ADAPTER_UI_COLON + version;
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionUtil>> tenantSpecificAdaptorMap =
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionRequest>> tenantSpecificAdaptorMap =
outputEventAdaptorSessionMap.get(tenantId);
if (tenantSpecificAdaptorMap == null) {
tenantSpecificAdaptorMap = new ConcurrentHashMap<>();
@ -66,7 +65,7 @@ public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackCo
tenantSpecificAdaptorMap = outputEventAdaptorSessionMap.get(tenantId);
}
}
CopyOnWriteArrayList<WebSocketSessionUtil> adapterSpecificSessions = tenantSpecificAdaptorMap.get(streamId);
CopyOnWriteArrayList<WebSocketSessionRequest> adapterSpecificSessions = tenantSpecificAdaptorMap.get(streamId);
if (adapterSpecificSessions == null) {
adapterSpecificSessions = new CopyOnWriteArrayList<>();
if (null != tenantSpecificAdaptorMap.putIfAbsent(streamId, adapterSpecificSessions)) {
@ -74,7 +73,7 @@ public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackCo
}
}
WebSocketSessionUtil webSocketSessionUtil = new WebSocketSessionUtil(session);
WebSocketSessionRequest webSocketSessionUtil = new WebSocketSessionRequest(session);
adapterSpecificSessions.add(webSocketSessionUtil);
}
@ -85,8 +84,8 @@ public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackCo
* @param streamId - Stream name and version which user register to.
* @return the sessions list.
*/
public CopyOnWriteArrayList<WebSocketSessionUtil> getSessions(int tenantId, String streamId) {
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionUtil>> tenantSpecificAdaptorMap
public CopyOnWriteArrayList<WebSocketSessionRequest> getSessions(int tenantId, String streamId) {
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionRequest>> tenantSpecificAdaptorMap
= outputEventAdaptorSessionMap.get(tenantId);
if (tenantSpecificAdaptorMap != null) {
return tenantSpecificAdaptorMap.get(streamId);
@ -125,15 +124,15 @@ public class UIOutputCallbackControllerServiceImpl implements UIOutputCallbackCo
version = UIEventAdapterConstants.ADAPTER_UI_DEFAULT_OUTPUT_STREAM_VERSION;
}
String id = streamName + UIEventAdapterConstants.ADAPTER_UI_COLON + version;
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionUtil>> tenantSpecificAdaptorMap
ConcurrentHashMap<String, CopyOnWriteArrayList<WebSocketSessionRequest>> tenantSpecificAdaptorMap
= outputEventAdaptorSessionMap.get(tenantId);
if (tenantSpecificAdaptorMap != null) {
CopyOnWriteArrayList<WebSocketSessionUtil> adapterSpecificSessions = tenantSpecificAdaptorMap.get(id);
CopyOnWriteArrayList<WebSocketSessionRequest> adapterSpecificSessions = tenantSpecificAdaptorMap.get(id);
if (adapterSpecificSessions != null) {
WebSocketSessionUtil sessionToRemove = null;
Iterator<WebSocketSessionUtil> iterator = adapterSpecificSessions.iterator();
WebSocketSessionRequest sessionToRemove = null;
Iterator<WebSocketSessionRequest> iterator = adapterSpecificSessions.iterator();
while (iterator.hasNext()) {
WebSocketSessionUtil webSocketSessionUtil = iterator.next();
WebSocketSessionRequest webSocketSessionUtil = iterator.next();
if (session.getId().equals(webSocketSessionUtil.getSession().getId())) {
sessionToRemove = webSocketSessionUtil;
break;

@ -12,7 +12,9 @@
*
*/
package util;
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication;
import java.util.Map;
/**
* This is returned after authentication.
@ -25,6 +27,12 @@ public class AuthenticationInfo {
private boolean authenticated;
private String username;
private String tenantDomain;
/**
* To hold authentication related properties eg: scopes in oauth
*/
private Map<String, Object> properties;
/**
* returns whether the client is authenticated
*/
@ -57,4 +65,12 @@ public class AuthenticationInfo {
public void setTenantDomain(String tenantDomain) {
this.tenantDomain = tenantDomain;
}
public Map<String, Object> getProperties() {
return properties;
}
public void setProperties(Map<String, Object> properties) {
this.properties = properties;
}
}

@ -0,0 +1,30 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and limitations under the License.
*
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication;
import javax.websocket.Session;
/**
* This interface is used to authenticate a websocket session
*/
public interface Authenticator {
/**
* Check whether the client is authenticated to connect.
* @param session user object.
* @return AuthenicationInfo which contains authentication client information.
*/
AuthenticationInfo isAutenticated(Session session);
}

@ -0,0 +1,26 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and limitations under the License.
*
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.oauth.OAuthTokenValdiator;
import javax.websocket.Session;
public class OAuthAuthenticator implements Authenticator {
@Override
public AuthenticationInfo isAutenticated(Session session) {
return OAuthTokenValdiator.getInstance().validateToken(session);
}
}

@ -12,13 +12,17 @@
*
*/
package oauth;
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.oauth;
import org.apache.axis2.context.ServiceContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.pool.impl.GenericObjectPool;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.AuthenticationInfo;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.Property;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.WebsocketConfig;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.constants.WebsocketConstants;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationRequestDTO_OAuth2AccessToken;
@ -26,14 +30,14 @@ import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import util.AuthenticationInfo;
import javax.websocket.Session;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.rmi.RemoteException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
/**
@ -68,7 +72,7 @@ public class OAuthTokenValdiator {
Properties properties = getWebSocketConfig();
this.stubs = new GenericObjectPool(new OAuthTokenValidaterStubFactory(properties));
} catch (IOException e) {
log.error("Failed to parse the web socket config file " + WEBSOCKET_CONFIG_LOCATION);
log.error("Failed to parse the web socket org.wso2.carbon.device.mgt.iot.output.adapter.ui.config file " + WEBSOCKET_CONFIG_LOCATION);
}
}
@ -152,6 +156,12 @@ public class OAuthTokenValdiator {
String tenantDomain = MultitenantUtils.getTenantDomain(authorizedUser);
authenticationInfo.setUsername(username);
authenticationInfo.setTenantDomain(tenantDomain);
String scopes[] = tokenValidationResponse.getScope();
if (scopes != null) {
Map<String, Object> properties = new HashMap<>();
properties.put(WebsocketConstants.SCOPE_IDENTIFIER, scopes);
authenticationInfo.setProperties(properties);
}
} else {
if (log.isDebugEnabled()) {
log.debug("Token validation failed for token: " + token);
@ -169,12 +179,10 @@ public class OAuthTokenValdiator {
*/
private Properties getWebSocketConfig() throws IOException {
Properties properties = new Properties();
File configFile =new File(WEBSOCKET_CONFIG_LOCATION);
if (configFile.exists()) {
InputStream fileInputStream = new FileInputStream(configFile);
if (fileInputStream != null) {
properties.load(fileInputStream);
}
List<Property> propertyList = WebsocketConfig.getInstance().getWebsocketValidationConfigs().getAuthenticator()
.getProperties().getProperty();
for (Property property : propertyList) {
properties.put(property.getName(), property.getValue());
}
return properties;
}

@ -15,9 +15,8 @@
* specific language governing permissions and limitations
* under the License.
*/
package oauth;
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.oauth;
import oauth.exception.OAuthTokenValidationException;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
import org.apache.axis2.client.Options;
@ -33,8 +32,9 @@ import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
import org.apache.commons.pool.BasePoolableObjectFactory;
import org.apache.log4j.Logger;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.oauth.exception.OAuthTokenValidationException;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.constants.WebsocketConstants;
import org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub;
import util.UIConstants;
import java.io.IOException;
import java.net.MalformedURLException;
@ -91,7 +91,7 @@ public class OAuthTokenValidaterStubFactory extends BasePoolableObjectFactory {
private OAuth2TokenValidationServiceStub generateStub() throws OAuthTokenValidationException {
OAuth2TokenValidationServiceStub stub;
try {
URL hostURL = new URL(tokenValidationProperties.getProperty((UIConstants.TOKEN_VALIDATION_ENDPOINT_URL)));
URL hostURL = new URL(tokenValidationProperties.getProperty((WebsocketConstants.TOKEN_VALIDATION_ENDPOINT_URL)));
if (hostURL != null) {
stub = new OAuth2TokenValidationServiceStub(hostURL.toString());
if (stub != null) {
@ -102,8 +102,8 @@ public class OAuthTokenValidaterStubFactory extends BasePoolableObjectFactory {
HttpTransportProperties.Authenticator auth =
new HttpTransportProperties.Authenticator();
auth.setPreemptiveAuthentication(true);
String username = tokenValidationProperties.getProperty(UIConstants.USERNAME);
String password = tokenValidationProperties.getProperty(UIConstants.PASSWORD);
String username = tokenValidationProperties.getProperty(WebsocketConstants.USERNAME);
String password = tokenValidationProperties.getProperty(WebsocketConstants.PASSWORD);
auth.setPassword(username);
auth.setUsername(password);
Options options = client.getOptions();
@ -167,9 +167,9 @@ public class OAuthTokenValidaterStubFactory extends BasePoolableObjectFactory {
private HttpClient createHttpClient() {
HttpConnectionManagerParams params = new HttpConnectionManagerParams();
params.setDefaultMaxConnectionsPerHost(Integer.parseInt(tokenValidationProperties.getProperty(
UIConstants.MAXIMUM_HTTP_CONNECTION_PER_HOST)));
WebsocketConstants.MAXIMUM_HTTP_CONNECTION_PER_HOST)));
params.setMaxTotalConnections(Integer.parseInt(tokenValidationProperties.getProperty(
UIConstants.MAXIMUM_TOTAL_HTTP_CONNECTION)));
WebsocketConstants.MAXIMUM_TOTAL_HTTP_CONNECTION)));
HttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager();
connectionManager.setParams(params);
return new HttpClient(connectionManager);

@ -15,7 +15,7 @@
* specific language governing permissions and limitations
* under the License.
*/
package oauth.exception;
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.oauth.exception;
/**
* This Exception will be thrown, when there any interference with token validation flow.

@ -0,0 +1,35 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and limitations under the License.
*
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.AuthenticationInfo;
import javax.websocket.Session;
import java.util.Map;
/**
* Check whether the client is authorized to connect.
*/
public interface Authorizer {
/**
* Check whether the client is authorized to connect with the stream.
* @param authenticationInfo authenticated client information.
* @param session request session of the client.
* @param stream stream name of the client connecting to.
* @return true if authorized else return false.
*/
boolean isAuthorized(AuthenticationInfo authenticationInfo, Session session, String stream);
}

@ -0,0 +1,51 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and limitations under the License.
*
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.AuthenticationInfo;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.constants.WebsocketConstants;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebSocketSessionRequest;
import javax.websocket.Session;
import java.util.Map;
/**
* This authorizer crossvalidates the request with device id and device type.
*/
public class DeviceAuthorizer implements Authorizer {
private static final String STATS_SCOPE_IDENTIFIER = "stats";
private static final String DEVICE_MGT_SCOPE_IDENTIFIER = "device-mgt";
@Override
public boolean isAuthorized(AuthenticationInfo authenticationInfo, Session session, String stream) {
WebSocketSessionRequest webSocketSessionRequest = new WebSocketSessionRequest(session);
Map<String, String> queryParams = webSocketSessionRequest.getQueryParamValuePairs();
String deviceId = queryParams.get("deviceId");
String deviceType = queryParams.get("deviceType");
Object scopeObject = authenticationInfo.getProperties().get(WebsocketConstants.SCOPE_IDENTIFIER);
if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()
&& scopeObject != null) {
String scopes[] = (String[]) scopeObject;
String requiredScope = DEVICE_MGT_SCOPE_IDENTIFIER + ":" + deviceType + ":" + deviceId + ":"
+ STATS_SCOPE_IDENTIFIER;
for (String scope : scopes) {
if (requiredScope.equals(scope)) {
return true;
}
}
}
return false;
}
}

@ -0,0 +1,90 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for Authenticator complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="Authenticator">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="Properties" type="{}Properties"/>
* &lt;/sequence>
* &lt;attribute name="class" type="{http://www.w3.org/2001/XMLSchema}string" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "Authenticator", propOrder = {
"properties"
})
public class Authenticator {
@XmlElement(name = "Properties", required = false)
protected Properties properties;
@XmlAttribute(name = "class")
protected String clazz;
/**
* Gets the value of the properties property.
*
* @return
* possible object is
* {@link Properties }
*
*/
public Properties getProperties() {
return properties;
}
/**
* Sets the value of the properties property.
*
* @param value
* allowed object is
* {@link Properties }
*
*/
public void setProperties(Properties value) {
this.properties = value;
}
/**
* Gets the value of the clazz property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getClazz() {
return clazz;
}
/**
* Sets the value of the clazz property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setClazz(String value) {
this.clazz = value;
}
}

@ -0,0 +1,90 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for Authorizer complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="Authorizer">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="Properties" type="{}Properties"/>
* &lt;/sequence>
* &lt;attribute name="class" type="{http://www.w3.org/2001/XMLSchema}string" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "Authorizer", propOrder = {
"properties"
})
public class Authorizer {
@XmlElement(name = "Properties", required = false)
protected Properties properties;
@XmlAttribute(name = "class")
protected String clazz;
/**
* Gets the value of the properties property.
*
* @return
* possible object is
* {@link Properties }
*
*/
public Properties getProperties() {
return properties;
}
/**
* Sets the value of the properties property.
*
* @param value
* allowed object is
* {@link Properties }
*
*/
public void setProperties(Properties value) {
this.properties = value;
}
/**
* Gets the value of the clazz property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getClazz() {
return clazz;
}
/**
* Sets the value of the clazz property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setClazz(String value) {
this.clazz = value;
}
}

@ -0,0 +1,69 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
import java.util.ArrayList;
import java.util.List;
/**
* <p>Java class for Properties complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="Properties">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="Property" type="{}Property" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "Properties", propOrder = {
"property"
})
public class Properties {
@XmlElement(name = "Property")
protected List<Property> property;
/**
* Gets the value of the property property.
*
* <p>
* This accessor method returns a reference to the live list,
* not a snapshot. Therefore any modification you make to the
* returned list will be present inside the JAXB object.
* This is why there is not a <CODE>set</CODE> method for the property property.
*
* <p>
* For example, to add a new item, do as follows:
* <pre>
* getProperty().add(newItem);
* </pre>
*
*
* <p>
* Objects of the following type(s) are allowed in the list
* {@link Property }
*
*
*/
public List<Property> getProperty() {
if (property == null) {
property = new ArrayList<Property>();
}
return this.property;
}
}

@ -0,0 +1,87 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for Property complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="Property">
* &lt;simpleContent>
* &lt;extension base="&lt;http://www.w3.org/2001/XMLSchema>string">
* &lt;attribute name="name" type="{http://www.w3.org/2001/XMLSchema}string" />
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "Property", propOrder = {
"value"
})
public class Property {
@XmlValue
protected String value;
@XmlAttribute(name = "name")
protected String name;
/**
* Gets the value of the value property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setValue(String value) {
this.value = value;
}
/**
* Gets the value of the name property.
*
* @return
* possible object is
* {@link String }
*
*/
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value
* allowed object is
* {@link String }
*
*/
public void setName(String value) {
this.name = value;
}
}

@ -0,0 +1,54 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import org.w3c.dom.Document;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.util.WebsocketUtils;
import org.wso2.carbon.utils.CarbonUtils;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import java.io.File;
/**
* This class represents the configuration that are needed for scopes to permission map.
*/
public class WebsocketConfig {
private static WebsocketConfig config = new WebsocketConfig();
private WebsocketValidationConfigs websocketValidationConfigs;
private static final String WEBSOCKET_VALIDATION_CONFIG_PATH =
CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + "websocket-validation.xml";
private WebsocketConfig() {
}
public static WebsocketConfig getInstance() {
return config;
}
public void init() throws WebsocketValidationConfigurationFailedException {
try {
File deviceMgtConfig = new File(WEBSOCKET_VALIDATION_CONFIG_PATH);
Document doc = WebsocketUtils.convertToDocument(deviceMgtConfig);
/* Un-marshaling DeviceMGtScope configuration */
JAXBContext ctx = JAXBContext.newInstance(WebsocketValidationConfigs.class);
Unmarshaller unmarshaller = ctx.createUnmarshaller();
//unmarshaller.setSchema(getSchema());
websocketValidationConfigs = (WebsocketValidationConfigs) unmarshaller.unmarshal(doc);
} catch (JAXBException e) {
throw new WebsocketValidationConfigurationFailedException("Error occurred while un-marshalling Websocket" +
" Config", e);
}
}
public WebsocketValidationConfigs getWebsocketValidationConfigs() {
return websocketValidationConfigs;
}
public void setWebsocketValidationConfigs(WebsocketValidationConfigs websocketValidationConfigs) {
websocketValidationConfigs = websocketValidationConfigs;
}
}

@ -0,0 +1,89 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for WebsocketValidationConfigs complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="WebsocketValidationConfigs">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="Authenticator" type="{}Authenticator"/>
* &lt;element name="Authorizer" type="{}Authorizer"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlRootElement(name = "WebsocketValidationConfigs")
@XmlAccessorType(XmlAccessType.FIELD)
public class WebsocketValidationConfigs {
@XmlElement(name = "Authenticator", required = true)
protected Authenticator authenticator;
@XmlElement(name = "Authorizer", required = true)
protected Authorizer authorizer;
/**
* Gets the value of the authenticator property.
*
* @return
* possible object is
* {@link Authenticator }
*
*/
public Authenticator getAuthenticator() {
return authenticator;
}
/**
* Sets the value of the authenticator property.
*
* @param value
* allowed object is
* {@link Authenticator }
*
*/
public void setAuthenticator(Authenticator value) {
this.authenticator = value;
}
/**
* Gets the value of the authorizer property.
*
* @return
* possible object is
* {@link Authorizer }
*
*/
public Authorizer getAuthorizer() {
return authorizer;
}
/**
* Sets the value of the authorizer property.
*
* @param value
* allowed object is
* {@link Authorizer }
*
*/
public void setAuthorizer(Authorizer value) {
this.authorizer = value;
}
}

@ -0,0 +1,44 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.config;
public class WebsocketValidationConfigurationFailedException extends Exception {
private static final long serialVersionUID = -3151279329290703928L;
public WebsocketValidationConfigurationFailedException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public WebsocketValidationConfigurationFailedException(String message, Throwable cause) {
super(message, cause);
}
public WebsocketValidationConfigurationFailedException(String msg) {
super(msg);
}
public WebsocketValidationConfigurationFailedException() {
super();
}
public WebsocketValidationConfigurationFailedException(Throwable cause) {
super(cause);
}
}

@ -0,0 +1,36 @@
/*
*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.constants;
/**
* This holds the constants related to this feature
*/
public class WebsocketConstants {
private WebsocketConstants() {
}
public static final String SCOPE_IDENTIFIER = "scopes";
public static final String MAXIMUM_TOTAL_HTTP_CONNECTION = "maximumTotalHttpConnection";
public static final String MAXIMUM_HTTP_CONNECTION_PER_HOST = "maximumHttpConnectionPerHost";
public static final String TOKEN_VALIDATION_ENDPOINT_URL = "tokenValidationEndpoint";
public static final String USERNAME = "username";
public static final String PASSWORD = "password";
}

@ -24,6 +24,12 @@ import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.UIEventAdapterFactory;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.UIOutputCallbackControllerServiceImpl;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.Authenticator;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.Authorizer;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.WebsocketConfig;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.WebsocketValidationConfigurationFailedException;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.service.WebsocketValidationService;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.service.WebsocketValidationServiceImpl;
import org.wso2.carbon.event.output.adapter.core.OutputEventAdapterFactory;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.UIOutputCallbackControllerService;
import org.wso2.carbon.event.stream.core.EventStreamService;
@ -58,6 +64,32 @@ public class UILocalEventAdapterServiceComponent {
if (log.isDebugEnabled()) {
log.debug("Successfully deployed the output ui adapter service");
}
try {
WebsocketConfig.getInstance().init();
WebsocketValidationServiceImpl websocketValidationService = new WebsocketValidationServiceImpl();
String authenticatorClassName = WebsocketConfig.getInstance().getWebsocketValidationConfigs()
.getAuthenticator().getClazz();
String authorizerClassName = WebsocketConfig.getInstance().getWebsocketValidationConfigs()
.getAuthorizer().getClazz();
if (authenticatorClassName != null && !authenticatorClassName.isEmpty()) {
Class<? extends Authenticator> authenticatorClass = Class.forName(authenticatorClassName)
.asSubclass(Authenticator.class);
Authenticator authenticator = authenticatorClass.newInstance();
websocketValidationService.setAuthenticator(authenticator);
}
if (authorizerClassName != null && !authorizerClassName.isEmpty()) {
Class<? extends Authorizer> authorizerClass = Class.forName(authorizerClassName)
.asSubclass(Authorizer.class);
Authorizer authorizer = authorizerClass.newInstance();
websocketValidationService.setAuthorizer(authorizer);
}
context.getBundleContext().registerService(
WebsocketValidationService.class.getName(), websocketValidationService, null);
} catch (WebsocketValidationConfigurationFailedException e) {
log.error("Failed to initialize configuration for websocket.", e);
} catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
e.printStackTrace();
}
} catch (RuntimeException e) {
log.error("Can not create the output ui adapter service ", e);
}

@ -0,0 +1,15 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.service;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.Authenticator;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.Authorizer;
/**
* This returns the configured authenticator and authorizer for websocket.
*/
public interface WebsocketValidationService {
Authenticator getAuthenticator();
Authorizer getAuthorizer();
}

@ -0,0 +1,30 @@
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.service;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.Authenticator;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.Authorizer;
/**
* This returns the configured authenticator and authorizer for websocket.
*/
public class WebsocketValidationServiceImpl implements WebsocketValidationService{
private Authenticator authenticator;
private Authorizer authorizer;
@Override
public Authenticator getAuthenticator() {
return authenticator;
}
@Override
public Authorizer getAuthorizer() {
return authorizer;
}
public void setAuthenticator(Authenticator authenticator) {
this.authenticator = authenticator;
}
public void setAuthorizer(Authorizer authorizer) {
this.authorizer = authorizer;
}
}

@ -27,7 +27,7 @@ public class UIEventAdapterConstants {
private UIEventAdapterConstants() {
}
public static final String ADAPTER_TYPE_UI = "iot-ui";
public static final String ADAPTER_TYPE_UI = "secured-ui";
public static final String ADAPTER_USAGE_TIPS_PREFIX = "ui.usage.tips_prefix";
public static final String ADAPTER_USAGE_TIPS_POSTFIX = "ui.usage.tips_postfix";
public static final String ADAPTER_UI_DEFAULT_OUTPUT_STREAM_VERSION = "1.0.0";

@ -13,15 +13,15 @@ import java.util.Map;
* of the Session object derived from processing some of the (default) existing attributes.
* Ex: Query-String's [Key:Value] Map derived from the queryString attribute of the original class.
*/
public class WebSocketSessionUtil {
private static final Log log = LogFactory.getLog(WebSocketSessionUtil.class);
public class WebSocketSessionRequest {
private static final Log log = LogFactory.getLog(WebSocketSessionRequest.class);
private static final String QUERY_STRING_SEPERATOR = "&";
private static final String QUERY_KEY_VALUE_SEPERATOR = "=";
private Map<String, String> queryParamValuePairs = null;
private Session session;
public WebSocketSessionUtil(Session session) {
public WebSocketSessionRequest(Session session) {
this.session = session;
setQueryParamValuePairs();
}
@ -42,19 +42,15 @@ public class WebSocketSessionUtil {
if (session.getQueryString() != null) {
String queryString = session.getQueryString();
String[] allQueryParamPairs = queryString.split(QUERY_STRING_SEPERATOR);
for (String keyValuePair : allQueryParamPairs) {
String[] thisQueryParamPair = keyValuePair.split(QUERY_KEY_VALUE_SEPERATOR);
if (thisQueryParamPair.length != 2) {
log.warn("Invalid query string [" + queryString + "] passed in.");
break;
}
if (queryParamValuePairs == null) {
queryParamValuePairs = new HashMap<>();
}
queryParamValuePairs.put(thisQueryParamPair[0], thisQueryParamPair[1]);
}
}

@ -0,0 +1,45 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.iot.output.adapter.ui.util;
import org.w3c.dom.Document;
import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.WebsocketValidationConfigurationFailedException;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File;
/**
* This class holds util methods used by OAuth extension bundle.
*/
public class WebsocketUtils {
public static Document convertToDocument(File file) throws WebsocketValidationConfigurationFailedException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
try {
DocumentBuilder docBuilder = factory.newDocumentBuilder();
return docBuilder.parse(file);
} catch (Exception e) {
throw new WebsocketValidationConfigurationFailedException("Error occurred while parsing file, while converting " +
"to a org.w3c.dom.Document", e);
}
}
}

@ -28,9 +28,13 @@ import org.wso2.carbon.device.mgt.iot.devicetype.config.DeviceManagementConfigur
import org.wso2.carbon.device.mgt.iot.raspberrypi.plugin.constants.RaspberrypiConstants;
import org.wso2.carbon.device.mgt.iot.raspberrypi.plugin.internal.RaspberrypiManagementDataHolder;
import java.util.HashMap;
import java.util.Map;
public class RaspberrypiManagerService implements DeviceManagementService {
private DeviceManager deviceManager;
private PushNotificationConfig pushNotificationConfig;
@Override
public String getType() {
@ -40,6 +44,21 @@ public class RaspberrypiManagerService implements DeviceManagementService {
@Override
public void init() throws DeviceManagementException {
deviceManager = new RaspberrypiManager();
this.pushNotificationConfig = this.populatePushNotificationConfig();
}
private PushNotificationConfig populatePushNotificationConfig() {
DeviceManagementConfiguration deviceManagementConfiguration = RaspberrypiManagementDataHolder.getInstance()
.getDeviceTypeConfigService().getConfiguration(RaspberrypiConstants.DEVICE_TYPE,
RaspberrypiConstants.DEVICE_TYPE_PROVIDER_DOMAIN);
org.wso2.carbon.device.mgt.iot.devicetype.config.PushNotificationConfig sourceConfig =
deviceManagementConfiguration.getPushNotificationConfig();
Map<String, String> staticProps = new HashMap<>();
for (org.wso2.carbon.device.mgt.iot.devicetype.config.PushNotificationConfig.Property
property : sourceConfig.getProperties()) {
staticProps.put(property.getName(), property.getValue());
}
return new PushNotificationConfig(sourceConfig.getPushNotificationProvider(), staticProps);
}
@Override
@ -64,7 +83,7 @@ public class RaspberrypiManagerService implements DeviceManagementService {
@Override
public PushNotificationConfig getPushNotificationConfig() {
return null;
return pushNotificationConfig;
}

@ -18,6 +18,7 @@
package org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -82,6 +83,7 @@ public class VirtualFireAlarmServiceImpl implements VirtualFireAlarmService {
private static final String MQTT_PROTOCOL = "MQTT";
private static final String KEY_TYPE = "PRODUCTION";
private static ApiApplicationKey apiApplicationKey;
private static final String DEVICE_MGT_SCOPE_IDENTIFIER = "device-mgt";
private static Log log = LogFactory.getLog(VirtualFireAlarmServiceImpl.class);
@POST
@ -309,10 +311,13 @@ public class VirtualFireAlarmServiceImpl implements VirtualFireAlarmService {
VirtualFireAlarmConstants.DEVICE_TYPE, tags, KEY_TYPE, applicationUsername, true);
}
JWTClient jwtClient = APIUtil.getJWTClientManagerService().getJWTClient();
String scopes = "cdmf/" + VirtualFireAlarmConstants.DEVICE_TYPE + "/" + deviceId;
String device = "{ \"scope\":\"mqtt-publisher mqtt-subscriber\", \"deviceIdentifiers\":[{\"id\":\""+deviceId+"\", " +
"\"type\":\""+VirtualFireAlarmConstants.DEVICE_TYPE+"\"}]}";
Map<String, String> params = new HashMap<String, String>();
params.put("device", Base64.encodeBase64String(device.getBytes()));
AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(apiApplicationKey.getConsumerKey(),
apiApplicationKey.getConsumerSecret(), owner,
scopes);
null, params);
String accessToken = accessTokenInfo.getAccessToken();
String refreshToken = accessTokenInfo.getRefreshToken();
XmppAccount newXmppAccount = new XmppAccount();

@ -22,12 +22,23 @@ function onRequest(context) {
var devicemgtProps = require("/app/conf/reader/main.js")["conf"];
var constants = require("/app/modules/constants.js");
var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
var jwtService = carbon.server.osgiService('org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
var jwtClient = jwtService.getJWTClient();
var encodedClientKeys = session.get(constants.ENCODED_CLIENT_KEYS_IDENTIFIER);
if (encodedClientKeys) {
var tokenUtil = require("/app/modules/util.js").util;
var resp = tokenUtil.decode(encodedClientKeys).split(",");
var user = session.get(constants.USER_SESSION_KEY);
var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\""+device.deviceIdentifier+" \", \"type\":\""+device.type+"\"}]}";
var encodedScope = tokenUtil.encode(deviceParam);
var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], user.username, null,
"{\"device\": \"" +encodedScope+"\"}");
var token = "";
if (tokenPair) {
token = tokenPair.accessToken;
}
websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
"token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
"token=" + token + "&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
}
return {"device": device, "websocketEndpoint" : websocketEndpoint};
}

@ -1,4 +1,4 @@
instructions.configure = \
org.eclipse.equinox.p2.touchpoint.natives.mkdir(path:${installFolder}/../../deployment/server/webapps/);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.mgt.iot.adapter_${feature.version}/webapps/,target:${installFolder}/../../deployment/server/webapps/,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.mgt.iot.adapter_${feature.version}/websocket-validation.properties,target:${installFolder}/../../conf/etc/websocket-validation.properties,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.mgt.iot.adapter_${feature.version}/websocket-validation.xml,target:${installFolder}/../../conf/etc/websocket-validation.xml,overwrite:true);\

@ -1,25 +0,0 @@
#
# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
#
# WSO2 Inc. licenses this file to you under the Apache License,
# Version 2.0 (the "License"); you may not use this file except
# in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
#This hold the properties that is used for token validation for the the websocket
tokenValidationEndpoint=https://localhost:9443/services/OAuth2TokenValidationService
username=admin
password=admin
maximumHttpConnectionPerHost=2
maximumTotalHttpConnection=100

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!--
This configuration file represents the configuration that are needed
for websocket connection validation
-->
<WebsocketValidationConfigs>
<!--Authenticator is holds the information of authticator that is used for websocket-->
<Authenticator class="org.wso2.carbon.device.mgt.iot.output.adapter.ui.authentication.OAuthAuthenticator">
<Properties>
<Property name="tokenValidationEndpoint">https://localhost:9443/services/OAuth2TokenValidationService</Property>
<Property name="username">admin</Property>
<Property name="password">admin</Property>
<Property name="maximumHttpConnectionPerHost">2</Property>
<Property name="maximumTotalHttpConnection">100</Property>
</Properties>
</Authenticator>
<!--Authorizer holds the information of the authorizer that is used authorize a connection.-->
<Authorizer class="org.wso2.carbon.device.mgt.iot.output.adapter.ui.authorization.DeviceAuthorizer"></Authorizer>
</WebsocketValidationConfigs>
Loading…
Cancel
Save