Fixed conflicts and merged

revert-70aa11f8
mharindu 8 years ago
commit bdec8880bb

@ -20,6 +20,7 @@ package org.wso2.carbon.apimgt.webapp.publisher;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
@ -34,6 +35,7 @@ public class WebappPublisherUtil {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {

@ -56,7 +56,7 @@
org.osgi.service.component, org.osgi.service.component,
org.apache.commons.logging, org.apache.commons.logging,
javax.security.auth.x500, javax.security.auth.x500,
javax.xml.parsers, javax.xml.*,
org.apache.commons.codec.binary, org.apache.commons.codec.binary,
org.bouncycastle.asn1, org.bouncycastle.asn1,
org.bouncycastle.asn1.x500, org.bouncycastle.asn1.x500,

@ -28,28 +28,25 @@ import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException; import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import javax.sql.DataSource; import javax.sql.DataSource;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.ByteArrayOutputStream;
import java.io.File; import java.io.File;
import java.io.ObjectOutputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable; import java.util.Hashtable;
import java.util.List; import java.util.List;
public class CertificateManagerUtil { public class CertificateManagerUtil {
private static final Log log = LogFactory.getLog(CertificateManagerUtil.class);
public static final String GENERAL_CONFIG_RESOURCE_PATH = "general"; public static final String GENERAL_CONFIG_RESOURCE_PATH = "general";
public static final String MONITORING_FREQUENCY = "notifierFrequency"; public static final String MONITORING_FREQUENCY = "notifierFrequency";
private static final Log log = LogFactory.getLog(CertificateManagerUtil.class);
public static Document convertToDocument(File file) throws CertificateManagementException { public static Document convertToDocument(File file) throws CertificateManagementException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new CertificateManagementException("Error occurred while parsing file, while converting " + throw new CertificateManagementException("Error occurred while parsing file, while converting " +

@ -21,6 +21,8 @@ import org.w3c.dom.Document;
import org.w3c.dom.NodeList; import org.w3c.dom.NodeList;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.ParserConfigurationException;
@ -48,22 +50,19 @@ public class ConfigurationUtil {
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n"; public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
public static final String DES_EDE = "DESede"; public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location"; public static final String CONF_LOCATION = "conf.location";
private static final String CARBON_HOME = "carbon.home";
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
private static final String CARBON_HOME_ENTRY = "${carbon.home}";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK"; public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n"; public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----"; public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = ""; public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024; public static final int RSA_KEY_LENGTH = 1024;
public static final long MILLI_SECONDS = 1000L * 60 * 60 * 24; public static final long MILLI_SECONDS = 1000L * 60 * 60 * 24;
private static final String CARBON_HOME = "carbon.home";
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
private static ConfigurationUtil configurationUtil; private static final String CARBON_HOME_ENTRY = "${carbon.home}";
private static final String[] certificateConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS, private static final String[] certificateConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS,
CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD, CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD,
KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD }; KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD };
private static ConfigurationUtil configurationUtil;
private static Map<String, String> configMap; private static Map<String, String> configMap;
private static Map<String, String> readCertificateConfigurations() throws KeystoreException { private static Map<String, String> readCertificateConfigurations() throws KeystoreException {
@ -79,6 +78,7 @@ public class ConfigurationUtil {
try { try {
File fXmlFile = new File(certConfLocation); File fXmlFile = new File(certConfLocation);
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
document = documentBuilder.parse(fXmlFile); document = documentBuilder.parse(fXmlFile);
} catch (ParserConfigurationException e) { } catch (ParserConfigurationException e) {

@ -121,9 +121,7 @@
org.wso2.carbon.registry.common.*;version="${carbon.registry.imp.pkg.version.range}", org.wso2.carbon.registry.common.*;version="${carbon.registry.imp.pkg.version.range}",
org.wso2.carbon.registry.indexing.*; version="${carbon.registry.imp.pkg.version.range}", org.wso2.carbon.registry.indexing.*; version="${carbon.registry.imp.pkg.version.range}",
org.json;version="${commons-json.version}", org.json;version="${commons-json.version}",
javax.xml.bind, javax.xml.*,
javax.xml.bind.annotation,
javax.xml.parsers,
org.w3c.dom, org.w3c.dom,
org.wso2.carbon.base org.wso2.carbon.base
</Import-Package> </Import-Package>

@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.analytics.data.publisher;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException; import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
@ -32,6 +33,7 @@ public class DataPublisherUtil {
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new DataPublisherConfigurationException("Error occurred while parsing file, while converting " + throw new DataPublisherConfigurationException("Error occurred while parsing file, while converting " +

@ -28,18 +28,18 @@ import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorization
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyList;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
import org.wso2.carbon.device.mgt.jaxrs.service.api.PolicyManagementService; import org.wso2.carbon.device.mgt.jaxrs.service.api.PolicyManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.*;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyList;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil; import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import org.wso2.carbon.policy.mgt.common.Policy; import org.wso2.carbon.policy.mgt.common.Policy;
import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint; import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException; import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService; import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
import javax.ws.rs.*; import javax.ws.rs.*;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
@ -122,7 +122,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
policy.setUsers(policyWrapper.getUsers()); policy.setUsers(policyWrapper.getUsers());
policy.setCompliance(policyWrapper.getCompliance()); policy.setCompliance(policyWrapper.getCompliance());
//TODO iterates the device identifiers to create the object. need to implement a proper DAO layer here. //TODO iterates the device identifiers to create the object. need to implement a proper DAO layer here.
List<Device> devices = null; List<Device> devices = new ArrayList<Device>();
List<DeviceIdentifier> deviceIdentifiers = policyWrapper.getDeviceIdentifiers(); List<DeviceIdentifier> deviceIdentifiers = policyWrapper.getDeviceIdentifiers();
if (deviceIdentifiers != null) { if (deviceIdentifiers != null) {
for (DeviceIdentifier id : deviceIdentifiers) { for (DeviceIdentifier id : deviceIdentifiers) {

@ -37,6 +37,7 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
import java.security.SecureRandom;
import java.util.*; import java.util.*;
@Path("/users") @Path("/users")
@ -395,7 +396,7 @@ public class UserManagementServiceImpl implements UserManagementService {
String lowerCaseCharset = "abcdefghijklmnopqrstuvwxyz"; String lowerCaseCharset = "abcdefghijklmnopqrstuvwxyz";
String upperCaseCharset = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; String upperCaseCharset = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
String numericCharset = "0123456789"; String numericCharset = "0123456789";
Random randomGenerator = new Random(); SecureRandom randomGenerator = new SecureRandom();
String totalCharset = lowerCaseCharset + upperCaseCharset + numericCharset; String totalCharset = lowerCaseCharset + upperCaseCharset + numericCharset;
int totalCharsetLength = totalCharset.length(); int totalCharsetLength = totalCharset.length();
StringBuilder initialUserPassword = new StringBuilder(); StringBuilder initialUserPassword = new StringBuilder();

@ -99,7 +99,7 @@ public class CommandOperationDAOImpl extends GenericOperationDAOImpl {
if (rs.next()) { if (rs.next()) {
commandOperation = new CommandOperation(); commandOperation = new CommandOperation();
commandOperation.setEnabled(rs.getInt("ENABLED") != 0); commandOperation.setEnabled(rs.getBoolean("ENABLED"));
} }
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementDAOException("SQL Error occurred while retrieving the command operation " + throw new OperationManagementDAOException("SQL Error occurred while retrieving the command operation " +

@ -20,7 +20,6 @@ package org.wso2.carbon.device.mgt.core.permission.mgt;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission; import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
@ -28,6 +27,7 @@ import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.registry.api.Resource; import org.wso2.carbon.registry.api.Resource;
import org.wso2.carbon.registry.core.Registry; import org.wso2.carbon.registry.core.Registry;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
@ -121,6 +121,7 @@ public class PermissionUtils {
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new PermissionManagementException("Error occurred while parsing file, while converting " + throw new PermissionManagementException("Error occurred while parsing file, while converting " +

@ -21,8 +21,8 @@ package org.wso2.carbon.device.mgt.core.search.mgt;
public class Constants { public class Constants {
public static String GENERAL = "GENERAL"; public static final String GENERAL = "GENERAL";
public static String PROP_AND = "PROP_AND"; public static final String PROP_AND = "PROP_AND";
public static String PROP_OR = "PROP_OR"; public static final String PROP_OR = "PROP_OR";
public static String LOCATION = "LOCATION"; public static final String LOCATION = "LOCATION";
} }

@ -392,7 +392,7 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
} }
} catch (DeviceDetailsMgtDAOException e) { } catch (DeviceDetailsMgtDAOException e) {
log.error("Error occurred while retrieving advance info of '" + device.getType() + log.error("Error occurred while retrieving advance info of '" + device.getType() +
"' that carries the id '" + device.getDeviceIdentifier() + "'"); "' that carries the id '" + device.getDeviceIdentifier() + "'", e);
} catch (SQLException e) { } catch (SQLException e) {
log.error("Error occurred while opening a connection to the data source", e); log.error("Error occurred while opening a connection to the data source", e);
} finally { } finally {

@ -21,7 +21,6 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.DeviceManagementException;
@ -41,14 +40,11 @@ import org.wso2.carbon.utils.ConfigurationContextService;
import org.wso2.carbon.utils.NetworkUtils; import org.wso2.carbon.utils.NetworkUtils;
import javax.sql.DataSource; import javax.sql.DataSource;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
import java.util.*; import java.util.*;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
public final class DeviceManagerUtil { public final class DeviceManagerUtil {
@ -60,6 +56,7 @@ public final class DeviceManagerUtil {
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new DeviceManagementException("Error occurred while parsing file, while converting " + throw new DeviceManagementException("Error occurred while parsing file, while converting " +

@ -27,13 +27,13 @@ import java.util.Properties;
public class TestDataHolder { public class TestDataHolder {
public final static String TEST_DEVICE_TYPE = "Test";
public final static Integer SUPER_TENANT_ID = -1234;
public final static String SUPER_TENANT_DOMAIN = "carbon.super";
public final static String initialDeviceIdentifier = "12345";
public final static String OWNER = "admin";
public static Device initialTestDevice; public static Device initialTestDevice;
public static DeviceType initialTestDeviceType; public static DeviceType initialTestDeviceType;
public static String TEST_DEVICE_TYPE = "Test";
public static Integer SUPER_TENANT_ID = -1234;
public static String SUPER_TENANT_DOMAIN="carbon.super";
public static String initialDeviceIdentifier = "12345";
public static String OWNER = "admin";
public static Device generateDummyDeviceData(String deviceType){ public static Device generateDummyDeviceData(String deviceType){

@ -0,0 +1,59 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var log = new Log("api/data-tables-invoker-api.jag");
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var devicemgtProps = require('/app/conf/devicemgt-props.js').config();
var serviceInvokers = require("/app/modules/backend-service-invoker.js")["backendServiceInvoker"];
if (uriMatcher.match("/{context}/api/data-tables/invoker")) {
var url = request.getParameter("url");
var targetURL;
var payload = request.getContent();
function appendQueryParam (url, queryParam , value) {
if (url.indexOf("?") > 0) {
return url + "&" + queryParam + "=" + value;
}
return url + "?" + queryParam + "=" + value;
}
targetURL = devicemgtProps["httpsURL"] + request.getParameter("url");
var allParams = request.getAllParameters();
for (var key in allParams) {
if (allParams.hasOwnProperty(key)) {
if(key == "limit" || key == "offset" || key == "filter"){
targetURL = appendQueryParam(targetURL, key, allParams[key]);
}
}
}
serviceInvokers.XMLHttp.get(
targetURL,
// response callback
function (backendResponse) {
response["status"] = backendResponse["status"];
response["content"] = backendResponse["responseText"];
}
);
}

@ -17,94 +17,88 @@
* under the License. * under the License.
*/ */
var log = new Log("api/invoker-api.jag");
var uri = request.getRequestURI(); var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri)); var uriMatcher = new URIMatcher(String(uri));
var log = new Log("api/invoker-api.jag");
var constants = require("/app/modules/constants.js"); var constants = require("/app/modules/constants.js");
var devicemgtProps = require('/app/conf/devicemgt-props.js').config(); var devicemgtProps = require('/app/conf/devicemgt-props.js').config();
var serviceInvokers = require("/app/modules/backend-service-invoker.js").backendServiceInvoker; var serviceInvokers = require("/app/modules/backend-service-invoker.js")["backendServiceInvoker"];
var result;
if (uriMatcher.match("/{context}/api/invoker/execute/")) { if (uriMatcher.match("/{context}/api/invoker/execute/")) {
var method = request.getContent().actionMethod; var restAPIRequestDetails = request.getContent();
var targetURL = getTargetUrl(devicemgtProps.httpsURL, request.getContent().actionUrl);
var payload = request.getContent().actionPayload; var requestMethod = restAPIRequestDetails["requestMethod"];
var contentType = request.getHeader(constants.CONTENT_TYPE_IDENTIFIER); var requestURL = restAPIRequestDetails["requestURL"];
var acceptType = request.getHeader(constants.ACCEPT_IDENTIFIER); var requestPayload = restAPIRequestDetails["requestPayload"];
if (method == undefined && payload == undefined) {
method = parse(request.getContent()).actionMethod; if (!requestMethod) {
targetURL = getTargetUrl(devicemgtProps.httpsURL, parse(request.getContent()).actionUrl); requestMethod = parse(restAPIRequestDetails)["requestMethod"];
payload = parse(request.getContent()).actionPayload;
} }
if (!requestURL) {
requestURL = parse(restAPIRequestDetails)["requestURL"];
}
if (!requestPayload) {
requestPayload = parse(restAPIRequestDetails)["requestPayload"];
}
var restAPIEndpoint = devicemgtProps["httpsURL"] + requestURL;
try { try {
switch (method) { switch (requestMethod) {
case constants.HTTP_GET: case constants["HTTP_GET"]:
var responseData = serviceInvokers.XMLHttp.get( serviceInvokers.XMLHttp.get(
targetURL, function (responsePayload) { restAPIEndpoint,
response.status = 200; function (restAPIResponse) {
response.content = responsePayload; response["status"] = restAPIResponse["status"];
}, if (restAPIResponse["responseText"]) {
function (responsePayload) { response["content"] = restAPIResponse["responseText"];
response.status = responsePayload.status; }
response.content = responsePayload.responseText; }
}, );
contentType,
acceptType);
break; break;
case constants.HTTP_POST: case constants["HTTP_POST"]:
var responseData = serviceInvokers.XMLHttp.post( serviceInvokers.XMLHttp.post(
targetURL, payload, function (responsePayload) { restAPIEndpoint,
response.status = 200; requestPayload,
response.content = responsePayload; function (restAPIResponse) {
}, response["status"] = restAPIResponse["status"];
function (responsePayload) { if (restAPIResponse["responseText"]) {
response.status = responsePayload.status; response["content"] = restAPIResponse["responseText"];
response.content = responsePayload.responseText; }
}, }
contentType, );
acceptType);
break; break;
case constants.HTTP_PUT: case constants["HTTP_PUT"]:
var responseData = serviceInvokers.XMLHttp.put( serviceInvokers.XMLHttp.put(
targetURL, payload, function (responsePayload) { restAPIEndpoint,
response.status = 200; requestPayload,
response.content = responsePayload; function (restAPIResponse) {
}, response["status"] = restAPIResponse["status"];
function (responsePayload) { if (restAPIResponse["responseText"]) {
response.status = responsePayload.status; response["content"] = restAPIResponse["responseText"];
response.content = responsePayload.responseText; }
}, }
contentType, );
acceptType);
break; break;
case constants.HTTP_DELETE: case constants["HTTP_DELETE"]:
var responseData = serviceInvokers.XMLHttp.delete( serviceInvokers.XMLHttp.delete(
targetURL, function (responsePayload) { restAPIEndpoint,
response.status = 200; function (restAPIResponse) {
response.content = responsePayload; response["status"] = restAPIResponse["status"];
}, if (restAPIResponse["responseText"]) {
function (responsePayload) { response["content"] = restAPIResponse["responseText"];
response.status = responsePayload.status; }
response.content = responsePayload.responseText; }
}, );
contentType,
acceptType);
break; break;
} }
} catch (e) { } catch (e) {
log.error("Exception occurred while accessing sevices", e); log.error("Exception occurred while trying to access backend " +
} "REST API services from Jaggery API invoker layer", e);
}
function getTargetUrl(serverUrl, actionUrl){
if(actionUrl == undefined || actionUrl.lastIndexOf("http", 0) === 0){
return actionUrl;
} else {
return serverUrl + actionUrl;
} }
} }
%> %>

@ -0,0 +1,60 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var log = new Log("api/operation-api.jag");
var serviceInvokers = require("/app/modules/backend-service-invoker.js")["backendServiceInvoker"];
var devicemgtProps = require('/app/conf/devicemgt-props.js').config();
if (uriMatcher.match("/{context}/api/operation/paginate")) {
var deviceType = request.getParameter("deviceType");
var deviceId = request.getParameter("deviceId");
var index = request.getParameter("start");
var length = request.getParameter("length");
var search = request.getParameter("search[value]");
var restAPIEndpoint = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/devices/" +
deviceType + "/" + deviceId + "/operations?offset=" + index + "&limit=" + length;
serviceInvokers.XMLHttp.get(
restAPIEndpoint,
function (restAPIResponse) {
if (restAPIResponse["status"] == 200 && restAPIResponse["responseText"]) {
var responsePayload = parse(restAPIResponse["responseText"]);
var paginatedResult = {};
paginatedResult["recordsTotal"] = responsePayload["count"];
paginatedResult["recordsFiltered"] = responsePayload["count"];
paginatedResult["data"] = responsePayload["operations"];
response["status"] = 200;
response["content"] = paginatedResult;
} else {
response["status"] = restAPIResponse["status"];
if (restAPIResponse["responseText"]) {
response["content"] = parse(restAPIResponse["responseText"]);
}
}
}
);
}
%>

@ -0,0 +1,52 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/*
@Deprecated
*/
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var log = new Log("api/policy-api.jag");
var constants = require("/modules/constants.js");
var policyModule = require("/modules/policy.js").policyModule;
var result;
if (uriMatcher.match("/{context}/api/policies/update")) {
payload = request.getContent();
policyModule.updatePolicyPriorities(payload);
} else if (uriMatcher.match("/{context}/api/policies/{id}/delete")) {
elements = uriMatcher.elements();
policyId = elements.id;
try {
result = policyModule.deletePolicy(policyId);
} catch (e) {
log.error("Exception occurred while trying to delete policy for id:" + policyId, e);
// http status code 500 refers to - Internal Server Error.
result = 500;
}
}
// returning the result.
if (result) {
response.content = result;
}
%>

@ -19,11 +19,8 @@
package org.wso2.carbon.email.sender.core; package org.wso2.carbon.email.sender.core;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.wso2.carbon.email.sender.core.internal.EmailSenderDataHolder;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.ConfigurationContextService;
import org.wso2.carbon.utils.NetworkUtils;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
@ -35,6 +32,7 @@ public class EmailSenderUtil {
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new EmailSenderConfigurationFailedException("Error occurred while parsing file, while converting " + throw new EmailSenderConfigurationFailedException("Error occurred while parsing file, while converting " +

@ -24,6 +24,6 @@ public class OauthAuthenticatorConstants {
public static final String BEARER_TOKEN_IDENTIFIER = "token"; public static final String BEARER_TOKEN_IDENTIFIER = "token";
public static final String AUTHENTICATOR_NAME = "OAuthAuthenticator"; public static final String AUTHENTICATOR_NAME = "OAuthAuthenticator";
public static final String SPLITING_CHARACTOR = " "; public static final String SPLITING_CHARACTOR = " ";
public static String OAUTH_ENDPOINT_POSTFIX = public static final String OAUTH_ENDPOINT_POSTFIX =
"/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/"; "/services/OAuth2TokenValidationService.OAuth2TokenValidationServiceHttpsSoap12Endpoint/";
} }

@ -36,11 +36,11 @@ import org.apache.http.util.EntityUtils;
import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.KeyStoreManager; import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig; import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException; import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientConfigurationException;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException; import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.identity.jwt.client.extension.internal.JWTClientExtensionDataHolder; import org.wso2.carbon.identity.jwt.client.extension.internal.JWTClientExtensionDataHolder;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.registry.core.Registry; import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource; import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.exceptions.RegistryException; import org.wso2.carbon.registry.core.exceptions.RegistryException;
@ -48,24 +48,15 @@ import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.registry.core.service.TenantRegistryLoader; import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
import org.wso2.carbon.utils.CarbonUtils; import org.wso2.carbon.utils.CarbonUtils;
import java.io.BufferedReader; import java.io.*;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URI; import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.KeyManagementException; import java.security.*;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPrivateKey;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import java.util.Properties; import java.util.Properties;
import java.util.Random;
/** /**
* This is the utility class that is used for JWT Client. * This is the utility class that is used for JWT Client.
@ -210,7 +201,7 @@ public class JWTClientUtil {
long nbf = currentTimeMillis + jwtConfig.getValidityPeriodFromCurrentTime() * 60 * 1000; long nbf = currentTimeMillis + jwtConfig.getValidityPeriodFromCurrentTime() * 60 * 1000;
String jti = jwtConfig.getJti(); String jti = jwtConfig.getJti();
if (jti == null) { if (jti == null) {
String defaultTokenId = currentTimeMillis + "" + new Random().nextInt(); String defaultTokenId = currentTimeMillis + "" + new SecureRandom().nextInt();
jti = defaultTokenId; jti = defaultTokenId;
} }
List<String> aud = jwtConfig.getAudiences(); List<String> aud = jwtConfig.getAudiences();

@ -60,8 +60,7 @@
javax.sql, javax.sql,
javax.cache, javax.cache,
javax.naming, javax.naming,
javax.xml.bind.*, javax.xml.*,
javax.xml.parsers.*,
org.w3c.dom, org.w3c.dom,
org.wso2.carbon.policy.mgt.common.*, org.wso2.carbon.policy.mgt.common.*,
org.wso2.carbon.user.core.*, org.wso2.carbon.user.core.*,

@ -44,6 +44,7 @@ import javax.cache.Cache;
import javax.cache.CacheManager; import javax.cache.CacheManager;
import javax.cache.Caching; import javax.cache.Caching;
import javax.sql.DataSource; import javax.sql.DataSource;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
@ -53,17 +54,16 @@ import java.util.*;
public class PolicyManagerUtil { public class PolicyManagerUtil {
private static final Log log = LogFactory.getLog(PolicyManagerUtil.class);
public static final String GENERAL_CONFIG_RESOURCE_PATH = "general"; public static final String GENERAL_CONFIG_RESOURCE_PATH = "general";
public static final String MONITORING_FREQUENCY = "notifierFrequency"; public static final String MONITORING_FREQUENCY = "notifierFrequency";
private static final Log log = LogFactory.getLog(PolicyManagerUtil.class);
public static Document convertToDocument(File file) throws PolicyManagementException { public static Document convertToDocument(File file) throws PolicyManagementException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new PolicyManagementException("Error occurred while parsing file, while converting " + throw new PolicyManagementException("Error occurred while parsing file, while converting " +
@ -153,11 +153,7 @@ public class PolicyManagerUtil {
public static boolean convertIntToBoolean(int x) { public static boolean convertIntToBoolean(int x) {
if (x == 1) { return x == 1;
return true;
} else {
return false;
}
} }

@ -31,6 +31,7 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils; import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File; import java.io.File;
@ -97,6 +98,7 @@ public class AuthenticationFrameworkUtil {
factory.setNamespaceAware(true); factory.setNamespaceAware(true);
try { try {
DocumentBuilder docBuilder = factory.newDocumentBuilder(); DocumentBuilder docBuilder = factory.newDocumentBuilder();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
return docBuilder.parse(file); return docBuilder.parse(file);
} catch (Exception e) { } catch (Exception e) {
throw new AuthenticatorFrameworkException("Error occurred while parsing file, while converting " + throw new AuthenticatorFrameworkException("Error occurred while parsing file, while converting " +

Loading…
Cancel
Save