resolved issues and resolved merge conflicts with master branch

feature/appm-store/pbac
lasantha 7 years ago
commit dc6ab1db2f

1
.gitignore vendored

@ -13,6 +13,7 @@ target
*.class
*.swp
# Mobile Tools for Java (J2ME)
.mtj.tmp/

@ -22,13 +22,13 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.apimgt.annotations</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Management Annotations</name>
<description>WSO2 Carbon - API Management Custom Annotation Module</description>

@ -21,12 +21,12 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<artifactId>org.wso2.carbon.apimgt.application.extension.api</artifactId>
<packaging>war</packaging>
<name>WSO2 Carbon - API Application Management API</name>
@ -197,6 +197,32 @@
<warName>${project.artifactId}</warName>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -22,12 +22,12 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<artifactId>org.wso2.carbon.apimgt.application.extension</artifactId>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Application Management</name>
@ -119,6 +119,32 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

@ -21,13 +21,13 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.apimgt.handlers</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Security Handler Component</name>
<description>WSO2 Carbon - API Management Security Handler Module</description>
@ -55,6 +55,11 @@
<groupId>org.json.wso2</groupId>
<artifactId>json</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
@ -97,6 +102,41 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<suiteXmlFiles>
<suiteXmlFile>src/test/resources/testng.xml</suiteXmlFile>
</suiteXmlFiles>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -26,37 +26,8 @@ public class APIMCertificateMGTException extends Exception{
private static final long serialVersionUID = -37676242646464497L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public APIMCertificateMGTException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public APIMCertificateMGTException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public APIMCertificateMGTException(String msg) {
super(msg);
setErrorMessage(msg);
}
public APIMCertificateMGTException() {
super();
}
public APIMCertificateMGTException(Throwable cause) {
super(cause);
}
}

@ -19,7 +19,6 @@ package org.wso2.carbon.apimgt.handlers;
import com.google.gson.Gson;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.HandlerDescription;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.core.axis2.Axis2MessageContext;
@ -51,11 +50,9 @@ import java.util.StringTokenizer;
*/
public class AuthenticationHandler extends AbstractHandler {
private static final Log log = LogFactory.getLog(AuthenticationHandler.class);
private static HandlerDescription EMPTY_HANDLER_METADATA = new HandlerDescription("API Security Handler");
private HandlerDescription handlerDesc;
private RESTInvoker restInvoker;
private static final String X_JWT_ASSERTION = "X-JWT-Assertion";
private static final String X_JWT_ASSERTION = "X-JWT-Assertion";
private static final String JWTTOKEN = "JWTToken";
private static final String AUTHORIZATION = "Authorization";
private static final String BEARER = "Bearer ";
@ -69,15 +66,14 @@ public class AuthenticationHandler extends AbstractHandler {
public AuthenticationHandler() {
log.info("Engaging API Security Handler..........");
restInvoker = new RESTInvoker();
this.handlerDesc = EMPTY_HANDLER_METADATA;
this.iotServerConfiguration = Utils.initConfig();
}
/**
* Handling the message and checking the security.
*
* @param messageContext
* @return
* @param messageContext Request message context.
* @return Boolean value of the result of the processing the request.
*/
@Override
public boolean handleRequest(org.apache.synapse.MessageContext messageContext) {
@ -91,16 +87,19 @@ public class AuthenticationHandler extends AbstractHandler {
Map<String, String> headers = (Map<String, String>) axisMC.getProperty(MessageContext.TRANSPORT_HEADERS);
try {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
RESTResponse response;
RESTResponse response = null;
if (headers.containsKey(AuthConstants.MDM_SIGNATURE)) {
String mdmSignature = headers.get(AuthConstants.MDM_SIGNATURE).toString();
String mdmSignature = headers.get(AuthConstants.MDM_SIGNATURE);
if (log.isDebugEnabled()) {
log.debug("Verify Cert:\n" + mdmSignature);
}
String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim());
if (deviceType == null) {
return false;
}
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType);
Map<String, String> certVerifyHeaders = this.setHeaders();
Map<String, String> certVerifyHeaders = this.setHeaders(this.restInvoker);
Certificate certificate = new Certificate();
certificate.setPem(mdmSignature);
@ -109,8 +108,7 @@ public class AuthenticationHandler extends AbstractHandler {
Gson gson = new Gson();
String certVerifyContent = gson.toJson(certificate);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
null, certVerifyContent);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, certVerifyContent);
String str = response.getContent();
if (log.isDebugEnabled()) {
@ -125,7 +123,7 @@ public class AuthenticationHandler extends AbstractHandler {
}
} else if (headers.containsKey(AuthConstants.PROXY_MUTUAL_AUTH_HEADER)) {
String subjectDN = headers.get(AuthConstants.PROXY_MUTUAL_AUTH_HEADER).toString();
String subjectDN = headers.get(AuthConstants.PROXY_MUTUAL_AUTH_HEADER);
if (log.isDebugEnabled()) {
log.debug("Verify subject DN: " + subjectDN);
@ -133,7 +131,7 @@ public class AuthenticationHandler extends AbstractHandler {
String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim());
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType);
Map<String, String> certVerifyHeaders = this.setHeaders();
Map<String, String> certVerifyHeaders = this.setHeaders(this.restInvoker);
Certificate certificate = new Certificate();
certificate.setPem(subjectDN);
certificate.setTenantId(tenantId);
@ -141,8 +139,7 @@ public class AuthenticationHandler extends AbstractHandler {
Gson gson = new Gson();
String certVerifyContent = gson.toJson(certificate);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
null, certVerifyContent);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, certVerifyContent);
if (log.isDebugEnabled()) {
log.debug("Verify response:" + response.getContent());
}
@ -152,23 +149,19 @@ public class AuthenticationHandler extends AbstractHandler {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream bais = new ByteArrayInputStream(certs[0].getEncoded());
X509Certificate x509 = (X509Certificate) cf.generateCertificate(bais);
if (bais != null) {
bais.close();
}
bais.close();
if (x509 != null) {
headers.put(AuthConstants.PROXY_MUTUAL_AUTH_HEADER, CertificateGenerator.getCommonName(x509));
return true;
} else {
response = null;
}
} else if (headers.containsKey(AuthConstants.ENCODED_PEM)) {
String encodedPem = headers.get(AuthConstants.ENCODED_PEM).toString();
String encodedPem = headers.get(AuthConstants.ENCODED_PEM);
if (log.isDebugEnabled()) {
log.debug("Verify Cert:\n" + encodedPem);
}
String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim());
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType);
Map<String, String> certVerifyHeaders = this.setHeaders();
Map<String, String> certVerifyHeaders = this.setHeaders(this.restInvoker);
Certificate certificate = new Certificate();
certificate.setPem(encodedPem);
@ -176,8 +169,7 @@ public class AuthenticationHandler extends AbstractHandler {
certificate.setSerial("");
Gson gson = new Gson();
String certVerifyContent = gson.toJson(certificate);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
null, certVerifyContent);
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, certVerifyContent);
if (log.isDebugEnabled()) {
log.debug("Verify response:" + response.getContent());
}
@ -224,9 +216,9 @@ public class AuthenticationHandler extends AbstractHandler {
return null;
}
private Map<String, String> setHeaders() throws APIMCertificateMGTException {
private Map<String, String> setHeaders(RESTInvoker restInvoker) throws APIMCertificateMGTException {
Map<String, String> map = new HashMap<>();
String accessToken = Utils.getAccessToken(iotServerConfiguration);
String accessToken = Utils.getAccessToken(iotServerConfiguration, restInvoker);
map.put(AUTHORIZATION, BEARER + accessToken);
map.put(CONTENT_TYPE, "application/json");
return map;

@ -17,11 +17,9 @@
*/
package org.wso2.carbon.apimgt.handlers.invoker;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.Header;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.*;
import org.apache.http.entity.StringEntity;
@ -32,42 +30,37 @@ import org.apache.http.util.EntityUtils;
import java.io.IOException;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Set;
public class RESTInvoker {
private static final Log log = LogFactory.getLog(RESTInvoker.class);
private int maxTotalConnections = 100;
private int maxTotalConnectionsPerRoute = 100;
private int connectionTimeout = 120000;
private int socketTimeout = 120000;
private CloseableHttpClient client = null;
private PoolingHttpClientConnectionManager connectionManager = null;
public RESTInvoker() {
configureHttpClient();
}
private void configureHttpClient() {
int connectionTimeout = 120000;
int socketTimeout = 120000;
int maxTotalConnectionsPerRoute = 100;
int maxTotalConnections = 100;
RequestConfig defaultRequestConfig = RequestConfig.custom()
.setExpectContinueEnabled(true)
.setConnectTimeout(connectionTimeout)
.setSocketTimeout(socketTimeout)
.build();
connectionManager = new PoolingHttpClientConnectionManager();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setDefaultMaxPerRoute(maxTotalConnectionsPerRoute);
connectionManager.setMaxTotal(maxTotalConnections);
client = HttpClients.custom()
.setConnectionManager(connectionManager)
.setDefaultRequestConfig(defaultRequestConfig)
.build();
if(log.isDebugEnabled()){
if (log.isDebugEnabled()) {
log.debug("REST client initialized with " +
"maxTotalConnection = " + maxTotalConnections +
"maxConnectionsPerRoute = " + maxTotalConnectionsPerRoute +
@ -76,81 +69,24 @@ public class RESTInvoker {
}
public void closeHttpClient() {
IOUtils.closeQuietly(client);
IOUtils.closeQuietly(connectionManager);
}
/**
* Invokes the http GET method
*
* @param uri endpoint/service url
* @param requestHeaders header list
* @param username username for authentication
* @param password password for authentication
* @return RESTResponse of the GET request (can be the response body or the response status code)
* @throws Exception
*/
public RESTResponse invokeGET(URI uri, Map<String, String> requestHeaders, String username, String password) throws IOException {
HttpGet httpGet = null;
CloseableHttpResponse response = null;
Header[] headers;
int httpStatus;
String contentType;
String output;
try {
httpGet = new HttpGet(uri);
if (requestHeaders != null && !requestHeaders.isEmpty()) {
Object keys[] = requestHeaders.keySet().toArray();
for (Object header : keys) {
httpGet.setHeader(header.toString(), requestHeaders.get(header).toString());
}
}
response = sendReceiveRequest(httpGet, username, password);
output = IOUtils.toString(response.getEntity().getContent());
headers = response.getAllHeaders();
httpStatus = response.getStatusLine().getStatusCode();
contentType = response.getEntity().getContentType().getValue();
if (log.isDebugEnabled()) {
log.debug("Invoked GET " + uri.toString() + " - Response message: " + output);
}
EntityUtils.consume(response.getEntity());
} finally {
if (response != null) {
IOUtils.closeQuietly(response);
}
if (httpGet != null) {
httpGet.releaseConnection();
}
}
return new RESTResponse(contentType, output, headers, httpStatus);
}
public RESTResponse invokePOST(URI uri, Map<String, String> requestHeaders, String username,
String password, String payload) throws IOException {
public RESTResponse invokePOST(URI uri, Map<String, String> requestHeaders, String payload) throws IOException {
HttpPost httpPost = null;
CloseableHttpResponse response = null;
Header[] headers;
int httpStatus;
String contentType;
String output;
try {
httpPost = new HttpPost(uri);
httpPost.setEntity(new StringEntity(payload));
if (requestHeaders != null && !requestHeaders.isEmpty()) {
Object keys[] = requestHeaders.keySet().toArray();
for (Object header : keys) {
httpPost.setHeader(header.toString(), requestHeaders.get(header).toString());
Set<String> keys = requestHeaders.keySet();
for (String header : keys) {
httpPost.setHeader(header, requestHeaders.get(header));
}
}
response = sendReceiveRequest(httpPost, username, password);
response = sendReceiveRequest(httpPost);
output = IOUtils.toString(response.getEntity().getContent());
headers = response.getAllHeaders();
httpStatus = response.getStatusLine().getStatusCode();
contentType = response.getEntity().getContentType().getValue();
if (log.isDebugEnabled()) {
log.debug("Invoked POST " + uri.toString() +
" - Input payload: " + payload + " - Response message: " + output);
@ -164,116 +100,11 @@ public class RESTInvoker {
httpPost.releaseConnection();
}
}
return new RESTResponse(contentType, output, headers, httpStatus);
}
/**
* Invokes the http PUT method
*
* @param uri endpoint/service url
* @param requestHeaders header list
* @param username username for authentication
* @param password password for authentication
* @param payload payload body passed
* @return RESTResponse of the PUT request (can be the response body or the response status code)
* @throws Exception
*/
public RESTResponse invokePUT(URI uri, Map<String, String> requestHeaders, String username, String password,
String payload) throws IOException {
HttpPut httpPut = null;
CloseableHttpResponse response = null;
Header[] headers;
int httpStatus;
String contentType;
String output;
try {
httpPut = new HttpPut(uri);
httpPut.setEntity(new StringEntity(payload));
if (requestHeaders != null && !requestHeaders.isEmpty()) {
Object keys[] = requestHeaders.keySet().toArray();
for (Object header : keys) {
httpPut.setHeader(header.toString(), requestHeaders.get(header).toString());
}
}
response = sendReceiveRequest(httpPut, username, password);
output = IOUtils.toString(response.getEntity().getContent());
headers = response.getAllHeaders();
httpStatus = response.getStatusLine().getStatusCode();
contentType = response.getEntity().getContentType().getValue();
if (log.isDebugEnabled()) {
log.debug("Invoked PUT " + uri.toString() + " - Response message: " + output);
}
EntityUtils.consume(response.getEntity());
} finally {
if (response != null) {
IOUtils.closeQuietly(response);
}
if (httpPut != null) {
httpPut.releaseConnection();
}
}
return new RESTResponse(contentType, output, headers, httpStatus);
}
/**
* Invokes the http DELETE method
*
* @param uri endpoint/service url
* @param requestHeaders header list
* @param username username for authentication
* @param password password for authentication
* @return RESTResponse of the DELETE (can be the response status code or the response body)
* @throws Exception
*/
public RESTResponse invokeDELETE(URI uri, Map<String, String> requestHeaders, String username, String password) throws IOException {
HttpDelete httpDelete = null;
CloseableHttpResponse response = null;
Header[] headers;
int httpStatus;
String contentType;
String output;
try {
httpDelete = new HttpDelete(uri);
if (requestHeaders != null && !requestHeaders.isEmpty()) {
Object keys[] = requestHeaders.keySet().toArray();
for (Object header : keys) {
httpDelete.setHeader(header.toString(), requestHeaders.get(header).toString());
}
}
response = sendReceiveRequest(httpDelete, username, password);
output = IOUtils.toString(response.getEntity().getContent());
headers = response.getAllHeaders();
httpStatus = response.getStatusLine().getStatusCode();
contentType = response.getEntity().getContentType().getValue();
if (log.isDebugEnabled()) {
log.debug("Invoked DELETE " + uri.toString() + " - Response message: " + output);
}
EntityUtils.consume(response.getEntity());
} finally {
if (response != null) {
IOUtils.closeQuietly(response);
}
if (httpDelete != null) {
httpDelete.releaseConnection();
}
}
return new RESTResponse(contentType, output, headers, httpStatus);
return new RESTResponse(output, httpStatus);
}
private CloseableHttpResponse sendReceiveRequest(HttpRequestBase requestBase, String username, String password)
private CloseableHttpResponse sendReceiveRequest(HttpRequestBase requestBase)
throws IOException {
CloseableHttpResponse response;
if (username != null && !username.equals("") && password != null) {
String combinedCredentials = username + ":" + password;
byte[] encodedCredentials = Base64.encodeBase64(combinedCredentials.getBytes(StandardCharsets.UTF_8));
requestBase.addHeader("Authorization", "Basic " + new String(encodedCredentials));
response = client.execute(requestBase);
} else {
response = client.execute(requestBase);
}
return response;
return client.execute(requestBase);
}
}

@ -17,40 +17,25 @@
*/
package org.wso2.carbon.apimgt.handlers.invoker;
import org.apache.http.Header;
/**
* RESTResponse class holds the data retrieved from the HTTP invoke response.
*/
public class RESTResponse {
private String contentType;
private String content;
private Header[] headers;
private int httpStatus;
/**
* Constructor
*
* @param contentType from the REST invoke response
* @param content from the REST invoke response
* @param headers from the REST invoke response
* @param httpStatus from the REST invoke response
*/
public RESTResponse(String contentType, String content, Header[] headers, int httpStatus) {
this.contentType = contentType;
RESTResponse(String content, int httpStatus) {
this.content = content;
this.headers = headers;
this.httpStatus = httpStatus;
}
/**
* Get the content type of the EST invoke response
*
* @return String content type of the response
*/
public String getContentType() {
return contentType;
}
/**
* Get contents of the REST invoke response
@ -61,15 +46,6 @@ public class RESTResponse {
return content;
}
/**
* Get headers of the REST invoke response
*
* @return headers of the REST invoke response
*/
public Header[] getHeaders() {
return headers;
}
/**
* Get the HTTP Status code from REST invoke response
*

@ -21,18 +21,6 @@ package org.wso2.carbon.apimgt.handlers.utils;
* This initializes the constance.
*/
public class AuthConstants {
// public static final String SEC_FAULT = "SECURITY_VALIDATION_FAILURE";
// public static final String HTTPS = "https";
// public static final String WSSE = "wsse";
// public static final String AUTH_CONFIGURATION_FILE_NAME = "api-filter-config.xml";
// public static final String API_FILTER_CONFIG_ELEMENT = "apiFilterConfig";
// public static final String API_LIST_PROPERTY = "apiList";
// public static final String HOST = "host";
// public static final String HTTPS_PORT = "httpsPort";
// public static final String USERNAME = "username";
// public static final String PASSWORD = "password";
// public static final String IOS_VERIFY_ENDPOINT = "ios-verify-endpoint";
// public static final String ANDROID_VERIFY_ENDPOINT = "android-verify-endpoint";
public static final String MDM_SIGNATURE = "mdm-signature";
public static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header";
public static final String MUTUAL_AUTH_HEADER = "mutual-auth-header";

@ -59,14 +59,22 @@ public class Utils {
/**
* This method initializes the iot-api-config.xml file.
* @return
*
* @return IoTServerConfiguration Object based on the configuration file.
*/
public static IOTServerConfiguration initConfig() {
try {
return initConfig(CarbonUtils.getCarbonConfigDirPath() + File.separator + IOT_APIS_CONFIG_FILE);
}
String IOTServerAPIConfigurationPath = CarbonUtils.getCarbonConfigDirPath() + File.separator
+ IOT_APIS_CONFIG_FILE;
File file = new File(IOTServerAPIConfigurationPath);
/**
* This methods initialized the iot-api-config.xml from provided path.
*
* @param path The actual file path of iot-api-config.xml
* @return The instance of the IOTServerConfiguration based on the configuration.
*/
public static IOTServerConfiguration initConfig(String path) {
try {
File file = new File(path);
Document doc = Utils.convertToDocument(file);
JAXBContext fileContext = JAXBContext.newInstance(IOTServerConfiguration.class);
@ -91,7 +99,7 @@ public class Utils {
/**
* This method gets the values from system variables and sets to xml.
*/
public static String replaceProperties(String text) {
private static String replaceProperties(String text) {
String regex = "\\$\\{(.*?)\\}";
Pattern pattern = Pattern.compile(regex);
Matcher matchPattern = pattern.matcher(text);
@ -107,11 +115,12 @@ public class Utils {
/**
* This class build the iot-api-config.xml file.
* @param file
* @return
*
* @param file The file object of iot-api-config.xml.
* @return Document instance of the file
* @throws APIMCertificateMGTException
*/
public static Document convertToDocument(File file) throws APIMCertificateMGTException {
private static Document convertToDocument(File file) throws APIMCertificateMGTException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
try {
@ -126,48 +135,46 @@ public class Utils {
/**
* This class get the access token from the key manager.
* @param iotServerConfiguration
* @return
*
* @param iotServerConfiguration Instance of the IoTsererConfiguration.
* @return Access token will be returned.
* @throws APIMCertificateMGTException
*/
public static String getAccessToken(IOTServerConfiguration iotServerConfiguration)
public static String getAccessToken(IOTServerConfiguration iotServerConfiguration, RESTInvoker restInvoker)
throws APIMCertificateMGTException {
try {
if (clientId == null || clientSecret == null) {
getClientSecretes(iotServerConfiguration);
getClientSecretes(iotServerConfiguration, restInvoker);
}
URI tokenUrl = new URI(iotServerConfiguration.getOauthTokenEndpoint());
String tokenContent = "grant_type=password&username=" + iotServerConfiguration.getUsername()+ "&password=" +
String tokenContent = "grant_type=password&username=" + iotServerConfiguration.getUsername() + "&password=" +
iotServerConfiguration.getPassword() + "&scope=activity-view";
String tokenBasicAuth = "Basic " + Base64.encode((clientId + ":" + clientSecret).getBytes());
Map<String, String> tokenHeaders = new HashMap<String, String>();
Map<String, String> tokenHeaders = new HashMap<>();
tokenHeaders.put("Authorization", tokenBasicAuth);
tokenHeaders.put("Content-Type", "application/x-www-form-urlencoded");
RESTInvoker restInvoker = new RESTInvoker();
RESTResponse response = restInvoker.invokePOST(tokenUrl, tokenHeaders, null, null, tokenContent);
if(log.isDebugEnabled()) {
RESTResponse response = restInvoker.invokePOST(tokenUrl, tokenHeaders, tokenContent);
if (log.isDebugEnabled()) {
log.debug("Token response:" + response.getContent());
}
JSONObject jsonResponse = new JSONObject(response.getContent());
String accessToken = jsonResponse.getString("access_token");
return accessToken;
return jsonResponse.getString("access_token");
} catch (URISyntaxException e) {
} catch (URISyntaxException | IOException e) {
throw new APIMCertificateMGTException("Error occurred while trying to call oauth token endpoint", e);
} catch (JSONException e) {
throw new APIMCertificateMGTException("Error occurred while converting the json to object", e);
} catch (IOException e) {
throw new APIMCertificateMGTException("Error occurred while trying to call oauth token endpoint", e);
}
}
/**
* This method register an application to get the client key and secret.
* @param iotServerConfiguration
*
* @param iotServerConfiguration Instance of the IoTServerConfiguration.
* @throws APIMCertificateMGTException
*/
private static void getClientSecretes(IOTServerConfiguration iotServerConfiguration)
private static void getClientSecretes(IOTServerConfiguration iotServerConfiguration, RESTInvoker restInvoker)
throws APIMCertificateMGTException {
try {
String username = iotServerConfiguration.getUsername();
@ -180,13 +187,12 @@ public class Utils {
dcr.setCallbackUrl(AuthConstants.CALLBACK_URL);
dcr.setIsSaasApp(true);
String dcrContent = dcr.toJSON();
Map<String, String> dcrHeaders = new HashMap<String, String>();
Map<String, String> dcrHeaders = new HashMap<>();
String basicAuth = Base64.encode((username + ":" + password).getBytes());
dcrHeaders.put(AuthConstants.CONTENT_TYPE_HEADER, AuthConstants.CONTENT_TYPE);
dcrHeaders.put(AuthConstants.AUTHORIZATION_HEADER, AuthConstants.BASIC_AUTH_PREFIX + basicAuth);
URI dcrUrl = new URI(iotServerConfiguration.getDynamicClientRegistrationEndpoint());
RESTInvoker restInvoker = new RESTInvoker();
RESTResponse response = restInvoker.invokePOST(dcrUrl, dcrHeaders, null, null, dcrContent);
RESTResponse response = restInvoker.invokePOST(dcrUrl, dcrHeaders, dcrContent);
if (log.isDebugEnabled()) {
log.debug("DCR response :" + response.getContent());
}

@ -0,0 +1,316 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers;
import com.google.gson.Gson;
import junit.framework.Assert;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.http.ProtocolVersion;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.entity.BasicHttpEntity;
import org.apache.http.message.BasicStatusLine;
import org.apache.synapse.MessageContext;
import org.apache.synapse.config.SynapseConfigUtils;
import org.apache.synapse.config.SynapseConfiguration;
import org.apache.synapse.core.SynapseEnvironment;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.core.axis2.Axis2SynapseEnvironment;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.apimgt.handlers.beans.ValidationResponce;
import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker;
import org.wso2.carbon.apimgt.handlers.mock.MockClient;
import org.wso2.carbon.apimgt.handlers.mock.MockHttpResponse;
import org.wso2.carbon.apimgt.handlers.utils.AuthConstants;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import javax.security.cert.X509Certificate;
/**
* This testcase will focus on covering the methods of {@link AuthenticationHandler}
*/
public class AuthenticationHandlerTest extends BaseAPIHandlerTest {
private AuthenticationHandler handler;
private SynapseConfiguration synapseConfiguration;
private MockClient mockClient;
@BeforeClass
public void initTest() {
TestUtils.setSystemProperties();
this.handler = new AuthenticationHandler();
this.synapseConfiguration = new SynapseConfiguration();
}
@Test(description = "Handle request with empty transport headers")
public void testHandleRequestWithEmptyTransportHeader() throws Exception {
boolean response = this.handler.handleRequest(createSynapseMessageContext("<empty/>", this.synapseConfiguration,
new HashMap<>(), "https://test.com/testservice"));
Assert.assertFalse(response);
}
@Test(description = "Handle request with without device type",
dependsOnMethods = "testHandleRequestWithEmptyTransportHeader")
public void testHandleRequestWithoutDeviceType() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.MDM_SIGNATURE, "some cert");
boolean response = this.handler.handleRequest(createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice"));
Assert.assertFalse(response);
}
@Test(description = "Handle request with device type URI with MDM ceritificate",
dependsOnMethods = "testHandleRequestWithoutDeviceType")
public void testHandleSuccessfulRequestMDMCertificate() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.MDM_SIGNATURE, "some cert");
setMockClient();
this.mockClient.setResponse(getDCRResponse());
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getValidationResponse());
boolean response = this.handler.handleRequest(createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice"));
Assert.assertTrue(response);
this.mockClient.reset();
}
@Test(description = "Handle request with device type URI with Proxy Mutual Auth Header",
dependsOnMethods = "testHandleSuccessfulRequestMDMCertificate")
public void testHandleSuccessRequestProxyMutualAuthHeader() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.PROXY_MUTUAL_AUTH_HEADER, "Test Header");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getValidationResponse());
boolean response = this.handler.handleRequest(createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice"));
Assert.assertTrue(response);
this.mockClient.reset();
}
@Test(description = "Handle request with device type URI with Mutual Auth Header",
dependsOnMethods = "testHandleSuccessRequestProxyMutualAuthHeader")
public void testHandleSuccessRequestMutualAuthHeader() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.MUTUAL_AUTH_HEADER, "Test Header");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getValidationResponse());
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
org.apache.axis2.context.MessageContext axisMC = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
String certStr = getContent(TestUtils.getAbsolutePathOfConfig("ra_cert.pem"));
X509Certificate cert = X509Certificate.getInstance(new ByteArrayInputStream(certStr.
getBytes(StandardCharsets.UTF_8.name())));
axisMC.setProperty(AuthConstants.CLIENT_CERTIFICATE, new X509Certificate[]{cert});
boolean response = this.handler.handleRequest(messageContext);
Assert.assertTrue(response);
this.mockClient.reset();
}
@Test(description = "Handle request with device type URI with Encoded Pem",
dependsOnMethods = "testHandleSuccessRequestMutualAuthHeader")
public void testHandleSuccessRequestEncodedPem() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.ENCODED_PEM, "encoded pem");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getValidationResponse());
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
boolean response = this.handler.handleRequest(messageContext);
Assert.assertTrue(response);
this.mockClient.reset();
}
@Test(description = "Handle request with device type URI with Encoded Pem with invalid response",
dependsOnMethods = "testHandleSuccessRequestEncodedPem")
public void testHandleSuccessRequestEncodedPemInvalidResponse() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.ENCODED_PEM, "encoded pem");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getInvalidResponse());
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
boolean response = this.handler.handleRequest(messageContext);
Assert.assertFalse(response);
this.mockClient.reset();
}
@Test(description = "Handle request with cert management exception ",
dependsOnMethods = "testHandleSuccessRequestEncodedPem")
public void testHandleRequestWithCertMgmtException() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.ENCODED_PEM, "encoded pem");
setMockClient();
this.mockClient.setResponse(null);
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
boolean response = this.handler.handleRequest(messageContext);
Assert.assertFalse(response);
this.mockClient.reset();
}
@Test(description = "Handle request with IO exception",
dependsOnMethods = "testHandleRequestWithCertMgmtException")
public void testHandleRequestWithIOException() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.ENCODED_PEM, "encoded pem");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(null);
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
boolean response = this.handler.handleRequest(messageContext);
Assert.assertFalse(response);
this.mockClient.reset();
}
@Test(description = "Handle request with URI exception",
dependsOnMethods = "testHandleRequestWithIOException")
public void testHandleRequestWithURIException() throws Exception {
TestUtils.resetSystemProperties();
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.MDM_SIGNATURE, "some cert");
AuthenticationHandler handler = new AuthenticationHandler();
boolean response = handler.handleRequest(createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice"));
Assert.assertFalse(response);
TestUtils.setSystemProperties();
}
@Test(description = "Handle response")
public void testHandleResponse() throws Exception {
boolean response = this.handler.handleResponse(null);
Assert.assertTrue(response);
}
private static MessageContext createSynapseMessageContext(
String payload, SynapseConfiguration config, HashMap<String, String> transportHeaders,
String address) throws Exception {
org.apache.axis2.context.MessageContext mc =
new org.apache.axis2.context.MessageContext();
AxisConfiguration axisConfig = config.getAxisConfiguration();
if (axisConfig == null) {
axisConfig = new AxisConfiguration();
config.setAxisConfiguration(axisConfig);
}
ConfigurationContext cfgCtx = new ConfigurationContext(axisConfig);
SynapseEnvironment env = new Axis2SynapseEnvironment(cfgCtx, config);
MessageContext synMc = new Axis2MessageContext(mc, config, env);
SOAPEnvelope envelope =
OMAbstractFactory.getSOAP11Factory().getDefaultEnvelope();
OMDocument omDoc =
OMAbstractFactory.getSOAP11Factory().createOMDocument();
omDoc.addChild(envelope);
envelope.getBody().addChild(SynapseConfigUtils.stringToOM(payload));
synMc.setEnvelope(envelope);
synMc.setTo(new EndpointReference(address));
org.apache.axis2.context.MessageContext axis2MessageContext =
((Axis2MessageContext) synMc).getAxis2MessageContext();
axis2MessageContext.setProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS, transportHeaders);
return synMc;
}
private void setMockClient() throws NoSuchFieldException, IllegalAccessException {
Field restInvokerField = this.handler.getClass().getDeclaredField("restInvoker");
restInvokerField.setAccessible(true);
RESTInvoker restInvoker = (RESTInvoker) restInvokerField.get(this.handler);
Field clientField = restInvoker.getClass().getDeclaredField("client");
clientField.setAccessible(true);
this.mockClient = new MockClient();
clientField.set(restInvoker, this.mockClient);
}
private CloseableHttpResponse getDCRResponse() throws IOException {
CloseableHttpResponse mockDCRResponse = new MockHttpResponse();
String dcrResponseFile = TestUtils.getAbsolutePathOfConfig("dcr-response.json");
BasicHttpEntity responseEntity = new BasicHttpEntity();
responseEntity.setContent(new ByteArrayInputStream(getContent(dcrResponseFile).
getBytes(StandardCharsets.UTF_8.name())));
responseEntity.setContentType(TestUtils.CONTENT_TYPE);
mockDCRResponse.setEntity(responseEntity);
mockDCRResponse.setStatusLine(new BasicStatusLine(new ProtocolVersion("http", 1, 0), 200, "OK"));
return mockDCRResponse;
}
private CloseableHttpResponse getAccessTokenReponse() throws IOException {
CloseableHttpResponse mockDCRResponse = new MockHttpResponse();
String dcrResponseFile = TestUtils.getAbsolutePathOfConfig("accesstoken-response.json");
BasicHttpEntity responseEntity = new BasicHttpEntity();
responseEntity.setContent(new ByteArrayInputStream(getContent(dcrResponseFile).
getBytes(StandardCharsets.UTF_8.name())));
responseEntity.setContentType(TestUtils.CONTENT_TYPE);
mockDCRResponse.setEntity(responseEntity);
mockDCRResponse.setStatusLine(new BasicStatusLine(new ProtocolVersion("http", 1, 0), 200, "OK"));
return mockDCRResponse;
}
private CloseableHttpResponse getValidationResponse() throws UnsupportedEncodingException {
ValidationResponce response = new ValidationResponce();
response.setDeviceId("1234");
response.setDeviceType("testdevice");
response.setJWTToken("1234567788888888");
response.setTenantId(-1234);
Gson gson = new Gson();
String jsonReponse = gson.toJson(response);
CloseableHttpResponse mockDCRResponse = new MockHttpResponse();
BasicHttpEntity responseEntity = new BasicHttpEntity();
responseEntity.setContent(new ByteArrayInputStream(jsonReponse.getBytes(StandardCharsets.UTF_8.name())));
responseEntity.setContentType(TestUtils.CONTENT_TYPE);
mockDCRResponse.setEntity(responseEntity);
mockDCRResponse.setStatusLine(new BasicStatusLine(new ProtocolVersion("http", 1, 0), 200, "OK"));
return mockDCRResponse;
}
private CloseableHttpResponse getInvalidResponse() throws UnsupportedEncodingException {
CloseableHttpResponse mockDCRResponse = new MockHttpResponse();
BasicHttpEntity responseEntity = new BasicHttpEntity();
responseEntity.setContent(new ByteArrayInputStream("invalid response".getBytes(StandardCharsets.UTF_8.name())));
responseEntity.setContentType(TestUtils.CONTENT_TYPE);
mockDCRResponse.setEntity(responseEntity);
mockDCRResponse.setStatusLine(new BasicStatusLine(new ProtocolVersion("http", 1, 0), 400, "Bad Request"));
return mockDCRResponse;
}
private String getContent(String filePath) throws IOException {
FileReader fileReader = new FileReader(filePath);
BufferedReader bufferedReader = new BufferedReader(fileReader);
String content = "";
String line;
while ((line = bufferedReader.readLine()) != null) {
content += line + "\n";
}
bufferedReader.close();
return content;
}
}

@ -0,0 +1,60 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers;
import org.testng.annotations.BeforeSuite;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.io.File;
/**
* This is the base test case for API Handler tests.
*/
public class BaseAPIHandlerTest {
@BeforeSuite
public void init() {
setUpCarbonHome();
}
private void setUpCarbonHome() {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants
.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
}
}

@ -0,0 +1,97 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.apimgt.handlers.config.IOTServerConfiguration;
import org.wso2.carbon.apimgt.handlers.utils.Utils;
import java.io.File;
/**
* This class validates the behaviour of {@link IOTServerConfiguration}
*/
public class IOTServerConfigurationTest extends BaseAPIHandlerTest {
private static final String CONFIG_DIR = "carbon-home" + File.separator + "repository" + File.separator +
"conf" + File.separator;
@BeforeClass
public void initTest(){
TestUtils.resetSystemProperties();
}
@Test(description = "Validating the IoT Server configuration initialization without system properties")
public void initConfigWithoutSystemProps() {
IOTServerConfiguration serverConfiguration = Utils.initConfig();
Assert.assertTrue(serverConfiguration != null);
Assert.assertEquals(serverConfiguration.getHostname(), "https://${iot.core.host}:${iot.core.https.port}/");
Assert.assertEquals(serverConfiguration.getVerificationEndpoint(),
"https://${iot.core.host}:${iot.core.https.port}/api/certificate-mgt/v1.0/admin/certificates/verify/");
Assert.assertEquals(serverConfiguration.getUsername(), "testuser");
Assert.assertEquals(serverConfiguration.getPassword(), "testuserpwd");
Assert.assertEquals(serverConfiguration.getDynamicClientRegistrationEndpoint(),
"https://${iot.keymanager.host}:${iot.keymanager.https.port}/client-registration/v0.11/register");
Assert.assertEquals(serverConfiguration.getOauthTokenEndpoint(),
"https://${iot.keymanager.host}:${iot.keymanager.https.port}/oauth2/token");
Assert.assertEquals(serverConfiguration.getApis().size(), 1);
Assert.assertEquals(serverConfiguration.getApis().get(0).getContextPath(), "/services");
}
@Test(description = "Initializing IoT server config with invalid configuration",
dependsOnMethods = "initConfigWithoutSystemProps")
public void initConfigWithInvalidConfig() {
IOTServerConfiguration serverConfig = Utils.initConfig(TestUtils.getAbsolutePathOfConfig(CONFIG_DIR
+ "iot-api-config-invalid.xml"));
Assert.assertEquals(serverConfig, null);
}
@Test(description = "Initializing IoT server config with invalid xml",
dependsOnMethods = "initConfigWithInvalidConfig")
public void initConfigWithInvalidXMLConfig() {
IOTServerConfiguration serverConfig = Utils.initConfig(TestUtils.getAbsolutePathOfConfig(CONFIG_DIR +
"iot-api-config-invalid-xml.xml"));
Assert.assertEquals(serverConfig, null);
}
@Test(description = "Initializing IoT server config with system configs",
dependsOnMethods = "initConfigWithInvalidXMLConfig")
public void initConfigWithSystemProps() {
TestUtils.setSystemProperties();
IOTServerConfiguration serverConfiguration = Utils.initConfig();
Assert.assertTrue(serverConfiguration != null);
Assert.assertEquals(serverConfiguration.getHostname(), "https://" + TestUtils.IOT_CORE_HOST + ":"
+ TestUtils.IOT_CORE_HTTPS_PORT
+ "/");
Assert.assertEquals(serverConfiguration.getVerificationEndpoint(),
"https://" + TestUtils.IOT_CORE_HOST + ":" + TestUtils.IOT_CORE_HTTPS_PORT +
"/api/certificate-mgt/v1.0/admin/certificates/" +
"verify/");
Assert.assertEquals(serverConfiguration.getUsername(), "testuser");
Assert.assertEquals(serverConfiguration.getPassword(), "testuserpwd");
Assert.assertEquals(serverConfiguration.getDynamicClientRegistrationEndpoint(),
"https://" + TestUtils.IOT_KEYMANAGER_HOST + ":" + TestUtils.IOT_KEYMANAGER_PORT
+ "/client-registration/v0.11/register");
Assert.assertEquals(serverConfiguration.getOauthTokenEndpoint(),
"https://" + TestUtils.IOT_KEYMANAGER_HOST + ":" + TestUtils.IOT_KEYMANAGER_PORT
+ "/oauth2/token");
Assert.assertEquals(serverConfiguration.getApis().size(), 1);
Assert.assertEquals(serverConfiguration.getApis().get(0).getContextPath(), "/services");
}
}

@ -0,0 +1,61 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers;
import org.testng.Assert;
import java.io.File;
import java.net.URL;
/**
* Utils class which provides utility methods for other testcases.
*/
public class TestUtils {
static final String IOT_CORE_HOST = "iot.core.wso2.com";
static final String IOT_CORE_HTTPS_PORT = "9443";
static final String IOT_KEYMANAGER_HOST = "iot.keymanager.wso2.com";
static final String IOT_KEYMANAGER_PORT = "9443";
static final String CONTENT_TYPE = "application/json";
private static final String IOT_HOST_PROPERTY = "iot.core.host";
private static final String IOT_PORT_PROPERTY = "iot.core.https.port";
private static final String IOT_KEY_MANAGER_HOST_PROPERTY = "iot.keymanager.host";
private static final String IOT_KEY_MANAGER_PORT_PROPERTY = "iot.keymanager.https.port";
static String getAbsolutePathOfConfig(String configFilePath) {
ClassLoader classLoader = TestUtils.class.getClassLoader();
URL invalidConfig = classLoader.getResource(configFilePath);
Assert.assertTrue(invalidConfig != null);
File file = new File(invalidConfig.getFile());
return file.getAbsolutePath();
}
static void setSystemProperties() {
System.setProperty(IOT_HOST_PROPERTY, IOT_CORE_HOST);
System.setProperty(IOT_PORT_PROPERTY, IOT_CORE_HTTPS_PORT);
System.setProperty(IOT_KEY_MANAGER_HOST_PROPERTY, IOT_KEYMANAGER_HOST);
System.setProperty(IOT_KEY_MANAGER_PORT_PROPERTY, IOT_KEYMANAGER_PORT);
}
static void resetSystemProperties() {
System.clearProperty(IOT_HOST_PROPERTY);
System.clearProperty(IOT_PORT_PROPERTY);
System.clearProperty(IOT_KEY_MANAGER_HOST_PROPERTY);
System.clearProperty(IOT_KEY_MANAGER_PORT_PROPERTY);
}
}

@ -0,0 +1,76 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers.mock;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.params.HttpParams;
import org.apache.http.protocol.HttpContext;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
/**
* Mock implementation for CloseableHttpClient to be used in test cases.
*/
public class MockClient extends CloseableHttpClient {
private List<CloseableHttpResponse> responses = new ArrayList<>();
private int responseCount = 0;
@Override
protected CloseableHttpResponse doExecute(HttpHost httpHost, HttpRequest httpRequest, HttpContext httpContext)
throws IOException {
if (this.responseCount < this.responses.size()) {
this.responseCount++;
CloseableHttpResponse response = this.responses.get(this.responseCount - 1);
if (response == null) {
throw new IOException("test exception");
}
return response;
} else {
return new MockHttpResponse();
}
}
@Override
public void close() throws IOException {
}
@Override
public HttpParams getParams() {
return null;
}
@Override
public ClientConnectionManager getConnectionManager() {
return null;
}
public void setResponse(CloseableHttpResponse reponse) {
this.responses.add(reponse);
}
public void reset() {
this.responses.clear();
this.responseCount = 0;
}
}

@ -0,0 +1,178 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.handlers.mock;
import org.apache.http.Header;
import org.apache.http.HeaderIterator;
import org.apache.http.HttpEntity;
import org.apache.http.ProtocolVersion;
import org.apache.http.StatusLine;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.params.HttpParams;
import java.io.IOException;
import java.util.Locale;
/**
* Mock http response to be used in the test cases.
*
*/
public class MockHttpResponse implements CloseableHttpResponse {
private HttpEntity httpEntity;
private StatusLine statusLine;
@Override
public void close() throws IOException {
}
@Override
public StatusLine getStatusLine() {
return this.statusLine;
}
@Override
public void setStatusLine(StatusLine statusLine) {
this.statusLine = statusLine;
}
@Override
public void setStatusLine(ProtocolVersion protocolVersion, int i) {
}
@Override
public void setStatusLine(ProtocolVersion protocolVersion, int i, String s) {
}
@Override
public void setStatusCode(int i) throws IllegalStateException {
}
@Override
public void setReasonPhrase(String s) throws IllegalStateException {
}
@Override
public HttpEntity getEntity() {
return this.httpEntity;
}
@Override
public void setEntity(HttpEntity httpEntity) {
this.httpEntity = httpEntity;
}
@Override
public Locale getLocale() {
return null;
}
@Override
public void setLocale(Locale locale) {
}
@Override
public ProtocolVersion getProtocolVersion() {
return null;
}
@Override
public boolean containsHeader(String s) {
return false;
}
@Override
public Header[] getHeaders(String s) {
return new Header[0];
}
@Override
public Header getFirstHeader(String s) {
return null;
}
@Override
public Header getLastHeader(String s) {
return null;
}
@Override
public Header[] getAllHeaders() {
return new Header[0];
}
@Override
public void addHeader(Header header) {
}
@Override
public void addHeader(String s, String s1) {
}
@Override
public void setHeader(Header header) {
}
@Override
public void setHeader(String s, String s1) {
}
@Override
public void setHeaders(Header[] headers) {
}
@Override
public void removeHeader(Header header) {
}
@Override
public void removeHeaders(String s) {
}
@Override
public HeaderIterator headerIterator() {
return null;
}
@Override
public HeaderIterator headerIterator(String s) {
return null;
}
@Override
public HttpParams getParams() {
return null;
}
@Override
public void setParams(HttpParams httpParams) {
}
}

@ -0,0 +1,7 @@
{
"scope": "API_SUBSCRIBER_SCOPE",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "33c3be152ebf0030b3fb76f2c1f80bf8",
"access_token": "292ff0fd256814536baca0926f483c8d"
}

@ -0,0 +1,656 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!--
This is the main server configuration file
${carbon.home} represents the carbon.home system property.
Other system properties can be specified in a similar manner.
-->
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
<!--
Product Name
-->
<Name>${product.name}</Name>
<!--
machine readable unique key to identify each product
-->
<ServerKey>${product.key}</ServerKey>
<!--
Product Version
-->
<Version>${product.version}</Version>
<!--
Host name or IP address of the machine hosting this server
e.g. www.wso2.org, 192.168.1.10
This is will become part of the End Point Reference of the
services deployed on this server instance.
-->
<!--HostName>www.wso2.org</HostName-->
<!--
Host name to be used for the Carbon management console
-->
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
<!--
The URL of the back end server. This is where the admin services are hosted and
will be used by the clients in the front end server.
This is required only for the Front-end server. This is used when seperating BE server from FE server
-->
<ServerURL>local:/${carbon.context}/services/</ServerURL>
<!--
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
-->
<!--
The URL of the index page. This is where the user will be redirected after signing in to the
carbon server.
-->
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
<!--
For cApp deployment, we have to identify the roles that can be acted by the current server.
The following property is used for that purpose. Any number of roles can be defined here.
Regular expressions can be used in the role.
Ex : <Role>.*</Role> means this server can act any role
-->
<ServerRoles>
<Role>${default.server.role}</Role>
</ServerRoles>
<!-- uncommnet this line to subscribe to a bam instance automatically -->
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
<!--
The fully qualified name of the server
-->
<Package>org.wso2.carbon</Package>
<!--
Webapp context root of WSO2 Carbon management console.
-->
<WebContextRoot>/</WebContextRoot>
<!--
Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
URL of the Carbon server -> https://10.100.1.1:9443/carbon
URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
appserver - proxy context path. This specially required whenever you are generating URLs to displace in
Carbon UI components.
-->
<!--
<MgtProxyContextPath></MgtProxyContextPath>
<ProxyContextPath></ProxyContextPath>
-->
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
<!--RegistryHttpPort>9763</RegistryHttpPort-->
<!--
Number of items to be displayed on a management console page. This is used at the
backend server for pagination of various items.
-->
<ItemsPerPage>15</ItemsPerPage>
<!-- The endpoint URL of the cloud instance management Web service -->
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
<!--
Ports used by this server
-->
<Ports>
<!-- Ports offset. This entry will set the value of the ports defined below to
the define value + Offset.
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
-->
<Offset>0</Offset>
<!-- The JMX Ports -->
<JMX>
<!--The port RMI registry is exposed-->
<RMIRegistryPort>9999</RMIRegistryPort>
<!--The port RMI server should be exposed-->
<RMIServerPort>11111</RMIServerPort>
</JMX>
<!-- Embedded LDAP server specific ports -->
<EmbeddedLDAP>
<!-- Port which embedded LDAP server runs -->
<LDAPServerPort>10389</LDAPServerPort>
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
<KDCServerPort>8000</KDCServerPort>
</EmbeddedLDAP>
<!--
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
-->
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
<!--Override receive port of thrift based entitlement service.-->
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
</Ports>
<!--
JNDI Configuration
-->
<JNDI>
<!--
The fully qualified name of the default initial context factory
-->
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
<!--
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
-->
<Restrictions>
<!--
Contexts that will be available only to the super-tenant
-->
<!-- <SuperTenantOnly>
<UrlContexts>
<UrlContext>
<Scheme>foo</Scheme>
</UrlContext>
<UrlContext>
<Scheme>bar</Scheme>
</UrlContext>
</UrlContexts>
</SuperTenantOnly> -->
<!--
Contexts that are common to all tenants
-->
<AllTenants>
<UrlContexts>
<UrlContext>
<Scheme>java</Scheme>
</UrlContext>
<!-- <UrlContext>
<Scheme>foo</Scheme>
</UrlContext> -->
</UrlContexts>
</AllTenants>
<!--
All other contexts not mentioned above will be available on a per-tenant basis
(i.e. will not be shared among tenants)
-->
</Restrictions>
</JNDI>
<!--
Property to determine if the server is running an a cloud deployment environment.
This property should only be used to determine deployment specific details that are
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
-->
<IsCloudDeployment>false</IsCloudDeployment>
<!--
Property to determine whether usage data should be collected for metering purposes
-->
<EnableMetering>false</EnableMetering>
<!-- The Max time a thread should take for execution in seconds -->
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
<!--
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
because the Ghost Deployer works only with the HTTP/S transports. If you are using
other transports, don't enable Ghost Deployer.
-->
<GhostDeployment>
<Enabled>false</Enabled>
</GhostDeployment>
<!--
Eager loading or lazy loading is a design pattern commonly used in computer programming which
will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
load tenant when a request is received only. Similarly Eager loading is used to enable load
existing tenants after carbon server starts up. Using this feature, you will be able to include
or exclude tenants which are to be loaded when server startup.
We can enable only one LoadingPolicy at a given time.
1. Tenant Lazy Loading
This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
server startup, but loaded based on-demand (i.e when a request is received for a tenant).
The default tenant idle time is 30 minutes.
2. Tenant Eager Loading
This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
The eager loading configurations supported are as below. These configurations can be given as the
value for <Include> element with eager loading.
(i)Load all tenants when server startup - *
(ii)Load all tenants except foo.com & bar.com - *,!foo.com,!bar.com
(iii)Load only foo.com & bar.com to be included - foo.com,bar.com
-->
<Tenant>
<LoadingPolicy>
<LazyLoading>
<IdleTime>30</IdleTime>
</LazyLoading>
<!-- <EagerLoading>
<Include>*,!foo.com,!bar.com</Include>
</EagerLoading>-->
</LoadingPolicy>
</Tenant>
<!--
Caching related configurations
-->
<Cache>
<!-- Default cache timeout in minutes -->
<DefaultCacheTimeout>15</DefaultCacheTimeout>
</Cache>
<!--
Axis2 related configurations
-->
<Axis2Config>
<!--
Location of the Axis2 Services & Modules repository
This can be a directory in the local file system, or a URL.
e.g.
1. /home/wso2wsas/repository/ - An absolute path
2. repository - In this case, the path is relative to CARBON_HOME
3. file:///home/wso2wsas/repository/
4. http://wso2wsas/repository/
-->
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
<!--
Deployment update interval in seconds. This is the interval between repository listener
executions.
-->
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
<!--
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
This can be a file on the local file system, or a URL
e.g.
1. /home/repository/axis2.xml - An absolute path
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
3. file:///home/carbon/repository/axis2.xml
4. http://repository/conf/axis2.xml
-->
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
<!--
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
for multiple clients which are going to access the same ServiceGroupContext
Default Value is 30 Sec.
-->
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
<!--
This repository location is used to crete the client side configuration
context used by the server when calling admin services.
-->
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
<!-- This axis2 xml is used in createing the configuration context by the FE server
calling to BE server -->
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
<!--HttpAdminServices>*</HttpAdminServices-->
</Axis2Config>
<!--
The default user roles which will be created when the server
is started up for the first time.
-->
<ServiceUserRoles>
<Role>
<Name>admin</Name>
<Description>Default Administrator Role</Description>
</Role>
<Role>
<Name>user</Name>
<Description>Default User Role</Description>
</Role>
</ServiceUserRoles>
<!--
Enable following config to allow Emails as usernames.
-->
<!--EnableEmailUserName>true</EnableEmailUserName-->
<!--
Security configurations
-->
<Security>
<!--
KeyStore which will be used for encrypting/decrypting passwords
and other sensitive information.
-->
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>wso2carbon</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>
<!--
System wide trust-store which is used to maintain the certificates of all
the trusted parties.
-->
<TrustStore>
<!-- trust-store file location -->
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
<!-- trust-store type (JKS/PKCS12 etc.) -->
<Type>JKS</Type>
<!-- trust-store password -->
<Password>wso2carbon</Password>
</TrustStore>
<!--
The Authenticator configuration to be used at the JVM level. We extend the
java.net.Authenticator to make it possible to authenticate to given servers and
proxies.
-->
<NetworkAuthenticatorConfig>
<!--
Below is a sample configuration for a single authenticator. Please note that
all child elements are mandatory. Not having some child elements would lead to
exceptions at runtime.
-->
<!-- <Credential> -->
<!--
the pattern that would match a subset of URLs for which this authenticator
would be used
-->
<!-- <Pattern>regularExpression</Pattern> -->
<!--
the type of this authenticator. Allowed values are:
1. server
2. proxy
-->
<!-- <Type>proxy</Type> -->
<!-- the username used to log in to server/proxy -->
<!-- <Username>username</Username> -->
<!-- the password used to log in to server/proxy -->
<!-- <Password>password</Password> -->
<!-- </Credential> -->
</NetworkAuthenticatorConfig>
<!--
The Tomcat realm to be used for hosted Web applications. Allowed values are;
1. UserManager
2. Memory
If this is set to 'UserManager', the realm will pick users & roles from the system's
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
-->
<TomcatRealm>UserManager</TomcatRealm>
<!--Option to disable storing of tokens issued by STS-->
<DisableTokenStore>false</DisableTokenStore>
<!--
Security token store class name. If this is not set, default class will be
org.wso2.carbon.security.util.SecurityTokenStore
-->
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
</Security>
<!--
The temporary work directory
-->
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
<!--
House-keeping configuration
-->
<HouseKeeping>
<!--
true - Start House-keeping thread on server startup
false - Do not start House-keeping thread on server startup.
The user will run it manually as and when he wishes.
-->
<AutoStart>true</AutoStart>
<!--
The interval in *minutes*, between house-keeping runs
-->
<Interval>10</Interval>
<!--
The maximum time in *minutes*, temp files are allowed to live
in the system. Files/directories which were modified more than
"MaxTempFileLifetime" minutes ago will be removed by the
house-keeping task
-->
<MaxTempFileLifetime>30</MaxTempFileLifetime>
</HouseKeeping>
<!--
Configuration for handling different types of file upload & other file uploading related
config parameters.
To map all actions to a particular FileUploadExecutor, use
<Action>*</Action>
-->
<FileUploadConfig>
<!--
The total file upload size limit in MB
-->
<TotalFileSizeLimit>100</TotalFileSizeLimit>
<Mapping>
<Actions>
<Action>keystore</Action>
<Action>certificate</Action>
<Action>*</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>jarZip</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>dbs</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>tools</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>toolsAny</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
</Mapping>
</FileUploadConfig>
<!--
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
In order to plug in a processor to handle a special request, simply add an entry to this
section.
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
which needs special processing
The value of the Class element is a class which implements
org.wso2.carbon.transport.HttpGetRequestProcessor
-->
<HttpGetRequestProcessors>
<Processor>
<Item>info</Item>
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
</Processor>
<Processor>
<Item>wsdl</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
</Processor>
<Processor>
<Item>wsdl2</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
</Processor>
<Processor>
<Item>xsd</Item>
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
</Processor>
</HttpGetRequestProcessors>
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<DeploymentSynchronizer>
<Enabled>false</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
<RepositoryType>svn</RepositoryType>
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
<SvnUser>username</SvnUser>
<SvnPassword>password</SvnPassword>
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
</DeploymentSynchronizer>
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<!--<DeploymentSynchronizer>
<Enabled>true</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
</DeploymentSynchronizer>-->
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
<!--<MediationConfig>
<LoadFromRegistry>false</LoadFromRegistry>
<SaveToFile>false</SaveToFile>
<Persistence>enabled</Persistence>
<RegistryPersistence>enabled</RegistryPersistence>
</MediationConfig>-->
<!--
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
This code will be run when the Carbon server is initialized
-->
<ServerInitializers>
<!--<Initializer></Initializer>-->
</ServerInitializers>
<!--
Indicates whether the Carbon Servlet is required by the system, and whether it should be
registered
-->
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
<!--
Carbon H2 OSGI Configuration
By default non of the servers start.
name="web" - Start the web server with the H2 Console
name="webPort" - The port (default: 8082)
name="webAllowOthers" - Allow other computers to connect
name="webSSL" - Use encrypted (HTTPS) connections
name="tcp" - Start the TCP server
name="tcpPort" - The port (default: 9092)
name="tcpAllowOthers" - Allow other computers to connect
name="tcpSSL" - Use encrypted (SSL) connections
name="pg" - Start the PG server
name="pgPort" - The port (default: 5435)
name="pgAllowOthers" - Allow other computers to connect
name="trace" - Print additional trace information; for all servers
name="baseDir" - The base directory for H2 databases; for all servers
-->
<!--H2DatabaseConfiguration>
<property name="web" />
<property name="webPort">8082</property>
<property name="webAllowOthers" />
<property name="webSSL" />
<property name="tcp" />
<property name="tcpPort">9092</property>
<property name="tcpAllowOthers" />
<property name="tcpSSL" />
<property name="pg" />
<property name="pgPort">5435</property>
<property name="pgAllowOthers" />
<property name="trace" />
<property name="baseDir">${carbon.home}</property>
</H2DatabaseConfiguration-->
<!--Disabling statistics reporter by default-->
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
<!-- Enable accessing Admin Console via HTTP -->
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
<!--
Default Feature Repository of WSO2 Carbon.
-->
<FeatureRepository>
<RepositoryName>default repository</RepositoryName>
<RepositoryURL>${p2.repo.url}</RepositoryURL>
</FeatureRepository>
<!--
Configure API Management
-->
<APIManagement>
<!--Uses the embedded API Manager by default. If you want to use an external
API Manager instance to manage APIs, configure below externalAPIManager-->
<Enabled>true</Enabled>
<!--Uncomment and configure API Gateway and
Publisher URLs to use external API Manager instance-->
<!--ExternalAPIManager>
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
</ExternalAPIManager-->
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
</APIManagement>
</Server>

@ -0,0 +1,40 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<ServerConfig>
<!-- IoT server host name, this is referred from APIM gateway to call to IoT server for certificate validation-->
<Hostname>https://${iot.core.host}:${iot.core.https.port}/</Hostname>
<!--End point to verify the certificate-->
<VerificationEndpoint>https://${iot.core.host}:${iot.core.https.port}/api/certificate-mgt/v1.0/admin/certificates/verify/</VerificationEndpoint>
<!--Admin username/password - this is to use for oauth token generation-->
<Username>testuser</Username>
<Password>testuserpwd</Password>
<!--Dynamic client registration endpoint-->
<DynamicClientRegistrationEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/client-registration/v0.11/register</DynamicClientRegistrationEndpoint>
<!--Oauth token endpoint-->
<OauthTokenEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/oauth2/token</OauthTokenEndpoint>
<APIS>
<ContextPath>/services</ContextPath>
</APIS>
</ServerConfig

@ -0,0 +1,40 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<ServerConfig>
<!-- IoT server host name, this is referred from APIM gateway to call to IoT server for certificate validation-->
<Hostname>https://${iot.core.host}:${iot.core.https.port}/</Hostname>
<!--End point to verify the certificate-->
<VerificationEndpoint>https://${iot.core.host}:${iot.core.https.port}/api/certificate-mgt/v1.0/admin/certificates/verify/</VerificationEndpoint>
<!--Admin username/password - this is to use for oauth token generation-->
<Username>testuser</Username>
<Password>testuserpwd</Password>
<!--Dynamic client registration endpoint-->
<DynamicClientRegistrationEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/client-registration/v0.11/register</DynamicClientRegistrationEndpoint>
<!--Oauth token endpoint-->
<OauthTokenEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/oauth2/token</OauthTokenEndpoint>
<APIS>
<ContextPath>/services</ContextPath>
</APIS>
</ServerConfig>

@ -0,0 +1,40 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<ServerConfiguration>
<!-- IoT server host name, this is referred from APIM gateway to call to IoT server for certificate validation-->
<Hostname>https://${iot.core.host}:${iot.core.https.port}/</Hostname>
<!--End point to verify the certificate-->
<VerificationEndpoint>https://${iot.core.host}:${iot.core.https.port}/api/certificate-mgt/v1.0/admin/certificates/verify/</VerificationEndpoint>
<!--Admin username/password - this is to use for oauth token generation-->
<Username>testuser</Username>
<Password>testuserpwd</Password>
<!--Dynamic client registration endpoint-->
<DynamicClientRegistrationEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/client-registration/v0.11/register</DynamicClientRegistrationEndpoint>
<!--Oauth token endpoint-->
<OauthTokenEndpoint>https://${iot.keymanager.host}:${iot.keymanager.https.port}/oauth2/token</OauthTokenEndpoint>
<APIS>
<ContextPath>/services</ContextPath>
</APIS>
</ServerConfiguration>

@ -0,0 +1,50 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<wso2registry>
<!--
For details on configuring different config & governance registries see;
http://wso2.org/library/tutorials/2010/04/sharing-registry-space-across-multiple-product-instances
-->
<currentDBConfig>wso2registry</currentDBConfig>
<readOnly>false</readOnly>
<enableCache>true</enableCache>
<registryRoot>/</registryRoot>
<dbConfig name="wso2registry">
<url>jdbc:h2:./target/databasetest/CARBON_TEST</url>
<!--userName>sa</userName>
<password>sa</password-->
<driverName>org.h2.Driver</driverName>
<maxActive>80</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
</dbConfig>
<versionResourcesOnChange>false</versionResourcesOnChange>
<!-- NOTE: You can edit the options under "StaticConfiguration" only before the
startup. -->
<staticConfiguration>
<versioningProperties>true</versioningProperties>
<versioningComments>true</versioningComments>
<versioningTags>true</versioningTags>
<versioningRatings>true</versioningRatings>
</staticConfiguration>
</wso2registry>

@ -0,0 +1,6 @@
{
"callBackURL": "www.google.lk",
"clientName": null,
"clientId": "HfEl1jJPdg5tbtrxhAwybN05QGoa",
"clientSecret": "l6c0aoLcWR3fwezHhc7XoGOht5Aa"
}

@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFqDCCA5CgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBizELMAkGA1UEBhMCVVMx
DTALBgNVBAgTBFRlc3QxDTALBgNVBAcTBFRlc3QxETAPBgNVBAoTCFRlc3QgT3Jn
MRYwFAYDVQQLEw1UZXN0IG9yZyB1bml0MRUwEwYDVQQDEwxXU08yIFJvb3QgQ0Ex
HDAaBgkqhkiG9w0BCQEWDXJvb3RAd3NvMi5jb20wHhcNMTUwMTI3MTI1MzAxWhcN
MTcxMDIzMTI1MzAxWjCBgzELMAkGA1UEBhMCVVMxGTAXBgNVBAgTEFRlc3QgUkEg
UHJvdmluY2UxFTATBgNVBAcTDFRlc3QgUkEgQ2l0eTEUMBIGA1UEChMLVGVzdCBS
QSBPcmcxGTAXBgNVBAsTEFRlc3QgUkEgb3JnIHVuaXQxETAPBgNVBAMTCFdTTzIg
UkEgMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtUMgUlYYU3/TPfEe
zNAvBaiOi/jUjfZ9IbxvMl7obDT17/5vU68TCGkZRjyfYUEiGNBisUEFWjSk/sGL
/ofYKUAxw33cd456FLMjaJX/4Zk4y8eYB1m1GGlHejoDyjPhq8S6GDmy+PXbJr8n
lSTROR2mQHkGwYrCreWeU4AYWzdctIFk7U2DKeIvZYSidIIjfSpDXURxrt9LPvig
fMzr5l/WkZfjvk5S+W7rgMtpllxlEPgyDc07pNAdNSq5FB990oaUsVX8o6l6wdCw
grYz83edPOKwZa04fsVztz2oF3ZYSGGjD3lwh0KS/jUL+awRyhMx5p/O1hySg6PP
pJjeqRuobNTuwSAXxp3nsNSY0DkGW04pSxWoDQqhnpaqBbAf71l6ya2e3so1SHm/
jouWSYTHncq5bmGE4AN7ZGVGZvfx84+UR8fNxJxxLo+DFFE0oJNzpPGNxILpHxgT
V7IOII6mhfkrQk+AFQiW2Y5FXLVYv8r+SPXW8pYsjaWl971XZeM/HC3L9IZkCrrr
a0ID5oT6vt+xTmdo4yiBqIP5TBYm+1a9YzMAy7XGtPih9k6cufMLcfzvUZdOXw9x
3T05nM5ZtcDq0gHvUzQ7sfHTguWVnuHVEdb2ox4x2L5NzEA475fbSdXpMok9z/z7
Xa71vIZi28InDAFBQehUlJnFtf0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNV
HQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADggIBAAO0TwnQBMJvL8wbfsnTqAGCCHM4
x1cpW+KgTmflPEliYGOn/dJYDz/dUowCgoj5mrSxjQ3G1/qL+9Y7E33h0tyw37vH
YDL1p2Tn+fwmXRHrk+CHoPHNcImEfSIDWbbG7ehBR6erVfbQSZjmj4fwPkItp8rP
nyUtXHOLpfFYoAxYkNP9+C8vpC9W/H1pj3rzmQFA1z+EZAKVV7vDAxbe6sun84nf
YAaMSIzHx1B+XLHokgChmnZr3wV7EypBEmmKp4ITvJqK7WsIG9t1M6hI7OTPCURR
mdy+DJtIoIUbZxHyIyC9nPcVJFkdBusnfXq4uMb0KMaWYCU8ESqZPySukF2qZ5KA
acB+0ZhY+EGQ6QF/hB6iiUj96BlQ7XAPXFU6xUt6nRjDiJmb3vW1IEv0hpbs7PRl
UMlbOwQk37rXpFqQc6ZW7lsxI2RmfkD4DOkQIGH3q5foVr+PEp0uSPWrFX62eBet
1S4c/opVv6BcuUgilYABHTYxb45GfYwJAI9Qw2uQWT8DmhtVbcYu6GLYGlnRyaOC
EPzc0z0KQTjhsgHWzi60IYBBh+fy+Z7w5X1rTTvhFOoU5J7kedGEqiBatIZmhF5t
UFbT0u350ET5a0Kg83gu5aLwXdoIP9o7bp3XzLBMVNny2RX3tOHUA2HBe/p0h0OU
Ggt3G6oD0gBe9pZI
-----END CERTIFICATE-----

@ -0,0 +1,30 @@
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
<suite name="DeviceManagementExtensions">
<parameter name="useDefaultListeners" value="false"/>
<test name="API Management Auth Handlers" preserve-order="true">
<classes>
<class name="org.wso2.carbon.apimgt.handlers.IOTServerConfigurationTest"/>
<class name="org.wso2.carbon.apimgt.handlers.AuthenticationHandlerTest"/>
</classes>
</test>
</suite>

@ -13,13 +13,13 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.apimgt.integration.client</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Management Integration Client</name>
<description>WSO2 Carbon - API Management Integration Client</description>
@ -80,6 +80,32 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -25,14 +25,32 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
public class IntegrationClientServiceImpl implements IntegrationClientService {
private static StoreClient storeClient;
private static PublisherClient publisherClient;
private static IntegrationClientServiceImpl instance;
private StoreClient storeClient;
private PublisherClient publisherClient;
private OAuthRequestInterceptor oAuthRequestInterceptor;
public IntegrationClientServiceImpl() {
RequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor();
private IntegrationClientServiceImpl() {
oAuthRequestInterceptor = new OAuthRequestInterceptor();
storeClient = new StoreClient(oAuthRequestInterceptor);
publisherClient = new PublisherClient(oAuthRequestInterceptor);
}
public static IntegrationClientServiceImpl getInstance() {
if (instance == null) {
synchronized (IntegrationClientService.class) {
if (instance == null) {
instance = new IntegrationClientServiceImpl();
}
}
}
return instance;
}
public void resetUserInfo(String userName, String tenantDomain) {
oAuthRequestInterceptor.removeToken(userName, tenantDomain);
}
@Override
public StoreClient getStoreClient() {
return storeClient;

@ -40,6 +40,7 @@ import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientExceptio
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/**
* This is a request interceptor to add oauth token header.
@ -55,7 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000;
private DCRClient dcrClient;
private static OAuthApplication oAuthApplication;
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new HashMap<>();
private static Map<String, AccessTokenInfo> tenantUserTokenMap = new ConcurrentHashMap<>();
private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class);
/**
@ -97,10 +98,14 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService()
.getJWTClient();
tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(),
oAuthApplication.getClientSecret(), username,
REQUIRED_SCOPE);
oAuthApplication.getClientSecret(), username,
REQUIRED_SCOPE);
tenantBasedAccessTokenInfo.setExpiresIn(
System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000));
if (tenantBasedAccessTokenInfo.getScopes() == null) {
throw new APIMClientOAuthException("Failed to retrieve scopes from access token");
}
if (tenantBasedAccessTokenInfo.getScopes().contains(APIM_SUBSCRIBE_SCOPE)) {
tenantUserTokenMap.put(username, tenantBasedAccessTokenInfo);
}
@ -115,4 +120,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
}
}
public void removeToken(String username, String tenantDomain) {
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
username = username + "@" + tenantDomain;
}
tenantUserTokenMap.remove(username);
}
}

@ -35,7 +35,7 @@ public class APIMClientOAuthException extends RuntimeException {
this.responseStatus = status;
}
APIMClientOAuthException(String message) {
public APIMClientOAuthException(String message) {
super(message);
}

@ -49,7 +49,7 @@ public class APIIntegrationClientServiceComponent {
/* Initializing webapp publisher configuration */
APIMConfigReader.init();
BundleContext bundleContext = componentContext.getBundleContext();
bundleContext.registerService(IntegrationClientService.class.getName(), new IntegrationClientServiceImpl(), null);
bundleContext.registerService(IntegrationClientService.class.getName(), IntegrationClientServiceImpl.getInstance(), null);
if (log.isDebugEnabled()) {
log.debug("apimgt client bundle has been successfully initialized");

@ -26,6 +26,9 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient;
*/
public interface IntegrationClientService {
void resetUserInfo(String username, String tenantDomain);
/**
*
* @return API Store Client.

@ -13,13 +13,13 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.apimgt.integration.generated.client</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Management Integration Generated Client</name>
<description>WSO2 Carbon - API Management Integration Client</description>

@ -22,19 +22,24 @@
<parent>
<artifactId>apimgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.apimgt.webapp.publisher</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - API Management Webapp Publisher</name>
<description>WSO2 Carbon - API Management Webapp Publisher</description>
<url>http://wso2.org</url>
<dependencies>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.osgi</groupId>
<artifactId>org.eclipse.osgi</artifactId>
@ -103,10 +108,15 @@
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.apimgt.integration.client</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.apimgt.integration.client</artifactId>
</dependency>
<dependency>
<groupId>com.h2database.wso2</groupId>
<artifactId>h2-database-engine</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
@ -150,29 +160,54 @@
org.wso2.carbon.apimgt.annotations.*,
org.wso2.carbon.governance.lcm.util.*,
org.wso2.carbon.registry.core.*,
io.swagger.annotations,
javax.net.ssl,
org.scannotation,
org.scannotation.archiveiterator,
org.w3c.dom,
org.wso2.carbon.apimgt.integration.client.*,
org.wso2.carbon.context,
org.wso2.carbon.core.util,
org.wso2.carbon.user.api,
org.wso2.carbon.user.core.*,
org.wso2.carbon.utils.multitenancy,
org.wso2.carbon.apimgt.integration.generated.client.publisher.api,
org.wso2.carbon.apimgt.integration.generated.client.publisher.model
io.swagger.annotations,
javax.net.ssl,
org.scannotation,
org.scannotation.archiveiterator,
org.w3c.dom,
org.wso2.carbon.apimgt.integration.client.*,
org.wso2.carbon.context,
org.wso2.carbon.core.util,
org.wso2.carbon.user.api,
org.wso2.carbon.user.core.*,
org.wso2.carbon.utils.multitenancy,
org.wso2.carbon.apimgt.integration.generated.client.publisher.api,
org.wso2.carbon.apimgt.integration.generated.client.publisher.model
</Import-Package>
<Embed-Dependency>
javax.ws.rs-api,
scribe;scope=compile|runtime;inline=false;
</Embed-Dependency>
<DynamicImport-Package>*</DynamicImport-Package>
<DynamicImport-Package>*</DynamicImport-Package>
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

@ -62,7 +62,7 @@ public class APIPublisherServiceImpl implements APIPublisherService {
for (APIInfo apiInfo : apiList.getList()) {
if (api.getName().equals(apiInfo.getName()) && api.getVersion().equals(apiInfo.getVersion())) {
api = publisherClient.getApi().apisApiIdPut(apiInfo.getId(), api, CONTENT_TYPE, null, null);
if (CREATED_STATUS.equals(api.getStatus())) {
if (api != null && CREATED_STATUS.equals(api.getStatus())) {
publisherClient.getApi().apisChangeLifecyclePost(PUBLISH_ACTION, api.getId(), null, null,
null);
}
@ -83,7 +83,9 @@ public class APIPublisherServiceImpl implements APIPublisherService {
return false;
}
for (APIInfo existingApi : apiList.getList()) {
if (existingApi.getName().equals(api.getName()) && existingApi.getVersion().equals(api.getVersion())) {
if (existingApi.getName() != null && existingApi.getName().equals(api.
getName()) && existingApi.getVersion() != null &&
existingApi.getVersion().equals(api.getVersion())) {
return true;
}
}

@ -276,7 +276,7 @@ public class APIPublisherUtil {
if(null != resourcesList) {
for (ApiUriTemplate template : templates) {
String fullPaath = "";
if( template.getUriTemplate() != AnnotationProcessor.WILD_CARD ) {
if (!template.getUriTemplate().equals(AnnotationProcessor.WILD_CARD)) {
fullPaath = apiConfig.getContext() + template.getUriTemplate();
}
else{

@ -23,53 +23,7 @@ public class InvalidConfigurationStateException extends RuntimeException {
private static final long serialVersionUID = -3151279311329070397L;
private String errorMessage;
private int errorCode;
public InvalidConfigurationStateException(int errorCode, String message) {
super(message);
this.errorCode = errorCode;
}
public InvalidConfigurationStateException(int errorCode, String message, Throwable cause) {
super(message, cause);
this.errorCode = errorCode;
}
public int getErrorCode() {
return errorCode;
}
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public InvalidConfigurationStateException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public InvalidConfigurationStateException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public InvalidConfigurationStateException(String msg) {
super(msg);
setErrorMessage(msg);
}
public InvalidConfigurationStateException() {
super();
}
public InvalidConfigurationStateException(Throwable cause) {
super(cause);
}
}

@ -25,20 +25,4 @@ public class WebappPublisherConfigurationFailedException extends Exception {
public WebappPublisherConfigurationFailedException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public WebappPublisherConfigurationFailedException(String message, Throwable cause) {
super(message, cause);
}
public WebappPublisherConfigurationFailedException(String msg) {
super(msg);
}
public WebappPublisherConfigurationFailedException() {
super();
}
public WebappPublisherConfigurationFailedException(Throwable cause) {
super(cause);
}
}

@ -1,38 +1,10 @@
package org.wso2.carbon.apimgt.webapp.publisher.config;
public class APIResourceManagementException extends Exception{
private static final long serialVersionUID = -3151279311929070297L;
public class APIResourceManagementException extends Exception {
private static final long serialVersionUID = -3151279311929070297L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public APIResourceManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public APIResourceManagementException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public APIResourceManagementException(String msg) {
super(msg);
setErrorMessage(msg);
}
public APIResourceManagementException() {
super();
}
public APIResourceManagementException(Throwable cause) {
super(cause);
}
public APIResourceManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
}

@ -25,24 +25,7 @@ public class APIManagerPublisherException extends Exception {
private static final long serialVersionUID = -8933142342423122660L;
public APIManagerPublisherException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public APIManagerPublisherException(String message, Throwable cause) {
super(message, cause);
}
public APIManagerPublisherException(String msg) {
super(msg);
}
public APIManagerPublisherException() {
super();
}
public APIManagerPublisherException(Throwable cause) {
super(cause);
}
}

@ -0,0 +1,193 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mockito.Mockito;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;
import org.wso2.carbon.apimgt.integration.client.IntegrationClientServiceImpl;
import org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor;
import org.wso2.carbon.apimgt.integration.client.model.OAuthApplication;
import org.wso2.carbon.apimgt.integration.client.publisher.PublisherClient;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.api.APIsApi;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.API;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.APIInfo;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.APIList;
import org.wso2.carbon.apimgt.webapp.publisher.config.WebappPublisherConfig;
import org.wso2.carbon.apimgt.webapp.publisher.dto.ApiScope;
import org.wso2.carbon.apimgt.webapp.publisher.exception.APIManagerPublisherException;
import org.wso2.carbon.apimgt.webapp.publisher.internal.APIPublisherDataHolder;
import org.wso2.carbon.apimgt.webapp.publisher.utils.MockApi;
import org.wso2.carbon.apimgt.webapp.publisher.utils.TestUtils;
import java.lang.reflect.Field;
import java.util.*;
import static org.mockito.Mockito.doReturn;
/**
* This is the test class for {@link APIPublisherServiceImpl}
*/
public class APIPublisherServiceTest extends BaseAPIPublisherTest {
private static final Log log = LogFactory.getLog(APIPublisherServiceTest.class);
private APIPublisherServiceImpl apiPublisherService = new APIPublisherServiceImpl();
@BeforeTest
public void initialConfigs() throws Exception {
initializeOAuthApplication();
WebappPublisherConfig.init();
}
@Test(description = "Publishes an API | will fail if there are any exceptions")
public void publishAPI() throws NoSuchFieldException, IllegalAccessException,
APIManagerPublisherException {
APIConfig apiConfig = new APIConfig();
setApiConfigs(apiConfig, "testAPI-0");
apiPublisherService.publishAPI(apiConfig);
}
@Test(description = "Testing for API status CREATED | will fail if there are any exceptions")
public void publishCreatedAPI() throws APIManagerPublisherException, NoSuchFieldException,
IllegalAccessException {
APIConfig apiConfig = new APIConfig();
setApiConfigs(apiConfig, "testAPI-1");
APIPublisherDataHolder apiPublisherDataHolder = Mockito.mock(APIPublisherDataHolder.getInstance().
getClass(), Mockito.CALLS_REAL_METHODS);
IntegrationClientService integrationClientService = Mockito.mock(IntegrationClientServiceImpl.
class, Mockito.CALLS_REAL_METHODS);
doReturn(integrationClientService).when(apiPublisherDataHolder).getIntegrationClientService();
PublisherClient publisherClient = APIPublisherDataHolder.getInstance().getIntegrationClientService().
getPublisherClient();
doReturn(publisherClient).when(integrationClientService).getPublisherClient();
APIsApi apIsApi = Mockito.mock(MockApi.class, Mockito.CALLS_REAL_METHODS);
doReturn(apIsApi).when(publisherClient).getApi();
API api = Mockito.mock(API.class, Mockito.CALLS_REAL_METHODS);
api.setStatus("CREATED");
doReturn(api).when(apIsApi).apisPost(Mockito.any(), Mockito.anyString());
apiPublisherService.publishAPI(apiConfig);
}
@Test(description = "createAPIListWithNoApi | will fail if there are any exceptions")
public void publishWithNoAPIListCreated() throws APIManagerPublisherException {
APIConfig apiConfig = new APIConfig();
setApiConfigs(apiConfig, "testAPI-2");
APIPublisherDataHolder apiPublisherDataHolder = Mockito.mock(APIPublisherDataHolder.getInstance().
getClass(), Mockito.CALLS_REAL_METHODS);
IntegrationClientService integrationClientService = Mockito.mock(IntegrationClientServiceImpl.
class, Mockito.CALLS_REAL_METHODS);
doReturn(integrationClientService).when(apiPublisherDataHolder).getIntegrationClientService();
PublisherClient publisherClient = APIPublisherDataHolder.getInstance().getIntegrationClientService().
getPublisherClient();
doReturn(publisherClient).when(integrationClientService).getPublisherClient();
APIsApi apIsApi = Mockito.mock(MockApi.class, Mockito.CALLS_REAL_METHODS);
doReturn(apIsApi).when(publisherClient).getApi();
API api = Mockito.mock(API.class, Mockito.CALLS_REAL_METHODS);
api.setStatus("CREATED");
doReturn(api).when(apIsApi).apisPost(Mockito.any(), Mockito.anyString());
APIList apiList = Mockito.mock(APIList.class, Mockito.CALLS_REAL_METHODS);
APIInfo apiInfo = new APIInfo();
List<APIInfo> apiInfoList = new ArrayList<>();
apiInfoList.add(apiInfo);
apiList.list(apiInfoList);
doReturn(apiList).when(apIsApi).apisGet(Mockito.anyInt(), Mockito.anyInt(),
Mockito.anyString(), Mockito.anyString(), Mockito.anyString());
doReturn(api).when(apIsApi).apisApiIdPut(Mockito.anyString(), Mockito.any(),
Mockito.anyString(), Mockito.anyString(), Mockito.anyString());
apiPublisherService.publishAPI(apiConfig);
}
@Test(description = "createAPIList | will fail if there are any exceptions")
public void publishWithAPIListCreated() throws APIManagerPublisherException {
APIConfig apiConfig = new APIConfig();
setApiConfigs(apiConfig, "testAPI-3");
APIPublisherDataHolder apiPublisherDataHolder = Mockito.mock(APIPublisherDataHolder.getInstance().
getClass(), Mockito.CALLS_REAL_METHODS);
IntegrationClientService integrationClientService = Mockito.mock(IntegrationClientServiceImpl.
class, Mockito.CALLS_REAL_METHODS);
doReturn(integrationClientService).when(apiPublisherDataHolder).getIntegrationClientService();
PublisherClient publisherClient = APIPublisherDataHolder.getInstance().getIntegrationClientService().
getPublisherClient();
doReturn(publisherClient).when(integrationClientService).getPublisherClient();
APIsApi apIsApi = Mockito.mock(MockApi.class, Mockito.CALLS_REAL_METHODS);
doReturn(apIsApi).when(publisherClient).getApi();
API api = Mockito.mock(API.class, Mockito.CALLS_REAL_METHODS);
api.setStatus("CREATED");
doReturn(api).when(apIsApi).apisPost(Mockito.any(), Mockito.anyString());
APIList apiList = Mockito.mock(APIList.class, Mockito.CALLS_REAL_METHODS);
APIInfo apiInfo = new APIInfo();
apiInfo.setName("testAPI-3");
apiInfo.setVersion("1.0.0");
apiInfo.setId("test-one");
List<APIInfo> apiInfoList = new ArrayList<>();
apiInfoList.add(apiInfo);
apiList.list(apiInfoList);
doReturn(apiList).when(apIsApi).apisGet(Mockito.anyInt(), Mockito.anyInt(),
Mockito.anyString(), Mockito.anyString(), Mockito.anyString());
doReturn(api).when(apIsApi).apisApiIdPut(Mockito.anyString(), Mockito.any(),
Mockito.anyString(), Mockito.anyString(), Mockito.anyString());
apiConfig.setSharedWithAllTenants(false);
apiPublisherService.publishAPI(apiConfig);
}
@Test(description = "publish API with scope added | will fail if there are any exceptions")
public void publishWithAPIScope() throws APIManagerPublisherException {
APIConfig apiConfig = new APIConfig();
setApiConfigs(apiConfig, "testAPI-4");
Set<ApiScope> scopes = new HashSet<>();
ApiScope apiScope = new ApiScope();
apiScope.setDescription("testing");
scopes.add(apiScope);
apiConfig.setScopes(scopes);
apiPublisherService.publishAPI(apiConfig);
}
private void setApiConfigs(APIConfig apiConfig, String name) {
apiConfig.setName(name);
apiConfig.setContext("api/device-mgt/windows/v1.g0/admin/devices");
apiConfig.setOwner("admin");
apiConfig.setEndpoint("https://localhost:9443/api/device-mgt/windows/v1.0/admin/devices");
apiConfig.setVersion("1.0.0");
apiConfig.setTransports("http,https");
apiConfig.setPolicy(null);
apiConfig.setSharedWithAllTenants(true);
apiConfig.setTags(new String[]{"windows", "device_management"});
apiConfig.setTenantDomain("carbon.super");
apiConfig.setSecured(false);
Map<String, ApiScope> apiScopes = new HashMap<>();
Set<ApiScope> scopes = new HashSet<>(apiScopes.values());
apiConfig.setScopes(scopes);
TestUtils util = new TestUtils();
util.setAPIURITemplates(apiConfig, "/reboot");
}
private void initializeOAuthApplication() throws NoSuchFieldException, IllegalAccessException {
OAuthApplication oAuthApplication = new OAuthApplication();
oAuthApplication.setClientName("admin_api_integration_client");
oAuthApplication.setIsSaasApplication("true");
oAuthApplication.setClientId("random");
oAuthApplication.setClientSecret("random=");
Field oAuth = OAuthRequestInterceptor.class.getDeclaredField("oAuthApplication");
oAuth.setAccessible(true);
oAuth.set(null, oAuthApplication);
}
}

@ -0,0 +1,163 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher;
import org.testng.Assert;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.WebappPublisherConfig;
import org.wso2.carbon.apimgt.webapp.publisher.dto.ApiScope;
import org.wso2.carbon.apimgt.webapp.publisher.dto.ApiUriTemplate;
import org.wso2.carbon.apimgt.webapp.publisher.exception.APIManagerPublisherException;
import org.wso2.carbon.apimgt.webapp.publisher.utils.MockServletContext;
import org.wso2.carbon.apimgt.webapp.publisher.utils.TestUtils;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.jdbc.realm.InMemoryRealmService;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import javax.servlet.ServletContext;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import static org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil.buildApiConfig;
import static org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil.getApiEndpointUrl;
import static org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil.setResourceAuthTypes;
/**
* This is the test class for {@link APIPublisherUtil}
*/
public class APIPublisherUtilTest extends BaseAPIPublisherTest {
private static final String AUTH_TYPE_NON_SECURED = "None";
@BeforeTest
public void initialConfigs() throws WebappPublisherConfigurationFailedException,
org.wso2.carbon.user.core.UserStoreException, RegistryException {
WebappPublisherConfig.init();
setUserRealm();
}
@Test(description = "test buildAPIConfig method and ensures an APIConfig is created")
public void buildApiConfigTest() throws UserStoreException, RegistryException {
try {
startTenantFlowAsTestTenant();
ServletContext servletContext = new MockServletContext();
APIResourceConfiguration apiDef = new APIResourceConfiguration();
List<APIResource> resources = new ArrayList<>();
apiDef.setResources(resources);
APIConfig apiConfig = buildApiConfig(servletContext, apiDef);
Assert.assertNotNull(apiConfig, "API configuration is null.");
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
@Test(description = "test buildAPIConfig method as SuperTenant and ensures" +
" an APIConfig is created")
public void buildApiConfigAsSuperTenant() throws UserStoreException {
ServletContext servletContext = new MockServletContext();
APIResourceConfiguration apiDef = new APIResourceConfiguration();
List<APIResource> resources = new ArrayList<>();
apiDef.setResources(resources);
APIConfig apiConfig = buildApiConfig(servletContext, apiDef);
Assert.assertNotNull(apiConfig, "API configuration is null.");
}
@Test(description = "test buildAPIConfig with API tags specified and ensures " +
"an APIConfig is created")
public void buildApiConfigTestWithTags() throws UserStoreException {
ServletContext servletContext = new MockServletContext();
APIResourceConfiguration apiDef = new APIResourceConfiguration();
List<APIResource> resources = new ArrayList<>();
APIResource apiResource = new APIResource();
resources.add(apiResource);
apiDef.setResources(resources);
apiDef.setTags(new String[]{"windows", "device_management"});
APIConfig apiConfig = buildApiConfig(servletContext, apiDef);
Assert.assertNotNull(apiConfig, "API configuration is null.");
}
@Test(description = "test buildAPIConfig method with API scopes specified and " +
"ensures an APIConfig is created")
public void buildApiConfigTestWithScope() throws UserStoreException, APIManagerPublisherException {
ServletContext servletContext = new MockServletContext();
APIResourceConfiguration apiDef = new APIResourceConfiguration();
List<APIResource> resources = new ArrayList<>();
APIResource apiResource = new APIResource();
ApiScope apiScope = new ApiScope();
apiScope.setDescription("testing");
apiResource.setScope(apiScope);
resources.add(apiResource);
apiDef.setResources(resources);
apiDef.setTags(new String[]{"windows", "device_management"});
APIConfig apiConfig = buildApiConfig(servletContext, apiDef);
Assert.assertNotNull(apiConfig, "API configuration is null.");
}
@Test(description = "test method for setResourceAuthTypes")
public void testSetResourceAuthTypes() throws UserStoreException {
ServletContext servletContext = new MockServletContext();
APIResourceConfiguration apiDef = new APIResourceConfiguration();
List<APIResource> resources = new ArrayList<>();
apiDef.setResources(resources);
APIConfig apiConfig = buildApiConfig(servletContext, apiDef);
apiConfig.setContext("/*");
TestUtils util = new TestUtils();
util.setAPIURITemplates(apiConfig, "/*");
Assert.assertNotNull(apiConfig, "API configuration is null.");
setResourceAuthTypes(servletContext, apiConfig);
Set<ApiUriTemplate> templates = apiConfig.getUriTemplates();
Assert.assertEquals(templates.iterator().next().getAuthType(), AUTH_TYPE_NON_SECURED, "Resource " +
"auth type is not properly set");
}
@Test(description = "test the method getApiEndpointUrl")
public void testGetApiEndpointUrl() {
String context = "/reboot";
String url = getApiEndpointUrl(context);
Assert.assertEquals(url, "https://localhost:9445/reboot", "Expected url " +
"is not same as actual url");
}
@Test(expectedExceptions = WebappPublisherConfigurationFailedException.class, description =
"this tests the method convertToDocument with a undefined file name and ensures an " +
"exception occurs ")
public void testConvertToDocumentForException() throws WebappPublisherConfigurationFailedException {
WebappPublisherUtil.convertToDocument(null);
}
private void setUserRealm() throws RegistryException, org.wso2.carbon.user.core.UserStoreException {
RealmConfiguration configuration = new RealmConfiguration();
UserRealm userRealm = new InMemoryRealmService().getUserRealm(configuration);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUserRealm(userRealm);
}
private void startTenantFlowAsTestTenant() throws org.wso2.carbon.user.core.UserStoreException, RegistryException {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(1212);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain("test.com");
setUserRealm();
}
}

@ -0,0 +1,125 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.apimgt.webapp.publisher;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mockito.Mockito;
import org.testng.annotations.BeforeSuite;
import org.wso2.carbon.apimgt.integration.client.IntegrationClientServiceImpl;
import org.wso2.carbon.apimgt.integration.client.internal.APIIntegrationClientDataHolder;
import org.wso2.carbon.apimgt.integration.client.publisher.PublisherClient;
import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.api.APIsApi;
import org.wso2.carbon.apimgt.webapp.publisher.internal.APIPublisherDataHolder;
import org.wso2.carbon.apimgt.webapp.publisher.utils.MockApi;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.internal.OSGiDataHolder;
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.identity.jwt.client.extension.internal.JWTClientExtensionDataHolder;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService;
import org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerServiceImpl;
import org.wso2.carbon.registry.core.config.RegistryContext;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.internal.RegistryDataHolder;
import org.wso2.carbon.registry.core.jdbc.realm.InMemoryRealmService;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;
import java.io.File;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.net.URL;
import static org.mockito.Mockito.doReturn;
/**
* Base class which initializes carbonContext and needed services.
*/
public abstract class BaseAPIPublisherTest {
private static final Log log = LogFactory.getLog(BaseAPIPublisherTest.class);
@BeforeSuite
public void initialize() throws Exception {
this.initializeCarbonContext();
this.initServices();
}
private void initializeCarbonContext() throws RegistryException {
ClassLoader classLoader = getClass().getClassLoader();
URL resourceUrl = classLoader.getResource("carbon-home");
if (resourceUrl != null) {
File carbonHome = new File(resourceUrl.getFile());
System.setProperty("carbon.home", carbonHome.getAbsolutePath());
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants.
SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
}
private void initServices() throws NoSuchFieldException, IllegalAccessException,
JWTClientException, UserStoreException, RegistryException {
IntegrationClientService integrationClientService = Mockito.mock(IntegrationClientServiceImpl.class,
Mockito.CALLS_REAL_METHODS);
APIPublisherDataHolder.getInstance().setIntegrationClientService(integrationClientService);
PublisherClient publisherClient = Mockito.mock(PublisherClient.class, Mockito.CALLS_REAL_METHODS);
doReturn(publisherClient).when(integrationClientService).getPublisherClient();
APIsApi api = new MockApi();
Field field = PublisherClient.class.getDeclaredField("api");
field.setAccessible(true);
field.set(publisherClient, api);
AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
final String REQUIRED_SCOPE =
"apim:api_create apim:api_view apim:api_publish apim:subscribe apim:tier_view apim:tier_manage " +
"apim:subscription_view apim:subscription_block";
accessTokenInfo.setScopes(REQUIRED_SCOPE);
JWTClientManagerService jwtClientManagerService = Mockito.mock(JWTClientManagerServiceImpl.class,
Mockito.CALLS_REAL_METHODS);
JWTClient jwtClient = Mockito.mock(JWTClient.class, Mockito.CALLS_REAL_METHODS);
doReturn(accessTokenInfo).when(jwtClient).getAccessToken(Mockito.anyString(), Mockito.anyString(),
Mockito.anyString(), Mockito.anyString());
doReturn(jwtClient).when(jwtClientManagerService).getJWTClient();
APIIntegrationClientDataHolder.getInstance().setJwtClientManagerService(jwtClientManagerService);
RegistryService registryService = this.getRegistryService();
OSGiDataHolder.getInstance().setRegistryService(registryService);
JWTClientExtensionDataHolder.getInstance().setRegistryService(registryService);
}
private RegistryService getRegistryService() throws RegistryException, UserStoreException {
RealmService realmService = new InMemoryRealmService();
APIPublisherDataHolder.getInstance().setRealmService(realmService);
RegistryDataHolder.getInstance().setRealmService(realmService);
JWTClientExtensionDataHolder.getInstance().setRealmService(realmService);
InputStream is = this.getClass().getClassLoader().getResourceAsStream("carbon-home/repository/" +
"conf/registry.xml");
RegistryContext context = RegistryContext.getBaseInstance(is, realmService);
context.setSetup(true);
return context.getEmbeddedRegistryService();
}
}

@ -0,0 +1,86 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.utils;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.api.APIsApi;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.API;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.APIList;
import org.wso2.carbon.apimgt.integration.generated.client.publisher.model.FileInfo;
import java.io.File;
/**
* Class to create MockApi for testing.
*/
public class MockApi implements APIsApi {
@Override
public void apisApiIdDelete(String apiId, String ifMatch, String ifUnmodifiedSince) {
}
@Override
public API apisApiIdGet(String apiId, String accept, String ifNoneMatch, String ifModifiedSince) {
return null;
}
@Override
public API apisApiIdPut(String apiId, API body, String contentType, String ifMatch, String ifUnmodifiedSince) {
return null;
}
@Override
public void apisApiIdSwaggerGet(String apiId, String accept, String ifNoneMatch, String ifModifiedSince) {
}
@Override
public void apisApiIdSwaggerPut(String apiId, String apiDefinition, String contentType, String ifMatch, String ifUnmodifiedSince) {
}
@Override
public void apisApiIdThumbnailGet(String apiId, String accept, String ifNoneMatch, String ifModifiedSince) {
}
@Override
public FileInfo apisApiIdThumbnailPost(String apiId, File file, String contentType, String ifMatch, String ifUnmodifiedSince) {
return null;
}
@Override
public void apisChangeLifecyclePost(String action, String apiId, String lifecycleChecklist, String ifMatch, String ifUnmodifiedSince) {
}
@Override
public void apisCopyApiPost(String newVersion, String apiId) {
}
@Override
public APIList apisGet(Integer limit, Integer offset, String query, String accept, String ifNoneMatch) {
return null;
}
@Override
public API apisPost(API body, String contentType) {
return new API();
}
}

@ -0,0 +1,285 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.utils;
import javax.servlet.*;
import javax.servlet.descriptor.JspConfigDescriptor;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Enumeration;
import java.util.EventListener;
import java.util.Map;
import java.util.Set;
public class MockServletContext implements ServletContext {
@Override
public ServletContext getContext(String s) {
return null;
}
@Override
public String getContextPath() {
return null;
}
@Override
public int getMajorVersion() {
return 0;
}
@Override
public int getMinorVersion() {
return 0;
}
@Override
public int getEffectiveMajorVersion() {
return 0;
}
@Override
public int getEffectiveMinorVersion() {
return 0;
}
@Override
public String getMimeType(String s) {
return null;
}
@Override
public Set<String> getResourcePaths(String s) {
return null;
}
@Override
public URL getResource(String s) throws MalformedURLException {
return null;
}
@Override
public InputStream getResourceAsStream(String s) {
return null;
}
@Override
public RequestDispatcher getRequestDispatcher(String s) {
return null;
}
@Override
public RequestDispatcher getNamedDispatcher(String s) {
return null;
}
@Override
public Servlet getServlet(String s) throws ServletException {
return null;
}
@Override
public Enumeration<Servlet> getServlets() {
return null;
}
@Override
public Enumeration<String> getServletNames() {
return null;
}
@Override
public void log(String s) {
}
@Override
public void log(Exception e, String s) {
}
@Override
public void log(String s, Throwable throwable) {
}
@Override
public String getRealPath(String s) {
return null;
}
@Override
public String getServerInfo() {
return null;
}
@Override
public String getInitParameter(String s) {
return "/*";
}
@Override
public Enumeration<String> getInitParameterNames() {
return null;
}
@Override
public boolean setInitParameter(String s, String s1) {
return false;
}
@Override
public Object getAttribute(String s) {
return null;
}
@Override
public Enumeration<String> getAttributeNames() {
return null;
}
@Override
public void setAttribute(String s, Object o) {
}
@Override
public void removeAttribute(String s) {
}
@Override
public String getServletContextName() {
return null;
}
@Override
public ServletRegistration.Dynamic addServlet(String s, String s1) {
return null;
}
@Override
public ServletRegistration.Dynamic addServlet(String s, Servlet servlet) {
return null;
}
@Override
public ServletRegistration.Dynamic addServlet(String s, Class<? extends Servlet> aClass) {
return null;
}
@Override
public <T extends Servlet> T createServlet(Class<T> aClass) throws ServletException {
return null;
}
@Override
public ServletRegistration getServletRegistration(String s) {
return null;
}
@Override
public Map<String, ? extends ServletRegistration> getServletRegistrations() {
return null;
}
@Override
public FilterRegistration.Dynamic addFilter(String s, String s1) {
return null;
}
@Override
public FilterRegistration.Dynamic addFilter(String s, Filter filter) {
return null;
}
@Override
public FilterRegistration.Dynamic addFilter(String s, Class<? extends Filter> aClass) {
return null;
}
@Override
public <T extends Filter> T createFilter(Class<T> aClass) throws ServletException {
return null;
}
@Override
public FilterRegistration getFilterRegistration(String s) {
return null;
}
@Override
public Map<String, ? extends FilterRegistration> getFilterRegistrations() {
return null;
}
@Override
public SessionCookieConfig getSessionCookieConfig() {
return null;
}
@Override
public void setSessionTrackingModes(Set<SessionTrackingMode> set) throws IllegalStateException, IllegalArgumentException {
}
@Override
public Set<SessionTrackingMode> getDefaultSessionTrackingModes() {
return null;
}
@Override
public Set<SessionTrackingMode> getEffectiveSessionTrackingModes() {
return null;
}
@Override
public void addListener(String s) {
}
@Override
public <T extends EventListener> void addListener(T t) {
}
@Override
public void addListener(Class<? extends EventListener> aClass) {
}
@Override
public <T extends EventListener> T createListener(Class<T> aClass) throws ServletException {
return null;
}
@Override
public void declareRoles(String... strings) {
}
@Override
public ClassLoader getClassLoader() {
return null;
}
@Override
public JspConfigDescriptor getJspConfigDescriptor() {
return null;
}
}

@ -0,0 +1,48 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.utils;
import org.wso2.carbon.apimgt.webapp.publisher.APIConfig;
import org.wso2.carbon.apimgt.webapp.publisher.dto.ApiScope;
import org.wso2.carbon.apimgt.webapp.publisher.dto.ApiUriTemplate;
import java.util.LinkedHashSet;
import java.util.Set;
/**
* Contains util methods for webAppPublisher tests.
*/
public class TestUtils {
public void setAPIURITemplates(APIConfig apiConfig, String uriTemplate) {
Set<ApiUriTemplate> uriTemplates = new LinkedHashSet<>();
ApiUriTemplate template = new ApiUriTemplate();
template.setAuthType("Application & Application User");
template.setHttpVerb("POST");
template.setResourceURI("https://localhost:9443/api/device-mgt/windows/v1.0/admin/devices/reboot");
template.setUriTemplate(uriTemplate);
ApiScope scope = new ApiScope();
scope.setKey("perm:windows:reboot");
scope.setName("Reboot");
scope.setRoles("/permission/admin/device-mgt/devices/owning-device/operations/windows/reboot");
scope.setDescription("Lock reset on Windows devices");
template.setScope(scope);
uriTemplates.add(template);
apiConfig.setUriTemplates(uriTemplates);
}
}

@ -0,0 +1,429 @@
CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK (
REG_LOCK_NAME VARCHAR (20),
REG_LOCK_STATUS VARCHAR (20),
REG_LOCKED_TIME TIMESTAMP,
REG_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (REG_LOCK_NAME)
);
CREATE TABLE IF NOT EXISTS REG_LOG (
REG_LOG_ID INTEGER AUTO_INCREMENT,
REG_PATH VARCHAR (2000),
REG_USER_ID VARCHAR (31) NOT NULL,
REG_LOGGED_TIME TIMESTAMP NOT NULL,
REG_ACTION INTEGER NOT NULL,
REG_ACTION_DATA VARCHAR (500),
REG_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID)
);
CREATE INDEX IF NOT EXISTS REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_PATH(
REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_PATH_VALUE VARCHAR(2000) NOT NULL,
REG_PATH_PARENT_ID INT,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID)
);
CREATE INDEX IF NOT EXISTS REG_PATH_IND_BY_NAME ON REG_PATH(REG_PATH_VALUE, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_PATH_IND_BY_PARENT_ID ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_CONTENT (
REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_CONTENT_DATA LONGBLOB,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY (
REG_CONTENT_ID INTEGER NOT NULL,
REG_CONTENT_DATA LONGBLOB,
REG_DELETED SMALLINT,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_RESOURCE (
REG_PATH_ID INTEGER NOT NULL,
REG_NAME VARCHAR(256),
REG_VERSION INTEGER NOT NULL AUTO_INCREMENT,
REG_MEDIA_TYPE VARCHAR(500),
REG_CREATOR VARCHAR(31) NOT NULL,
REG_CREATED_TIME TIMESTAMP NOT NULL,
REG_LAST_UPDATOR VARCHAR(31),
REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL,
REG_DESCRIPTION VARCHAR(1000),
REG_CONTENT_ID INTEGER,
REG_TENANT_ID INTEGER DEFAULT 0,
REG_UUID VARCHAR(100) NOT NULL,
CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID)
);
ALTER TABLE REG_RESOURCE ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_NAME ON REG_RESOURCE(REG_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_PATH_ID_NAME ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY (
REG_PATH_ID INTEGER NOT NULL,
REG_NAME VARCHAR(256),
REG_VERSION INTEGER NOT NULL,
REG_MEDIA_TYPE VARCHAR(500),
REG_CREATOR VARCHAR(31) NOT NULL,
REG_CREATED_TIME TIMESTAMP NOT NULL,
REG_LAST_UPDATOR VARCHAR(31),
REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL,
REG_DESCRIPTION VARCHAR(1000),
REG_CONTENT_ID INTEGER,
REG_DELETED SMALLINT,
REG_TENANT_ID INTEGER DEFAULT 0,
REG_UUID VARCHAR(100) NOT NULL,
CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID)
);
ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_HISTORY_IND_BY_NAME ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_COMMENT (
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_COMMENT_TEXT VARCHAR(500) NOT NULL,
REG_USER_ID VARCHAR(31) NOT NULL,
REG_COMMENTED_TIME TIMESTAMP NOT NULL,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT (
REG_COMMENT_ID INTEGER NOT NULL,
REG_VERSION INTEGER,
REG_PATH_ID INTEGER,
REG_RESOURCE_NAME VARCHAR(256),
REG_TENANT_ID INTEGER DEFAULT 0
);
ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_COMMENT_IND_BY_VERSION ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_RATING (
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_RATING INTEGER NOT NULL,
REG_USER_ID VARCHAR(31) NOT NULL,
REG_RATED_TIME TIMESTAMP NOT NULL,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING (
REG_RATING_ID INTEGER NOT NULL,
REG_VERSION INTEGER,
REG_PATH_ID INTEGER,
REG_RESOURCE_NAME VARCHAR(256),
REG_TENANT_ID INTEGER DEFAULT 0
);
ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_RATING_IND_BY_VERSION ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_TAG (
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_TAG_NAME VARCHAR(500) NOT NULL,
REG_USER_ID VARCHAR(31) NOT NULL,
REG_TAGGED_TIME TIMESTAMP NOT NULL,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG (
REG_TAG_ID INTEGER NOT NULL,
REG_VERSION INTEGER,
REG_PATH_ID INTEGER,
REG_RESOURCE_NAME VARCHAR(256),
REG_TENANT_ID INTEGER DEFAULT 0
);
ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_TAG_IND_BY_VERSION ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_PROPERTY (
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_NAME VARCHAR(100) NOT NULL,
REG_VALUE VARCHAR(1000),
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY (
REG_PROPERTY_ID INTEGER NOT NULL,
REG_VERSION INTEGER,
REG_PATH_ID INTEGER,
REG_RESOURCE_NAME VARCHAR(256),
REG_TENANT_ID INTEGER DEFAULT 0
);
ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_RESOURCE_PROPERTY_IND_BY_VERSION ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID);
CREATE TABLE IF NOT EXISTS REG_ASSOCIATION (
REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT,
REG_SOURCEPATH VARCHAR (2000) NOT NULL,
REG_TARGETPATH VARCHAR (2000) NOT NULL,
REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL,
REG_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS REG_SNAPSHOT (
REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT,
REG_PATH_ID INTEGER NOT NULL,
REG_RESOURCE_NAME VARCHAR (256),
REG_RESOURCE_VIDS LONGBLOB NOT NULL,
REG_TENANT_ID INTEGER DEFAULT 0,
CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID)
);
ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT IF NOT EXISTS REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
CREATE INDEX IF NOT EXISTS REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
-- ################################
-- USER MANAGER TABLES
-- ################################
CREATE TABLE IF NOT EXISTS UM_TENANT (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_DOMAIN_NAME VARCHAR(255) NOT NULL,
UM_EMAIL VARCHAR(255),
UM_ACTIVE BOOLEAN DEFAULT FALSE,
UM_CREATED_DATE TIMESTAMP NOT NULL,
UM_USER_CONFIG LONGBLOB NOT NULL,
PRIMARY KEY (UM_ID),
UNIQUE(UM_DOMAIN_NAME));
CREATE TABLE IF NOT EXISTS UM_DOMAIN(
UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_DOMAIN_NAME VARCHAR(255),
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID)
);
CREATE INDEX IF NOT EXISTS INDEX_UM_TENANT_UM_DOMAIN_NAME ON UM_TENANT (UM_DOMAIN_NAME);
CREATE TABLE IF NOT EXISTS UM_USER (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255) NOT NULL,
UM_USER_PASSWORD VARCHAR(255) NOT NULL,
UM_SALT_VALUE VARCHAR(31),
UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE,
UM_CHANGED_TIME TIMESTAMP NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID),
UNIQUE(UM_USER_NAME, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_SYSTEM_USER (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255) NOT NULL,
UM_USER_PASSWORD VARCHAR(255) NOT NULL,
UM_SALT_VALUE VARCHAR(31),
UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE,
UM_CHANGED_TIME TIMESTAMP NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID),
UNIQUE(UM_USER_NAME, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_USER_ATTRIBUTE (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_ATTR_NAME VARCHAR(255) NOT NULL,
UM_ATTR_VALUE VARCHAR(1024),
UM_PROFILE_ID VARCHAR(255),
UM_USER_ID INTEGER,
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID),
FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID));
CREATE INDEX IF NOT EXISTS UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID);
CREATE TABLE IF NOT EXISTS UM_ROLE (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_ROLE_NAME VARCHAR(255) NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UM_SHARED_ROLE BOOLEAN DEFAULT FALSE,
PRIMARY KEY (UM_ID, UM_TENANT_ID),
UNIQUE(UM_ROLE_NAME, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_MODULE(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_MODULE_NAME VARCHAR(100),
UNIQUE(UM_MODULE_NAME),
PRIMARY KEY(UM_ID)
);
CREATE TABLE IF NOT EXISTS UM_MODULE_ACTIONS(
UM_ACTION VARCHAR(255) NOT NULL,
UM_MODULE_ID INTEGER NOT NULL,
PRIMARY KEY(UM_ACTION, UM_MODULE_ID),
FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS UM_PERMISSION (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_RESOURCE_ID VARCHAR(255) NOT NULL,
UM_ACTION VARCHAR(255) NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UM_MODULE_ID INTEGER DEFAULT 0,
UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID));
CREATE INDEX IF NOT EXISTS INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID);
CREATE TABLE IF NOT EXISTS UM_ROLE_PERMISSION (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_PERMISSION_ID INTEGER NOT NULL,
UM_ROLE_NAME VARCHAR(255) NOT NULL,
UM_IS_ALLOWED SMALLINT NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UM_DOMAIN_ID INTEGER,
FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE,
PRIMARY KEY (UM_ID, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_USER_PERMISSION (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_PERMISSION_ID INTEGER NOT NULL,
UM_USER_NAME VARCHAR(255) NOT NULL,
UM_IS_ALLOWED SMALLINT NOT NULL,
UNIQUE (UM_PERMISSION_ID, UM_USER_NAME, UM_TENANT_ID),
UM_TENANT_ID INTEGER DEFAULT 0,
FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
PRIMARY KEY (UM_ID, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_USER_ROLE (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_ROLE_ID INTEGER NOT NULL,
UM_USER_ID INTEGER NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID),
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID),
FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID));
CREATE TABLE IF NOT EXISTS UM_SHARED_USER_ROLE(
UM_ROLE_ID INTEGER NOT NULL,
UM_USER_ID INTEGER NOT NULL,
UM_USER_TENANT_ID INTEGER NOT NULL,
UM_ROLE_TENANT_ID INTEGER NOT NULL,
UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID),
FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE ,
FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS UM_ACCOUNT_MAPPING(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255) NOT NULL,
UM_TENANT_ID INTEGER NOT NULL,
UM_USER_STORE_DOMAIN VARCHAR(100),
UM_ACC_LINK_ID INTEGER NOT NULL,
UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID),
FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE,
PRIMARY KEY (UM_ID)
);
CREATE TABLE IF NOT EXISTS UM_DIALECT(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_DIALECT_URI VARCHAR(255) NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UNIQUE(UM_DIALECT_URI, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_CLAIM(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_DIALECT_ID INTEGER NOT NULL,
UM_CLAIM_URI VARCHAR(255) NOT NULL,
UM_DISPLAY_TAG VARCHAR(255),
UM_DESCRIPTION VARCHAR(255),
UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255),
UM_MAPPED_ATTRIBUTE VARCHAR(255),
UM_REG_EX VARCHAR(255),
UM_SUPPORTED SMALLINT,
UM_REQUIRED SMALLINT,
UM_DISPLAY_ORDER INTEGER,
UM_CHECKED_ATTRIBUTE SMALLINT,
UM_READ_ONLY SMALLINT,
UM_TENANT_ID INTEGER DEFAULT 0,
UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI,UM_MAPPED_ATTRIBUTE_DOMAIN, UM_TENANT_ID),
FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_PROFILE_CONFIG(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_DIALECT_ID INTEGER,
UM_PROFILE_NAME VARCHAR(255),
UM_TENANT_ID INTEGER DEFAULT 0,
FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_HYBRID_ROLE(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_ROLE_NAME VARCHAR(255),
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_HYBRID_USER_ROLE(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255),
UM_ROLE_ID INTEGER NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UM_DOMAIN_ID INTEGER,
UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID,UM_DOMAIN_ID),
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE,
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_HYBRID_REMEMBER_ME (
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255) NOT NULL,
UM_COOKIE_VALUE VARCHAR(1024),
UM_CREATED_TIME TIMESTAMP,
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_SYSTEM_ROLE(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_ROLE_NAME VARCHAR(255),
UM_TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);
CREATE TABLE IF NOT EXISTS UM_SYSTEM_USER_ROLE(
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
UM_USER_NAME VARCHAR(255),
UM_ROLE_ID INTEGER NOT NULL,
UM_TENANT_ID INTEGER DEFAULT 0,
UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID),
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID),
PRIMARY KEY (UM_ID, UM_TENANT_ID)
);

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!--
This configuration file represents the configuration that are needed
when publishing APIs to API Manager
-->
<WebappPublisherConfigs>
<!-- This host is used to define the host address which is used to publish APIs -->
<Host>https://localhost:9445</Host>
<!-- If it is true, the APIs of this instance will be published to the defined host -->
<PublishAPI>true</PublishAPI>
<!-- If it is true, the APIs of this instance will be updated when the webapps are redeployed -->
<EnabledUpdateApi>true</EnabledUpdateApi>
<!--Webapp will be published only when running below profiles-->
<Profiles>
<Profile>default</Profile>
</Profiles>
</WebappPublisherConfigs>

@ -0,0 +1,50 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<wso2registry>
<!--
For details on configuring different config & governance registries see;
http://wso2.org/library/tutorials/2010/04/sharing-registry-space-across-multiple-product-instances
-->
<currentDBConfig>wso2registry</currentDBConfig>
<readOnly>false</readOnly>
<enableCache>true</enableCache>
<registryRoot>/</registryRoot>
<dbConfig name="wso2registry">
<url>jdbc:h2:./target/databasetest/CARBON_TEST</url>
<!--userName>sa</userName>
<password>sa</password-->
<driverName>org.h2.Driver</driverName>
<maxActive>80</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
</dbConfig>
<versionResourcesOnChange>false</versionResourcesOnChange>
<!-- NOTE: You can edit the options under "StaticConfiguration" only before the
startup. -->
<staticConfiguration>
<versioningProperties>true</versioningProperties>
<versioningComments>true</versioningComments>
<versioningTags>true</versioningTags>
<versioningRatings>true</versioningRatings>
</staticConfiguration>
</wso2registry>

@ -0,0 +1,29 @@
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
<suite name="DeviceManagementExtensions">
<parameter name="useDefaultListeners" value="false"/>
<test name="DeviceType Manager Service Test Cases" preserve-order="true">
<classes>
<class name="org.wso2.carbon.apimgt.webapp.publisher.APIPublisherServiceTest"/>
</classes>
</test>
</suite>

@ -0,0 +1,80 @@
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<UserManager>
<Realm>
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName>
<ReadOnly>false</ReadOnly>
<MaxUserNameListLength>500</MaxUserNameListLength>
<Property name="url">jdbc:h2:target/databasetest/CARBON_TEST</Property>
<Property name="driverName">org.h2.Driver</Property>
<Property name="maxActive">50</Property>
<Property name="maxWait">60000</Property>
<Property name="minIdle">5</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
<Property name="ReadOnly">false</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="IsEmailUserName">false</Property>
<Property name="DomainCalculation">default</Property>
<Property name="PasswordDigest">SHA-256</Property>
<Property name="StoreSaltedPassword">true</Property>
<Property name="ReadGroups">true</Property>
<Property name="WriteGroups">true</Property>
<Property name="UserNameUniqueAcrossTenants">false</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property name="PasswordJavaRegExViolationErrorMsg">Password length should be between 5 to 30 characters
</Property>
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\&lt;&gt;,\'\"]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="SharedGroupEnabled">false</Property>
<Property name="SCIMEnabled">false</Property>
<Property name="CaseSensitiveUsername">true</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="BulkImportSupported">true</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>
<SystemPermission>
<Permission>login</Permission>
<Permission>manage-configuration</Permission>
<Permission>manage-security</Permission>
<Permission>upload-services</Permission>
<Permission>manage-services</Permission>
<Permission>manage-lc-configuration</Permission>
<Permission>manage-mediation</Permission>
<Permission>monitor-system</Permission>
<Permission>delegate-identity</Permission>
</SystemPermission>
</UserManager>

@ -22,13 +22,13 @@
<parent>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>carbon-devicemgt</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>apimgt-extensions</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>pom</packaging>
<name>WSO2 Carbon - API Management Extensions Component</name>
<url>http://wso2.org</url>

@ -0,0 +1,91 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.application.mgt.common;
import org.wso2.carbon.device.application.mgt.common.jaxrs.Exclude;
import java.util.Date;
/**
* Application represents the an Application in Application Store.
*/
public class DeviceType {
@Exclude
private int id;
private String type;
private String name;
private Date lastUpdated;
private String providerTenantID;
private int sharedWithAllTenants;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Date getLastUpdated() {
return lastUpdated;
}
public void setLastUpdated(Date lastUpdated) {
this.lastUpdated = lastUpdated;
}
public String getProviderTenantID() {
return providerTenantID;
}
public void setProviderTenantID(String providerTenantID) {
this.providerTenantID = providerTenantID;
}
public int getSharedWithAllTenants() {
return sharedWithAllTenants;
}
public void setSharedWithAllTenants(int sharedWithAllTenants) {
this.sharedWithAllTenants = sharedWithAllTenants;
}
}

@ -0,0 +1,72 @@
/*
*
* Copyright (c) ${date}, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* /
*/
package org.wso2.carbon.device.application.mgt.common;
import org.wso2.carbon.device.application.mgt.common.jaxrs.Exclude;
import java.util.Date;
/**
* Application represents the an Application in Application Store.
*/
public class Tag {
@Exclude
private int id;
private String tenantId;
private String tagName;
private Application application;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getTenantId() {
return tenantId;
}
public void setTenantId(String tenantId) {
this.tenantId = tenantId;
}
public String getTagName() {
return tagName;
}
public void setTagName(String tagName) {
this.tagName = tagName;
}
public Application getApplication() {
return application;
}
public void setApplication(Application application) {
this.application = application;
}
}

@ -0,0 +1,80 @@
/*
*
* Copyright (c) ${date}, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* /
*/
package org.wso2.carbon.device.application.mgt.common;
import org.wso2.carbon.device.application.mgt.common.jaxrs.Exclude;
/**
* Application represents the an Application in Application Store.
*/
public class UnrestrictedRoles {
@Exclude
private int id;
private String tenantId;
private String tagName;
private Application application;
private String role;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getTenantId() {
return tenantId;
}
public void setTenantId(String tenantId) {
this.tenantId = tenantId;
}
public String getTagName() {
return tagName;
}
public void setTagName(String tagName) {
this.tagName = tagName;
}
public Application getApplication() {
return application;
}
public void setApplication(Application application) {
this.application = application;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
}

@ -0,0 +1,460 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var storeModule;
storeModule = function () {
var log = new Log("/app/modules/business-controllers/app.js");
var utility = require('/app/modules/utility.js')["utility"];
var constants = require('/app/modules/constants.js');
var storeProps = require("/app/modules/conf-reader/main.js")["conf"];
var serviceInvokers = require("/app/modules/oauth/token-protected-service-invokers.js")["invokers"];
var batchProvider = require("/app/modules/batch-provider-api.js")["batchProviders"];
var process = require("process");
var carbon = require("carbon");
var publicMethods = {};
var privateMethods = {};
/**
* Only GET method is implemented for now since there are no other type of methods used this method.
* @param url - URL to call the backend without the host
* @param method - HTTP Method (GET, POST)
* @returns An object with 'status': 'success'|'error', 'content': {}
*/
privateMethods.callBackend = function (url, method) {
if (constants["HTTP_GET"] === method) {
return serviceInvokers.XMLHttp.get(url,
function (backendResponse) {
var response = {};
response.content = backendResponse.responseText;
if (backendResponse.status === 200) {
response.status = "success";
} else if (backendResponse.status === 400 || backendResponse.status === 401 ||
backendResponse.status === 404 || backendResponse.status === 500) {
response.status = "error";
}
return response;
}
);
} else {
log.error("Runtime error : This method only support HTTP GET requests.");
}
};
privateMethods.validateAndReturn = function (value) {
return (value === undefined || value === null) ? constants["UNSPECIFIED"] : value;
};
/*
@Updated
*/
publicMethods.viewApps = function (deviceType, deviceId) {
var carbonUser = session.get(constants["USER_SESSION_KEY"]);
if (!carbonUser) {
log.error("User object was not found in the session");
userModule.logout(function () {
response.sendRedirect(storeProps["appContext"] + "login");
});
}
//////////////////
try {
var url = storeProps["httpsURL"] + "/api/device-mgt/v1.0/devices/applications/"+storeProps["version"]+"/*";
serviceInvokers.XMLHttp.get(
url,
function (backendResponse) {
if (backendResponse.status === 200 && backendResponse.responseText) {
var apps = parse(backendResponse.responseText);
}
});
} catch (e) {
log.error(e.message, e);
}
/////////////////////////
var userName = carbonUser.username + "@" + carbonUser.domain;
var locationHistory = [];
var geoServicesEnabled = storeProps.serverConfig.geoLocationConfiguration.isEnabled;
if (geoServicesEnabled) {
try {
var fromDate = new Date();
fromDate.setHours(fromDate.getHours() - 2);
var toDate = new Date();
var serviceUrl = storeProps["httpsURL"] + '/api/device-mgt/v1.0/geo-services/stats/' + deviceType + '/' + deviceId + '?from=' + fromDate + '&to=' + toDate;
serviceInvokers.XMLHttp.get(serviceUrl,
function (backendResponse) {
if (backendResponse.status === 200 && backendResponse.responseText) {
locationHistory = JSON.parse(backendResponse.responseText);
}
});
} catch (e) {
log.error(e.message, e);
}
}
var locationInfo = {};
try {
var url = storeProps["httpsURL"] + "/api/device-mgt/v1.0/devices/" + deviceType + "/" + deviceId + "/location";
serviceInvokers.XMLHttp.get(
url,
function (backendResponse) {
if (backendResponse.status === 200 && backendResponse.responseText) {
var device = parse(backendResponse.responseText);
locationInfo.latitude = device.latitude;
locationInfo.longitude = device.longitude;
locationInfo.updatedOn = device.updatedTime;
}
});
} catch (e) {
log.error(e.message, e);
}
var utility = require('/app/modules/utility.js')["utility"];
try {
utility.startTenantFlow(carbonUser);
var url = storeProps["httpsURL"] + "/api/device-mgt/v1.0/devices/" + deviceType + "/" + deviceId;
return serviceInvokers.XMLHttp.get(
url,
function (backendResponse) {
var response = {};
if (backendResponse.status === 200 && backendResponse.responseText) {
var device = parse(backendResponse.responseText);
var filteredDeviceData = {};
if (device["deviceIdentifier"]) {
filteredDeviceData["deviceIdentifier"] = device["deviceIdentifier"];
}
if (device["type"]) {
filteredDeviceData["type"] = device["type"];
}
if (device["name"]) {
filteredDeviceData["name"] = device["name"];
}
if (device["enrolmentInfo"]) {
var enrolmentInfo = {};
if (device["enrolmentInfo"]["status"]) {
enrolmentInfo["status"] = device["enrolmentInfo"]["status"];
}
if (device["enrolmentInfo"]["owner"]) {
enrolmentInfo["owner"] = device["enrolmentInfo"]["owner"];
}
if (device["enrolmentInfo"]["ownership"]) {
enrolmentInfo["ownership"] = device["enrolmentInfo"]["ownership"];
}
filteredDeviceData["enrolmentInfo"] = enrolmentInfo;
}
if (device["properties"] && device["properties"].length > 0) {
var propertiesList = device["properties"];
var properties = {};
if (propertiesList) {
for (var i = 0; i < propertiesList.length; i++) {
if (propertiesList[i]["value"]) {
properties[propertiesList[i]["name"]] =
propertiesList[i]["value"];
}
}
}
filteredDeviceData["initialDeviceInfo"] = properties;
if (properties["DEVICE_INFO"]) {
var initialDeviceInfoList = parse(properties["DEVICE_INFO"]);
var initialDeviceInfo = {};
if (Array.isArray(initialDeviceInfoList)) {
for (var j = 0; j < initialDeviceInfoList.length; j++) {
if (initialDeviceInfoList[j]["value"]) {
initialDeviceInfo[initialDeviceInfoList[j]["name"]] =
initialDeviceInfoList[j]["value"];
}
}
} else {
initialDeviceInfo = initialDeviceInfoList;
}
filteredDeviceData["initialDeviceInfo"]["DEVICE_INFO"] = initialDeviceInfo;
}
}
if (filteredDeviceData["type"]) {
if (filteredDeviceData["type"] === constants["PLATFORM_IOS"]) {
if (filteredDeviceData["properties"]) {
filteredDeviceData["properties"]["VENDOR"] = "Apple";
}
}
}
if (device["deviceInfo"]) {
filteredDeviceData["latestDeviceInfo"] = device["deviceInfo"];
} else {
filteredDeviceData["latestDeviceInfo"] = {};
filteredDeviceData["latestDeviceInfo"]["location"] = {};
}
//location related verification and modifications
// adding the location histry for the movement path.
filteredDeviceData["locationHistory"] = locationHistory;
//checking for the latest location information based on historical data.
if (locationHistory) {
var infoDate;
var locationDate;
var historicalLatestLoc = locationHistory[locationHistory.length - 1];
if (historicalLatestLoc && filteredDeviceData.latestDeviceInfo && filteredDeviceData.latestDeviceInfo.location) {
infoDate = new Date(filteredDeviceData.latestDeviceInfo.location.updatedTime);
locationDate = new Date(historicalLatestLoc.values.timeStamp);
}
if (infoDate < locationDate || filteredDeviceData.latestDeviceInfo.length === 0) {
filteredDeviceData.latestDeviceInfo.location = {};
filteredDeviceData.latestDeviceInfo.location.longitude = historicalLatestLoc.values.longitude;
filteredDeviceData.latestDeviceInfo.location.latitude = historicalLatestLoc.values.latitude;
filteredDeviceData.latestDeviceInfo.location.updatedTime = historicalLatestLoc.values.timeStamp;
}
}
//checking for the latest location information.
if (filteredDeviceData.latestDeviceInfo.location && locationInfo) {
var infoDate = new Date(filteredDeviceData.latestDeviceInfo.location.updatedTime);
var locationDate = new Date(locationInfo.updatedOn);
if (infoDate < locationDate) {
filteredDeviceData.latestDeviceInfo.location.longitude = locationInfo.longitude;
filteredDeviceData.latestDeviceInfo.location.latitude = locationInfo.latitude;
filteredDeviceData.latestDeviceInfo.location.updatedTime = locationInfo.updatedOn;
}
}
response["content"] = filteredDeviceData;
response["status"] = "success";
return response;
} else if (backendResponse.status === 401) {
response["status"] = "unauthorized";
return response;
} else if (backendResponse.status === 404) {
response["status"] = "notFound";
return response;
} else {
response["status"] = "error";
return response;
}
}
);
} catch (e) {
throw e;
} finally {
utility.endTenantFlow();
}
};
// Refactored methods
publicMethods.getDevicesCount = function () {
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (carbonUser) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var uiPermissions = userModule.getUIPermissions();
var url;
if (uiPermissions.LIST_DEVICES) {
url = storeProps["httpsURL"] +
storeProps["backendRestEndpoints"]["deviceMgt"] + "/devices?offset=0&limit=1";
} else if (uiPermissions.LIST_OWN_DEVICES) {
url = storeProps["httpsURL"] + storeProps["backendRestEndpoints"]["deviceMgt"] +
"/devices?offset=0&limit=1&user=" + carbonUser.username;
} else {
log.error("Access denied for user: " + carbonUser.username);
return -1;
}
return serviceInvokers.XMLHttp.get(
url, function (responsePayload) {
if(!responsePayload["responseText"]){
log.error("Error while fetching device count. API `" + url + "` returns HTTP: " + responsePayload["status"]);
userModule.logout(function () {
response.sendRedirect(storeProps["appContext"] + "login");
});
}
return parse(responsePayload["responseText"])["count"];
},
function (responsePayload) {
log.error(responsePayload["responseText"]);
return -1;
}
);
} else {
log.error("User object was not found in the session");
userModule.logout(function () {
response.sendRedirect(storeProps["appContext"] + "login");
});
}
};
publicMethods.getDeviceTypeCount = function () {
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (carbonUser) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var uiPermissions = userModule.getUIPermissions();
var url;
if (uiPermissions.LIST_OWN_DEVICES) {
url = storeProps["httpsURL"] +
storeProps["backendRestEndpoints"]["deviceMgt"] + "/device-types";
} else {
log.error("Access denied for user: " + carbonUser.username);
return -1;
}
return serviceInvokers.XMLHttp.get(
url, function (responsePayload) {
return parse(responsePayload["responseText"])["count"];
},
function (responsePayload) {
log.error(responsePayload["responseText"]);
return -1;
}
);
} else {
log.error("User object was not found in the session");
userModule.logout(function () {
response.sendRedirect(storeProps["appContext"] + "login");
});
}
};
publicMethods.getDeviceTypes = function () {
var url = storeProps["httpsURL"] + storeProps["backendRestEndpoints"]["deviceMgt"] + "/device-types";
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status === "success") {
response.content = parse(response.content);
}
return response;
};
publicMethods.getDeviceTypesConfig = function () {
var url = storeProps["httpsURL"] + storeProps["backendRestEndpoints"]["deviceMgt"] + "/device-types/config";
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status === "success") {
response.content = parse(response.content);
}
return response;
};
/*
@Updated
*/
// publicMethods.getLicense = function (deviceType) {
// var url;
// var license;
// if (deviceType == "windows") {
// url = mdmProps["httpURL"] + "/mdm-windows-agent/services/device/license";
// } else if (deviceType == "ios") {
// url = mdmProps["httpsURL"] + "/ios-enrollment/license/";
// }
// if (url != null && url != undefined) {
// serviceInvokers.XMLHttp.get(url, function (responsePayload) {
// license = responsePayload.text;
// }, function (responsePayload) {
// return null;
// });
// }
// return license;
// };
publicMethods.getDevices = function (userName) {
var url = storeProps["httpsURL"] +
storeProps["backendRestEndpoints"]["deviceMgt"] + "/devices";
if (userName && userName !== "") {
url = url + "?user=" + userName;
}
return serviceInvokers.XMLHttp.get(
url, function (responsePayload) {
var devices = JSON.parse(responsePayload.responseText).devices;
for (var i = 0; i < devices.length; i++) {
devices[i].thumb = utility.getDeviceThumb(devices[i].type);
}
return devices;
},
function (responsePayload) {
log.error(responsePayload);
return -1;
}
);
};
publicMethods.getDeviceAgentConfig = function (type, deviceId) {
var carbonUser = session.get(constants["USER_SESSION_KEY"]);
if (!carbonUser) {
log.error("User object was not found in the session");
userModule.logout(function () {
response.sendRedirect(storeProps["appContext"] + "login");
});
}
var userName = carbonUser.username + "@" + carbonUser.domain;
var config = {};
config.type = type;
config.deviceId = deviceId;
// register a tenant based app at API Manager
var applicationName = type.replace(" ", "") + "_" + carbonUser.domain;
var requestURL = (storeProps["oauthProvider"]["appRegistration"]
["apiManagerClientAppRegistrationServiceURL"]).replace("/tenants","");
var payload = {applicationName:applicationName, tags:["device_agent"],
isAllowedToAllDomains:false, validityPeriod: 3600};
serviceInvokers.XMLHttp.post(
requestURL, payload, function (responsePayload) {
var app = JSON.parse(responsePayload.responseText);
config.clientId = app["client_id"];
config.clientSecret = app["client_secret"];
if (config.clientId && config.clientSecret) {
var JWTClientManagerServicePackagePath =
"org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService";
//noinspection JSUnresolvedFunction, JSUnresolvedVariable
var JWTClientManagerService = carbon.server.osgiService(JWTClientManagerServicePackagePath);
//noinspection JSUnresolvedFunction
var jwtClient = JWTClientManagerService.getJWTClient();
// returning access token by JWT grant type
var deviceScope = "device_" + type.replace(" ", "") + "_" + deviceId + " perm:device:enroll " +
"perm:device:disenroll perm:device:modify perm:devices:operations perm:device:publish-event";
var tokenInfo = jwtClient.getAccessToken(config.clientId, config.clientSecret,
userName, deviceScope);
config.accessToken = tokenInfo.getAccessToken();
config.refreshToken = tokenInfo.getRefreshToken();
if (config.accessToken === null) {
return null;
}
config.mqttGateway = "tcp://" + process.getProperty("mqtt.broker.host") + ":" + process.getProperty("mqtt.broker.port");
config.httpsGateway = "https://" + process.getProperty("iot.gateway.host") + ":" + process.getProperty("iot.gateway.https.port");
config.httpGateway = "http://" + process.getProperty("iot.gateway.host") + ":" + process.getProperty("iot.gateway.http.port");
return config;
} else {
return null;
}
return config;
},
function (responsePayload) {
log.error(responsePayload);
return null;
}
);
return config;
};
return publicMethods;
}();

@ -22,7 +22,7 @@
<parent>
<artifactId>certificate-mgt</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
@ -49,6 +49,32 @@
<warName>api#scep-mgt#v1.0</warName>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -22,7 +22,7 @@
<parent>
<artifactId>certificate-mgt</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
@ -49,6 +49,32 @@
<warName>api#certificate-mgt#v1.0</warName>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -73,10 +73,8 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
for (EnrollmentCertificate enrollmentCertificate : enrollmentCertificates) {
certificate = new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
certificate.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
X509Certificate x509Certificate = certificateService
.pemToX509Certificate(enrollmentCertificate.getPem());
certificate.setSerial(x509Certificate.getSerialNumber().toString());
certificate.setCertificate(x509Certificate);
certificate.setSerial(enrollmentCertificate.getSerial());
certificate.setCertificate(certificateService.pemToX509Certificate(enrollmentCertificate.getPem()));
certificates.add(certificate);
}
certificateService.saveCertificate(certificates);

@ -21,13 +21,13 @@
<parent>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>certificate-mgt</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>bundle</packaging>
<name>WSO2 Carbon - Certificate Management Core</name>
<description>WSO2 Carbon - Certificate Management Core</description>
@ -60,7 +60,7 @@
org.apache.commons.logging,
javax.security.auth.x500,
javax.xml.*,
javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional,
javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional,
org.apache.commons.codec.binary;version="${commons-codec.wso2.osgi.version.range}",
org.bouncycastle.asn1,
org.bouncycastle.asn1.x500,
@ -94,6 +94,8 @@
io.swagger.annotations.*;resolution:=optional,
org.wso2.carbon.device.mgt.core.*,
org.wso2.carbon.registry.indexing.*,
javax.cache.*,
javax.naming.ldap
<!--org.bouncycastle.pkcs.jcajce-->
</Import-Package>
<Export-Package>
@ -104,25 +106,66 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.18</version>
<configuration>
<systemPropertyVariables>
<log4j.configuration>file:src/test/resources/log4j.properties</log4j.configuration>
</systemPropertyVariables>
<suiteXmlFiles>
<suiteXmlFile>src/test/resources/testng.xml</suiteXmlFile>
</suiteXmlFiles>
<systemPropertyVariables>
<jacoco-agent.destfile>${basedir}/target/coverage-reports/jacoco-unit.exec</jacoco-agent.destfile>
<log4j.configuration>file:src/test/resources/log4j.properties</log4j.configuration>
</systemPropertyVariables>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>${jacoco.maven.plugin.version}</version>
<executions>
<execution>
<id>default-instrument</id>
<goals>
<goal>instrument</goal>
</goals>
</execution>
<execution>
<id>default-restore-instrumented-classes</id>
<goals>
<goal>restore-instrumented-classes</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>prepare-package</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
<execution>
<id>default-report-integration</id>
<goals>
<goal>report-integration</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<dependencies>
<dependency>
<groupId>org.jacoco</groupId>
<artifactId>org.jacoco.agent</artifactId>
<version>${jacoco.maven.plugin.version}</version>
<classifier>runtime</classifier>
</dependency>
<dependency>
<groupId>org.eclipse.osgi</groupId>
<artifactId>org.eclipse.osgi</artifactId>
@ -135,6 +178,21 @@
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
</dependency>
<dependency>
<groupId>com.h2database.wso2</groupId>
<artifactId>h2-database-engine</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-module-testng</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.logging</artifactId>

@ -0,0 +1,39 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.cache;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
/**
* This interface for caching the certificates.
*/
public interface CertificateCacheManager {
void addCertificateBySerial(String serialNumber, CertificateResponse certificate) ;
void addCertificateByCN(String commonName, CertificateResponse certificate) ;
CertificateResponse getCertificateBySerial(String serialNumber) ;
CertificateResponse getCertificateByCN(String commonName) ;
}

@ -0,0 +1,132 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.cache.impl;
import org.wso2.carbon.certificate.mgt.core.cache.CertificateCacheManager;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
import javax.cache.Cache;
import javax.cache.CacheConfiguration;
import javax.cache.CacheManager;
import javax.cache.Caching;
import java.util.concurrent.TimeUnit;
public class CertificateCacheManagerImpl implements CertificateCacheManager {
public static final String CERTIFICATE_CACHE_MANAGER = "CERTIFICATE_CACHE_MANAGER";
public static final String CERTIFICATE_CACHE = "CERTIFICATE_CACHE";
private static boolean isCertificateCacheInitialized = false;
private static String SERIAL_PRE = "S_";
private static String COMMON_NAME_PRE = "C_";
private static CertificateCacheManager certificateCacheManager;
private CertificateCacheManagerImpl() {
}
public static CertificateCacheManager getInstance() {
if (certificateCacheManager == null) {
synchronized (CertificateCacheManagerImpl.class) {
if (certificateCacheManager == null) {
certificateCacheManager = new CertificateCacheManagerImpl();
}
}
}
return certificateCacheManager;
}
@Override
public void addCertificateBySerial(String serialNumber, CertificateResponse certificate) {
CertificateCacheManagerImpl.getCertificateCache().put(SERIAL_PRE + serialNumber, certificate);
}
@Override
public void addCertificateByCN(String commonName, CertificateResponse certificate) {
CertificateCacheManagerImpl.getCertificateCache().put(COMMON_NAME_PRE + commonName, certificate);
}
@Override
public CertificateResponse getCertificateBySerial(String serialNumber) {
return CertificateCacheManagerImpl.getCertificateCache().get(SERIAL_PRE + serialNumber);
}
@Override
public CertificateResponse getCertificateByCN(String commonName) {
return CertificateCacheManagerImpl.getCertificateCache().get(COMMON_NAME_PRE + commonName);
}
private static CacheManager getCacheManager() {
return Caching.getCacheManagerFactory().getCacheManager(CertificateCacheManagerImpl.CERTIFICATE_CACHE_MANAGER);
}
public static Cache<String, CertificateResponse> getCertificateCache() {
DeviceManagementConfig config = DeviceConfigurationManager.getInstance().getDeviceManagementConfig();
CacheManager manager = getCacheManager();
Cache<String, CertificateResponse> certificateCache = null;
if (config.getDeviceCacheConfiguration().isEnabled()) {
if (!isCertificateCacheInitialized) {
initializeCertificateCache();
}
if (manager != null) {
certificateCache = manager.<String, CertificateResponse>getCache(CertificateCacheManagerImpl.CERTIFICATE_CACHE);
} else {
certificateCache = Caching.getCacheManager(CertificateCacheManagerImpl.CERTIFICATE_CACHE_MANAGER).
<String, CertificateResponse>getCache(CertificateCacheManagerImpl.CERTIFICATE_CACHE);
}
}
return certificateCache;
}
public static void initializeCertificateCache() {
DeviceManagementConfig config = DeviceConfigurationManager.getInstance().getDeviceManagementConfig();
int certificateCacheExpiry = config.getCertificateCacheConfiguration().getExpiryTime();
CacheManager manager = getCacheManager();
if (config.getCertificateCacheConfiguration().isEnabled()) {
if (!isCertificateCacheInitialized) {
isCertificateCacheInitialized = true;
if (manager != null) {
if (certificateCacheExpiry > 0) {
manager.<String, CertificateResponse>createCacheBuilder(CertificateCacheManagerImpl.CERTIFICATE_CACHE).
setExpiry(CacheConfiguration.ExpiryType.MODIFIED, new CacheConfiguration.Duration(TimeUnit.SECONDS,
certificateCacheExpiry)).setExpiry(CacheConfiguration.ExpiryType.ACCESSED, new CacheConfiguration.
Duration(TimeUnit.SECONDS, certificateCacheExpiry)).setStoreByValue(true).build();
} else {
manager.<String, CertificateResponse>getCache(CertificateCacheManagerImpl.CERTIFICATE_CACHE);
}
} else {
if (certificateCacheExpiry > 0) {
Caching.getCacheManager().
<String, CertificateResponse>createCacheBuilder(CertificateCacheManagerImpl.CERTIFICATE_CACHE).
setExpiry(CacheConfiguration.ExpiryType.MODIFIED, new CacheConfiguration.Duration(TimeUnit.SECONDS,
certificateCacheExpiry)).setExpiry(CacheConfiguration.ExpiryType.ACCESSED, new CacheConfiguration.
Duration(TimeUnit.SECONDS, certificateCacheExpiry)).setStoreByValue(true).build();
} else {
Caching.getCacheManager().<String, CertificateResponse>getCache(CertificateCacheManagerImpl.CERTIFICATE_CACHE);
}
}
}
}
}
}

@ -115,7 +115,7 @@ public class CertificateManagementDAOFactory {
currentTxState.set(TxState.CONNECTION_BORROWED);
}
public static void openConnection() throws SQLException {
public static void openConnection() throws SQLException {
Connection conn = currentConnection.get();
if (conn != null) {
throw new IllegalTransactionStateException("A transaction is already active within the context of " +

@ -61,6 +61,9 @@ import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.security.auth.x500.X500Principal;
import javax.xml.bind.DatatypeConverter;
import java.io.ByteArrayInputStream;
@ -112,7 +115,7 @@ public class CertificateGenerator {
}
}
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error while deserializing the certificate.";
String errorMsg = "Error while during deserialization of the certificate.";
throw new CertificateManagementDAOException(errorMsg, e);
}
@ -320,10 +323,20 @@ public class CertificateGenerator {
CertificateResponse lookUpCertificate = null;
KeyStoreReader keyStoreReader = new KeyStoreReader();
if (distinguishedName != null && !distinguishedName.isEmpty()) {
String[] dnSplits = distinguishedName.split("/CN=");
if (dnSplits != null) {
String commonNameExtracted = dnSplits[dnSplits.length - 1];
lookUpCertificate = keyStoreReader.getCertificateBySerial(commonNameExtracted);
LdapName ldapName;
try {
ldapName = new LdapName(distinguishedName);
} catch (InvalidNameException e) {
throw new KeystoreException(
"Invalid name exception while trying to create a LDAP name using the distinguished name ", e);
}
for (Rdn relativeDistinuguishedNames : ldapName.getRdns()) {
if (relativeDistinuguishedNames.getType().equalsIgnoreCase("CN")) {
System.err.println("CN is: " + relativeDistinuguishedNames.getValue());
lookUpCertificate = keyStoreReader
.getCertificateBySerial(String.valueOf(relativeDistinuguishedNames.getValue()));
break;
}
}
}
return lookUpCertificate;
@ -409,21 +422,8 @@ public class CertificateGenerator {
Date validityEndDate = commonUtil.getValidityEndDate();
X500Name certSubject = new X500Name(CertificateManagementConstants.DEFAULT_PRINCIPAL);
//X500Name certSubject = request.getSubject();
Attribute attributes[] = request.getAttributes();
// if (certSubject == null) {
// certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
// } else {
// org.bouncycastle.asn1.x500.RDN[] rdn = certSubject.getRDNs();
//
// if (rdn == null || rdn.length == 0) {
// certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
// }
// }
RDN[] certUniqueIdRDN;
BigInteger certUniqueIdentifier;

@ -19,6 +19,8 @@ package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.cache.CertificateCacheManager;
import org.wso2.carbon.certificate.mgt.core.cache.impl.CertificateCacheManagerImpl;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateKeystoreConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
@ -126,8 +128,8 @@ public class KeyStoreReader {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
keyStore = loadKeyStore(certificateKeystoreConfig.getCertificateKeystoreType(),
certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
@ -140,7 +142,7 @@ public class KeyStoreReader {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
saveKeyStore(keyStore, certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
@ -251,7 +253,7 @@ public class KeyStoreReader {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
raPrivateKey = (PrivateKey) keystore.getKey(certificateKeystoreConfig.getRACertAlias(),
certificateKeystoreConfig.getRAPrivateKeyPassword().toCharArray());
certificateKeystoreConfig.getRAPrivateKeyPassword().toCharArray());
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving RA private key";
throw new KeystoreException(errorMsg, e);
@ -276,28 +278,36 @@ public class KeyStoreReader {
public CertificateResponse getCertificateBySerial(String serialNumber) throws KeystoreException {
CertificateResponse certificateResponse = null;
try {
CertificateManagementDAOFactory.openConnection();
certificateResponse = certDao.retrieveCertificate(serialNumber);
if (certificateResponse != null && certificateResponse.getCertificate() != null) {
Certificate certificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate());
if (certificate instanceof X509Certificate) {
X509Certificate x509cert = (X509Certificate) certificate;
String commonName = CertificateGenerator.getCommonName(x509cert);
certificateResponse.setCommonName(commonName);
CertificateCacheManager cacheManager = CertificateCacheManagerImpl.getInstance();
certificateResponse = cacheManager.getCertificateBySerial(serialNumber);
if (certificateResponse == null) {
try {
CertificateManagementDAOFactory.openConnection();
certificateResponse = certDao.retrieveCertificate(serialNumber);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
}
if (certificateResponse != null && certificateResponse.getCertificate() != null) {
Certificate certificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate());
if (certificate instanceof X509Certificate) {
X509Certificate x509cert = (X509Certificate) certificate;
String commonName = CertificateGenerator.getCommonName(x509cert);
certificateResponse.setCommonName(commonName);
cacheManager.addCertificateBySerial(serialNumber, certificateResponse);
}
}
}
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate from the the database for the serial number: " +
serialNumber;
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when de-serializing saved certificate.";
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
}
return certificateResponse;
}

@ -0,0 +1,133 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.common;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.jdbc.pool.PoolProperties;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeSuite;
import org.w3c.dom.Document;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.certificate.mgt.core.util.TestUtils;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
import javax.sql.DataSource;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import java.io.File;
import java.sql.Connection;
import java.sql.Statement;
public abstract class BaseDeviceManagementCertificateTest {
private DataSource dataSource;
private static final Log log = LogFactory.getLog(BaseDeviceManagementCertificateTest.class);
private static final String DATASOURCE_LOCATION = "src/test/resources/data-source-config.xml";
@BeforeSuite
public void setupDataSource() throws Exception {
this.initDataSource();
this.initSQLScript();
initializeCarbonContext();
}
public void initDataSource() throws Exception {
this.dataSource = this.getDataSource(this.readDataSourceConfig());
DeviceManagementDAOFactory.init(dataSource);
GroupManagementDAOFactory.init(dataSource);
}
public void initDataSource(DataSource ds) throws Exception {
this.dataSource = ds;
DeviceManagementDAOFactory.init(dataSource);
GroupManagementDAOFactory.init(dataSource);
}
@BeforeClass
public abstract void init() throws Exception;
private DataSource getDataSource(DataSourceConfig config) {
PoolProperties properties = new PoolProperties();
properties.setUrl(config.getUrl());
properties.setDriverClassName(config.getDriverClassName());
properties.setUsername(config.getUser());
properties.setPassword(config.getPassword());
return new org.apache.tomcat.jdbc.pool.DataSource(properties);
}
private DataSourceConfig readDataSourceConfig() throws DeviceManagementException {
try {
File file = new File(DATASOURCE_LOCATION);
Document doc = DeviceManagerUtil.convertToDocument(file);
JAXBContext testDBContext = JAXBContext.newInstance(DataSourceConfig.class);
Unmarshaller unmarshaller = testDBContext.createUnmarshaller();
return (DataSourceConfig) unmarshaller.unmarshal(doc);
} catch (JAXBException e) {
throw new DeviceManagementException("Error occurred while reading data source configuration", e);
}
}
private void initSQLScript() throws Exception {
Connection conn = null;
Statement stmt = null;
try {
conn = this.getDataSource().getConnection();
stmt = conn.createStatement();
stmt.executeUpdate("RUNSCRIPT FROM './src/test/resources/sql/h2.sql'");
} finally {
TestUtils.cleanupResources(conn, stmt, null);
}
}
private void initializeCarbonContext() {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants
.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
}
public DataSource getDataSource() {
return dataSource;
}
}

@ -0,0 +1,80 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.common;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Model class for DataSourceConfig.
*/
@XmlRootElement(name = "DataSourceConfig")
public class DataSourceConfig {
private String url;
private String driverClassName;
private String user;
private String password;
@Override
public String toString() {
return "DataSourceConfig[" +
" Url ='" + url + '\'' +
", DriverClassName ='" + driverClassName + '\'' +
", UserName ='" + user + '\'' +
", Password ='" + password + '\'' +
"]";
}
@XmlElement(name = "Url", nillable = false)
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
@XmlElement(name = "DriverClassName", nillable = false)
public String getDriverClassName() {
return driverClassName;
}
public void setDriverClassName(String driverClassName) {
this.driverClassName = driverClassName;
}
@XmlElement(name = "User", nillable = false)
public String getUser() {
return user;
}
public void setUser(String user) {
this.user = user;
}
@XmlElement(name = "Password", nillable = false)
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

@ -0,0 +1,43 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.impl;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.wso2.carbon.certificate.mgt.core.cache.CertificateCacheManager;
import org.wso2.carbon.certificate.mgt.core.common.BaseDeviceManagementCertificateTest;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
/**
* This class tests CertificateCache manager methods
*/
public class CertificateCacheManagerImplTests extends BaseDeviceManagementCertificateTest {
private CertificateCacheManager manager;
@BeforeClass
@Override
public void init() throws Exception {
initDataSource();
CertificateManagementDAOFactory.init(this.getDataSource());
manager = org.wso2.carbon.certificate.mgt.core.cache.impl.CertificateCacheManagerImpl.getInstance();
Assert.assertNotNull(manager);
}
}

@ -0,0 +1,244 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.impl;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.cert.CertIOException;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.testng.PowerMockTestCase;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.CSRGenerator;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import javax.sql.DataSource;
import java.io.File;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.NoSuchProviderException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.InvalidKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.sql.SQLException;
/**
* This class has the negative tests for CertificateGenerator class
*/
@PowerMockIgnore({"java.net.ssl", "javax.security.auth.x500.X500Principal"})
@PrepareForTest({CertificateGenerator.class})
public class CertificateGeneratorNegativeTests extends PowerMockTestCase {
@Test(description = "This test case tests behaviour when a certificate IO error occurs",
expectedExceptions = KeystoreException.class)
public void negativeTestGenerateCertificateFromCSR() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//Prepare mock objects
X509v3CertificateBuilder mock = Mockito.mock(X509v3CertificateBuilder.class);
Mockito.when(mock.addExtension(Matchers.any(ASN1ObjectIdentifier.class), Matchers.anyBoolean(),
Matchers.any(ASN1Encodable.class))).thenThrow(new CertIOException("CERTIO"));
PowerMockito.whenNew(X509v3CertificateBuilder.class).withAnyArguments().thenReturn(mock);
//prepare input parameters
CSRGenerator csrGeneration = new CSRGenerator();
KeyStoreReader keyStoreReader = new KeyStoreReader();
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
PKCS10CertificationRequest certificationRequest;
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
certificationRequest = new PKCS10CertificationRequest(csrData);
generator.generateCertificateFromCSR(privateKeyCA, certificationRequest, certCA.getIssuerX500Principal().getName());
}
@Test(description = "This test case tests behaviour when Certificate Operator creation error occurs",
expectedExceptions = KeystoreException.class)
public void negativeTestGenerateCertificateFromCSR2() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//Prepare mock objects
JcaContentSignerBuilder mock = Mockito.mock(JcaContentSignerBuilder.class);
Mockito.when(mock.setProvider(Matchers.eq(CertificateManagementConstants.PROVIDER))).thenReturn(mock);
Mockito.when(mock.build(Matchers.any(PrivateKey.class))).thenThrow(new OperatorCreationException("OPERATOR"));
PowerMockito.whenNew(JcaContentSignerBuilder.class).withAnyArguments().thenReturn(mock);
//prepare input parameters
CSRGenerator csrGeneration = new CSRGenerator();
KeyStoreReader keyStoreReader = new KeyStoreReader();
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
PKCS10CertificationRequest certificationRequest;
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
certificationRequest = new PKCS10CertificationRequest(csrData);
generator.generateCertificateFromCSR(privateKeyCA, certificationRequest, certCA.getIssuerX500Principal().getName());
}
@Test(description = "This test case tests the behaviour when certificate exception occurs when verifying"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateCertificateFromCSR3() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//Prepare mock objects
JcaX509CertificateConverter mock = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(mock.setProvider(Matchers.eq(CertificateManagementConstants.PROVIDER))).thenReturn(mock);
Mockito.when(mock.getCertificate(Matchers.any(X509CertificateHolder.class))).thenThrow(new CertificateException());
PowerMockito.whenNew(JcaX509CertificateConverter.class).withAnyArguments().thenReturn(mock);
//prepare input parameters
CSRGenerator csrGeneration = new CSRGenerator();
KeyStoreReader keyStoreReader = new KeyStoreReader();
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
PKCS10CertificationRequest certificationRequest;
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
certificationRequest = new PKCS10CertificationRequest(csrData);
generator.generateCertificateFromCSR(privateKeyCA, certificationRequest, certCA.getIssuerX500Principal().getName());
}
@Test(description = "This test case tests behaviour when the Certificate provider does not exist"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateX509Certificate1() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//prepare mock objects
X509Certificate mock = Mockito.mock(X509Certificate.class);
PowerMockito.doThrow(new NoSuchProviderException()).when(mock).verify(Matchers.any());
JcaX509CertificateConverter conv = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(conv.setProvider(Mockito.anyString())).thenReturn(conv);
Mockito.when(conv.getCertificate(Mockito.any())).thenReturn(mock);
PowerMockito.whenNew(JcaX509CertificateConverter.class).withNoArguments().thenReturn(conv);
generator.generateX509Certificate();
}
@Test(description = "This test case tests behaviour when the Certificate Algorithm does not exist"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateX509Certificate2() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//prepare mock objects
X509Certificate mock = Mockito.mock(X509Certificate.class);
PowerMockito.doThrow(new NoSuchAlgorithmException()).when(mock).verify(Matchers.any());
JcaX509CertificateConverter conv = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(conv.setProvider(Mockito.anyString())).thenReturn(conv);
Mockito.when(conv.getCertificate(Mockito.any())).thenReturn(mock);
PowerMockito.whenNew(JcaX509CertificateConverter.class).withNoArguments().thenReturn(conv);
generator.generateX509Certificate();
}
@Test(description = "This test case tests behaviour when the Signature validation fails"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateX509Certificate3() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//prepare mock objects
X509Certificate mock = Mockito.mock(X509Certificate.class);
PowerMockito.doThrow(new SignatureException()).when(mock).verify(Matchers.any());
JcaX509CertificateConverter conv = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(conv.setProvider(Mockito.anyString())).thenReturn(conv);
Mockito.when(conv.getCertificate(Mockito.any())).thenReturn(mock);
PowerMockito.whenNew(JcaX509CertificateConverter.class).withNoArguments().thenReturn(conv);
generator.generateX509Certificate();
}
@Test(description = "This test case tests behaviour when the Certificate exception occurs"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateX509Certificate4() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//prepare mock objects
X509Certificate mock = Mockito.mock(X509Certificate.class);
PowerMockito.doThrow(new CertificateException()).when(mock).verify(Matchers.any());
JcaX509CertificateConverter conv = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(conv.setProvider(Mockito.anyString())).thenReturn(conv);
Mockito.when(conv.getCertificate(Mockito.any())).thenReturn(mock);
PowerMockito.whenNew(JcaX509CertificateConverter.class).withNoArguments().thenReturn(conv);
generator.generateX509Certificate();
}
@Test(description = "This test case tests behaviour when the Certificate key is invalid"
, expectedExceptions = KeystoreException.class)
public void negativeTestGenerateX509Certificate5() throws Exception {
CertificateGenerator generator = new CertificateGenerator();
//prepare mock objects
X509Certificate mock = Mockito.mock(X509Certificate.class);
PowerMockito.doThrow(new InvalidKeyException()).when(mock).verify(Matchers.any());
JcaX509CertificateConverter conv = Mockito.mock(JcaX509CertificateConverter.class);
Mockito.when(conv.setProvider(Mockito.anyString())).thenReturn(conv);
Mockito.when(conv.getCertificate(Mockito.any())).thenReturn(mock);
PowerMockito.whenNew(JcaX509CertificateConverter.class).withNoArguments().thenReturn(conv);
generator.generateX509Certificate();
}
@Test(description = "This test case tests behavior when the CA certificate is null"
, expectedExceptions = KeystoreException.class)
public void negativeTestGetRootCertificates1() throws KeystoreException {
CertificateGenerator generator = new CertificateGenerator();
generator.getRootCertificates(null, new byte[10]);
}
@Test(description = "This test case tests behavior when the CA certificate is null",
expectedExceptions = KeystoreException.class)
public void negativeTestGetRootCertificates2() throws KeystoreException {
CertificateGenerator generator = new CertificateGenerator();
generator.getRootCertificates(new byte[10], null);
}
@BeforeClass
public void init() throws SQLException {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants
.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
DataSource normalDatasource = Mockito.mock(DataSource.class, Mockito.RETURNS_DEEP_STUBS);
DataSource daoExceptionDatasource = Mockito.mock(DataSource.class, Mockito.RETURNS_DEEP_STUBS);
Mockito.when(normalDatasource.getConnection().getMetaData().getDatabaseProductName()).thenReturn("H2");
CertificateManagementDAOFactory.init(normalDatasource);
Mockito.when(daoExceptionDatasource.getConnection().getMetaData().getDatabaseProductName()).thenReturn("H2");
Mockito.when(daoExceptionDatasource.getConnection().prepareStatement(Mockito.anyString())).thenThrow(new SQLException());
}
}

@ -0,0 +1,177 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.impl;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.mockito.Mockito;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.testng.PowerMockTestCase;
import org.testng.IObjectFactory;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.ObjectFactory;
import org.testng.annotations.Test;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import javax.sql.DataSource;
import java.io.File;
import java.sql.SQLException;
/**
* This class covers the negative tests for CertificateManagementServiceImpl class
*/
@PowerMockIgnore({"java.net.ssl", "javax.security.auth.x500.X500Principal"})
@PrepareForTest({CertificateManagementServiceImpl.class, JcaX509CertificateConverter.class, CertificateGenerator.class,
CertificateManagementDAOFactory.class})
public class CertificateManagementServiceImplNegativeTests extends PowerMockTestCase {
private CertificateManagementServiceImpl instance;
private DataSource daoExceptionDatasource;
private static final String MOCK_SERIAL = "1234";
private static final String MOCK_DATASOURCE = "H2";
@BeforeClass
public void init() throws SQLException {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
file = new File("../../../resources/carbon-home");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants
.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
DataSource normalDatasource = Mockito.mock(DataSource.class, Mockito.RETURNS_DEEP_STUBS);
Mockito.when(normalDatasource.getConnection().getMetaData().getDatabaseProductName()).thenReturn(MOCK_DATASOURCE);
CertificateManagementDAOFactory.init(normalDatasource);
//configure datasource to throw dao exception
daoExceptionDatasource = Mockito.mock(DataSource.class, Mockito.RETURNS_DEEP_STUBS);
Mockito.when(daoExceptionDatasource.getConnection().getMetaData().getDatabaseProductName()).thenReturn(MOCK_DATASOURCE);
Mockito.when(daoExceptionDatasource.getConnection().prepareStatement(Mockito.anyString())).thenThrow(new SQLException());
//save as class variable
instance = CertificateManagementServiceImpl.getInstance();
}
@Test(description = "This test case tests behaviour when an error occurs when opening the data source"
, expectedExceptions = CertificateManagementException.class)
public void negativeTestRetrieveCertificate2() throws Exception {
PowerMockito.mockStatic(CertificateManagementDAOFactory.class);
PowerMockito.doThrow(new SQLException()).when(CertificateManagementDAOFactory.class, "openConnection");
instance.retrieveCertificate(MOCK_SERIAL);
}
@Test(description = "This test case tests behaviour when an error occurs when looking for a certificate with " +
"a serial number", expectedExceptions = CertificateManagementException.class)
public void negativeTestRetrieveCertificate() throws Exception {
CertificateManagementDAOFactory.init(daoExceptionDatasource);
CertificateManagementServiceImpl instance1 = CertificateManagementServiceImpl.getInstance();
instance1.retrieveCertificate(MOCK_SERIAL);
}
@Test(description = "This test case tests behaviour when an error occurs when opening the data source",
expectedExceptions = CertificateManagementException.class)
public void negativeTestGetAllCertificates() throws Exception {
PowerMockito.mockStatic(CertificateManagementDAOFactory.class);
PowerMockito.doThrow(new SQLException()).when(CertificateManagementDAOFactory.class, "openConnection");
instance.getAllCertificates(1, 2);
}
@Test(description = "This test case tests behaviour when an error occurs getting the list of certificates from repository"
, expectedExceptions = CertificateManagementException.class)
public void negativeTestGetAllCertificates2() throws Exception {
CertificateManagementDAOFactory.init(daoExceptionDatasource);
CertificateManagementServiceImpl instance1 = CertificateManagementServiceImpl.getInstance();
instance1.getAllCertificates(1, 2);
}
@Test(description = "This test case tests behaviour when data source transaction error occurs when removing the certificate"
, expectedExceptions = CertificateManagementException.class)
public void negativeTestRemoveCertificate() throws Exception {
PowerMockito.mockStatic(CertificateManagementDAOFactory.class);
PowerMockito.doThrow(new TransactionManagementException()).when(CertificateManagementDAOFactory.class, "beginTransaction");
instance.removeCertificate(MOCK_SERIAL);
}
@Test(description = "This test case tests behaviour when an error occurs while removing the certificate from the certificate " +
"repository", expectedExceptions = CertificateManagementException.class)
public void negativeTestRemoveCertificate2() throws Exception {
CertificateManagementDAOFactory.init(daoExceptionDatasource);
CertificateManagementServiceImpl instance1 = CertificateManagementServiceImpl.getInstance();
instance1.removeCertificate(MOCK_SERIAL);
}
@Test(description = "This test case tests behaviour when an error occurs when opening the data source",
expectedExceptions = CertificateManagementException.class)
public void negativeTestGetCertificates() throws Exception {
PowerMockito.mockStatic(CertificateManagementDAOFactory.class);
PowerMockito.doThrow(new SQLException()).when(CertificateManagementDAOFactory.class, "openConnection");
instance.getCertificates();
}
@Test(description = "This test case tests behaviour when an error occurs while looking up for the list of certificates"
, expectedExceptions = CertificateManagementException.class)
public void negativeTestGetCertificates2() throws CertificateManagementException {
CertificateManagementDAOFactory.init(daoExceptionDatasource);
CertificateManagementServiceImpl instance1 = CertificateManagementServiceImpl.getInstance();
instance1.getCertificates();
}
@Test(description = "This test case tests behaviour when an error occurs when opening the data source",
expectedExceptions = CertificateManagementException.class)
public void negativeTestSearchCertificates() throws Exception {
PowerMockito.mockStatic(CertificateManagementDAOFactory.class);
PowerMockito.doThrow(new SQLException()).when(CertificateManagementDAOFactory.class, "openConnection");
instance.searchCertificates(MOCK_SERIAL);
}
@Test(description = "This test case tests behaviour when an error occurs while searching for the certificate by the serial"
, expectedExceptions = CertificateManagementException.class)
public void negativeTestSearchCertificates2() throws CertificateManagementException {
CertificateManagementDAOFactory.init(daoExceptionDatasource);
CertificateManagementServiceImpl instance1 = CertificateManagementServiceImpl.getInstance();
instance1.searchCertificates(MOCK_SERIAL);
}
//Powermockito requirement
@ObjectFactory
public IObjectFactory getObjectFactory() {
return new org.powermock.modules.testng.PowerMockObjectFactory();
}
}

@ -0,0 +1,334 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.io.FileUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSAbsentContent;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.certificate.mgt.core.common.BaseDeviceManagementCertificateTest;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.certificate.mgt.core.util.CSRGenerator;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.DummyCertificate;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
import sun.misc.BASE64Encoder;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.*;
import java.util.ArrayList;
import java.util.List;
/**
* Test cases for for CertificateManagementServiceImpl class methods.
*
*/
public class CertificateManagementServiceImplTests extends BaseDeviceManagementCertificateTest {
private static Log log = LogFactory.getLog(CertificateManagementServiceImplTests.class);
private static final String CA_CERT_PEM = "src/test/resources/ca_cert.pem";
private static final String RA_CERT_PEM = "src/test/resources/ra_cert.pem";
private CertificateManagementServiceImpl managementService;
@BeforeClass
public void init() throws Exception {
initDataSource();
CertificateManagementDAOFactory.init(this.getDataSource());
//set Bouncycastle as a provider for testing
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
//save certificatemanagementservice instance as class variable
managementService = CertificateManagementServiceImpl.getInstance();
Assert.assertNotNull(managementService);
log.info("getInstance Test Successful");
}
@Test(description = "This test case tests retrieval of CA Certificate from the keystore")
public void testGetCACertificate() throws KeystoreException {
CertificateManagementServiceImpl instance = CertificateManagementServiceImpl.getInstance();
Certificate caCertificate = instance.getCACertificate();
Assert.assertNotNull(caCertificate);
Assert.assertEquals(caCertificate.getType(), CertificateManagementConstants.X_509);
log.info("GetCACertificate Test Successful");
}
@Test(description = "This test case tests retrieval of RA Certificate from the keystore")
public void testGetRACertificate() throws KeystoreException {
Certificate raCertificate = managementService.getRACertificate();
Assert.assertNotNull(raCertificate);
Assert.assertEquals(raCertificate.getType(), CertificateManagementConstants.X_509);
log.info("GetRACertificate Test Successful");
}
@Test(description = "This test case test generation of root certificates")
public void testGetRootCertificate() throws IOException, KeystoreException {
File caCert = new File(CA_CERT_PEM);
File raCert = new File(RA_CERT_PEM);
//read file to byte arrays
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
byte[] raBytes = FileUtils.readFileToByteArray(raCert);
List<X509Certificate> rootCertificates = managementService.getRootCertificates(caBytes, raBytes);
Assert.assertNotNull(rootCertificates);
Assert.assertEquals(rootCertificates.get(0).getType(), CertificateManagementConstants.X_509);
Assert.assertEquals(rootCertificates.get(1).getType(), CertificateManagementConstants.X_509);
log.info("GetRootCertificate Test Successful");
}
@Test(description = "This test case tests generation of X509Certificate")
public void testGenerateX509Certificate() throws KeystoreException {
X509Certificate x509Certificate = managementService.generateX509Certificate();
Assert.assertNotNull(x509Certificate);
Assert.assertEquals(x509Certificate.getType(), CertificateManagementConstants.X_509);
log.info("GenerateX509Certificate Test Successful");
}
@Test(description = "This test case tests retrieving SCEP CA Certificate")
public void testGetCACertSCEP() throws KeystoreException {
SCEPResponse caCertSCEP = managementService.getCACertSCEP();
Assert.assertNotNull(caCertSCEP);
Assert.assertEquals(caCertSCEP.getResultCriteria(), CAStatus.CA_RA_CERT_RECEIVED);
log.info("GetCACertSCEP Test Successful");
}
@Test
public void testGetCACapsSCEP() {
byte[] caCapsSCEP = managementService.getCACapsSCEP();
Assert.assertNotNull(caCapsSCEP);
Assert.assertEquals(caCapsSCEP, CertificateManagementConstants.POST_BODY_CA_CAPS.getBytes());
log.info("GetCACapsSCEP Test Successful");
}
@Test(description = "This test case tests generation of a X509Certificate from a CSR")
public void testGenerateCertificateFromCSR() throws KeystoreException, IOException {
CSRGenerator csrGeneration = new CSRGenerator();
KeyStoreReader keyStoreReader = new KeyStoreReader();
// Generate key pair
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
PKCS10CertificationRequest certificationRequest;
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
certificationRequest = new PKCS10CertificationRequest(csrData);
X509Certificate x509Certificate = managementService.generateCertificateFromCSR(privateKeyCA,
certificationRequest, certCA.getIssuerX500Principal().getName());
Assert.assertNotNull(x509Certificate);
Assert.assertEquals(x509Certificate.getType(), CertificateManagementConstants.X_509);
log.info("GenerateCertificateFromCSR Test Successful");
}
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Serial Number")
public void testGetCertificateBySerial() throws KeystoreException, DeviceManagementException {
X509Certificate x509Certificate = null;
//generate and save a certificate
x509Certificate = managementService.generateX509Certificate();
//initialize DeviceConfigurationManager
DeviceConfigurationManager.getInstance().initConfig();
CertificateResponse certificateBySerial = managementService.getCertificateBySerial(x509Certificate.getSerialNumber().toString());
Assert.assertNotNull(certificateBySerial);
Assert.assertEquals(certificateBySerial.getSerialNumber(), x509Certificate.getSerialNumber().toString());
log.info("GetCertificateBySerial Test Successful");
}
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Alias")
public void testGetCertificateByAlias() throws KeystoreException, DeviceManagementException {
X509Certificate x509Certificate = null;
//generate and save a certificate
x509Certificate = managementService.generateX509Certificate();
//initialize DeviceConfigurationManager
DeviceConfigurationManager.getInstance().initConfig();
Certificate certificateByAlias = managementService.getCertificateByAlias(x509Certificate.getSerialNumber().toString());
Assert.assertNotNull(certificateByAlias);
Assert.assertEquals(certificateByAlias.getType(), CertificateManagementConstants.X_509);
log.info("GetCertificateByAlias Test Successful");
}
@Test(description = "This test case tests Signature verification of a Certificate against the keystore")
public void testVerifySignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
BASE64Encoder encoder = new BASE64Encoder();
//generate and save a certificate in the keystore
X509Certificate x509Certificate = managementService.generateX509Certificate();
//Generate CMSdata
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
List<X509Certificate> list = new ArrayList<>();
list.add(x509Certificate);
JcaCertStore store = new JcaCertStore(list);
generator.addCertificates(store);
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
byte[] signature = degenerateSd.getEncoded();
boolean verifySignature = managementService.verifySignature(encoder.encode(signature));
Assert.assertNotNull(verifySignature);
Assert.assertTrue(verifySignature);
log.info("VerifySignature Test Successful");
}
@Test(description = "This test case tests DN verification of a Certificate against the keystore")
public void testVerifySubjectDN() throws DeviceManagementException, KeystoreException {
DeviceConfigurationManager.getInstance().initConfig();
X509Certificate x509Certificate = managementService.generateX509Certificate();
log.info(x509Certificate.getIssuerX500Principal().getName());
managementService.verifySubjectDN(x509Certificate.getIssuerDN().getName());
}
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Serial")
public void testRetrieveCertificate() throws KeystoreException, CertificateManagementException {
X509Certificate x509Certificate = managementService.generateX509Certificate();
CertificateResponse certificateResponse = managementService.retrieveCertificate(x509Certificate.getSerialNumber().toString());
Assert.assertNotNull(certificateResponse);
Assert.assertEquals(x509Certificate.getSerialNumber(), certificateResponse.getCertificateserial());
}
@Test(description = "This test case tests the retrieval of Certificates from keystore in desired pagination")
public void testGetAllCertificatesPaginated() throws CertificateManagementException, KeystoreException {
managementService.generateX509Certificate();
managementService.generateX509Certificate();
PaginationResult allCertificates = managementService.getAllCertificates(0, 2);
Assert.assertEquals(allCertificates.getData().size(), 2);
log.info("GetAllCertificatesPaginated Test Successful");
}
@Test(description = "This test casae tests retrieval of all Certificates from keystore")
public void testGetCertificates() throws CertificateManagementException, KeystoreException {
List<CertificateResponse> certificatesBefore = managementService.getCertificates();
managementService.generateX509Certificate();
managementService.generateX509Certificate();
List<CertificateResponse> certificatesAfter = managementService.getCertificates();
Assert.assertNotNull(certificatesBefore);
Assert.assertNotNull(certificatesAfter);
Assert.assertEquals((certificatesBefore.size() + 2), certificatesAfter.size());
log.info("GetCertificates Test Successful");
}
@Test(description = "This test case tests deleting Certificate from the keystore")
public void testRemoveCertificate() throws CertificateManagementException, KeystoreException {
X509Certificate x509Certificate = managementService.generateX509Certificate();
List<CertificateResponse> certificates = managementService.getCertificates();
int size = certificates.size();
boolean removed = managementService.removeCertificate(x509Certificate.getSerialNumber().toString());
certificates = managementService.getCertificates();
int sizeAfter = certificates.size();
Assert.assertNotNull(removed);
Assert.assertTrue(removed);
Assert.assertEquals((size - 1), sizeAfter);
log.info("RemoveCertificate Test Successful");
}
@Test(description = "This test case tests searching for a list of certificates by the serial number")
public void testSearchCertificates() throws CertificateManagementException, KeystoreException {
X509Certificate x509Certificate = managementService.generateX509Certificate();
List<CertificateResponse> certificateResponses = managementService.searchCertificates(x509Certificate.getSerialNumber().toString());
Assert.assertNotNull(certificateResponses);
Assert.assertEquals(1, certificateResponses.size());
Assert.assertEquals(certificateResponses.get(0).getSerialNumber(), x509Certificate.getSerialNumber().toString());
log.info("SearchCertificates Test Successful");
}
@Test(description = "This test case tests generation of signed Certificate from a CSR")
public void testGetSignedCertificateFromCSR() throws KeystoreException {
CSRGenerator csrGeneration = new CSRGenerator();
BASE64Encoder encoder = new BASE64Encoder();
// Generate key pair
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
X509Certificate signedCertificateFromCSR = managementService.getSignedCertificateFromCSR(encoder.encode(csrData));
Assert.assertNotNull(signedCertificateFromCSR);
Assert.assertEquals(signedCertificateFromCSR.getType(), CertificateManagementConstants.X_509);
log.info("GetSignedCertificateFromCSR Test Successful");
}
@Test(description = "This test case tests the extraction of Challenge token from a Certificate")
public void testExtractChallengeToken() throws KeystoreException {
X509Certificate x509Certificate1 = new DummyCertificate();
String token = managementService.extractChallengeToken(x509Certificate1);
Assert.assertNotNull(token);
Assert.assertEquals(token, DummyCertificate.EXT);
log.info("extractChallengeToken Test Successful");
}
@Test(description = "This test case tests saving a list of Certificates in the keystore")
public void testSaveCertificate() throws CertificateManagementException, IOException, CertificateException, KeystoreException {
File caCert = new File(CA_CERT_PEM);
int before = managementService.getCertificates().size();
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(caBytes));
List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificates = new ArrayList<>();
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore =
new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
certificateToStore.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
certificateToStore.setCertificate(cert);
certificates.add(certificateToStore);
managementService.saveCertificate(certificates);
int after = managementService.getCertificates().size();
Assert.assertEquals((before + 1), after);
log.info("SaveCertificate Test Successful");
}
@Test(description = "This test case tests converting a pem file to X509 Certificate")
public void testPemToX509Certificate() throws IOException, KeystoreException {
File caCert = new File(CA_CERT_PEM);
BASE64Encoder encoder = new BASE64Encoder();
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
X509Certificate certificate = managementService.pemToX509Certificate(encoder.encode(caBytes));
Assert.assertNotNull(certificate);
Assert.assertEquals(certificate.getType(), CertificateManagementConstants.X_509);
log.info("PemToX509Certificate Test Successful");
}
@Test(description = "This test case tests extracting Certificate from the header Signature")
public void testExtractCertificateFromSignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
BASE64Encoder encoder = new BASE64Encoder();
//generate and save a certificate in the keystore
X509Certificate x509Certificate = managementService.generateX509Certificate();
//Generate CMSdata
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
List<X509Certificate> list = new ArrayList<>();
list.add(x509Certificate);
JcaCertStore store = new JcaCertStore(list);
generator.addCertificates(store);
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
byte[] signature = degenerateSd.getEncoded();
X509Certificate certificate = managementService.extractCertificateFromSignature(encoder.encode(signature));
Assert.assertNotNull(certificate);
Assert.assertEquals(certificate.getType(), CertificateManagementConstants.X_509);
log.info("ExtractCertificateFromSignature Test Successful");
}
}

@ -0,0 +1,49 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.impl;
import org.testng.Assert;
import org.testng.annotations.Test;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.util.DummyCertificate;
/**
* This class tests the DTO for certificates
*/
public class CertificateTests {
private static String SERIAL = "1234";
private static String TENANT_DOMAIN = "tenant_domain";
private static int TENANT_ID = 1234;
@Test(description = "This test case tests the Certificate object getters and setters")
public void certificateCreationTest() {
Certificate certificate = new Certificate();
certificate.setSerial(SERIAL);
certificate.setCertificate(new DummyCertificate());
certificate.setTenantDomain(TENANT_DOMAIN);
certificate.setTenantId(TENANT_ID);
Assert.assertEquals(certificate.getCertificate(), new DummyCertificate());
Assert.assertEquals(certificate.getSerial(), SERIAL);
Assert.assertEquals(certificate.getTenantDomain(), TENANT_DOMAIN);
Assert.assertEquals(certificate.getTenantId(), TENANT_ID);
}
}

@ -0,0 +1,87 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import javax.security.auth.x500.X500Principal;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
/**
* Test class for generating a mock CSR request.
*/
public class CSRGenerator {
private static Log log = LogFactory.getLog(CSRGenerator.class);
/**
* Generate the desired CSR for signing
*
* @param sigAlg
* @param keyPair
* @return
*/
public byte[] generateCSR(String sigAlg, KeyPair keyPair) {
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
PrintStream printStream = new PrintStream(outStream);
try {
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
new X500Principal("CN=Requested Test Certificate"), keyPair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(keyPair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);
return csr.getEncoded();
} catch (OperatorCreationException ex) {
log.error("Error while Key generation operation", ex);
} catch (IOException ex) {
log.error("Error while generating CSR,ex");
}
return new byte[0];
}
/**
* Generate the desired keypair
*
* @param alg
* @param keySize
* @return
*/
public KeyPair generateKeyPair(String alg, int keySize) {
try {
KeyPairGenerator keyPairGenerator = null;
keyPairGenerator = KeyPairGenerator.getInstance(alg);
keyPairGenerator.initialize(keySize);
return keyPairGenerator.generateKeyPair();
} catch (NoSuchAlgorithmException e) {
log.error("The provided algorithm is not found ",e);
}
return null;
}
}

@ -0,0 +1,180 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import java.math.BigInteger;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.NoSuchProviderException;
import java.security.cert.X509Certificate;
import java.security.InvalidKeyException;
import java.util.Date;
import java.util.Set;
/**
* A Mock Certificate class with an extension provided.(Used only to test the extension)
*/
public class DummyCertificate extends X509Certificate {
public static final String EXT = "Dummy extension";
public static final String DN = "O=WSO2,OU=Mobile,C=LK,CN=123456789";
@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
}
@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
}
@Override
public int getVersion() {
return 0;
}
@Override
public BigInteger getSerialNumber() {
return new BigInteger("123456789");
}
@Override
public Principal getIssuerDN() {
return null;
}
@Override
public Principal getSubjectDN() {
return new Principal() {
@Override
public String getName() {
return DN;
}
};
}
@Override
public Date getNotBefore() {
return null;
}
@Override
public Date getNotAfter() {
return null;
}
@Override
public byte[] getTBSCertificate() throws CertificateEncodingException {
return new byte[0];
}
@Override
public byte[] getSignature() {
return new byte[0];
}
@Override
public String getSigAlgName() {
return null;
}
@Override
public String getSigAlgOID() {
return null;
}
@Override
public byte[] getSigAlgParams() {
return new byte[0];
}
@Override
public boolean[] getIssuerUniqueID() {
return new boolean[0];
}
@Override
public boolean[] getSubjectUniqueID() {
return new boolean[0];
}
@Override
public boolean[] getKeyUsage() {
return new boolean[0];
}
@Override
public int getBasicConstraints() {
return 0;
}
@Override
public byte[] getEncoded() throws CertificateEncodingException {
return new byte[0];
}
@Override
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
}
@Override
public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
}
@Override
public String toString() {
return null;
}
@Override
public PublicKey getPublicKey() {
return null;
}
@Override
public boolean hasUnsupportedCriticalExtension() {
return false;
}
@Override
public Set<String> getCriticalExtensionOIDs() {
return null;
}
@Override
public Set<String> getNonCriticalExtensionOIDs() {
return null;
}
@Override
public byte[] getExtensionValue(String oid) {
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_challengePassword.toString())) {
return EXT.getBytes();
} else {
return new byte[0];
}
}
}

@ -0,0 +1,56 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class TestUtils {
private static final Log log = LogFactory.getLog(TestUtils.class);
public static void cleanupResources(Connection conn, Statement stmt, ResultSet rs) {
if (rs != null) {
try {
rs.close();
} catch (SQLException e) {
log.warn("Error occurred while closing result set", e);
}
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException e) {
log.warn("Error occurred while closing prepared statement", e);
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException e) {
log.warn("Error occurred while closing database connection", e);
}
}
}
}

@ -0,0 +1,655 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright 2005-2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!--
This is the main server configuration file
${carbon.home} represents the carbon.home system property.
Other system properties can be specified in a similar manner.
-->
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
<!--
Product Name
-->
<Name>${product.name}</Name>
<!--
machine readable unique key to identify each product
-->
<ServerKey>${product.key}</ServerKey>
<!--
Product Version
-->
<Version>${product.version}</Version>
<!--
Host name or IP address of the machine hosting this server
e.g. www.wso2.org, 192.168.1.10
This is will become part of the End Point Reference of the
services deployed on this server instance.
-->
<!--HostName>www.wso2.org</HostName-->
<!--
Host name to be used for the Carbon management console
-->
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
<!--
The URL of the back end server. This is where the admin services are hosted and
will be used by the clients in the front end server.
This is required only for the Front-end server. This is used when seperating BE server from FE server
-->
<ServerURL>local:/${carbon.context}/services/</ServerURL>
<!--
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
-->
<!--
The URL of the index page. This is where the user will be redirected after signing in to the
carbon server.
-->
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
<!--
For cApp deployment, we have to identify the roles that can be acted by the current server.
The following property is used for that purpose. Any number of roles can be defined here.
Regular expressions can be used in the role.
Ex : <Role>.*</Role> means this server can act any role
-->
<ServerRoles>
<Role>${default.server.role}</Role>
</ServerRoles>
<!-- uncommnet this line to subscribe to a bam instance automatically -->
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
<!--
The fully qualified name of the server
-->
<Package>org.wso2.carbon</Package>
<!--
Webapp context root of WSO2 Carbon management console.
-->
<WebContextRoot>/</WebContextRoot>
<!--
Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
URL of the Carbon server -> https://10.100.1.1:9443/carbon
URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
appserver - proxy context path. This specially required whenever you are generating URLs to displace in
Carbon UI components.
-->
<!--
<MgtProxyContextPath></MgtProxyContextPath>
<ProxyContextPath></ProxyContextPath>
-->
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
<!--RegistryHttpPort>9763</RegistryHttpPort-->
<!--
Number of items to be displayed on a management console page. This is used at the
backend server for pagination of various items.
-->
<ItemsPerPage>15</ItemsPerPage>
<!-- The endpoint URL of the cloud instance management Web service -->
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
<!--
Ports used by this server
-->
<Ports>
<!-- Ports offset. This entry will set the value of the ports defined below to
the define value + Offset.
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
-->
<Offset>0</Offset>
<!-- The JMX Ports -->
<JMX>
<!--The port RMI registry is exposed-->
<RMIRegistryPort>9999</RMIRegistryPort>
<!--The port RMI server should be exposed-->
<RMIServerPort>11111</RMIServerPort>
</JMX>
<!-- Embedded LDAP server specific ports -->
<EmbeddedLDAP>
<!-- Port which embedded LDAP server runs -->
<LDAPServerPort>10389</LDAPServerPort>
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
<KDCServerPort>8000</KDCServerPort>
</EmbeddedLDAP>
<!--
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
-->
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
<!--Override receive port of thrift based entitlement service.-->
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
</Ports>
<!--
JNDI Configuration
-->
<JNDI>
<!--
The fully qualified name of the default initial context factory
-->
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
<!--
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
-->
<Restrictions>
<!--
Contexts that will be available only to the super-tenant
-->
<!-- <SuperTenantOnly>
<UrlContexts>
<UrlContext>
<Scheme>foo</Scheme>
</UrlContext>
<UrlContext>
<Scheme>bar</Scheme>
</UrlContext>
</UrlContexts>
</SuperTenantOnly> -->
<!--
Contexts that are common to all tenants
-->
<AllTenants>
<UrlContexts>
<UrlContext>
<Scheme>java</Scheme>
</UrlContext>
<!-- <UrlContext>
<Scheme>foo</Scheme>
</UrlContext> -->
</UrlContexts>
</AllTenants>
<!--
All other contexts not mentioned above will be available on a per-tenant basis
(i.e. will not be shared among tenants)
-->
</Restrictions>
</JNDI>
<!--
Property to determine if the server is running an a cloud deployment environment.
This property should only be used to determine deployment specific details that are
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
-->
<IsCloudDeployment>false</IsCloudDeployment>
<!--
Property to determine whether usage data should be collected for metering purposes
-->
<EnableMetering>false</EnableMetering>
<!-- The Max time a thread should take for execution in seconds -->
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
<!--
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
because the Ghost Deployer works only with the HTTP/S transports. If you are using
other transports, don't enable Ghost Deployer.
-->
<GhostDeployment>
<Enabled>false</Enabled>
</GhostDeployment>
<!--
Eager loading or lazy loading is a design pattern commonly used in computer programming which
will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
load tenant when a request is received only. Similarly Eager loading is used to enable load
existing tenants after carbon server starts up. Using this feature, you will be able to include
or exclude tenants which are to be loaded when server startup.
We can enable only one LoadingPolicy at a given time.
1. Tenant Lazy Loading
This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
server startup, but loaded based on-demand (i.e when a request is received for a tenant).
The default tenant idle time is 30 minutes.
2. Tenant Eager Loading
This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
The eager loading configurations supported are as below. These configurations can be given as the
value for <Include> element with eager loading.
(i)Load all tenants when server startup - *
(ii)Load all tenants except foo.com & bar.com - *,!foo.com,!bar.com
(iii)Load only foo.com & bar.com to be included - foo.com,bar.com
-->
<Tenant>
<LoadingPolicy>
<LazyLoading>
<IdleTime>30</IdleTime>
</LazyLoading>
<!-- <EagerLoading>
<Include>*,!foo.com,!bar.com</Include>
</EagerLoading>-->
</LoadingPolicy>
</Tenant>
<!--
Caching related configurations
-->
<Cache>
<!-- Default cache timeout in minutes -->
<DefaultCacheTimeout>15</DefaultCacheTimeout>
</Cache>
<!--
Axis2 related configurations
-->
<Axis2Config>
<!--
Location of the Axis2 Services & Modules repository
This can be a directory in the local file system, or a URL.
e.g.
1. /home/wso2wsas/repository/ - An absolute path
2. repository - In this case, the path is relative to CARBON_HOME
3. file:///home/wso2wsas/repository/
4. http://wso2wsas/repository/
-->
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
<!--
Deployment update interval in seconds. This is the interval between repository listener
executions.
-->
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
<!--
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
This can be a file on the local file system, or a URL
e.g.
1. /home/repository/axis2.xml - An absolute path
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
3. file:///home/carbon/repository/axis2.xml
4. http://repository/conf/axis2.xml
-->
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
<!--
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
for multiple clients which are going to access the same ServiceGroupContext
Default Value is 30 Sec.
-->
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
<!--
This repository location is used to crete the client side configuration
context used by the server when calling admin services.
-->
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
<!-- This axis2 xml is used in createing the configuration context by the FE server
calling to BE server -->
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
<!--HttpAdminServices>*</HttpAdminServices-->
</Axis2Config>
<!--
The default user roles which will be created when the server
is started up for the first time.
-->
<ServiceUserRoles>
<Role>
<Name>admin</Name>
<Description>Default Administrator Role</Description>
</Role>
<Role>
<Name>user</Name>
<Description>Default User Role</Description>
</Role>
</ServiceUserRoles>
<!--
Enable following config to allow Emails as usernames.
-->
<!--EnableEmailUserName>true</EnableEmailUserName-->
<!--
Security configurations
-->
<Security>
<!--
KeyStore which will be used for encrypting/decrypting passwords
and other sensitive information.
-->
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>wso2carbon</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>
<!--
System wide trust-store which is used to maintain the certificates of all
the trusted parties.
-->
<TrustStore>
<!-- trust-store file location -->
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
<!-- trust-store type (JKS/PKCS12 etc.) -->
<Type>JKS</Type>
<!-- trust-store password -->
<Password>wso2carbon</Password>
</TrustStore>
<!--
The Authenticator configuration to be used at the JVM level. We extend the
java.net.Authenticator to make it possible to authenticate to given servers and
proxies.
-->
<NetworkAuthenticatorConfig>
<!--
Below is a sample configuration for a single authenticator. Please note that
all child elements are mandatory. Not having some child elements would lead to
exceptions at runtime.
-->
<!-- <Credential> -->
<!--
the pattern that would match a subset of URLs for which this authenticator
would be used
-->
<!-- <Pattern>regularExpression</Pattern> -->
<!--
the type of this authenticator. Allowed values are:
1. server
2. proxy
-->
<!-- <Type>proxy</Type> -->
<!-- the username used to log in to server/proxy -->
<!-- <Username>username</Username> -->
<!-- the password used to log in to server/proxy -->
<!-- <Password>password</Password> -->
<!-- </Credential> -->
</NetworkAuthenticatorConfig>
<!--
The Tomcat realm to be used for hosted Web applications. Allowed values are;
1. UserManager
2. Memory
If this is set to 'UserManager', the realm will pick users & roles from the system's
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
-->
<TomcatRealm>UserManager</TomcatRealm>
<!--Option to disable storing of tokens issued by STS-->
<DisableTokenStore>false</DisableTokenStore>
<!--
Security token store class name. If this is not set, default class will be
org.wso2.carbon.security.util.SecurityTokenStore
-->
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
</Security>
<!--
The temporary work directory
-->
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
<!--
House-keeping configuration
-->
<HouseKeeping>
<!--
true - Start House-keeping thread on server startup
false - Do not start House-keeping thread on server startup.
The user will run it manually as and when he wishes.
-->
<AutoStart>true</AutoStart>
<!--
The interval in *minutes*, between house-keeping runs
-->
<Interval>10</Interval>
<!--
The maximum time in *minutes*, temp files are allowed to live
in the system. Files/directories which were modified more than
"MaxTempFileLifetime" minutes ago will be removed by the
house-keeping task
-->
<MaxTempFileLifetime>30</MaxTempFileLifetime>
</HouseKeeping>
<!--
Configuration for handling different types of file upload & other file uploading related
config parameters.
To map all actions to a particular FileUploadExecutor, use
<Action>*</Action>
-->
<FileUploadConfig>
<!--
The total file upload size limit in MB
-->
<TotalFileSizeLimit>100</TotalFileSizeLimit>
<Mapping>
<Actions>
<Action>keystore</Action>
<Action>certificate</Action>
<Action>*</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>jarZip</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>dbs</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>tools</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>toolsAny</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
</Mapping>
</FileUploadConfig>
<!--
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
In order to plug in a processor to handle a special request, simply add an entry to this
section.
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
which needs special processing
The value of the Class element is a class which implements
org.wso2.carbon.transport.HttpGetRequestProcessor
-->
<HttpGetRequestProcessors>
<Processor>
<Item>info</Item>
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
</Processor>
<Processor>
<Item>wsdl</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
</Processor>
<Processor>
<Item>wsdl2</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
</Processor>
<Processor>
<Item>xsd</Item>
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
</Processor>
</HttpGetRequestProcessors>
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<DeploymentSynchronizer>
<Enabled>false</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
<RepositoryType>svn</RepositoryType>
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
<SvnUser>username</SvnUser>
<SvnPassword>password</SvnPassword>
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
</DeploymentSynchronizer>
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<!--<DeploymentSynchronizer>
<Enabled>true</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
</DeploymentSynchronizer>-->
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
<!--<MediationConfig>
<LoadFromRegistry>false</LoadFromRegistry>
<SaveToFile>false</SaveToFile>
<Persistence>enabled</Persistence>
<RegistryPersistence>enabled</RegistryPersistence>
</MediationConfig>-->
<!--
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
This code will be run when the Carbon server is initialized
-->
<ServerInitializers>
<!--<Initializer></Initializer>-->
</ServerInitializers>
<!--
Indicates whether the Carbon Servlet is required by the system, and whether it should be
registered
-->
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
<!--
Carbon H2 OSGI Configuration
By default non of the servers start.
name="web" - Start the web server with the H2 Console
name="webPort" - The port (default: 8082)
name="webAllowOthers" - Allow other computers to connect
name="webSSL" - Use encrypted (HTTPS) connections
name="tcp" - Start the TCP server
name="tcpPort" - The port (default: 9092)
name="tcpAllowOthers" - Allow other computers to connect
name="tcpSSL" - Use encrypted (SSL) connections
name="pg" - Start the PG server
name="pgPort" - The port (default: 5435)
name="pgAllowOthers" - Allow other computers to connect
name="trace" - Print additional trace information; for all servers
name="baseDir" - The base directory for H2 databases; for all servers
-->
<!--H2DatabaseConfiguration>
<property name="web" />
<property name="webPort">8082</property>
<property name="webAllowOthers" />
<property name="webSSL" />
<property name="tcp" />
<property name="tcpPort">9092</property>
<property name="tcpAllowOthers" />
<property name="tcpSSL" />
<property name="pg" />
<property name="pgPort">5435</property>
<property name="pgAllowOthers" />
<property name="trace" />
<property name="baseDir">${carbon.home}</property>
</H2DatabaseConfiguration-->
<!--Disabling statistics reporter by default-->
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
<!-- Enable accessing Admin Console via HTTP -->
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
<!--
Default Feature Repository of WSO2 Carbon.
-->
<FeatureRepository>
<RepositoryName>default repository</RepositoryName>
<RepositoryURL>${p2.repo.url}</RepositoryURL>
</FeatureRepository>
<!--
Configure API Management
-->
<APIManagement>
<!--Uses the embedded API Manager by default. If you want to use an external
API Manager instance to manage APIs, configure below externalAPIManager-->
<Enabled>true</Enabled>
<!--Uncomment and configure API Gateway and
Publisher URLs to use external API Manager instance-->
<!--ExternalAPIManager>
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
</ExternalAPIManager-->
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
</APIManagement>
</Server>

@ -0,0 +1,62 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<DeviceMgtConfiguration>
<ManagementRepository>
<DataSourceConfiguration>
<JndiLookupDefinition>
<Name>jdbc/DM_DS</Name>
</JndiLookupDefinition>
</DataSourceConfiguration>
</ManagementRepository>
<EmailClientConfiguration>
<minimumThread>8</minimumThread>
<maximumThread>100</maximumThread>
<keepAliveTime>20</keepAliveTime>
<ThreadQueueCapacity>1000</ThreadQueueCapacity>
</EmailClientConfiguration>
<IdentityConfiguration>
<ServerUrl>https://localhost:9443</ServerUrl>
<AdminUsername>admin</AdminUsername>
<AdminPassword>admin</AdminPassword>
</IdentityConfiguration>
<PolicyConfiguration>
<monitoringClass>org.wso2.carbon.policy.mgt</monitoringClass>
<monitoringEnable>true</monitoringEnable>
<monitoringFrequency>60000</monitoringFrequency>
<maxRetries>5</maxRetries>
<minRetriesToMarkUnreachable>8</minRetriesToMarkUnreachable>
<minRetriesToMarkInactive>20</minRetriesToMarkInactive>
<!--<PolicyEvaluationPoint>Simple</PolicyEvaluationPoint>-->
<PolicyEvaluationPoint>Simple</PolicyEvaluationPoint>
</PolicyConfiguration>
<!--This specifies whether to enable the DeviceStatus Task in this node.-->
<DeviceStatusTaskConfig>
<Enable>true</Enable>
</DeviceStatusTaskConfig>
<CertificateCacheConfiguration>
<Enable>true</Enable>
<ExpiryTime>86400</ExpiryTime>
</CertificateCacheConfiguration>
<DeviceCacheConfiguration>
<Enable>true</Enable>
<ExpiryTime>300</ExpiryTime>
</DeviceCacheConfiguration>
</DeviceMgtConfiguration>

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<CertificateConfigurations>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/conf/security/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
<!-- Certificate authority certificate alias -->
<CACertAlias>cacert</CACertAlias>
<!-- Certificate authority private key password -->
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
<!-- Registration authority certificate alias -->
<RACertAlias>racert</RACertAlias>
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
</CertificateConfigurations>

@ -0,0 +1,85 @@
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<datasources-configuration xmlns:svns="http://org.wso2.securevault/configuration">
<providers>
<provider>org.wso2.carbon.ndatasource.rdbms.RDBMSDataSourceReader</provider>
</providers>
<datasources>
<datasource>
<name>WSO2_CARBON_DB</name>
<description>The datasource used for registry and user manager</description>
<jndiConfig>
<name>jdbc/WSO2CarbonDB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000</url>
<username>wso2carbon</username>
<password>wso2carbon</password>
<driverClassName>org.h2.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
<defaultAutoCommit>false</defaultAutoCommit>
</configuration>
</definition>
</datasource>
<!-- For an explanation of the properties, see: http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html -->
<!--datasource>
<name>SAMPLE_DATA_SOURCE</name>
<jndiConfig>
<name></name>
<environment>
<property name="java.naming.factory.initial"></property>
<property name="java.naming.provider.url"></property>
</environment>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<defaultAutoCommit></defaultAutoCommit>
<defaultReadOnly></defaultReadOnly>
<defaultTransactionIsolation>NONE|READ_COMMITTED|READ_UNCOMMITTED|REPEATABLE_READ|SERIALIZABLE</defaultTransactionIsolation>
<defaultCatalog></defaultCatalog>
<username></username>
<password svns:secretAlias="WSO2.DB.Password"></password>
<maxActive></maxActive>
<maxIdle></maxIdle>
<initialSize></initialSize>
<maxWait></maxWait>
<dataSourceClassName>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</dataSourceClassName>
<dataSourceProps>
<property name="url">jdbc:mysql://localhost:3306/Test1</property>
<property name="user">root</property>
<property name="password">123</property>
</dataSourceProps>
</configuration>
</definition>
</datasource-->
</datasources>
</datasources-configuration>

@ -0,0 +1,165 @@
#
# Copyright 2017 WSO2, Inc. (http://wso2.com)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# This is the log4j configuration file used by WSO2 Carbon
#
# IMPORTANT : Please do not remove or change the names of any
# of the Appenders defined here. The layout pattern & log file
# can be changed using the WSO2 Carbon Management Console, and those
# settings will override the settings in this file.
#
log4j.rootLogger=INFO, CARBON_CONSOLE, CARBON_LOGFILE, CARBON_MEMORY, CARBON_SYS_LOG
log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
log4j.logger.org.apache.axis2.wsdl.codegen.writer.PrettyPrinter=ERROR, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.axis2.clustering=INFO, CARBON_CONSOLE, CARBON_LOGFILE
log4j.logger.org.apache=INFO, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.catalina=WARN
log4j.logger.org.apache.tomcat=WARN
log4j.logger.org.wso2.carbon.apacheds=WARN
log4j.logger.org.apache.directory.server.ldap=ERROR
log4j.logger.org.apache.directory.server.core.event=WARN
log4j.logger.com.atomikos=INFO,ATOMIKOS
log4j.logger.org.quartz=WARN
log4j.logger.org.apache.jackrabbit.webdav=WARN
log4j.logger.org.apache.juddi=ERROR
log4j.logger.org.apache.commons.digester.Digester=WARN
log4j.logger.org.apache.jasper.compiler.TldLocationsCache=WARN
log4j.logger.org.apache.qpid=WARN
log4j.logger.org.apache.qpid.server.Main=INFO
log4j.logger.qpid.message=WARN
log4j.logger.qpid.message.broker.listening=INFO
log4j.logger.org.apache.tiles=WARN
log4j.logger.org.apache.commons.httpclient=ERROR
log4j.logger.org.apache.coyote=WARN
log4j.logger.org.apache.solr=ERROR
log4j.logger.me.prettyprint.cassandra.hector.TimingLogger=ERROR
log4j.logger.org.wso2=INFO
log4j.logger.org.apache.axis2.enterprise=FATAL, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.opensaml.xml=WARN, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.shared.ldap=WARN, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.server.ldap.handlers=WARN, CARBON_LOGFILE, CARBON_MEMORY
#Following are to remove false error messages from startup (IS)
log4j.logger.org.apache.directory.shared.ldap.entry.DefaultServerAttribute=FATAL, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.server.core.DefaultDirectoryService=ERROR, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.shared.ldap.ldif.LdifReader=ERROR, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=ERROR, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.server.core=ERROR, CARBON_LOGFILE, CARBON_MEMORY
log4j.logger.org.apache.directory.server.ldap.LdapSession=ERROR, CARBON_LOGFILE, CARBON_MEMORY
#Hive Related Log configurations
log4j.logger.DataNucleus=ERROR
log4j.logger.Datastore=ERROR
log4j.logger.Datastore.Schema=ERROR
log4j.logger.JPOX.Datastore=ERROR
log4j.logger.JPOX.Plugin=ERROR
log4j.logger.JPOX.MetaData=ERROR
log4j.logger.JPOX.Query=ERROR
log4j.logger.JPOX.General=ERROR
log4j.logger.JPOX.Enhancer=ERROR
log4j.logger.org.apache.hadoop.hive=WARN
log4j.logger.hive=WARN
log4j.logger.ExecMapper=WARN
log4j.logger.ExecReducer=WARN
log4j.logger.net.sf.ehcache.config.ConfigurationFactory=ERROR
log4j.logger.trace.messages=TRACE,CARBON_TRACE_LOGFILE
log4j.additivity.org.apache.axis2.clustering=false
log4j.additivity.com.atomikos=false
log4j.additivity.org.apache=false
# CARBON_CONSOLE is set to be a ConsoleAppender using a PatternLayout.
log4j.appender.CARBON_CONSOLE=org.wso2.carbon.utils.logging.appenders.CarbonConsoleAppender
log4j.appender.CARBON_CONSOLE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
# ConversionPattern will be overridden by the configuration setting in the DB
log4j.appender.CARBON_CONSOLE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m%n
log4j.appender.CARBON_CONSOLE.layout.TenantPattern=%U%@%D[%T]
log4j.appender.CARBON_CONSOLE.threshold=DEBUG
# CARBON_MEMORY is set to be a MemoryAppender using a PatternLayout.
log4j.appender.CARBON_MEMORY=org.wso2.carbon.utils.logging.appenders.MemoryAppender
log4j.appender.CARBON_MEMORY.layout=org.apache.log4j.PatternLayout
log4j.appender.CARBON_MEMORY.bufferSize=200
# ConversionPattern will be overridden by the configuration setting in the DB
#log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p - %x %m {%c}%n
log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p {%c} - %x %m %n
log4j.appender.CARBON_MEMORY.threshold=DEBUG
# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout.
log4j.appender.CARBON_LOGFILE=org.wso2.carbon.utils.logging.appenders.CarbonDailyRollingFileAppender
# Log file will be overridden by the configuration setting in the DB
# This path should be relative to WSO2 Carbon Home
log4j.appender.CARBON_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon${instance.log}.log
log4j.appender.CARBON_LOGFILE.Append=true
log4j.appender.CARBON_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
# ConversionPattern will be overridden by the configuration setting in the DB
log4j.appender.CARBON_LOGFILE.layout.ConversionPattern=TID: [%T] [%S] [%d] %P%5p {%c} - %x %m %n
log4j.appender.CARBON_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.CARBON_LOGFILE.threshold=DEBUG
log4j.appender.CARBON_SYS_LOG = org.apache.log4j.net.SyslogAppender
log4j.appender.CARBON_SYS_LOG.layout=org.apache.log4j.PatternLayout
log4j.appender.CARBON_SYS_LOG.layout.ConversionPattern=[%d] %5p {%c} - %x %m %n
log4j.appender.CARBON_SYS_LOG.SyslogHost=localhost
log4j.appender.CARBON_SYS_LOG.Facility=USER
log4j.appender.CARBON_SYS_LOG.threshold=DEBUG
# LOGEVENT is set to be a LogEventAppender using a PatternLayout to send logs to LOGEVENT
log4j.appender.LOGEVENT=org.wso2.carbon.logging.service.appender.LogEventAppender
log4j.appender.LOGEVENT.url=tcp://10.100.3.103:7611
log4j.appender.LOGEVENT.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.LOGEVENT.columnList=%T,%S,%A,%d,%c,%p,%m,%H,%I,%Stacktrace
log4j.appender.LOGEVENT.userName=admin
log4j.appender.LOGEVENT.password=admin
#log4j.appender.LOGEVENT.password=secretAlias:Log4j.Appender.LOGEVENT.Password
# Appender config to CARBON_TRACE_LOGFILE
log4j.appender.CARBON_TRACE_LOGFILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.CARBON_TRACE_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon-trace-messages${instance.log}.log
log4j.appender.CARBON_TRACE_LOGFILE.Append=true
log4j.appender.CARBON_TRACE_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.CARBON_TRACE_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m %n
log4j.appender.CARBON_TRACE_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.CARBON_TRACE_LOGFILE.threshold=TRACE
log4j.additivity.trace.messages=false
# Appender config to AUDIT_LOGFILE
log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
log4j.appender.AUDIT_LOGFILE.Append=true
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c}- %x %m %n
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
log4j.appender.AUDIT_LOGFILE.threshold=INFO
log4j.additivity.AUDIT_LOG=false
# Appender config to send Atomikos transaction logs to new log file tm.out.
log4j.appender.ATOMIKOS = org.apache.log4j.RollingFileAppender
log4j.appender.ATOMIKOS.File = repository/logs/tm.out
log4j.appender.ATOMIKOS.Append = true
log4j.appender.ATOMIKOS.layout = org.apache.log4j.PatternLayout
log4j.appender.ATOMIKOS.layout.ConversionPattern=%p %t %c - %m%n
# This file is used to override the default logger settings, and is used to remove unwanted logs from Shindig appearing on the console.
# Specification of Handler used by Console Logger
handlers=java.util.logging.ConsoleHandler
# Replacing default INFO level with SEVERE
java.util.logging.ConsoleHandler.level=SEVERE

@ -1,8 +1,25 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<CertificateConfigurations>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
<CertificateKeystoreLocation>${carbon.home}/repository/resources/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->

@ -0,0 +1,33 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<DataSourceConfig>
<Url>jdbc:h2:mem:cdm-test-db;DB_CLOSE_ON_EXIT=FALSE;MVCC=true</Url>
<DriverClassName>org.h2.Driver</DriverClassName>
<User>wso2carbon</User>
<Password>wso2carbon</Password>
<!-- For MySql -->
<!--<Url>jdbc:mysql://localhost:3306/WSO2CDM</Url>-->
<!--<DriverClassName>com.mysql.jdbc.Driver</DriverClassName>-->
<!--<User>root</User>-->
<!--<Password></Password>-->
</DataSourceConfig>

@ -0,0 +1,25 @@
--
-- Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
--
-- WSO2 Inc. licenses this file to you under the Apache License,
-- Version 2.0 (the "License"); you may not use this file except
-- in compliance with the License.
-- You may obtain a copy of the License at
--
-- http://www.apache.org/licenses/LICENSE-2.0
--
-- Unless required by applicable law or agreed to in writing,
-- software distributed under the License is distributed on an
-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-- KIND, either express or implied. See the License for the
-- specific language governing permissions and limitations
-- under the License.
CREATE TABLE IF NOT EXISTS DM_DEVICE_CERTIFICATE (
ID INTEGER auto_increment NOT NULL,
SERIAL_NUMBER VARCHAR(500) DEFAULT NULL,
CERTIFICATE BLOB DEFAULT NULL,
TENANT_ID INTEGER DEFAULT 0,
USERNAME VARCHAR(500) DEFAULT NULL,
PRIMARY KEY (ID)
);

@ -1,12 +1,37 @@
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ you may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<suite name="CertificateManagementServiceImplTests">
<suite name="iOS-MDM-Tests">
<test name="Operatoin Bean validation tests" preserve-order="true">
<classes>
<class name="org.wso2.carbon.certificate.mgt.core.common.BaseDeviceManagementCertificateTest"/>
<class name="org.wso2.carbon.certificate.mgt.core.common.DataSourceConfig"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateManagementServiceImplTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorTestSuite"/>
<class name="org.wso2.carbon.certificate.mgt.core.util.CommonUtil"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.KeyGeneratorTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateManagementServiceImplNegativeTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorNegativeTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateTests"/>
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateCacheManagerImplTests"/>
</classes>
</test>
</suite>
</suite>

@ -22,14 +22,14 @@
<parent>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>carbon-devicemgt</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>certificate-mgt</artifactId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<packaging>pom</packaging>
<name>WSO2 Carbon - Certificate Management Component</name>
<url>http://wso2.org</url>

@ -22,7 +22,7 @@
<parent>
<artifactId>device-mgt-extensions</artifactId>
<groupId>org.wso2.carbon.devicemgt</groupId>
<version>3.0.46-SNAPSHOT</version>
<version>3.0.172-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
@ -74,6 +74,39 @@
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.ndatasource.core</artifactId>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-module-testng</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.registry</groupId>
<artifactId>org.wso2.carbon.registry.indexing</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
@ -128,6 +161,32 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<configuration>
<destFile>${basedir}/target/coverage-reports/jacoco-unit.exec</destFile>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>test</phase>
<goals>
<goal>report</goal>
</goals>
<configuration>
<dataFile>${basedir}/target/coverage-reports/jacoco-unit.exec</dataFile>
<outputDirectory>${basedir}/target/coverage-reports/site</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>

@ -78,7 +78,7 @@ public class DeviceTypeCAppDeployer implements AppDeploymentHandler {
}
private void deployTypeSpecifiedArtifacts(List<Artifact> artifacts, AxisConfiguration axisConfig,
protected void deployTypeSpecifiedArtifacts(List<Artifact> artifacts, AxisConfiguration axisConfig,
String fileType, String directory) throws DeploymentException {
for (Artifact artifact : artifacts) {
Deployer deployer = AppDeployerUtils.getArtifactDeployer(axisConfig, directory, fileType);
@ -118,7 +118,7 @@ public class DeviceTypeCAppDeployer implements AppDeploymentHandler {
}
private void undeployTypeSpecifiedArtifacts(List<Artifact> artifacts, AxisConfiguration axisConfig, String fileType
protected void undeployTypeSpecifiedArtifacts(List<Artifact> artifacts, AxisConfiguration axisConfig, String fileType
, String directory) throws DeploymentException {
for (Artifact artifact : artifacts) {
Deployer deployer = AppDeployerUtils.getArtifactDeployer(axisConfig, directory, fileType);

@ -51,8 +51,8 @@ public class DeviceTypePluginDeployer extends AbstractDeployer {
private static Log log = LogFactory.getLog(DeviceTypePluginDeployer.class);
private ConfigurationContext configurationContext;
protected Map<String, ServiceRegistration> deviceTypeServiceRegistrations = new ConcurrentHashMap();
protected Map<String, DeviceTypeConfigIdentifier> deviceTypeConfigurationDataMap = new ConcurrentHashMap();
private Map<String, ServiceRegistration> deviceTypeServiceRegistrations = new ConcurrentHashMap();
private Map<String, DeviceTypeConfigIdentifier> deviceTypeConfigurationDataMap = new ConcurrentHashMap();
@Override
public void init(ConfigurationContext configurationContext) {
@ -118,7 +118,7 @@ public class DeviceTypePluginDeployer extends AbstractDeployer {
}
}
private ServiceRegistration registerDeviceType(DeviceTypeConfigIdentifier deviceTypeConfigIdentifier,
protected ServiceRegistration registerDeviceType(DeviceTypeConfigIdentifier deviceTypeConfigIdentifier,
DeviceTypeConfiguration deviceManagementConfiguration) {
DeviceTypeManagerService deviceTypeManagerService = new DeviceTypeManagerService(deviceTypeConfigIdentifier,
deviceManagementConfiguration);

@ -0,0 +1,131 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.extensions.device.type.deployer;
import org.apache.axis2.deployment.DeploymentException;
import org.apache.axis2.engine.AxisConfiguration;
import org.mockito.Mockito;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.application.deployer.CarbonApplication;
import org.wso2.carbon.application.deployer.config.ApplicationConfiguration;
import org.wso2.carbon.application.deployer.config.Artifact;
import org.wso2.carbon.application.deployer.config.CappFile;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.extensions.device.type.deployer.util.DeviceTypePluginConstants;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.util.ArrayList;
/*
Unit tests for deviceTypeCAppDeployer
*/
public class DeviceTypeCAppDeployerTest {
private DeviceTypeCAppDeployer deviceTypeCAppDeployer;
private CarbonApplication carbonApplication = null;
private AxisConfiguration axisConfiguration = null;
private ApplicationConfiguration applicationConfiguration = null;
private CappFile cappFile = new CappFile();
private void initializeActifact(String type) {
Artifact tempArtifact = new Artifact();
cappFile.setName("testCappFile");
tempArtifact.setType(type);
tempArtifact.addFile(cappFile);
Artifact.Dependency dependency = new Artifact.Dependency();
dependency.setArtifact(tempArtifact);
tempArtifact.addDependency(dependency);
Mockito.doReturn(tempArtifact).when(applicationConfiguration).getApplicationArtifact();
}
private void initializeErrorArtifact() {
Artifact errArtifact = new Artifact();
errArtifact.setType(DeviceTypePluginConstants.CDMF_PLUGIN_TYPE);
Artifact.Dependency dependency = new Artifact.Dependency();
dependency.setArtifact(errArtifact);
errArtifact.addDependency(dependency);
Mockito.doReturn(errArtifact).when(applicationConfiguration).getApplicationArtifact();
}
@BeforeClass
public void init() throws NoSuchFieldException, IllegalAccessException, IOException, RegistryException {
Field deviceTypePlugins;
Field deviceTypeUIs;
deviceTypeCAppDeployer = Mockito.mock(DeviceTypeCAppDeployer.class, Mockito.CALLS_REAL_METHODS);
carbonApplication = Mockito.mock(CarbonApplication.class, Mockito.CALLS_REAL_METHODS);
axisConfiguration = Mockito.mock(AxisConfiguration.class, Mockito.CALLS_REAL_METHODS);
applicationConfiguration = Mockito.mock(ApplicationConfiguration.class, Mockito.CALLS_REAL_METHODS);
Mockito.doReturn(applicationConfiguration).when(carbonApplication).getAppConfig();
Mockito.doNothing().when(deviceTypeCAppDeployer).deployTypeSpecifiedArtifacts(Mockito.any(), Mockito.any(),
Mockito.any(), Mockito.any());
Mockito.doNothing().when(deviceTypeCAppDeployer).undeployTypeSpecifiedArtifacts(Mockito.any(), Mockito.any(),
Mockito.any(), Mockito.any());
this.initializeCarbonContext();
deviceTypePlugins = DeviceTypeCAppDeployer.class.getDeclaredField("deviceTypePlugins");
deviceTypePlugins.setAccessible(true);
deviceTypePlugins.set(deviceTypeCAppDeployer, new ArrayList<Artifact>());
deviceTypeUIs = DeviceTypeCAppDeployer.class.getDeclaredField("deviceTypeUIs");
deviceTypeUIs.setAccessible(true);
deviceTypeUIs.set(deviceTypeCAppDeployer, new ArrayList<Artifact>());
}
private void initializeCarbonContext() throws IOException, RegistryException {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_ID);
}
@Test(description = "deploying a capp of plugin type")
public void testDeployCarbonAppsPluginType() throws DeploymentException, IllegalAccessException {
initializeActifact(DeviceTypePluginConstants.CDMF_PLUGIN_TYPE);
deviceTypeCAppDeployer.deployArtifacts(carbonApplication, axisConfiguration);
}
@Test(description = "deploying an erroneous car file")
public void testDeployErrorArtifact() throws DeploymentException, IllegalAccessException {
initializeErrorArtifact();
deviceTypeCAppDeployer.deployArtifacts(carbonApplication, axisConfiguration);
}
@Test(dependsOnMethods = {"testDeployCarbonAppsPluginType"}, description = "undeploying previously deployed capp")
public void testUndeployCarbonAppsPluginType() throws DeploymentException {
deviceTypeCAppDeployer.undeployArtifacts(carbonApplication, axisConfiguration);
}
@Test(dependsOnMethods = {"testUndeployCarbonAppsPluginType"}, description = "deploying a capp of UI type")
public void testDeployCarbonAppsUiType() throws DeploymentException, IllegalAccessException {
initializeActifact(DeviceTypePluginConstants.CDMF_UI_TYPE);
deviceTypeCAppDeployer.deployArtifacts(carbonApplication, axisConfiguration);
}
@Test(dependsOnMethods = {"testDeployCarbonAppsUiType"}, description = "Undeploy previously deployed capp")
public void testUndeployCarbonAppsUiType() throws DeploymentException {
deviceTypeCAppDeployer.undeployArtifacts(carbonApplication, axisConfiguration);
}
}

@ -0,0 +1,124 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.extensions.device.type.deployer;
import org.apache.axis2.deployment.DeploymentException;
import org.apache.axis2.deployment.repository.util.DeploymentFileData;
import org.junit.Assert;
import org.mockito.Mockito;
import org.osgi.framework.ServiceRegistration;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.extensions.device.type.template.DeviceTypeConfigIdentifier;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/*
Unit tests for DeviceTypePluginDeployer
*/
public class DeviceTypePluginDeployerTest {
private DeviceTypePluginDeployer deviceTypePluginDeployer;
private DeploymentFileData deploymentFileData;
private DeploymentFileData invalidDeploymentFileData;
private Field deviceTypeServiceRegistrations = null;
private Field deviceTypeConfigurationDataMap = null;
private ServiceRegistration serviceRegistration = null;
private File file = new File("src/test/resources/android.xml");
private File invalidFile = new File("src/test/resources/invalidAndroid.xml");
@BeforeClass
public void init() throws NoSuchFieldException, IllegalAccessException, IOException, RegistryException {
deviceTypePluginDeployer = Mockito.mock(DeviceTypePluginDeployer.class, Mockito.CALLS_REAL_METHODS);
serviceRegistration = Mockito.mock(ServiceRegistration.class, Mockito.CALLS_REAL_METHODS);
Mockito.doReturn(serviceRegistration).when(deviceTypePluginDeployer).registerDeviceType(Mockito.any(),
Mockito.any());
deviceTypeServiceRegistrations = DeviceTypePluginDeployer.class.getDeclaredField
("deviceTypeServiceRegistrations");
deviceTypeServiceRegistrations.setAccessible(true);
deviceTypeServiceRegistrations.set(deviceTypePluginDeployer, new ConcurrentHashMap());
deviceTypeConfigurationDataMap = DeviceTypePluginDeployer.class.getDeclaredField
("deviceTypeConfigurationDataMap");
deviceTypeConfigurationDataMap.setAccessible(true);
deviceTypeConfigurationDataMap.set(deviceTypePluginDeployer, new ConcurrentHashMap());
this.initializeCarbonContext();
if (file.exists()) {
deploymentFileData = new DeploymentFileData(file);
}
if (invalidFile.exists()) {
invalidDeploymentFileData = new DeploymentFileData(invalidFile);
}
}
private void initializeCarbonContext() throws IOException, RegistryException {
if (System.getProperty("carbon.home") == null) {
File file = new File("src/test/resources");
if (file.exists()) {
System.setProperty("carbon.home", file.getAbsolutePath());
}
}
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_ID);
}
@SuppressWarnings("unchecked")
@Test(description = "Testing deviceType deploy method by deploying Android device type")
public void deploy() throws DeploymentException, IllegalAccessException {
deviceTypePluginDeployer.deploy(deploymentFileData);
Map<String, ServiceRegistration> tempServiceRegistration = (Map<String, ServiceRegistration>)
deviceTypeServiceRegistrations.get(deviceTypePluginDeployer);
Assert.assertEquals(tempServiceRegistration.get(deploymentFileData.getAbsolutePath()), serviceRegistration);
Map<String, DeviceTypeConfigIdentifier> tempDeviceTypeConfig = (Map<String, DeviceTypeConfigIdentifier>)
deviceTypeConfigurationDataMap.get(deviceTypePluginDeployer);
DeviceTypeConfigIdentifier deviceTypeConfigIdentifier = tempDeviceTypeConfig.get(deploymentFileData
.getAbsolutePath());
Assert.assertEquals(deviceTypeConfigIdentifier.getDeviceType(), "android");
}
@Test(description = "Testing exception for invalid xml files", expectedExceptions = {org.apache.axis2.deployment
.DeploymentException.class})
public void deployInvalidXml() throws DeploymentException, IllegalAccessException {
deviceTypePluginDeployer.deploy(invalidDeploymentFileData);
}
@Test(description = "Testing exception for non existing xml file", expectedExceptions = {org.apache.axis2.deployment
.DeploymentException.class})
public void unDeployInvalidXml() throws DeploymentException, IllegalAccessException {
deviceTypePluginDeployer.deploy(new DeploymentFileData(new File("src/test/resources/notExist.xml")));
}
@SuppressWarnings("unchecked")
@Test(dependsOnMethods = {"deploy"} , description = "Testing deviceType undeploy method by un-deploying Android " +
"device type")
public void unDeploy() throws DeploymentException, IllegalAccessException {
deviceTypePluginDeployer.undeploy(deploymentFileData.getAbsolutePath());
Map<String, ServiceRegistration> tempServiceRegistration = (Map<String, ServiceRegistration>)
deviceTypeServiceRegistrations.get(deviceTypePluginDeployer);
Assert.assertNull(tempServiceRegistration.get(deploymentFileData.getAbsolutePath()));
Map<String, DeviceTypeConfigIdentifier> tempDeviceTypeConfig = (Map<String, DeviceTypeConfigIdentifier>)
deviceTypeConfigurationDataMap.get(deviceTypePluginDeployer);
Assert.assertNull(tempDeviceTypeConfig.get(deploymentFileData.getAbsolutePath()));
}
}

@ -0,0 +1,382 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<DeviceTypeConfiguration name="android">
<DeviceDetails table-id="AD_DEVICE"/>
<License>
<Language>en_US</Language>
<Version>1.0.0</Version>
<Text>This End User License Agreement ("Agreement") is a legal agreement between you ("You") and WSO2,
Inc., regarding the enrollment of Your personal mobile device ("Device") in SoR's mobile device
management program, and the loading to and removal from Your Device and Your use of certain
applications and any associated software and user documentation, whether provided in "online" or
electronic format, used in connection with the operation of or provision of services to WSO2,
Inc., BY SELECTING "I ACCEPT" DURING INSTALLATION, YOU ARE ENROLLING YOUR DEVICE, AND THEREBY
AUTHORIZING SOR OR ITS AGENTS TO INSTALL, UPDATE AND REMOVE THE APPS FROM YOUR DEVICE AS DESCRIBED
IN THIS AGREEMENT. YOU ARE ALSO EXPLICITLY ACKNOWLEDGING AND AGREEING THAT (1) THIS IS A BINDING
CONTRACT AND (2) YOU HAVE READ AND AGREE TO THE TERMS OF THIS AGREEMENT.
IF YOU DO NOT ACCEPT THESE TERMS, DO NOT ENROLL YOUR DEVICE AND DO NOT PROCEED ANY FURTHER.
You agree that: (1) You understand and agree to be bound by the terms and conditions contained in
this Agreement, and (2) You are at least 21 years old and have the legal capacity to enter into
this Agreement as defined by the laws of Your jurisdiction. SoR shall have the right, without
prior notice, to terminate or suspend (i) this Agreement, (ii) the enrollment of Your Device, or
(iii) the functioning of the Apps in the event of a violation of this Agreement or the cessation
of Your relationship with SoR (including termination of Your employment if You are an employee or
expiration or termination of Your applicable franchise or supply agreement if You are a franchisee
of or supplier to the WSO2 WSO2, Inc., system). SoR expressly reserves all rights not expressly
granted herein.
</Text>
</License>
<ProvisioningConfig>
<SharedWithAllTenants>true</SharedWithAllTenants>
</ProvisioningConfig>
<!--
isScheduled element used to enable scheduler task to send push notification.
Task will send push notification as batches. So this will reduce sudden request burst when many devices try to
access server after receiving push notification.
-->
<!--Configuration for enable firebase push notifications-->
<!--<PushNotificationProviderConfig type="FCM" isScheduled="false">-->
<!--</PushNotificationProviderConfig>-->
<DataSource>
<JndiConfig>
<Name>jdbc/MobileAndroidDM_DS</Name>
</JndiConfig>
<TableConfig>
<Table name="AD_DEVICE">
<PrimaryKey>DEVICE_ID</PrimaryKey>
<Attributes>
<Attribute>FCM_TOKEN</Attribute>
<Attribute>DEVICE_INFO</Attribute>
<Attribute>IMEI</Attribute>
<Attribute>IMSI</Attribute>
<Attribute>OS_VERSION</Attribute>
<Attribute>DEVICE_MODEL</Attribute>
<Attribute>VENDOR</Attribute>
<Attribute>LATITUDE</Attribute>
<Attribute>LONGITUDE</Attribute>
<Attribute>SERIAL</Attribute>
<Attribute>MAC_ADDRESS</Attribute>
<Attribute>DEVICE_NAME</Attribute>
<Attribute>OS_BUILD_DATE</Attribute>
</Attributes>
</Table>
</TableConfig>
</DataSource>
<Features>
<Feature code="DEVICE_RING">
<Name>Ring</Name>
<Description>Ring the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/ring" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_LOCK">
<Name>Device Lock</Name>
<Description>Lock the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/lock-devices" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_LOCATION">
<Name>Location</Name>
<Description>Request coordinates of device location</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/location" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="CLEAR_PASSWORD">
<Name>Clear Password</Name>
<Description>Clear current password</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/clear-password" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_REBOOT">
<Name>Reboot</Name>
<Description>Reboot the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/reboot" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="UPGRADE_FIRMWARE">
<Name>Upgrade Firmware</Name>
<Description>Upgrade Firmware</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/upgrade-firmware" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_MUTE">
<Name>Mute</Name>
<Description>Enable mute in the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/mute" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="NOTIFICATION">
<Name>Message</Name>
<Description>Send message</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/send-notification" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="CHANGE_LOCK_CODE">
<Name>Change Lock-code</Name>
<Description>Change current lock code</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/change-lock-code" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="ENTERPRISE_WIPE">
<Name>Enterprise Wipe</Name>
<Description>Remove enterprise applications</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/enterprise-wipe" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="WIPE_DATA">
<Name>Wipe Data</Name>
<Description>Factory reset the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/wipe" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="WIFI">
<Name>Wifi</Name>
<Description>Setting up wifi configuration</Description>
</Feature>
<Feature code="CAMERA">
<Name>Camera</Name>
<Description>Enable or disable camera</Description>
</Feature>
<Feature code="EMAIL">
<Name>Email</Name>
<Description>Configure email settings</Description>
</Feature>
<Feature code="DEVICE_INFO">
<Name>Device info</Name>
<Description>Request device information</Description>
</Feature>
<Feature code="APPLICATION_LIST">
<Name>Application List</Name>
<Description>Request list of current installed applications</Description>
</Feature>
<Feature code="INSTALL_APPLICATION">
<Name>Install App</Name>
<Description>Install App</Description>
</Feature>
<Feature code="UNINSTALL_APPLICATION">
<Name>Uninstall App</Name>
<Description>Uninstall App</Description>
</Feature>
<Feature code="BLACKLIST_APPLICATIONS">
<Name>Blacklist app</Name>
<Description>Blacklist applications</Description>
</Feature>
<Feature code="ENCRYPT_STORAGE">
<Name>Encrypt Storage</Name>
<Description>Encrypt storage</Description>
</Feature>
<Feature code="PASSCODE_POLICY">
<Name>Password Policy</Name>
<Description>Set passcode policy</Description>
</Feature>
<Feature code="VPN">
<Name>Configure VPN</Name>
<Description>Configure VPN settings</Description>
</Feature>
<Feature code="DISALLOW_ADJUST_VOLUME">
<Name>Disallow user to change volume</Name>
<Description>Allow or disallow user to change volume"</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_BLUETOOTH">
<Name>Disallow bluetooth configuration</Name>
<Description>Allow or disallow bluetooth configuration</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_CELL_BROADCASTS">
<Name>Disallow user to change cell broadcast configurations</Name>
<Description>Allow or disallow user to change cell broadcast configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_CREDENTIALS">
<Name>Disallow user to change user credentials</Name>
<Description>Allow or disallow user to change user credentials</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_MOBILE_NETWORKS">
<Name>Disallow user to change mobile networks configurations</Name>
<Description>Allow or disallow user to change mobile networks configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_TETHERING">
<Name>Disallow user to change tethering configurations</Name>
<Description>Allow or disallow user to change tethering configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_VPN">
<Name>Disallow user to change VPN configurations</Name>
<Description>Allow or disallow user to change VPN configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_WIFI">
<Name>Disallow user to change WIFI configurations</Name>
<Description>Allow or disallow user to change WIFI configurations</Description>
</Feature>
<Feature code="DISALLOW_APPS_CONTROL">
<Name>Disallow user to change app control</Name>
<Description>Allow or disallow user to change app control</Description>
</Feature>
<Feature code="DISALLOW_CREATE_WINDOWS">
<Name>Disallow window creation</Name>
<Description>Allow or disallow window creation</Description>
</Feature>
<Feature code="DISALLOW_APPS_CONTROL">
<Name>Disallow user to change app control configurations</Name>
<Description>Allow or disallow user to change app control configurations</Description>
</Feature>
<Feature code="DISALLOW_CROSS_PROFILE_COPY_PASTE">
<Name>Disallow cross profile copy paste</Name>
<Description>Allow or disallow cross profile copy paste</Description>
</Feature>
<Feature code="DISALLOW_DEBUGGING_FEATURES">
<Name>Disallow debugging features</Name>
<Description>Allow or disallow debugging features</Description>
</Feature>
<Feature code="DISALLOW_FACTORY_RESET">
<Name>Disallow factory reset</Name>
<Description>Allow or disallow factory reset</Description>
</Feature>
<Feature code="DISALLOW_ADD_USER">
<Name>Disallow add user</Name>
<Description>Allow or disallow add user</Description>
</Feature>
<Feature code="DISALLOW_INSTALL_APPS">
<Name>Disallow install apps</Name>
<Description>Allow or disallow install apps</Description>
</Feature>
<Feature code="DISALLOW_INSTALL_UNKNOWN_SOURCES">
<Name>Disallow install unknown sources</Name>
<Description>Allow or disallow install unknown sources</Description>
</Feature>
<Feature code="DISALLOW_MODIFY_ACCOUNTS">
<Name>Disallow modify account</Name>
<Description>Allow or disallow modify account</Description>
</Feature>
<Feature code="DISALLOW_MOUNT_PHYSICAL_MEDIA">
<Name>Disallow mount physical media</Name>
<Description>Allow or disallow mount physical media</Description>
</Feature>
<Feature code="DISALLOW_NETWORK_RESET">
<Name>Disallow network reset</Name>
<Description>Allow or disallow network reset</Description>
</Feature>
<Feature code="DISALLOW_OUTGOING_BEAM">
<Name>Disallow outgoing beam</Name>
<Description>Allow or disallow outgoing beam</Description>
</Feature>
<Feature code="DISALLOW_OUTGOING_CALLS">
<Name>Disallow outgoing calls</Name>
<Description>Allow or disallow outgoing calls</Description>
</Feature>
<Feature code="DISALLOW_REMOVE_USER">
<Name>Disallow remove users</Name>
<Description>Allow or disallow remove users</Description>
</Feature>
<Feature code="DISALLOW_SAFE_BOOT">
<Name>Disallow safe boot</Name>
<Description>Allow or disallow safe boot</Description>
</Feature>
<Feature code="DISALLOW_SHARE_LOCATION">
<Name>Disallow share location</Name>
<Description>Allow or disallow share location</Description>
</Feature>
<Feature code="DISALLOW_SMS">
<Name>Disallow sms</Name>
<Description>Allow or disallow sms</Description>
</Feature>
<Feature code="DISALLOW_UNINSTALL_APPS">
<Name>Disallow uninstall app</Name>
<Description>Allow or disallow uninstall app</Description>
</Feature>
<Feature code="DISALLOW_UNMUTE_MICROPHONE">
<Name>Disallow unmute mic</Name>
<Description>Allow or disallow unmute mic</Description>
</Feature>
<Feature code="DISALLOW_USB_FILE_TRANSFER">
<Name>Disallow usb file transfer</Name>
<Description>Allow or disallow usb file transfer</Description>
</Feature>
<Feature code="ALLOW_PARENT_PROFILE_APP_LINKING">
<Name>Disallow parent profile app linking</Name>
<Description>Allow or disallow parent profile app linking</Description>
</Feature>
<Feature code="ENSURE_VERIFY_APPS">
<Name>Disallow ensure verify apps</Name>
<Description>Allow or disallow ensure verify apps</Description>
</Feature>
<Feature code="AUTO_TIME">
<Name>Disallow auto timing</Name>
<Description>Allow or disallow auto timing</Description>
</Feature>
<Feature code="REMOVE_DEVICE_OWNER">
<Name>Remove device owner</Name>
<Description>Remove device owner</Description>
</Feature>
<Feature code="LOGCAT">
<Name>Fetch device logcat</Name>
<Description>Fetch device logcat</Description>
</Feature>
<Feature code="DEVICE_UNLOCK">
<Name>Unlock the device</Name>
<Description>Unlock the device</Description>
</Feature>
</Features>
<TaskConfiguration>
<Enable>true</Enable>
<Frequency>60000</Frequency>
<Operations>
<Operation>
<Name>DEVICE_INFO</Name>
<RecurrentTimes>1</RecurrentTimes>
</Operation>
<Operation>
<Name>APPLICATION_LIST</Name>
<RecurrentTimes>5</RecurrentTimes>
</Operation>
<Operation>
<Name>DEVICE_LOCATION</Name>
<RecurrentTimes>1</RecurrentTimes>
</Operation>
</Operations>
</TaskConfiguration>
<PolicyMonitoring enabled="true"/>
<InitialOperationConfig>
<Operations>
<Operation>DEVICE_INFO</Operation>
<Operation>APPLICATION_LIST</Operation>
<Operation>DEVICE_LOCATION</Operation>
</Operations>
</InitialOperationConfig>
<!--This configures the Task service for the android device-type. Given below are the property definitions.
<RequireStatusMonitoring> - This will enable or disable status monitoring for that particular device-type.
<Frequency> - The time interval (in seconds) in which the task should run for this device-type
<IdleTimeToMarkInactive> - The time duration (in seconds) in which the device can be moved to inactive status
which means the device will be moved to inactive status if that device does not
contact the server within that time period. Better to have a multiplier of Frequency.
<IdleTimeToMarkUnreachable> - The time duration (in seconds) in which the device can be moved to unreachable status
which means the device will be moved to unreachable status if that device does not
contact the server within that time period. Better to have a multiplier of Frequency.
-->
<DeviceStatusTaskConfig>
<RequireStatusMonitoring>true</RequireStatusMonitoring>
<Frequency>300</Frequency>
<IdleTimeToMarkInactive>900</IdleTimeToMarkInactive>
<IdleTimeToMarkUnreachable>600</IdleTimeToMarkUnreachable>
</DeviceStatusTaskConfig>
</DeviceTypeConfiguration>

@ -0,0 +1,382 @@
<?xml version="1.0" encoding="utf-8"?
<!--
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<DeviceTypeConfiguration name="android">
<DeviceDetails table-id="AD_DEVICE"/>
<License>
<Language>en_US</Language>
<Version>1.0.0</Version>
<Text>This End User License Agreement ("Agreement") is a legal agreement between you ("You") and WSO2,
Inc., regarding the enrollment of Your personal mobile device ("Device") in SoR's mobile device
management program, and the loading to and removal from Your Device and Your use of certain
applications and any associated software and user documentation, whether provided in "online" or
electronic format, used in connection with the operation of or provision of services to WSO2,
Inc., BY SELECTING "I ACCEPT" DURING INSTALLATION, YOU ARE ENROLLING YOUR DEVICE, AND THEREBY
AUTHORIZING SOR OR ITS AGENTS TO INSTALL, UPDATE AND REMOVE THE APPS FROM YOUR DEVICE AS DESCRIBED
IN THIS AGREEMENT. YOU ARE ALSO EXPLICITLY ACKNOWLEDGING AND AGREEING THAT (1) THIS IS A BINDING
CONTRACT AND (2) YOU HAVE READ AND AGREE TO THE TERMS OF THIS AGREEMENT.
IF YOU DO NOT ACCEPT THESE TERMS, DO NOT ENROLL YOUR DEVICE AND DO NOT PROCEED ANY FURTHER.
You agree that: (1) You understand and agree to be bound by the terms and conditions contained in
this Agreement, and (2) You are at least 21 years old and have the legal capacity to enter into
this Agreement as defined by the laws of Your jurisdiction. SoR shall have the right, without
prior notice, to terminate or suspend (i) this Agreement, (ii) the enrollment of Your Device, or
(iii) the functioning of the Apps in the event of a violation of this Agreement or the cessation
of Your relationship with SoR (including termination of Your employment if You are an employee or
expiration or termination of Your applicable franchise or supply agreement if You are a franchisee
of or supplier to the WSO2 WSO2, Inc., system). SoR expressly reserves all rights not expressly
granted herein.
</Text>
</License>
<ProvisioningConfig>
<SharedWithAllTenants>true</SharedWithAllTenants>
</ProvisioningConfig>
<!--
isScheduled element used to enable scheduler task to send push notification.
Task will send push notification as batches. So this will reduce sudden request burst when many devices try to
access server after receiving push notification.
-->
<!--Configuration for enable firebase push notifications-->
<!--<PushNotificationProviderConfig type="FCM" isScheduled="false">-->
<!--</PushNotificationProviderConfig>-->
<DataSource>
<JndiConfig>
<Name>jdbc/MobileAndroidDM_DS</Name>
</JndiConfig>
<TableConfig>
<Table name="AD_DEVICE">
<PrimaryKey>DEVICE_ID</PrimaryKey>
<Attributes>
<Attribute>FCM_TOKEN</Attribute>
<Attribute>DEVICE_INFO</Attribute>
<Attribute>IMEI</Attribute>
<Attribute>IMSI</Attribute>
<Attribute>OS_VERSION</Attribute>
<Attribute>DEVICE_MODEL</Attribute>
<Attribute>VENDOR</Attribute>
<Attribute>LATITUDE</Attribute>
<Attribute>LONGITUDE</Attribute>
<Attribute>SERIAL</Attribute>
<Attribute>MAC_ADDRESS</Attribute>
<Attribute>DEVICE_NAME</Attribute>
<Attribute>OS_BUILD_DATE</Attribute>
</Attributes>
</Table>
</TableConfig>
</DataSource>
<Features>
<Feature code="DEVICE_RING">
<Name>Ring</Name>
<Description>Ring the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/ring" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_LOCK">
<Name>Device Lock</Name>
<Description>Lock the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/lock-devices" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_LOCATION">
<Name>Location</Name>
<Description>Request coordinates of device location</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/location" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="CLEAR_PASSWORD">
<Name>Clear Password</Name>
<Description>Clear current password</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/clear-password" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_REBOOT">
<Name>Reboot</Name>
<Description>Reboot the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/reboot" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="UPGRADE_FIRMWARE">
<Name>Upgrade Firmware</Name>
<Description>Upgrade Firmware</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/upgrade-firmware" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="DEVICE_MUTE">
<Name>Mute</Name>
<Description>Enable mute in the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/mute" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="NOTIFICATION">
<Name>Message</Name>
<Description>Send message</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/send-notification" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="CHANGE_LOCK_CODE">
<Name>Change Lock-code</Name>
<Description>Change current lock code</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/change-lock-code" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="ENTERPRISE_WIPE">
<Name>Enterprise Wipe</Name>
<Description>Remove enterprise applications</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/enterprise-wipe" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="WIPE_DATA">
<Name>Wipe Data</Name>
<Description>Factory reset the device</Description>
<Operation context="/api/device-mgt/android/v1.0/admin/devices/wipe" method="POST" type="application/json">
</Operation>
</Feature>
<Feature code="WIFI">
<Name>Wifi</Name>
<Description>Setting up wifi configuration</Description>
</Feature>
<Feature code="CAMERA">
<Name>Camera</Name>
<Description>Enable or disable camera</Description>
</Feature>
<Feature code="EMAIL">
<Name>Email</Name>
<Description>Configure email settings</Description>
</Feature>
<Feature code="DEVICE_INFO">
<Name>Device info</Name>
<Description>Request device information</Description>
</Feature>
<Feature code="APPLICATION_LIST">
<Name>Application List</Name>
<Description>Request list of current installed applications</Description>
</Feature>
<Feature code="INSTALL_APPLICATION">
<Name>Install App</Name>
<Description>Install App</Description>
</Feature>
<Feature code="UNINSTALL_APPLICATION">
<Name>Uninstall App</Name>
<Description>Uninstall App</Description>
</Feature>
<Feature code="BLACKLIST_APPLICATIONS">
<Name>Blacklist app</Name>
<Description>Blacklist applications</Description>
</Feature>
<Feature code="ENCRYPT_STORAGE">
<Name>Encrypt Storage</Name>
<Description>Encrypt storage</Description>
</Feature>
<Feature code="PASSCODE_POLICY">
<Name>Password Policy</Name>
<Description>Set passcode policy</Description>
</Feature>
<Feature code="VPN">
<Name>Configure VPN</Name>
<Description>Configure VPN settings</Description>
</Feature>
<Feature code="DISALLOW_ADJUST_VOLUME">
<Name>Disallow user to change volume</Name>
<Description>Allow or disallow user to change volume"</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_BLUETOOTH">
<Name>Disallow bluetooth configuration</Name>
<Description>Allow or disallow bluetooth configuration</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_CELL_BROADCASTS">
<Name>Disallow user to change cell broadcast configurations</Name>
<Description>Allow or disallow user to change cell broadcast configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_CREDENTIALS">
<Name>Disallow user to change user credentials</Name>
<Description>Allow or disallow user to change user credentials</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_MOBILE_NETWORKS">
<Name>Disallow user to change mobile networks configurations</Name>
<Description>Allow or disallow user to change mobile networks configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_TETHERING">
<Name>Disallow user to change tethering configurations</Name>
<Description>Allow or disallow user to change tethering configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_VPN">
<Name>Disallow user to change VPN configurations</Name>
<Description>Allow or disallow user to change VPN configurations</Description>
</Feature>
<Feature code="DISALLOW_CONFIG_WIFI">
<Name>Disallow user to change WIFI configurations</Name>
<Description>Allow or disallow user to change WIFI configurations</Description>
</Feature>
<Feature code="DISALLOW_APPS_CONTROL">
<Name>Disallow user to change app control</Name>
<Description>Allow or disallow user to change app control</Description>
</Feature>
<Feature code="DISALLOW_CREATE_WINDOWS">
<Name>Disallow window creation</Name>
<Description>Allow or disallow window creation</Description>
</Feature>
<Feature code="DISALLOW_APPS_CONTROL">
<Name>Disallow user to change app control configurations</Name>
<Description>Allow or disallow user to change app control configurations</Description>
</Feature>
<Feature code="DISALLOW_CROSS_PROFILE_COPY_PASTE">
<Name>Disallow cross profile copy paste</Name>
<Description>Allow or disallow cross profile copy paste</Description>
</Feature>
<Feature code="DISALLOW_DEBUGGING_FEATURES">
<Name>Disallow debugging features</Name>
<Description>Allow or disallow debugging features</Description>
</Feature>
<Feature code="DISALLOW_FACTORY_RESET">
<Name>Disallow factory reset</Name>
<Description>Allow or disallow factory reset</Description>
</Feature>
<Feature code="DISALLOW_ADD_USER">
<Name>Disallow add user</Name>
<Description>Allow or disallow add user</Description>
</Feature>
<Feature code="DISALLOW_INSTALL_APPS">
<Name>Disallow install apps</Name>
<Description>Allow or disallow install apps</Description>
</Feature>
<Feature code="DISALLOW_INSTALL_UNKNOWN_SOURCES">
<Name>Disallow install unknown sources</Name>
<Description>Allow or disallow install unknown sources</Description>
</Feature>
<Feature code="DISALLOW_MODIFY_ACCOUNTS">
<Name>Disallow modify account</Name>
<Description>Allow or disallow modify account</Description>
</Feature>
<Feature code="DISALLOW_MOUNT_PHYSICAL_MEDIA">
<Name>Disallow mount physical media</Name>
<Description>Allow or disallow mount physical media</Description>
</Feature>
<Feature code="DISALLOW_NETWORK_RESET">
<Name>Disallow network reset</Name>
<Description>Allow or disallow network reset</Description>
</Feature>
<Feature code="DISALLOW_OUTGOING_BEAM">
<Name>Disallow outgoing beam</Name>
<Description>Allow or disallow outgoing beam</Description>
</Feature>
<Feature code="DISALLOW_OUTGOING_CALLS">
<Name>Disallow outgoing calls</Name>
<Description>Allow or disallow outgoing calls</Description>
</Feature>
<Feature code="DISALLOW_REMOVE_USER">
<Name>Disallow remove users</Name>
<Description>Allow or disallow remove users</Description>
</Feature>
<Feature code="DISALLOW_SAFE_BOOT">
<Name>Disallow safe boot</Name>
<Description>Allow or disallow safe boot</Description>
</Feature>
<Feature code="DISALLOW_SHARE_LOCATION">
<Name>Disallow share location</Name>
<Description>Allow or disallow share location</Description>
</Feature>
<Feature code="DISALLOW_SMS">
<Name>Disallow sms</Name>
<Description>Allow or disallow sms</Description>
</Feature>
<Feature code="DISALLOW_UNINSTALL_APPS">
<Name>Disallow uninstall app</Name>
<Description>Allow or disallow uninstall app</Description>
</Feature>
<Feature code="DISALLOW_UNMUTE_MICROPHONE">
<Name>Disallow unmute mic</Name>
<Description>Allow or disallow unmute mic</Description>
</Feature>
<Feature code="DISALLOW_USB_FILE_TRANSFER">
<Name>Disallow usb file transfer</Name>
<Description>Allow or disallow usb file transfer</Description>
</Feature>
<Feature code="ALLOW_PARENT_PROFILE_APP_LINKING">
<Name>Disallow parent profile app linking</Name>
<Description>Allow or disallow parent profile app linking</Description>
</Feature>
<Feature code="ENSURE_VERIFY_APPS">
<Name>Disallow ensure verify apps</Name>
<Description>Allow or disallow ensure verify apps</Description>
</Feature>
<Feature code="AUTO_TIME">
<Name>Disallow auto timing</Name>
<Description>Allow or disallow auto timing</Description>
</Feature>
<Feature code="REMOVE_DEVICE_OWNER">
<Name>Remove device owner</Name>
<Description>Remove device owner</Description>
</Feature>
<Feature code="LOGCAT">
<Name>Fetch device logcat</Name>
<Description>Fetch device logcat</Description>
</Feature>
<Feature code="DEVICE_UNLOCK">
<Name>Unlock the device</Name>
<Description>Unlock the device</Description>
</Feature>
</Features>
<TaskConfiguration>
<Enable>true</Enable>
<Frequency>60000</Frequency>
<Operations>
<Operation>
<Name>DEVICE_INFO</Name>
<RecurrentTimes>1</RecurrentTimes>
</Operation>
<Operation>
<Name>APPLICATION_LIST</Name>
<RecurrentTimes>5</RecurrentTimes>
</Operation>
<Operation>
<Name>DEVICE_LOCATION</Name>
<RecurrentTimes>1</RecurrentTimes>
</Operation>
</Operations>
</TaskConfiguration>
<PolicyMonitoring enabled="true"/>
<InitialOperationConfig>
<Operations>
<Operation>DEVICE_INFO</Operation>
<Operation>APPLICATION_LIST</Operation>
<Operation>DEVICE_LOCATION</Operation>
</Operations>
</InitialOperationConfig>
<!--This configures the Task service for the android device-type. Given below are the property definitions.
<RequireStatusMonitoring> - This will enable or disable status monitoring for that particular device-type.
<Frequency> - The time interval (in seconds) in which the task should run for this device-type
<IdleTimeToMarkInactive> - The time duration (in seconds) in which the device can be moved to inactive status
which means the device will be moved to inactive status if that device does not
contact the server within that time period. Better to have a multiplier of Frequency.
<IdleTimeToMarkUnreachable> - The time duration (in seconds) in which the device can be moved to unreachable status
which means the device will be moved to unreachable status if that device does not
contact the server within that time period. Better to have a multiplier of Frequency.
-->
<DeviceStatusTaskConfig>
<RequireStatusMonitoring>true</RequireStatusMonitoring>
<Frequency>300</Frequency>
<IdleTimeToMarkInactive>900</IdleTimeToMarkInactive>
<IdleTimeToMarkUnreachable>600</IdleTimeToMarkUnreachable>
</DeviceStatusTaskConfig>
</DeviceTypeConfiguration>

@ -0,0 +1,34 @@
#
# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
#
# WSO2 Inc. licenses this file to you under the Apache License,
# Version 2.0 (the "License"); you may not use this file except
# in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
#
# This is the log4j configuration file used by WSO2 Carbon
#
# IMPORTANT : Please do not remove or change the names of any
# of the Appender defined here. The layout pattern & log file
# can be changed using the WSO2 Carbon Management Console, and those
# settings will override the settings in this file.
#
log4j.rootLogger=DEBUG, STD_OUT
# Redirect log messages to console
log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
log4j.appender.STD_OUT.Target=System.out
log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n

@ -0,0 +1,656 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
~ Copyright 2005-2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!--
This is the main server configuration file
${carbon.home} represents the carbon.home system property.
Other system properties can be specified in a similar manner.
-->
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
<!--
Product Name
-->
<Name>${product.name}</Name>
<!--
machine readable unique key to identify each product
-->
<ServerKey>${product.key}</ServerKey>
<!--
Product Version
-->
<Version>${product.version}</Version>
<!--
Host name or IP address of the machine hosting this server
e.g. www.wso2.org, 192.168.1.10
This is will become part of the End Point Reference of the
services deployed on this server instance.
-->
<!--HostName>www.wso2.org</HostName-->
<!--
Host name to be used for the Carbon management console
-->
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
<!--
The URL of the back end server. This is where the admin services are hosted and
will be used by the clients in the front end server.
This is required only for the Front-end server. This is used when seperating BE server from FE server
-->
<ServerURL>local:/${carbon.context}/services/</ServerURL>
<!--
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
-->
<!--
The URL of the index page. This is where the user will be redirected after signing in to the
carbon server.
-->
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
<!--
For cApp deployment, we have to identify the roles that can be acted by the current server.
The following property is used for that purpose. Any number of roles can be defined here.
Regular expressions can be used in the role.
Ex : <Role>.*</Role> means this server can act any role
-->
<ServerRoles>
<Role>${default.server.role}</Role>
</ServerRoles>
<!-- uncommnet this line to subscribe to a bam instance automatically -->
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
<!--
The fully qualified name of the server
-->
<Package>org.wso2.carbon</Package>
<!--
Webapp context root of WSO2 Carbon management console.
-->
<WebContextRoot>/</WebContextRoot>
<!--
Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
URL of the Carbon server -> https://10.100.1.1:9443/carbon
URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
appserver - proxy context path. This specially required whenever you are generating URLs to displace in
Carbon UI components.
-->
<!--
<MgtProxyContextPath></MgtProxyContextPath>
<ProxyContextPath></ProxyContextPath>
-->
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
<!--RegistryHttpPort>9763</RegistryHttpPort-->
<!--
Number of items to be displayed on a management console page. This is used at the
backend server for pagination of various items.
-->
<ItemsPerPage>15</ItemsPerPage>
<!-- The endpoint URL of the cloud instance management Web service -->
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
<!--
Ports used by this server
-->
<Ports>
<!-- Ports offset. This entry will set the value of the ports defined below to
the define value + Offset.
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
-->
<Offset>0</Offset>
<!-- The JMX Ports -->
<JMX>
<!--The port RMI registry is exposed-->
<RMIRegistryPort>9999</RMIRegistryPort>
<!--The port RMI server should be exposed-->
<RMIServerPort>11111</RMIServerPort>
</JMX>
<!-- Embedded LDAP server specific ports -->
<EmbeddedLDAP>
<!-- Port which embedded LDAP server runs -->
<LDAPServerPort>10389</LDAPServerPort>
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
<KDCServerPort>8000</KDCServerPort>
</EmbeddedLDAP>
<!--
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
-->
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
<!--Override receive port of thrift based entitlement service.-->
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
</Ports>
<!--
JNDI Configuration
-->
<JNDI>
<!--
The fully qualified name of the default initial context factory
-->
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
<!--
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
-->
<Restrictions>
<!--
Contexts that will be available only to the super-tenant
-->
<!-- <SuperTenantOnly>
<UrlContexts>
<UrlContext>
<Scheme>foo</Scheme>
</UrlContext>
<UrlContext>
<Scheme>bar</Scheme>
</UrlContext>
</UrlContexts>
</SuperTenantOnly> -->
<!--
Contexts that are common to all tenants
-->
<AllTenants>
<UrlContexts>
<UrlContext>
<Scheme>java</Scheme>
</UrlContext>
<!-- <UrlContext>
<Scheme>foo</Scheme>
</UrlContext> -->
</UrlContexts>
</AllTenants>
<!--
All other contexts not mentioned above will be available on a per-tenant basis
(i.e. will not be shared among tenants)
-->
</Restrictions>
</JNDI>
<!--
Property to determine if the server is running an a cloud deployment environment.
This property should only be used to determine deployment specific details that are
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
-->
<IsCloudDeployment>false</IsCloudDeployment>
<!--
Property to determine whether usage data should be collected for metering purposes
-->
<EnableMetering>false</EnableMetering>
<!-- The Max time a thread should take for execution in seconds -->
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
<!--
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
because the Ghost Deployer works only with the HTTP/S transports. If you are using
other transports, don't enable Ghost Deployer.
-->
<GhostDeployment>
<Enabled>false</Enabled>
</GhostDeployment>
<!--
Eager loading or lazy loading is a design pattern commonly used in computer programming which
will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
load tenant when a request is received only. Similarly Eager loading is used to enable load
existing tenants after carbon server starts up. Using this feature, you will be able to include
or exclude tenants which are to be loaded when server startup.
We can enable only one LoadingPolicy at a given time.
1. Tenant Lazy Loading
This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
server startup, but loaded based on-demand (i.e when a request is received for a tenant).
The default tenant idle time is 30 minutes.
2. Tenant Eager Loading
This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
The eager loading configurations supported are as below. These configurations can be given as the
value for <Include> element with eager loading.
(i)Load all tenants when server startup - *
(ii)Load all tenants except foo.com & bar.com - *,!foo.com,!bar.com
(iii)Load only foo.com & bar.com to be included - foo.com,bar.com
-->
<Tenant>
<LoadingPolicy>
<LazyLoading>
<IdleTime>30</IdleTime>
</LazyLoading>
<!-- <EagerLoading>
<Include>*,!foo.com,!bar.com</Include>
</EagerLoading>-->
</LoadingPolicy>
</Tenant>
<!--
Caching related configurations
-->
<Cache>
<!-- Default cache timeout in minutes -->
<DefaultCacheTimeout>15</DefaultCacheTimeout>
</Cache>
<!--
Axis2 related configurations
-->
<Axis2Config>
<!--
Location of the Axis2 Services & Modules repository
This can be a directory in the local file system, or a URL.
e.g.
1. /home/wso2wsas/repository/ - An absolute path
2. repository - In this case, the path is relative to CARBON_HOME
3. file:///home/wso2wsas/repository/
4. http://wso2wsas/repository/
-->
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
<!--
Deployment update interval in seconds. This is the interval between repository listener
executions.
-->
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
<!--
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
This can be a file on the local file system, or a URL
e.g.
1. /home/repository/axis2.xml - An absolute path
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
3. file:///home/carbon/repository/axis2.xml
4. http://repository/conf/axis2.xml
-->
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
<!--
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
for multiple clients which are going to access the same ServiceGroupContext
Default Value is 30 Sec.
-->
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
<!--
This repository location is used to crete the client side configuration
context used by the server when calling admin services.
-->
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
<!-- This axis2 xml is used in createing the configuration context by the FE server
calling to BE server -->
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
<!--HttpAdminServices>*</HttpAdminServices-->
</Axis2Config>
<!--
The default user roles which will be created when the server
is started up for the first time.
-->
<ServiceUserRoles>
<Role>
<Name>admin</Name>
<Description>Default Administrator Role</Description>
</Role>
<Role>
<Name>user</Name>
<Description>Default User Role</Description>
</Role>
</ServiceUserRoles>
<!--
Enable following config to allow Emails as usernames.
-->
<!--EnableEmailUserName>true</EnableEmailUserName-->
<!--
Security configurations
-->
<Security>
<!--
KeyStore which will be used for encrypting/decrypting passwords
and other sensitive information.
-->
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>wso2carbon</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>
<!--
System wide trust-store which is used to maintain the certificates of all
the trusted parties.
-->
<TrustStore>
<!-- trust-store file location -->
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
<!-- trust-store type (JKS/PKCS12 etc.) -->
<Type>JKS</Type>
<!-- trust-store password -->
<Password>wso2carbon</Password>
</TrustStore>
<!--
The Authenticator configuration to be used at the JVM level. We extend the
java.net.Authenticator to make it possible to authenticate to given servers and
proxies.
-->
<NetworkAuthenticatorConfig>
<!--
Below is a sample configuration for a single authenticator. Please note that
all child elements are mandatory. Not having some child elements would lead to
exceptions at runtime.
-->
<!-- <Credential> -->
<!--
the pattern that would match a subset of URLs for which this authenticator
would be used
-->
<!-- <Pattern>regularExpression</Pattern> -->
<!--
the type of this authenticator. Allowed values are:
1. server
2. proxy
-->
<!-- <Type>proxy</Type> -->
<!-- the username used to log in to server/proxy -->
<!-- <Username>username</Username> -->
<!-- the password used to log in to server/proxy -->
<!-- <Password>password</Password> -->
<!-- </Credential> -->
</NetworkAuthenticatorConfig>
<!--
The Tomcat realm to be used for hosted Web applications. Allowed values are;
1. UserManager
2. Memory
If this is set to 'UserManager', the realm will pick users & roles from the system's
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
-->
<TomcatRealm>UserManager</TomcatRealm>
<!--Option to disable storing of tokens issued by STS-->
<DisableTokenStore>false</DisableTokenStore>
<!--
Security token store class name. If this is not set, default class will be
org.wso2.carbon.security.util.SecurityTokenStore
-->
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
</Security>
<!--
The temporary work directory
-->
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
<!--
House-keeping configuration
-->
<HouseKeeping>
<!--
true - Start House-keeping thread on server startup
false - Do not start House-keeping thread on server startup.
The user will run it manually as and when he wishes.
-->
<AutoStart>true</AutoStart>
<!--
The interval in *minutes*, between house-keeping runs
-->
<Interval>10</Interval>
<!--
The maximum time in *minutes*, temp files are allowed to live
in the system. Files/directories which were modified more than
"MaxTempFileLifetime" minutes ago will be removed by the
house-keeping task
-->
<MaxTempFileLifetime>30</MaxTempFileLifetime>
</HouseKeeping>
<!--
Configuration for handling different types of file upload & other file uploading related
config parameters.
To map all actions to a particular FileUploadExecutor, use
<Action>*</Action>
-->
<FileUploadConfig>
<!--
The total file upload size limit in MB
-->
<TotalFileSizeLimit>100</TotalFileSizeLimit>
<Mapping>
<Actions>
<Action>keystore</Action>
<Action>certificate</Action>
<Action>*</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>jarZip</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>dbs</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>tools</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
</Mapping>
<Mapping>
<Actions>
<Action>toolsAny</Action>
</Actions>
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
</Mapping>
</FileUploadConfig>
<!--
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
In order to plug in a processor to handle a special request, simply add an entry to this
section.
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
which needs special processing
The value of the Class element is a class which implements
org.wso2.carbon.transport.HttpGetRequestProcessor
-->
<HttpGetRequestProcessors>
<Processor>
<Item>info</Item>
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
</Processor>
<Processor>
<Item>wsdl</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
</Processor>
<Processor>
<Item>wsdl2</Item>
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
</Processor>
<Processor>
<Item>xsd</Item>
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
</Processor>
</HttpGetRequestProcessors>
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<DeploymentSynchronizer>
<Enabled>false</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
<RepositoryType>svn</RepositoryType>
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
<SvnUser>username</SvnUser>
<SvnPassword>password</SvnPassword>
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
</DeploymentSynchronizer>
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
In master nodes you need to set both AutoCommit and AutoCheckout to true
and in worker nodes set only AutoCheckout to true.
-->
<!--<DeploymentSynchronizer>
<Enabled>true</Enabled>
<AutoCommit>false</AutoCommit>
<AutoCheckout>true</AutoCheckout>
</DeploymentSynchronizer>-->
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
<!--<MediationConfig>
<LoadFromRegistry>false</LoadFromRegistry>
<SaveToFile>false</SaveToFile>
<Persistence>enabled</Persistence>
<RegistryPersistence>enabled</RegistryPersistence>
</MediationConfig>-->
<!--
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
This code will be run when the Carbon server is initialized
-->
<ServerInitializers>
<!--<Initializer></Initializer>-->
</ServerInitializers>
<!--
Indicates whether the Carbon Servlet is required by the system, and whether it should be
registered
-->
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
<!--
Carbon H2 OSGI Configuration
By default non of the servers start.
name="web" - Start the web server with the H2 Console
name="webPort" - The port (default: 8082)
name="webAllowOthers" - Allow other computers to connect
name="webSSL" - Use encrypted (HTTPS) connections
name="tcp" - Start the TCP server
name="tcpPort" - The port (default: 9092)
name="tcpAllowOthers" - Allow other computers to connect
name="tcpSSL" - Use encrypted (SSL) connections
name="pg" - Start the PG server
name="pgPort" - The port (default: 5435)
name="pgAllowOthers" - Allow other computers to connect
name="trace" - Print additional trace information; for all servers
name="baseDir" - The base directory for H2 databases; for all servers
-->
<!--H2DatabaseConfiguration>
<property name="web" />
<property name="webPort">8082</property>
<property name="webAllowOthers" />
<property name="webSSL" />
<property name="tcp" />
<property name="tcpPort">9092</property>
<property name="tcpAllowOthers" />
<property name="tcpSSL" />
<property name="pg" />
<property name="pgPort">5435</property>
<property name="pgAllowOthers" />
<property name="trace" />
<property name="baseDir">${carbon.home}</property>
</H2DatabaseConfiguration-->
<!--Disabling statistics reporter by default-->
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
<!-- Enable accessing Admin Console via HTTP -->
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
<!--
Default Feature Repository of WSO2 Carbon.
-->
<FeatureRepository>
<RepositoryName>default repository</RepositoryName>
<RepositoryURL>${p2.repo.url}</RepositoryURL>
</FeatureRepository>
<!--
Configure API Management
-->
<APIManagement>
<!--Uses the embedded API Manager by default. If you want to use an external
API Manager instance to manage APIs, configure below externalAPIManager-->
<Enabled>true</Enabled>
<!--Uncomment and configure API Gateway and
Publisher URLs to use external API Manager instance-->
<!--ExternalAPIManager>
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
</ExternalAPIManager-->
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
</APIManagement>
</Server>

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save