forked from community/device-mgt-core
Merge pull request #518 from geethkokila/mutual_ssl_feature
Adding gateway support for IOS device typerevert-70aa11f8
commit
dfcf72cae0
@ -0,0 +1,103 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ You may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
<parent>
|
||||||
|
<artifactId>apimgt-extensions</artifactId>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<version>2.0.6-SNAPSHOT</version>
|
||||||
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<artifactId>org.wso2.carbon.apimgt.handlers</artifactId>
|
||||||
|
<version>2.0.6-SNAPSHOT</version>
|
||||||
|
<packaging>bundle</packaging>
|
||||||
|
<name>WSO2 Carbon - API Security Handler Component</name>
|
||||||
|
<description>WSO2 Carbon - API Management Security Handler Module</description>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
|
||||||
|
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.logging</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.apache.synapse</groupId>
|
||||||
|
<artifactId>synapse-core</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.apache.ws.security.wso2</groupId>
|
||||||
|
<artifactId>wss4j</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.json.wso2</groupId>
|
||||||
|
<artifactId>json</artifactId>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.felix</groupId>
|
||||||
|
<artifactId>maven-scr-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.felix</groupId>
|
||||||
|
<artifactId>maven-bundle-plugin</artifactId>
|
||||||
|
<version>1.4.0</version>
|
||||||
|
<extensions>true</extensions>
|
||||||
|
<configuration>
|
||||||
|
<instructions>
|
||||||
|
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
|
||||||
|
<Bundle-Name>${project.artifactId}</Bundle-Name>
|
||||||
|
<Bundle-Version>${carbon.device.mgt.version}</Bundle-Version>
|
||||||
|
<Bundle-Description>WSO2 Carbon - API Security Handler Component</Bundle-Description>
|
||||||
|
<Import-Package>
|
||||||
|
org.apache.axiom.*,
|
||||||
|
javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional,
|
||||||
|
javax.xml.*,
|
||||||
|
org.apache.axis2.*,
|
||||||
|
org.apache.commons.*,
|
||||||
|
org.apache.http.*,
|
||||||
|
org.apache.http.util,
|
||||||
|
org.apache.ws.*;version="${org.apache.ws.security.wso2.version}",
|
||||||
|
org.json,
|
||||||
|
org.wso2.carbon.utils,
|
||||||
|
org.wso2.carbon.context,
|
||||||
|
com.google.gson,
|
||||||
|
org.w3c.dom,
|
||||||
|
org.apache.synapse,
|
||||||
|
org.apache.synapse.core.axis2,
|
||||||
|
org.apache.synapse.rest
|
||||||
|
</Import-Package>
|
||||||
|
</instructions>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
|
||||||
|
</project>
|
@ -0,0 +1,59 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers;
|
||||||
|
|
||||||
|
public class APIMCertificateMGTExcepton extends Exception{
|
||||||
|
|
||||||
|
private static final long serialVersionUID = -37676242646464497L;
|
||||||
|
|
||||||
|
private String errorMessage;
|
||||||
|
|
||||||
|
public String getErrorMessage() {
|
||||||
|
return errorMessage;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setErrorMessage(String errorMessage) {
|
||||||
|
this.errorMessage = errorMessage;
|
||||||
|
}
|
||||||
|
|
||||||
|
public APIMCertificateMGTExcepton(String msg, Exception nestedEx) {
|
||||||
|
super(msg, nestedEx);
|
||||||
|
setErrorMessage(msg);
|
||||||
|
}
|
||||||
|
|
||||||
|
public APIMCertificateMGTExcepton(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
setErrorMessage(message);
|
||||||
|
}
|
||||||
|
|
||||||
|
public APIMCertificateMGTExcepton(String msg) {
|
||||||
|
super(msg);
|
||||||
|
setErrorMessage(msg);
|
||||||
|
}
|
||||||
|
|
||||||
|
public APIMCertificateMGTExcepton() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
public APIMCertificateMGTExcepton(Throwable cause) {
|
||||||
|
super(cause);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,192 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers;
|
||||||
|
|
||||||
|
import com.google.gson.Gson;
|
||||||
|
import org.apache.axis2.context.MessageContext;
|
||||||
|
import org.apache.axis2.description.HandlerDescription;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.apache.synapse.core.axis2.Axis2MessageContext;
|
||||||
|
import org.apache.synapse.rest.AbstractHandler;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.beans.Certificate;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.beans.ValidationResponce;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.config.IOTServerConfiguration;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.utils.AuthConstants;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.utils.Utils;
|
||||||
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.net.URISyntaxException;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
public class AuthenticationHandler extends AbstractHandler {
|
||||||
|
private static final Log log = LogFactory.getLog(AuthenticationHandler.class);
|
||||||
|
private static HandlerDescription EMPTY_HANDLER_METADATA = new HandlerDescription("API Security Handler");
|
||||||
|
private HandlerDescription handlerDesc;
|
||||||
|
private RESTInvoker restInvoker;
|
||||||
|
|
||||||
|
private IOTServerConfiguration iotServerConfiguration;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setting up configurations at the constructor
|
||||||
|
*/
|
||||||
|
public AuthenticationHandler() {
|
||||||
|
log.info("Engaging API Security Handler..........");
|
||||||
|
restInvoker = new RESTInvoker();
|
||||||
|
this.handlerDesc = EMPTY_HANDLER_METADATA;
|
||||||
|
this.iotServerConfiguration = Utils.initConfig();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean handleRequest(org.apache.synapse.MessageContext messageContext) {
|
||||||
|
org.apache.axis2.context.MessageContext axisMC = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
|
||||||
|
|
||||||
|
String ctxPath = messageContext.getTo().getAddress().trim();
|
||||||
|
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Authentication handler invoked by: " + ctxPath);
|
||||||
|
}
|
||||||
|
Map<String, String> headers = (Map<String, String>) axisMC.getProperty(MessageContext.TRANSPORT_HEADERS);
|
||||||
|
try {
|
||||||
|
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||||
|
RESTResponse response;
|
||||||
|
if (headers.containsKey(AuthConstants.MDM_SIGNATURE)) {
|
||||||
|
|
||||||
|
String mdmSignature = headers.get(AuthConstants.MDM_SIGNATURE).toString();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify Cert:\n" + mdmSignature);
|
||||||
|
}
|
||||||
|
String accessToken = Utils.getAccessToken(iotServerConfiguration);
|
||||||
|
|
||||||
|
String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim());
|
||||||
|
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType);
|
||||||
|
|
||||||
|
Map<String, String> certVerifyHeaders = new HashMap<>();
|
||||||
|
certVerifyHeaders.put("Authorization", "Bearer " + accessToken);
|
||||||
|
certVerifyHeaders.put("Content-Type", "application/json");
|
||||||
|
|
||||||
|
Certificate certificate = new Certificate();
|
||||||
|
certificate.setPem(mdmSignature);
|
||||||
|
certificate.setTenantId(tenantId);
|
||||||
|
certificate.setSerial("");
|
||||||
|
|
||||||
|
Gson gson = new Gson();
|
||||||
|
String certVerifyContent = gson.toJson(certificate);
|
||||||
|
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
|
||||||
|
null, certVerifyContent);
|
||||||
|
|
||||||
|
String str = response.getContent();
|
||||||
|
if (str.contains("JWTToken")) {
|
||||||
|
ValidationResponce validationResponce = gson.fromJson(str, ValidationResponce.class);
|
||||||
|
// TODO: send the JWT token with user details.
|
||||||
|
// headers.put("X-JWT-Assertion", validationResponce.getJWTToken());
|
||||||
|
}
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify response:" + response.getContent());
|
||||||
|
log.debug("Response String : " + str);
|
||||||
|
}
|
||||||
|
|
||||||
|
} else if (headers.containsKey(AuthConstants.PROXY_MUTUAL_AUTH_HEADER)) {
|
||||||
|
String subjectDN = headers.get(AuthConstants.PROXY_MUTUAL_AUTH_HEADER).toString();
|
||||||
|
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify subject DN: " + subjectDN);
|
||||||
|
}
|
||||||
|
String accessToken = Utils.getAccessToken(iotServerConfiguration);
|
||||||
|
String deviceType = this.getDeviceType(messageContext.getTo().getAddress().trim());
|
||||||
|
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + deviceType);
|
||||||
|
Map<String, String> certVerifyHeaders = new HashMap<>();
|
||||||
|
certVerifyHeaders.put("Authorization", "Bearer " + accessToken);
|
||||||
|
certVerifyHeaders.put("Content-Type", "application/json");
|
||||||
|
Certificate certificate = new Certificate();
|
||||||
|
certificate.setPem(subjectDN);
|
||||||
|
certificate.setTenantId(tenantId);
|
||||||
|
certificate.setSerial(AuthConstants.PROXY_MUTUAL_AUTH_HEADER);
|
||||||
|
|
||||||
|
Gson gson = new Gson();
|
||||||
|
String certVerifyContent = gson.toJson(certificate);
|
||||||
|
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
|
||||||
|
null, certVerifyContent);
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify response:" + response.getContent());
|
||||||
|
}
|
||||||
|
} else if (headers.containsKey(AuthConstants.ENCODED_PEM)) {
|
||||||
|
String encodedPem = headers.get(AuthConstants.ENCODED_PEM).toString();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify Cert:\n" + encodedPem);
|
||||||
|
}
|
||||||
|
String accessToken = Utils.getAccessToken(iotServerConfiguration);
|
||||||
|
URI certVerifyUrl = new URI(iotServerConfiguration.getVerificationEndpoint() + "android");
|
||||||
|
Map<String, String> certVerifyHeaders = new HashMap<>();
|
||||||
|
certVerifyHeaders.put("Authorization", "Bearer " + accessToken);
|
||||||
|
certVerifyHeaders.put("Content-Type", "application/json");
|
||||||
|
|
||||||
|
Certificate certificate = new Certificate();
|
||||||
|
certificate.setPem(encodedPem);
|
||||||
|
certificate.setTenantId(tenantId);
|
||||||
|
certificate.setSerial("");
|
||||||
|
Gson gson = new Gson();
|
||||||
|
String certVerifyContent = gson.toJson(certificate);
|
||||||
|
response = restInvoker.invokePOST(certVerifyUrl, certVerifyHeaders, null,
|
||||||
|
null, certVerifyContent);
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Verify response:" + response.getContent());
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
log.warn("Unauthorized request for api: " + ctxPath);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (response != null && !response.getContent().contains("invalid")) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
log.warn("Unauthorized request for api: " + ctxPath);
|
||||||
|
return false;
|
||||||
|
} catch (IOException e) {
|
||||||
|
log.error("Error while processing certificate.", e);
|
||||||
|
return false;
|
||||||
|
} catch (URISyntaxException e) {
|
||||||
|
log.error("Error while processing certificate.", e);
|
||||||
|
return false;
|
||||||
|
} catch (APIMCertificateMGTExcepton e) {
|
||||||
|
log.error("Error while processing certificate.", e);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean handleResponse(org.apache.synapse.MessageContext messageContext) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// TODO : take this from the url.
|
||||||
|
private String getDeviceType(String url) {
|
||||||
|
if (url.contains("ios")) {
|
||||||
|
return "ios";
|
||||||
|
} else if (url.contains("android")) {
|
||||||
|
return "android";
|
||||||
|
} else return null;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,52 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers.beans;
|
||||||
|
|
||||||
|
public class Certificate {
|
||||||
|
|
||||||
|
private String pem;
|
||||||
|
private int tenantId;
|
||||||
|
private String serial;
|
||||||
|
|
||||||
|
public String getPem() {
|
||||||
|
return pem;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPem(String pem) {
|
||||||
|
this.pem = pem;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getTenantId() {
|
||||||
|
return tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTenantId(int tenantId) {
|
||||||
|
this.tenantId = tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getSerial() {
|
||||||
|
return serial;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setSerial(String serial) {
|
||||||
|
this.serial = serial;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,61 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers.beans;
|
||||||
|
|
||||||
|
public class DCR {
|
||||||
|
|
||||||
|
private String owner;
|
||||||
|
private String clientName;
|
||||||
|
private String grantType;
|
||||||
|
private String tokenScope;
|
||||||
|
|
||||||
|
public String getOwner() {
|
||||||
|
return owner;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setOwner(String owner) {
|
||||||
|
this.owner = owner;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getClientName() {
|
||||||
|
return clientName;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setClientName(String clientName) {
|
||||||
|
this.clientName = clientName;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getGrantType() {
|
||||||
|
return grantType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setGrantType(String grantType) {
|
||||||
|
this.grantType = grantType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getTokenScope() {
|
||||||
|
return tokenScope;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTokenScope(String tokenScope) {
|
||||||
|
this.tokenScope = tokenScope;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,61 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers.beans;
|
||||||
|
|
||||||
|
public class ValidationResponce {
|
||||||
|
|
||||||
|
private String JWTToken; // X-JWT-Assertion
|
||||||
|
private String deviceId;
|
||||||
|
private String deviceType;
|
||||||
|
private int tenantId;
|
||||||
|
|
||||||
|
public String getJWTToken() {
|
||||||
|
return JWTToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setJWTToken(String JWTToken) {
|
||||||
|
this.JWTToken = JWTToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getDeviceId() {
|
||||||
|
return deviceId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDeviceId(String deviceId) {
|
||||||
|
this.deviceId = deviceId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getDeviceType() {
|
||||||
|
return deviceType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDeviceType(String deviceType) {
|
||||||
|
this.deviceType = deviceType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getTenantId() {
|
||||||
|
return tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTenantId(int tenantId) {
|
||||||
|
this.tenantId = tenantId;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,118 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers.config;
|
||||||
|
|
||||||
|
import javax.xml.bind.annotation.XmlElement;
|
||||||
|
import javax.xml.bind.annotation.XmlElementWrapper;
|
||||||
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
import javax.xml.bind.annotation.XmlValue;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
@XmlRootElement(name = "ServerConfiguration")
|
||||||
|
public class IOTServerConfiguration {
|
||||||
|
|
||||||
|
private String hostname;
|
||||||
|
private String verificationEndpoint;
|
||||||
|
private String username;
|
||||||
|
private String password;
|
||||||
|
private String dynamicClientRegistrationEndpoint;
|
||||||
|
private String oauthTokenEndpoint;
|
||||||
|
private List<ContextPath> apis;
|
||||||
|
|
||||||
|
@XmlElement(name = "Hostname", required = true)
|
||||||
|
public String getHostname() {
|
||||||
|
return hostname;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setHostname(String hostname) {
|
||||||
|
this.hostname = hostname;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElement(name = "VerificationEndpoint", required = true)
|
||||||
|
public String getVerificationEndpoint() {
|
||||||
|
return verificationEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setVerificationEndpoint(String verificationEndpoint) {
|
||||||
|
this.verificationEndpoint = verificationEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElement(name = "Username", required = true)
|
||||||
|
public String getUsername() {
|
||||||
|
return username;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUsername(String username) {
|
||||||
|
this.username = username;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElement(name = "Password", required = true)
|
||||||
|
public String getPassword() {
|
||||||
|
return password;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPassword(String password) {
|
||||||
|
this.password = password;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElement(name = "DynamicClientRegistrationEndpoint", required = true)
|
||||||
|
public String getDynamicClientRegistrationEndpoint() {
|
||||||
|
return dynamicClientRegistrationEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDynamicClientRegistrationEndpoint(String dynamicClientRegistrationEndpoint) {
|
||||||
|
this.dynamicClientRegistrationEndpoint = dynamicClientRegistrationEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElement(name = "OauthTokenEndpoint", required = true)
|
||||||
|
public String getOauthTokenEndpoint() {
|
||||||
|
return oauthTokenEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setOauthTokenEndpoint(String oauthTokenEndpoint) {
|
||||||
|
this.oauthTokenEndpoint = oauthTokenEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlElementWrapper(name="APIS")
|
||||||
|
@XmlElement(name = "ContextPath", required = true)
|
||||||
|
public List<ContextPath> getApis() {
|
||||||
|
return apis;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setApis(List<ContextPath> apis) {
|
||||||
|
this.apis = apis;
|
||||||
|
}
|
||||||
|
|
||||||
|
@XmlRootElement(name = "ContextPath")
|
||||||
|
public static class ContextPath {
|
||||||
|
|
||||||
|
private String contextPath;
|
||||||
|
|
||||||
|
@XmlValue()
|
||||||
|
public String getContextPath() {
|
||||||
|
return contextPath;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setContextPath(String contextPath) {
|
||||||
|
this.contextPath = contextPath;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,26 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers.invoker;
|
||||||
|
|
||||||
|
public class RESTConstants {
|
||||||
|
static String REST_CLIENT_CONFIG_ELEMENT = "restClientConfiguration";
|
||||||
|
static String REST_CLIENT_MAX_TOTAL_CONNECTIONS = "maxTotalConnections";
|
||||||
|
static String REST_CLIENT_MAX_CONNECTIONS_PER_ROUTE = "maxConnectionsPerRoute";
|
||||||
|
static String REST_CLEINT_CONNECTION_TIMEOUT = "connectionTimeout";
|
||||||
|
static String REST_CLEINT_SOCKET_TIMEOUT = "socketTimeout";
|
||||||
|
}
|
@ -0,0 +1,350 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers.invoker;
|
||||||
|
|
||||||
|
import org.apache.axiom.om.OMElement;
|
||||||
|
import org.apache.axiom.om.util.AXIOMUtil;
|
||||||
|
import org.apache.commons.codec.binary.Base64;
|
||||||
|
import org.apache.commons.io.FileUtils;
|
||||||
|
import org.apache.commons.io.IOUtils;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.apache.http.Header;
|
||||||
|
import org.apache.http.client.config.RequestConfig;
|
||||||
|
import org.apache.http.client.methods.*;
|
||||||
|
import org.apache.http.entity.StringEntity;
|
||||||
|
import org.apache.http.impl.client.CloseableHttpClient;
|
||||||
|
import org.apache.http.impl.client.HttpClients;
|
||||||
|
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
|
||||||
|
import org.apache.http.util.EntityUtils;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.utils.AuthConstants;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.utils.CoreUtils;
|
||||||
|
import org.wso2.carbon.utils.CarbonUtils;
|
||||||
|
|
||||||
|
import javax.xml.namespace.QName;
|
||||||
|
import javax.xml.stream.XMLStreamException;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.Iterator;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
public class RESTInvoker {
|
||||||
|
|
||||||
|
private static final Log log = LogFactory.getLog(RESTInvoker.class);
|
||||||
|
|
||||||
|
private int maxTotalConnections = 100;
|
||||||
|
private int maxTotalConnectionsPerRoute = 100;
|
||||||
|
private int connectionTimeout = 120000;
|
||||||
|
private int socketTimeout = 120000;
|
||||||
|
|
||||||
|
private CloseableHttpClient client = null;
|
||||||
|
private PoolingHttpClientConnectionManager connectionManager = null;
|
||||||
|
|
||||||
|
public RESTInvoker() {
|
||||||
|
configureHttpClient();
|
||||||
|
}
|
||||||
|
|
||||||
|
// private void parseConfiguration() {
|
||||||
|
// String carbonConfigDirPath = CarbonUtils.getCarbonConfigDirPath();
|
||||||
|
// String apiFilterConfigPath = carbonConfigDirPath + File.separator +
|
||||||
|
// AuthConstants.AUTH_CONFIGURATION_FILE_NAME;
|
||||||
|
// File configFile = new File(apiFilterConfigPath);
|
||||||
|
//
|
||||||
|
// try {
|
||||||
|
// String configContent = FileUtils.readFileToString(configFile);
|
||||||
|
// OMElement configElement = AXIOMUtil.stringToOM(configContent);
|
||||||
|
// Iterator beans = configElement.getChildrenWithName(
|
||||||
|
// new QName("http://www.springframework.org/schema/beans", "bean"));
|
||||||
|
//
|
||||||
|
// while (beans.hasNext()) {
|
||||||
|
// OMElement bean = (OMElement) beans.next();
|
||||||
|
// String beanId = bean.getAttributeValue(new QName(null, "id"));
|
||||||
|
// if (beanId.equals(RESTConstants.REST_CLIENT_CONFIG_ELEMENT)) {
|
||||||
|
// Iterator beanProps = bean.getChildrenWithName(
|
||||||
|
// new QName("http://www.springframework.org/schema/beans", "property"));
|
||||||
|
//
|
||||||
|
// while (beanProps.hasNext()) {
|
||||||
|
// OMElement beanProp = (OMElement) beanProps.next();
|
||||||
|
// String beanName = beanProp.getAttributeValue(new QName(null, "name"));
|
||||||
|
// if (RESTConstants.REST_CLIENT_MAX_TOTAL_CONNECTIONS.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// if (value != null && !value.trim().equals("")) {
|
||||||
|
// maxTotalConnections = Integer.parseInt(value);
|
||||||
|
// }
|
||||||
|
// CoreUtils.debugLog(log, "Max total http connections ", maxTotalConnections);
|
||||||
|
// } else if (RESTConstants.REST_CLIENT_MAX_CONNECTIONS_PER_ROUTE.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// if (value != null && !value.trim().equals("")) {
|
||||||
|
// maxTotalConnectionsPerRoute = Integer.parseInt(value);
|
||||||
|
// }
|
||||||
|
// CoreUtils.debugLog(log, "Max total client connections per route ", maxTotalConnectionsPerRoute);
|
||||||
|
// } else if (RESTConstants.REST_CLEINT_CONNECTION_TIMEOUT.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// if (value != null && !value.trim().equals("")) {
|
||||||
|
// connectionTimeout = Integer.parseInt(value);
|
||||||
|
// }
|
||||||
|
// } else if (RESTConstants.REST_CLEINT_SOCKET_TIMEOUT.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// if (value != null && !value.trim().equals("")) {
|
||||||
|
// socketTimeout = Integer.parseInt(value);
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// } catch (XMLStreamException e) {
|
||||||
|
// log.error("Error in processing http connection settings, using default settings", e);
|
||||||
|
// } catch (IOException e) {
|
||||||
|
// log.error("Error in processing http connection settings, using default settings", e);
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
|
||||||
|
private void configureHttpClient() {
|
||||||
|
|
||||||
|
// parseConfiguration();
|
||||||
|
|
||||||
|
RequestConfig defaultRequestConfig = RequestConfig.custom()
|
||||||
|
.setExpectContinueEnabled(true)
|
||||||
|
.setConnectTimeout(connectionTimeout)
|
||||||
|
.setSocketTimeout(socketTimeout)
|
||||||
|
.build();
|
||||||
|
|
||||||
|
connectionManager = new PoolingHttpClientConnectionManager();
|
||||||
|
connectionManager.setDefaultMaxPerRoute(maxTotalConnectionsPerRoute);
|
||||||
|
connectionManager.setMaxTotal(maxTotalConnections);
|
||||||
|
client = HttpClients.custom()
|
||||||
|
.setConnectionManager(connectionManager)
|
||||||
|
.setDefaultRequestConfig(defaultRequestConfig)
|
||||||
|
.build();
|
||||||
|
|
||||||
|
if(log.isDebugEnabled()){
|
||||||
|
log.debug("REST client initialized with " +
|
||||||
|
"maxTotalConnection = " + maxTotalConnections +
|
||||||
|
"maxConnectionsPerRoute = " + maxTotalConnectionsPerRoute +
|
||||||
|
"connectionTimeout = " + connectionTimeout);
|
||||||
|
}
|
||||||
|
//
|
||||||
|
// CoreUtils.debugLog(log, "REST client initialized with ",
|
||||||
|
// "maxTotalConnection = ", maxTotalConnections,
|
||||||
|
// "maxConnectionsPerRoute = ", maxTotalConnectionsPerRoute,
|
||||||
|
// "connectionTimeout = ", connectionTimeout);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void closeHttpClient() {
|
||||||
|
IOUtils.closeQuietly(client);
|
||||||
|
IOUtils.closeQuietly(connectionManager);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Invokes the http GET method
|
||||||
|
*
|
||||||
|
* @param uri endpoint/service url
|
||||||
|
* @param requestHeaders header list
|
||||||
|
* @param username username for authentication
|
||||||
|
* @param password password for authentication
|
||||||
|
* @return RESTResponse of the GET request (can be the response body or the response status code)
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public RESTResponse invokeGET(URI uri, Map<String, String> requestHeaders, String username, String password) throws IOException {
|
||||||
|
|
||||||
|
HttpGet httpGet = null;
|
||||||
|
CloseableHttpResponse response = null;
|
||||||
|
Header[] headers;
|
||||||
|
int httpStatus;
|
||||||
|
String contentType;
|
||||||
|
String output;
|
||||||
|
try {
|
||||||
|
httpGet = new HttpGet(uri);
|
||||||
|
if (requestHeaders != null && !requestHeaders.isEmpty()) {
|
||||||
|
Object keys[] = requestHeaders.keySet().toArray();
|
||||||
|
for (Object header : keys) {
|
||||||
|
httpGet.setHeader(header.toString(), requestHeaders.get(header).toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
response = sendReceiveRequest(httpGet, username, password);
|
||||||
|
output = IOUtils.toString(response.getEntity().getContent());
|
||||||
|
headers = response.getAllHeaders();
|
||||||
|
httpStatus = response.getStatusLine().getStatusCode();
|
||||||
|
contentType = response.getEntity().getContentType().getValue();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Invoked GET " + uri.toString() + " - Response message: " + output);
|
||||||
|
}
|
||||||
|
EntityUtils.consume(response.getEntity());
|
||||||
|
} finally {
|
||||||
|
if (response != null) {
|
||||||
|
IOUtils.closeQuietly(response);
|
||||||
|
}
|
||||||
|
if (httpGet != null) {
|
||||||
|
httpGet.releaseConnection();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return new RESTResponse(contentType, output, headers, httpStatus);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public RESTResponse invokePOST(URI uri, Map<String, String> requestHeaders, String username,
|
||||||
|
String password, String payload) throws IOException {
|
||||||
|
|
||||||
|
HttpPost httpPost = null;
|
||||||
|
CloseableHttpResponse response = null;
|
||||||
|
Header[] headers;
|
||||||
|
int httpStatus;
|
||||||
|
String contentType;
|
||||||
|
String output;
|
||||||
|
try {
|
||||||
|
httpPost = new HttpPost(uri);
|
||||||
|
httpPost.setEntity(new StringEntity(payload));
|
||||||
|
if (requestHeaders != null && !requestHeaders.isEmpty()) {
|
||||||
|
Object keys[] = requestHeaders.keySet().toArray();
|
||||||
|
for (Object header : keys) {
|
||||||
|
httpPost.setHeader(header.toString(), requestHeaders.get(header).toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
response = sendReceiveRequest(httpPost, username, password);
|
||||||
|
output = IOUtils.toString(response.getEntity().getContent());
|
||||||
|
headers = response.getAllHeaders();
|
||||||
|
httpStatus = response.getStatusLine().getStatusCode();
|
||||||
|
contentType = response.getEntity().getContentType().getValue();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Invoked POST " + uri.toString() +
|
||||||
|
" - Input payload: " + payload + " - Response message: " + output);
|
||||||
|
}
|
||||||
|
EntityUtils.consume(response.getEntity());
|
||||||
|
} finally {
|
||||||
|
if (response != null) {
|
||||||
|
IOUtils.closeQuietly(response);
|
||||||
|
}
|
||||||
|
if (httpPost != null) {
|
||||||
|
httpPost.releaseConnection();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return new RESTResponse(contentType, output, headers, httpStatus);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Invokes the http PUT method
|
||||||
|
*
|
||||||
|
* @param uri endpoint/service url
|
||||||
|
* @param requestHeaders header list
|
||||||
|
* @param username username for authentication
|
||||||
|
* @param password password for authentication
|
||||||
|
* @param payload payload body passed
|
||||||
|
* @return RESTResponse of the PUT request (can be the response body or the response status code)
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public RESTResponse invokePUT(URI uri, Map<String, String> requestHeaders, String username, String password,
|
||||||
|
String payload) throws IOException {
|
||||||
|
|
||||||
|
HttpPut httpPut = null;
|
||||||
|
CloseableHttpResponse response = null;
|
||||||
|
Header[] headers;
|
||||||
|
int httpStatus;
|
||||||
|
String contentType;
|
||||||
|
String output;
|
||||||
|
try {
|
||||||
|
httpPut = new HttpPut(uri);
|
||||||
|
httpPut.setEntity(new StringEntity(payload));
|
||||||
|
if (requestHeaders != null && !requestHeaders.isEmpty()) {
|
||||||
|
Object keys[] = requestHeaders.keySet().toArray();
|
||||||
|
for (Object header : keys) {
|
||||||
|
httpPut.setHeader(header.toString(), requestHeaders.get(header).toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
response = sendReceiveRequest(httpPut, username, password);
|
||||||
|
output = IOUtils.toString(response.getEntity().getContent());
|
||||||
|
headers = response.getAllHeaders();
|
||||||
|
httpStatus = response.getStatusLine().getStatusCode();
|
||||||
|
contentType = response.getEntity().getContentType().getValue();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Invoked PUT " + uri.toString() + " - Response message: " + output);
|
||||||
|
}
|
||||||
|
EntityUtils.consume(response.getEntity());
|
||||||
|
} finally {
|
||||||
|
if (response != null) {
|
||||||
|
IOUtils.closeQuietly(response);
|
||||||
|
}
|
||||||
|
if (httpPut != null) {
|
||||||
|
httpPut.releaseConnection();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return new RESTResponse(contentType, output, headers, httpStatus);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Invokes the http DELETE method
|
||||||
|
*
|
||||||
|
* @param uri endpoint/service url
|
||||||
|
* @param requestHeaders header list
|
||||||
|
* @param username username for authentication
|
||||||
|
* @param password password for authentication
|
||||||
|
* @return RESTResponse of the DELETE (can be the response status code or the response body)
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public RESTResponse invokeDELETE(URI uri, Map<String, String> requestHeaders, String username, String password) throws IOException {
|
||||||
|
|
||||||
|
HttpDelete httpDelete = null;
|
||||||
|
CloseableHttpResponse response = null;
|
||||||
|
Header[] headers;
|
||||||
|
int httpStatus;
|
||||||
|
String contentType;
|
||||||
|
String output;
|
||||||
|
try {
|
||||||
|
httpDelete = new HttpDelete(uri);
|
||||||
|
if (requestHeaders != null && !requestHeaders.isEmpty()) {
|
||||||
|
Object keys[] = requestHeaders.keySet().toArray();
|
||||||
|
for (Object header : keys) {
|
||||||
|
httpDelete.setHeader(header.toString(), requestHeaders.get(header).toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
response = sendReceiveRequest(httpDelete, username, password);
|
||||||
|
output = IOUtils.toString(response.getEntity().getContent());
|
||||||
|
headers = response.getAllHeaders();
|
||||||
|
httpStatus = response.getStatusLine().getStatusCode();
|
||||||
|
contentType = response.getEntity().getContentType().getValue();
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Invoked DELETE " + uri.toString() + " - Response message: " + output);
|
||||||
|
}
|
||||||
|
EntityUtils.consume(response.getEntity());
|
||||||
|
} finally {
|
||||||
|
if (response != null) {
|
||||||
|
IOUtils.closeQuietly(response);
|
||||||
|
}
|
||||||
|
if (httpDelete != null) {
|
||||||
|
httpDelete.releaseConnection();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return new RESTResponse(contentType, output, headers, httpStatus);
|
||||||
|
}
|
||||||
|
|
||||||
|
private CloseableHttpResponse sendReceiveRequest(HttpRequestBase requestBase, String username, String password)
|
||||||
|
throws IOException {
|
||||||
|
CloseableHttpResponse response;
|
||||||
|
if (username != null && !username.equals("") && password != null) {
|
||||||
|
String combinedCredentials = username + ":" + password;
|
||||||
|
byte[] encodedCredentials = Base64.encodeBase64(combinedCredentials.getBytes(StandardCharsets.UTF_8));
|
||||||
|
requestBase.addHeader("Authorization", "Basic " + new String(encodedCredentials));
|
||||||
|
|
||||||
|
response = client.execute(requestBase);
|
||||||
|
} else {
|
||||||
|
response = client.execute(requestBase);
|
||||||
|
}
|
||||||
|
return response;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,81 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers.invoker;
|
||||||
|
|
||||||
|
import org.apache.http.Header;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* RESTResponse class holds the data retrieved from the HTTP invoke response.
|
||||||
|
*/
|
||||||
|
public class RESTResponse {
|
||||||
|
private String contentType;
|
||||||
|
private String content;
|
||||||
|
private Header[] headers;
|
||||||
|
private int httpStatus;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructor
|
||||||
|
*
|
||||||
|
* @param contentType from the REST invoke response
|
||||||
|
* @param content from the REST invoke response
|
||||||
|
* @param headers from the REST invoke response
|
||||||
|
* @param httpStatus from the REST invoke response
|
||||||
|
*/
|
||||||
|
public RESTResponse(String contentType, String content, Header[] headers, int httpStatus) {
|
||||||
|
this.contentType = contentType;
|
||||||
|
this.content = content;
|
||||||
|
this.headers = headers;
|
||||||
|
this.httpStatus = httpStatus;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the content type of the EST invoke response
|
||||||
|
*
|
||||||
|
* @return String content type of the response
|
||||||
|
*/
|
||||||
|
public String getContentType() {
|
||||||
|
return contentType;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get contents of the REST invoke response
|
||||||
|
*
|
||||||
|
* @return contents of the REST invoke response
|
||||||
|
*/
|
||||||
|
public String getContent() {
|
||||||
|
return content;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get headers of the REST invoke response
|
||||||
|
*
|
||||||
|
* @return headers of the REST invoke response
|
||||||
|
*/
|
||||||
|
public Header[] getHeaders() {
|
||||||
|
return headers;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the HTTP Status code from REST invoke response
|
||||||
|
*
|
||||||
|
* @return int HTTP status code
|
||||||
|
*/
|
||||||
|
public int getHttpStatus() {
|
||||||
|
return httpStatus;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,36 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers.utils;
|
||||||
|
|
||||||
|
public class AuthConstants {
|
||||||
|
public static final String SEC_FAULT = "SECURITY_VALIDATION_FAILURE";
|
||||||
|
public static final String HTTPS = "https";
|
||||||
|
public static final String WSSE = "wsse";
|
||||||
|
public static final String AUTH_CONFIGURATION_FILE_NAME = "api-filter-config.xml";
|
||||||
|
public static final String API_FILTER_CONFIG_ELEMENT = "apiFilterConfig";
|
||||||
|
public static final String API_LIST_PROPERTY = "apiList";
|
||||||
|
public static final String HOST = "host";
|
||||||
|
public static final String HTTPS_PORT = "httpsPort";
|
||||||
|
public static final String USERNAME = "username";
|
||||||
|
public static final String PASSWORD = "password";
|
||||||
|
public static final String IOS_VERIFY_ENDPOINT = "ios-verify-endpoint";
|
||||||
|
public static final String ANDROID_VERIFY_ENDPOINT = "android-verify-endpoint";
|
||||||
|
public static final String MDM_SIGNATURE = "mdm-signature";
|
||||||
|
public static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header";
|
||||||
|
public static final String ENCODED_PEM = "encoded-pem";
|
||||||
|
}
|
@ -0,0 +1,156 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.wso2.carbon.apimgt.handlers.utils;
|
||||||
|
|
||||||
|
import org.apache.axiom.om.OMElement;
|
||||||
|
import org.apache.axiom.om.util.AXIOMUtil;
|
||||||
|
import org.apache.commons.io.FileUtils;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.wso2.carbon.utils.CarbonUtils;
|
||||||
|
|
||||||
|
import javax.xml.namespace.QName;
|
||||||
|
import javax.xml.stream.XMLStreamException;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Iterator;
|
||||||
|
|
||||||
|
public class CoreUtils {
|
||||||
|
private static final Log log = LogFactory.getLog(CoreUtils.class);
|
||||||
|
private static String host = "localhost";
|
||||||
|
private static int httpsPort = 9443;
|
||||||
|
private static String username = "admin";
|
||||||
|
private static String password = "admin";
|
||||||
|
private static String iosVerifyEndpoint = "/api/certificate-mgt/v1.0/admin/certificates/verify/ios";
|
||||||
|
private static String androidVerifyEndpoint = "/api/certificate-mgt/v1.0/admin/certificates/verify/android";
|
||||||
|
|
||||||
|
// /**
|
||||||
|
// * Reading configurations from api-filter-config.xml file
|
||||||
|
// *
|
||||||
|
// * @return ArrayList of api contexts
|
||||||
|
// */
|
||||||
|
// public static ArrayList<String> readApiFilterList() {
|
||||||
|
// ArrayList<String> apiList = new ArrayList<String>();
|
||||||
|
// String carbonConfigDirPath = CarbonUtils.getCarbonConfigDirPath();
|
||||||
|
// String apiFilterConfigPath = carbonConfigDirPath + File.separator +
|
||||||
|
// AuthConstants.AUTH_CONFIGURATION_FILE_NAME;
|
||||||
|
// File configFile = new File(apiFilterConfigPath);
|
||||||
|
//
|
||||||
|
// try {
|
||||||
|
// String configContent = FileUtils.readFileToString(configFile);
|
||||||
|
// OMElement configElement = AXIOMUtil.stringToOM(configContent);
|
||||||
|
// Iterator beans = configElement.getChildrenWithName(
|
||||||
|
// new QName("http://www.springframework.org/schema/beans", "bean"));
|
||||||
|
//
|
||||||
|
// while (beans.hasNext()) {
|
||||||
|
// OMElement bean = (OMElement) beans.next();
|
||||||
|
// String beanId = bean.getAttributeValue(new QName(null, "id"));
|
||||||
|
// if (beanId.equals(AuthConstants.API_FILTER_CONFIG_ELEMENT)) {
|
||||||
|
// Iterator beanProps = bean.getChildrenWithName(
|
||||||
|
// new QName("http://www.springframework.org/schema/beans", "property"));
|
||||||
|
//
|
||||||
|
// while (beanProps.hasNext()) {
|
||||||
|
// OMElement beanProp = (OMElement) beanProps.next();
|
||||||
|
// String beanName = beanProp.getAttributeValue(new QName(null, "name"));
|
||||||
|
// if (AuthConstants.API_LIST_PROPERTY.equals(beanName)) {
|
||||||
|
// Iterator apiListSet = ((OMElement) beanProp.getChildrenWithLocalName("set").next())
|
||||||
|
// .getChildrenWithLocalName("value");
|
||||||
|
// while (apiListSet.hasNext()) {
|
||||||
|
// String apiContext = ((OMElement) apiListSet.next()).getText();
|
||||||
|
// apiList.add(apiContext);
|
||||||
|
// CoreUtils.debugLog(log, "Adding security to api: ", apiContext);
|
||||||
|
// }
|
||||||
|
// } else if (AuthConstants.HOST.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// host = value;
|
||||||
|
// } else if (AuthConstants.HTTPS_PORT.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// if (value != null && !value.trim().equals("")) {
|
||||||
|
// httpsPort = Integer.parseInt(value);
|
||||||
|
// }
|
||||||
|
// } else if (AuthConstants.USERNAME.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// username = value;
|
||||||
|
// } else if (AuthConstants.PASSWORD.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// password = value;
|
||||||
|
// } else if (AuthConstants.IOS_VERIFY_ENDPOINT.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// iosVerifyEndpoint = value;
|
||||||
|
// } else if (AuthConstants.ANDROID_VERIFY_ENDPOINT.equals(beanName)) {
|
||||||
|
// String value = beanProp.getAttributeValue(new QName(null, "value"));
|
||||||
|
// androidVerifyEndpoint = value;
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// } catch (IOException e) {
|
||||||
|
// log.error("Error in reading api filter settings", e);
|
||||||
|
// } catch (XMLStreamException e) {
|
||||||
|
// log.error("Error in reading api filter settings", e);
|
||||||
|
// }
|
||||||
|
// return apiList;
|
||||||
|
// }
|
||||||
|
//
|
||||||
|
// /**
|
||||||
|
// * Universal debug log function
|
||||||
|
// *
|
||||||
|
// * @param logger Log object specific to the class
|
||||||
|
// * @param message initial debug log message
|
||||||
|
// * @param vars optional strings to be appended for the log
|
||||||
|
// */
|
||||||
|
// public static void debugLog(Log logger, String message, Object ... vars) {
|
||||||
|
// if(logger.isDebugEnabled()) {
|
||||||
|
// if (vars.length < 1) {
|
||||||
|
// logger.debug(message);
|
||||||
|
// return;
|
||||||
|
// }
|
||||||
|
// StringBuilder stringBuilder = new StringBuilder();
|
||||||
|
// stringBuilder.append(message);
|
||||||
|
// for (Object var : vars) {
|
||||||
|
// stringBuilder.append(var.toString());
|
||||||
|
// }
|
||||||
|
// logger.debug(stringBuilder.toString());
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
|
||||||
|
public static String getHost() {
|
||||||
|
return host;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static int getHttpsPort() {
|
||||||
|
return httpsPort;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getUsername() {
|
||||||
|
return username;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getPassword() {
|
||||||
|
return password;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getIosVerifyEndpoint() {
|
||||||
|
return iosVerifyEndpoint;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getAndroidVerifyEndpoint() {
|
||||||
|
return androidVerifyEndpoint;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,154 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.apimgt.handlers.utils;
|
||||||
|
|
||||||
|
import com.google.gson.Gson;
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.apache.ws.security.util.Base64;
|
||||||
|
import org.json.JSONException;
|
||||||
|
import org.json.JSONObject;
|
||||||
|
import org.w3c.dom.Document;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.APIMCertificateMGTExcepton;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.beans.DCR;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.config.IOTServerConfiguration;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker;
|
||||||
|
import org.wso2.carbon.apimgt.handlers.invoker.RESTResponse;
|
||||||
|
import org.wso2.carbon.utils.CarbonUtils;
|
||||||
|
|
||||||
|
import javax.xml.XMLConstants;
|
||||||
|
import javax.xml.bind.JAXBContext;
|
||||||
|
import javax.xml.bind.JAXBException;
|
||||||
|
import javax.xml.bind.Unmarshaller;
|
||||||
|
import javax.xml.parsers.DocumentBuilder;
|
||||||
|
import javax.xml.parsers.DocumentBuilderFactory;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.net.URISyntaxException;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
public class Utils {
|
||||||
|
|
||||||
|
private static final Log log = LogFactory.getLog(Utils.class);
|
||||||
|
private static final String IOT_APIS_CONFIG_FILE = "iot-api-config.xml";
|
||||||
|
private static String clientId;
|
||||||
|
private static String clientSecret;
|
||||||
|
|
||||||
|
public static IOTServerConfiguration initConfig() {
|
||||||
|
try {
|
||||||
|
|
||||||
|
String IOTServerAPIConfigurationPath =
|
||||||
|
CarbonUtils.getCarbonConfigDirPath() + File.separator + IOT_APIS_CONFIG_FILE;
|
||||||
|
File file = new File(IOTServerAPIConfigurationPath);
|
||||||
|
Document doc = Utils.convertToDocument(file);
|
||||||
|
|
||||||
|
JAXBContext fileContext = JAXBContext.newInstance(IOTServerConfiguration.class);
|
||||||
|
Unmarshaller unmarshaller = fileContext.createUnmarshaller();
|
||||||
|
return (IOTServerConfiguration) unmarshaller.unmarshal(doc);
|
||||||
|
|
||||||
|
} catch (JAXBException | APIMCertificateMGTExcepton e) {
|
||||||
|
log.error("Error occurred while initializing Data Source config", e);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Document convertToDocument(File file) throws APIMCertificateMGTExcepton {
|
||||||
|
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
|
||||||
|
factory.setNamespaceAware(true);
|
||||||
|
try {
|
||||||
|
DocumentBuilder docBuilder = factory.newDocumentBuilder();
|
||||||
|
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
|
||||||
|
return docBuilder.parse(file);
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while parsing file, while converting " +
|
||||||
|
"to a org.w3c.dom.Document", e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getAccessToken(IOTServerConfiguration iotServerConfiguration)
|
||||||
|
throws APIMCertificateMGTExcepton {
|
||||||
|
try {
|
||||||
|
if (clientId == null || clientSecret == null) {
|
||||||
|
getClientSecretes(iotServerConfiguration);
|
||||||
|
}
|
||||||
|
URI tokenUrl = new URI(iotServerConfiguration.getOauthTokenEndpoint());
|
||||||
|
String tokenContent = "grant_type=password&username=" + iotServerConfiguration.getUsername()+ "&password=" +
|
||||||
|
iotServerConfiguration.getPassword() + "&scope=activity-view";
|
||||||
|
String tokenBasicAuth = "Basic " + Base64.encode((clientId + ":" + clientSecret).getBytes());
|
||||||
|
Map<String, String> tokenHeaders = new HashMap<String, String>();
|
||||||
|
tokenHeaders.put("Authorization", tokenBasicAuth);
|
||||||
|
tokenHeaders.put("Content-Type", "application/x-www-form-urlencoded");
|
||||||
|
|
||||||
|
RESTInvoker restInvoker = new RESTInvoker();
|
||||||
|
RESTResponse response = restInvoker.invokePOST(tokenUrl, tokenHeaders, null,
|
||||||
|
null, tokenContent);
|
||||||
|
if(log.isDebugEnabled()) {
|
||||||
|
log.debug("Token response:" + response.getContent());
|
||||||
|
}
|
||||||
|
JSONObject jsonResponse = new JSONObject(response.getContent());
|
||||||
|
String accessToken = jsonResponse.getString("access_token");
|
||||||
|
return accessToken;
|
||||||
|
|
||||||
|
} catch (URISyntaxException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while trying to call oauth token endpoint", e);
|
||||||
|
} catch (JSONException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while converting the json to object", e);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while trying to call oauth token endpoint", e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void getClientSecretes(IOTServerConfiguration iotServerConfiguration)
|
||||||
|
throws APIMCertificateMGTExcepton {
|
||||||
|
try {
|
||||||
|
DCR dcr = new DCR();
|
||||||
|
dcr.setOwner(iotServerConfiguration.getUsername());
|
||||||
|
dcr.setClientName("IOT-API-MANAGER");
|
||||||
|
dcr.setGrantType("refresh_token password client_credentials");
|
||||||
|
dcr.setTokenScope("default");
|
||||||
|
Gson gson = new Gson();
|
||||||
|
String dcrContent = gson.toJson(dcr);
|
||||||
|
Map<String, String> drcHeaders = new HashMap<String, String>();
|
||||||
|
drcHeaders.put("Content-Type", "application/json");
|
||||||
|
URI dcrUrl = new URI(iotServerConfiguration.getDynamicClientRegistrationEndpoint());
|
||||||
|
RESTInvoker restInvoker = new RESTInvoker();
|
||||||
|
RESTResponse response = restInvoker.invokePOST(dcrUrl, drcHeaders, null,
|
||||||
|
null, dcrContent);
|
||||||
|
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("DCR response :" + response.getContent());
|
||||||
|
}
|
||||||
|
JSONObject jsonResponse = new JSONObject(response.getContent());
|
||||||
|
clientId = jsonResponse.getString("client_id");
|
||||||
|
clientSecret = jsonResponse.getString("client_secret");
|
||||||
|
} catch (JSONException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while converting the json to object", e);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while trying to call DCR endpoint", e);
|
||||||
|
} catch (URISyntaxException e) {
|
||||||
|
throw new APIMCertificateMGTExcepton("Error occurred while trying to call DCR endpoint", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,40 @@
|
|||||||
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<ServerConfiguration>
|
||||||
|
<!-- IoT server host name, this is referred from APIM gateway to call to IoT server for certificate validation-->
|
||||||
|
<Hostname>https://localhost:9443/</Hostname>
|
||||||
|
|
||||||
|
<!--End point to verify the certificate-->
|
||||||
|
<VerificationEndpoint>https://localhost:9443/api/certificate-mgt/v1.0/admin/certificates/verify/</VerificationEndpoint>
|
||||||
|
|
||||||
|
<!--Admin username/password - this is to use for oauth token generation-->
|
||||||
|
<Username>admin</Username>
|
||||||
|
<Password>admin</Password>
|
||||||
|
|
||||||
|
<!--Dynamic client registration endpoint-->
|
||||||
|
<DynamicClientRegistrationEndpoint>https://localhost:9443/dynamic-client-web/register</DynamicClientRegistrationEndpoint>
|
||||||
|
|
||||||
|
<!--Oauth token endpoint-->
|
||||||
|
<OauthTokenEndpoint>https://localhost:9443/oauth2/token</OauthTokenEndpoint>
|
||||||
|
|
||||||
|
<APIS>
|
||||||
|
<ContextPath>/services/echo</ContextPath>
|
||||||
|
</APIS>
|
||||||
|
</ServerConfiguration>
|
@ -0,0 +1,61 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans;
|
||||||
|
|
||||||
|
public class ValidationResponce {
|
||||||
|
|
||||||
|
private String JWTToken; // X-JWT-Assertion
|
||||||
|
private String deviceId;
|
||||||
|
private String deviceType;
|
||||||
|
private int tenantId;
|
||||||
|
|
||||||
|
public String getJWTToken() {
|
||||||
|
return JWTToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setJWTToken(String JWTToken) {
|
||||||
|
this.JWTToken = JWTToken;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getDeviceId() {
|
||||||
|
return deviceId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDeviceId(String deviceId) {
|
||||||
|
this.deviceId = deviceId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getDeviceType() {
|
||||||
|
return deviceType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDeviceType(String deviceType) {
|
||||||
|
this.deviceType = deviceType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getTenantId() {
|
||||||
|
return tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTenantId(int tenantId) {
|
||||||
|
this.tenantId = tenantId;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,106 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ You may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
|
|
||||||
|
<parent>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>apimgt-extensions-feature</artifactId>
|
||||||
|
<version>2.0.6-SNAPSHOT</version>
|
||||||
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<artifactId>org.wso2.carbon.apimgt.handler.server.feature</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<version>2.0.6-SNAPSHOT</version>
|
||||||
|
<name>WSO2 Carbon - Device Management - APIM handler Server Feature</name>
|
||||||
|
<url>http://wso2.org</url>
|
||||||
|
<description>This feature contains the handler for the api authentications
|
||||||
|
</description>
|
||||||
|
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||||
|
<artifactId>org.wso2.carbon.apimgt.handlers</artifactId>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<artifactId>maven-resources-plugin</artifactId>
|
||||||
|
<version>2.6</version>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>copy-resources</id>
|
||||||
|
<phase>generate-resources</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>copy-resources</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<outputDirectory>src/main/resources</outputDirectory>
|
||||||
|
<resources>
|
||||||
|
<resource>
|
||||||
|
<directory>resources</directory>
|
||||||
|
<includes>
|
||||||
|
<include>build.properties</include>
|
||||||
|
<include>p2.inf</include>
|
||||||
|
</includes>
|
||||||
|
</resource>
|
||||||
|
</resources>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.wso2.maven</groupId>
|
||||||
|
<artifactId>carbon-p2-plugin</artifactId>
|
||||||
|
<version>${carbon.p2.plugin.version}</version>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>p2-feature-generation</id>
|
||||||
|
<phase>package</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>p2-feature-gen</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<id>org.wso2.carbon.apimgt.handler.server</id>
|
||||||
|
<propertiesFile>../../../features/etc/feature.properties</propertiesFile>
|
||||||
|
<adviceFile>
|
||||||
|
<properties>
|
||||||
|
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
|
||||||
|
<propertyDef>org.eclipse.equinox.p2.type.group:false</propertyDef>
|
||||||
|
</properties>
|
||||||
|
</adviceFile>
|
||||||
|
<bundles>
|
||||||
|
<bundleDef>
|
||||||
|
org.wso2.carbon.devicemgt:org.wso2.carbon.apimgt.handlers:${carbon.device.mgt.version}
|
||||||
|
</bundleDef>
|
||||||
|
<!--<bundleDef>-->
|
||||||
|
<!--org.apache.ws.security.wso2:wss4j:${org.apache.ws.security.wso2.version}-->
|
||||||
|
<!--</bundleDef>-->
|
||||||
|
</bundles>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
@ -0,0 +1 @@
|
|||||||
|
custom = true
|
@ -0,0 +1,40 @@
|
|||||||
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
~
|
||||||
|
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
~ Version 2.0 (the "License"); you may not use this file except
|
||||||
|
~ in compliance with the License.
|
||||||
|
~ you may obtain a copy of the License at
|
||||||
|
~
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing,
|
||||||
|
~ software distributed under the License is distributed on an
|
||||||
|
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
~ KIND, either express or implied. See the License for the
|
||||||
|
~ specific language governing permissions and limitations
|
||||||
|
~ under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<ServerConfiguration>
|
||||||
|
<!-- IoT server host name, this is referred from APIM gateway to call to IoT server for certificate validation-->
|
||||||
|
<Hostname>https://localhost:9443/</Hostname>
|
||||||
|
|
||||||
|
<!--End point to verify the certificate-->
|
||||||
|
<VerificationEndpoint>https://localhost:9443/api/certificate-mgt/v1.0/admin/certificates/verify/</VerificationEndpoint>
|
||||||
|
|
||||||
|
<!--Admin username/password - this is to use for oauth token generation-->
|
||||||
|
<Username>admin</Username>
|
||||||
|
<Password>admin</Password>
|
||||||
|
|
||||||
|
<!--Dynamic client registration endpoint-->
|
||||||
|
<DynamicClientRegistrationEndpoint>https://localhost:9443/dynamic-client-web/register</DynamicClientRegistrationEndpoint>
|
||||||
|
|
||||||
|
<!--Oauth token endpoint-->
|
||||||
|
<OauthTokenEndpoint>https://localhost:9443/oauth2/token</OauthTokenEndpoint>
|
||||||
|
|
||||||
|
<APIS>
|
||||||
|
<ContextPath>/services</ContextPath>
|
||||||
|
</APIS>
|
||||||
|
</ServerConfiguration>
|
@ -0,0 +1,2 @@
|
|||||||
|
instructions.configure = \
|
||||||
|
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.apimgt.handler.server_${feature.version}/conf/iot-api-config.xml,target:${installFolder}/../../conf/iot-api-config.xml,overwrite:true);\
|
Binary file not shown.
Loading…
Reference in new issue