make remote control feature mutual ssl compatible

Introduced a new UUID to recognized the authenticated device's call back to establish the websocket connetion. When the UI requested to establish a screen sharing session with the device, a new UUID and will be created and stored in the database with the operation REMOTE_CONNECT's payload. Once the device polls the operation, it receives the UUID. Then device will call back the server with that same UUID to establish the websocket connection.
revert-dabc3590
Madhawa Perera 6 years ago
parent d205885a28
commit 374c54fa70

@ -45,6 +45,7 @@ import java.util.Date;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import java.util.Map;
/**
@ -72,66 +73,89 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
sessionQueryParamList.add(session.getQueryString());
sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList);
// Validate the token
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator();
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam);
if (operationId == null) {
// Validate the token
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator();
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo
.getTenantDomain()
, true);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername());
if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) {
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(deviceId);
deviceIdentifier.setType(deviceType);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo
.getTenantDomain()
, true);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername());
if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) {
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(deviceId);
deviceIdentifier.setType(deviceType);
// Check authorization of user for given device
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService()
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername());
if (userAuthorized) {
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
// Check authorization of user for given device
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService()
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername());
if (userAuthorized) {
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
// if session initiated using operation id means request came from device
// if (operationId != null) {
// // create new device session
// initializeDeviceSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId,
// operationId);
// } else {
// create new client session
initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType,
deviceId);
// }
log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.getSessionMap().size());
// if session initiated using operation id means request came from device
if (operationId != null) {
// create new device session
initializeDeviceSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId,
operationId);
} else {
// create new client session
initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType,
deviceId);
throw new RemoteSessionManagementException("Missing device Id or type ");
}
log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.getSessionMap().size());
} else {
throw new RemoteSessionManagementException("Missing device Id or type ");
throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType
+ " , deviceId : " + deviceId);
}
} else {
throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType
+ " , deviceId : " + deviceId);
} catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " +
"device Type : " + deviceType + " , deviceId : " + deviceId);
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
} catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " +
"device Type : " + deviceType + " , deviceId : " + deviceId);
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
} else {
throw new RemoteSessionManagementException("Invalid token");
}
} else {
throw new RemoteSessionManagementException("Invalid token");
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
String uuid = session.getQueryString();
if(uuid != null && uuid.isEmpty()){
log.error("Could not find a UUID related to the remote session");
} else {
String tenantDomain = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(uuid);
if(tenantDomain == null || tenantDomain.isEmpty()){
log.error("Invalid UUID, could not create the remote session");
} else {
// create new device session
initializeDeviceSession(session, tenantDomain, deviceType, deviceId, operationId, uuid);
}
}
}
}
@ -194,6 +218,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
.getId());
if (remoteSession != null) {
//String operationId = remoteSession.getOperationId();
RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(remoteSession.getUuidToValidateDevice());
String deviceKey = remoteSession.getTenantDomain() + "/" + remoteSession.getDeviceType() + "/" +
remoteSession.getDeviceId();
RemoteSession lastSession = RemoteSessionManagementDataHolder.getInstance()
@ -239,8 +264,9 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
private void initializeClientSession(Session session, String tenantDomain, String deviceType, String deviceId) throws RemoteSessionManagementException,
OperationManagementException, InvalidDeviceException {
String uuidToValidateDevice = UUID.randomUUID().toString();
RemoteSession clientRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSessionConstants
.CONNECTION_TYPE.CLIENT);
.CONNECTION_TYPE.CLIENT, uuidToValidateDevice);
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
// Create new remote control operation to start the session
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance().getActiveDeviceClientSessionMap
@ -277,6 +303,12 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
operation.setControl(Operation.Control.NO_REPEAT);
JSONObject payload = new JSONObject();
payload.put("serverUrl", RemoteSessionManagementDataHolder.getInstance().getServerUrl());
payload.put("uuidToValidateDevice", uuidToValidateDevice);
String uuidToTenantMap = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap
().putIfAbsent(uuidToValidateDevice, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("UUID " + uuidToTenantMap + " is generated against the tenant : " + tenantDomain);
}
operation.setPayLoad(payload.toString());
String date = new SimpleDateFormat(RemoteSessionConstants.DATE_FORMAT_NOW).format(new Date());
operation.setCreatedTimeStamp(date);
@ -287,6 +319,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
clientRemote.setOperationId(activity.getActivityId().replace(DeviceManagementConstants
.OperationAttributes.ACTIVITY, ""));
RemoteSessionManagementDataHolder.getInstance().getSessionMap().put(session.getId(), clientRemote);
log.info("Client remote session opened for session id: " + session.getId() + " device Type : " +
deviceType + " , " + "deviceId : " + deviceId);
} else {
@ -307,7 +340,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
* @throws RemoteSessionManagementException throws when session has errors with accessing device resources
*/
private void initializeDeviceSession(Session session, String tenantDomain, String deviceType, String deviceId,
String operationId) throws RemoteSessionManagementException {
String operationId, String uuidToValidateDevice) throws RemoteSessionManagementException {
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance()
.getActiveDeviceClientSessionMap().get(deviceKey);
@ -317,7 +350,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
if (clientRemote != null) {
if (clientRemote.getOperationId().equals(operationId)) {
RemoteSession deviceRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId,
RemoteSessionConstants.CONNECTION_TYPE.DEVICE);
RemoteSessionConstants.CONNECTION_TYPE.DEVICE, uuidToValidateDevice);
deviceRemote.setOperationId(operationId);
deviceRemote.setPeerSession(clientRemote);
clientRemote.setPeerSession(deviceRemote);

@ -34,7 +34,11 @@ import java.nio.ByteBuffer;
public class RemoteSession {
private static final Log log = LogFactory.getLog(RemoteSession.class);
private String tenantDomain, operationId, deviceType, deviceId;
private String tenantDomain;
private String operationId;
private String deviceType;
private String deviceId;
private String uuidToValidateDevice;
private long lastMessageTimeStamp = System.currentTimeMillis();
private RemoteSession peerSession;
private Session mySession;
@ -45,12 +49,13 @@ public class RemoteSession {
private RemoteSessionConstants.CONNECTION_TYPE connectionType;
public RemoteSession(Session session, String tenantDomain, String deviceType, String deviceId,
RemoteSessionConstants.CONNECTION_TYPE connectionType) {
RemoteSessionConstants.CONNECTION_TYPE connectionType, String uuidToValidateDevice) {
this.mySession = session;
this.deviceType = deviceType;
this.deviceId = deviceId;
this.tenantDomain = tenantDomain;
this.connectionType = connectionType;
this.uuidToValidateDevice = uuidToValidateDevice;
maxMessagesPerSecond = RemoteSessionManagementDataHolder.getInstance().getMaxMessagesPerSecond();
messageAllowance = maxMessagesPerSecond;
messageRatePerSecond = (double) maxMessagesPerSecond / 1000;
@ -109,6 +114,10 @@ public class RemoteSession {
}
}
public String getUuidToValidateDevice() {
return uuidToValidateDevice;
}
public Session getMySession() {
return mySession;
}

@ -43,6 +43,11 @@ public class RemoteSessionManagementDataHolder {
private OAuthAuthenticator oAuthAuthenticator;
private Map<String, RemoteSession> activeDeviceClientSessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, RemoteSession> sessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, String> uuidToTenantMap = new ConcurrentHashMap<>();
public Map<String, String> getUuidToTenantMap() {
return uuidToTenantMap;
}
public static RemoteSessionManagementDataHolder getInstance() {
return thisInstance;

Loading…
Cancel
Save