pramilaniroshan
/
device-mgt-plugins
forked from community/device-mgt-plugins
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make remote control feature mutual ssl compatible

Browse Source 
Introduced a new UUID to recognized the authenticated device's call back to establish the websocket connetion. When the UI requested to establish a screen sharing session with the device, a new UUID and will be created and stored in the database with the operation REMOTE_CONNECT's payload. Once the device polls the operation, it receives the UUID. Then device will call back the server with that same UUID to establish the websocket connection.
revert-dabc3590
Madhawa Perera 6 years ago
parent d205885a28
commit 374c54fa70
3 changed files with 101 additions and 54 deletions
Show Stats Download Patch File Download Diff File

137
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/RemoteSessionManagementServiceImpl.java
Unescape View File

@ -45,6 +45,7 @@ import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.UUID;
import java.util.Map; import java.util.Map;
/** /**
@ -72,66 +73,89 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
sessionQueryParamList.add(session.getQueryString()); sessionQueryParamList.add(session.getQueryString());
sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList); sessionQueryParam.put(RemoteSessionConstants.QUERY_STRING, sessionQueryParamList);
// Validate the token if (operationId == null) {
OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator(); // Validate the token
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam); OAuthAuthenticator oAuthAuthenticator = RemoteSessionManagementDataHolder.getInstance().getOauthAuthenticator();
AuthenticationInfo authenticationInfo = oAuthAuthenticator.isAuthenticated(sessionQueryParam);
if (authenticationInfo != null && authenticationInfo.isAuthenticated()) { if (authenticationInfo != null && authenticationInfo.isAuthenticated()) {
try { try {
PrivilegedCarbonContext.startTenantFlow(); PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(authenticationInfo
.getTenantDomain() .getTenantDomain()
, true); , true);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername()); PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(authenticationInfo.getUsername());
if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) { if (deviceId != null && !deviceId.isEmpty() && deviceType != null && !deviceType.isEmpty()) {
DeviceIdentifier deviceIdentifier = new DeviceIdentifier(); DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(deviceId); deviceIdentifier.setId(deviceId);
deviceIdentifier.setType(deviceType); deviceIdentifier.setType(deviceType);
// Check authorization of user for given device
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService()
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername());
if (userAuthorized) {
// set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
// Check authorization of user for given device // if session initiated using operation id means request came from device
boolean userAuthorized = RemoteSessionManagementDataHolder.getInstance() // if (operationId != null) {
.getDeviceAccessAuthorizationService() // // create new device session
.isUserAuthorized(deviceIdentifier, authenticationInfo.getUsername()); // initializeDeviceSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId,
if (userAuthorized) { // operationId);
// set common settings for session // } else {
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance() // create new client session
.getMaxMessageBufferSize()); initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType,
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance() deviceId);
.getMaxMessageBufferSize()); // }
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout()); log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.getSessionMap().size());
// if session initiated using operation id means request came from device
if (operationId != null) {
// create new device session
initializeDeviceSession(session, authenticationInfo.getTenantDomain(), deviceType, deviceId,
operationId);
} else { } else {
// create new client session throw new RemoteSessionManagementException("Missing device Id or type ");
initializeClientSession(session, authenticationInfo.getTenantDomain(), deviceType,
deviceId);
} }
log.info("Current remote sessions count: " + RemoteSessionManagementDataHolder.getInstance()
.getSessionMap().size());
} else { } else {
throw new RemoteSessionManagementException("Missing device Id or type "); throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType
+ " , deviceId : " + deviceId);
} }
} else { } catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Unauthorized Access for the device Type : " + deviceType throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " +
+ " , deviceId : " + deviceId); "device Type : " + deviceType + " , deviceId : " + deviceId);
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
} }
} catch (OperationManagementException | InvalidDeviceException e) {
throw new RemoteSessionManagementException("Error occurred while adding initial operation for the " + } else {
"device Type : " + deviceType + " , deviceId : " + deviceId); throw new RemoteSessionManagementException("Invalid token");
} catch (DeviceAccessAuthorizationException e) {
throw new RemoteSessionManagementException("Error occurred while device access authorization for the " +
"device Type : " + deviceType + " , " + "deviceId : " + deviceId);
} finally {
PrivilegedCarbonContext.endTenantFlow();
} }
} else { } else {
throw new RemoteSessionManagementException("Invalid token"); // set common settings for session
session.setMaxBinaryMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxTextMessageBufferSize(RemoteSessionManagementDataHolder.getInstance()
.getMaxMessageBufferSize());
session.setMaxIdleTimeout(RemoteSessionManagementDataHolder.getInstance().getMaxIdleTimeout());
String uuid = session.getQueryString();
if(uuid != null && uuid.isEmpty()){
log.error("Could not find a UUID related to the remote session");
} else {
String tenantDomain = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(uuid);
if(tenantDomain == null || tenantDomain.isEmpty()){
log.error("Invalid UUID, could not create the remote session");
} else {
// create new device session
initializeDeviceSession(session, tenantDomain, deviceType, deviceId, operationId, uuid);
}
}
} }
} }
@ -194,6 +218,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
.getId()); .getId());
if (remoteSession != null) { if (remoteSession != null) {
//String operationId = remoteSession.getOperationId(); //String operationId = remoteSession.getOperationId();
RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap().remove(remoteSession.getUuidToValidateDevice());
String deviceKey = remoteSession.getTenantDomain() + "/" + remoteSession.getDeviceType() + "/" + String deviceKey = remoteSession.getTenantDomain() + "/" + remoteSession.getDeviceType() + "/" +
remoteSession.getDeviceId(); remoteSession.getDeviceId();
RemoteSession lastSession = RemoteSessionManagementDataHolder.getInstance() RemoteSession lastSession = RemoteSessionManagementDataHolder.getInstance()
@ -239,8 +264,9 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
private void initializeClientSession(Session session, String tenantDomain, String deviceType, String deviceId) throws RemoteSessionManagementException, private void initializeClientSession(Session session, String tenantDomain, String deviceType, String deviceId) throws RemoteSessionManagementException,
OperationManagementException, InvalidDeviceException { OperationManagementException, InvalidDeviceException {
String uuidToValidateDevice = UUID.randomUUID().toString();
RemoteSession clientRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSessionConstants RemoteSession clientRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSessionConstants
.CONNECTION_TYPE.CLIENT); .CONNECTION_TYPE.CLIENT, uuidToValidateDevice);
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId; String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
// Create new remote control operation to start the session // Create new remote control operation to start the session
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance().getActiveDeviceClientSessionMap RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance().getActiveDeviceClientSessionMap
@ -277,6 +303,12 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
operation.setControl(Operation.Control.NO_REPEAT); operation.setControl(Operation.Control.NO_REPEAT);
JSONObject payload = new JSONObject(); JSONObject payload = new JSONObject();
payload.put("serverUrl", RemoteSessionManagementDataHolder.getInstance().getServerUrl()); payload.put("serverUrl", RemoteSessionManagementDataHolder.getInstance().getServerUrl());
payload.put("uuidToValidateDevice", uuidToValidateDevice);
String uuidToTenantMap = RemoteSessionManagementDataHolder.getInstance().getUuidToTenantMap
().putIfAbsent(uuidToValidateDevice, tenantDomain);
if (log.isDebugEnabled()) {
log.debug("UUID " + uuidToTenantMap + " is generated against the tenant : " + tenantDomain);
}
operation.setPayLoad(payload.toString()); operation.setPayLoad(payload.toString());
String date = new SimpleDateFormat(RemoteSessionConstants.DATE_FORMAT_NOW).format(new Date()); String date = new SimpleDateFormat(RemoteSessionConstants.DATE_FORMAT_NOW).format(new Date());
operation.setCreatedTimeStamp(date); operation.setCreatedTimeStamp(date);
@ -287,6 +319,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
clientRemote.setOperationId(activity.getActivityId().replace(DeviceManagementConstants clientRemote.setOperationId(activity.getActivityId().replace(DeviceManagementConstants
.OperationAttributes.ACTIVITY, "")); .OperationAttributes.ACTIVITY, ""));
RemoteSessionManagementDataHolder.getInstance().getSessionMap().put(session.getId(), clientRemote); RemoteSessionManagementDataHolder.getInstance().getSessionMap().put(session.getId(), clientRemote);
log.info("Client remote session opened for session id: " + session.getId() + " device Type : " + log.info("Client remote session opened for session id: " + session.getId() + " device Type : " +
deviceType + " , " + "deviceId : " + deviceId); deviceType + " , " + "deviceId : " + deviceId);
} else { } else {
@ -307,7 +340,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
* @throws RemoteSessionManagementException throws when session has errors with accessing device resources * @throws RemoteSessionManagementException throws when session has errors with accessing device resources
*/ */
private void initializeDeviceSession(Session session, String tenantDomain, String deviceType, String deviceId, private void initializeDeviceSession(Session session, String tenantDomain, String deviceType, String deviceId,
String operationId) throws RemoteSessionManagementException { String operationId, String uuidToValidateDevice) throws RemoteSessionManagementException {
String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId; String deviceKey = tenantDomain + "/" + deviceType + "/" + deviceId;
RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance() RemoteSession activeSession = RemoteSessionManagementDataHolder.getInstance()
.getActiveDeviceClientSessionMap().get(deviceKey); .getActiveDeviceClientSessionMap().get(deviceKey);
@ -317,7 +350,7 @@ public class RemoteSessionManagementServiceImpl implements RemoteSessionManageme
if (clientRemote != null) { if (clientRemote != null) {
if (clientRemote.getOperationId().equals(operationId)) { if (clientRemote.getOperationId().equals(operationId)) {
RemoteSession deviceRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId, RemoteSession deviceRemote = new RemoteSession(session, tenantDomain, deviceType, deviceId,
RemoteSessionConstants.CONNECTION_TYPE.DEVICE); RemoteSessionConstants.CONNECTION_TYPE.DEVICE, uuidToValidateDevice);
deviceRemote.setOperationId(operationId); deviceRemote.setOperationId(operationId);
deviceRemote.setPeerSession(clientRemote); deviceRemote.setPeerSession(clientRemote);
clientRemote.setPeerSession(deviceRemote); clientRemote.setPeerSession(deviceRemote);

13
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/dto/RemoteSession.java
Unescape View File

@ -34,7 +34,11 @@ import java.nio.ByteBuffer;
public class RemoteSession { public class RemoteSession {
private static final Log log = LogFactory.getLog(RemoteSession.class); private static final Log log = LogFactory.getLog(RemoteSession.class);
private String tenantDomain, operationId, deviceType, deviceId; private String tenantDomain;
private String operationId;
private String deviceType;
private String deviceId;
private String uuidToValidateDevice;
private long lastMessageTimeStamp = System.currentTimeMillis(); private long lastMessageTimeStamp = System.currentTimeMillis();
private RemoteSession peerSession; private RemoteSession peerSession;
private Session mySession; private Session mySession;
@ -45,12 +49,13 @@ public class RemoteSession {
private RemoteSessionConstants.CONNECTION_TYPE connectionType; private RemoteSessionConstants.CONNECTION_TYPE connectionType;
public RemoteSession(Session session, String tenantDomain, String deviceType, String deviceId, public RemoteSession(Session session, String tenantDomain, String deviceType, String deviceId,
RemoteSessionConstants.CONNECTION_TYPE connectionType) { RemoteSessionConstants.CONNECTION_TYPE connectionType, String uuidToValidateDevice) {
this.mySession = session; this.mySession = session;
this.deviceType = deviceType; this.deviceType = deviceType;
this.deviceId = deviceId; this.deviceId = deviceId;
this.tenantDomain = tenantDomain; this.tenantDomain = tenantDomain;
this.connectionType = connectionType; this.connectionType = connectionType;
this.uuidToValidateDevice = uuidToValidateDevice;
maxMessagesPerSecond = RemoteSessionManagementDataHolder.getInstance().getMaxMessagesPerSecond(); maxMessagesPerSecond = RemoteSessionManagementDataHolder.getInstance().getMaxMessagesPerSecond();
messageAllowance = maxMessagesPerSecond; messageAllowance = maxMessagesPerSecond;
messageRatePerSecond = (double) maxMessagesPerSecond / 1000; messageRatePerSecond = (double) maxMessagesPerSecond / 1000;
@ -109,6 +114,10 @@ public class RemoteSession {
} }
} }
public String getUuidToValidateDevice() {
return uuidToValidateDevice;
}
public Session getMySession() { public Session getMySession() {
return mySession; return mySession;
} }

5
components/extensions/remote-session-extension/org.wso2.carbon.device.mgt.extensions.remote.session/src/main/java/org/wso2/carbon/device/mgt/extensions/remote.session/internal/RemoteSessionManagementDataHolder.java
Unescape View File

@ -43,6 +43,11 @@ public class RemoteSessionManagementDataHolder {
private OAuthAuthenticator oAuthAuthenticator; private OAuthAuthenticator oAuthAuthenticator;
private Map<String, RemoteSession> activeDeviceClientSessionMap = new ConcurrentHashMap<String, RemoteSession>(); private Map<String, RemoteSession> activeDeviceClientSessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, RemoteSession> sessionMap = new ConcurrentHashMap<String, RemoteSession>(); private Map<String, RemoteSession> sessionMap = new ConcurrentHashMap<String, RemoteSession>();
private Map<String, String> uuidToTenantMap = new ConcurrentHashMap<>();
public Map<String, String> getUuidToTenantMap() {
return uuidToTenantMap;
}
public static RemoteSessionManagementDataHolder getInstance() { public static RemoteSessionManagementDataHolder getInstance() {
return thisInstance; return thisInstance;

Write Preview
Loading…
Cancel
Save