forked from community/device-mgt-plugins
Ace
8 years ago
commit
3d32ad984c
@ -0,0 +1,109 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt-plugins</groupId>
|
||||
<artifactId>mb-extensions</artifactId>
|
||||
<version>2.2.6-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</artifactId>
|
||||
<packaging>bundle</packaging>
|
||||
<name>WSO2 Carbon - Component - MQTT - Authorization Manager</name>
|
||||
<description>MQTT authorization manager based on Carbon device manager</description>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.utils</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.andes.wso2</groupId>
|
||||
<artifactId>andes</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.user.api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.user.core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<extensions>true</extensions>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
|
||||
<Bundle-Name>${project.artifactId}</Bundle-Name>
|
||||
<Private-Package>
|
||||
org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal
|
||||
</Private-Package>
|
||||
<Export-Package>
|
||||
!org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal,
|
||||
org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.*
|
||||
</Export-Package>
|
||||
<Import-Package>
|
||||
org.apache.log4j,
|
||||
org.dna.mqtt.moquette.server,
|
||||
org.wso2.andes.configuration.enums,
|
||||
org.wso2.andes.mqtt,
|
||||
org.wso2.carbon.context,
|
||||
org.jaxen,
|
||||
org.apache.axiom.*,
|
||||
org.wso2.securevault,
|
||||
org.apache.commons.*,
|
||||
org.osgi.service.component,
|
||||
org.wso2.carbon.user.core.service,
|
||||
org.wso2.carbon.user.core.tenant,
|
||||
org.wso2.carbon.user.api,
|
||||
*;resolution:=optional
|
||||
</Import-Package>
|
||||
<DynamicImport-Package>*</DynamicImport-Package>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
</project>
|
||||
|
||||
@ -0,0 +1,125 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.dna.mqtt.moquette.server.IAuthorizer;
|
||||
import org.wso2.andes.configuration.enums.MQTTAuthoriztionPermissionLevel;
|
||||
import org.wso2.andes.mqtt.MQTTAuthorizationSubject;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfigurationManager;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal.AuthorizationDataHolder;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.user.api.UserRealm;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Authorize the connecting users against Carbon Permission Model. Intended usage is
|
||||
* via providing fully qualified class name in broker.xml
|
||||
* <p/>
|
||||
* This is just a simple authorization model. For dynamic topics use an implementation based on IAuthorizer
|
||||
*/
|
||||
public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer {
|
||||
|
||||
private static final String SCOPE_IDENTIFIER = "scope";
|
||||
private static final String UI_EXECUTE = "ui.execute";
|
||||
private static Log logger = LogFactory.getLog(DeviceAccessBasedMQTTAuthorizer.class);
|
||||
AuthorizationConfigurationManager MQTTAuthorizationConfiguration;
|
||||
|
||||
public DeviceAccessBasedMQTTAuthorizer() {
|
||||
this.MQTTAuthorizationConfiguration = AuthorizationConfigurationManager.getInstance();
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc} Authorize the user against carbon device mgt model.
|
||||
*/
|
||||
@Override
|
||||
public boolean isAuthorizedForTopic(MQTTAuthorizationSubject authorizationSubject, String topic,
|
||||
MQTTAuthoriztionPermissionLevel permissionLevel) {
|
||||
if (isUserAuthorized(authorizationSubject, MQTTAuthorizationConfiguration.getAdminPermission(), UI_EXECUTE)) {
|
||||
return true;
|
||||
}
|
||||
String topics[] = topic.split("/");
|
||||
if (topics.length < 3) {
|
||||
return false;
|
||||
}
|
||||
String tenantIdFromTopic = topics[0];
|
||||
if (!tenantIdFromTopic.equals(authorizationSubject.getTenantDomain())) {
|
||||
return false;
|
||||
}
|
||||
String deviceType = topics[1];
|
||||
String deviceId = topics[2];
|
||||
Object scopeObject = authorizationSubject.getProperties().get(SCOPE_IDENTIFIER);
|
||||
|
||||
if (!deviceId.isEmpty() && !deviceType.isEmpty() && scopeObject != null) {
|
||||
List<String> scopes = (List<String>) scopeObject;
|
||||
String permissionScope = MQTTAuthorizationConfiguration.getMQTTPublisherScopeIdentifier();
|
||||
if (permissionLevel == MQTTAuthoriztionPermissionLevel.SUBSCRIBE) {
|
||||
permissionScope = MQTTAuthorizationConfiguration.getMQTTSubscriberScopeIdentifier();
|
||||
}
|
||||
String requiredScope = MQTTAuthorizationConfiguration.getDevicemgtScopeIdentifier() + ":" + deviceType + ":"
|
||||
+ deviceId + ":" + permissionScope;
|
||||
for (String scope : scopes) {
|
||||
if (requiredScope.equals(scope)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc} Authorized the user against carbon device mgt model.
|
||||
*/
|
||||
@Override
|
||||
public boolean isAuthorizedToConnect(MQTTAuthorizationSubject authorizationSubject) {
|
||||
return isUserAuthorized(authorizationSubject, MQTTAuthorizationConfiguration.getConnectionPermission()
|
||||
, UI_EXECUTE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether the client is authorized with the given permission and action.
|
||||
*
|
||||
* @param authorizationSubject this contains the client information
|
||||
* @param permission Carbon permission that requires for the use
|
||||
* @param action Carbon permission action that requires for the given permission.
|
||||
* @return boolean - true if user is authorized else return false.
|
||||
*/
|
||||
private boolean isUserAuthorized(MQTTAuthorizationSubject authorizationSubject, String permission, String action) {
|
||||
String username = authorizationSubject.getUsername();
|
||||
try {
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
|
||||
authorizationSubject.getTenantDomain(), true);
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
UserRealm userRealm = AuthorizationDataHolder.getInstance().getRealmService()
|
||||
.getTenantUserRealm(tenantId);
|
||||
return userRealm != null && userRealm.getAuthorizationManager() != null &&
|
||||
userRealm.getAuthorizationManager().isUserAuthorized(username, permission, action);
|
||||
} catch (UserStoreException e) {
|
||||
String errorMsg = String.format("Unable to authorize the user : %s", username);
|
||||
logger.error(errorMsg, e);
|
||||
return false;
|
||||
} finally {
|
||||
PrivilegedCarbonContext.endTenantFlow();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,246 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config;
|
||||
|
||||
import org.apache.axiom.om.OMElement;
|
||||
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
|
||||
import org.apache.axiom.om.xpath.AXIOMXPath;
|
||||
import org.apache.commons.configuration.CompositeConfiguration;
|
||||
import org.apache.commons.configuration.ConfigurationException;
|
||||
import org.apache.commons.configuration.XMLConfiguration;
|
||||
import org.apache.commons.configuration.tree.xpath.XPathExpressionEngine;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.jaxen.JaxenException;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.exception.AuthorizationException;
|
||||
import org.wso2.carbon.utils.ServerConstants;
|
||||
import org.wso2.securevault.SecretResolver;
|
||||
import org.wso2.securevault.SecretResolverFactory;
|
||||
|
||||
import javax.xml.namespace.QName;
|
||||
import javax.xml.stream.XMLStreamException;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.text.MessageFormat;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* This class acts as a access point to retrieve config parameters used within the authorization.
|
||||
* this configuration is read from broker.xml
|
||||
*/
|
||||
public class AuthorizationConfiguration {
|
||||
/**
|
||||
* Reserved Prefixes that activate different processing logic.
|
||||
*/
|
||||
private static final String LIST_TYPE = "LIST_";
|
||||
private static final QName SECURE_VAULT_QNAME = new QName("http://org.wso2.securevault/configuration"
|
||||
, "secretAlias");
|
||||
/**
|
||||
* Common Error states
|
||||
*/
|
||||
private static final String GENERIC_CONFIGURATION_PARSE_ERROR = "Error occurred when trying to parse " +
|
||||
"configuration value {0}.";
|
||||
private static final String NO_CHILD_FOR_KEY_IN_PROPERTY = "There was no child at the given key {0} for the " +
|
||||
"parent property {1}.";
|
||||
private static final String PROPERTY_NOT_A_LIST = "The input property {0} does not contain a list of child " +
|
||||
"properties.";
|
||||
/**
|
||||
* location to broker.xml
|
||||
*/
|
||||
private static final String ROOT_CONFIG_FILE_PATH = System.getProperty(ServerConstants.CARBON_HOME)
|
||||
+ "/repository/conf/";
|
||||
/**
|
||||
* File name of the main configuration file.
|
||||
*/
|
||||
private static final String ROOT_CONFIG_FILE_NAME = "broker.xml";
|
||||
private static Log log = LogFactory.getLog(AuthorizationConfigurationManager.class);
|
||||
private static CompositeConfiguration compositeConfiguration;
|
||||
/**
|
||||
* This hashmap is used to maintain any properties that were read from broker.xml
|
||||
*/
|
||||
private static ConcurrentHashMap<String, String> propertyList;
|
||||
|
||||
public static void initialize() throws AuthorizationException {
|
||||
String brokerConfigFilePath = ROOT_CONFIG_FILE_PATH + ROOT_CONFIG_FILE_NAME;
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Configuration located at : " + brokerConfigFilePath);
|
||||
}
|
||||
try {
|
||||
compositeConfiguration = new CompositeConfiguration();
|
||||
compositeConfiguration.setDelimiterParsingDisabled(true);
|
||||
XMLConfiguration rootConfiguration = new XMLConfiguration();
|
||||
rootConfiguration.setDelimiterParsingDisabled(true);
|
||||
rootConfiguration.setFileName(brokerConfigFilePath);
|
||||
rootConfiguration.setExpressionEngine(new XPathExpressionEngine());
|
||||
rootConfiguration.load();
|
||||
readConfigurationFromFile(brokerConfigFilePath);
|
||||
compositeConfiguration.addConfiguration(rootConfiguration);
|
||||
} catch (FileNotFoundException e) {
|
||||
String error = "Error occurred when trying to read the configuration file : " + brokerConfigFilePath;
|
||||
log.error(error, e);
|
||||
throw new AuthorizationException(error, e);
|
||||
} catch (JaxenException e) {
|
||||
String error = "Error occurred when trying to process file : " + brokerConfigFilePath;
|
||||
log.error(error, e);
|
||||
throw new AuthorizationException(error, e);
|
||||
} catch (XMLStreamException e) {
|
||||
String error = "Error occurred when trying to process file : " + brokerConfigFilePath;
|
||||
log.error(error, e);
|
||||
throw new AuthorizationException(error, e);
|
||||
} catch (ConfigurationException e) {
|
||||
String error = "Error occurred when trying to process file :" + brokerConfigFilePath;
|
||||
log.error(error, e);
|
||||
throw new AuthorizationException(error, e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private static void readConfigurationFromFile(String filePath) throws FileNotFoundException, JaxenException
|
||||
, XMLStreamException {
|
||||
propertyList = new ConcurrentHashMap();
|
||||
StAXOMBuilder stAXOMBuilder = new StAXOMBuilder(new FileInputStream(new File(filePath)));
|
||||
OMElement dom = stAXOMBuilder.getDocumentElement();
|
||||
SecretResolver secretResolver = SecretResolverFactory.create(dom, false);
|
||||
AXIOMXPath xpathExpression = new AXIOMXPath("//*[@*[local-name() = \'secretAlias\']]");
|
||||
List nodeList = xpathExpression.selectNodes(dom);
|
||||
String propertyKey;
|
||||
String propertyValue;
|
||||
for (Iterator i$ = nodeList.iterator(); i$.hasNext(); propertyList.put(propertyKey, propertyValue)) {
|
||||
Object o = i$.next();
|
||||
propertyKey = ((OMElement) o).getAttributeValue(SECURE_VAULT_QNAME);
|
||||
propertyValue = "";
|
||||
if (secretResolver != null && secretResolver.isInitialized()) {
|
||||
if (secretResolver.isTokenProtected(propertyKey)) {
|
||||
propertyValue = secretResolver.resolve(propertyKey);
|
||||
}
|
||||
} else {
|
||||
log.warn("Error while reading properties form file");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Using this method, you can access a singular property of a child.
|
||||
* example,
|
||||
* <authorizer class="org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.
|
||||
* DeviceAccessBasedMQTTAuthorizer">
|
||||
* <property name="connectionPermission">/permission/admin/device-mgt/user</property>
|
||||
* <property name="adminPermission">/permission/admin/device-mgt/admin</property>
|
||||
* <property name="MQTTSubscriberScopeIdentifier">mqtt-subscriber</property>
|
||||
* <property name="MQTTPublisherScopeIdentifier">mqtt-subscriber</property>
|
||||
* <property name="devicemgtScopeIdentifier">device-mgt</property>
|
||||
* </authorizer> scenario.
|
||||
*
|
||||
* @param configurationProperty relevant enum value (e.g.- above scenario -> org.wso2.carbon.andes.extensions
|
||||
* .device.mgt.mqtt.authorization.config.TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES)
|
||||
* @param key key of the child of whom you seek the value (e.g. above scenario -> "property list")
|
||||
*/
|
||||
static <T> T readValueOfChildByKey(MQTTConfiguration configurationProperty, String key) {
|
||||
|
||||
String constructedKey = configurationProperty.get().getKeyInFile().replace("{key}",
|
||||
key);
|
||||
try {
|
||||
return (T) deriveValidConfigurationValue(constructedKey,
|
||||
configurationProperty.get().getDataType(),
|
||||
configurationProperty.get().getDefaultValue());
|
||||
} catch (ConfigurationException e) {
|
||||
log.error(MessageFormat.format(NO_CHILD_FOR_KEY_IN_PROPERTY, key, configurationProperty), e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Use this method when you need to acquire a list of properties of same group.
|
||||
*
|
||||
* @param configurationProperty relevant enum value (e.g.- org.wso2.carbon.andes.extensions
|
||||
* .device.mgt.mqtt.authorization.config.LIST_TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES)
|
||||
* @return String list of required property values
|
||||
*/
|
||||
static List<String> readValueList(MQTTConfiguration configurationProperty) {
|
||||
|
||||
if (configurationProperty.toString().startsWith(LIST_TYPE)) {
|
||||
return Arrays.asList(compositeConfiguration.getStringArray(configurationProperty.get().getKeyInFile()));
|
||||
} else {
|
||||
log.error(MessageFormat.format(PROPERTY_NOT_A_LIST, configurationProperty));
|
||||
return new ArrayList<>();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Given the data type and the value read from a config, this returns the parsed value
|
||||
* of the property.
|
||||
*
|
||||
* @param key The Key to the property being read (n xpath format as contained in file.)
|
||||
* @param dataType Expected data type of the property
|
||||
* @param defaultValue This parameter should NEVER be null since we assign a default value to
|
||||
* every config property.
|
||||
* @param <T> Expected data type of the property
|
||||
* @return Value of config in the expected data type.
|
||||
* @throws ConfigurationException if there are any configuration issues
|
||||
*/
|
||||
private static <T> T deriveValidConfigurationValue(String key, Class<T> dataType,
|
||||
String defaultValue) throws ConfigurationException {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Reading configuration value " + key);
|
||||
}
|
||||
String readValue = compositeConfiguration.getString(key);
|
||||
String validValue = defaultValue;
|
||||
if (StringUtils.isBlank(readValue)) {
|
||||
log.warn("Error when trying to read property : " + key + ". Switching to " + "default value : " +
|
||||
defaultValue);
|
||||
} else {
|
||||
validValue = overrideWithDecryptedValue(key, readValue);
|
||||
}
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Valid value read for andes configuration property " + key + " is : " + validValue);
|
||||
}
|
||||
try {
|
||||
return dataType.getConstructor(String.class).newInstance(validValue);
|
||||
} catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | InstantiationException e) {
|
||||
throw new ConfigurationException(MessageFormat.format(GENERIC_CONFIGURATION_PARSE_ERROR, key), e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If the property is contained in the propertyList, replace the raw value with that value.
|
||||
*
|
||||
* @param keyInFile xpath expression used to extract the value from file.
|
||||
* @param rawValue The value read from the file without any processing.
|
||||
* @return the value with corresponding to actual value.
|
||||
*/
|
||||
private static String overrideWithDecryptedValue(String keyInFile, String rawValue) {
|
||||
if (!StringUtils.isBlank(keyInFile)) {
|
||||
String key = keyInFile.replaceAll("/", ".");
|
||||
if (propertyList.containsKey(key)) {
|
||||
return propertyList.get(key);
|
||||
}
|
||||
}
|
||||
return rawValue;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,140 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class AuthorizationConfigurationManager {
|
||||
|
||||
private static final String CONNECTION_PERMISSION = "connectionPermission";
|
||||
private static final String ADMIN_PERMISSION = "adminPermission";
|
||||
private static final String MQTT_PUBLISHER_SCOPE_IDENTIFIER = "MQTTPublisherScopeIdentifier";
|
||||
private static final String MQTT_SUBSCRIBER_SCOPE_IDENTIFIER = "MQTTSubscriberScopeIdentifier";
|
||||
private static final String DEVICE_MGT_SCOPE_IDENTIFIER = "devicemgtScopeIdentifier";
|
||||
private static final AuthorizationConfigurationManager oAuthConfigurationManager
|
||||
= new AuthorizationConfigurationManager();
|
||||
private static Log logger = LogFactory.getLog(AuthorizationConfigurationManager.class);
|
||||
private String connectionPermission;
|
||||
private String adminPermission;
|
||||
private String MQTTPublisherScopeIdentifier;
|
||||
private String MQTTSubscriberScopeIdentifier;
|
||||
private String devicemgtScopeIdentifier;
|
||||
|
||||
private AuthorizationConfigurationManager() {
|
||||
|
||||
}
|
||||
|
||||
public static AuthorizationConfigurationManager getInstance() {
|
||||
return oAuthConfigurationManager;
|
||||
}
|
||||
|
||||
public String getConnectionPermission() {
|
||||
return connectionPermission;
|
||||
}
|
||||
|
||||
public void setConnectionPermission(String connectionPermission) {
|
||||
if (connectionPermission != null) {
|
||||
this.connectionPermission = connectionPermission;
|
||||
} else {
|
||||
logger.error("Connection permission can't be null ");
|
||||
}
|
||||
}
|
||||
|
||||
public String getAdminPermission() {
|
||||
return adminPermission;
|
||||
}
|
||||
|
||||
public void setAdminPermission(String adminPermission) {
|
||||
if (adminPermission != null) {
|
||||
this.adminPermission = adminPermission;
|
||||
} else {
|
||||
logger.error("admin permission can't be null ");
|
||||
}
|
||||
}
|
||||
|
||||
public String getMQTTPublisherScopeIdentifier() {
|
||||
return MQTTPublisherScopeIdentifier;
|
||||
}
|
||||
|
||||
public void setMQTTPublisherScopeIdentifier(String MQTTPublisherScopeIdentifier) {
|
||||
if (MQTTPublisherScopeIdentifier != null) {
|
||||
this.MQTTPublisherScopeIdentifier = MQTTPublisherScopeIdentifier;
|
||||
} else {
|
||||
logger.error("MQTT publisher scope identifier can't be null ");
|
||||
}
|
||||
}
|
||||
|
||||
public String getMQTTSubscriberScopeIdentifier() {
|
||||
return MQTTSubscriberScopeIdentifier;
|
||||
}
|
||||
|
||||
public void setMQTTSubscriberScopeIdentifier(String MQTTSubscriberScopeIdentifier) {
|
||||
if (MQTTSubscriberScopeIdentifier != null) {
|
||||
this.MQTTSubscriberScopeIdentifier = MQTTSubscriberScopeIdentifier;
|
||||
} else {
|
||||
logger.error("MQTT subscriber scope identifier can't be null ");
|
||||
}
|
||||
}
|
||||
|
||||
public String getDevicemgtScopeIdentifier() {
|
||||
return devicemgtScopeIdentifier;
|
||||
}
|
||||
|
||||
public void setDevicemgtScopeIdentifier(String devicemgtScopeIdentifier) {
|
||||
if (devicemgtScopeIdentifier != null) {
|
||||
this.devicemgtScopeIdentifier = devicemgtScopeIdentifier;
|
||||
} else {
|
||||
logger.error("Device management scope identifier can't be null ");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize the configuration properties that required for MQTT Authorization
|
||||
*/
|
||||
public synchronized void initConfig() {
|
||||
List<String> mqttTransportAuthorizationProperties = AuthorizationConfiguration.readValueList(MQTTConfiguration
|
||||
.LIST_TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES);
|
||||
for (String property : mqttTransportAuthorizationProperties) {
|
||||
String propertyValue = AuthorizationConfiguration.readValueOfChildByKey(
|
||||
MQTTConfiguration.TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES, property);
|
||||
switch (property) {
|
||||
case CONNECTION_PERMISSION:
|
||||
setConnectionPermission(propertyValue);
|
||||
break;
|
||||
case ADMIN_PERMISSION:
|
||||
setAdminPermission(propertyValue);
|
||||
break;
|
||||
case MQTT_PUBLISHER_SCOPE_IDENTIFIER:
|
||||
setMQTTPublisherScopeIdentifier(propertyValue);
|
||||
break;
|
||||
case MQTT_SUBSCRIBER_SCOPE_IDENTIFIER:
|
||||
setMQTTSubscriberScopeIdentifier(propertyValue);
|
||||
break;
|
||||
case DEVICE_MGT_SCOPE_IDENTIFIER:
|
||||
setDevicemgtScopeIdentifier(propertyValue);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,62 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config;
|
||||
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.util.ImmutableMetaProperties;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.util.MetaProperties;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public enum MQTTConfiguration {
|
||||
|
||||
/**
|
||||
* List of properties that can define how the server will authenticate the user with the authentication service.
|
||||
*/
|
||||
LIST_TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES("transports/mqtt/security/authorizer/property/@name", "", List.class),
|
||||
|
||||
/**
|
||||
* This can be used to access a property by giving its key. e.g. hosturl
|
||||
*/
|
||||
TRANSPORT_MQTT_AUTHORIZATION_PROPERTIES("transports/mqtt/security/authorizer/property[@name = '{key}']", ""
|
||||
, String.class);
|
||||
|
||||
/**
|
||||
* Meta data about configuration.
|
||||
*/
|
||||
private final MetaProperties metaProperties;
|
||||
|
||||
/**
|
||||
* Constructor to define a configuration in broker.
|
||||
*
|
||||
* @param keyInFile Xpath (or any key value) which can be used to identify the configuration in the file.
|
||||
* @param defaultValue the default value
|
||||
* @param dataType data type of the config ( e.g. boolean, string )
|
||||
*/
|
||||
MQTTConfiguration(String keyInFile, String defaultValue, Class<?> dataType) {
|
||||
// We need to pass the enum name as the identifier : therefore this.name()
|
||||
this.metaProperties = new ImmutableMetaProperties(this.name(), keyInFile, defaultValue, dataType);
|
||||
}
|
||||
|
||||
public MetaProperties get() {
|
||||
return metaProperties;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -0,0 +1,84 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.exception;
|
||||
|
||||
public class AuthorizationException extends Exception {
|
||||
/**
|
||||
* Default Serialization UID
|
||||
*/
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/**
|
||||
* error code for our custom exception type to identify specific scenarios and handle them properly.
|
||||
*/
|
||||
private String errorCode = "";
|
||||
|
||||
public AuthorizationException() {
|
||||
}
|
||||
|
||||
public AuthorizationException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
/***
|
||||
* Constructor
|
||||
* @param message descriptive message
|
||||
* @param errorCode one of the above defined constants that classifies the error.
|
||||
*/
|
||||
public AuthorizationException(String message, String errorCode) {
|
||||
super(message);
|
||||
this.errorCode = errorCode;
|
||||
}
|
||||
|
||||
/***
|
||||
* Constructor
|
||||
* @param message descriptive message
|
||||
* @param cause reference to the exception for reference.
|
||||
*/
|
||||
public AuthorizationException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
/***
|
||||
* Constructor
|
||||
* @param message descriptive message
|
||||
* @param errorCode one of the above defined constants that classifies the error.
|
||||
* @param cause reference to the exception for reference.
|
||||
*/
|
||||
public AuthorizationException(String message, String errorCode, Throwable cause) {
|
||||
super(message, cause);
|
||||
this.errorCode = errorCode;
|
||||
}
|
||||
|
||||
/***
|
||||
* Constructor
|
||||
* @param cause reference to the exception for reference.
|
||||
*/
|
||||
public AuthorizationException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
|
||||
/***
|
||||
* One of the above defined constants that classifies the error. e.g.- MESSAGE_CONTENT_OBSOLETE
|
||||
* @return
|
||||
*/
|
||||
public String getErrorCode() {
|
||||
return errorCode;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal;
|
||||
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
import org.wso2.carbon.user.core.tenant.TenantManager;
|
||||
|
||||
public class AuthorizationDataHolder {
|
||||
|
||||
private static AuthorizationDataHolder thisInstance = new AuthorizationDataHolder();
|
||||
private RealmService realmService;
|
||||
private TenantManager tenantManager;
|
||||
|
||||
private AuthorizationDataHolder() {
|
||||
}
|
||||
|
||||
public static AuthorizationDataHolder getInstance() {
|
||||
return thisInstance;
|
||||
}
|
||||
|
||||
public RealmService getRealmService() {
|
||||
return realmService;
|
||||
}
|
||||
|
||||
public void setRealmService(RealmService realmService) {
|
||||
this.realmService = realmService;
|
||||
this.setTenantManager(realmService);
|
||||
}
|
||||
|
||||
public TenantManager getTenantManager() {
|
||||
return tenantManager;
|
||||
}
|
||||
|
||||
private void setTenantManager(RealmService realmService) {
|
||||
if (realmService == null) {
|
||||
throw new IllegalStateException("Realm service is not initialized properly");
|
||||
}
|
||||
this.tenantManager = realmService.getTenantManager();
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,81 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.osgi.service.component.ComponentContext;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfiguration;
|
||||
import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfigurationManager;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
|
||||
/**
|
||||
* @scr.component name="org.wso2.carbon.devicemgt.policy.manager" immediate="true"
|
||||
* @scr.reference name="user.realmservice.default"
|
||||
* interface="org.wso2.carbon.user.core.service.RealmService"
|
||||
* cardinality="1..1"
|
||||
* policy="dynamic"
|
||||
* bind="setRealmService"
|
||||
* unbind="unsetRealmService"
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
public class AuthorizationServiceComponent {
|
||||
|
||||
private static Log log = LogFactory.getLog(AuthorizationServiceComponent.class);
|
||||
|
||||
protected void activate(ComponentContext componentContext) {
|
||||
try {
|
||||
AuthorizationConfiguration.initialize();
|
||||
AuthorizationConfigurationManager.getInstance().initConfig();
|
||||
} catch (Throwable e) {
|
||||
log.error("Failed to activate org.wso2.carbon.andes.authorization.internal." +
|
||||
"AuthorizationServiceComponent : " + e);
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
protected void deactivate(ComponentContext componentContext) {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets Realm Service
|
||||
*
|
||||
* @param realmService An instance of RealmService
|
||||
*/
|
||||
protected void setRealmService(RealmService realmService) {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Setting Realm Service");
|
||||
}
|
||||
AuthorizationDataHolder.getInstance().setRealmService(realmService);
|
||||
}
|
||||
|
||||
/**
|
||||
* Unsets Realm Service
|
||||
*
|
||||
* @param realmService An instance of RealmService
|
||||
*/
|
||||
protected void unsetRealmService(RealmService realmService) {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Unsetting Realm Service");
|
||||
}
|
||||
AuthorizationDataHolder.getInstance().setRealmService(null);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,86 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.util;
|
||||
|
||||
/**
|
||||
* This class contains the immutable meta attributes of a config property. These are
|
||||
* immutable so that enums can contain them.
|
||||
*/
|
||||
public final class ImmutableMetaProperties implements MetaProperties {
|
||||
|
||||
private final String keyInFile;
|
||||
private final String defaultValue;
|
||||
private final Class<?> dataType;
|
||||
private final String name;
|
||||
|
||||
/**
|
||||
* constructor
|
||||
*
|
||||
* @param keyInFile xpath expression to the property in the config file
|
||||
* @param defaultValue default value of property in case its not specified or found in config files.
|
||||
* @param dataType expected data type of the property
|
||||
*/
|
||||
public ImmutableMetaProperties(String name, String keyInFile, String defaultValue, Class<?> dataType) {
|
||||
this.name = name;
|
||||
this.keyInFile = keyInFile;
|
||||
this.defaultValue = defaultValue;
|
||||
this.dataType = dataType;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
@Override
|
||||
public String getKeyInFile() {
|
||||
return keyInFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
@Override
|
||||
public String getDefaultValue() {
|
||||
return defaultValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
@Override
|
||||
public Class<?> getDataType() {
|
||||
return dataType;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
@Override
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
@Override
|
||||
public String toString() {
|
||||
return "Property : " + keyInFile + " data-type : " + dataType.getName() + " default value" +
|
||||
" : " + defaultValue;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,48 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.util;
|
||||
|
||||
/**
|
||||
* Contains methods that should be implemented to access meta properties of a config
|
||||
* property.
|
||||
*/
|
||||
public interface MetaProperties {
|
||||
|
||||
/**
|
||||
* @return actual key with which the property is set in relevant config file.
|
||||
*/
|
||||
String getKeyInFile();
|
||||
|
||||
/**
|
||||
* @return Default value specified for the config property,
|
||||
* in case it is not set in file.
|
||||
*/
|
||||
String getDefaultValue();
|
||||
|
||||
/**
|
||||
* @return Datatype of the property. (There could be numeric,date or boolean values.)
|
||||
*/
|
||||
Class<?> getDataType();
|
||||
|
||||
/**
|
||||
* @return Name of the property (e.g. TRANSPORTS_AMQP_DEFAULT_CONNECTION_PORT)
|
||||
*/
|
||||
String getName();
|
||||
|
||||
}
|
||||
@ -0,0 +1,58 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt-plugins</groupId>
|
||||
<artifactId>extensions</artifactId>
|
||||
<version>2.2.6-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>mb-extensions</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>WSO2 Carbon - MB Extension</name>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<modules>
|
||||
<module>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</module>
|
||||
</modules>
|
||||
|
||||
<build>
|
||||
<pluginManagement>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
<version>1.7.2</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>generate-scr-scrdescriptor</id>
|
||||
<goals>
|
||||
<goal>scr</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</pluginManagement>
|
||||
</build>
|
||||
</project>
|
||||
@ -1,4 +1,3 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"extends": "cdmf.unit.device.view"
|
||||
"version": "1.0.0"
|
||||
}
|
||||
@ -1,4 +1,3 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"extends": "cdmf.unit.device.operation-bar"
|
||||
"version": "1.0.0"
|
||||
}
|
||||
@ -0,0 +1,386 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
|
||||
* either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
var modalPopup = ".modal",
|
||||
modalPopupContainer = modalPopup + " .modal-content",
|
||||
modalPopupContent = modalPopup + " .modal-content";
|
||||
|
||||
var emmAdminBasePath = "/api/device-mgt/v1.0";
|
||||
|
||||
//function openCollapsedNav() {
|
||||
// $(".wr-hidden-nav-toggle-btn").addClass("active");
|
||||
// $("#hiddenNav").slideToggle("slideDown", function () {
|
||||
// if ($(this).css("display") == "none") {
|
||||
// $(".wr-hidden-nav-toggle-btn").removeClass("active");
|
||||
// }
|
||||
// });
|
||||
//}
|
||||
|
||||
/*
|
||||
* set popup maximum height function.
|
||||
*/
|
||||
function setPopupMaxHeight() {
|
||||
var maxHeight = "max-height";
|
||||
var marginTop = "margin-top";
|
||||
var body = "body";
|
||||
$(modalPopupContent).css(maxHeight, ($(body).height() - ($(body).height() / 100 * 30)));
|
||||
$(modalPopupContainer).css(marginTop, (-($(modalPopupContainer).height() / 2)));
|
||||
}
|
||||
|
||||
/*
|
||||
* show popup function.
|
||||
*/
|
||||
function showPopup() {
|
||||
$(modalPopup).modal('show');
|
||||
}
|
||||
|
||||
/*
|
||||
* hide popup function.
|
||||
*/
|
||||
function hidePopup() {
|
||||
$(modalPopupContent).html("");
|
||||
$(modalPopupContent).removeClass("operation-data");
|
||||
$(modalPopup).modal('hide');
|
||||
$('body').removeClass('modal-open').css('padding-right','0px');
|
||||
$('.modal-backdrop').remove();
|
||||
}
|
||||
|
||||
/*
|
||||
* QR-code generation function.
|
||||
*/
|
||||
function generateQRCode(qrCodeClass) {
|
||||
var enrollmentURL = $("#qr-code-modal").data("enrollment-url");
|
||||
$(qrCodeClass).qrcode({
|
||||
text: enrollmentURL,
|
||||
width: 200,
|
||||
height: 200
|
||||
});
|
||||
}
|
||||
|
||||
function toggleEnrollment() {
|
||||
console.log("something happenedfd!");
|
||||
$(".modal-content").html($("#qr-code-modal").html());
|
||||
generateQRCode(".modal-content .qr-code");
|
||||
showPopup();
|
||||
}
|
||||
|
||||
var updateNotificationCountOnSuccess = function (data, textStatus, jqXHR) {
|
||||
var notificationBubble = "#notification-bubble";
|
||||
if (jqXHR.status == 200 && data) {
|
||||
var responsePayload = JSON.parse(data);
|
||||
var newNotificationsCount = responsePayload["count"];
|
||||
if (newNotificationsCount > 0) {
|
||||
$(notificationBubble).html(newNotificationsCount);
|
||||
$(notificationBubble).show();
|
||||
} else {
|
||||
$(notificationBubble).hide();
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
function updateNotificationCountOnError() {
|
||||
var notificationBubble = "#notification-bubble";
|
||||
$(notificationBubble).html("Error");
|
||||
$(notificationBubble).show();
|
||||
}
|
||||
|
||||
function loadNewNotificationsOnSideViewPanel() {
|
||||
if ($("#right-sidebar").attr("is-authorized") == "false") {
|
||||
$("#notification-bubble-wrapper").remove();
|
||||
} else {
|
||||
var serviceURL = emmAdminBasePath + "/notifications?status=NEW";
|
||||
invokerUtil.get(serviceURL, updateNotificationCountOnSuccess, updateNotificationCountOnError);
|
||||
loadNewNotifications();
|
||||
}
|
||||
}
|
||||
|
||||
function loadNewNotifications() {
|
||||
var messageSideBar = ".sidebar-messages";
|
||||
if ($("#right-sidebar").attr("is-authorized") == "false") {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>You are not authorized to view notifications.</h4>");
|
||||
} else {
|
||||
var notifications = $("#notifications");
|
||||
var currentUser = notifications.data("currentUser");
|
||||
|
||||
$.template("notification-listing", notifications.attr("src"), function (template) {
|
||||
var serviceURL = emmAdminBasePath + "/notifications?offset=0&limit=5&status=NEW";
|
||||
invokerUtil.get(
|
||||
serviceURL,
|
||||
// on success
|
||||
function (data, textStatus, jqXHR) {
|
||||
if (jqXHR.status == 200 && data) {
|
||||
var viewModel = {};
|
||||
var responsePayload = JSON.parse(data);
|
||||
if (responsePayload["notifications"]) {
|
||||
if (responsePayload.count > 0) {
|
||||
viewModel["notifications"] = responsePayload["notifications"];
|
||||
viewModel["appContext"] = context;
|
||||
$(messageSideBar).html(template(viewModel));
|
||||
} else {
|
||||
$(messageSideBar).html('<div class="alert alert-info" role="alert"><i class="icon fw fw-info"></i>No new notifications found...</div>');
|
||||
}
|
||||
} else {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>Unexpected error " +
|
||||
"occurred while loading new notifications.</h4>");
|
||||
}
|
||||
}
|
||||
},
|
||||
// on error
|
||||
function (jqXHR) {
|
||||
if (jqXHR.status = 500) {
|
||||
$(messageSideBar).html("<h4 class ='message-danger'>Unexpected error occurred while trying " +
|
||||
"to retrieve any new notifications.</h4>");
|
||||
}
|
||||
}
|
||||
);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Toggle function for
|
||||
* notification listing sidebar.
|
||||
* @return {Null}
|
||||
*/
|
||||
$.sidebar_toggle = function (action, target, container) {
|
||||
var elem = '[data-toggle=sidebar]',
|
||||
button,
|
||||
containerOffsetLeft,
|
||||
containerOffsetRight,
|
||||
targetOffsetLeft,
|
||||
targetOffsetRight,
|
||||
targetWidth,
|
||||
targetSide,
|
||||
relationship,
|
||||
pushType,
|
||||
buttonParent;
|
||||
|
||||
var sidebar_window = {
|
||||
update: function (target, container, button) {
|
||||
containerOffsetLeft = $(container).data('offset-left') ? $(container).data('offset-left') : 0;
|
||||
containerOffsetRight = $(container).data('offset-right') ? $(container).data('offset-right') : 0;
|
||||
targetOffsetLeft = $(target).data('offset-left') ? $(target).data('offset-left') : 0;
|
||||
targetOffsetRight = $(target).data('offset-right') ? $(target).data('offset-right') : 0;
|
||||
targetWidth = $(target).data('width');
|
||||
targetSide = $(target).data("side");
|
||||
pushType = $(container).parent().is('body') == true ? 'padding' : 'margin';
|
||||
|
||||
if (button !== undefined) {
|
||||
relationship = button.attr('rel') ? button.attr('rel') : '';
|
||||
buttonParent = $(button).parent();
|
||||
}
|
||||
},
|
||||
|
||||
show: function () {
|
||||
if ($(target).data('sidebar-fixed') == true) {
|
||||
$(target).height($(window).height() - $(target).data('fixed-offset'));
|
||||
}
|
||||
$(target).trigger('show.sidebar');
|
||||
if (targetWidth !== undefined) {
|
||||
$(target).css('width', targetWidth);
|
||||
}
|
||||
$(target).addClass('toggled');
|
||||
if (button !== undefined) {
|
||||
if (relationship !== '') {
|
||||
// Removing active class from all relative buttons
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false');
|
||||
}
|
||||
// Adding active class to button
|
||||
if (button.attr('data-handle') !== 'close') {
|
||||
button.addClass("active");
|
||||
button.attr('aria-expanded', 'true');
|
||||
}
|
||||
if (buttonParent.is('li')) {
|
||||
if (relationship !== '') {
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().attr('aria-expanded', 'false');
|
||||
}
|
||||
buttonParent.addClass("active");
|
||||
buttonParent.attr('aria-expanded', 'true');
|
||||
}
|
||||
}
|
||||
// Sidebar open function
|
||||
if (targetSide == 'left') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetLeft);
|
||||
}
|
||||
$(target).css(targetSide, targetOffsetLeft);
|
||||
} else if (targetSide == 'right') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetRight);
|
||||
}
|
||||
$(target).css(targetSide, targetOffsetRight);
|
||||
}
|
||||
$(target).trigger('shown.sidebar');
|
||||
},
|
||||
|
||||
hide: function () {
|
||||
$(target).trigger('hide.sidebar');
|
||||
$(target).removeClass('toggled');
|
||||
if (button !== undefined) {
|
||||
if (relationship !== '') {
|
||||
// Removing active class from all relative buttons
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false');
|
||||
}
|
||||
// Removing active class from button
|
||||
if (button.attr('data-handle') !== 'close') {
|
||||
button.removeClass("active");
|
||||
button.attr('aria-expanded', 'false');
|
||||
}
|
||||
if ($(button).parent().is('li')) {
|
||||
if (relationship !== '') {
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active");
|
||||
$(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().attr('aria-expanded', 'false');
|
||||
}
|
||||
}
|
||||
}
|
||||
// Sidebar close function
|
||||
if (targetSide == 'left') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetOffsetLeft);
|
||||
}
|
||||
$(target).css(targetSide, -Math.abs(targetWidth + targetOffsetLeft));
|
||||
} else if (targetSide == 'right') {
|
||||
if ((button !== undefined) && (button.attr('data-container-divide'))) {
|
||||
$(container).css(pushType + '-' + targetSide, targetOffsetRight);
|
||||
}
|
||||
$(target).css(targetSide, -Math.abs(targetWidth + targetOffsetRight));
|
||||
}
|
||||
$(target).trigger('hidden.sidebar');
|
||||
}
|
||||
};
|
||||
if (action === 'show') {
|
||||
sidebar_window.update(target, container);
|
||||
sidebar_window.show();
|
||||
}
|
||||
if (action === 'hide') {
|
||||
sidebar_window.update(target, container);
|
||||
sidebar_window.hide();
|
||||
}
|
||||
// binding click function
|
||||
var body = 'body';
|
||||
$(body).off('click', elem);
|
||||
$(body).on('click', elem, function (e) {
|
||||
e.preventDefault();
|
||||
button = $(this);
|
||||
container = button.data('container');
|
||||
target = button.data('target');
|
||||
sidebar_window.update(target, container, button);
|
||||
/**
|
||||
* Sidebar function on data container divide
|
||||
* @return {Null}
|
||||
*/
|
||||
if (button.attr('aria-expanded') == 'false') {
|
||||
sidebar_window.show();
|
||||
} else if (button.attr('aria-expanded') == 'true') {
|
||||
sidebar_window.hide();
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
$.fn.collapse_nav_sub = function () {
|
||||
var navSelector = 'ul.nav';
|
||||
|
||||
if (!$(navSelector).hasClass('collapse-nav-sub')) {
|
||||
$(navSelector + ' > li', this).each(function () {
|
||||
var position = $(this).offset().left - $(this).parent().scrollLeft();
|
||||
$(this).attr('data-absolute-position', (position + 5));
|
||||
});
|
||||
|
||||
$(navSelector + ' li', this).each(function () {
|
||||
if ($('ul', this).length !== 0) {
|
||||
$(this).addClass('has-sub');
|
||||
}
|
||||
});
|
||||
|
||||
$(navSelector + ' > li', this).each(function () {
|
||||
$(this).css({
|
||||
'left': $(this).data('absolute-position'),
|
||||
'position': 'absolute'
|
||||
});
|
||||
});
|
||||
|
||||
$(navSelector + ' li.has-sub', this).on('click', function () {
|
||||
var elem = $(this);
|
||||
if (elem.attr('aria-expanded') !== 'true') {
|
||||
elem.siblings().fadeOut(100, function () {
|
||||
elem.animate({'left': '15'}, 200, function () {
|
||||
$(elem).first().children('ul').fadeIn(200);
|
||||
});
|
||||
});
|
||||
elem.siblings().attr('aria-expanded', 'false');
|
||||
elem.attr('aria-expanded', 'true');
|
||||
} else {
|
||||
$(elem).first().children('ul').fadeOut(100, function () {
|
||||
elem.animate({'left': $(elem).data('absolute-position')}, 200, function () {
|
||||
elem.siblings().fadeIn(100);
|
||||
});
|
||||
});
|
||||
elem.siblings().attr('aria-expanded', 'false');
|
||||
elem.attr('aria-expanded', 'false');
|
||||
}
|
||||
});
|
||||
|
||||
$(navSelector + ' > li.has-sub ul', this).on('click', function (e) {
|
||||
e.stopPropagation();
|
||||
});
|
||||
$(navSelector).addClass('collapse-nav-sub');
|
||||
}
|
||||
};
|
||||
|
||||
$(".download-link").click(function(){
|
||||
toggleEnrollment();
|
||||
});
|
||||
|
||||
$(document).ready(function () {
|
||||
$.sidebar_toggle();
|
||||
if (typeof $.fn.collapse == 'function') {
|
||||
$('.navbar-collapse.tiles').on('shown.bs.collapse', function () {
|
||||
$(this).collapse_nav_sub();
|
||||
});
|
||||
}
|
||||
|
||||
loadNewNotificationsOnSideViewPanel();
|
||||
$("#right-sidebar").on("click", ".new-notification", function () {
|
||||
var notificationId = $(this).data("id");
|
||||
var redirectUrl = $(this).data("url");
|
||||
var markAsReadNotificationsEpr = emmAdminBasePath + "/notifications/" + notificationId + "/mark-checked";
|
||||
var messageSideBar = ".sidebar-messages";
|
||||
|
||||
invokerUtil.put(
|
||||
markAsReadNotificationsEpr,
|
||||
null,
|
||||
// on success
|
||||
function (data) {
|
||||
data = JSON.parse(data);
|
||||
if (data.statusCode == responseCodes["ACCEPTED"]) {
|
||||
location.href = redirectUrl;
|
||||
}
|
||||
},
|
||||
// on error
|
||||
function () {
|
||||
var content = "<li class='message message-danger'><h4><i class='icon fw fw-error'></i>Warning</h4>" +
|
||||
"<p>Unexpected error occurred while loading notification. Please refresh the page and" +
|
||||
" try again</p></li>";
|
||||
$(messageSideBar).html(content);
|
||||
}
|
||||
);
|
||||
});
|
||||
});
|
||||
@ -1,4 +1,3 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"extends": "cdmf.unit.device.operation-bar"
|
||||
"version": "1.0.0"
|
||||
}
|
||||
@ -0,0 +1,79 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt-plugins</groupId>
|
||||
<artifactId>extensions-feature</artifactId>
|
||||
<version>2.2.6-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.feature</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>WSO2 Carbon - MQTT Authorization Feature</name>
|
||||
<url>http://wso2.org</url>
|
||||
<description>This feature contains the bundles required for mqtt authorization</description>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.devicemgt-plugins</groupId>
|
||||
<artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.wso2.maven</groupId>
|
||||
<artifactId>carbon-p2-plugin</artifactId>
|
||||
<version>${carbon.p2.plugin.version}</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>4-p2-feature-generation</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>p2-feature-gen</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<id>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</id>
|
||||
<propertiesFile>../../etc/feature.properties</propertiesFile>
|
||||
<adviceFile>
|
||||
<properties>
|
||||
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
|
||||
<propertyDef>org.eclipse.equinox.p2.type.group:true</propertyDef>
|
||||
</properties>
|
||||
</adviceFile>
|
||||
<bundles>
|
||||
<bundleDef>
|
||||
org.wso2.carbon.devicemgt-plugins:org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization:${carbon.devicemgt.plugins.version}
|
||||
</bundleDef>
|
||||
</bundles>
|
||||
<importFeatures>
|
||||
<importFeatureDef>org.wso2.carbon.core.server:4.4.9</importFeatureDef>
|
||||
</importFeatures>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
||||
@ -0,0 +1,19 @@
|
||||
#
|
||||
# Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# Version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
custom = true
|
||||
@ -0,0 +1 @@
|
||||
instructions.configure = \
|
||||
Loading…
Reference in new issue