Fixing realtime analytics websocket authentication

8 years ago · d58b8f1f53
parent 6dfb33ed33
commit d58b8f1f53
3 changed files with 65 additions and 22 deletions
--- a/components/iot-plugins/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android_sense.realtime.analytics-view/analytics-view.js
+++ b/components/iot-plugins/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android_sense.realtime.analytics-view/analytics-view.js
@ -17,16 +17,31 @@
 */

 function onRequest(context) {
+    var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
    var device = context.unit.params.device;
    var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
    var constants = require("/app/modules/constants.js");
-    var websocketEndpoint = devicemgtProps["httpsURL"].replace("https", "wss");
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
-    var token = "";
-    if (tokenPair) {
-        token =  tokenPair.accessToken;
+
+    var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
+        var token = "";
+        if (tokenPair) {
+            token = tokenPair.accessToken;
+        }
+        websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.android.sense/1.0.0?" +
+                            "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
    }
-    websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.android.sense/1.0.0?" +
-    "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
-    return {"device": device, "websocketEndpoint" : websocketEndpoint};
+    return {"device": device, "websocketEndpoint": websocketEndpoint};
 }
--- a/components/iot-plugins/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js
+++ b/components/iot-plugins/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js
@ -18,16 +18,30 @@

 function onRequest(context) {
    var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
    var device = context.unit.params.device;
    var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
    var constants = require("/app/modules/constants.js");
+
    var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
-    var token = "";
-    if (tokenPair) {
-        token =  tokenPair.accessToken;
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
+        var token = "";
+        if (tokenPair) {
+            token = tokenPair.accessToken;
+        }
+        websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
+                            "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
    }
-    websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
-    "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
-    return {"device": device, "websocketEndpoint" : websocketEndpoint};
+    return {"device": device, "websocketEndpoint": websocketEndpoint};
 }
--- a/components/iot-plugins/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js
+++ b/components/iot-plugins/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js
@ -18,16 +18,30 @@

 function onRequest(context) {
    var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
    var device = context.unit.params.device;
    var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
    var constants = require("/app/modules/constants.js");
+
    var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
-    var token = "";
-    if (tokenPair) {
-        token =  tokenPair.accessToken;
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
+        var token = "";
+        if (tokenPair) {
+            token = tokenPair.accessToken;
+        }
+        websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
+                            "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
    }
-    websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
-    "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
-    return {"device": device, "websocketEndpoint" : websocketEndpoint};
+    return {"device": device, "websocketEndpoint": websocketEndpoint};
 }