Fixing realtime analytics websocket authentication

components/iot-plugins/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android_sense.realtime.analytics-view/analytics-view.js

@@ -17,16 +17,31 @@
  */
 
 function onRequest(context) {
+    var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
     var device = context.unit.params.device;
     var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
     var constants = require("/app/modules/constants.js");
-    var websocketEndpoint = devicemgtProps["httpsURL"].replace("https", "wss");
+
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
+    var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
         var token = "";
         if (tokenPair) {
             token = tokenPair.accessToken;
         }
         websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.android.sense/1.0.0?" +
                             "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
+    }
     return {"device": device, "websocketEndpoint": websocketEndpoint};
 }

components/iot-plugins/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.arduino.realtime.analytics-view/analytics-view.js

@@ -18,16 +18,30 @@
 
 function onRequest(context) {
     var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
     var device = context.unit.params.device;
     var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
     var constants = require("/app/modules/constants.js");
+
     var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
         var token = "";
         if (tokenPair) {
             token = tokenPair.accessToken;
         }
         websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
                             "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
+    }
     return {"device": device, "websocketEndpoint": websocketEndpoint};
 }

components/iot-plugins/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.raspberrypi.realtime.analytics-view/analytics-view.js

@@ -18,16 +18,30 @@
 
 function onRequest(context) {
     var log = new Log("stats.js");
+    var carbonServer = require("carbon").server;
     var device = context.unit.params.device;
     var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
     var constants = require("/app/modules/constants.js");
+
     var websocketEndpoint = devicemgtProps["wssURL"].replace("https", "wss");
-    var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER);
+    var jwtService = carbonServer.osgiService(
+        'org.wso2.carbon.identity.jwt.client.extension.service.JWTClientManagerService');
+    var jwtClient = jwtService.getJWTClient();
+    var encodedClientKeys = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
+    if (encodedClientKeys) {
+        var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
+        var resp = tokenUtil.decode(encodedClientKeys).split(":");
+        var deviceParam = "{\"scope\":\"stats\",\"deviceIdentifiers\":[{\"id\":\"" + device.deviceIdentifier
+                          + "\", \"type\":\"" + device.type + "\"}]}";
+        var encodedScope = tokenUtil.encode(deviceParam);
+        var tokenPair = jwtClient.getAccessToken(resp[0], resp[1], context.user.username,"default",
+                                                 {"device": encodedScope});
         var token = "";
         if (tokenPair) {
             token = tokenPair.accessToken;
         }
         websocketEndpoint = websocketEndpoint + "/secured-outputui/org.wso2.iot.devices.temperature/1.0.0?" +
                             "token="+ token +"&deviceId=" + device.deviceIdentifier + "&deviceType=" + device.type;
+    }
     return {"device": device, "websocketEndpoint": websocketEndpoint};
 }