|
|
|
@ -41,128 +41,128 @@ import java.util.concurrent.ConcurrentHashMap;
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* This creates JWT Client for each tenant and implements the JWTClientManagerService interface.
|
|
|
|
* This creates JWT Client for each tenant and implements the JWTClientManagerService interface.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
public class JWTClientManagerServiceImpl implements JWTClientManagerService{
|
|
|
|
public class JWTClientManagerServiceImpl implements JWTClientManagerService {
|
|
|
|
|
|
|
|
|
|
|
|
private static Map<String, JWTClient> jwtClientMap;
|
|
|
|
private static Map<String, JWTClient> jwtClientMap;
|
|
|
|
private static final Log log = LogFactory.getLog(JWTClientManagerServiceImpl.class);
|
|
|
|
private static final Log log = LogFactory.getLog(JWTClientManagerServiceImpl.class);
|
|
|
|
private static final String TENANT_JWT_CONFIG_LOCATION = "/jwt-config/jwt.properties";
|
|
|
|
private static final String TENANT_JWT_CONFIG_LOCATION = "/jwt-config/jwt.properties";
|
|
|
|
private static JWTClient defaultJWTClient;
|
|
|
|
private static JWTClient defaultJWTClient;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public JWTClientManagerServiceImpl() {
|
|
|
|
public JWTClientManagerServiceImpl() {
|
|
|
|
jwtClientMap = new ConcurrentHashMap<>();
|
|
|
|
jwtClientMap = new ConcurrentHashMap<>();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* this return the jwt based token client to generate token for the tenant.
|
|
|
|
* this return the jwt based token client to generate token for the tenant.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public JWTClient getJWTClient() throws JWTClientException {
|
|
|
|
public JWTClient getJWTClient() throws JWTClientException {
|
|
|
|
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
|
|
|
|
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
|
|
|
|
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
|
|
|
|
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
|
|
|
|
if (tenantId == -1) {
|
|
|
|
if (tenantId == -1) {
|
|
|
|
throw new JWTClientException("Invalid tenant domain :" + tenantDomain);
|
|
|
|
throw new JWTClientException("Invalid tenant domain :" + tenantDomain);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//Get jwt client which has been registered for the tenant.
|
|
|
|
//Get jwt client which has been registered for the tenant.
|
|
|
|
JWTClient jwtClient = getJWTClient(tenantDomain);
|
|
|
|
JWTClient jwtClient = getJWTClient(tenantDomain);
|
|
|
|
if (jwtClient == null) {
|
|
|
|
if (jwtClient == null) {
|
|
|
|
//Create a new jwt client for the tenant.
|
|
|
|
//Create a new jwt client for the tenant.
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
Properties properties = getJWTConfigProperties(tenantId);
|
|
|
|
Properties properties = getJWTConfigProperties(tenantId);
|
|
|
|
if (properties == null) {
|
|
|
|
if (properties == null) {
|
|
|
|
if (defaultJWTClient != null) {
|
|
|
|
if (defaultJWTClient != null) {
|
|
|
|
return defaultJWTClient;
|
|
|
|
return defaultJWTClient;
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
throw new JWTClientException("JWT Configuration is not available for tenant " + tenantDomain);
|
|
|
|
throw new JWTClientException("JWT Configuration is not available for tenant " + tenantDomain);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
JWTConfig jwtConfig = new JWTConfig(properties);
|
|
|
|
JWTConfig jwtConfig = new JWTConfig(properties);
|
|
|
|
jwtClient = new JWTClient(jwtConfig);
|
|
|
|
jwtClient = new JWTClient(jwtConfig);
|
|
|
|
addJWTClient(tenantDomain, jwtClient);
|
|
|
|
addJWTClient(tenantDomain, jwtClient);
|
|
|
|
} catch (JWTClientAlreadyExistsException e) {
|
|
|
|
} catch (JWTClientAlreadyExistsException e) {
|
|
|
|
log.warn("Attempting to register a jwt client for the tenant " + tenantDomain +
|
|
|
|
log.warn("Attempting to register a jwt client for the tenant " + tenantDomain +
|
|
|
|
" when one already exists. Returning existing jwt client");
|
|
|
|
" when one already exists. Returning existing jwt client");
|
|
|
|
return getJWTClient(tenantDomain);
|
|
|
|
return getJWTClient(tenantDomain);
|
|
|
|
} catch (JWTClientConfigurationException e) {
|
|
|
|
} catch (JWTClientConfigurationException e) {
|
|
|
|
throw new JWTClientException("Failed to parse jwt configuration for tenant " + tenantDomain, e);
|
|
|
|
throw new JWTClientException("Failed to parse jwt configuration for tenant " + tenantDomain, e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return jwtClient;
|
|
|
|
return jwtClient;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* This will set the default JWT Client that will be used if there is any available for tenants.
|
|
|
|
* This will set the default JWT Client that will be used if there is any available for tenants.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public void setDefaultJWTClient(Properties properties) throws JWTClientConfigurationException {
|
|
|
|
public void setDefaultJWTClient(Properties properties) throws JWTClientConfigurationException {
|
|
|
|
if (properties == null) {
|
|
|
|
if (properties == null) {
|
|
|
|
throw new JWTClientConfigurationException("Failed to load jwt configuration for super tenant.");
|
|
|
|
throw new JWTClientConfigurationException("Failed to load jwt configuration for super tenant.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
String defaultJWTClientMode = properties.getProperty(JWTConstants.DEFAULT_JWT_CLIENT);
|
|
|
|
String defaultJWTClientMode = properties.getProperty(JWTConstants.DEFAULT_JWT_CLIENT);
|
|
|
|
boolean isDefaultJwtClient = false;
|
|
|
|
boolean isDefaultJwtClient = false;
|
|
|
|
if (defaultJWTClientMode != null && !defaultJWTClientMode.isEmpty()) {
|
|
|
|
if (defaultJWTClientMode != null && !defaultJWTClientMode.isEmpty()) {
|
|
|
|
isDefaultJwtClient = Boolean.parseBoolean(defaultJWTClientMode);
|
|
|
|
isDefaultJwtClient = Boolean.parseBoolean(defaultJWTClientMode);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (isDefaultJwtClient) {
|
|
|
|
if (isDefaultJwtClient) {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
JWTConfig jwtConfig = new JWTConfig(properties);
|
|
|
|
JWTConfig jwtConfig = new JWTConfig(properties);
|
|
|
|
defaultJWTClient = new JWTClient(jwtConfig, true);
|
|
|
|
defaultJWTClient = new JWTClient(jwtConfig, true);
|
|
|
|
addJWTClient(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, defaultJWTClient);
|
|
|
|
addJWTClient(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, defaultJWTClient);
|
|
|
|
} catch (JWTClientAlreadyExistsException e) {
|
|
|
|
} catch (JWTClientAlreadyExistsException e) {
|
|
|
|
log.warn("Attempting to register a jwt client for the super tenant" +
|
|
|
|
log.warn("Attempting to register a jwt client for the super tenant" +
|
|
|
|
" when one already exists. Returning existing jwt client");
|
|
|
|
" when one already exists. Returning existing jwt client");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* Fetch the jwt client which has been registered under the tenant domain.
|
|
|
|
* Fetch the jwt client which has been registered under the tenant domain.
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @param tenantDomain - The tenant domain under which the jwt client is registered
|
|
|
|
* @param tenantDomain - The tenant domain under which the jwt client is registered
|
|
|
|
* @return - Instance of the jwt client which was registered. Null if not registered.
|
|
|
|
* @return - Instance of the jwt client which was registered. Null if not registered.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
private JWTClient getJWTClient(String tenantDomain) {
|
|
|
|
private JWTClient getJWTClient(String tenantDomain) {
|
|
|
|
if (jwtClientMap.containsKey(tenantDomain)) {
|
|
|
|
if (jwtClientMap.containsKey(tenantDomain)) {
|
|
|
|
return jwtClientMap.get(tenantDomain);
|
|
|
|
return jwtClientMap.get(tenantDomain);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* Adds a jwt client to the jwt client map.
|
|
|
|
* Adds a jwt client to the jwt client map.
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @param tenantDomain - The tenant domain under which the jwt client will be registered.
|
|
|
|
* @param tenantDomain - The tenant domain under which the jwt client will be registered.
|
|
|
|
* @param jwtClient - Instance of the jwt client
|
|
|
|
* @param jwtClient - Instance of the jwt client
|
|
|
|
* @throws JWTClientAlreadyExistsException - If a jwt client has already been registered under the tenantdomain
|
|
|
|
* @throws JWTClientAlreadyExistsException - If a jwt client has already been registered under the tenantdomain
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
private void addJWTClient(String tenantDomain, JWTClient jwtClient) throws JWTClientAlreadyExistsException {
|
|
|
|
private void addJWTClient(String tenantDomain, JWTClient jwtClient) throws JWTClientAlreadyExistsException {
|
|
|
|
synchronized (jwtClientMap) {
|
|
|
|
synchronized (jwtClientMap) {
|
|
|
|
if (jwtClientMap.containsKey(tenantDomain)) {
|
|
|
|
if (jwtClientMap.containsKey(tenantDomain)) {
|
|
|
|
throw new JWTClientAlreadyExistsException(
|
|
|
|
throw new JWTClientAlreadyExistsException(
|
|
|
|
"A jwt client has already been created for the tenant " + tenantDomain);
|
|
|
|
"A jwt client has already been created for the tenant " + tenantDomain);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
jwtClientMap.put(tenantDomain, jwtClient);
|
|
|
|
jwtClientMap.put(tenantDomain, jwtClient);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* Retrieve JWT configs from registry.
|
|
|
|
* Retrieve JWT configs from registry.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
private Properties getJWTConfigProperties(int tenantId) throws JWTClientConfigurationException {
|
|
|
|
private Properties getJWTConfigProperties(int tenantId) throws JWTClientConfigurationException {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
Resource config = JWTClientUtil.getConfigRegistryResourceContent(tenantId, TENANT_JWT_CONFIG_LOCATION);
|
|
|
|
Resource config = JWTClientUtil.getConfigRegistryResourceContent(tenantId, TENANT_JWT_CONFIG_LOCATION);
|
|
|
|
Properties properties = null;
|
|
|
|
Properties properties = null;
|
|
|
|
if (config != null) {
|
|
|
|
if (config != null) {
|
|
|
|
properties = new Properties();
|
|
|
|
properties = new Properties();
|
|
|
|
properties.load(config.getContentStream());
|
|
|
|
properties.load(config.getContentStream());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return properties;
|
|
|
|
return properties;
|
|
|
|
} catch (RegistryException e) {
|
|
|
|
} catch (RegistryException e) {
|
|
|
|
throw new JWTClientConfigurationException("Failed to load the content from registry for tenant " +
|
|
|
|
throw new JWTClientConfigurationException("Failed to load the content from registry for tenant " +
|
|
|
|
tenantId, e);
|
|
|
|
tenantId, e);
|
|
|
|
} catch (IOException e) {
|
|
|
|
} catch (IOException e) {
|
|
|
|
throw new JWTClientConfigurationException(
|
|
|
|
throw new JWTClientConfigurationException(
|
|
|
|
"Failed to parse the content from the registry for tenant " + tenantId, e);
|
|
|
|
"Failed to parse the content from the registry for tenant " + tenantId, e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
mharindu
9 years ago