From 5e1945588206ea766615780dec6bc456945fd923 Mon Sep 17 00:00:00 2001 From: milanperera Date: Wed, 25 Sep 2019 16:25:38 +0200 Subject: [PATCH] Fix for entgra/product-iots#141 --- ...ApiApplicationRegistrationServiceImpl.java | 21 ++++++++++++-- .../api/util/RegistrationProfile.java | 20 +++++++++++++ .../APIManagementProviderService.java | 23 +++++++++++++++ .../APIManagementProviderServiceImpl.java | 29 +++++++++++++++---- .../client/IntegrationClientServiceImpl.java | 6 ++++ .../client/OAuthRequestInterceptor.java | 22 ++++++++++---- 6 files changed, 108 insertions(+), 13 deletions(-) diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java index 4656653988..2beaff52ab 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java @@ -28,6 +28,8 @@ import org.wso2.carbon.apimgt.application.extension.api.util.RegistrationProfile import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants; import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey; import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException; +import org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor; +import org.wso2.carbon.apimgt.integration.client.store.StoreClient; import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.common.DeviceManagementException; @@ -96,9 +98,8 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi return Response.status(Response.Status.NOT_ACCEPTABLE).entity("APIs(Tags) are not allowed to this user." ).build(); } - PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(PrivilegedCarbonContext. - getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName()); String username = APIUtil.getAuthenticatedUser(); + APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService(); String validityPeriod; if (registrationProfile.getValidityPeriod() == null) { @@ -108,6 +109,22 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi } String applicationName = registrationProfile.getApplicationName(); + + if (username.equals(registrationProfile.getUsername())) { + synchronized (ApiApplicationRegistrationServiceImpl.class) { + StoreClient storeClient = new StoreClient(new OAuthRequestInterceptor(registrationProfile.getUsername(), + registrationProfile.getPassword())); + ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys( + applicationName, registrationProfile.getTags(), + ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username, + registrationProfile.isAllowedToAllDomains(), validityPeriod, storeClient); + return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build(); + } + } + + PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(PrivilegedCarbonContext. + getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName()); + synchronized (ApiApplicationRegistrationServiceImpl.class) { ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys( applicationName, registrationProfile.getTags(), diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java index 44cc5554fc..5c7d945c79 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java @@ -32,6 +32,10 @@ import javax.xml.bind.annotation.XmlRootElement; public class RegistrationProfile { @XmlElement(required = true) private String applicationName; + @XmlElement + private String username; + @XmlElement + private String password; @XmlElement(required = true) private String tags[]; @XmlElement(required = true) @@ -70,4 +74,20 @@ public class RegistrationProfile { public void setValidityPeriod(String validityPeriod) { this.validityPeriod = validityPeriod; } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java index 611679e512..4f10bedb36 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderService.java @@ -20,6 +20,7 @@ package org.wso2.carbon.apimgt.application.extension; import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey; import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException; +import org.wso2.carbon.apimgt.integration.client.store.StoreClient; /** * This comprise on operation that is been done with api manager from CDMF. This service needs to be implemented in APIM. @@ -49,6 +50,28 @@ public interface APIManagementProviderService { String keyType, String username, boolean isAllowedAllDomains, String validityTime) throws APIManagerException; + /** + * Generate and retreive application keys. if the application does exist then + * create it and subscribe to apis that are grouped with the tags. + * + * @param apiApplicationName name of the application. + * @param tags tags of the apis that application needs to be subscribed. + * @param keyType of the application. + * @param username to whom the application is created + * @param isAllowedAllDomains application is allowed to all the tenants + * @param validityTime validity period of the application + * @param storeClient Specified store client + * @return consumerkey and secrete of the created application. + * @throws APIManagerException + */ + ApiApplicationKey generateAndRetrieveApplicationKeys(String apiApplicationName, + String tags[], + String keyType, + String username, + boolean isAllowedAllDomains, + String validityTime, + StoreClient storeClient) throws APIManagerException; + /** * Remove APIM Application. */ diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java index aaa3cb87c1..d966234eba 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java @@ -94,11 +94,18 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe @Override public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String tags[], String keyType, String username, - boolean isAllowedAllDomains, String validityTime) - throws APIManagerException { - StoreClient storeClient = - APIApplicationManagerExtensionDataHolder.getInstance().getIntegrationClientService() - .getStoreClient(); + boolean isAllowedAllDomains, String validityTime, + StoreClient sClient) throws APIManagerException { + + StoreClient storeClient; + + if (sClient == null) { + storeClient = APIApplicationManagerExtensionDataHolder.getInstance().getIntegrationClientService() + .getStoreClient(); + } else { + storeClient = sClient; + } + String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext() .getTenantDomain(); try { @@ -211,4 +218,16 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe } } + /** + * {@inheritDoc} + */ + @Override + public synchronized ApiApplicationKey generateAndRetrieveApplicationKeys(String applicationName, String tags[], + String keyType, String username, + boolean isAllowedAllDomains, + String validityTime) + throws APIManagerException { + return this.generateAndRetrieveApplicationKeys(applicationName, tags, keyType, username, + isAllowedAllDomains, validityTime, null); + } } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java index 6341dc7a22..66c519733e 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java @@ -36,6 +36,12 @@ public class IntegrationClientServiceImpl implements IntegrationClientService { publisherClient = new PublisherClient(oAuthRequestInterceptor); } + public IntegrationClientServiceImpl(OAuthRequestInterceptor oAuthRequestInterceptor) { + this.oAuthRequestInterceptor = oAuthRequestInterceptor; + storeClient = new StoreClient(oAuthRequestInterceptor); + publisherClient = new PublisherClient(oAuthRequestInterceptor); + } + public static IntegrationClientServiceImpl getInstance() { if (instance == null) { synchronized (IntegrationClientService.class) { diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java index 4bf2875509..0d6d305bc7 100755 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java @@ -56,7 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final String APIM_SUBSCRIBE_SCOPE = "apim:subscribe"; private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000; private DCRClient dcrClient; - private static OAuthApplication oAuthApplication; + private OAuthApplication oAuthApplication; private static Map tenantUserTokenMap = new ConcurrentHashMap<>(); private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class); @@ -67,8 +67,15 @@ public class OAuthRequestInterceptor implements RequestInterceptor { String username = APIMConfigReader.getInstance().getConfig().getUsername(); String password = APIMConfigReader.getInstance().getConfig().getPassword(); dcrClient = Feign.builder().client(new OkHttpClient(Utils.getSSLClient())).logger(new Slf4jLogger()) - .logLevel(Logger.Level.FULL).requestInterceptor(new BasicAuthRequestInterceptor(username, - password)) + .logLevel(Logger.Level.FULL).requestInterceptor(new BasicAuthRequestInterceptor(username, password)) + .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) + .target(DCRClient.class, Utils.replaceProperties( + APIMConfigReader.getInstance().getConfig().getDcrEndpoint())); + } + + public OAuthRequestInterceptor(String username, String password) { + dcrClient = Feign.builder().client(new OkHttpClient(Utils.getSSLClient())).logger(new Slf4jLogger()) + .logLevel(Logger.Level.FULL).requestInterceptor(new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DCRClient.class, Utils.replaceProperties( APIMConfigReader.getInstance().getConfig().getDcrEndpoint())); @@ -82,7 +89,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor { clientProfile.setClientName(APPLICATION_NAME); clientProfile.setCallbackUrl(""); clientProfile.setGrantType(GRANT_TYPES); - clientProfile.setOwner(APIMConfigReader.getInstance().getConfig().getUsername()); + String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); + if (username == null || username.isEmpty()) { + username = APIMConfigReader.getInstance().getConfig().getUsername(); + } + clientProfile.setOwner(username); clientProfile.setSaasApp(true); oAuthApplication = dcrClient.register(clientProfile); } @@ -100,8 +111,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService() .getJWTClient(); tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(), - oAuthApplication.getClientSecret(), username, - REQUIRED_SCOPE); + oAuthApplication.getClientSecret(), username, REQUIRED_SCOPE); tenantBasedAccessTokenInfo.setExpiresIn( System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000)); if (tenantBasedAccessTokenInfo.getScopes() == null) {