diff --git a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/pom.xml b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/pom.xml index f36fdd337..de5ac8ae8 100644 --- a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/pom.xml +++ b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/pom.xml @@ -67,7 +67,8 @@ feign.gson, org.json.simple.*, org.wso2.carbon.appmgt.mobile.beans, - org.wso2.carbon.context + org.wso2.carbon.context, + javax.net.ssl !org.wso2.carbon.appmgt.mdm.restconnector.internal, diff --git a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/ApplicationOperationsImpl.java b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/ApplicationOperationsImpl.java index 949407f02..4d829a738 100644 --- a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/ApplicationOperationsImpl.java +++ b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/ApplicationOperationsImpl.java @@ -17,6 +17,7 @@ */ package org.wso2.carbon.appmgt.mdm.restconnector; +import feign.Client; import feign.Feign; import feign.gson.GsonDecoder; import feign.gson.GsonEncoder; @@ -44,6 +45,14 @@ import org.wso2.carbon.appmgt.mobile.utils.MobileApplicationException; import org.wso2.carbon.appmgt.mobile.utils.MobileConfigurations; import org.wso2.carbon.context.PrivilegedCarbonContext; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -62,12 +71,12 @@ public class ApplicationOperationsImpl implements ApplicationOperations { public ApplicationOperationsImpl() { String authorizationConfigManagerServerURL = AuthorizationConfigurationManager.getInstance().getServerURL(); OAuthRequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor(); - deviceManagementAdminService = Feign.builder() + deviceManagementAdminService = Feign.builder().client(getSSLClient()) .requestInterceptor(oAuthRequestInterceptor) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DeviceManagementAdminService.class, authorizationConfigManagerServerURL + CDMF_SERVER_BASE_CONTEXT); - applicationManagementAdminService = Feign.builder() + applicationManagementAdminService = Feign.builder().client(getSSLClient()) .requestInterceptor(oAuthRequestInterceptor) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(ApplicationManagementAdminService.class, @@ -271,4 +280,37 @@ public class ApplicationOperationsImpl implements ApplicationOperations { log.error(errorMessage); } } + + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } } \ No newline at end of file diff --git a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/authorization/client/OAuthRequestInterceptor.java b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/authorization/client/OAuthRequestInterceptor.java index 48bf79df8..91ed76bce 100755 --- a/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/appm-connector/org.wso2.carbon.appmgt.mdm.restconnector/src/main/java/org/wso2/carbon/appmgt/mdm/restconnector/authorization/client/OAuthRequestInterceptor.java @@ -17,6 +17,7 @@ */ package org.wso2.carbon.appmgt.mdm.restconnector.authorization.client; +import feign.Client; import feign.Feign; import feign.RequestInterceptor; import feign.RequestTemplate; @@ -33,6 +34,15 @@ import org.wso2.carbon.appmgt.mdm.restconnector.authorization.client.dto.TokenIs import org.wso2.carbon.appmgt.mdm.restconnector.config.AuthorizationConfigurationManager; import org.wso2.carbon.appmgt.mdm.restconnector.internal.AuthorizationDataHolder; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; + /** * This is a request interceptor to add oauth token header. */ @@ -54,7 +64,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { refreshTimeOffset = AuthorizationConfigurationManager.getInstance().getTokenRefreshTimeOffset(); String username = AuthorizationConfigurationManager.getInstance().getUserName(); String password = AuthorizationConfigurationManager.getInstance().getPassword(); - apiApplicationRegistrationService = Feign.builder().requestInterceptor( + apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(ApiApplicationRegistrationService.class, @@ -82,7 +92,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { String consumerSecret = apiApplicationKey.getConsumerSecret(); String username = AuthorizationConfigurationManager.getInstance().getUserName(); String password = AuthorizationConfigurationManager.getInstance().getPassword(); - tokenIssuerService = Feign.builder().requestInterceptor( + tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(consumerKey, consumerSecret)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(TokenIssuerService.class, AuthorizationConfigurationManager.getInstance().getTokenApiURL()); @@ -98,4 +108,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor { String headerValue = Constants.RestConstants.BEARER + tokenInfo.getAccess_token(); template.header(Constants.RestConstants.AUTHORIZATION, headerValue); } + + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } } diff --git a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/pom.xml b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/pom.xml index 52ecb5acd..6c9e9bf1e 100644 --- a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/pom.xml +++ b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/pom.xml @@ -160,7 +160,8 @@ org.wso2.carbon.core.util, org.wso2.carbon.identity.oauth2.*, org.wso2.carbon.utils, - org.wso2.carbon.utils.multitenancy + org.wso2.carbon.utils.multitenancy, + javax.net.ssl jsr311-api, diff --git a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/DeviceAuthorizer.java b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/DeviceAuthorizer.java index 2eab72cfb..e317199d1 100644 --- a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/DeviceAuthorizer.java +++ b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/DeviceAuthorizer.java @@ -17,6 +17,7 @@ */ package org.wso2.carbon.device.mgt.input.adapter.http.authorization; +import feign.Client; import feign.Feign; import feign.FeignException; import feign.gson.GsonDecoder; @@ -33,6 +34,14 @@ import org.wso2.carbon.device.mgt.input.adapter.http.util.AuthenticationInfo; import org.wso2.carbon.device.mgt.input.adapter.http.util.PropertyUtils; import org.wso2.carbon.event.input.adapter.core.exception.InputEventAdapterException; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -50,7 +59,7 @@ public class DeviceAuthorizer { public DeviceAuthorizer(Map globalProperties) { try { - deviceAccessAuthorizationAdminService = Feign.builder() + deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient()) .requestInterceptor(new OAuthRequestInterceptor(globalProperties)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DeviceAccessAuthorizationAdminService.class, getDeviceMgtServerUrl(globalProperties) @@ -98,4 +107,37 @@ public class DeviceAuthorizer { } return deviceMgtServerUrl; } + + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } } \ No newline at end of file diff --git a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/client/OAuthRequestInterceptor.java b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/client/OAuthRequestInterceptor.java index 9b2ea93ae..bc8cfd709 100755 --- a/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/cdmf-transport-adapters/input/org.wso2.carbon.device.mgt.input.adapter.http/src/main/java/org/wso2/carbon/device/mgt/input/adapter/http/authorization/client/OAuthRequestInterceptor.java @@ -14,6 +14,7 @@ package org.wso2.carbon.device.mgt.input.adapter.http.authorization.client; +import feign.Client; import feign.Feign; import feign.RequestInterceptor; import feign.RequestTemplate; @@ -31,6 +32,14 @@ import org.wso2.carbon.device.mgt.input.adapter.http.authorization.client.dto.To import org.wso2.carbon.device.mgt.input.adapter.http.util.PropertyUtils; import org.wso2.carbon.event.input.adapter.core.exception.InputEventAdapterException; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.Map; /** @@ -76,7 +85,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { username = getUsername(globalProperties); password = getPassword(globalProperties); tokenEndpoint = getTokenEndpoint(globalProperties); - apiApplicationRegistrationService = Feign.builder().requestInterceptor( + apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(ApiApplicationRegistrationService.class, @@ -99,7 +108,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile); String consumerKey = apiApplicationKey.getConsumerKey(); String consumerSecret = apiApplicationKey.getConsumerSecret(); - tokenIssuerService = Feign.builder().requestInterceptor( + tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(consumerKey, consumerSecret)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(TokenIssuerService.class, tokenEndpoint); @@ -158,4 +167,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor { return refreshTimeOffset; } + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } + } diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/pom.xml b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/pom.xml index b86ab8f08..65d815270 100644 --- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/pom.xml +++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/pom.xml @@ -169,7 +169,8 @@ feign.auth, feign.codec, feign.gson, - javax.cache + javax.cache, + javax.net.ssl * diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java index 0edea4d1e..489c16956 100644 --- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java +++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java @@ -17,6 +17,7 @@ */ package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization; +import feign.Client; import feign.Feign; import feign.FeignException; import feign.gson.GsonDecoder; @@ -35,7 +36,15 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.util.PropertyUtils; import org.wso2.carbon.device.mgt.output.adapter.websocket.util.WebSocketSessionRequest; import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import javax.websocket.Session; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -67,7 +76,7 @@ public class DeviceAuthorizer implements Authorizer { } } try { - deviceAccessAuthorizationAdminService = Feign.builder() + deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient()) .requestInterceptor(new OAuthRequestInterceptor(globalProperties)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DeviceAccessAuthorizationAdminService.class, getDeviceMgtServerUrl(globalProperties) @@ -130,4 +139,37 @@ public class DeviceAuthorizer implements Authorizer { } return null; } + + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } } \ No newline at end of file diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java index 7688040d9..21ba423c2 100755 --- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java @@ -14,6 +14,7 @@ package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client; +import feign.Client; import feign.Feign; import feign.RequestInterceptor; import feign.RequestTemplate; @@ -31,6 +32,14 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client. import org.wso2.carbon.device.mgt.output.adapter.websocket.util.PropertyUtils; import org.wso2.carbon.event.output.adapter.core.exception.OutputEventAdapterException; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.Map; /** @@ -77,7 +86,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { username = getUsername(globalProperties); password = getPassword(globalProperties); tokenEndpoint = getTokenEndpoint(globalProperties); - apiApplicationRegistrationService = Feign.builder().requestInterceptor( + apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(ApiApplicationRegistrationService.class, @@ -100,7 +109,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { ApiApplicationKey apiApplicationKey = apiApplicationRegistrationService.register(apiRegistrationProfile); String consumerKey = apiApplicationKey.getConsumerKey(); String consumerSecret = apiApplicationKey.getConsumerSecret(); - tokenIssuerService = Feign.builder().requestInterceptor( + tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(consumerKey, consumerSecret)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(TokenIssuerService.class, tokenEndpoint); @@ -159,4 +168,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor { return refreshTimeOffset; } + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } + } diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/pom.xml b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/pom.xml index 7885a389a..cff7f75a6 100644 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/pom.xml +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/pom.xml @@ -123,7 +123,8 @@ javax.xml.namespace, javax.xml.stream, org.wso2.carbon.base, - org.wso2.carbon.utils + org.wso2.carbon.utils, + javax.net.ssl jsr311-api, diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java index 0b9806962..b1d075ac5 100644 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/DeviceAccessBasedMQTTAuthorizer.java @@ -18,6 +18,7 @@ package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization; +import feign.Client; import feign.Feign; import feign.FeignException; import feign.gson.GsonDecoder; @@ -45,6 +46,14 @@ import javax.cache.Cache; import javax.cache.CacheConfiguration; import javax.cache.CacheManager; import javax.cache.Caching; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.List; import java.util.concurrent.TimeUnit; @@ -68,7 +77,7 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { public DeviceAccessBasedMQTTAuthorizer() { this.MQTTAuthorizationConfiguration = AuthorizationConfigurationManager.getInstance(); - deviceAccessAuthorizationAdminService = Feign.builder() + deviceAccessAuthorizationAdminService = Feign.builder().client(getSSLClient()) .requestInterceptor(new OAuthRequestInterceptor()) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(DeviceAccessAuthorizationAdminService.class, @@ -224,4 +233,37 @@ public class DeviceAccessBasedMQTTAuthorizer implements IAuthorizer { } } + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } + } \ No newline at end of file diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java index 630fda079..1f1af5a21 100755 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java @@ -14,6 +14,7 @@ package org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client; +import feign.Client; import feign.Feign; import feign.RequestInterceptor; import feign.RequestTemplate; @@ -30,6 +31,15 @@ import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.dto.TokenIssuerService; import org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.config.AuthorizationConfigurationManager; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; + /** * This is a request interceptor to add oauth token header. */ @@ -53,7 +63,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { refreshTimeOffset = AuthorizationConfigurationManager.getInstance().getTokenRefreshTimeOffset() * 1000; String username = AuthorizationConfigurationManager.getInstance().getUsername(); String password = AuthorizationConfigurationManager.getInstance().getPassword(); - apiApplicationRegistrationService = Feign.builder().requestInterceptor( + apiApplicationRegistrationService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(ApiApplicationRegistrationService.class, @@ -75,7 +85,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { String consumerSecret = apiApplicationKey.getConsumerSecret(); String username = AuthorizationConfigurationManager.getInstance().getUsername(); String password = AuthorizationConfigurationManager.getInstance().getPassword(); - tokenIssuerService = Feign.builder().requestInterceptor( + tokenIssuerService = Feign.builder().client(getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(consumerKey, consumerSecret)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) .target(TokenIssuerService.class, @@ -93,4 +103,37 @@ public class OAuthRequestInterceptor implements RequestInterceptor { template.header("Authorization", headerValue); } + private static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } + } diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.hbs b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.hbs index 4b2dfe84a..0577d7482 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.hbs +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.hbs @@ -364,16 +364,18 @@
+ data-locations="{{device.locationHistory}}">

- + {{#unless isCloud}} + - Add Geo Fencing - + Add Geo Fencing + + {{/unless}} {{else}}

diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.js b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.js index 0a0bba6ba..ea56974af 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.js +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/device-view.js @@ -216,6 +216,7 @@ function onRequest(context) { deviceViewData["permissions"] = permissions; deviceViewData["portalUrl"] = devicemgtProps['portalURL']; + deviceViewData["isCloud"] = devicemgtProps['isCloud']; deviceViewData["anchor"] = encodeURI(JSON.stringify({ "device" : { "id" : deviceId, "type" : deviceType}})); return deviceViewData; } diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/device-detail.js b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/device-detail.js index c628f1260..c1b8f39a2 100755 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/device-detail.js +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/device-detail.js @@ -26,12 +26,14 @@ var InitiateViewOption = null; var payload = [deviceIdentifier]; var operationTable; var serviceUrl; + var serviceUrlLocal = "/api/device-mgt/android/v1.0/admin/devices/location"; if (deviceType == "ios") { serviceUrl = "/ios/operation/deviceinfo"; } else if (deviceType == "android") { //var serviceUrl = "/mdm-android-agent/operation/device-info"; serviceUrl = "/api/device-mgt/android/v1.0/admin/devices/info"; + serviceUrlLocal = "/api/device-mgt/android/v1.0/admin/devices/location"; } if (serviceUrl) { @@ -49,6 +51,23 @@ var InitiateViewOption = null; $(".panel-body").append(defaultInnerHTML); } ); + + + invokerUtil.post( + serviceUrlLocal, + payload, + // success-callback + function () { + $(".panel-body").show(); + }, + // error-callback + function () { + var defaultInnerHTML = + "

Device data may not have been updated. Please refresh to try again.

"; + $(".panel-body").append(defaultInnerHTML); + } + ); + } diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/load-map.js b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/load-map.js index 10c4ec453..8ce98731b 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/load-map.js +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.device-view/public/js/load-map.js @@ -19,7 +19,7 @@ var map; function loadLeafletMap() { - + var deviceLocationID = "#device-location", locations = $(deviceLocationID).data("locations"), location_lat = $(deviceLocationID).data("lat"), @@ -28,7 +28,7 @@ function loadLeafletMap() { zoomLevel = 13, tileSet = "https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png", attribution = "© OpenStreetMap contributors"; - if (locations) { + if (locations && locations.locations.length > 0) { var locationSets = locations.locations; map = L.map(container).setView([locationSets[0].lat, locationSets[0].lng], zoomLevel); diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/css/styles.css b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/css/styles.css index 1a65500ff..56dc06903 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/css/styles.css +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/css/styles.css @@ -57,4 +57,7 @@ hr { .doc-link a { color: #006eff; +} +.enrollment-qr-container canvas { + width: 24%; } \ No newline at end of file diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/install_agent.png b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/install_agent.png new file mode 100644 index 000000000..8e5230965 Binary files /dev/null and b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/install_agent.png differ diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/login.png b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/login.png new file mode 100644 index 000000000..9a01b0ac4 Binary files /dev/null and b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/login.png differ diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/registration.png b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/registration.png new file mode 100644 index 000000000..7187b6d20 Binary files /dev/null and b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/registration.png differ diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/set_profile.png b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/set_profile.png new file mode 100644 index 000000000..23e6002df Binary files /dev/null and b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/images/set_profile.png differ diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/js/type-view.js b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/js/type-view.js index e6a79d11b..ea6f396cb 100755 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/js/type-view.js +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/public/js/type-view.js @@ -349,6 +349,9 @@ $.fn.collapse_nav_sub = function () { $(document).ready(function () { $.sidebar_toggle(); + + generateQRCode(".enrollment-qr-container"); + if (typeof $.fn.collapse == 'function') { $('.navbar-collapse.tiles').on('shown.bs.collapse', function () { $(this).collapse_nav_sub(); diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/type-view.hbs b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/type-view.hbs index a0c4e15a9..98bffae54 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/type-view.hbs +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/type-view.hbs @@ -2,69 +2,132 @@ {{unit "cdmf.unit.device.type.qr-modal" enrollmentURL=enrollmentURL deviceTypeName="Android"}} {{unit "cdmf.unit.device.type.email.invite-modal" deviceTypeView="android"}} -

-

Android Mobile

-
-
-
- +
+
+

DOWNLOAD THE ANDROID AGENT

+
+
-
+
+ +
+

Scan to download the Android Agent.

+
+

or

+
+ Download APK
-

What it Does

-
-

Connect and manage your Android device with WSO2 IoT Server.

-
+ +

Need help? Read WSO2 Device + Cloud documentation.

+
+
- Enroll Device - Download APK - Invite by Email - {{#if displayStatus}} - Deploy Analytics Artifacts - {{/if}} +
+
+

START ENROLLING YOUR DEVICE

+
+
+
-

Click here for latest instructions and troubleshooting.

+
+ {{#if isCloud}} +
+ {{else}} +
+ {{/if}} -

What You Need

-
-
    -
  • STEP 01 Android - Mobile. -
    • -
  • STEP 02 Go ahead - and click [Enroll Device]. -
    • -
  • STEP 03 Proceed - to the [Prepare] section. -
    • -
-
+
Step 1
+

Let's start by installing the Android agent on your device. Open the downloaded file, and tap INSTALL.

+
-