diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/pom.xml b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/pom.xml new file mode 100644 index 00000000000..16090c509e7 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/pom.xml @@ -0,0 +1,155 @@ + + + + + + ui-request-interceptor + io.entgra.devicemgt + 3.2.5-SNAPSHOT + + 4.0.0 + + io.entgra.ui.request.interceptor + + 3.2.5-SNAPSHOT + war + Entgra - Request Handling Proxy Servlet + Proxy Service for Request Handling in Entgra EMM/IOT Server. + http://wso2.org + + + + + maven-war-plugin + + WEB-INF/lib/*cxf*.jar + ui-request-handler + + + + + + + + deploy + + compile + + + org.apache.maven.plugins + maven-antrun-plugin + + + compile + + run + + + + + + + + + + + + + + + + + + client + + test + + + org.codehaus.mojo + exec-maven-plugin + 1.4.0 + + + test + + java + + + + + + + + + + + + org.apache.cxf + cxf-rt-frontend-jaxws + provided + + + org.apache.cxf + cxf-rt-frontend-jaxrs + provided + + + org.apache.cxf + cxf-rt-transports-http + provided + + + javax.servlet + javax.servlet-api + provided + + + junit + junit + test + + + commons-logging + commons-logging + + + + org.apache.httpcomponents + httpclient + + + + + org.apache.httpcomponents + httpcore + + + org.wso2.carbon.devicemgt + org.wso2.carbon.device.application.mgt.core + provided + + + org.wso2.carbon.devicemgt + org.wso2.carbon.device.application.mgt.common + provided + + + \ No newline at end of file diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java new file mode 100644 index 00000000000..1dd968ecd58 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java @@ -0,0 +1,362 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor; + +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import io.entgra.ui.request.interceptor.beans.AuthData; +import io.entgra.ui.request.interceptor.util.HandlerConstants; +import io.entgra.ui.request.interceptor.util.HandlerUtil; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpHeaders; +import org.apache.http.HttpStatus; +import org.apache.http.client.methods.HttpDelete; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.client.methods.HttpPut; +import org.apache.http.client.methods.HttpRequestBase; +import org.apache.http.cookie.SM; +import org.apache.http.entity.ContentType; +import org.apache.http.entity.InputStreamEntity; +import org.apache.http.entity.StringEntity; +import org.wso2.carbon.device.application.mgt.common.ProxyResponse; + +import javax.servlet.annotation.MultipartConfig; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.IOException; +import java.util.Enumeration; + +import static io.entgra.ui.request.interceptor.util.HandlerUtil.execute; + +@MultipartConfig +@WebServlet( + name = "RequestHandlerServlet", + description = "This servlet intercepts the api requests initiated from the user interface and validate before" + + " forwarding to the backend", + urlPatterns = { + "/invoke/*" + } +) +public class InvokerHandler extends HttpServlet { + private static final Log log = LogFactory.getLog(LoginHandler.class); + private static final long serialVersionUID = -6508020875358160165L; +// private static final HeaderGroup nonForwardingHeaders = new HeaderGroup(); + private static AuthData authData; + private static String apiEndpoint; + private static String serverUrl; + private static String platform; + +// static { +// // Initializing hop-by-hop headers to omit them from forwarding to the backend +// String[] headers = {HttpHeaders.CONNECTION, HttpHeaders.TRANSFER_ENCODING, HttpHeaders.PROXY_AUTHENTICATE, +// HttpHeaders.PROXY_AUTHORIZATION, HttpHeaders.UPGRADE, HttpHeaders.TE, HttpHeaders.TRAILER, +// HandlerConstants.KEEP_ALIVE, HandlerConstants.PUBLIC}; +// for (String header : headers) { +// nonForwardingHeaders.addHeader(new BasicHeader(header, null)); +// } +// } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) { + try { + if (validateRequest(req, resp)) { + HttpPost postRequest = new HttpPost(generateBackendRequestURL(req)); + if (StringUtils.isNotEmpty(req.getHeader(HttpHeaders.CONTENT_LENGTH)) || + StringUtils.isNotEmpty(req.getHeader(HttpHeaders.TRANSFER_ENCODING))) { + InputStreamEntity entity = new InputStreamEntity(req.getInputStream(), + Long.parseLong(req.getHeader(HttpHeaders.CONTENT_LENGTH))); + postRequest.setEntity(entity); + } + copyRequestHeaders(req, postRequest); + postRequest.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken()); + ProxyResponse proxyResponse = execute(postRequest); + + if (HandlerConstants.TOKEN_IS_EXPIRED.equals(proxyResponse.getExecutorResponse())) { + proxyResponse = retryRequestWithRefreshedToken(req, resp, postRequest); + if (proxyResponse == null) { + return; + } + } + if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API endpoint."); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return; + } + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + } + } catch (IOException e) { + log.error("Error occurred when processing POST request.", e); + } + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) { + try { + if (validateRequest(req, resp)) { + HttpGet getRequest = new HttpGet(generateBackendRequestURL(req)); + copyRequestHeaders(req, getRequest); + getRequest.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken()); + ProxyResponse proxyResponse = execute(getRequest); + if (HandlerConstants.TOKEN_IS_EXPIRED.equals(proxyResponse.getExecutorResponse())) { + proxyResponse = retryRequestWithRefreshedToken(req, resp, getRequest); + if (proxyResponse == null) { + return; + } + } + if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API endpoint."); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return; + } + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + } + } catch (IOException e) { + log.error("Error occurred when processing GET request.", e); + } + } + + @Override + protected void doPut(HttpServletRequest req, HttpServletResponse resp) { + try { + if (validateRequest(req, resp)) { + HttpPut putRequest = new HttpPut(generateBackendRequestURL(req)); + if ((StringUtils.isNotEmpty(req.getHeader(HttpHeaders.CONTENT_LENGTH)) && + Double.parseDouble(req.getHeader(HttpHeaders.CONTENT_LENGTH)) > 0) || + StringUtils.isNotEmpty(req.getHeader(HttpHeaders.TRANSFER_ENCODING))) { + InputStreamEntity entity = new InputStreamEntity(req.getInputStream(), + Long.parseLong(req.getHeader(HttpHeaders.CONTENT_LENGTH))); + putRequest.setEntity(entity); + } + copyRequestHeaders(req, putRequest); + putRequest.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken()); + ProxyResponse proxyResponse = execute(putRequest); + + if (HandlerConstants.TOKEN_IS_EXPIRED.equals(proxyResponse.getExecutorResponse())) { + proxyResponse = retryRequestWithRefreshedToken(req, resp, putRequest); + if (proxyResponse == null) { + return; + } + } + if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API endpoint."); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return; + } + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + } + } catch (IOException e) { + log.error("Error occurred when processing PUT request.", e); + } + } + + @Override + protected void doDelete(HttpServletRequest req, HttpServletResponse resp) { + try { + if (validateRequest(req, resp)) { + HttpDelete deleteRequest = new HttpDelete(generateBackendRequestURL(req)); + copyRequestHeaders(req, deleteRequest); + deleteRequest.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken()); + ProxyResponse proxyResponse = execute(deleteRequest); + if (HandlerConstants.TOKEN_IS_EXPIRED.equals(proxyResponse.getExecutorResponse())) { + proxyResponse = retryRequestWithRefreshedToken(req, resp, deleteRequest); + if (proxyResponse == null) { + return; + } + } + if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API endpoint."); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return; + } + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + } + } catch (IOException e) { + log.error("Error occurred when processing DELETE request.", e); + } + } + + private String generateBackendRequestURL(HttpServletRequest req) { + StringBuilder urlBuilder = new StringBuilder(); + urlBuilder.append(serverUrl).append(HandlerConstants.API_COMMON_CONTEXT).append(apiEndpoint); + if (StringUtils.isNotEmpty(req.getQueryString())) { + urlBuilder.append("?").append(req.getQueryString()); + } + return urlBuilder.toString(); + } + + private void copyRequestHeaders(HttpServletRequest req, HttpRequestBase httpRequest) { + Enumeration headerNames = req.getHeaderNames(); + while (headerNames.hasMoreElements()) { + String headerName = headerNames.nextElement(); + if (headerName.equalsIgnoreCase(HttpHeaders.CONTENT_LENGTH) || + headerName.equalsIgnoreCase(SM.COOKIE)) { + continue; + } + Enumeration headerValues = req.getHeaders(headerName); + while (headerValues.hasMoreElements()) { + httpRequest.setHeader(headerName, headerValues.nextElement()); + } + } + } + /*** + * + * @param req {@link HttpServletRequest} + * @param resp {@link HttpServletResponse} + * @return If request is a valid one, returns TRUE, otherwise return FALSE + * @throws IOException If and error occurs while witting error response to client side + */ + private static boolean validateRequest(HttpServletRequest req, HttpServletResponse resp) + throws IOException { + serverUrl = req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort(); + apiEndpoint = req.getPathInfo(); + HttpSession session = req.getSession(false); + if (session == null) { + log.error("Unauthorized, You are not logged in. Please log in to the portal"); + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return false; + } + authData = (AuthData) session.getAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY); + platform = (String) session.getAttribute(HandlerConstants.PLATFORM); + if (authData == null) { + log.error("Unauthorized, Access token not found in the current session"); + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return false; + } + + if (apiEndpoint == null || req.getMethod() == null) { + log.error("Bad Request, Either destination api-endpoint or method is empty"); + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_BAD_REQUEST); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_BAD_REQUEST)); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return false; + } + return true; + } + + /** + * Retry request again after refreshing the access token + * + * @param req incoming {@link HttpServletRequest} + * @param resp resp {@link HttpServletResponse} + * @param httpRequest subclass of {@link HttpRequestBase} related to the current request. + * @return {@link ProxyResponse} if successful and null if failed. + * @throws IOException If an error occurs when try to retry the request. + */ + private static ProxyResponse retryRequestWithRefreshedToken(HttpServletRequest req, HttpServletResponse resp, + HttpRequestBase httpRequest) throws IOException { + if (refreshToken(req, resp)) { + httpRequest.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BEARER + authData.getAccessToken()); + ProxyResponse proxyResponse = execute(httpRequest); + if (proxyResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API after refreshing the token."); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return null; + } + return proxyResponse; + } + return null; + } + + /*** + * + * @param req {@link HttpServletRequest} + * @param resp {@link HttpServletResponse} + * @return If successfully renew tokens, returns TRUE otherwise return FALSE + * @throws IOException If an error occurs while witting error response to client side or invoke token renewal API + */ + private static boolean refreshToken(HttpServletRequest req, HttpServletResponse resp) + throws IOException { + if (log.isDebugEnabled()) { + log.debug("refreshing the token"); + } + HttpPost tokenEndpoint = new HttpPost( + serverUrl + HandlerConstants.API_COMMON_CONTEXT + HandlerConstants.TOKEN_ENDPOINT); + HttpSession session = req.getSession(false); + if (session == null) { + log.error("Couldn't find a session, hence it is required to login and proceed."); + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return false; + } + + StringEntity tokenEndpointPayload = new StringEntity( + "grant_type=refresh_token&refresh_token=" + authData.getRefreshToken() + "&scope=PRODUCTION", + ContentType.APPLICATION_FORM_URLENCODED); + + tokenEndpoint.setEntity(tokenEndpointPayload); + String encodedClientApp = authData.getEncodedClientApp(); + tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + + encodedClientApp); + tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); + + ProxyResponse tokenResultResponse = execute(tokenEndpoint); + if (tokenResultResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while refreshing access token."); + HandlerUtil.handleError(req, resp, serverUrl, platform, tokenResultResponse); + return false; + } + + JsonParser jsonParser = new JsonParser(); + JsonElement jTokenResult = jsonParser.parse(tokenResultResponse.getData()); + + if (jTokenResult.isJsonObject()) { + JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject(); + AuthData newAuthData = new AuthData(); + + newAuthData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString()); + newAuthData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString()); + newAuthData.setScope(jTokenResultAsJsonObject.get("scope").getAsString()); + newAuthData.setClientId(authData.getClientId()); + newAuthData.setClientSecret(authData.getClientSecret()); + newAuthData.setEncodedClientApp(authData.getEncodedClientApp()); + newAuthData.setUsername(authData.getUsername()); + authData = newAuthData; + session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, newAuthData); + return true; + } + + log.error("Error Occurred in token renewal process."); + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_INTERNAL_SERVER_ERROR); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_INTERNAL_SERVER_ERROR)); + HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + return false; + } +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java new file mode 100644 index 00000000000..5f1167073d7 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java @@ -0,0 +1,295 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import com.google.gson.JsonSyntaxException; +import io.entgra.ui.request.interceptor.beans.AuthData; +import io.entgra.ui.request.interceptor.exceptions.LoginException; +import io.entgra.ui.request.interceptor.util.HandlerConstants; +import io.entgra.ui.request.interceptor.util.HandlerUtil; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpHeaders; +import org.apache.http.HttpStatus; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.ContentType; +import org.apache.http.entity.StringEntity; +import org.apache.http.protocol.HTTP; +import org.wso2.carbon.device.application.mgt.common.ProxyResponse; +import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager; +import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig; + +import javax.servlet.annotation.MultipartConfig; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.IOException; +import java.util.Base64; + +import static io.entgra.ui.request.interceptor.util.HandlerUtil.execute; + +@MultipartConfig +@WebServlet("/login") +public class LoginHandler extends HttpServlet { + private static final Log log = LogFactory.getLog(LoginHandler.class); + private static final long serialVersionUID = 9050048549140517002L; + + private static String username; + private static String password; + private static String platform; + private static String serverUrl; + private static String uiConfigUrl; + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) { + try { + validateLoginRequest(req, resp); + DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance() + .getDeviceManagementConfig(); + String adminUsername = deviceManagementConfig.getIdentityConfigurations().getAdminUsername(); + String adminPwd = deviceManagementConfig.getIdentityConfigurations().getAdminPassword(); + + HttpSession httpSession = req.getSession(false); + if (httpSession != null) { + httpSession.invalidate(); + } + httpSession = req.getSession(true); + //setting session to expiry in 5 mins + httpSession.setMaxInactiveInterval(Math.toIntExact(HandlerConstants.TIMEOUT)); + + HttpGet uiConfigEndpoint = new HttpGet(uiConfigUrl); + JsonParser jsonParser = new JsonParser(); + ProxyResponse uiConfigResponse = execute(uiConfigEndpoint); + String executorResponse = uiConfigResponse.getExecutorResponse(); + if (!StringUtils.isEmpty(executorResponse) && executorResponse + .contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while getting UI configurations by invoking " + uiConfigUrl); + HandlerUtil.handleError(req, resp, serverUrl, platform, uiConfigResponse); + return; + } + + String uiConfig = uiConfigResponse.getData(); + if (uiConfig == null){ + log.error("UI config retrieval is failed, and didn't find UI configuration for App manager."); + HandlerUtil.handleError(req, resp, serverUrl, platform, null); + return; + } + JsonElement uiConfigJsonElement = jsonParser.parse(uiConfigResponse.getData()); + JsonObject uiConfigJsonObject = null; + if (uiConfigJsonElement.isJsonObject()) { + uiConfigJsonObject = uiConfigJsonElement.getAsJsonObject(); + httpSession.setAttribute(HandlerConstants.UI_CONFIG_KEY, uiConfigJsonObject); + httpSession.setAttribute(HandlerConstants.PLATFORM, serverUrl); + } + if (uiConfigJsonObject == null) { + log.error( + "Either UI config json element is not an json object or converting rom json element to json object is failed."); + HandlerUtil.handleError(req, resp, serverUrl, platform, null); + return; + } + + boolean isSsoEnable = uiConfigJsonObject.get("isSsoEnable").getAsBoolean(); + JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray(); + JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray(); + + if (isSsoEnable) { + log.debug("SSO is enabled"); + } else { + // default login + HttpPost apiRegEndpoint = new HttpPost(serverUrl + HandlerConstants.APP_REG_ENDPOINT); + apiRegEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder() + .encodeToString((adminUsername + HandlerConstants.COLON + adminPwd).getBytes())); + apiRegEndpoint.setHeader(HTTP.CONTENT_TYPE, ContentType.APPLICATION_JSON.toString()); + apiRegEndpoint.setEntity(constructAppRegPayload(tags)); + + ProxyResponse clientAppResponse = execute(apiRegEndpoint); + String clientAppResult = clientAppResponse.getData(); + + if (!StringUtils.isEmpty(clientAppResult) && getTokenAndPersistInSession(req, resp, + clientAppResponse.getData(), scopes)) { + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_OK); + proxyResponse.setUrl(serverUrl + "/" + platform + uiConfigJsonObject.get(HandlerConstants.LOGIN_RESPONSE_KEY) + .getAsJsonObject().get("successCallback").getAsString()); + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + return; + } + HandlerUtil.handleError(req, resp, serverUrl, platform, null); + } + } catch (IOException e) { + log.error("Error occured while sending the response into the socket. ", e); + } catch (JsonSyntaxException e) { + log.error("Error occured while parsing the response. ", e); + } catch (LoginException e) { + log.error("Error occured while getting token data. ", e); + } + } + + /*** + * + * @param req - {@link HttpServletRequest} + * @param clientAppResult - clientAppResult + * @param scopes - scopes defied in the application-mgt.xml + * @throws LoginException - login exception throws when getting token result + */ + private boolean getTokenAndPersistInSession(HttpServletRequest req, HttpServletResponse resp, + String clientAppResult, JsonArray scopes) throws LoginException { + JsonParser jsonParser = new JsonParser(); + try { + JsonElement jClientAppResult = jsonParser.parse(clientAppResult); + if (jClientAppResult.isJsonObject()) { + JsonObject jClientAppResultAsJsonObject = jClientAppResult.getAsJsonObject(); + String clientId = jClientAppResultAsJsonObject.get("client_id").getAsString(); + String clientSecret = jClientAppResultAsJsonObject.get("client_secret").getAsString(); + String encodedClientApp = Base64.getEncoder() + .encodeToString((clientId + ":" + clientSecret).getBytes()); + + ProxyResponse tokenResultResponse = getTokenResult(encodedClientApp, scopes); + + if (tokenResultResponse.getExecutorResponse().contains(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)) { + log.error("Error occurred while invoking the API to get token data."); + HandlerUtil.handleError(req, resp, serverUrl, platform, tokenResultResponse); + return false; + } + String tokenResult = tokenResultResponse.getData(); + if (tokenResult == null){ + log.error("Invalid token response is received."); + HandlerUtil.handleError(req, resp, serverUrl, platform, tokenResultResponse); + return false; + } + + JsonElement jTokenResult = jsonParser.parse(tokenResult); + if (jTokenResult.isJsonObject()) { + JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject(); + HttpSession session = req.getSession(false); + if (session == null) { + return false; + } + AuthData authData = new AuthData(); + authData.setClientId(clientId); + authData.setClientSecret(clientSecret); + authData.setEncodedClientApp(encodedClientApp); + authData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString()); + authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString()); + authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString()); + session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData); + return true; + + } + } + return false; + } catch (IOException e) { + throw new LoginException("Error occured while sending the response into the socket", e); + } + } + + /*** + * + * @param scopes - scope Json Array and it is retrieved by reading UI config. + * @return string value of the defined scopes + */ + private String getScopeString(JsonArray scopes) { + if (scopes != null && scopes.size() > 0) { + StringBuilder builder = new StringBuilder(); + for (JsonElement scope : scopes) { + String tmpscope = scope.getAsString() + " "; + builder.append(tmpscope); + } + return builder.toString(); + } else { + return null; + } + } + + /*** + * + * @param req - {@link HttpServletRequest} + * Define username and password static parameters. + */ + private static void validateLoginRequest(HttpServletRequest req, HttpServletResponse resp) throws LoginException { + username = req.getParameter("username"); + password = req.getParameter("password"); + platform = req.getParameter("platform"); + serverUrl = req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort(); + uiConfigUrl = serverUrl + HandlerConstants.UI_CONFIG_ENDPOINT; + + try { + if (platform == null) { + resp.sendRedirect(serverUrl + HandlerConstants.DEFAULT_ERROR_CALLBACK); + throw new LoginException("Invalid login request. Platform parameter is Null."); + } + if (username == null || password == null) { + resp.sendRedirect(serverUrl + "/" + platform + HandlerConstants.DEFAULT_ERROR_CALLBACK); + throw new LoginException( + " Invalid login request. Username or Password is not received for login request."); + } + } catch (IOException e) { + throw new LoginException("Error Occured while redirecting to default error page.", e); + } + } + + /*** + * + * @param tags - tags which are retrieved by reading app manager configuration + * @return {@link StringEntity} of the payload to create the client application + */ + private StringEntity constructAppRegPayload(JsonArray tags) { + JsonObject jsonObject = new JsonObject(); + jsonObject.addProperty(HandlerConstants.APP_NAME_KEY, HandlerConstants.PUBLISHER_APPLICATION_NAME); + jsonObject.addProperty("isAllowedToAllDomains", "false"); + jsonObject.add(HandlerConstants.TAGS_KEY, tags); + String payload = jsonObject.toString(); + return new StringEntity(payload, ContentType.APPLICATION_JSON); + } + + /*** + * + * @param encodedClientApp - Base64 encoded clientId:clientSecret. + * @param scopes - Scopes which are retrieved by reading application-mgt configuration + * @return Invoke token endpoint and return the response as string. + * @throws IOException IO exception throws if an error occured when invoking token endpoint + */ + private ProxyResponse getTokenResult(String encodedClientApp, JsonArray scopes) throws IOException { + + HttpPost tokenEndpoint = new HttpPost(serverUrl + HandlerConstants.TOKEN_ENDPOINT); + tokenEndpoint.setHeader("Authorization", "Basic " + encodedClientApp); + tokenEndpoint.setHeader("Content-Type", ContentType.APPLICATION_FORM_URLENCODED.toString()); + String scopeString = getScopeString(scopes); + + if (scopeString != null) { + scopeString = scopeString.trim(); + } else { + scopeString = "default"; + } + + StringEntity tokenEPPayload = new StringEntity( + "grant_type=password&username=" + username + "&password=" + password + "&scope=" + scopeString, + ContentType.APPLICATION_FORM_URLENCODED); + tokenEndpoint.setEntity(tokenEPPayload); + return execute(tokenEndpoint); + } +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/beans/AuthData.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/beans/AuthData.java new file mode 100644 index 00000000000..be6a8b570bc --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/beans/AuthData.java @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor.beans; + + +public class AuthData implements java.io.Serializable { + + private static final long serialVersionUID = -5156750882531944849L; + + private String accessToken; + private String refreshToken; + private String username; + private String clientId; + private String clientSecret; + private String encodedClientApp; + private String scope; + + public String getAccessToken() { + return accessToken; + } + + public void setAccessToken(String accessToken) { + this.accessToken = accessToken; + } + + public String getRefreshToken() { + return refreshToken; + } + + public void setRefreshToken(String refreshToken) { + this.refreshToken = refreshToken; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getClientId() { + return clientId; + } + + public void setClientId(String clientId) { + this.clientId = clientId; + } + + public String getClientSecret() { + return clientSecret; + } + + public void setClientSecret(String clientSecret) { + this.clientSecret = clientSecret; + } + + public String getEncodedClientApp() { + return encodedClientApp; + } + + public void setEncodedClientApp(String encodedClientApp) { + this.encodedClientApp = encodedClientApp; + } + + public String getScope() { + return scope; + } + + public void setScope(String scope) { + this.scope = scope; + } +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/exceptions/LoginException.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/exceptions/LoginException.java new file mode 100644 index 00000000000..b33b74da733 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/exceptions/LoginException.java @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor.exceptions; + +public class LoginException extends Exception { + public LoginException(String message) { + super(message); + } + + public LoginException(String message, Throwable cause) { + super(message, cause); + } + + public LoginException(Throwable cause) { + super(cause); + } + + public LoginException(String message, Throwable cause, + boolean enableSuppression, + boolean writableStackTrace) { + super(message, cause, enableSuppression, writableStackTrace); + } +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java new file mode 100644 index 00000000000..aa80d7fd668 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor.util; + +public class HandlerConstants { + public static final String PUBLISHER_APPLICATION_NAME = "application-mgt-publisher"; + public static final String APP_REG_ENDPOINT = "/api-application-registration/register"; + public static final String UI_CONFIG_ENDPOINT = "/api/application-mgt/v1.0/config/ui-config"; + public static final String TOKEN_ENDPOINT = "/oauth2/token"; + public static final String PUBLIC = "Public"; + public static final String KEEP_ALIVE = "Keep-Alive"; + public static final String BASIC = "Basic "; + public static final String BEARER = "Bearer "; + public static final String COLON = ":"; + public static final String TAGS_KEY = "tags"; + public static final String APP_NAME_KEY = "applicationName"; + public static final String SESSION_AUTH_DATA_KEY = "application-mgt"; + public static final String UI_CONFIG_KEY = "ui-config"; + public static final String PLATFORM = "platform"; + public static final String SERVER_HOST = "server-host"; + public static final String DEFAULT_ERROR_CALLBACK = "/pages/error/default"; + public static final String LOGIN_RESPONSE_KEY = "loginResponse"; + public static final String FAILURE_CALLBACK_KEY = "failureCallback"; + public static final String API_COMMON_CONTEXT = "/api"; + public static final String EXECUTOR_EXCEPTION_PREFIX = "ExecutorException-"; + public static final String TOKEN_IS_EXPIRED = "ACCESS_TOKEN_IS_EXPIRED"; + + public static final int INTERNAL_ERROR_CODE = 500; + public static final long TIMEOUT = 1200; +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java new file mode 100644 index 00000000000..f3baea315fa --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerUtil.java @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor.util; + +import com.google.gson.Gson; +import com.google.gson.JsonObject; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpResponse; +import org.apache.http.HttpStatus; +import org.apache.http.client.methods.HttpRequestBase; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.json.JSONException; +import org.json.JSONObject; +import org.wso2.carbon.device.application.mgt.common.ProxyResponse; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.PrintWriter; + +public class HandlerUtil { + + private static final Log log = LogFactory.getLog(HandlerUtil.class); + + /*** + * + * @param httpRequest - httpMethod e.g:- HttpPost, HttpGet + * @return response as string + * @throws IOException IO exception returns if error occurs when executing the httpMethod + */ + public static ProxyResponse execute(HttpRequestBase httpRequest) throws IOException { + try (CloseableHttpClient client = HttpClients.createDefault()) { + HttpResponse response = client.execute(httpRequest); + ProxyResponse proxyResponse = new ProxyResponse(); + + if (response == null) { + proxyResponse.setCode(HandlerConstants.INTERNAL_ERROR_CODE); + proxyResponse.setExecutorResponse(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + getStatusKey( + HandlerConstants.INTERNAL_ERROR_CODE)); + return proxyResponse; + } else { + int statusCode = response.getStatusLine().getStatusCode(); + try (BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) { + StringBuilder result = new StringBuilder(); + String line; + while ((line = rd.readLine()) != null) { + result.append(line); + } + + String jsonString = result.toString(); + if (statusCode == HttpStatus.SC_OK || statusCode == HttpStatus.SC_CREATED) { + proxyResponse.setCode(statusCode); + proxyResponse.setData(jsonString); + proxyResponse.setExecutorResponse("SUCCESS"); + return proxyResponse; + } else if (statusCode == HttpStatus.SC_UNAUTHORIZED) { + if (jsonString.contains("Access token expired") || jsonString + .contains("Invalid input. Access token validation failed")) { + proxyResponse.setCode(statusCode); + proxyResponse.setExecutorResponse("ACCESS_TOKEN_IS_EXPIRED"); + return proxyResponse; + } else { + proxyResponse.setCode(statusCode); + proxyResponse.setData(jsonString); + proxyResponse.setExecutorResponse( + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + getStatusKey(statusCode)); + return proxyResponse; + } + } + proxyResponse.setCode(statusCode); + proxyResponse.setData(jsonString); + proxyResponse + .setExecutorResponse(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + getStatusKey(statusCode)); + return proxyResponse; + } + } + } + } + + /*** + * + * @param statusCode Provide status code, e.g:- 400, 401, 500 etc + * @return relative status code key for given status code. + */ + public static String getStatusKey (int statusCode){ + String statusCodeKey; + + switch (statusCode) { + case HttpStatus.SC_INTERNAL_SERVER_ERROR: + statusCodeKey = "internalServerError"; + break; + case HttpStatus.SC_BAD_REQUEST: + statusCodeKey = "badRequest"; + break; + case HttpStatus.SC_UNAUTHORIZED: + statusCodeKey = "unauthorized"; + break; + case HttpStatus.SC_FORBIDDEN: + statusCodeKey = "forbidden"; + break; + case HttpStatus.SC_NOT_FOUND: + statusCodeKey = "notFound"; + break; + case HttpStatus.SC_METHOD_NOT_ALLOWED: + statusCodeKey = "methodNotAllowed"; + break; + case HttpStatus.SC_NOT_ACCEPTABLE: + statusCodeKey = "notAcceptable"; + break; + case HttpStatus.SC_UNSUPPORTED_MEDIA_TYPE: + statusCodeKey = "unsupportedMediaType"; + break; + default: + statusCodeKey = "defaultPage"; + break; + } + return statusCodeKey; + } + + + /*** + * + * @param resp {@link HttpServletResponse} + * Return Error Response. + */ + public static void handleError(HttpServletRequest req, HttpServletResponse resp, String serverUrl, + String platform, ProxyResponse proxyResponse) throws IOException { + + HttpSession httpSession = req.getSession(true); + Gson gson = new Gson(); + if (proxyResponse == null){ + proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_INTERNAL_SERVER_ERROR); + proxyResponse.setExecutorResponse(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil + .getStatusKey(HandlerConstants.INTERNAL_ERROR_CODE)); + } + if (platform == null){ + platform = "default"; + } + + resp.setStatus(proxyResponse.getCode()); + resp.setContentType("application/json"); + resp.setCharacterEncoding("UTF-8"); + + if (httpSession != null) { + JsonObject uiConfig = (JsonObject) httpSession.getAttribute(HandlerConstants.UI_CONFIG_KEY); + if (uiConfig == null){ + proxyResponse.setUrl(serverUrl + "/" + platform + HandlerConstants.DEFAULT_ERROR_CALLBACK); + } else{ + proxyResponse.setUrl(serverUrl + uiConfig.get(HandlerConstants.LOGIN_RESPONSE_KEY).getAsJsonObject() + .get(HandlerConstants.FAILURE_CALLBACK_KEY).getAsJsonObject() + .get(proxyResponse.getExecutorResponse().split(HandlerConstants.EXECUTOR_EXCEPTION_PREFIX)[1]) + .getAsString()); + } + } else { + proxyResponse.setUrl(serverUrl + "/" + platform + HandlerConstants.DEFAULT_ERROR_CALLBACK); + } + + proxyResponse.setExecutorResponse(null); + try (PrintWriter writer = resp.getWriter()) { + writer.write(gson.toJson(proxyResponse)); + } + } + + /*** + * + * @param resp {@link HttpServletResponse} + * Return Success Response. + */ + public static void handleSuccess(HttpServletRequest req, HttpServletResponse resp, String serverUrl, + String platform, ProxyResponse proxyResponse) throws IOException { + if (proxyResponse == null){ + handleError(req,resp,serverUrl,platform,proxyResponse); + return; + } + + resp.setStatus(proxyResponse.getCode()); + resp.setContentType("application/json"); + resp.setCharacterEncoding("UTF-8"); + + JSONObject response = new JSONObject(); + String redirectUrl = proxyResponse.getUrl(); + String responseData = proxyResponse.getData(); + + if (!StringUtils.isEmpty(redirectUrl)){ + response.put("url", redirectUrl); + } + if (!StringUtils.isEmpty(responseData)){ + try { + JSONObject responseDataJsonObj = new JSONObject(responseData); + response.put("data", responseDataJsonObj); + } catch (JSONException e) { + log.debug("Response data is not valid json string"); + response.put("data", responseData); + } + } + + try (PrintWriter writer = resp.getWriter()) { + writer.write(response.toString()); + } + } + +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/META-INF/webapp-classloading.xml b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/META-INF/webapp-classloading.xml new file mode 100644 index 00000000000..cc5b3c66d7c --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/META-INF/webapp-classloading.xml @@ -0,0 +1,35 @@ + + + + + + + + + false + + + Carbon + diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/WEB-INF/web.xml b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 00000000000..066baa8fa60 --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,103 @@ + + + + Entgra UI Request Interceptor Webapp + + 60 + + + doAuthentication + false + + + + + managed-api-enabled + false + + + managed-api-owner + admin + + + isSharedWithAllTenants + true + + + + CorsFilter + org.apache.catalina.filters.CorsFilter + + cors.allowed.origins + * + + + cors.allowed.methods + GET,POST,DELETE,PUT + + + cors.allowed.headers + Content-Type + + + + + HttpHeaderSecurityFilter + org.apache.catalina.filters.HttpHeaderSecurityFilter + + hstsEnabled + false + + + + + ContentTypeBasedCachePreventionFilter + org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter + + patterns + text/html" ,application/json" ,text/plain + + + filterAction + enforce + + + httpHeaders + Cache-Control: no-store, no-cache, must-revalidate, private + + + + + HttpHeaderSecurityFilter + /* + + + + ContentTypeBasedCachePreventionFilter + /* + + + + CorsFilter + /* + + + \ No newline at end of file diff --git a/components/ui-request-interceptor/pom.xml b/components/ui-request-interceptor/pom.xml new file mode 100644 index 00000000000..f362dfd78ea --- /dev/null +++ b/components/ui-request-interceptor/pom.xml @@ -0,0 +1,44 @@ + + + + + + carbon-devicemgt + org.wso2.carbon.devicemgt + 3.2.5-SNAPSHOT + ../../pom.xml + + 4.0.0 + + io.entgra.devicemgt + ui-request-interceptor + Entgra - UI Request Interceptor Servlet + + Proxy servlet to handle requests generated from UI applications to communicate with backend + APIs + + pom + + io.entgra.ui.request.interceptor + + + + \ No newline at end of file diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/pom.xml b/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/pom.xml index 1894f992657..b2a6ac81a65 100644 --- a/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/pom.xml +++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/pom.xml @@ -86,29 +86,6 @@ - - handler-copy - package - - copy - - - - - org.wso2.carbon.devicemgt - org.wso2.carbon.device.application.mgt.handler - - ${project.version} - war - true - - ${project.build.directory}/maven-shared-archive-resources/webapps - - api#application-mgt-handler#v1.0.war - - - - app-mgt-copy package diff --git a/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/src/main/resources/p2.inf b/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/src/main/resources/p2.inf index 4b464ae7e76..5f658e814db 100644 --- a/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/src/main/resources/p2.inf +++ b/features/application-mgt/org.wso2.carbon.device.application.mgt.api.feature/src/main/resources/p2.inf @@ -2,5 +2,4 @@ instructions.configure = \ org.eclipse.equinox.p2.touchpoint.natives.mkdir(path:${installFolder}/../../deployment/server/webapps/);\ org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.application.mgt.api_${feature.version}/webapps/api#application-mgt-publisher#v1.0.war,target:${installFolder}/../../deployment/server/webapps/api#application-mgt-publisher#v1.0.war,overwrite:true);\ org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.application.mgt.api_${feature.version}/webapps/api#application-mgt-store#v1.0.war,target:${installFolder}/../../deployment/server/webapps/api#application-mgt-store#v1.0.war,overwrite:true);\ -org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.application.mgt.api_${feature.version}/webapps/api#application-mgt-handler#v1.0.war,target:${installFolder}/../../deployment/server/webapps/api#application-mgt-handler#v1.0.war,overwrite:true);\ org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.application.mgt.api_${feature.version}/webapps/api#application-mgt#v1.0.war,target:${installFolder}/../../deployment/server/webapps/api#application-mgt#v1.0.war,overwrite:true);\ diff --git a/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/pom.xml b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/pom.xml new file mode 100644 index 00000000000..2080341a2da --- /dev/null +++ b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/pom.xml @@ -0,0 +1,117 @@ + + + + + + ui-request-interceptor-feature + io.entgra.devicemgt + 3.2.5-SNAPSHOT + + 4.0.0 + + io.entgra.ui.request.interceptor.feature + Entgra - UI Request Interceptor Feature + + Proxy servlet to handle requests generated from UI applications to communicate with backend + APIs + + + + + + org.apache.maven.plugins + maven-dependency-plugin + + + request-handler-copy-war + package + + copy + + + + + io.entgra.devicemgt + io.entgra.ui.request.interceptor + ${project.version} + war + true + + ${project.build.directory}/maven-shared-archive-resources/webapps + + ui-request-handler.war + + + + + + + + org.apache.maven.plugins + maven-resources-plugin + + + copy-resources + generate-resources + + copy-resources + + + src/main/resources + + + resources + + build.properties + p2.inf + + + + + + + + + org.wso2.maven + carbon-p2-plugin + + + p2-feature-generation + package + + p2-feature-gen + + + io.entgra.ui.request.interceptor + ../../../features/etc/feature.properties + + + org.wso2.carbon.p2.category.type:server + org.eclipse.equinox.p2.type.group:false + + + + + + + + + diff --git a/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/build.properties b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/build.properties new file mode 100644 index 00000000000..fcc54d01b63 --- /dev/null +++ b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/build.properties @@ -0,0 +1,3 @@ +instructions.configure = \ +org.eclipse.equinox.p2.touchpoint.natives.mkdir(path:${installFolder}/../../deployment/server/webapps/);\ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/io.entgra.ui.request.interceptor_${feature.version}/webapps/ui=request-handler.war,target:${installFolder}/../../deployment/server/webapps/ui=request-handler.war,overwrite:true);\ diff --git a/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/p2.inf b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/p2.inf new file mode 100644 index 00000000000..0875ae94ba8 --- /dev/null +++ b/features/ui-request-interceptor/io.entgra.ui.request.interceptor.feature/src/main/resources/p2.inf @@ -0,0 +1,3 @@ +instructions.configure = \ +org.eclipse.equinox.p2.touchpoint.natives.mkdir(path:${installFolder}/../../deployment/server/webapps/);\ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/io.entgra.ui.request.interceptor_${feature.version}/webapps/ui-request-handler.war,target:${installFolder}/../../deployment/server/webapps/ui-request-handler.war,overwrite:true);\ diff --git a/features/ui-request-interceptor/pom.xml b/features/ui-request-interceptor/pom.xml new file mode 100644 index 00000000000..dd3086e5d0e --- /dev/null +++ b/features/ui-request-interceptor/pom.xml @@ -0,0 +1,42 @@ + + + + + + carbon-devicemgt + org.wso2.carbon.devicemgt + 3.2.5-SNAPSHOT + ../../pom.xml + + 4.0.0 + + io.entgra.devicemgt + ui-request-interceptor-feature + Entgra - UI Request Interceptor Feature + + Proxy servlet to handle requests generated from UI applications to communicate with backend + APIs + + pom + + io.entgra.ui.request.interceptor.feature + + diff --git a/pom.xml b/pom.xml index e761f5ec6d7..029e7a01d69 100644 --- a/pom.xml +++ b/pom.xml @@ -44,6 +44,7 @@ components/certificate-mgt components/webapp-authenticator-framework components/email-sender + components/ui-request-interceptor features/device-mgt features/apimgt-extensions features/application-mgt @@ -52,6 +53,7 @@ features/certificate-mgt features/oauth-extensions features/email-sender + features/ui-request-interceptor features/jwt-client features/device-mgt-extensions