From efee2b01bf6f602007ba14f10460a56fb512ab35 Mon Sep 17 00:00:00 2001 From: Dharmakeerthi Lasantha Date: Thu, 30 Jul 2020 12:54:35 +0000 Subject: [PATCH] Improve OTP creating functionality --- .../service/api/UserManagementService.java | 46 ------------------ .../impl/UserManagementServiceImpl.java | 47 ------------------- .../mgt/jaxrs/util/DeviceMgtAPIUtils.java | 24 ---------- .../src/main/webapp/WEB-INF/web.xml | 3 +- .../pom.xml | 1 + .../OneTimeTokenAuthenticator.java | 8 ++-- .../etc/webapp-authenticator-config.xml | 4 ++ .../conf/webapp-authenticator-config.xml | 4 ++ 8 files changed, 15 insertions(+), 122 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index a133ffd4ec..d68ba8fc09 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -1221,50 +1221,4 @@ public interface UserManagementService { response = ErrorResponse.class) }) Response getPermissionsOfUser(); - - @POST - @Path("/one-time-pin") - @ApiOperation( - produces = MediaType.APPLICATION_JSON, - httpMethod = "GET", - value = "Getting the permission details of the current user", - notes = "A user may granted more than one permission in IoTS. Using this REST API " - + "you can get the permission/permission the current user has granted. ", - tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "perm:user:permission-view") - }) - } - ) - @ApiResponses(value = { - @ApiResponse( - code = 200, - message = "OK. \n Successfully fetched the list of permissions the user " - + "has granted.", - response = PermissionList.class, - responseHeaders = { - @ResponseHeader( - name = "Content-Type", - description = "The content type of the body"), - @ResponseHeader( - name = "ETag", - description = "Entity Tag of the response resource.\n" + - "Used by caches, or in conditional requests."), - @ResponseHeader( - name = "Last-Modified", - description = "Date and time the resource was last modified.\n" + - "Used by caches, or in conditional requests."), - }), - @ApiResponse( - code = 404, - message = "Not Found. \n The specified resource does not exist.\n", - response = ErrorResponse.class), - @ApiResponse( - code = 500, - message = "Internal Server Error. \n Server error occurred while fetching the " - + "list of roles assigned to the specified user.", - response = ErrorResponse.class) - }) - Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java index 8b9dbe6e65..ec28453188 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java @@ -1118,53 +1118,6 @@ public class UserManagementServiceImpl implements UserManagementService { } } - /** - * Method used to send an invitation email to a existing user to enroll a device. - * - * @param otpMailWrapper Username list of the users to be invited - */ - @POST - @Path("/one-time-pin") - @Produces({MediaType.APPLICATION_JSON}) - public Response sendEmailVerifyingMail(OTPMailWrapper otpMailWrapper) { - if (log.isDebugEnabled()) { - log.debug("Sending enrollment invitation mail to existing user."); - } - DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService(); - OTPManagementService oms = DeviceMgtAPIUtils.getOTPManagementService(); - try { - String otpToken = oms.createOTPToken(otpMailWrapper); - Properties props = new Properties(); - props.setProperty("first-name", otpMailWrapper.getFirstName()); - props.setProperty("otp-token", otpToken); - - EmailMetaInfo metaInfo = new EmailMetaInfo(otpMailWrapper.getEmail(), props); - dms.sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, - metaInfo); - } catch (DeviceManagementException e) { - String msg = "Error occurred while inviting user to enrol their device"; - if (e.getMessage() != null && !e.getMessage().isEmpty()) { - msg = e.getMessage(); - } - log.error(msg, e); - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } catch (ConfigurationManagementException e) { - String msg = "Error occurred while sending the email invitations. Mail server not configured."; - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } catch (OTPManagementException e) { - String msg = "Error occurred while generating and storing the OTP data"; - log.error(msg, e); - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); - } catch (org.wso2.carbon.device.mgt.common.exceptions.BadRequestException e) { - String msg = "Bad Request : Found invalid request payload to create OTP toke."; - log.error(msg, e); - return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); - } - return Response.status(Response.Status.OK).entity("Invitation mails have been sent.").build(); - } - private Map buildDefaultUserClaims(String firstName, String lastName, String emailAddress, boolean isFresh) { Map defaultUserClaims = new HashMap<>(); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java index fa5eeaf2c7..91161ced0d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java @@ -142,7 +142,6 @@ public class DeviceMgtAPIUtils { private static IntegrationClientService integrationClientService; private static MetadataManagementService metadataManagementService; - private static volatile OTPManagementService otpManagementService; static { String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password"); @@ -461,29 +460,6 @@ public class DeviceMgtAPIUtils { return metadataManagementService; } - /** - * Initializing and accessing method for OTPManagementService. - * - * @return OTPManagementService instance - * @throws IllegalStateException if OTPManagementService cannot be initialized - */ - public static OTPManagementService getOTPManagementService() { - if (otpManagementService == null) { - synchronized (DeviceMgtAPIUtils.class) { - if (otpManagementService == null) { - PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); - otpManagementService = (OTPManagementService) ctx.getOSGiService(OTPManagementService.class, null); - if (otpManagementService == null) { - String msg = "OTP Management service not initialized."; - log.error(msg); - throw new IllegalStateException(msg); - } - } - } - } - return otpManagementService; - } - /** * Method for initializing ReportManagementService * @return ReportManagementServie Instance diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml index d24eeb72b3..fffbfbdb24 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/web.xml @@ -48,8 +48,7 @@ nonSecuredEndPoints - /api/device-mgt/v1.0/users/validate, - /api/device-mgt/v1.0/users/one-time-pin + /api/device-mgt/v1.0/users/validate diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index d2c8bb4dec..ee7fd305f2 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -94,6 +94,7 @@ org.wso2.carbon.certificate.mgt.core.*, org.wso2.carbon.device.mgt.core.permission.mgt, org.wso2.carbon.device.mgt.common, + org.wso2.carbon.device.mgt.core.*, org.wso2.carbon.device.mgt.common.permission.mgt, org.apache.axis2, org.apache.axis2.client, diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java index d150f6ee3f..41f43eea9d 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java @@ -42,11 +42,11 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { public AuthenticationInfo authenticate(org.apache.catalina.connector.Request request, Response response) { - OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() - .getOtpManagementService(); AuthenticationInfo authenticationInfo = new AuthenticationInfo(); try { + OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() + .getOtpManagementService(); if (otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders.ONE_TIME_TOKEN_HEADER))) { authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setTenantId(-1); @@ -55,8 +55,10 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { authenticationInfo.setMessage("Invalid OTP token."); } } catch (Exception e) { + String msg = "OTP Token Validation Failed."; + log.error(msg, e); authenticationInfo.setStatus(Status.FAILURE); - authenticationInfo.setMessage("CToken Validation Failed."); + authenticationInfo.setMessage(msg); } return authenticationInfo; } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml index 5099328df7..93830ca169 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/config/etc/webapp-authenticator-config.xml @@ -24,5 +24,9 @@ CertificateAuth org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator + + OTPAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator + diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml index 4b727a28c2..dfea5c07ac 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/conf/webapp-authenticator-config.xml @@ -31,6 +31,10 @@ CertificateAuth org.wso2.carbon.webapp.authenticator.framework.authenticator.CertificateAuthenticator + + OTPAuth + org.wso2.carbon.webapp.authenticator.framework.authenticator.OneTimeTokenAuthenticator + BST org.wso2.carbon.webapp.authenticator.framework.authenticator.BSTAuthenticator