Change token generation flow on api publish

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml

@@ -134,6 +134,18 @@
             <groupId>io.entgra.device.mgt.core</groupId>
             <artifactId>io.entgra.device.mgt.core.device.mgt.core</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.entgra.device.mgt.core</groupId>
+            <artifactId>io.entgra.device.mgt.core.identity.jwt.client.extension</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.entgra.device.mgt.core</groupId>
+            <artifactId>io.entgra.device.mgt.core.apimgt.application.extension</artifactId>
+        </dependency>
+        <!--        <dependency>-->
+<!--            <groupId>io.entgra.device.mgt.core</groupId>-->
+<!--            <artifactId>io.entgra.device.mgt.core.apimgt.application.extension</artifactId>-->
+<!--        </dependency>-->
     </dependencies>
 
 
@@ -205,7 +217,9 @@
                             org.wso2.carbon.utils;version="4.6",
                             org.wso2.carbon.utils.multitenancy;version="4.6",
                             org.apache.commons.lang,
-                            org.json
+                            org.json,
+                            io.entgra.device.mgt.core.apimgt.application.extension.*,
+                            io.entgra.device.mgt.core.identity.jwt.client.extension.dto.*
                         </Import-Package>
                         <Embed-Dependency>
                             jsr311-api;scope=compile|runtime;inline=false

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java

@@ -18,7 +18,7 @@
 package io.entgra.device.mgt.core.apimgt.webapp.publisher;
 
 import com.google.gson.Gson;
-import io.entgra.device.mgt.core.apimgt.annotations.Scopes;
+//import io.entgra.device.mgt.core.apimgt.application.extension.exception.APIManagerException;
 import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServices;
 import io.entgra.device.mgt.core.apimgt.extension.rest.api.APIApplicationServicesImpl;
 import io.entgra.device.mgt.core.apimgt.extension.rest.api.PublisherRESTAPIServices;
@@ -43,7 +43,6 @@ import io.entgra.device.mgt.core.device.mgt.core.config.permission.ScopeMapping;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.json.JSONArray;
 import org.json.JSONObject;
 import org.wso2.carbon.CarbonConstants;
 import org.wso2.carbon.apimgt.api.APIManagementException;
@@ -70,16 +69,7 @@ import java.io.IOException;
 import java.nio.file.DirectoryIteratorException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
-import java.util.ArrayList;
+import java.util.*;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.Date;
 
 /**
  * This class represents the concrete implementation of the APIPublisherService that corresponds to providing all
@@ -111,11 +101,16 @@ public class APIPublisherServiceImpl implements APIPublisherService {
 
         APIApplicationServices apiApplicationServices = new APIApplicationServicesImpl();
         APIApplicationKey apiApplicationKey;
-        AccessTokenInfo accessTokenInfo;
+
+        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
+
+//
         try {
             apiApplicationKey = apiApplicationServices.createAndRetrieveApplicationCredentials();
-            accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
+//            accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
-                    apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
+//                    apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
+
+
         } catch (APIServicesException e) {
             String errorMsg = "Error occurred while generating the API application";
             log.error(errorMsg, e);
@@ -127,8 +122,65 @@ public class APIPublisherServiceImpl implements APIPublisherService {
             boolean tenantsLoaded = false;
             TenantSearchResult tenantSearchResult = null;
             for (String tenantDomain : tenants) {
+
                 PrivilegedCarbonContext.startTenantFlow();
                 PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
+
+                if(tenantDomain.equals("carbon.super")) {
+                    try {
+                        accessTokenInfo = apiApplicationServices.generateAccessTokenFromRegisteredApplication(
+                                apiApplicationKey.getClientId(), apiApplicationKey.getClientSecret());
+
+
+                    } catch (APIServicesException e) {
+                        String errorMsg = "Error occurred while generating the API application";
+                        log.error(errorMsg, e);
+                        throw new APIManagerPublisherException(e);
+                    }
+                } else {
+                    String SCOPE = APIPublisherUtil.ApplicationInstall.ENROLLMENT_SCOPE;
+
+                    String username = "admin@shamalka.com";
+                    List<String> tags = new ArrayList<>();
+                    tags.add(APIPublisherUtil.ApplicationInstall.ANDROID_TAG);
+                    tags.add(APIPublisherUtil.ApplicationInstall.DEVICE_MGT_TAG);
+                    io.entgra.device.mgt.core.identity.jwt.client.extension.dto.AccessTokenInfo jwtAccessTokenInfo = new io.entgra.device.mgt.core.identity.jwt.client.extension.dto.AccessTokenInfo();
+
+
+//
+                    try {
+                        jwtAccessTokenInfo = APIPublisherDataHolder.getInstance().getApiManagementProviderService().getAccessToken(
+                                SCOPE, tags.toArray(new String[0]),
+                                APIPublisherUtil.ApplicationInstall.ANDROID_QR_ENROLLMENT_APP_NAME,
+                                APIPublisherUtil.ApplicationInstall.DEFAULT_TOKEN_TYPE,
+                                APIPublisherUtil.ApplicationInstall.DEFAULT_VALIDITY_PERIOD,
+                                username
+                        );
+
+                    } catch (Exception e) {
+                        String msg = "Error occurred while getting access token for the device enrollment.";
+                        log.error(msg, e);
+                        throw new APIManagerPublisherException(msg, e);
+                    }
+
+                    if (jwtAccessTokenInfo == null || StringUtils.isBlank(jwtAccessTokenInfo.getAccessToken())) {
+                        String msg = "Couldn't get a access token for user " + PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                                .getUsername();
+                        log.error(msg);
+                        throw new APIManagerPublisherException(msg);
+                    }
+
+                    String[] dividedAccessToken = jwtAccessTokenInfo.getAccessToken().split("_");
+
+                    accessTokenInfo.setAccess_token(dividedAccessToken[1]);
+                    accessTokenInfo.setRefresh_token(jwtAccessTokenInfo.getRefreshToken());
+                    accessTokenInfo.setScope(jwtAccessTokenInfo.getScopes());
+                    accessTokenInfo.setExpires_in(jwtAccessTokenInfo.getExpiresIn());
+                    accessTokenInfo.setToken_type(jwtAccessTokenInfo.getTokenType());
+                }
+
+
+
                 if (!tenantsLoaded) {
                     tenantSearchResult = realmService.getTenantManager()
                             .listTenants(Integer.MAX_VALUE, 0, "asc", "UM_ID", null);

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherUtil.java

@@ -58,6 +58,48 @@ public class APIPublisherUtil {
     private static final String AUTH_TYPE_NON_SECURED = "None";
     private static final String PARAM_IS_DEFAULT = "isDefault";
 
+    public final class ApplicationInstall {
+        private ApplicationInstall() {
+            throw new AssertionError();
+        }
+
+        public static final String APPLICATION_NAME = "device_type_android";
+        public static final String ENROLLMENT_APP_INSTALL_FEATURE_CODE = "ENROLLMENT_APP_INSTALL";
+        public static final String DEFAULT_TOKEN_TYPE = "PRODUCTION";
+        public static final String DEFAULT_VALIDITY_PERIOD = "3600";
+        public static final String SUBSCRIPTION_SCOPE = "appm:subscribe";
+        public static final String ENROLLMENT_SCOPE_OLD = "dm:device:enroll";
+        public static final String ENROLLMENT_SCOPE = "appm:subscribe apim:api_key apim:app_manage apim:store_settings apim:sub_alert_manage apim:sub_manage apim:subscribe openid perm:device:enroll perm:devices:details perm:devices:feature perm:devices:search perm:devices:view perm:groups:groups perm:users:send-invitation apim:api_view apim:api_create apim:api_manage apim:api_delete apim:api_publish apim:subscription_view apim:subscription_block apim:subscription_manage apim:external_services_discover apim:threat_protection_policy_create apim:threat_protection_policy_manage apim:document_create apim:document_manage apim:mediation_policy_view apim:mediation_policy_create apim:mediation_policy_manage apim:client_certificates_view apim:client_certificates_add apim:client_certificates_update apim:ep_certificates_view apim:ep_certificates_add apim:ep_certificates_update apim:publisher_settings apim:pub_alert_manage apim:shared_scope_manage apim:app_import_export apim:api_import_export apim:api_product_import_export apim:api_generate_key apim:common_operation_policy_view apim:common_operation_policy_manage apim:comment_write apim:comment_view apim:admin";
+        public static final String ANDROID_ENROLLMENT_SCOPE = "and:devices:enroll";
+        public static final String API_PUBLISH_SCOPES = "and:devices:enroll";
+
+        public static final String ENROLLMENT_APP_INSTALL_UUID = "uuid";
+        public static final String ENROLLMENT_APP_INSTALL_APP_ID = "appId";
+        public static final String IS_ANDROID_ENTERPRISE_APP = "isAndroidEnterpriseApp";
+        public static final String INSTALL_GOOGLE_POLICY = "installGooglePolicy";
+        public static final String GOOGLE_POLICY_PAYLOAD = "installGooglePolicyPayload";
+        public static final String ENROLLMENT_APP_INSTALL_CODE = "enrollmentAppInstall";
+        public static final String ENCODING = "UTF-8";
+        public static final String AT = "@";
+        public static final String COLON = ":";
+        public static final String IOT_CORE_HOST = "iot.core.host";
+        public static final String IOT_CORE_PORT = "iot.core.https.port";
+        public static final String ENROLLMENT_APP_INSTALL_PROTOCOL = "https://";
+        public static final String ENROLLMENT_APP_INSTALL_URL = "/api/application-mgt-store/v1.0/subscription/{uuid}/devices/install";
+        public static final String AUTHORIZATION = "Authorization";
+        public static final String AUTHORIZATION_HEADER_VALUE = "Bearer ";
+        public static final String BEHAVIOUR_WHITELISTED_APPS_ONLY = "whitelist";
+        public static final String INSTALL = "INSTALL";
+        public static final String UNINSTALL = "UNINSTALL";
+        public static final String INSTALL_APPLICATION = "INSTALL_APPLICATION";
+        public static final String UNINSTALL_APPLICATION = "UNINSTALL_APPLICATION";
+        public static final String GOOGLE_AUTO_UPDATE_POLICY = "autoUpdatePolicy";
+        public static final String GOOGLE_PRODUCT_SET_BEHAVIOUR = "productSetBehavior";
+        public static final String ANDROID_TAG = "android";
+        public static final String DEVICE_MGT_TAG = "device_management";
+        public static final String ANDROID_QR_ENROLLMENT_APP_NAME = "android_qr_enrollment";
+    }
+
     public static String getServerBaseUrl() {
         WebappPublisherConfig webappPublisherConfig = WebappPublisherConfig.getInstance();
         return Utils.replaceSystemProperty(webappPublisherConfig.getHost());

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherDataHolder.java

@@ -17,6 +17,7 @@
  */
 package io.entgra.device.mgt.core.apimgt.webapp.publisher.internal;
 
+import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderService;
 import io.entgra.device.mgt.core.apimgt.webapp.publisher.APIConfig;
 import io.entgra.device.mgt.core.apimgt.webapp.publisher.APIPublisherService;
 import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.MetadataManagementService;
@@ -47,6 +48,8 @@ public class APIPublisherDataHolder {
 
     private MetadataManagementService metadataManagementService;
 
+    private APIManagementProviderService apiManagementProviderService;
+
     private static APIPublisherDataHolder thisInstance = new APIPublisherDataHolder();
 
     private APIPublisherDataHolder() {
@@ -110,6 +113,19 @@ public class APIPublisherDataHolder {
         return realm;
     }
 
+    public APIManagementProviderService getApiManagementProviderService() {
+        if (apiManagementProviderService == null) {
+            PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            apiManagementProviderService = (APIManagementProviderService)
+                    ctx.getOSGiService(APIManagementProviderService.class, null);
+        }
+        return apiManagementProviderService;
+    }
+
+    public void setApiManagementProviderService(APIManagementProviderService apiManagementProviderService) {
+        this.apiManagementProviderService = apiManagementProviderService;
+    }
+
     private void setTenantManager(TenantManager tenantManager) {
         this.tenantManager = tenantManager;
     }

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherServiceComponent.java

@@ -17,6 +17,7 @@
  */
 package io.entgra.device.mgt.core.apimgt.webapp.publisher.internal;
 
+import io.entgra.device.mgt.core.apimgt.application.extension.APIManagementProviderService;
 import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.MetadataManagementService;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -134,4 +135,15 @@ public class APIPublisherServiceComponent {
         APIPublisherDataHolder.getInstance().setMetadataManagementService(null);
     }
 
+    protected void setApiManagementProviderService(APIManagementProviderService apiManagementProviderService) {
+        if (apiManagementProviderService != null && log.isDebugEnabled()) {
+            log.debug("Meta data mgt mgt service initialized");
+        }
+        APIPublisherDataHolder.getInstance().setApiManagementProviderService(apiManagementProviderService);
+    }
+
+    protected void unsetApiManagementProviderService(APIManagementProviderService apiManagementProviderService) {
+        APIPublisherDataHolder.getInstance().setApiManagementProviderService(null);
+    }
+
 }