|
|
@ -44,13 +44,14 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
|
|
|
|
|
|
|
|
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.util.*;
|
|
|
|
import java.util.*;
|
|
|
|
|
|
|
|
import java.util.concurrent.ConcurrentHashMap;
|
|
|
|
import java.util.concurrent.TimeUnit;
|
|
|
|
import java.util.concurrent.TimeUnit;
|
|
|
|
|
|
|
|
|
|
|
|
public class ExServer {
|
|
|
|
public class ExServer {
|
|
|
|
private static final Log logger = LogFactory.getLog(ExServer.class.getName());
|
|
|
|
private static final Log logger = LogFactory.getLog(ExServer.class.getName());
|
|
|
|
|
|
|
|
|
|
|
|
private static Map<String, String> accessTokenMap = new HashMap<>();
|
|
|
|
private static Map<String, String> accessTokenMap = new ConcurrentHashMap<>();
|
|
|
|
private static Map<String, String> authorizedScopeMap = new HashMap<>();
|
|
|
|
private static Map<String, String> authorizedScopeMap = new ConcurrentHashMap<>();
|
|
|
|
private Server server;
|
|
|
|
private Server server;
|
|
|
|
|
|
|
|
|
|
|
|
public ExServer() {
|
|
|
|
public ExServer() {
|
|
|
@ -177,25 +178,27 @@ public class ExServer {
|
|
|
|
if (request.getResultCode().equals("success")) {
|
|
|
|
if (request.getResultCode().equals("success")) {
|
|
|
|
String accessToken = accessTokenMap.get(request.getConninfo().getClientid());
|
|
|
|
String accessToken = accessTokenMap.get(request.getConninfo().getClientid());
|
|
|
|
String scopeString = authorizedScopeMap.get(accessToken);
|
|
|
|
String scopeString = authorizedScopeMap.get(accessToken);
|
|
|
|
String[] scopeArray = scopeString.split(" ");
|
|
|
|
if (!StringUtils.isEmpty(scopeString)) {
|
|
|
|
String deviceType = null;
|
|
|
|
String[] scopeArray = scopeString.split(" ");
|
|
|
|
String deviceId = null;
|
|
|
|
String deviceType = null;
|
|
|
|
for (String scope : scopeArray) {
|
|
|
|
String deviceId = null;
|
|
|
|
if (scope.startsWith("device_")) {
|
|
|
|
for (String scope : scopeArray) {
|
|
|
|
String[] scopeParts = scope.split("_");
|
|
|
|
if (scope.startsWith("device_")) {
|
|
|
|
deviceType = scopeParts[1];
|
|
|
|
String[] scopeParts = scope.split("_");
|
|
|
|
deviceId = scopeParts[2];
|
|
|
|
deviceType = scopeParts[1];
|
|
|
|
break;
|
|
|
|
deviceId = scopeParts[2];
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!StringUtils.isEmpty(deviceType) && !StringUtils.isEmpty(deviceId)) {
|
|
|
|
if (!StringUtils.isEmpty(deviceType) && !StringUtils.isEmpty(deviceId)) {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain("carbon.super");
|
|
|
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain("carbon.super");
|
|
|
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(-1234);
|
|
|
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(-1234);
|
|
|
|
DeviceManagementProviderService deviceManagementProviderService = getDeviceManagementService();
|
|
|
|
DeviceManagementProviderService deviceManagementProviderService = getDeviceManagementService();
|
|
|
|
deviceManagementProviderService.changeDeviceStatus(new DeviceIdentifier(deviceId, deviceType), EnrolmentInfo.Status.ACTIVE);
|
|
|
|
deviceManagementProviderService.changeDeviceStatus(new DeviceIdentifier(deviceId, deviceType), EnrolmentInfo.Status.ACTIVE);
|
|
|
|
} catch (DeviceManagementException e) {
|
|
|
|
} catch (DeviceManagementException e) {
|
|
|
|
logger.error("onClientConnack: Error while setting device status");
|
|
|
|
logger.error("onClientConnack: Error while setting device status");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -315,53 +318,57 @@ public class ExServer {
|
|
|
|
if (StringUtils.isEmpty(accessToken) || !accessToken.startsWith(request.getClientinfo().getUsername())) {
|
|
|
|
if (StringUtils.isEmpty(accessToken) || !accessToken.startsWith(request.getClientinfo().getUsername())) {
|
|
|
|
logger.info("Valid access token not found");
|
|
|
|
logger.info("Valid access token not found");
|
|
|
|
responseObserver.onError(new Exception("not authorized"));
|
|
|
|
responseObserver.onError(new Exception("not authorized"));
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
String authorizedScopeList = authorizedScopeMap.get(accessToken);
|
|
|
|
String authorizedScopeList = authorizedScopeMap.get(accessToken);
|
|
|
|
String[] scopeArray = authorizedScopeList.split(" ");
|
|
|
|
|
|
|
|
List<String> scopeList = Arrays.asList(scopeArray);
|
|
|
|
|
|
|
|
boolean isFound = false;
|
|
|
|
boolean isFound = false;
|
|
|
|
|
|
|
|
if (!StringUtils.isEmpty(authorizedScopeList)) {
|
|
|
|
|
|
|
|
String[] scopeArray = authorizedScopeList.split(" ");
|
|
|
|
|
|
|
|
List<String> scopeList = Arrays.asList(scopeArray);
|
|
|
|
|
|
|
|
|
|
|
|
String tempScope = null;
|
|
|
|
|
|
|
|
String requestTopic = request.getTopic();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (request.getType().equals(ClientCheckAclRequest.AclReqType.PUBLISH)) {
|
|
|
|
String tempScope = null;
|
|
|
|
requestTopic = requestTopic.replace("/", ":");
|
|
|
|
String requestTopic = request.getTopic();
|
|
|
|
|
|
|
|
|
|
|
|
String[] requestTopicParts = requestTopic.split(":");
|
|
|
|
if (request.getType().equals(ClientCheckAclRequest.AclReqType.PUBLISH)) {
|
|
|
|
|
|
|
|
requestTopic = requestTopic.replace("/", ":");
|
|
|
|
|
|
|
|
|
|
|
|
if (requestTopicParts.length >= 4 && "operation".equals(requestTopicParts[3])) {
|
|
|
|
String[] requestTopicParts = requestTopic.split(":");
|
|
|
|
// publishing operation from iot server to emqx
|
|
|
|
|
|
|
|
tempScope = "perm:topic:pub:" + requestTopicParts[0] + ":+:+:operation";
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
// publishing operation response from device to emqx
|
|
|
|
|
|
|
|
// publishing events from device to emqx
|
|
|
|
|
|
|
|
tempScope = "perm:topic:pub:" + requestTopic;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for (String scope : scopeList) {
|
|
|
|
if (requestTopicParts.length >= 4 && "operation".equals(requestTopicParts[3])) {
|
|
|
|
if (scope.startsWith(tempScope)) {
|
|
|
|
// publishing operation from iot server to emqx
|
|
|
|
isFound = true;
|
|
|
|
tempScope = "perm:topic:pub:" + requestTopicParts[0] + ":+:+:operation";
|
|
|
|
break;
|
|
|
|
} else {
|
|
|
|
|
|
|
|
// publishing operation response from device to emqx
|
|
|
|
|
|
|
|
// publishing events from device to emqx
|
|
|
|
|
|
|
|
tempScope = "perm:topic:pub:" + requestTopic;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (request.getType().equals(ClientCheckAclRequest.AclReqType.SUBSCRIBE)) {
|
|
|
|
for (String scope : scopeList) {
|
|
|
|
if (requestTopic.endsWith("/#")) {
|
|
|
|
if (scope.startsWith(tempScope)) {
|
|
|
|
requestTopic = requestTopic.substring(0, requestTopic.indexOf("/#"));
|
|
|
|
isFound = true;
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
requestTopic = requestTopic.replace("/", ":");
|
|
|
|
if (request.getType().equals(ClientCheckAclRequest.AclReqType.SUBSCRIBE)) {
|
|
|
|
// subscribing for events from iotserver to emqx
|
|
|
|
if (requestTopic.endsWith("/#")) {
|
|
|
|
// subscribing for operation from device to emqx
|
|
|
|
requestTopic = requestTopic.substring(0, requestTopic.indexOf("/#"));
|
|
|
|
// subscribing for operation response from iotserver to emqx
|
|
|
|
}
|
|
|
|
tempScope = "perm:topic:sub:" + requestTopic;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for (String scope : scopeList) {
|
|
|
|
requestTopic = requestTopic.replace("/", ":");
|
|
|
|
if (scope.startsWith(tempScope)) {
|
|
|
|
// subscribing for events from iotserver to emqx
|
|
|
|
isFound = true;
|
|
|
|
// subscribing for operation from device to emqx
|
|
|
|
break;
|
|
|
|
// subscribing for operation response from iotserver to emqx
|
|
|
|
|
|
|
|
tempScope = "perm:topic:sub:" + requestTopic;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for (String scope : scopeList) {
|
|
|
|
|
|
|
|
if (scope.startsWith(tempScope)) {
|
|
|
|
|
|
|
|
isFound = true;
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|