diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypePublisherAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypePublisherAdminService.java
new file mode 100644
index 00000000000..7914f9d071c
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypePublisherAdminService.java
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
+
+
+import io.swagger.annotations.*;
+import org.wso2.carbon.apimgt.annotations.api.Scope;
+import org.wso2.carbon.apimgt.annotations.api.Scopes;
+import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
+import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.Response;
+
+@SwaggerDefinition(
+ info = @Info(
+ version = "1.0.0",
+ title = "",
+ extensions = {
+ @Extension(properties = {
+ @ExtensionProperty(name = "name", value = "DeviceTypePublisherAdminService"),
+ @ExtensionProperty(name = "context", value = "/api/device-mgt/v1.0/admin/devicetype"),
+ })
+ }
+ ),
+ tags = {
+ @Tag(name = "device_management", description = "")
+ }
+)
+@Path("/admin/devicetype")
+@Api(value = "Devicetype deployment Administrative Service", description = "This an API intended to be used to " +
+ "deploy device type components" +
+ "Further, this is strictly restricted to admin users only ")
+@Scopes(
+ scopes = {
+ @Scope(
+ name = "Devicetype deployment",
+ description = "Deploy devicetype",
+ key = "perm:devicetype:deployment",
+ permissions = {"/device-mgt/devicetype/deploy"}
+ )
+ }
+)
+
+public interface DeviceTypePublisherAdminService {
+
+ @POST
+ @Path("/deploy/{type}")
+ @ApiOperation(
+ httpMethod = "POST",
+ value = "Deploy device type\n",
+ notes = "This is an API that can be used to deploy existing device type artifact for tenant",
+ response = Response.class,
+ tags = "Devicetype Deployment Service",
+ extensions = {
+ @Extension(properties = {
+ @ExtensionProperty(name = Constants.SCOPE, value = "perm:devicetype:deployment")
+ })
+ })
+
+ @ApiResponses(value = {
+ @ApiResponse(
+ code = 201,
+ message = "OK. \n Successfully deployed the artifacts.",
+ response = Response.class),
+ @ApiResponse(
+ code = 400,
+ message = "Bad Request. \n Invalid request or validation error.",
+ response = ErrorResponse.class),
+ @ApiResponse(
+ code = 404,
+ message = "Not Found. \n The specified resource does not exist."),
+ @ApiResponse(
+ code = 415,
+ message = "Unsupported media type. \n The entity of the request was in a not supported format."),
+ @ApiResponse(
+ code = 500,
+ message = "Internal Server Error. \n Server error occurred while checking the authorization" +
+ " for a specified set of devices.",
+ response = ErrorResponse.class)
+ })
+
+ Response doPublish(
+ @ApiParam(name = "type",
+ value = "The type of deployment." +
+ "INFO: Deploy artifact with given type.",
+ required = true)
+ @PathParam("type") String type);
+
+ @GET
+ @Path("/deploy/{type}/status")
+ @ApiOperation(
+ httpMethod = "GET",
+ value = "Check the status of device type artifact\n",
+ notes = "This is an API that can be used to check the status of the artifact",
+ response = Response.class,
+ tags = "Devicetype Status Service",
+ extensions = {
+ @Extension(properties = {
+ @ExtensionProperty(name = Constants.SCOPE, value = "perm:devicetype:deployment")
+ })
+ })
+
+ @ApiResponses(value = {
+ @ApiResponse(
+ code = 201,
+ message = "OK. \n Successfully deployed the artifacts.",
+ response = Response.class),
+ @ApiResponse(
+ code = 400,
+ message = "Bad Request. \n Invalid request or validation error.",
+ response = ErrorResponse.class),
+ @ApiResponse(
+ code = 404,
+ message = "Not Found. \n The specified resource does not exist."),
+ @ApiResponse(
+ code = 415,
+ message = "Unsupported media type. \n The entity of the request was in a not supported format."),
+ @ApiResponse(
+ code = 500,
+ message = "Internal Server Error. \n Server error occurred while checking the authorization" +
+ " for a specified set of devices.",
+ response = ErrorResponse.class)
+ })
+
+ Response getStatus(@PathParam("type") String deviceType);
+
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java
new file mode 100644
index 00000000000..66548fee52d
--- /dev/null
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceTypePublisherAdminServiceImpl.java
@@ -0,0 +1,315 @@
+/*
+ * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.wso2.carbon.device.mgt.jaxrs.service.impl.admin;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMXMLBuilderFactory;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.java.security.SSLProtocolSocketFactory;
+import org.apache.axis2.transport.http.HTTPConstants;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.application.mgt.stub.upload.CarbonAppUploaderStub;
+import org.wso2.carbon.application.mgt.stub.upload.types.carbon.UploadedFileItem;
+import org.wso2.carbon.base.ServerConfiguration;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.core.util.Utils;
+import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceTypePublisherAdminService;
+import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.registry.core.Registry;
+import org.wso2.carbon.registry.core.Resource;
+import org.wso2.carbon.registry.core.ResourceImpl;
+import org.wso2.carbon.registry.core.exceptions.RegistryException;
+import org.wso2.carbon.utils.CarbonUtils;
+
+import javax.activation.DataHandler;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.core.Response;
+import java.io.*;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+
+@Path("/admin/devicetype")
+public class DeviceTypePublisherAdminServiceImpl implements DeviceTypePublisherAdminService {
+
+ /**
+ * required soap header for mutualSSL
+ */
+ private static final String USER_NAME_HEADER = "UserName";
+
+ private static final String KEY_STORE_TYPE = "JKS";
+ /**
+ * Default truststore type of the client
+ */
+ private static final String TRUST_STORE_TYPE = "JKS";
+ /**
+ * Default keymanager type of the client
+ */
+ private static final String KEY_MANAGER_TYPE = "SunX509"; //Default Key Manager Type
+ /**
+ * Default trustmanager type of the client
+ */
+ private static final String TRUST_MANAGER_TYPE = "SunX509"; //Default Trust Manager Type
+
+ private static final String SSLV3 = "SSLv3";
+
+ private KeyStore keyStore;
+ private KeyStore trustStore;
+ private char[] keyStorePassword;
+ private SSLContext sslContext;
+
+ private static final Log log = LogFactory.getLog(DeviceTypePublisherAdminServiceImpl.class);
+ private static final String DEFAULT_RESOURCE_LOCATION = "/resources/devicetypes";
+ private static final String CAR_FILE_LOCATION = CarbonUtils.getCarbonHome() + File.separator + "repository" +
+ File.separator + "resources" + File.separator + "devicetypes";
+ private static final String DAS_PORT = "${iot.analytics.https.port}";
+ private static final String DAS_HOST_NAME = "${iot.analytics.host}";
+ private static final String DEFAULT_HTTP_PROTOCOL = "https";
+ private static final String IOT_MGT_PORT = "${iot.manager.https.port}";
+ private static final String IOT_MGT_HOST_NAME = "${iot.manager.host}";
+ private static final String DAS_URL = DEFAULT_HTTP_PROTOCOL + "://" + DAS_HOST_NAME
+ + ":" + DAS_PORT + "/services/CarbonAppUploader" + "/";
+ private static final String IOT_MGT_URL = DEFAULT_HTTP_PROTOCOL + "://" + IOT_MGT_HOST_NAME
+ + ":" + IOT_MGT_PORT + "/services/CarbonAppUploader" + "/";
+ private static final String MEDIA_TYPE_XML = "application/xml";
+ private static final String DEVICE_MANAGEMENT_TYPE = "device_management";
+
+ @Override
+ @POST
+ @Path("/deploy/{type}")
+ public Response doPublish(@PathParam("type") String type) {
+
+ try {
+ //Getting the tenant Domain
+ String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
+ String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
+ String tenantAdminUser = username + "@" + tenantDomain;
+
+ String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
+ String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty(
+ "Security.TrustStore.Password");
+ String keyStoreLocation = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Location");
+ String trustStoreLocation = ServerConfiguration.getInstance().getFirstProperty(
+ "Security.TrustStore.Location");
+
+ //Call to load the keystore.
+ loadKeyStore(keyStoreLocation, keyStorePassword);
+ //Call to load the TrustStore.
+ loadTrustStore(trustStoreLocation, trustStorePassword);
+ //Create the SSL context with the loaded TrustStore/keystore.
+ initMutualSSLConnection();
+
+ //Constructing the soap header that required for mutual SSL
+ String strHeader =
+ "'" + tenantAdminUser +
+ "'";
+
+ InputStream is = new ByteArrayInputStream(strHeader.getBytes());
+ OMElement header = OMXMLBuilderFactory.createOMBuilder(is).getDocumentElement();
+
+ List list = new ArrayList();
+ Header httpHeader = new Header();
+ httpHeader.setName(USER_NAME_HEADER);
+ byte[] encodedBytes = Base64.encodeBase64(tenantAdminUser.getBytes());
+ httpHeader.setValue(new String(encodedBytes));
+ list.add(httpHeader);//"https"
+
+ File directory = new File(CAR_FILE_LOCATION + File.separator + type);
+ if (directory.isDirectory() && directory.exists()) {
+ UploadedFileItem[] uploadedFileItems = loadCappFromFileSystem(type);
+ if (uploadedFileItems.length > 0) {
+ CarbonAppUploaderStub carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(
+ IOT_MGT_URL));
+ carbonAppUploaderStub._getServiceClient().addHeader(header);
+ Options appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
+ if (appUploaderOptions == null) {
+ appUploaderOptions = new Options();
+ }
+ appUploaderOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
+ appUploaderOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
+ , new Protocol(DEFAULT_HTTP_PROTOCOL, (ProtocolSocketFactory) new SSLProtocolSocketFactory
+ (sslContext), Integer.parseInt(Utils.replaceSystemProperty(IOT_MGT_PORT))));
+
+ carbonAppUploaderStub._getServiceClient().setOptions(appUploaderOptions);
+ carbonAppUploaderStub.uploadApp(uploadedFileItems);
+
+ if (!DEVICE_MANAGEMENT_TYPE.equals(type.toLowerCase())) {
+ carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(DAS_URL));
+ carbonAppUploaderStub._getServiceClient().addHeader(header);
+ appUploaderOptions = carbonAppUploaderStub._getServiceClient().getOptions();
+ if (appUploaderOptions == null) {
+ appUploaderOptions = new Options();
+ }
+ appUploaderOptions.setProperty(HTTPConstants.HTTP_HEADERS, list);
+ appUploaderOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER
+ , new Protocol(DEFAULT_HTTP_PROTOCOL
+ , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext)
+ , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT))));
+
+ carbonAppUploaderStub._getServiceClient().setOptions(appUploaderOptions);
+ carbonAppUploaderStub.uploadApp(uploadedFileItems);
+ }
+ int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
+ Registry registry = DeviceMgtAPIUtils.getRegistryService().getConfigSystemRegistry(tenantId);
+ if (!registry.resourceExists(DEFAULT_RESOURCE_LOCATION + type + ".exist")) {
+ Resource resource = new ResourceImpl();
+ resource.setContent("");
+ resource.setMediaType(MEDIA_TYPE_XML);
+ registry.put(DEFAULT_RESOURCE_LOCATION + type + ".exist", resource);
+ }
+ }
+ } else {
+ return Response.status(Response.Status.BAD_REQUEST)
+ .entity("\"Error, Artifact does not exist.\"").build();
+ }
+
+ } catch (Exception e) {
+ log.error("Capp deployment failed due to " + e.getMessage(), e);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ "\"Error, Artifact deployment has failed\"").build();
+ }
+
+ return Response.status(Response.Status.CREATED).entity("\"OK. \\n Successfully uploaded the artifacts.\"")
+ .build();
+ }
+
+ @GET
+ @Path("/deploy/{type}/status")
+ @Override
+ public Response getStatus(@PathParam("type") String deviceType) {
+ int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
+ Registry registry = null;
+ try {
+ registry = DeviceMgtAPIUtils.getRegistryService().getConfigSystemRegistry(tenantId);
+ if (registry.resourceExists(DEFAULT_RESOURCE_LOCATION + deviceType + ".exist")) {
+ return Response.status(Response.Status.OK).entity("Exist").build();
+ } else {
+ return Response.status(Response.Status.NO_CONTENT).entity("Does not Exist").build();
+ }
+ } catch (RegistryException e) {
+ log.error("Registry failed to load." + e.getMessage(), e);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
+ "\"Error, Artifact status check has failed\"").build();
+ }
+ }
+
+ private UploadedFileItem[] loadCappFromFileSystem(String deviceType) throws IOException {
+
+ File directory = new File(CAR_FILE_LOCATION + File.separator + deviceType);
+ File[] carFiles = directory.listFiles(new FilenameFilter() {
+ @Override
+ public boolean accept(File dir, String name) {
+ return name.toLowerCase().endsWith(".car");
+ }
+ });
+ List uploadedFileItemLis = new ArrayList<>();
+ if (carFiles != null) {
+
+ for (File carFile : carFiles) {
+ UploadedFileItem uploadedFileItem = new UploadedFileItem();
+ DataHandler param = new DataHandler(carFile.toURI().toURL());
+ uploadedFileItem.setDataHandler(param);
+ uploadedFileItem.setFileName(carFile.getName());
+ uploadedFileItem.setFileType("jar");
+ uploadedFileItemLis.add(uploadedFileItem);
+ }
+ }
+ UploadedFileItem[] fileItems = new UploadedFileItem[uploadedFileItemLis.size()];
+ fileItems = uploadedFileItemLis.toArray(fileItems);
+ return fileItems;
+ }
+
+ /**
+ * Loads the keystore.
+ *
+ * @param keyStorePath - the path of the keystore
+ * @param ksPassword - the keystore password
+ */
+ private void loadKeyStore(String keyStorePath, String ksPassword)
+ throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
+ InputStream fis = null;
+ try {
+ keyStorePassword = ksPassword.toCharArray();
+ keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
+ fis = new FileInputStream(keyStorePath);
+ keyStore.load(fis, keyStorePassword);
+ } finally {
+ if (fis != null) {
+ fis.close();
+ }
+ }
+ }
+
+ /**
+ * Loads the trustore
+ *
+ * @param trustStorePath - the trustore path in the filesystem.
+ * @param tsPassword - the truststore password
+ */
+ private void loadTrustStore(String trustStorePath, String tsPassword)
+ throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
+
+ InputStream fis = null;
+ try {
+ trustStore = KeyStore.getInstance(TRUST_STORE_TYPE);
+ fis = new FileInputStream(trustStorePath);
+ trustStore.load(fis, tsPassword.toCharArray());
+ } finally {
+ if (fis != null) {
+ fis.close();
+ }
+ }
+ }
+
+ /**
+ * Initializes the SSL Context
+ */
+ private void initMutualSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
+ KeyStoreException, KeyManagementException {
+ KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
+ keyManagerFactory.init(keyStore, keyStorePassword);
+ TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);
+ trustManagerFactory.init(trustStore);
+
+ // Create and initialize SSLContext for HTTPS communication
+ sslContext = SSLContext.getInstance(SSLV3);
+ sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
+ SSLContext.setDefault(sslContext);
+ }
+
+
+}
+