From cd9abee0eb080ca8366bcfd2725499a2ed23c9ec Mon Sep 17 00:00:00 2001
From: Menaka Madushanka <menaka12350@gmail.com>
Date: Fri, 8 Jan 2016 00:38:44 +0530
Subject: [PATCH] Separated the Android Sense services and api secured

---
 .../src/main/webapp/WEB-INF/web.xml           | 32 ++++-----
 .../mgt/service/impl/AndroidSenseService.java | 69 +++++++++++++++----
 .../src/main/webapp/WEB-INF/cxf-servlet.xml   |  2 +-
 .../src/main/webapp/WEB-INF/web.xml           | 38 ++++------
 .../pom.xml                                   | 28 +++++++-
 pom.xml                                       |  8 ++-
 6 files changed, 117 insertions(+), 60 deletions(-)

diff --git a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.controller.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.controller.api/src/main/webapp/WEB-INF/web.xml
index d3b03b4c27..2a718175f2 100644
--- a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.controller.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.controller.api/src/main/webapp/WEB-INF/web.xml
@@ -19,14 +19,14 @@
 		<url-pattern>/*</url-pattern>
 	</servlet-mapping>
 
-	<!--<context-param>-->
-		<!--<param-name>isAdminService</param-name>-->
-		<!--<param-value>false</param-value>-->
-	<!--</context-param>-->
-	<!--<context-param>-->
-		<!--<param-name>doAuthentication</param-name>-->
-		<!--<param-value>false</param-value>-->
-	<!--</context-param>-->
+	<context-param>
+		<param-name>isAdminService</param-name>
+		<param-value>false</param-value>
+	</context-param>
+	<context-param>
+		<param-name>doAuthentication</param-name>
+		<param-value>false</param-value>
+	</context-param>
 
 	<!--publish to apim-->
 	<context-param>
@@ -38,20 +38,12 @@
 		<param-value>admin</param-value>
 	</context-param>
 	<context-param>
-		<param-name>managed-api-name</param-name>
-		<param-value>android_sense</param-value>
-	</context-param>
-	<context-param>
-		<param-name>managed-api-endpoint</param-name>
-		<param-value>http://localhost:9763/android_sense</param-value>
+		<param-name>managed-api-context-template</param-name>
+		<param-value>/android_sense/{version}</param-value>
 	</context-param>
 	<context-param>
-		<param-name>managed-api-version</param-name>
-		<param-value>1.0.0</param-value>
-	</context-param>
-	<context-param>
-		<param-name>managed-api-context</param-name>
-		<param-value>/android_sense</param-value>
+		<param-name>managed-api-application</param-name>
+		<param-value>android_sense</param-value>
 	</context-param>
 	<context-param>
 		<param-name>managed-api-isSecured</param-name>
diff --git a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/java/org/wso2/carbon/device/mgt/iot/androidsense/mgt/service/impl/AndroidSenseService.java b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/java/org/wso2/carbon/device/mgt/iot/androidsense/mgt/service/impl/AndroidSenseService.java
index 71020357d6..3330e9cf75 100644
--- a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/java/org/wso2/carbon/device/mgt/iot/androidsense/mgt/service/impl/AndroidSenseService.java
+++ b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/java/org/wso2/carbon/device/mgt/iot/androidsense/mgt/service/impl/AndroidSenseService.java
@@ -20,6 +20,8 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.apimgt.annotations.api.API;
 import org.wso2.carbon.apimgt.webapp.publisher.KeyGenerationUtil;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.Device;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.DeviceManagementException;
@@ -29,6 +31,9 @@ import org.wso2.carbon.device.mgt.iot.androidsense.plugin.constants.AndroidSense
 import org.wso2.carbon.device.mgt.iot.apimgt.AccessTokenInfo;
 import org.wso2.carbon.device.mgt.iot.apimgt.TokenClient;
 import org.wso2.carbon.device.mgt.iot.exception.AccessTokenException;
+import org.wso2.carbon.user.api.UserStoreException;
+import org.wso2.carbon.user.api.UserStoreManager;
+import org.wso2.carbon.user.core.service.RealmService;
 import org.wso2.carbon.utils.CarbonUtils;
 
 import javax.servlet.http.HttpServletResponse;
@@ -38,7 +43,7 @@ import javax.ws.rs.core.Response;
 import java.io.File;
 import java.util.Date;
 
-@API( name="android_sense", version="1.0.0", context="/android_sense")
+@API( name="android_sense_mgt", version="1.0.0", context="/android_sense_mgt")
 public class AndroidSenseService {
 
     private static Log log = LogFactory.getLog(AndroidSenseService.class);
@@ -48,34 +53,62 @@ public class AndroidSenseService {
 
     @Context  //injected response proxy supporting multiple thread
     private HttpServletResponse response;
+    private PrivilegedCarbonContext ctx;
+
+    private RealmService getRealmServiceProvider() {
+        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
+        PrivilegedCarbonContext.startTenantFlow();
+        ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+        ctx.setTenantDomain(tenantDomain, true);
+        if (log.isDebugEnabled()) {
+            log.debug("Getting thread local carbon context for tenant domain: " + tenantDomain);
+        }
+        return (RealmService) ctx.getOSGiService(RealmService.class, null);
+    }
 
     @Path("manager/device")
     @PUT
-    public boolean register(@FormParam("deviceId") String deviceId,
+    public boolean register(@FormParam("username") String username,
+                            @FormParam("password") String password,
+                            @FormParam("deviceId") String deviceId,
                             @FormParam("owner") String owner) {
 
         DeviceManagement deviceManagement = new DeviceManagement(SUPER_TENANT);
 
+        RealmService realmService = getRealmServiceProvider();
+        int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+        try {
+            UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
+            log.debug(userStoreManager.authenticate(username, password)+"");
+
+            if (!userStoreManager.authenticate(username, password)){
+                response.setStatus(Response.Status.NOT_ACCEPTABLE.getStatusCode());
+                return false;
+            }
+        } catch (UserStoreException e) {
+            response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
+            return false;
+        }
+
         DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
         deviceIdentifier.setId(deviceId);
         deviceIdentifier.setType(AndroidSenseConstants.DEVICE_TYPE);
+
         try {
             if (deviceManagement.getDeviceManagementService().isEnrolled(deviceIdentifier)) {
                 response.setStatus(Response.Status.CONFLICT.getStatusCode());
+                getTokens(owner, deviceId, response);
                 return true;
             }
+
+            KeyGenerationUtil.createApplicationKeys("android_sense");
+
+            getTokens(owner, deviceId, response);
+
             Device device = new Device();
             device.setDeviceIdentifier(deviceId);
             EnrolmentInfo enrolmentInfo = new EnrolmentInfo();
 
-//            KeyGenerationUtil.createApplicationKeys("android_sense");
-//
-//            TokenClient accessTokenClient = new TokenClient(AndroidSenseConstants.DEVICE_TYPE);
-//            AccessTokenInfo accessTokenInfo = accessTokenClient.getAccessToken(owner, deviceId);
-//
-//            //create token
-//            String accessToken = accessTokenInfo.getAccess_token();
-//            String refreshToken = accessTokenInfo.getRefresh_token();
 
             enrolmentInfo.setDateOfEnrolment(new Date().getTime());
             enrolmentInfo.setDateOfLastUpdate(new Date().getTime());
@@ -90,8 +123,6 @@ public class AndroidSenseService {
 
             if (added) {
                 response.setStatus(Response.Status.OK.getStatusCode());
-//                response.addHeader("access", accessToken);
-//                response.addHeader("refresh", refreshToken);
             } else {
                 response.setStatus(Response.Status.NOT_ACCEPTABLE.getStatusCode());
             }
@@ -100,7 +131,7 @@ public class AndroidSenseService {
         } catch (DeviceManagementException e) {
             response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
             return false;
-        } catch (Exception e) {
+        } catch (AccessTokenException e) {
             e.printStackTrace();
             response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode());
             return false;
@@ -220,4 +251,16 @@ public class AndroidSenseService {
 
     }
 
+    public void getTokens(String owner, String deviceId, HttpServletResponse response)
+            throws AccessTokenException {
+        TokenClient accessTokenClient = new TokenClient(AndroidSenseConstants.DEVICE_TYPE);
+        AccessTokenInfo accessTokenInfo = accessTokenClient.getAccessToken(owner, deviceId);
+
+        String accessToken = accessTokenInfo.getAccess_token();
+        String refreshToken = accessTokenInfo.getRefresh_token();
+
+        response.addHeader("access", accessToken);
+        response.addHeader("refresh", refreshToken);
+    }
+
 }
diff --git a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
index 40218f1a79..db1443d3d1 100644
--- a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
+++ b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
@@ -29,7 +29,7 @@
             <cxf:logging/>
         </jaxrs:features>
         <jaxrs:serviceBeans>
-            <bean id="AndroidSenseMgtService"
+            <bean id="AndroidSenseService"
                   class="org.wso2.carbon.device.mgt.iot.androidsense.mgt.service.impl.AndroidSenseService"/>
         </jaxrs:serviceBeans>
         <jaxrs:providers>
diff --git a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/web.xml
index 3748c69795..350862cb27 100644
--- a/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-mgt-iot-androidsense/org.wso2.carbon.device.mgt.iot.androidsense.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -19,14 +19,14 @@
 		<url-pattern>/*</url-pattern>
 	</servlet-mapping>
 
-	<!--<context-param>-->
-		<!--<param-name>isAdminService</param-name>-->
-		<!--<param-value>false</param-value>-->
-	<!--</context-param>-->
-	<!--<context-param>-->
-		<!--<param-name>doAuthentication</param-name>-->
-		<!--<param-value>false</param-value>-->
-	<!--</context-param>-->
+	<context-param>
+		<param-name>isAdminService</param-name>
+		<param-value>false</param-value>
+	</context-param>
+	<context-param>
+		<param-name>doAuthentication</param-name>
+		<param-value>false</param-value>
+	</context-param>
 
 	<!--publish to apim-->
 	<context-param>
@@ -38,24 +38,16 @@
 		<param-value>admin</param-value>
 	</context-param>
 	<context-param>
-		<param-name>managed-api-name</param-name>
-		<param-value>android_sense</param-value>
-	</context-param>
-	<context-param>
-		<param-name>managed-api-endpoint</param-name>
-		<param-value>https://localhost:9443/android_sense</param-value>
-	</context-param>
-	<context-param>
-		<param-name>managed-api-version</param-name>
-		<param-value>1.0.0</param-value>
-	</context-param>
-	<context-param>
-		<param-name>managed-api-context</param-name>
-		<param-value>/android_sense</param-value>
+	<param-name>managed-api-context-template</param-name>
+	<param-value>/android_sense_mgt/{version}</param-value>
 	</context-param>
+    <context-param>
+        <param-name>managed-api-application</param-name>
+        <param-value>android_sense</param-value>
+    </context-param>
 	<context-param>
 		<param-name>managed-api-isSecured</param-name>
-		<param-value>true</param-value>
+		<param-value>false</param-value>
 	</context-param>
 
 	<!-- Below configuration is used to redirect http requests to https -->
diff --git a/features/device-mgt-iot-androidsense-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/pom.xml b/features/device-mgt-iot-androidsense-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/pom.xml
index 35fd82d8f8..7b938306fb 100644
--- a/features/device-mgt-iot-androidsense-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/pom.xml
+++ b/features/device-mgt-iot-androidsense-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/pom.xml
@@ -44,7 +44,12 @@
         </dependency>
         <dependency>
             <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
-            <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.api</artifactId>
+            <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.mgt.api</artifactId>
+            <type>war</type>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
+            <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.controller.api</artifactId>
             <type>war</type>
         </dependency>
         <dependency>
@@ -94,7 +99,7 @@
                             <artifactItems>
                                 <artifactItem>
                                     <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
-                                    <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.api</artifactId>
+                                    <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.mgt.api</artifactId>
                                     <type>war</type>
                                     <overWrite>true</overWrite>
                                     <outputDirectory>${basedir}/src/main/resources/webapps/</outputDirectory>
@@ -103,6 +108,25 @@
                             </artifactItems>
                         </configuration>
                     </execution>
+                    <execution>
+                        <id>copy-controller-jaxrs-war</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>copy</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
+                                    <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.controller.api</artifactId>
+                                    <type>war</type>
+                                    <overWrite>true</overWrite>
+                                    <outputDirectory>${basedir}/src/main/resources/webapps/</outputDirectory>
+                                    <destFileName>android_sense.war</destFileName>
+                                </artifactItem>
+                            </artifactItems>
+                        </configuration>
+                    </execution>
                 </executions>
             </plugin>
 
diff --git a/pom.xml b/pom.xml
index 2ebfce5d64..28c74499a0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -379,7 +379,13 @@
             </dependency>
             <dependency>
                 <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
-                <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.api</artifactId>
+                <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.controller.api</artifactId>
+                <version>${carbon.iot.device.mgt.version}</version>
+                <type>war</type>
+            </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
+                <artifactId>org.wso2.carbon.device.mgt.iot.androidsense.mgt.api</artifactId>
                 <version>${carbon.iot.device.mgt.version}</version>
                 <type>war</type>
             </dependency>