Merge pull request #1031 from sinthuja/application-mgt

Making the auth handler to be compatible with the store and publisher.
feature/appm-store/pbac
Megala Uthayakumar 7 years ago committed by GitHub
commit f45ba70b66

@ -20,21 +20,24 @@ package org.wso2.carbon.device.application.mgt.auth.handler.service;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@Path("/auth")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public interface AuthHandlerService {
@POST
@Path("/login")
@Path("/{appName}/login")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
Response login(@QueryParam("userName") String userName, @QueryParam("password") String password);
Response login(@PathParam("appName") String appName, @QueryParam("userName") String userName,
@QueryParam("password") String password);
@POST
@Path("/refresh")

@ -0,0 +1,35 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.application.mgt.auth.handler.service;
/**
* This is the exception class which gets thrown when the initialization parameters such
* as hostname and port are missing in the JVM.
*/
public class InitializationException extends Exception {
private String message;
public InitializationException(String message) {
super(message);
this.message = message;
}
public String getMessage(){
return this.message;
}
}

@ -0,0 +1,34 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.application.mgt.auth.handler.service;
/**
* This is the exception class which gets thrown when the API methods receives any unexpected input.
*/
public class InvalidParameterException extends Exception {
private String message;
public InvalidParameterException(String message) {
super(message);
this.message = message;
}
public String getMessage() {
return this.message;
}
}

@ -25,6 +25,8 @@ import feign.jackson.JacksonEncoder;
import feign.jaxrs.JAXRSContract;
import org.json.JSONObject;
import org.wso2.carbon.device.application.mgt.auth.handler.service.AuthHandlerService;
import org.wso2.carbon.device.application.mgt.auth.handler.service.InitializationException;
import org.wso2.carbon.device.application.mgt.auth.handler.service.InvalidParameterException;
import org.wso2.carbon.device.application.mgt.auth.handler.util.Constants;
import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.AccessTokenInfo;
import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.ApiApplicationKey;
@ -33,14 +35,13 @@ import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.ApiRegistrat
import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.TokenIssuerService;
import org.wso2.carbon.device.application.mgt.auth.handler.util.dto.TokenRevokeService;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
@ -51,6 +52,9 @@ import java.security.NoSuchAlgorithmException;
@Path("/auth")
public class AuthHandlerServiceImpl implements AuthHandlerService {
private String tokenEndpoint;
private String apiApplicationEndpoint;
private TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
@ -67,27 +71,23 @@ public class AuthHandlerServiceImpl implements AuthHandlerService {
}
};
private Client disableHostnameVerification = new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
private Client disableHostnameVerification = new Client.Default(getTrustedSSLSocketFactory(),
(s, sslSession) -> true);
@POST
@Path("/login")
@Path("/{appName}/login")
@Produces(MediaType.APPLICATION_JSON)
@Override
public Response login(@QueryParam("userName") String userName, @QueryParam("password") String password) {
public Response login(@PathParam("appName") String appName, @QueryParam("userName") String userName,
@QueryParam("password") String password) {
try {
ApiApplicationRegistrationService apiApplicationRegistrationService = Feign.builder()
.client(disableHostnameVerification)
.requestInterceptor(new BasicAuthRequestInterceptor(userName, password))
.contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
.target(ApiApplicationRegistrationService.class, Constants.API_APPLICATION_ENDPOINT);
.target(ApiApplicationRegistrationService.class, this.getAPIApplicationEndpoint());
ApiRegistrationProfile apiRegistrationProfile = new ApiRegistrationProfile();
apiRegistrationProfile.setApplicationName(Constants.APPLICATION_NAME);
apiRegistrationProfile.setApplicationName(getApplicationName(appName));
apiRegistrationProfile.setIsAllowedToAllDomains(false);
apiRegistrationProfile.setIsMappingAnExistingOAuthApp(false);
apiRegistrationProfile.setTags(Constants.TAGS);
@ -98,7 +98,7 @@ public class AuthHandlerServiceImpl implements AuthHandlerService {
.requestInterceptor(new BasicAuthRequestInterceptor(apiApplicationKey.getConsumerKey(),
apiApplicationKey.getConsumerSecret()))
.contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
.target(TokenIssuerService.class, Constants.TOKEN_ENDPOINT);
.target(TokenIssuerService.class, this.getTokenEndpoint());
AccessTokenInfo accessTokenInfo = tokenIssuerService.getToken(Constants.PASSWORD_GRANT_TYPE,
userName, password, Constants.SCOPES);
JSONObject loginInfo = new JSONObject(accessTokenInfo);
@ -114,14 +114,16 @@ public class AuthHandlerServiceImpl implements AuthHandlerService {
@Path("/refresh")
@Produces(MediaType.APPLICATION_JSON)
@Override
public Response refresh(@QueryParam("refresh_token") String refresh_token, @QueryParam("clientId") String clientId,
public Response refresh(@QueryParam("refresh_token") String refreshToken,
@QueryParam("clientId") String clientId,
@QueryParam("clientSecret") String clientSecret) {
try {
TokenIssuerService tokenIssuerService = Feign.builder().client(disableHostnameVerification)
.requestInterceptor(new BasicAuthRequestInterceptor(clientId, clientSecret))
.contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
.target(TokenIssuerService.class, Constants.TOKEN_ENDPOINT);
AccessTokenInfo accessTokenInfo = tokenIssuerService.getRefreshToken(Constants.REFRESH_GRANT_TYPE, refresh_token);
.target(TokenIssuerService.class, this.getTokenEndpoint());
AccessTokenInfo accessTokenInfo = tokenIssuerService.
getRefreshToken(Constants.REFRESH_GRANT_TYPE, refreshToken);
return Response.status(200).entity(new JSONObject(accessTokenInfo)).build();
} catch (Exception e) {
return Response.status(500).build();
@ -137,9 +139,8 @@ public class AuthHandlerServiceImpl implements AuthHandlerService {
TokenRevokeService tokenRevokeService = Feign.builder().client(disableHostnameVerification)
.requestInterceptor(new BasicAuthRequestInterceptor(clientId, clientSecret))
.contract(new JAXRSContract()).encoder(new JacksonEncoder()).decoder(new JacksonDecoder())
.target(TokenRevokeService.class, Constants.TOKEN_ENDPOINT);
.target(TokenRevokeService.class, this.getTokenEndpoint());
tokenRevokeService.revoke(token);
return Response.status(200).build();
} catch (Exception e) {
return Response.status(500).build();
@ -155,4 +156,48 @@ public class AuthHandlerServiceImpl implements AuthHandlerService {
return null;
}
}
private String getTokenEndpoint() throws InitializationException {
if (this.tokenEndpoint == null) {
synchronized (this) {
String hostName = this.getProperty("iot.gateway.host");
String port = this.getProperty("iot.gateway.https.port");
this.tokenEndpoint = "https://" + hostName + ":" + port;
}
}
return this.tokenEndpoint;
}
private String getAPIApplicationEndpoint() throws InitializationException {
if (this.apiApplicationEndpoint == null) {
synchronized (this) {
String hostName = this.getProperty("iot.core.host");
String port = this.getProperty("iot.core.https.port");
this.apiApplicationEndpoint = "https://" + hostName + ":" + port + "/api-application-registration";
}
}
return this.apiApplicationEndpoint;
}
private String getProperty(String propertyName) throws InitializationException {
String property = System.getProperty(propertyName);
if (property == null) {
throw new InitializationException("No system property defined in the name - " + propertyName);
}
return property;
}
private String getApplicationName(String apiAppName) throws InvalidParameterException {
if (apiAppName != null) {
if (apiAppName.equalsIgnoreCase("store")) {
return Constants.STORE_APPLICATION_NAME;
} else if (apiAppName.equalsIgnoreCase("publisher")) {
return Constants.PUBLISHER_APPLICATION_NAME;
} else {
throw new InvalidParameterException("Invalid app name -" + apiAppName + " is passed!");
}
}
return Constants.PUBLISHER_APPLICATION_NAME;
}
}

@ -18,7 +18,6 @@
package org.wso2.carbon.device.application.mgt.auth.handler.util;
//TODO: Remove hardcoded localhost and ports
public class Constants {
public static final String SCOPES = "perm:application:get perm:application:create perm:application:update " +
"perm:application-mgt:login perm:application:delete perm:platform:add perm:platform:remove " +
@ -48,10 +47,11 @@ public class Constants {
public static final String[] TAGS = {"device_management"};
public static final String USER_NAME = "userName";
public static final String APPLICATION_NAME = "applicationmgt_publisher";
public static final String TOKEN_ENDPOINT = "https://localhost:8243";
public static final String PUBLISHER_APPLICATION_NAME = "applicationmgt_publisher";
public static final String STORE_APPLICATION_NAME = "applicationmgt_store";
public static final String PASSWORD_GRANT_TYPE = "password";
public static final String REFRESH_GRANT_TYPE = "refresh_token";
public static final String API_APPLICATION_ENDPOINT = "https://localhost:9443/api-application-registration/";
public static final String APPLICATION_INFO = "application_info";
}

@ -26,20 +26,14 @@ import javax.xml.bind.annotation.XmlRootElement;
/**
* This hold access token info that returned from the api call
*/
@XmlRootElement(name = "AccessTokenInfo")
@JsonIgnoreProperties(ignoreUnknown = true)
public class AccessTokenInfo {
@XmlElement(required = true, name = "token_type")
private String token_type;
@XmlElement(required = true, name = "expires_in")
private String expires_in;
@XmlElement(required = true, name = "refresh_token")
private String refresh_token;
@XmlElement(required = true, name = "access_token")
private String access_token;
public AccessTokenInfo() {}

@ -24,11 +24,9 @@ import javax.xml.bind.annotation.XmlRootElement;
/**
* This holds api application consumer key and secret.
*/
@XmlRootElement
public class ApiApplicationKey {
@XmlElement
private String client_id;
@XmlElement
private String client_secret;
public String getConsumerKey() {

@ -24,13 +24,12 @@ package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
* the oauth application.
*/
public class ApiRegistrationProfile {
public String applicationName;
public String tags[];
public boolean isAllowedToAllDomains;
public String consumerKey;
public String consumerSecret;
public boolean isMappingAnExistingOAuthApp;
private String applicationName;
private String tags[];
private boolean isAllowedToAllDomains;
private String consumerKey;
private String consumerSecret;
private boolean isMappingAnExistingOAuthApp;
public String getApplicationName() {
return applicationName;

@ -1,47 +0,0 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import static feign.Util.checkNotNull;
/**
* This is a request interceptor to add oauth token header.
*/
public class OAuthRequestInterceptor implements RequestInterceptor {
private final String headerValue;
/**
* Creates an interceptor that authenticates all requests with the specified OAUTH token
*
* @param token the access token to use for authentication
*/
public OAuthRequestInterceptor(String token) {
checkNotNull(token, "access_token");
headerValue = "Bearer " + token;
}
@Override
public void apply(RequestTemplate template) {
template.header("Authorization", headerValue);
}
}

@ -1,83 +0,0 @@
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.application.mgt.auth.handler.util.dto;
/**
* This class represents the data that are required to register
* the oauth application.
*/
public class RegistrationProfile {
public String callbackUrl;
public String clientName;
public String tokenScope;
public String owner;
public String grantType;
public String applicationType;
private static final String TAG = RegistrationProfile.class.getSimpleName();
public String getCallbackUrl() {
return callbackUrl;
}
public void setCallbackUrl(String callBackUrl) {
this.callbackUrl = callBackUrl;
}
public String getClientName() {
return clientName;
}
public void setClientName(String clientName) {
this.clientName = clientName;
}
public String getTokenScope() {
return tokenScope;
}
public void setTokenScope(String tokenScope) {
this.tokenScope = tokenScope;
}
public String getOwner() {
return owner;
}
public void setOwner(String owner) {
this.owner = owner;
}
public String getGrantType() {
return grantType;
}
public void setGrantType(String grantType) {
this.grantType = grantType;
}
public String getApplicationType() {
return applicationType;
}
public void setApplicationType(String applicationType) {
this.applicationType = applicationType;
}
}

@ -58,7 +58,7 @@ class Constants {
};
this.userConstants = {
LOGIN_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/login',
LOGIN_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/publisher/login',
LOGOUT_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/logout',
REFRESH_TOKEN_URL: "",
WSO2_USER: 'wso2_user',

@ -20,7 +20,7 @@ import PropTypes from 'prop-types';
import React, {Component} from 'react';
import Axios from 'axios';
const imageLocation = "/images/";
const imageLocation = "/publisher/images/";
class Logo extends Component {

@ -63,7 +63,6 @@ class Base extends Component {
}
render() {
console.log('came to base ../////');
if (this.state.user !== null) {
return (
<div>
@ -107,7 +106,6 @@ class Store extends Component {
}
render() {
console.log('came to store');
return (
<div className="App">
<Router basename="store" history={history}>

@ -59,10 +59,7 @@ class AuthHandler {
);
return login_promise;
};
static loginAsAnonymous(){
}
/**
* Persists the user object in browser's local storage.

@ -51,7 +51,7 @@ class Constants {
};
this.userConstants = {
LOGIN_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/login',
LOGIN_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/store/login',
LOGOUT_URL: httpBaseUrl + '/auth/application-mgt/v1.0/auth/logout',
REFRESH_TOKEN_URL: "",
WSO2_USER: 'wso2_user',

@ -209,15 +209,11 @@ class ApplicationListing extends Component {
}
handleButtonClick() {
console.log("Application Listing");
this.props.history.push("apps/edit/fdsfdsf343");
}
remove(imageId) {
let tmp = this.state.image;
console.log(imageId);
let rem = tmp.filter((image) => {
return image.id !== imageId
@ -238,7 +234,6 @@ class ApplicationListing extends Component {
}
render() {
console.log('render app listing');
return (
<div id="application-list" style={this.state.appListStyle}>
<Row>

Loading…
Cancel
Save