diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java index 94c6f7e87c..6341dc7a22 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/IntegrationClientServiceImpl.java @@ -22,22 +22,35 @@ import feign.RequestInterceptor; import org.wso2.carbon.apimgt.integration.client.publisher.PublisherClient; import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.apimgt.integration.client.store.StoreClient; -import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo; - -import java.util.HashMap; -import java.util.Map; public class IntegrationClientServiceImpl implements IntegrationClientService { - private static StoreClient storeClient; - private static PublisherClient publisherClient; - private static Map tenantUserTokenMap = new HashMap<>(); + private static IntegrationClientServiceImpl instance; + private StoreClient storeClient; + private PublisherClient publisherClient; + private OAuthRequestInterceptor oAuthRequestInterceptor; - public IntegrationClientServiceImpl() { - RequestInterceptor oAuthRequestInterceptor = new OAuthRequestInterceptor(); + private IntegrationClientServiceImpl() { + oAuthRequestInterceptor = new OAuthRequestInterceptor(); storeClient = new StoreClient(oAuthRequestInterceptor); publisherClient = new PublisherClient(oAuthRequestInterceptor); } + + public static IntegrationClientServiceImpl getInstance() { + if (instance == null) { + synchronized (IntegrationClientService.class) { + if (instance == null) { + instance = new IntegrationClientServiceImpl(); + } + } + } + return instance; + } + + public void resetUserInfo(String userName, String tenantDomain) { + oAuthRequestInterceptor.removeToken(userName, tenantDomain); + } + @Override public StoreClient getStoreClient() { return storeClient; @@ -47,8 +60,4 @@ public class IntegrationClientServiceImpl implements IntegrationClientService { public PublisherClient getPublisherClient() { return publisherClient; } - - public static Map getTenantUserTokenMap() { - return tenantUserTokenMap; - } } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java index b78f258c27..b4bc910686 100755 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java @@ -40,6 +40,7 @@ import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientExceptio import java.util.HashMap; import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; /** * This is a request interceptor to add oauth token header. @@ -55,6 +56,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final long DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS = 100000; private DCRClient dcrClient; private static OAuthApplication oAuthApplication; + private static Map tenantUserTokenMap = new ConcurrentHashMap<>(); private static final Log log = LogFactory.getLog(OAuthRequestInterceptor.class); /** @@ -88,7 +90,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { username = username + "@" + tenantDomain; } - AccessTokenInfo tenantBasedAccessTokenInfo = IntegrationClientServiceImpl.getTenantUserTokenMap().get(username); + AccessTokenInfo tenantBasedAccessTokenInfo = tenantUserTokenMap.get(username); if ((tenantBasedAccessTokenInfo == null || ((System.currentTimeMillis() + DEFAULT_REFRESH_TIME_OFFSET_IN_MILLIS) > tenantBasedAccessTokenInfo.getExpiresIn()))) { @@ -96,8 +98,8 @@ public class OAuthRequestInterceptor implements RequestInterceptor { JWTClient jwtClient = APIIntegrationClientDataHolder.getInstance().getJwtClientManagerService() .getJWTClient(); tenantBasedAccessTokenInfo = jwtClient.getAccessToken(oAuthApplication.getClientId(), - oAuthApplication.getClientSecret(), username, - REQUIRED_SCOPE); + oAuthApplication.getClientSecret(), username, + REQUIRED_SCOPE); tenantBasedAccessTokenInfo.setExpiresIn( System.currentTimeMillis() + (tenantBasedAccessTokenInfo.getExpiresIn() * 1000)); if (tenantBasedAccessTokenInfo.getScopes() == null) { @@ -105,7 +107,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { } if (tenantBasedAccessTokenInfo.getScopes().contains(APIM_SUBSCRIBE_SCOPE)) { - IntegrationClientServiceImpl.getTenantUserTokenMap().put(username, tenantBasedAccessTokenInfo); + tenantUserTokenMap.put(username, tenantBasedAccessTokenInfo); } } @@ -118,4 +120,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor { } } + public void removeToken(String username, String tenantDomain) { + if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) { + username = username + "@" + tenantDomain; + } + tenantUserTokenMap.remove(username); + } + } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java index aaf178b718..4e09da489f 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/internal/APIIntegrationClientServiceComponent.java @@ -49,7 +49,7 @@ public class APIIntegrationClientServiceComponent { /* Initializing webapp publisher configuration */ APIMConfigReader.init(); BundleContext bundleContext = componentContext.getBundleContext(); - bundleContext.registerService(IntegrationClientService.class.getName(), new IntegrationClientServiceImpl(), null); + bundleContext.registerService(IntegrationClientService.class.getName(), IntegrationClientServiceImpl.getInstance(), null); if (log.isDebugEnabled()) { log.debug("apimgt client bundle has been successfully initialized"); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java index 0ac7e4616f..a98571ef4f 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/service/IntegrationClientService.java @@ -26,6 +26,9 @@ import org.wso2.carbon.apimgt.integration.client.store.StoreClient; */ public interface IntegrationClientService { + + void resetUserInfo(String username, String tenantDomain); + /** * * @return API Store Client. diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml index dae46760f6..c7af113051 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml @@ -177,6 +177,11 @@ org.wso2.carbon.device.mgt.extensions provided + + org.wso2.carbon.devicemgt + org.wso2.carbon.apimgt.integration.client + provided + org.wso2.carbon.devicemgt org.wso2.carbon.device.mgt.core diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java index a44444aa3d..d326802c2a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/CredentialManagementResponseBuilder.java @@ -20,8 +20,6 @@ package org.wso2.carbon.device.mgt.jaxrs.util; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.apimgt.integration.client.IntegrationClientServiceImpl; -import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; @@ -56,7 +54,7 @@ public class CredentialManagementResponseBuilder { RequestValidationUtil.validateCredentials(credentials); if (!validateCredential(credentials.getNewPassword())) { String errorMsg = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration() - .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG); + .getUserStoreProperty(PASSWORD_VALIDATION_ERROR_MSG_TAG); return Response.status(Response.Status.BAD_REQUEST).entity( new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); } @@ -66,9 +64,8 @@ public class CredentialManagementResponseBuilder { username = CarbonContext.getThreadLocalCarbonContext().getUsername(); userStoreManager.updateCredential(username, credentials.getNewPassword(), credentials.getOldPassword()); - IntegrationClientServiceImpl integrationClientService = (IntegrationClientServiceImpl) PrivilegedCarbonContext. - getThreadLocalCarbonContext().getOSGiService(IntegrationClientService.class, null); - integrationClientService.getTenantUserTokenMap().remove(username); + DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username, + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()); return Response.status(Response.Status.OK).entity("UserImpl password by username: " + username + " was successfully changed.").build(); } catch (UserStoreException e) { @@ -111,6 +108,8 @@ public class CredentialManagementResponseBuilder { new ErrorResponse.ErrorResponseBuilder().setMessage(errorMsg).build()).build(); } userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword()); + DeviceMgtAPIUtils.getIntegrationClientService().resetUserInfo(username, + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()); return Response.status(Response.Status.OK).entity("UserImpl password by username: " + username + " was successfully changed.").build(); } catch (UserStoreException e) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java index 8b12b4a285..7ff6953a1d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java @@ -29,6 +29,7 @@ import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.analytics.stream.persistence.stub.EventStreamPersistenceAdminServiceStub; +import org.wso2.carbon.apimgt.integration.client.service.IntegrationClientService; import org.wso2.carbon.base.ServerConfiguration; import org.wso2.carbon.analytics.api.AnalyticsDataAPI; import org.wso2.carbon.context.CarbonContext; @@ -128,6 +129,8 @@ public class DeviceMgtAPIUtils { private static KeyStore trustStore; private static char[] keyStorePassword; + private static IntegrationClientService integrationClientService; + static { String keyStorePassword = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password"); String trustStorePassword = ServerConfiguration.getInstance().getFirstProperty( @@ -297,6 +300,23 @@ public class DeviceMgtAPIUtils { return realmService; } + public static IntegrationClientService getIntegrationClientService() { + if (integrationClientService == null) { + synchronized (DeviceMgtAPIUtils.class) { + if (integrationClientService == null) { + PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); + integrationClientService = (IntegrationClientService) ctx.getOSGiService(IntegrationClientService.class, null); + if (integrationClientService == null) { + String msg = "IntegrationClientService is not initialized"; + log.error(msg); + throw new IllegalStateException(msg); + } + } + } + } + return integrationClientService; + } + public static RegistryService getRegistryService() { RegistryService registryService; PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext(); @@ -459,7 +479,7 @@ public class DeviceMgtAPIUtils { return realmService.getTenantManager().getTenantId(tenantDomain); } catch (UserStoreException e) { throw new DeviceManagementException("Error occured while trying to " + - "obtain tenant id of currently logged in user"); + "obtain tenant id of currently logged in user"); } } @@ -513,8 +533,8 @@ public class DeviceMgtAPIUtils { streamOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); streamOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventStreamAdminServiceStub._getServiceClient().setOptions(streamOptions); return eventStreamAdminServiceStub; } @@ -544,8 +564,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); receiverAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return receiverAdminServiceStub; @@ -576,8 +596,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventPublisherAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return eventPublisherAdminServiceStub; } @@ -608,8 +628,8 @@ public class DeviceMgtAPIUtils { eventReciverOptions.setProperty(HTTPConstants.HTTP_HEADERS, list); eventReciverOptions.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER , new Protocol(DEFAULT_HTTP_PROTOCOL - , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) - , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); + , (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslContext) + , Integer.parseInt(Utils.replaceSystemProperty(DAS_PORT)))); eventStreamPersistenceAdminServiceStub._getServiceClient().setOptions(eventReciverOptions); return eventStreamPersistenceAdminServiceStub; @@ -617,6 +637,7 @@ public class DeviceMgtAPIUtils { /** * This method is used to create the Cache that holds the event definition of the device type.. + * * @return Cachemanager */ public static synchronized Cache getDynamicEventCache() { @@ -669,7 +690,7 @@ public class DeviceMgtAPIUtils { * Initializes the SSL Context */ private static void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException, - KeyStoreException, KeyManagementException { + KeyStoreException, KeyManagementException { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE); keyManagerFactory.init(keyStore, keyStorePassword); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);