diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/LicenseConfiguration.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/LicenseConfiguration.java index 01c461d3188..0736ac582cf 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/LicenseConfiguration.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/LicenseConfiguration.java @@ -8,59 +8,60 @@ public class LicenseConfiguration { @Inject Logger log; - private String apiKey; - private String productCode; - private String sharedKey; private String hardwareId; private String licenseKey; - + private String scanApiHostname; + private String scanAuthServerHostname; + private String scanApiClientId; + private String scanApiClientSecret; public LicenseConfiguration() { } - public LicenseConfiguration(String apiKey, String productCode, String sharedKey) { - this.apiKey = apiKey; - this.productCode = productCode; - this.sharedKey = sharedKey; + public String getHardwareId() { + return hardwareId; } - public String getApiKey() { - return apiKey; + public void setHardwareId(String hardwareId) { + this.hardwareId = hardwareId; } - public void setApiKey(String apiKey) { - this.apiKey = apiKey; + public String getLicenseKey() { + return licenseKey; } - public String getProductCode() { - return productCode; + public void setLicenseKey(String licenseKey) { + this.licenseKey = licenseKey; } - public void setProductCode(String productCode) { - this.productCode = productCode; + public String getScanApiHostname() { + return scanApiHostname; } - public String getSharedKey() { - return sharedKey; + public void setScanApiHostname(String scanApiHostname) { + this.scanApiHostname = scanApiHostname; } - public void setSharedKey(String sharedKey) { - this.sharedKey = sharedKey; + public String getScanApiClientId() { + return scanApiClientId; } - public String getHardwareId() { - return hardwareId; + public void setScanApiClientId(String scanApiClientId) { + this.scanApiClientId = scanApiClientId; } - public void setHardwareId(String hardwareId) { - this.hardwareId = hardwareId; + public String getScanApiClientSecret() { + return scanApiClientSecret; } - public String getLicenseKey() { - return licenseKey; + public void setScanApiClientSecret(String scanApiClientSecret) { + this.scanApiClientSecret = scanApiClientSecret; } - public void setLicenseKey(String licenseKey) { - this.licenseKey = licenseKey; + public String getScanAuthServerHostname() { + return scanAuthServerHostname; } + public void setScanAuthServerHostname(String scanAuthServerHostname) { + this.scanAuthServerHostname = scanAuthServerHostname; + } } \ No newline at end of file diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/license/LicenseResource.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/license/LicenseResource.java index 332369d1297..125eb915e1a 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/license/LicenseResource.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/license/LicenseResource.java @@ -63,6 +63,7 @@ public Response isActive() { licenseResponse = licenseDetailsService.checkLicense(); log.info("Active license present (true/false): {}", licenseResponse.isApiResult()); return Response.ok(licenseResponse).build(); + } catch (Exception e) { log.error(ErrorResponse.CHECK_LICENSE_ERROR.getDescription(), e); return Response.serverError().entity(licenseResponse).build(); @@ -89,6 +90,7 @@ public Response activateLicense(@Valid @NotNull LicenseRequest licenseRequest) { licenseResponse = licenseDetailsService.activateLicense(licenseRequest); log.info("License activated (true/false): {}", licenseResponse.isApiResult()); return Response.ok(licenseResponse).build(); + } catch (Exception e) { log.error(ErrorResponse.ACTIVATE_LICENSE_ERROR.getDescription(), e); return Response.serverError().entity(licenseResponse).build(); diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/config/AUIConfigurationService.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/config/AUIConfigurationService.java index d0ae88a574b..1d161e2d7e1 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/config/AUIConfigurationService.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/config/AUIConfigurationService.java @@ -90,18 +90,6 @@ public AUIConfiguration getAUIConfiguration(String appType) throws Exception { appConfigurationMap.put(appType, auiConfiguration); } } - //check if LicenseConfiguration contains valid values in every request - logger.info("Checking if LicenseConfiguration present."); - if (!appType.equals(AppConstants.APPLICATION_KEY_ADS)) { - LicenseConfiguration lc = appConfigurationMap.get(appType).getLicenseConfiguration(); - if (lc == null || Strings.isNullOrEmpty(lc.getApiKey())) { - logger.info("Trying to add properties to LicenseConfiguration."); - AdminConf appConf = entryManager.find(AdminConf.class, AppConstants.ADMIN_UI_CONFIG_DN); - auiConfiguration = appConfigurationMap.get(appType); - auiConfiguration.setLicenseConfiguration(addPropertiesToLicenseConfiguration(appConf)); - appConfigurationMap.put(appType, auiConfiguration); - } - } return appConfigurationMap.get(appType); } catch (Exception e) { logger.error(ErrorResponse.ERROR_READING_CONFIG.getDescription()); @@ -148,37 +136,32 @@ private LicenseConfiguration addPropertiesToLicenseConfiguration(AdminConf appCo if (licenseConfig != null) { - LicenseSpringCredentials licenseSpringCredentials = requestLicenseCredentialsFromScan(licenseConfig); - licenseConfiguration.setApiKey(licenseSpringCredentials.getApiKey()); - licenseConfiguration.setProductCode(licenseSpringCredentials.getProductCode()); - licenseConfiguration.setSharedKey(licenseSpringCredentials.getSharedKey()); + validateLicenseClientOnAuthServer(licenseConfig); licenseConfiguration.setHardwareId(licenseConfig.getLicenseHardwareKey()); licenseConfiguration.setLicenseKey(licenseConfig.getLicenseKey()); + licenseConfiguration.setScanApiHostname(licenseConfig.getScanLicenseApiHostname()); + licenseConfiguration.setScanAuthServerHostname(licenseConfig.getOidcClient().getOpHost()); + licenseConfiguration.setScanApiClientId(licenseConfig.getOidcClient().getClientId()); + licenseConfiguration.setScanApiClientSecret(licenseConfig.getOidcClient().getClientSecret()); } return licenseConfiguration; } catch (Exception e) { - logger.error(ErrorResponse.LICENSE_SPRING_CREDENTIALS_ERROR.getDescription()); + logger.error(ErrorResponse.ERROR_IN_LICENSE_CONFIGURATION_VALIDATION.getDescription()); } return null; } - /** - * It's a function that makes a call to a REST API endpoint to get a token, then uses that token to make another call - * to a different REST API endpoint to get some license credentials - * - * @param licenseConfig This is the object that contains the configuration parameters for the license. - */ - private LicenseSpringCredentials requestLicenseCredentialsFromScan(LicenseConfig licenseConfig) throws Exception { + private void validateLicenseClientOnAuthServer(LicenseConfig licenseConfig) throws Exception { try { logger.info("Inside method to request license credentials from SCAN api."); - io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfig); + io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfig.getOidcClient().getOpHost(), licenseConfig.getOidcClient().getClientId(), licenseConfig.getOidcClient().getClientSecret()); if (tokenResponse == null) { //try to re-generate clients using old SSA DCRResponse dcrResponse = executeDCR(licenseConfig.getSsa()); if (dcrResponse == null) { throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_DCR.getDescription()); } - tokenResponse = generateToken(licenseConfig); + tokenResponse = generateToken(licenseConfig.getOidcClient().getOpHost(), licenseConfig.getOidcClient().getClientId(), licenseConfig.getOidcClient().getClientSecret()); if (tokenResponse == null) { throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); @@ -190,63 +173,23 @@ private LicenseSpringCredentials requestLicenseCredentialsFromScan(LicenseConfig lc.setOidcClient(oidcClient); appConf.getMainSettings().setLicenseConfig(lc); entryManager.merge(appConf); - licenseConfig = lc; - } - // create request header - MultivaluedMap headers = new MultivaluedHashMap<>(); - headers.putSingle("Content-Type", "application/json"); - headers.putSingle("Authorization", "Bearer " + tokenResponse.getAccessToken()); - - logger.info("Trying to get license credentials from SCAN api."); - String licenseCredentailsUrl = (new StringBuffer()).append(licenseConfig.getScanLicenseApiHostname()) - .append("/scan/license/credentials").toString(); - - Invocation.Builder request = ClientFactory.instance().getClientBuilder(licenseCredentailsUrl); - request.headers(headers); - - Map body = new HashMap<>(); - body.put("pubKey", licenseConfig.getCredentialsEncryptionKey().getPublicKey()); - - Response response = request.post(Entity.entity(body, MediaType.APPLICATION_JSON)); - logger.info(" license credentials from scan request status code: {}", response.getStatus()); - if (response.getStatus() == 200) { - JsonObject entity = response.readEntity(JsonObject.class); - if (!Strings.isNullOrEmpty(entity.getString("apiKey"))) { - //get license spring credentials - LicenseSpringCredentials licenseSpringCredentials = new LicenseSpringCredentials(); - licenseSpringCredentials.setHardwareId(licenseConfig.getLicenseHardwareKey()); - - String privateKey = (new String(Base64.getDecoder().decode(licenseConfig.getCredentialsEncryptionKey().getPrivateKey()))) - .replace("-----BEGIN PRIVATE KEY-----", "") - .replaceAll(System.lineSeparator(), "") - .replace("-----END PRIVATE KEY-----", ""); - licenseSpringCredentials.setApiKey(CommonUtils.decode(entity.getString("apiKey"), privateKey)); - licenseSpringCredentials.setProductCode(CommonUtils.decode(entity.getString("productCode"), privateKey)); - licenseSpringCredentials.setSharedKey(CommonUtils.decode(entity.getString("sharedKey"), privateKey)); - - return licenseSpringCredentials; - } } - String errorResponse = response.readEntity(String.class); - logger.error("license Activation error response: {}, code: {}", errorResponse, response.getStatus()); - throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.LICENSE_SPRING_CREDENTIALS_ERROR.getDescription()); } catch (Exception e) { - logger.error(ErrorResponse.LICENSE_SPRING_CREDENTIALS_ERROR.getDescription()); - throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.LICENSE_SPRING_CREDENTIALS_ERROR.getDescription()); + logger.error(ErrorResponse.ERROR_IN_LICENSE_CONFIGURATION_VALIDATION.getDescription()); + throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_LICENSE_CONFIGURATION_VALIDATION.getDescription()); } } - private io.jans.as.client.TokenResponse generateToken(LicenseConfig licenseConfig) { + private io.jans.as.client.TokenResponse generateToken(String opHost, String clientId, String clientSecret) { try { TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS); - tokenRequest.setAuthUsername(licenseConfig.getOidcClient().getClientId()); - tokenRequest.setAuthPassword(licenseConfig.getOidcClient().getClientSecret()); + tokenRequest.setAuthUsername(clientId); + tokenRequest.setAuthPassword(clientSecret); tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS); tokenRequest.setScope(LicenseResource.SCOPE_LICENSE_READ); - logger.info("licenseConfig.toString(): " + licenseConfig.toString()); - logger.info("Trying to get access token from auth server."); - String scanLicenseApiHostname = (new StringBuffer()).append(StringUtils.removeEnd(licenseConfig.getOidcClient().getOpHost(), "/")) + logger.info("Trying to get access token from auth server: {}", opHost); + String scanLicenseApiHostname = (new StringBuffer()).append(StringUtils.removeEnd(opHost, "/")) .append("/jans-auth/restv1/token").toString(); io.jans.as.client.TokenResponse tokenResponse = null; tokenResponse = getToken(tokenRequest, scanLicenseApiHostname); diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/license/LicenseDetailsService.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/license/LicenseDetailsService.java index 9de5013db22..25bdba99903 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/license/LicenseDetailsService.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/license/LicenseDetailsService.java @@ -1,5 +1,7 @@ package io.jans.ca.plugin.adminui.service.license; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.base.Strings; import io.jans.as.client.TokenRequest; import io.jans.as.model.common.GrantType; @@ -60,7 +62,7 @@ public LicenseApiResponse validateLicenseConfiguration() { AdminConf appConf = entryManager.find(AdminConf.class, AppConstants.ADMIN_UI_CONFIG_DN); LicenseConfig licenseConfig = appConf.getMainSettings().getLicenseConfig(); - io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfig); + io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfig.getOidcClient().getOpHost(), licenseConfig.getOidcClient().getClientId(), licenseConfig.getOidcClient().getClientSecret()); if (tokenResponse == null || Strings.isNullOrEmpty(tokenResponse.getAccessToken())) { //try to re-generate clients using old SSA @@ -68,7 +70,7 @@ public LicenseApiResponse validateLicenseConfiguration() { if (dcrResponse == null) { return createLicenseResponse(false, 500, ErrorResponse.ERROR_IN_DCR.getDescription()); } - tokenResponse = generateToken(licenseConfig); + tokenResponse = generateToken(licenseConfig.getOidcClient().getOpHost(), licenseConfig.getOidcClient().getClientId(), licenseConfig.getOidcClient().getClientSecret()); if (tokenResponse == null) { return createLicenseResponse(false, 500, ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); @@ -77,60 +79,62 @@ public LicenseApiResponse validateLicenseConfiguration() { return createLicenseResponse(true, 200, "No error in license configuration."); } - private io.jans.as.client.TokenResponse generateToken(LicenseConfig licenseConfig) { - try { - TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS); - tokenRequest.setAuthUsername(licenseConfig.getOidcClient().getClientId()); - tokenRequest.setAuthPassword(licenseConfig.getOidcClient().getClientSecret()); - tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS); - tokenRequest.setScope(LicenseResource.SCOPE_LICENSE_READ); - - log.info("Trying to get access token from auth server."); - String scanLicenseApiHostname = (new StringBuffer()).append(StringUtils.removeEnd(licenseConfig.getOidcClient().getOpHost(), "/")) - .append("/jans-auth/restv1/token").toString(); - io.jans.as.client.TokenResponse tokenResponse = null; - tokenResponse = getToken(tokenRequest, scanLicenseApiHostname); - return tokenResponse; - } catch (Exception e) { - log.error(ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); - return null; - } - } - public LicenseApiResponse checkLicense() { try { AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(); LicenseConfiguration licenseConfiguration = auiConfiguration.getLicenseConfiguration(); - if (licenseConfiguration == null || Strings.isNullOrEmpty(licenseConfiguration.getApiKey())) { - log.info("License api-keys not present "); - return createLicenseResponse(false, 500, "License api-keys not present."); + if (licenseConfiguration == null || Strings.isNullOrEmpty(licenseConfiguration.getHardwareId())) { + log.info("License configuration is not present."); + return createLicenseResponse(false, 500, "License configuration is not present."); + } + if (Strings.isNullOrEmpty(licenseConfiguration.getScanApiHostname())) { + log.info("SCAN api hostname is missing in configuration."); + return createLicenseResponse(false, 500, "SCAN api hostname is missing in configuration."); } if (Strings.isNullOrEmpty(licenseConfiguration.getLicenseKey())) { - log.info("Active license for admin-ui not present "); + log.info("Active license not present."); return createLicenseResponse(false, 500, "Active license not present."); } + //check license-key - String checkLicenseUrl = (new StringBuffer()).append(AppConstants.LICENSE_SPRING_API_URL) - .append("check_license?license_key=") - .append(licenseConfiguration.getLicenseKey()) - .append("&product=") - .append(licenseConfiguration.getProductCode()) - .append("&hardware_id=") - .append(licenseConfiguration.getHardwareId()).toString(); - - MultivaluedMap headers = createHeaderMap(licenseConfiguration); + String checkLicenseUrl = (new StringBuffer()).append(StringUtils.removeEnd(licenseConfiguration.getScanApiHostname(), "/")) + .append("/scan/license/isActive") + .toString(); + + io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfiguration.getScanAuthServerHostname(), licenseConfiguration.getScanApiClientId(), licenseConfiguration.getScanApiClientSecret()); + if (tokenResponse == null) { + log.info(ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + return createLicenseResponse(false, 500, ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + } + Map headers = new HashMap<>(); + headers.put("Authorization", "Bearer " + tokenResponse.getAccessToken()); + headers.put("Content-Type", "application/json"); + + Map body = new HashMap<>(); + body.put("licenseKey", licenseConfiguration.getLicenseKey()); + body.put("hardwareId", licenseConfiguration.getHardwareId()); + Invocation.Builder request = ClientFactory.instance().getClientBuilder(checkLicenseUrl); - request.headers(headers); - Response response = request.get(); + request.header("Authorization", "Bearer " + tokenResponse.getAccessToken()); + request.header("Content-Type", "application/json"); + Response response = request.post(Entity.entity(body, MediaType.APPLICATION_JSON)); - log.info("license Credentials request status code: {}", response.getStatus()); + log.info("license request status code: {}", response.getStatus()); if (response.getStatus() == 200) { JsonObject entity = response.readEntity(JsonObject.class); if (entity.getBoolean("license_active") && !entity.getBoolean("is_expired")) { return createLicenseResponse(true, 200, "Valid license present."); } } - log.error("license Credentials error response: {}", response.readEntity(String.class)); + //getting error + String jsonData = response.readEntity(String.class); + ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); + JsonNode jsonNode= mapper.readValue(jsonData, com.fasterxml.jackson.databind.JsonNode.class); + if (!Strings.isNullOrEmpty(jsonNode.get("message").textValue())) { + log.error("license isActive error response: {}", jsonData); + return createLicenseResponse(false, jsonNode.get("status").intValue(), jsonNode.get("message").textValue()); + } + log.error("license isActive error response: {}", jsonData); return createLicenseResponse(false, 500, "Active license not present."); } catch (Exception e) { @@ -155,25 +159,31 @@ public LicenseApiResponse activateLicense(LicenseRequest licenseRequest) { try { AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration(); LicenseConfiguration licenseConfiguration = auiConfiguration.getLicenseConfiguration(); - if (licenseConfiguration == null || Strings.isNullOrEmpty(licenseConfiguration.getApiKey()) || Strings.isNullOrEmpty(licenseConfiguration.getSharedKey())) { - log.error("Unable to get license credentials from SCAN apis. Please contact your administrator."); - return createLicenseResponse(false, 500, "Unable to get license credentials from SCAN apis. Please contact your administrator."); - } + log.debug("Trying to activate License."); - String activateLicenseUrl = (new StringBuffer()).append(AppConstants.LICENSE_SPRING_API_URL) - .append("activate_license").toString(); + String activateLicenseUrl = (new StringBuffer()).append(StringUtils.removeEnd(licenseConfiguration.getScanApiHostname(), "/")) + .append("/scan/license/activate") + .toString(); - MultivaluedMap headers = createHeaderMap(licenseConfiguration); - Invocation.Builder request = ClientFactory.instance().getClientBuilder(activateLicenseUrl); - request.headers(headers); + io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfiguration.getScanAuthServerHostname(), licenseConfiguration.getScanApiClientId(), licenseConfiguration.getScanApiClientSecret()); + if (tokenResponse == null) { + log.info(ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + return createLicenseResponse(false, 500, ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + } + + Map headers = new HashMap<>(); + headers.put("Authorization", "Bearer " + tokenResponse.getAccessToken()); + headers.put("Content-Type", "application/json"); Map body = new HashMap<>(); - body.put("license_key", licenseRequest.getLicenseKey()); - body.put("hardware_id", licenseConfiguration.getHardwareId()); - body.put("product", licenseConfiguration.getProductCode()); + body.put("licenseKey", licenseRequest.getLicenseKey()); + body.put("hardwareId", licenseConfiguration.getHardwareId()); + + Invocation.Builder request = ClientFactory.instance().getClientBuilder(activateLicenseUrl); + request.header("Authorization", "Bearer " + tokenResponse.getAccessToken()); + request.header("Content-Type", "application/json"); + Response response = request.post(Entity.entity(body, MediaType.APPLICATION_JSON)); - Response response = request - .post(Entity.entity(body, MediaType.APPLICATION_JSON)); log.info("license Activation request status code: {}", response.getStatus()); if (response.getStatus() == 200) { JsonObject entity = response.readEntity(JsonObject.class); @@ -190,7 +200,15 @@ public LicenseApiResponse activateLicense(LicenseRequest licenseRequest) { return createLicenseResponse(true, 200, "License have been activated."); } } - log.error("license Activation error response: {}", response.readEntity(String.class)); + //getting error + String jsonData = response.readEntity(String.class); + ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); + JsonNode jsonNode= mapper.readValue(jsonData, com.fasterxml.jackson.databind.JsonNode.class); + if (!Strings.isNullOrEmpty(jsonNode.get("message").textValue())) { + log.error("license Activation error response: {}", jsonData); + return createLicenseResponse(false, jsonNode.get("status").intValue(), jsonNode.get("message").textValue()); + } + log.error("license Activation error response: {}", jsonData); return createLicenseResponse(false, response.getStatus(), "License is not activated."); } catch (Exception e) { log.error(ErrorResponse.ACTIVATE_LICENSE_ERROR.getDescription(), e); @@ -210,19 +228,27 @@ public LicenseResponse getLicenseDetails() { LicenseConfiguration licenseConfiguration = auiConfiguration.getLicenseConfiguration(); //check license-key - String checkLicenseUrl = (new StringBuffer()).append(AppConstants.LICENSE_SPRING_API_URL) - .append("check_license?license_key=") - .append(licenseConfiguration.getLicenseKey()) - .append("&product=") - .append(licenseConfiguration.getProductCode()) - .append("&hardware_id=") - .append(licenseConfiguration.getHardwareId()).toString(); - - MultivaluedMap headers = createHeaderMap(licenseConfiguration); - Invocation.Builder request = ClientFactory.instance().getClientBuilder(checkLicenseUrl); - request.headers(headers); + String checkLicenseUrl = (new StringBuffer()).append(StringUtils.removeEnd(licenseConfiguration.getScanApiHostname(), "/")) + .append("/scan/license/isActive") + .toString(); - Response response = request.get(); + io.jans.as.client.TokenResponse tokenResponse = generateToken(licenseConfiguration.getScanAuthServerHostname(), licenseConfiguration.getScanApiClientId(), licenseConfiguration.getScanApiClientSecret()); + if (tokenResponse == null) { + log.info(ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + return licenseResponse; + } + Map headers = new HashMap<>(); + headers.put("Authorization", "Bearer " + tokenResponse.getAccessToken()); + headers.put("Content-Type", "application/json"); + + Map body = new HashMap<>(); + body.put("licenseKey", licenseConfiguration.getLicenseKey()); + body.put("hardwareId", licenseConfiguration.getHardwareId()); + + Invocation.Builder request = ClientFactory.instance().getClientBuilder(checkLicenseUrl); + request.header("Authorization", "Bearer " + tokenResponse.getAccessToken()); + request.header("Content-Type", "application/json"); + Response response = request.post(Entity.entity(body, MediaType.APPLICATION_JSON)); log.info("license details request status code: {}", response.getStatus()); if (response.getStatus() == 200) { @@ -256,37 +282,6 @@ public LicenseResponse getLicenseDetails() { } - private MultivaluedMap createHeaderMap(LicenseConfiguration licenseConfiguration) { - String formattedDate = CommonUtils.getFormattedDate(); - String signing_string = "licenseSpring\ndate: " + formattedDate; - try { - Mac sha256_HMAC = Mac.getInstance("HmacSHA256"); - - SecretKeySpec secret_key = new SecretKeySpec(licenseConfiguration.getSharedKey().getBytes(StandardCharsets.UTF_8), "HmacSHA256"); - sha256_HMAC.init(secret_key); - String signature = Base64.getEncoder().encodeToString(sha256_HMAC.doFinal(signing_string.getBytes(StandardCharsets.UTF_8))); - log.debug("header signature for license api: {}", signature); - log.debug("header signature date for license api: {}", formattedDate); - MultivaluedMap headers = new MultivaluedHashMap<>(); - headers.putSingle("Content-Type", "application/json"); - headers.putSingle("Date", formattedDate); - headers.putSingle("Authorization", "algorithm=\"hmac-sha256\",headers=\"date\",signature=\"" + signature + "\",apiKey=\"" + licenseConfiguration.getApiKey() + "\""); - return headers; - } catch (NoSuchAlgorithmException | InvalidKeyException e) { - log.error("Error in generating authorization header", e); - return null; - } - - } - - private LicenseApiResponse createLicenseResponse(boolean result, int responseCode, String responseMessage) { - LicenseApiResponse licenseResponse = new LicenseApiResponse(); - licenseResponse.setResponseCode(responseCode); - licenseResponse.setResponseMessage(responseMessage); - licenseResponse.setApiResult(result); - return licenseResponse; - } - /** * The function takes an SSA string as input, calls the DCR API to get the scan hostname and OIDC client settings, and * saves the SSA string and the scan hostname and OIDC client settings in the Admin UI configuration @@ -316,4 +311,32 @@ public LicenseApiResponse postSSA(SSARequest ssaRequest) { return createLicenseResponse(false, 500, ErrorResponse.ERROR_IN_DCR.getDescription()); } } + + private io.jans.as.client.TokenResponse generateToken(String opHost, String clientId, String clientSecret) { + try { + TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS); + tokenRequest.setAuthUsername(clientId); + tokenRequest.setAuthPassword(clientSecret); + tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS); + tokenRequest.setScope(LicenseResource.SCOPE_LICENSE_READ); + + log.info("Trying to get access token from auth server."); + String scanLicenseApiHostname = (new StringBuffer()).append(StringUtils.removeEnd(opHost, "/")) + .append("/jans-auth/restv1/token").toString(); + io.jans.as.client.TokenResponse tokenResponse = null; + tokenResponse = getToken(tokenRequest, scanLicenseApiHostname); + return tokenResponse; + } catch (Exception e) { + log.error(ErrorResponse.TOKEN_GENERATION_ERROR.getDescription()); + return null; + } + } + + private LicenseApiResponse createLicenseResponse(boolean result, int responseCode, String responseMessage) { + LicenseApiResponse licenseResponse = new LicenseApiResponse(); + licenseResponse.setResponseCode(responseCode); + licenseResponse.setResponseMessage(responseMessage); + licenseResponse.setApiResult(result); + return licenseResponse; + } } \ No newline at end of file diff --git a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/utils/ErrorResponse.java b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/utils/ErrorResponse.java index f1f1f735141..ecfed83b7fb 100644 --- a/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/utils/ErrorResponse.java +++ b/jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/utils/ErrorResponse.java @@ -7,10 +7,10 @@ public enum ErrorResponse { AUTHORIZATION_CODE_BLANK("Bad Request: Authourization `code` blank or empty."), USER_INFO_JWT_BLANK("User-Info jwt is blank or empty. Generating token with default scopes."), CODE_OR_TOKEN_REQUIRED("Bad Request: Either `code` or `access_token` is required."), - CHECK_LICENSE_ERROR("Error in checking license status."), - LICENSE_SPRING_CREDENTIALS_ERROR("Error in fetching license spring credentials from SCAN Api."), - ACTIVATE_LICENSE_ERROR("Error in activating License."), - GET_LICENSE_DETAILS_ERROR("Error in fetching license details."), + CHECK_LICENSE_ERROR("Error in checking license status. Check logs for further details."), + ERROR_IN_LICENSE_CONFIGURATION_VALIDATION("Error in validating license configuration."), + ACTIVATE_LICENSE_ERROR("Error in activating License. Check logs for further details."), + GET_LICENSE_DETAILS_ERROR("Error in fetching license details. Check logs for further details."), AUDIT_LOGGING_ERROR("Error in audit logging"), ERROR_READING_CONFIG("Error in reading auiConfiguration"), ERROR_READING_ROLE_PERMISSION_MAP("Error in reading role-permissions mapping from Auth Server."),