diff --git a/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/NotificationSenderManagementServiceImpl.java b/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/NotificationSenderManagementServiceImpl.java index 1d4c4efea..85629b311 100644 --- a/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/NotificationSenderManagementServiceImpl.java +++ b/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/NotificationSenderManagementServiceImpl.java @@ -29,6 +29,7 @@ import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.event.publisher.core.config.EventPublisherConfiguration; import org.wso2.carbon.event.publisher.core.exception.EventPublisherConfigurationException; +import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException; import org.wso2.carbon.identity.application.common.IdentityApplicationManagementServerException; @@ -41,6 +42,7 @@ import org.wso2.carbon.identity.configuration.mgt.core.model.ResourceFile; import org.wso2.carbon.identity.configuration.mgt.core.model.ResourceTypeAdd; import org.wso2.carbon.identity.configuration.mgt.core.model.Resources; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.notification.push.provider.PushProvider; import org.wso2.carbon.identity.notification.sender.tenant.config.NotificationSenderManagementConstants.ErrorMessage; import org.wso2.carbon.identity.notification.sender.tenant.config.clustering.EventPublisherClusterInvalidationMessage; @@ -738,13 +740,46 @@ public Header rebuildAuthHeaderWithNewToken(SMSSenderDTO smsSender) throws Notif TokenManager.getInstance().getNewAccessToken(authentication); newAccessToken = authentication.getInternalProperties().get(ACCESS_TOKEN_PROP); newSmsSenderDTO.getAuthentication().addInternalProperty(ACCESS_TOKEN_PROP, newAccessToken); - updateSMSSender(newSmsSenderDTO); + updateSMSSender(newSmsSenderDTO, true); } authentication.addInternalProperty(ACCESS_TOKEN_PROP, newAccessToken); authentication.buildAuthenticationHeader(); return authentication.getAuthHeader(); } + /** + * Persist the SMS sender to the owning tenant (primary org for an inherited sender, else the current tenant). + * + * @param smsSender SMS sender to persist. + * @param inheritTenantSettings Whether to persist an inherited sender to its owning primary organization. + * @throws NotificationSenderManagementException If the update fails. + */ + private void updateSMSSender(SMSSenderDTO smsSender, boolean inheritTenantSettings) + throws NotificationSenderManagementException { + + String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); + try { + // Sub-org inheriting the sender from the primary organization- persist to that owning (root) tenant. + if (inheritTenantSettings && OrganizationManagementUtil.isOrganization(tenantDomain) + && getPublisherResource(smsSender.getName()).isEmpty()) { + int primaryTenantId = NotificationSenderUtils.getPrimaryTenantId(tenantDomain); + String primaryTenantDomain = IdentityTenantUtil.getTenantDomain(primaryTenantId); + try { + FrameworkUtils.startTenantFlow(primaryTenantDomain); + updateSMSSender(smsSender); + return; + } finally { + FrameworkUtils.endTenantFlow(); + } + } + } catch (OrganizationManagementException e) { + throw new NotificationSenderManagementServerException(ERROR_CODE_SERVER_ERRORS_GETTING_EVENT_PUBLISHER, + e.getMessage(), e); + } + // Persist to the current tenant. + updateSMSSender(smsSender); + } + @Override public Map setNotificationSenderConfigurations(String publisherType, Map configs) throws NotificationSenderManagementException { diff --git a/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/dto/Authentication.java b/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/dto/Authentication.java index dd41cffa7..5dce926ed 100644 --- a/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/dto/Authentication.java +++ b/components/notification-sender-config/org.wso2.carbon.identity.notification.sender.tenant.config/src/main/java/org/wso2/carbon/identity/notification/sender/tenant/config/dto/Authentication.java @@ -102,35 +102,44 @@ public Header buildAuthenticationHeader() { LOG.debug("Building authentication header for auth type: " + type); } + Header header; switch (type) { case BASIC: String credentials = authProperties.get(Property.USERNAME.getName()) + ":" + authProperties.get(Property.PASSWORD.getName()); byte[] encodedBytes = Base64.getEncoder().encode(credentials.getBytes(StandardCharsets.UTF_8)); - return new org.apache.http.message.BasicHeader( + header = new org.apache.http.message.BasicHeader( AUTH_HEADER, "Basic " + new String(encodedBytes, StandardCharsets.UTF_8)); + break; case CLIENT_CREDENTIAL: if (internalAuthProperties.get(ACCESS_TOKEN_PROP) == null) { - return null; + header = null; + break; } - return new BasicHeader( + header = new BasicHeader( AUTH_HEADER, "Bearer " + internalAuthProperties.get(ACCESS_TOKEN_PROP) ); + break; case BEARER: - return new BasicHeader( + header = new BasicHeader( AUTH_HEADER, "Bearer " + authProperties.get(ACCESS_TOKEN.getName()) ); + break; case API_KEY: - return new BasicHeader( + header = new BasicHeader( authProperties.get(Property.HEADER.getName()), authProperties.get(Property.VALUE.getName()) ); + break; default: - return null; + header = null; } + // Refresh the cache so a subsequent getAuthHeader() returns the freshly built header. + this.authHeader = header; + return header; } /**