From 6e9691a5b0ad115c27e85f0b617d2201fd63cb5b Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Wed, 2 Oct 2024 15:36:45 +0530 Subject: [PATCH 1/6] Updating configuration and accelerators to support APIM 4.4 and IS 7.0 --- .../accelerators/fs-apim/bin/configure.sh | 3 - .../repository/conf/financial-services.xml | 6 - .../repository/conf/financial-services.xml.j2 | 14 - .../repository/conf/configure.properties | 3 +- .../resources/wso2am-4.4.0-deployment.toml | 413 ++++++++++++++++++ .../accelerators/fs-is/bin/configure.sh | 30 +- .../{libs => lib}/commons-beanutils-1.9.4.jar | Bin .../hibernate-validator-6.0.20.Final.jar | Bin .../validation-api-2.0.1.Final.jar | Bin .../repository/conf/financial-services.xml | 10 +- .../repository/conf/financial-services.xml.j2 | 42 +- .../accelerators/fs-is/pom.xml | 4 +- .../repository/conf/configure.properties | 5 +- .../resources/wso2is-7.0.0-deployment.toml | 351 +++++++++++++++ .../src/main/webapp/WEB-INF/web.xml | 4 +- .../endpoint/api/ConsentManageEndpoint.java | 6 +- pom.xml | 2 +- 17 files changed, 813 insertions(+), 80 deletions(-) create mode 100755 financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml rename financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/{libs => lib}/commons-beanutils-1.9.4.jar (100%) rename financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/{libs => lib}/hibernate-validator-6.0.20.Final.jar (100%) rename financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/{libs => lib}/validation-api-2.0.1.Final.jar (100%) create mode 100644 financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml diff --git a/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh b/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh index 265bf794..f818cdf3 100755 --- a/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh +++ b/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh @@ -117,9 +117,6 @@ create_mysql_databases() { mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_GOV}; CREATE DATABASE ${DB_GOV}; ALTER DATABASE ${DB_GOV} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; echo "Database Created: ${DB_GOV}" - mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_USER_STORE}; CREATE DATABASE ${DB_USER_STORE}; - ALTER DATABASE ${DB_USER_STORE} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; - echo "Database Created: ${DB_USER_STORE}" }; create_mysql_database_tables() { diff --git a/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/conf/financial-services.xml b/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/conf/financial-services.xml index b40fab63..0b8c65dd 100644 --- a/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/conf/financial-services.xml +++ b/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/conf/financial-services.xml @@ -18,12 +18,6 @@ --> - - - 60 - 60 - - org.wso2.financial.services.accelerator.gateway.executor.core.DefaultRequestRouter diff --git a/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 b/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 index ccaf14d6..9f1b4358 100644 --- a/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 +++ b/financial-services-accelerator/accelerators/fs-apim/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 @@ -18,20 +18,6 @@ --> - - - {% if financial_services.common.cache.cache_access_expiry_minutes is defined %} - {{financial_services.common.cache.cache_access_expiry_minutes}} - {% else %} - 60 - {% endif %} - {% if financial_services.common.cache.cache_modified_expiry_minutes is defined %} - {{financial_services.common.cache.cache_modified_expiry_minutes}} - {% else %} - 60 - {% endif %} - - {% if financial_services.gateway.request_router is defined %} {{financial_services.gateway.request_router}} diff --git a/financial-services-accelerator/accelerators/fs-apim/repository/conf/configure.properties b/financial-services-accelerator/accelerators/fs-apim/repository/conf/configure.properties index 4ff00a89..03e11874 100644 --- a/financial-services-accelerator/accelerators/fs-apim/repository/conf/configure.properties +++ b/financial-services-accelerator/accelerators/fs-apim/repository/conf/configure.properties @@ -21,7 +21,7 @@ BI_HOSTNAME=localhost # Specify the deployment.toml file containing the required configurations based on the APIM version being used # As an example if APIM 4.3.0 version is used change the file name to wso2am-4.3.0-deployment.toml in the same file path -PRODUCT_CONF_PATH=repository/resources/wso2am-4.3.0-deployment.toml +PRODUCT_CONF_PATH=repository/resources/wso2am-4.4.0-deployment.toml # Configure databases related properties DB_TYPE=mysql @@ -34,6 +34,5 @@ DB_APIMGT=fs_apimgtdb DB_USER_STORE=fs_userdb DB_AM_CONFIG=fs_am_configdb DB_GOV=fs_govdb -DB_IS_CONFIG=fs_iskm_configdb DB_FS_STORE=fs_consentdb diff --git a/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml new file mode 100755 index 00000000..efbc1821 --- /dev/null +++ b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml @@ -0,0 +1,413 @@ +[server] +hostname = "APIM_HOSTNAME" +#offset=0 +base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" +#discard_empty_caches = false +server_role = "default" + +[super_admin] +username = "admin@wso2.com" +password = "wso2123" +create_admin_account = true + +[realm_manager] +data_source= "WSO2UM_DB" + +[user_store] +type = "database_unique_id" +class = "org.wso2.carbon.user.core.jdbc.UniqueIDJDBCUserStoreManager" + +[user_store.properties] +UsernameJavaRegEx = "a-zA-Z0-9@._-{3,30}$" +UsernameJavaScriptRegEx = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}$" +SCIMEnabled = false +IsBulkImportSupported = false +LeadingOrTrailingSpaceAllowedInUserName = false +UsernameWithEmailJavaScriptRegEx = "^[\\S]{3,30}$" + +[authorization_manager] +class = "org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager" + +[authorization_manager.properties] +AdminRoleManagementPermissions = "/permission" +AuthorizationCacheEnabled = true +GetAllRolesOfUserEnabled = false + +#================configs related to master-datasources.xml============= +# for api manager data +[database.apim_db] +url = "DB_APIMGT_URL" +username = "DB_USER" +password = "DB_PASS" +driver = "DB_DRIVER" + +[database.apim_db.pool_options] +maxActive = "150" +maxWait = "60000" +minIdle ="5" +testOnBorrow = true +validationQuery="SELECT 1" +#Use below for oracle +#validationQuery="SELECT 1 FROM DUAL" +validationInterval="30000" +defaultAutoCommit=true + +# for registry data +[database.shared_db] +url = "DB_GOV_URL" +username = "DB_USER" +password = "DB_PASS" +driver = "DB_DRIVER" + +[database.shared_db.pool_options] +maxActive = "150" +maxWait = "60000" +minIdle ="5" +testOnBorrow = true +validationQuery="SELECT 1" +#Use below for oracle +#validationQuery="SELECT 1 FROM DUAL" +validationInterval="30000" +defaultAutoCommit=true + +# for am-config registry +[database.config] +url = "DB_AM_CONFIG_URL" +username = "DB_USER" +password = "DB_PASS" +driver = "DB_DRIVER" + +[database.config.pool_options] +maxActive = "150" +maxWait = "60000" +minIdle ="5" +testOnBorrow = true +validationQuery="SELECT 1" +#Use below for oracle +#validationQuery="SELECT 1 FROM DUAL" +validationInterval="30000" +defaultAutoCommit=true + +# for user management data +[[datasource]] +id="WSO2UM_DB" +url = "DB_USER_STORE_URL" +username = "DB_USER" +password = "DB_PASS" +driver = "DB_DRIVER" +jmx_enable=false +pool_options.maxActive = "150" +pool_options.maxWait = "60000" +pool_options.minIdle = "5" +pool_options.testOnBorrow = true +pool_options.validationQuery="SELECT 1" +#Use below for oracle +#validationQuery="SELECT 1 FROM DUAL" +pool_options.validationInterval="30000" +pool_options.defaultAutoCommit=true + +[tenant_mgt] +enable_email_domain = true + +[keystore.tls] +file_name = "wso2carbon.jks" +type = "JKS" +password = "wso2carbon" +alias = "wso2carbon" +key_password = "wso2carbon" + +#[keystore.listener_profile] +#bind_address = "0.0.0.0" + +#[keystore.primary] +#file_name = "wso2carbon.jks" +#type = "JKS" +#password = "wso2carbon" +#alias = "wso2carbon" +#key_password = "wso2carbon" + +#[keystore.internal] +#file_name = "wso2carbon.jks" +#type = "JKS" +#password = "wso2carbon" +#alias = "wso2carbon" +#key_password = "wso2carbon" + +[[apim.gateway.environment]] +name = "Default" +type = "hybrid" +gateway_type = "Regular" +provider = "wso2" +display_in_api_console = true +description = "This is a hybrid gateway that handles both production and sandbox token traffic." +show_as_token_endpoint_url = true +service_url = "https://localhost:${mgt.transport.https.port}/services/" +username= "${admin.username}" +password= "${admin.password}" +ws_endpoint = "ws://localhost:9099" +wss_endpoint = "wss://localhost:8099" +http_endpoint = "http://localhost:${http.nio.port}" +https_endpoint = "https://localhost:${https.nio.port}" +websub_event_receiver_http_endpoint = "http://localhost:9021" +websub_event_receiver_https_endpoint = "https://localhost:8021" + +[apim.sync_runtime_artifacts.gateway] +gateway_labels =["Default"] +skip_list.sequences = ["jsonConverter.xml"] + +#[apim.cache.gateway_token] +#enable = true +#expiry_time = "900s" + +#[apim.cache.resource] +#enable = true +#expiry_time = "900s" + +#[apim.cache.km_token] +#enable = false +#expiry_time = "15m" + +#[apim.cache.recent_apis] +#enable = false + +#[apim.cache.scopes] +#enable = true + +#[apim.cache.publisher_roles] +#enable = true + +#[apim.cache.jwt_claim] +#enable = true +#expiry_time = "15m" + +#[apim.cache.tags] +#expiry_time = "2m" + +[apim.analytics] +enable = false +auth_token = "" + +[apim.ai] +enable = true +token = "" + +[apim.key_manager] +enable_lightweight_apikey_generation = true +#service_url = "https://localhost:${mgt.transport.https.port}/services/" +#username = "$ref{super_admin.username}" +#password = "$ref{super_admin.password}" +#pool.init_idle_capacity = 50 +#pool.max_idle = 100 +#key_validation_handler_type = "default" +#key_validation_handler_type = "custom" +#key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + +#[apim.idp] +#server_url = "https://localhost:${mgt.transport.https.port}" +#authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" +#oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" +#oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" + +#[apim.jwt] +#enable = true +#encoding = "base64" # base64,base64url +#generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" +#claim_dialect = "http://wso2.org/claims" +#convert_dialect = false +#header = "X-JWT-Assertion" +#signing_algorithm = "SHA256withRSA" +#enable_user_claims = true +#claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" +#use_sha256_hash = false + +[apim.oauth_config] +enable_outbound_auth_header = false +white_listed_scopes = ["^device_.*", "openid", "^OB_.*", "^TIME_.*"] +#auth_header = "Authorization" +#revoke_endpoint = "https://localhost:${https.nio.port}/revoke" +#enable_token_encryption = false +#enable_token_hashing = false + +#[apim.devportal] +#url = "https://localhost:${mgt.transport.https.port}/devportal" +#enable_application_sharing = false +#if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl +#application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api +#application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" +#display_multiple_versions = false +#display_deprecated_apis = false +#enable_comments = true +#enable_ratings = true +#enable_forum = true +#enable_anonymous_mode=true +#enable_cross_tenant_subscriptions = true +#default_reserved_username = "apim_reserved_user" + +#[apim.publisher] +#enable_portal_configuration_only_mode = false + +[apim.cors] +allow_origins = "*" +allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] +allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] +allow_credentials = false + +#[apim.throttling] +#enable_data_publishing = true +#enable_policy_deploy = true +#enable_blacklist_condition = true +#enable_persistence = true +#throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] + +#[apim.throttling.blacklist_condition] +#start_delay = "5m" +#period = "1h" + +#[apim.throttling.jms] +#start_delay = "5m" + +#[apim.throttling.event_sync] +#hostName = "0.0.0.0" +#port = 11224 + +#[apim.throttling.event_management] +#hostName = "0.0.0.0" +#port = 10005 + +#[[apim.throttling.url_group]] +#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] +#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] +#type = "loadbalance" + +#[[apim.throttling.url_group]] +#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] +#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] +#type = "failover" + +#[apim.workflow] +#enable = false +#service_url = "https://localhost:9445/bpmn" +#username = "$ref{super_admin.username}" +#password = "$ref{super_admin.password}" +#callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" +#token_endpoint = "https://localhost:${https.nio.port}/token" +#client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" +#client_registration_username = "$ref{super_admin.username}" +#client_registration_password = "$ref{super_admin.password}" + +#data bridge config +#[transport.receiver] +#type = "binary" +#worker_threads = 10 +#session_timeout = "30m" +#keystore.file_name = "$ref{keystore.tls.file_name}" +#keystore.password = "$ref{keystore.tls.password}" +#tcp_port = 9611 +#ssl_port = 9711 +#ssl_receiver_thread_pool_size = 100 +#tcp_receiver_thread_pool_size = 100 +#ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] +#ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + +#[apim.notification] +#from_address = "APIM.com" +#username = "APIM" +#password = "APIM+123" +#hostname = "localhost" +#port = 3025 +#enable_start_tls = false +#enable_authentication = true + +#[apim.token.revocation] +#notifier_impl = "org.wso2.carbon.apimgt.notification.TokenRevocationNotifierImpl" +#enable_realtime_notifier = true +#realtime_notifier.ttl = 5000 +#enable_persistent_notifier = true +#persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" +#persistent_notifier.ttl = 5000 +#persistent_notifier.username = "root" +#persistent_notifier.password = "root" + +[[custom_message_formatters]] +class = "org.apache.axis2.format.PlainTextFormatter" +content_type = "application/jwt" + +[[custom_message_builders]] +class = "org.apache.axis2.format.PlainTextBuilder" +content_type = "application/jwt" + +[transport.passthru_https.sender.parameters] +HostnameVerifier = "AllowAll" + +[passthru_http] +"http.headers.preserve"="Content-Type,Date" + +[transport.passthru_https.listener.parameters] +HttpsProtocols = "TLSv1.2" +PreferredCiphers = "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + + +[[event_handler]] +name="userPostSelfRegistration" +subscriptions=["POST_ADD_USER"] + +[service_provider] +sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + +[database.local] +url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + +[[event_listener]] +id = "token_revocation" +type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" +name = "org.wso2.is.notification.ApimOauthEventInterceptor" +order = 1 +[event_listener.properties] +notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" +username = "${admin.username}" +password = "${admin.password}" +'header.X-WSO2-KEY-MANAGER' = "default" + +[oauth.grant_type.token_exchange] +enable = true +allow_refresh_tokens = true +iat_validity_period = "1h" + +#[integration.transaction_counter] +#enable = true +#server_id = "Gateway1" +#producer_counting_thread_pool_size = 10 +#producer_scheduled_interval = 10 +#max_transaction_count_per_record = 20 +#min_transaction_count_per_record = 5 +#record_queue_size = 1000 +#publisher_scheduled_interval = 5 +#publisher_max_batch_size = 100 +#publisher_max_retries = 3 +#store_impl = "org.wso2.integration.transaction.counter.store.TransactionRecordStoreImpl" +#service_url = "https://localhost:8080/transactions/records" +#service_username = "admin" +#service_password = "admin" + +#[[apim.extension.listener]] +#type = "AUTHENTICATION" +#class = "com.wso2.openbanking.accelerator.gateway.executor.core.OBExtensionListenerImpl" + +#================configs related to financial-services.xml============= +[financial_services] +publisher_url="https://localhost:9443" + +[financial_services.gateway] +request_router="org.wso2.financial.services.accelerator.gateway.executor.core.DefaultRequestRouter" + +[financial_services.gateway.consent.validation] +endpoint="https://localhost:9446/api/fs/consent/validate" + +[financial_services.gateway.cache] +cache_access_expiry_minutes=60 +cache_modified_expiry_minutes=60 + +#===================for Connection pool==================== +[financial_services.http_connection_pool] +max_connections = 2000 +max_connections_per_route = 1500 diff --git a/financial-services-accelerator/accelerators/fs-is/bin/configure.sh b/financial-services-accelerator/accelerators/fs-is/bin/configure.sh index 920099bd..2716e9a8 100755 --- a/financial-services-accelerator/accelerators/fs-is/bin/configure.sh +++ b/financial-services-accelerator/accelerators/fs-is/bin/configure.sh @@ -50,7 +50,7 @@ configure_datasources() { if [ "${DB_TYPE}" == "mysql" ] then # IS - sed -i -e 's|DB_APIMGT_URL|jdbc:mysql://'${DB_HOST}':3306/'${DB_APIMGT}'?autoReconnect=true\&useSSL=false|g' ${DEPLOYMENT_TOML_FILE} + sed -i -e 's|DB_IDENTITY_URL|jdbc:mysql://'${DB_HOST}':3306/'${DB_IDENTITY}'?autoReconnect=true\&useSSL=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_IS_CONFIG_URL|jdbc:mysql://'${DB_HOST}':3306/'${DB_IS_CONFIG}'?autoReconnect=true\&useSSL=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_GOV_URL|jdbc:mysql://'${DB_HOST}':3306/'${DB_GOV}'?autoReconnect=true\&useSSL=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_USER_STORE_URL|jdbc:mysql://'${DB_HOST}':3306/'${DB_USER_STORE}'?autoReconnect=true\&useSSL=false|g' ${DEPLOYMENT_TOML_FILE} @@ -61,7 +61,7 @@ configure_datasources() { else # IS - sed -i -e 's|DB_APIMGT_URL|jdbc:sqlserver://'${DB_HOST}':1433;databaseName='${DB_APIMGT}';encrypt=false|g' ${DEPLOYMENT_TOML_FILE} + sed -i -e 's|DB_IDENTITY_URL|jdbc:sqlserver://'${DB_HOST}':1433;databaseName='${DB_IDENTITY}';encrypt=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_IS_CONFIG_URL|jdbc:sqlserver://'${DB_HOST}':1433;databaseName='${DB_IS_CONFIG}';encrypt=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_GOV_URL|jdbc:sqlserver://'${DB_HOST}':1433;databaseName='${DB_GOV}';encrypt=false|g' ${DEPLOYMENT_TOML_FILE} sed -i -e 's|DB_USER_STORE_URL|jdbc:sqlserver://'${DB_HOST}':1433;databaseName='${DB_USER_STORE}';encrypt=false|g' ${DEPLOYMENT_TOML_FILE} @@ -89,32 +89,44 @@ create_databases() { echo -e "\nCreate database tables" echo -e "================================================\n" create_mysql_database_tables; + + echo -e "\nAlter SP_METADATA table VALUE field size (temporary)" + echo -e "=======================================================================\n" + mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "ALTER TABLE ${DB_IDENTITY}.SP_METADATA MODIFY VALUE VARCHAR(4096)"; else echo -e "\nAssume MSSQL/Oracle databases have already created manually" + echo -e "\nUpdate idn_req_object_reference table foreign keys (temporary)" + echo -e "=======================================================================\n" + sed -i -e 's|FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ,|FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID),|g' ${WSO2_APIM_HOME}/dbscripts/identity/mssql.sql + sed -i -e 's|FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID),|FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,|g' ${WSO2_APIM_HOME}/dbscripts/identity/mssql.sql + fi } create_mysql_databases() { + mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_IDENTITY}; CREATE DATABASE ${DB_IDENTITY}; + ALTER DATABASE ${DB_IDENTITY} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; + echo "Database Created: ${DB_IDENTITY}" mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_IS_CONFIG}; CREATE DATABASE ${DB_IS_CONFIG}; ALTER DATABASE ${DB_IS_CONFIG} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; echo "Database Created: ${DB_IS_CONFIG}" mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_FS_STORE}; CREATE DATABASE ${DB_FS_STORE}; ALTER DATABASE ${DB_FS_STORE} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; echo "Database Created: ${DB_FS_STORE}" + mysql -u${DB_USER} ${DB_MYSQL_PASS} -h${DB_HOST} -e "DROP DATABASE IF EXISTS ${DB_USER_STORE}; CREATE DATABASE ${DB_USER_STORE}; + ALTER DATABASE ${DB_USER_STORE} CHARACTER SET latin1 COLLATE latin1_swedish_ci"; + echo "Database Created: ${DB_USER_STORE}" }; create_mysql_database_tables() { + mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_IDENTITY} -h${DB_HOST} -e "SOURCE ${WSO2_IS_HOME}/dbscripts/identity/mysql.sql"; + echo "Database tables Created for: ${DB_APIMGT}" mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_IS_CONFIG} -h${DB_HOST} -e "SOURCE ${WSO2_IS_HOME}/dbscripts/mysql.sql"; echo "Database tables Created for: ${DB_IS_CONFIG}" mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_FS_STORE} -h${DB_HOST} -e "SOURCE ${WSO2_IS_HOME}/dbscripts/financial-services/consent/mysql.sql"; echo "Database tables Created for: ${DB_FS_STORE}" -}; - -configure_iskm_connector() { - wget https://apim.docs.wso2.com/en/3.2.0/assets/attachments/administer/${ISKM_CONNECTOR}.zip - unzip "${ISKM_CONNECTOR}.zip" - cp ${ISKM_CONNECTOR_FOLDER}/dropins/* ${WSO2_IS_HOME}/repository/components/dropins/ - cp ${ISKM_CONNECTOR_FOLDER}/webapps/* ${WSO2_IS_HOME}/repository/deployment/server/webapps + mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_USER_STORE} -h${DB_HOST} -e "SOURCE ${WSO2_IS_HOME}/dbscripts/mysql.sql"; + echo "Database tables Created for: ${DB_USER_STORE}" }; echo -e "\nReplace hostnames \n" diff --git a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/commons-beanutils-1.9.4.jar b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/commons-beanutils-1.9.4.jar similarity index 100% rename from financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/commons-beanutils-1.9.4.jar rename to financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/commons-beanutils-1.9.4.jar diff --git a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/hibernate-validator-6.0.20.Final.jar b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/hibernate-validator-6.0.20.Final.jar similarity index 100% rename from financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/hibernate-validator-6.0.20.Final.jar rename to financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/hibernate-validator-6.0.20.Final.jar diff --git a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/validation-api-2.0.1.Final.jar b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/validation-api-2.0.1.Final.jar similarity index 100% rename from financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/libs/validation-api-2.0.1.Final.jar rename to financial-services-accelerator/accelerators/fs-is/carbon-home/repository/components/lib/validation-api-2.0.1.Final.jar diff --git a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml index ba50d4db..f1f1a211 100644 --- a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml +++ b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml @@ -18,12 +18,6 @@ --> - - - 60 - 60 - - jdbc/WSO2FS_DB @@ -47,8 +41,8 @@ org.wso2.financial.services.accelerator.consent.mgt.extensions.admin.impl.DefaultConsentAdminHandler - admin - admin + admin@wso2.com + wso2123 1000 diff --git a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 index 1cb69ba2..a8761461 100644 --- a/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 +++ b/financial-services-accelerator/accelerators/fs-is/carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 @@ -18,20 +18,6 @@ --> - - - {% if financial_services.common.cache.cache_access_expiry_minutes is defined %} - {{financial_services.common.cache.cache_access_expiry_minutes}} - {% else %} - 60 - {% endif %} - {% if financial_services.common.cache.cache_modified_expiry_minutes is defined %} - {{financial_services.common.cache.cache_modified_expiry_minutes}} - {% else %} - 60 - {% endif %} - - diff --git a/financial-services-accelerator/internal-webapps/org.wso2.financial.services.accelerator.consent.mgt.endpoint/src/main/java/org/wso2/financial/services/accelerator/consent/mgt/endpoint/api/ConsentManageEndpoint.java b/financial-services-accelerator/internal-webapps/org.wso2.financial.services.accelerator.consent.mgt.endpoint/src/main/java/org/wso2/financial/services/accelerator/consent/mgt/endpoint/api/ConsentManageEndpoint.java index b5f5ba27..8663e28e 100644 --- a/financial-services-accelerator/internal-webapps/org.wso2.financial.services.accelerator.consent.mgt.endpoint/src/main/java/org/wso2/financial/services/accelerator/consent/mgt/endpoint/api/ConsentManageEndpoint.java +++ b/financial-services-accelerator/internal-webapps/org.wso2.financial.services.accelerator.consent.mgt.endpoint/src/main/java/org/wso2/financial/services/accelerator/consent/mgt/endpoint/api/ConsentManageEndpoint.java @@ -129,7 +129,7 @@ public Response manageDelete(@Context HttpServletRequest request, @Context HttpS @Context UriInfo uriInfo) { ConsentManageData consentManageData = new ConsentManageData(ConsentUtils.getHeaders(request), - ConsentUtils.getPayload(request), uriInfo.getQueryParameters(), + null, uriInfo.getQueryParameters(), uriInfo.getPathParameters().getFirst("s"), request, response); consentManageData.setClientId(consentManageData.getHeaders().get(CLIENT_ID_HEADER)); consentManageHandler.handleDelete(consentManageData); @@ -165,8 +165,8 @@ public Response managePatch(@Context HttpServletRequest request, @Context HttpSe @Context UriInfo uriInfo) { ConsentManageData consentManageData = new ConsentManageData(ConsentUtils.getHeaders(request), - ConsentUtils.getPayload(request), uriInfo.getQueryParameters(), - uriInfo.getPathParameters().getFirst("s"), request, response); + uriInfo.getQueryParameters(), uriInfo.getPathParameters().getFirst("s"), + request, response); consentManageData.setClientId(consentManageData.getHeaders().get(CLIENT_ID_HEADER)); consentManageHandler.handlePatch(consentManageData); return sendResponse(consentManageData); diff --git a/pom.xml b/pom.xml index d8a07f73..686cf6a9 100644 --- a/pom.xml +++ b/pom.xml @@ -558,7 +558,7 @@ 2.16.1 1.0.0.wso2v3 1.6.1 - 2.0.1 + 2.1.1 5.1.2.RELEASE 2.5 3.3.7 From 8bf54bf3fdae410b8df36319ee81cf6fd6fdd4a7 Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Wed, 2 Oct 2024 16:38:43 +0530 Subject: [PATCH 2/6] Updating configuration and accelerators to support APIM 4.4 and IS 7.0 --- .../accelerators/fs-apim/bin/configure.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh b/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh index f818cdf3..a15b01e7 100755 --- a/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh +++ b/financial-services-accelerator/accelerators/fs-apim/bin/configure.sh @@ -126,8 +126,6 @@ create_mysql_database_tables() { echo "Database tables Created for: ${DB_AM_CONFIG}" mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_GOV} -h${DB_HOST} -e "SOURCE ${WSO2_APIM_HOME}/dbscripts/mysql.sql"; echo "Database tables Created for: ${DB_GOV}" - mysql -u${DB_USER} ${DB_MYSQL_PASS} -D${DB_USER_STORE} -h${DB_HOST} -e "SOURCE ${WSO2_APIM_HOME}/dbscripts/mysql.sql"; - echo "Database tables Created for: ${DB_USER_STORE}" }; add_json_fault_sequence() { From e4cf97bc95fd07e1c35c025ec9f5e75a646badaa Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Tue, 8 Oct 2024 16:36:07 +0530 Subject: [PATCH 3/6] Adding configs --- .../repository/resources/wso2am-4.4.0-deployment.toml | 3 ++- .../fs-is/repository/resources/wso2is-7.0.0-deployment.toml | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml index efbc1821..b5a71bde 100755 --- a/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml +++ b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml @@ -201,6 +201,7 @@ enable_lightweight_apikey_generation = true #key_validation_handler_type = "default" #key_validation_handler_type = "custom" #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" +allow_subscription_validation_disabling = false #[apim.idp] #server_url = "https://localhost:${mgt.transport.https.port}" @@ -222,7 +223,7 @@ enable_lightweight_apikey_generation = true [apim.oauth_config] enable_outbound_auth_header = false -white_listed_scopes = ["^device_.*", "openid", "^OB_.*", "^TIME_.*"] +white_listed_scopes = ["^device_.*", "openid", "^FS_.*", "^TIME_.*"] #auth_header = "Authorization" #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" #enable_token_encryption = false diff --git a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml index f4bfc0d7..3a32af90 100644 --- a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml +++ b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml @@ -7,6 +7,9 @@ mode = "single" userAgent = "WSO2 IS as KM 7.0.0" offset = 3 +[tenant_mgt] +enable_email_domain = true + #================configs related to user-mgt.xml============= [super_admin] username = "admin@wso2.com" @@ -130,7 +133,7 @@ pool_options.validationQuery="SELECT 1" #validationQuery="SELECT 1 FROM DUAL" pool_options.validationInterval="30000" pool_options.defaultAutoCommit=false -pool_options.commitOnReturn=truecommitOnReturn=true +pool_options.commitOnReturn=true [keystore.primary] file_name = "wso2carbon.jks" From 88cafc43174e55efb50641ae1f4f672cfb9d1d0a Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Tue, 8 Oct 2024 16:44:15 +0530 Subject: [PATCH 4/6] Adding configs --- .../repository/resources/wso2am-4.4.0-deployment.toml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml index b5a71bde..85e8d087 100755 --- a/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml +++ b/financial-services-accelerator/accelerators/fs-apim/repository/resources/wso2am-4.4.0-deployment.toml @@ -201,7 +201,7 @@ enable_lightweight_apikey_generation = true #key_validation_handler_type = "default" #key_validation_handler_type = "custom" #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" -allow_subscription_validation_disabling = false +allow_subscription_validation_disabling = true #[apim.idp] #server_url = "https://localhost:${mgt.transport.https.port}" @@ -222,7 +222,7 @@ allow_subscription_validation_disabling = false #use_sha256_hash = false [apim.oauth_config] -enable_outbound_auth_header = false +enable_outbound_auth_header = true white_listed_scopes = ["^device_.*", "openid", "^FS_.*", "^TIME_.*"] #auth_header = "Authorization" #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" @@ -390,10 +390,6 @@ iat_validity_period = "1h" #service_username = "admin" #service_password = "admin" -#[[apim.extension.listener]] -#type = "AUTHENTICATION" -#class = "com.wso2.openbanking.accelerator.gateway.executor.core.OBExtensionListenerImpl" - #================configs related to financial-services.xml============= [financial_services] publisher_url="https://localhost:9443" @@ -402,7 +398,7 @@ publisher_url="https://localhost:9443" request_router="org.wso2.financial.services.accelerator.gateway.executor.core.DefaultRequestRouter" [financial_services.gateway.consent.validation] -endpoint="https://localhost:9446/api/fs/consent/validate" +endpoint="https://IS_HOSTNAME:9446/api/fs/consent/validate" [financial_services.gateway.cache] cache_access_expiry_minutes=60 From 99ad1658c965bc25b825a2664fd33ec852420aa9 Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Wed, 9 Oct 2024 10:22:11 +0530 Subject: [PATCH 5/6] Adding configs --- .../fs-is/repository/resources/wso2is-7.0.0-deployment.toml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml index 3a32af90..e300224e 100644 --- a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml +++ b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml @@ -145,9 +145,6 @@ file_name="client-truststore.jks" password="wso2carbon" type="JKS" -[tenant_mgt] -enable_email_domain = true - [account_recovery.endpoint.auth] hash= "66cd9688a2ae068244ea01e70f0e230f5623b7fa4cdecb65070a09ec06452262" @@ -230,7 +227,7 @@ permissions=[] scopes=[] [oauth] -#drop_unregistered_scopes = false +drop_unregistered_scopes = false authorize_all_scopes = true [oauth.endpoints.v2] From 82194da30934dee078b9a7d1a615d0a94b8bb37e Mon Sep 17 00:00:00 2001 From: Ashirwada Date: Wed, 9 Oct 2024 10:31:20 +0530 Subject: [PATCH 6/6] Adding configs --- .../fs-is/repository/resources/wso2is-7.0.0-deployment.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml index e300224e..77bf4c82 100644 --- a/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml +++ b/financial-services-accelerator/accelerators/fs-is/repository/resources/wso2is-7.0.0-deployment.toml @@ -321,7 +321,7 @@ identity_server_base_url="https://localhost:9446" api_manager_server_base_url="https://localhost:8243" [financial_services.consent.payments] -max_instructed_amount=100 +max_instructed_amount=1000 [[financial_services.consent.idempotency]] enabled=false